Merge pull request #24 from ARUNK2121/finalization

refresh token: solved those adjustments now its proper

pkg/api/handler/admin.go

@@ -1,14 +1,18 @@
 package handler
 
 import (
+	"errors"
 	"net/http"
 	"strconv"
+	"time"
 
+	"jerseyhub/pkg/helper"
 	services "jerseyhub/pkg/usecase/interface"
 	models "jerseyhub/pkg/utils/models"
 	response "jerseyhub/pkg/utils/response"
 
 	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt"
 )
 
 type AdminHandler struct {
@@ -202,3 +206,34 @@ func (a *AdminHandler) DeletePaymentMethod(c *gin.Context) {
 	c.JSON(http.StatusOK, successRes)
 
 }
+
+func (a *AdminHandler) ValidateRefreshTokenAndCreateNewAccess(c *gin.Context) {
+
+	refreshToken := c.Request.Header.Get("RefreshToken")
+
+	// Check if the refresh token is valid.
+	_, err := jwt.Parse(refreshToken, func(token *jwt.Token) (interface{}, error) {
+		return []byte("refreshsecret"), nil
+	})
+	if err != nil {
+		// The refresh token is invalid.
+		c.AbortWithError(401, errors.New("refresh token is invalid:user have to login again"))
+		return
+	}
+
+	claims := &helper.AuthCustomClaims{
+		Role: "admin",
+		StandardClaims: jwt.StandardClaims{
+			ExpiresAt: time.Now().Add(time.Minute).Unix(),
+			IssuedAt:  time.Now().Unix(),
+		},
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	newAccessToken, err := token.SignedString([]byte("accesssecret"))
+	if err != nil {
+		c.AbortWithError(500, errors.New("error in creating new access token"))
+	}
+
+	c.JSON(200, newAccessToken)
+}

pkg/api/middleware/auth.go

@@ -1,9 +1,6 @@
 package middleware
 
 import (
-	"jerseyhub/pkg/helper"
-	"time"
-
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
 )
@@ -15,50 +12,11 @@ func AdminAuthMiddleware(c *gin.Context) {
 	_, err := jwt.Parse(accessToken, func(token *jwt.Token) (interface{}, error) {
 		return []byte("accesssecret"), nil
 	})
-
-	if err == nil {
-		c.Next()
-	}
-
-	refreshToken := c.Request.Header.Get("RefreshToken")
-
-	// Check if the refresh token is valid.
-	_, err = jwt.Parse(refreshToken, func(token *jwt.Token) (interface{}, error) {
-		return []byte("refreshsecret"), nil
-	})
 	if err != nil {
-		// The refresh token is invalid.
+		// The access token is invalid.
 		c.AbortWithStatus(401)
 		return
 	}
-	// The access token is invalid. Check the refresh token.
 
-	// The refresh token is valid. Generate a new access token.
-	newAccessToken, err := CreateNewAccessTokenAdmin()
-	if err != nil {
-		// An error occurred while generating the new access token.
-		c.AbortWithStatus(401)
-		return
-	}
-	// Set the new access token in the response header.
-	c.Header("Authorization", "Bearer "+newAccessToken)
 	c.Next()
 }
-
-func CreateNewAccessTokenAdmin() (string, error) {
-	claims := &helper.AuthCustomClaims{
-		Role: "admin",
-		StandardClaims: jwt.StandardClaims{
-			ExpiresAt: time.Now().Add(time.Minute).Unix(),
-			IssuedAt:  time.Now().Unix(),
-		},
-	}
-
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	newAccessToken, err := token.SignedString([]byte("accesssecret"))
-	if err != nil {
-		return "", err
-	}
-
-	return newAccessToken, nil
-}

pkg/api/server.go

@@ -38,7 +38,7 @@ func NewServerHTTP(userHandler *handler.UserHandler,
 	//Swagger docs
 	engine.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
 
-	// engine.POST("users/signup", userHandler.UserSignUp)
+	engine.GET("/validate-token", adminHandler.ValidateRefreshTokenAndCreateNewAccess)
 
 	routes.UserRoutes(engine.Group("/users"), userHandler, otpHandler, inventoryHandler, orderHandler, cartHandler, paymentHandler, wishlistHandler, categoryHandler, couponHandler)
 	routes.AdminRoutes(engine.Group("/admin"), adminHandler, inventoryHandler, userHandler, categoryHandler, orderHandler, couponHandler, offerhandler)

pkg/repository/category.go

@@ -127,4 +127,5 @@ func (c *categoryRepository) GetImagesOfProductsFromACategory(CategoryID int) ([
 	}
 
 	return images, nil
+
 }