Merge branch 'main' into parser-refacto

.gitignore

@@ -4,19 +4,18 @@ go.work
 go.work.sum
 *.code-workspace
 *.toml
-*.txt
-*.env
-*log*
+*log
 
 # API Ignore
 main
 deploy/mdb/*
 *.DS_Store
+API/.env
 
 # CLI Ignore
 .idea/
 cli
 cli.exe
 cli.mac
 .history
-*.ocli
+*.ocli

API/Jenkinsfile

@@ -142,6 +142,13 @@ pipeline {
             }
         }
 
+        stage('Update Endpoint Doc') {
+            steps {
+                echo 'Updating endpoint doc'
+                sh ''
+            }
+        }
+
         stage('Deploy') {
             steps {
                 echo 'Deploying....'

API/ReadMe.md

@@ -53,14 +53,24 @@ You can modify the port of the API in the .env file. This is the port that the A
  - Navigate in your terminal to the ```init_db``` directory  
  - Execute the bash script ```ogreeBoot.sh```
  - Enter your password when the prompt asks you
- - Execute the bash script ```addTenant.sh``` with the flag --name myCompanyName (specify your company name here)
  - Be sure to enter your user password and the desired the DB access password
  - Update your .env file ```db_user=myCompanyName``` and ```db_pass=dbAccessPassword```
  - Execute the binary ```main```
 
-This .env file is not provided, so you must create it yourself. To view an example of the ```.env``` file: https://ogree.ditrit.io/htmls/apiReference.html   
-
-
+This .env file is not provided, so you must create it yourself. Here is an example of the ```.env``` file:
+```
+api_port = 3001
+db_host = 0.0.0.0
+db_port = 27017
+db_user = ""
+db_pass = ""
+db = "TenantName"
+token_password = thisIsTheJwtSecretPassword
+signing_password = thisIsTheRBACSecretPassword
+email_account = "[email protected]"
+email_password = ""
+reset_url = "http://localhost:8082/#/reset?token="
+``` 
 
 Jenkins
 --------------------------

API/app/auth.go

@@ -10,6 +10,7 @@ import (
 	"p3/models"
 
 	jwt "github.com/dgrijalva/jwt-go"
+	"go.mongodb.org/mongo-driver/bson/primitive"
 )
 
 var Log = func(next http.Handler) http.Handler {
@@ -26,13 +27,13 @@ var JwtAuthentication = func(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 
 		//Endpoints that don't require auth
-		notAuth := []string{"/api", "/api/login"}
+		notAuth := []string{"/api", "/api/login", "/api/users/password/forgot"}
 		requestPath := r.URL.Path //current request path
+		println(requestPath)
 
 		//check if request needs auth
 		//serve the request if not needed
 		for _, value := range notAuth {
-
 			if value == requestPath {
 				next.ServeHTTP(w, r)
 				return
@@ -80,7 +81,7 @@ var JwtAuthentication = func(next http.Handler) http.Handler {
 		}
 
 		//Token is invalid
-		if !token.Valid {
+		if !token.Valid || ((tk.Email == u.RESET_TAG) != (requestPath == "/api/users/password/reset")) {
 			response = u.Message(false, "Token is not valid.")
 			w.WriteHeader(http.StatusForbidden)
 			w.Header().Add("Content-Type", "application/json")
@@ -91,11 +92,47 @@ var JwtAuthentication = func(next http.Handler) http.Handler {
 		//Success
 		//set the caller to the user retrieved from the parsed token
 		//Useful for monitoring
-
-		//fmt.Sprintf("User %", tk.UserId)
-		userData := map[string]interface{}{"email": tk.Email}
+		userData := map[string]interface{}{"email": tk.Email, "userID": tk.UserId}
 		ctx := context.WithValue(r.Context(), "user", userData)
 		r = r.WithContext(ctx)
 		next.ServeHTTP(w, r) //proceed in the middleware chain!
 	})
 }
+
+func ParseToken(w http.ResponseWriter, r *http.Request) map[string]primitive.ObjectID {
+	//Grab the token from the header
+	tokenHeader := r.Header.Get("Authorization")
+
+	//Token is missing return 403
+	if tokenHeader == "" {
+		return nil
+	}
+
+	//Token format `Bearer {token-body}`
+	splitted := strings.Split(tokenHeader, " ")
+	if len(splitted) != 2 {
+		return nil
+	}
+
+	//Grab the token body
+	tokenPart := splitted[1]
+	tk := &models.Token{}
+
+	token, err := jwt.ParseWithClaims(tokenPart, tk, func(token *jwt.Token) (interface{}, error) {
+		return []byte(os.Getenv("token_password")), nil
+	})
+
+	//Malformed token
+	if err != nil {
+		return nil
+	}
+
+	//Token is invalid
+	if !token.Valid {
+		return nil
+	}
+
+	//Success
+	return map[string]primitive.ObjectID{
+		"userID": tk.UserId}
+}