signoz/ee/http/middleware/pat.go

package middleware

import (
	"net/http"
	"time"

	"github.com/SigNoz/signoz/pkg/types"
	"github.com/SigNoz/signoz/pkg/types/authtypes"
	"github.com/uptrace/bun"
	"go.uber.org/zap"
)

type Pat struct {
	db      *bun.DB
	uuid    *authtypes.UUID
	headers []string
}

func NewPat(db *bun.DB, headers []string) *Pat {
	return &Pat{db: db, uuid: authtypes.NewUUID(), headers: headers}
}

func (p *Pat) Wrap(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		var values []string
		var patToken string
		var pat types.StorablePersonalAccessToken
		var updateLastUsed bool

		for _, header := range p.headers {
			values = append(values, r.Header.Get(header))
		}

		ctx, err := p.uuid.ContextFromRequest(r.Context(), values...)
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}
		patToken, ok := authtypes.UUIDFromContext(ctx)
		if !ok {
			next.ServeHTTP(w, r)
			return
		}

		err = p.db.NewSelect().Model(&pat).Where("token = ?", patToken).Scan(r.Context())
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}

		if pat.ExpiresAt < time.Now().Unix() && pat.ExpiresAt != 0 {
			next.ServeHTTP(w, r)
			return
		}

		// get user from db
		user := types.User{}
		err = p.db.NewSelect().Model(&user).Where("id = ?", pat.UserID).Scan(r.Context())
		if err != nil {
			next.ServeHTTP(w, r)
			return
		}

		jwt := authtypes.Claims{
			UserID:  user.ID,
			GroupID: user.GroupID,
			Email:   user.Email,
			OrgID:   user.OrgID,
		}

		ctx = authtypes.NewContextWithClaims(ctx, jwt)

		r = r.WithContext(ctx)

		next.ServeHTTP(w, r)

		// update last used only if SIGNOZ-API-KEY was present and successful
		if updateLastUsed {
			pat.LastUsed = time.Now().Unix()
			_, err = p.db.NewUpdate().Model(&pat).Column("last_used").Where("token = ?", patToken).Where("revoked = false").Exec(r.Context())
			if err != nil {
				zap.L().Error("Failed to update PAT last used in db, err: %v", zap.Error(err))
			}
		}

	})

}
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`package middleware`

			`import (`
			`"net/http"`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`"time"`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30
fix: publish signoz as package (#7378) Signed-off-by: Shivanshu Raj Shrivastava <shivanshu1333@gmail.com> 2025-03-20 21:01:41 +05:30			`"github.com/SigNoz/signoz/pkg/types"`
			`"github.com/SigNoz/signoz/pkg/types/authtypes"`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`"github.com/uptrace/bun"`
			`"go.uber.org/zap"`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`)`

			`type Pat struct {`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`db *bun.DB`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`uuid *authtypes.UUID`
			`headers []string`
			`}`

fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`func NewPat(db bun.DB, headers []string) Pat {`
			`return &Pat{db: db, uuid: authtypes.NewUUID(), headers: headers}`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`}`

			`func (p *Pat) Wrap(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`var values []string`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`var patToken string`
			`var pat types.StorablePersonalAccessToken`
			`var updateLastUsed bool`

fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`for _, header := range p.headers {`
			`values = append(values, r.Header.Get(header))`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30			`}`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`ctx, err := p.uuid.ContextFromRequest(r.Context(), values...)`
			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`
fix: fix the pat middleware (#7402) 2025-03-22 12:50:43 +05:30			`patToken, ok := authtypes.UUIDFromContext(ctx)`
			`if !ok {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

			`err = p.db.NewSelect().Model(&pat).Where("token = ?", patToken).Scan(r.Context())`
			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

			`if pat.ExpiresAt < time.Now().Unix() && pat.ExpiresAt != 0 {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

			`// get user from db`
			`user := types.User{}`
			`err = p.db.NewSelect().Model(&user).Where("id = ?", pat.UserID).Scan(r.Context())`
			`if err != nil {`
			`next.ServeHTTP(w, r)`
			`return`
			`}`

			`jwt := authtypes.Claims{`
			`UserID: user.ID,`
			`GroupID: user.GroupID,`
			`Email: user.Email,`
			`OrgID: user.OrgID,`
			`}`

			`ctx = authtypes.NewContextWithClaims(ctx, jwt)`
fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30
			`r = r.WithContext(ctx)`

			`next.ServeHTTP(w, r)`
fix: move pat and org domains towards postgres multitenancy (#7337) * fix: inital commit for pat * fix: add migration file * fix: add domain changes * fix: minor fixes * fix: update migration * fix: update migration * fix: update pat and old migration * fix: move domain and sso type to ee 2025-03-20 13:59:52 +05:30
			`// update last used only if SIGNOZ-API-KEY was present and successful`
			`if updateLastUsed {`
			`pat.LastUsed = time.Now().Unix()`
			`_, err = p.db.NewUpdate().Model(&pat).Column("last_used").Where("token = ?", patToken).Where("revoked = false").Exec(r.Context())`
			`if err != nil {`
			`zap.L().Error("Failed to update PAT last used in db, err: %v", zap.Error(err))`
			`}`
			`}`

fix: refactor auth package (#7110) * fix: refactor auth package * fix: minor changes * fix: refactor jwt * fix: add tests and address comments * fix: address comments * fix: add uncomitted file * fix: address comments * fix: update tests 2025-02-17 18:16:41 +05:30			`})`

			`}`