Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Find id/pw 기능 추가 & RBAC 기능 추가 #43

Merged
merged 11 commits into from
Apr 26, 2023
+2,881 −704
Merged

Find id/pw 기능 추가 & RBAC 기능 추가 #43

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
cb5e0f8
docs: swagger chage
cho4036 Apr 20, 2023
7e8e1ab
docs: swagger
cho4036 Apr 21, 2023
1cc208d
feature: implement rbac for user
cho4036 Apr 24, 2023
3f6f533
feature: find-id & password
cho4036 Apr 24, 2023
6c0f53b
trivial fix: lint
cho4036 Apr 26, 2023
2839930
trivial fix
cho4036 Apr 26, 2023
2ac2a1e
trivial fix: change temporary password length to 16->8
cho4036 Apr 26, 2023
89aa203
trivial fix: change error message format
cho4036 Apr 26, 2023
4a807d8
minor fix: changes for comment
cho4036 Apr 26, 2023
a4d6381
minor fix: changes for comment
cho4036 Apr 26, 2023
140087c
Merge branch 'develop' into develop
ktkfree Apr 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
849 changes: 660 additions & 189 deletions api/swagger/docs.go
View file
Open in desktop

Large diffs are not rendered by default.

849 changes: 660 additions & 189 deletions api/swagger/swagger.json
View file
Open in desktop

Large diffs are not rendered by default.

452 changes: 382 additions & 70 deletions api/swagger/swagger.yaml
View file
Open in desktop

Large diffs are not rendered by default.

11 changes: 11 additions & 0 deletions cmd/server/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package main
import (
"flag"
"fmt"
"github.com/openinfradev/tks-api/internal/aws/ses"
"net/http"
"strconv"

Expand Down Expand Up @@ -46,8 +47,14 @@ func init() {
flag.String("keycloak-password", "admin", "password of keycloak")
flag.String("keycloak-client-secret", keycloak.DefaultClientSecret, "realm of keycloak")

// aws ses
ktkfree marked this conversation as resolved.
Show resolved Hide resolved
flag.String("aws-region", "ap-northeast-2", "region of aws ses")
flag.String("aws-access-key-id", "", "access key id of aws ses")
flag.String("aws-secret-access-key", "", "access key of aws ses")

pflag.CommandLine.AddGoFlagSet(flag.CommandLine)
flag.Parse()

if err := viper.BindPFlags(pflag.CommandLine); err != nil {
log.Error(err)
}
Expand Down Expand Up @@ -112,6 +119,10 @@ func main() {
if err != nil {
log.Fatal("failed to initialize keycloak : ", err)
}
err = ses.Initialize()
if err != nil {
log.Fatal("failed to initialize ses : ", err)
}

route := route.SetupRouter(db, argoClient, asset, keycloak)

Expand Down
14 changes: 14 additions & 0 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,19 @@ require (

