Fix: rotate access token and add test

2025-12-07 22:06:32 +08:00
parent 8d3cd0260e
commit 1ce2174bdc
7 changed files with 46 additions and 12 deletions
--- a/handlers/auth/postLogin.go
+++ b/handlers/auth/postLogin.go
@@ -44,7 +44,7 @@ func (self *Handlers) PostLogin(
 		}
 	}
-	session, err := self.db.GetSession(ctx, input.Token)
+	session, err := self.db.GetSessionByLoginToken(ctx, input.Token)
 	if err != nil {
 		return middlewares.HTTPError{
 			StatusCode:  http.StatusUnauthorized,
--- a/implements/bunDatabase.go
+++ b/implements/bunDatabase.go
@@ -18,7 +18,7 @@ func NewBunDatabase(db *bun.DB) *BunDatabase {
 	return &BunDatabase{db: db}
 }
-func (self *BunDatabase) GetSession(
+func (self *BunDatabase) GetSessionByLoginToken(
 	ctx context.Context,
 	loginToken string,
 ) (models.Session, error) {
@@ -35,6 +35,23 @@ func (self *BunDatabase) GetSession(
 	return ret, nil
 }
 func (self *BunDatabase) GetSessionByUserId(
 	ctx context.Context,
 	userId string,
 ) (models.Session, error) {
 	ret := models.Session{
 		UserId: userId,
 	}
 	err := self.db.NewSelect().
 		Model(&ret).
 		Where("user_id = ?", userId).
 		Scan(ctx)
 	if err != nil {
 		return models.Session{}, err
 	}
 	return ret, nil
 }
 func (self *BunDatabase) UpdateRefreshToken(
 	ctx context.Context,
 	userId string,
@@ -88,6 +105,7 @@ func (self *BunDatabase) UpsertLoginToken(
 	session := models.Session{
 		UserId:     userId,
 		LoginToken: token,
 		IsValid:    true,
 	}
 	_, err = self.db.NewInsert().
 		Model(&session).
--- a/interfaces/database.go
+++ b/interfaces/database.go
@@ -7,11 +7,16 @@ import (
 )
 type Database interface {
-	GetSession(
+	GetSessionByLoginToken(
 		ctx context.Context,
 		loginToken string,
 	) (models.Session, error)
 	GetSessionByUserId(
 		ctx context.Context,
 		userId string,
 	) (models.Session, error)
 	UpdateRefreshToken(
 		ctx context.Context,
 		userId string,
--- a/middlewares/checkAccessToken.go
+++ b/middlewares/checkAccessToken.go
@@ -30,7 +30,8 @@ func refreshAccessToken(
 		return "", types.ContextNotExistError
 	}
-	session, err := db.GetSession(ctx, refreshTokenClaim.UserId)
+	session, err := db.GetSessionByUserId(ctx,
 		refreshTokenClaim.UserId)
 	if err != nil {
 		tracing.Logger.Ctx(ctx).
 			Warn("session not exist", zap.Error(err))
@@ -68,7 +69,7 @@ func (self *Handlers) CheckAccessToken(
 			if err != nil {
 				return HTTPError{
 					StatusCode:  http.StatusUnauthorized,
-					Message:     "access token refresh failed",
+					Message:     "failed to refresh access token",
 					OriginError: err,
 				}
 			}
@@ -86,7 +87,7 @@ func (self *Handlers) CheckAccessToken(
 			if err != nil {
 				return HTTPError{
 					StatusCode:  http.StatusUnauthorized,
-					Message:     "access token refresh failed",
+					Message:     "failed to refresh access token",
 					OriginError: err,
 				}
 			}
--- a/tests/01_login_test.go
+++ b/tests/01_login_test.go
@@ -67,6 +67,7 @@ func Test_01_Login(t *testing.T) {
 			if len(cookie.Value) == 0 {
 				t.Fatal("empty refresh token")
 			}
 			client.SetCookie(cookie)
 			return
 		}
 	}
--- a/tests/02_getAliases_test.go
+++ b/tests/02_getAliases_test.go
@@ -0,0 +1,15 @@
 package main
 import (
 	"net/http"
 	"testing"
 )
 func Test_02_GetImages(t *testing.T) {
 	resp, err := client.R().
 		Get("http://localhost:8080/api/aliases")
 	if err != nil || resp.StatusCode() != http.StatusOK {
 		t.Logf("%+v", resp)
 		t.Fatal("failed to fetch aliases")
 	}
 }
--- a/tests/02_getImages_test.go
+++ b/tests/02_getImages_test.go
@@ -1,6 +0,0 @@
 package main
 import "testing"
 func Test_02_GetImages(t *testing.T) {
 }