signoz/ee/http/middleware/pat.go

package middleware

import (
	"net/http"
	"time"

	eeTypes "github.com/SigNoz/signoz/ee/types"
	"github.com/SigNoz/signoz/pkg/sqlstore"
	"github.com/SigNoz/signoz/pkg/types"
	"github.com/SigNoz/signoz/pkg/types/authtypes"
	"go.uber.org/zap"
)

type Pat struct {
	store   sqlstore.SQLStore
	uuid    *authtypes.UUID
	headers []string
}

func NewPat(store sqlstore.SQLStore, headers []string) *Pat {
	return &Pat{store: store, uuid: authtypes.NewUUID(), headers: headers}
}

func (p *Pat) Wrap(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		var values []string
		var patToken string
		var pat eeTypes.StorablePersonalAccessToken

		for _, header := range p.headers {
			values = append(values, r.Header.Get(header))
		}

		ctx, err := p.uuid.ContextFromRequest(r.Context(), values...)
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}
		patToken, ok := authtypes.UUIDFromContext(ctx)
		if !ok {
			next.ServeHTTP(w, r)
			return
		}

		err = p.store.BunDB().NewSelect().Model(&pat).Where("token = ?", patToken).Scan(r.Context())
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}

		if pat.ExpiresAt < time.Now().Unix() && pat.ExpiresAt != 0 {
			next.ServeHTTP(w, r)
			return
		}

		// get user from db
		user := types.User{}
		err = p.store.BunDB().NewSelect().Model(&user).Where("id = ?", pat.UserID).Scan(r.Context())
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}

		role, err := types.NewRole(user.Role)
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}

		jwt := authtypes.Claims{
			UserID: user.ID.String(),
			Role:   role,
			Email:  user.Email,
			OrgID:  user.OrgID,
		}

		ctx = authtypes.NewContextWithClaims(ctx, jwt)

		r = r.WithContext(ctx)

		next.ServeHTTP(w, r)

		pat.LastUsed = time.Now().Unix()
		_, err = p.store.BunDB().NewUpdate().Model(&pat).Column("last_used").Where("token = ?", patToken).Where("revoked = false").Exec(r.Context())
		if err != nil {
			zap.L().Error("Failed to update PAT last used in db, err: %v", zap.Error(err))
		}

	})

}
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`package middleware`

			`import (`
			`"net/http"`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`"time"`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30
chore: add migration for pat to add default values (#7492) * chore: add migration for pat to add default values * fix: minor changes * fix: don't panic in GetClickhouseColumnName * fix: use new function for pat * fix: address minor comments * fix: address comments * fix: remove generatepat * fix: minor changes * fix: remove extra check --------- Co-authored-by: Vibhu Pandey <vibhupandey28@gmail.com> 2025-04-01 23:49:37 +05:30			`eeTypes "github.com/SigNoz/signoz/ee/types"`
fix: use sqlStore instead of bun.db (#7416) * fix: use sqlStore instead of bun.db * fix: get it to running state * fix: name changes 2025-03-24 14:54:20 +05:30			`"github.com/SigNoz/signoz/pkg/sqlstore"`
fix: publish signoz as package (#7378) Signed-off-by: Shivanshu Raj Shrivastava <shivanshu1333@gmail.com> 2025-03-20 21:01:41 +05:30			`"github.com/SigNoz/signoz/pkg/types"`
			`"github.com/SigNoz/signoz/pkg/types/authtypes"`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`"go.uber.org/zap"`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`)`

			`type Pat struct {`
fix: use sqlStore instead of bun.db (#7416) * fix: use sqlStore instead of bun.db * fix: get it to running state * fix: name changes 2025-03-24 14:54:20 +05:30			`store sqlstore.SQLStore`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`uuid *authtypes.UUID`
			`headers []string`
			`}`

fix: use sqlStore instead of bun.db (#7416) * fix: use sqlStore instead of bun.db * fix: get it to running state * fix: name changes 2025-03-24 14:54:20 +05:30			`func NewPat(store sqlstore.SQLStore, headers []string) *Pat {`
			`return &Pat{store: store, uuid: authtypes.NewUUID(), headers: headers}`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`}`

			`func (p *Pat) Wrap(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`var values []string`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`var patToken string`
chore: add migration for pat to add default values (#7492) * chore: add migration for pat to add default values * fix: minor changes * fix: don't panic in GetClickhouseColumnName * fix: use new function for pat * fix: address minor comments * fix: address comments * fix: remove generatepat * fix: minor changes * fix: remove extra check --------- Co-authored-by: Vibhu Pandey <vibhupandey28@gmail.com> 2025-04-01 23:49:37 +05:30			`var pat eeTypes.StorablePersonalAccessToken`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`for _, header := range p.headers {`
			`values = append(values, r.Header.Get(header))`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`}`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`ctx, err := p.uuid.ContextFromRequest(r.Context(), values...)`
			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30			`patToken, ok := authtypes.UUIDFromContext(ctx)`
			`if !ok {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

fix: use sqlStore instead of bun.db (#7416) * fix: use sqlStore instead of bun.db * fix: get it to running state * fix: name changes 2025-03-24 14:54:20 +05:30			`err = p.store.BunDB().NewSelect().Model(&pat).Where("token = ?", patToken).Scan(r.Context())`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