require (
github.com/KyleBanks/depth v1.2.1 // indirect
github.com/aws/aws-sdk-go-v2 v1.17.8 // indirect
github.com/aws/aws-sdk-go-v2/config v1.18.21 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.13.20 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.2 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.32 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.26 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.33 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.26 // indirect
github.com/aws/aws-sdk-go-v2/service/ses v1.15.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.12.8 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.8 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.18.9 // indirect
github.com/aws/smithy-go v1.13.5 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful v2.9.5+incompatible // indirect
github.com/felixge/httpsnoop v1.0.1 // indirect
Expand Down Expand Up @@ -57,6 +70,7 @@ require (
github.com/jackc/pgx/v4 v4.17.2 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.5 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/leodido/go-urn v1.2.2 // indirect
Expand Down
30 changes: 30 additions & 0 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,32 @@ github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbt
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
github.com/aws/aws-sdk-go-v2 v1.17.8 h1:GMupCNNI7FARX27L7GjCJM8NgivWbRgpjNI/hOQjFS8=
github.com/aws/aws-sdk-go-v2 v1.17.8/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
github.com/aws/aws-sdk-go-v2/config v1.18.21 h1:ENTXWKwE8b9YXgQCsruGLhvA9bhg+RqAsL9XEMEsa2c=
github.com/aws/aws-sdk-go-v2/config v1.18.21/go.mod h1:+jPQiVPz1diRnjj6VGqWcLK6EzNmQ42l7J3OqGTLsSY=
github.com/aws/aws-sdk-go-v2/credentials v1.13.20 h1:oZCEFcrMppP/CNiS8myzv9JgOzq2s0d3v3MXYil/mxQ=
github.com/aws/aws-sdk-go-v2/credentials v1.13.20/go.mod h1:xtZnXErtbZ8YGXC3+8WfajpMBn5Ga/3ojZdxHq6iI8o=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.2 h1:jOzQAesnBFDmz93feqKnsTHsXrlwWORNZMFHMV+WLFU=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.2/go.mod h1:cDh1p6XkSGSwSRIArWRc6+UqAQ7x4alQ0QfpVR6f+co=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.32 h1:dpbVNUjczQ8Ae3QKHbpHBpfvaVkRdesxpTOe9pTouhU=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.32/go.mod h1:RudqOgadTWdcS3t/erPQo24pcVEoYyqj/kKW5Vya21I=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.26 h1:QH2kOS3Ht7x+u0gHCh06CXL/h6G8LQJFpZfFBYBNboo=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.26/go.mod h1:vq86l7956VgFr0/FWQ2BWnK07QC3WYsepKzy33qqY5U=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.33 h1:HbH1VjUgrCdLJ+4lnnuLI4iVNRvBbBELGaJ5f69ClA8=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.33/go.mod h1:zG2FcwjQarWaqXSCGpgcr3RSjZ6dHGguZSppUL0XR7Q=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.26 h1:uUt4XctZLhl9wBE1L8lobU3bVN8SNUP7T+olb0bWBO4=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.26/go.mod h1:Bd4C/4PkVGubtNe5iMXu5BNnaBi/9t/UsFspPt4ram8=
github.com/aws/aws-sdk-go-v2/service/ses v1.15.7 h1:eS3hpWtxVYnrysF+NEcjZo5zVvmgNTk22zRwJbtmCZY=
github.com/aws/aws-sdk-go-v2/service/ses v1.15.7/go.mod h1:sDSPw06IV4uB+RByvHkqDZKfP7SgIataOehYkchSups=
github.com/aws/aws-sdk-go-v2/service/sso v1.12.8 h1:5cb3D6xb006bPTqEfCNaEA6PPEfBXxxy4NNeX/44kGk=
github.com/aws/aws-sdk-go-v2/service/sso v1.12.8/go.mod h1:GNIveDnP+aE3jujyUSH5aZ/rktsTM5EvtKnCqBZawdw=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.8 h1:NZaj0ngZMzsubWZbrEFSB4rgSQRbFq38Sd6KBxHuOIU=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.8/go.mod h1:44qFP1g7pfd+U+sQHLPalAPKnyfTZjJsYR4xIwsJy5o=
github.com/aws/aws-sdk-go-v2/service/sts v1.18.9 h1:Qf1aWwnsNkyAoqDqmdM3nHwN78XQjec27LjM6b9vyfI=
github.com/aws/aws-sdk-go-v2/service/sts v1.18.9/go.mod h1:yyW88BEPXA2fGFyI2KCcZC3dNpiT0CZAHaF+i656/tQ=
github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8=
github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
Expand Down Expand Up @@ -194,6 +220,7 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
Expand Down Expand Up @@ -288,6 +315,9 @@ github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkr
github.com/jinzhu/now v1.1.4/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
Expand Down
113 changes: 113 additions & 0 deletions internal/aws/ses/ses.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
package ses

