added authorization.go for authorization related functions

This commit is contained in:
Alfred Kamanda 2025-07-03 16:52:59 +03:00
parent b9aae610db
commit 2b557b27cf
Signed by: Alfred-mk
GPG Key ID: 7EA3D01708908703
2 changed files with 77 additions and 68 deletions

View File

@ -0,0 +1,77 @@
package application
import (
"context"
"fmt"
"git.defalsify.org/vise.git/resource"
"git.grassecon.net/grassrootseconomics/common/pin"
storedb "git.grassecon.net/grassrootseconomics/sarafu-vise/store/db"
)
// Authorize attempts to unlock the next sequential nodes by verifying the provided PIN against the already set PIN.
// It sets the required flags that control the flow.
func (h *MenuHandlers) Authorize(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result
var err error
sessionId, ok := ctx.Value("SessionId").(string)
if !ok {
return res, fmt.Errorf("missing session")
}
flag_incorrect_pin, _ := h.flagManager.GetFlag("flag_incorrect_pin")
flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized")
flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update")
pinInput := string(input)
if !pin.IsValidPIN(pinInput) {
res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
return res, nil
}
store := h.userdataStore
AccountPin, err := store.ReadEntry(ctx, sessionId, storedb.DATA_ACCOUNT_PIN)
if err != nil {
logg.ErrorCtxf(ctx, "failed to read AccountPin entry with", "key", storedb.DATA_ACCOUNT_PIN, "error", err)
return res, err
}
// verify that the user provided the correct PIN
if pin.VerifyPIN(string(AccountPin), pinInput) {
// set the required flags for a valid PIN
res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
err := h.resetIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
}
} else {
// set the required flags for an incorrect PIN
res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
err = h.incrementIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
}
}
return res, nil
}
// ResetAllowUpdate resets the allowupdate flag that allows a user to update profile data.
func (h *MenuHandlers) ResetAllowUpdate(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result
flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update")
res.FlagReset = append(res.FlagReset, flag_allow_update)
return res, nil
}
// ResetAccountAuthorized resets the account authorization flag after a successful PIN entry.
func (h *MenuHandlers) ResetAccountAuthorized(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result
flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized")
res.FlagReset = append(res.FlagReset, flag_account_authorized)
return res, nil
}

View File

@ -16,7 +16,6 @@ import (
"git.defalsify.org/vise.git/persist"
"git.defalsify.org/vise.git/resource"
"git.defalsify.org/vise.git/state"
"git.grassecon.net/grassrootseconomics/common/pin"
"git.grassecon.net/grassrootseconomics/sarafu-api/remote"
"git.grassecon.net/grassrootseconomics/sarafu-vise/internal/sms"
"git.grassecon.net/grassrootseconomics/sarafu-vise/profile"
@ -243,22 +242,6 @@ func (h *MenuHandlers) ResetUnregisteredNumber(ctx context.Context, sym string,
return res, nil
}
// ResetAllowUpdate resets the allowupdate flag that allows a user to update profile data.
func (h *MenuHandlers) ResetAllowUpdate(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result
flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update")
res.FlagReset = append(res.FlagReset, flag_allow_update)
return res, nil
}
// ResetAccountAuthorized resets the account authorization flag after a successful PIN entry.
func (h *MenuHandlers) ResetAccountAuthorized(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result
flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized")
res.FlagReset = append(res.FlagReset, flag_account_authorized)
return res, nil
}
// CheckIdentifier retrieves the Public key from the userdatastore under the key: DATA_PUBLIC_KEY and triggers an sms that
// will be sent to the associated session id
func (h *MenuHandlers) CheckIdentifier(ctx context.Context, sym string, input []byte) (resource.Result, error) {
@ -287,57 +270,6 @@ func (h *MenuHandlers) CheckIdentifier(ctx context.Context, sym string, input []
return res, nil
}
// Authorize attempts to unlock the next sequential nodes by verifying the provided PIN against the already set PIN.
// It sets the required flags that control the flow.
func (h *MenuHandlers) Authorize(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result
var err error
sessionId, ok := ctx.Value("SessionId").(string)
if !ok {
return res, fmt.Errorf("missing session")
}
flag_incorrect_pin, _ := h.flagManager.GetFlag("flag_incorrect_pin")
flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized")
flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update")
pinInput := string(input)
if !pin.IsValidPIN(pinInput) {
res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
return res, nil
}
store := h.userdataStore
AccountPin, err := store.ReadEntry(ctx, sessionId, storedb.DATA_ACCOUNT_PIN)
if err != nil {
logg.ErrorCtxf(ctx, "failed to read AccountPin entry with", "key", storedb.DATA_ACCOUNT_PIN, "error", err)
return res, err
}
// verify that the user provided the correct PIN
if pin.VerifyPIN(string(AccountPin), pinInput) {
// set the required flags for a valid PIN
res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
err := h.resetIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
}
} else {
// set the required flags for an incorrect PIN
res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
err = h.incrementIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
}
}
return res, nil
}
// Setback sets the flag_back_set flag when the navigation is back.
func (h *MenuHandlers) SetBack(ctx context.Context, sym string, input []byte) (resource.Result, error) {
var res resource.Result