			`if pat.ExpiresAt < time.Now().Unix() && pat.ExpiresAt != 0 {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

			`// get user from db`
			`user := types.User{}`
fix: use sqlStore instead of bun.db (#7416) * fix: use sqlStore instead of bun.db * fix: get it to running state * fix: name changes 2025-03-24 14:54:20 +05:30			`err = p.store.BunDB().NewSelect().Model(&user).Where("id = ?", pat.UserID).Scan(r.Context())`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

chore(auth): refactor the auth modules and handler in preparation for multi tenant login (#7778) * chore: update auth * chore: password changes * chore: make changes in oss code * chore: login * chore: get to a running state * fix: migration inital commit * fix: signoz cloud intgtn tests * fix: minor fixes * chore: sso code fixed with org domain * fix: tests * fix: ee auth api's * fix: changes in name * fix: return user in login api * fix: address comments * fix: validate password * fix: handle get domain by email properly * fix: move authomain to usermodule * fix: use displayname instead of hname * fix: rename back endpoints * fix: update telemetry * fix: correct errors * fix: test and fix the invite endpoints * fix: delete all things related to user in store * fix: address issues * fix: ee delete invite * fix: rename func * fix: update user and update role * fix: update role * fix: login and invite changes * fix: return org name in users response * fix: update user role * fix: nil check * fix: getinvite and update role * fix: sso * fix: getinvite use sso ctx * fix: use correct sourceurl * fix: getsourceurl from req payload * fix: update created_at * fix: fix reset password * fix: sso signup and token password change * fix: don't delete last admin * fix: reset password and migration * fix: migration * fix: reset password for sso users * fix: clean up invite * fix: migration * fix: update claims and store code * fix: use correct error * fix: proper nil checks * fix: make migration multitenant * fix: address comments * fix: minor fixes * fix: test * fix: rename reset password --------- Co-authored-by: Vikrant Gupta <vikrant@signoz.io> 2025-05-14 23:12:55 +05:30			`role, err := types.NewRole(user.Role)`
feat(auth): drop group table (#7672) ### Summary drop group table 2025-04-26 15:50:02 +05:30			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30			`jwt := authtypes.Claims{`
chore(auth): refactor the auth modules and handler in preparation for multi tenant login (#7778) * chore: update auth * chore: password changes * chore: make changes in oss code * chore: login * chore: get to a running state * fix: migration inital commit * fix: signoz cloud intgtn tests * fix: minor fixes * chore: sso code fixed with org domain * fix: tests * fix: ee auth api's * fix: changes in name * fix: return user in login api * fix: address comments * fix: validate password * fix: handle get domain by email properly * fix: move authomain to usermodule * fix: use displayname instead of hname * fix: rename back endpoints * fix: update telemetry * fix: correct errors * fix: test and fix the invite endpoints * fix: delete all things related to user in store * fix: address issues * fix: ee delete invite * fix: rename func * fix: update user and update role * fix: update role * fix: login and invite changes * fix: return org name in users response * fix: update user role * fix: nil check * fix: getinvite and update role * fix: sso * fix: getinvite use sso ctx * fix: use correct sourceurl * fix: getsourceurl from req payload * fix: update created_at * fix: fix reset password * fix: sso signup and token password change * fix: don't delete last admin * fix: reset password and migration * fix: migration * fix: reset password for sso users * fix: clean up invite * fix: migration * fix: update claims and store code * fix: use correct error * fix: proper nil checks * fix: make migration multitenant * fix: address comments * fix: minor fixes * fix: test * fix: rename reset password --------- Co-authored-by: Vikrant Gupta <vikrant@signoz.io> 2025-05-14 23:12:55 +05:30			`UserID: user.ID.String(),`
feat(auth): drop group table (#7672) ### Summary drop group table 2025-04-26 15:50:02 +05:30			`Role: role,`
			`Email: user.Email,`
			`OrgID: user.OrgID,`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30			`}`

			`ctx = authtypes.NewContextWithClaims(ctx, jwt)`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30
			`r = r.WithContext(ctx)`

			`next.ServeHTTP(w, r)`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30
fix: update pat last used (#7407) 2025-03-22 17:51:25 +05:30			`pat.LastUsed = time.Now().Unix()`
fix: use sqlStore instead of bun.db (#7416) * fix: use sqlStore instead of bun.db * fix: get it to running state * fix: name changes 2025-03-24 14:54:20 +05:30			`_, err = p.store.BunDB().NewUpdate().Model(&pat).Column("last_used").Where("token = ?", patToken).Where("revoked = false").Exec(r.Context())`
fix: update pat last used (#7407) 2025-03-22 17:51:25 +05:30			`if err != nil {`
			`zap.L().Error("Failed to update PAT last used in db, err: %v", zap.Error(err))`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`}`

fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`})`

			`}`