import (
"context"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
awsSes "github.com/aws/aws-sdk-go-v2/service/ses"
"github.com/aws/aws-sdk-go-v2/service/ses/types"
"github.com/openinfradev/tks-api/pkg/log"
"github.com/spf13/viper"
"os"
)

var Client *awsSes.Client

const (
senderEmailAddress = "[email protected]"
)

func Initialize() error {
if viper.GetString("aws-access-key-id") != "" || viper.GetString("aws-secret-access-key") != "" {
log.Warn("aws access key information is used on env. Be aware of security")
}
if viper.GetString("aws-access-key-id") != "" {
err := os.Setenv("AWS_ACCESS_KEY_ID", viper.GetString("aws-access-key-id"))
if err != nil {
return err
}
}
if viper.GetString("aws-secret-access-key") != "" {
err := os.Setenv("AWS_SECRET_ACCESS_KEY", viper.GetString("aws-secret-access-key"))
if err != nil {
return err
}
}
if viper.GetString("aws-region") != "" {
err := os.Setenv("AWS_REGION", viper.GetString("aws-region"))
if err != nil {
return err
}
} else {
return fmt.Errorf("aws region is not set")
}

cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion("ap-northeast-2"))
if err != nil {
return err
}

Client = awsSes.NewFromConfig(cfg)
return nil
}
func SendEmailForVerityIdentity(client *awsSes.Client, targetEmailAddress string, code string) error {
subject := "[TKS][인증번호:" + code + "] – 요청하신 인증번호를 알려드립니다."
body := "아래의 인증번호를 인증번호 입력창에 입력해 주세요.\n\n" +
"인증번호: " + code + "\n\n" +
"TKS를 이용해 주셔서 감사합니다.\nTKS Team 드림"

input := &awsSes.SendEmailInput{
Destination: &types.Destination{
ToAddresses: []string{targetEmailAddress},
},
Message: &types.Message{
Body: &types.Body{
Text: &types.Content{
Data: aws.String(body),
},
},
Subject: &types.Content{
Data: aws.String(subject),
},
},
Source: aws.String(senderEmailAddress),
}

if _, err := client.SendEmail(context.Background(), input); err != nil {
log.Errorf("failed to send email, %v", err)
return err
}

return nil
}

func SendEmailForTemporaryPassword(client *awsSes.Client, targetEmailAddress string, randomPassword string) error {
subject := "[TKS] 비밀번호 초기화"
body := "임시 비밀번호가 발급되었습니다.\n\n" + "임시 비밀번호는 [" + randomPassword + "]이며\n" +
"로그인 후 비밀번호를 변경하여 사용하십시요.\n\n" + "TKS를 이용해 주셔서 감사합니다.\nTKS Team 드림"

input := &awsSes.SendEmailInput{
Destination: &types.Destination{
ToAddresses: []string{targetEmailAddress},
},
Message: &types.Message{
Body: &types.Body{
Text: &types.Content{
Data: aws.String(body),
},
},
Subject: &types.Content{
Data: aws.String(subject),
},
},
Source: aws.String(senderEmailAddress),
}

if _, err := client.SendEmail(context.Background(), input); err != nil {
log.Errorf("failed to send email, %v", err)
return err
}

return nil
}
14 changes: 14 additions & 0 deletions internal/constants.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
package internal

import "time"

const (
PasswordExpiredDuration = 30 * 24 * time.Hour
EmailCodeExpireTime = 5 * time.Minute
API_VERSION = "/1.0"
API_PREFIX = "/api"
ADMINAPI_PREFIX = "/admin"

SYSTEM_API_VERSION = "/1.0"
SYSTEM_API_PREFIX = "/system-api"
)
3 changes: 3 additions & 0 deletions internal/database/database.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,9 @@ func InitDB() (*gorm.DB, error) {

func migrateSchema(db *gorm.DB) error {
// Auth
if err := db.AutoMigrate(&repository.CacheEmailCode{}); err != nil {
return err
}
if err := db.AutoMigrate(&repository.User{}); err != nil {
return err
}
Expand Down
Loading