toolz/goplt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): Complete Auth Service implementation and fix Consul health checks

Browse Source 
- Add VerifyPassword RPC to Identity Service
  - Added to proto file and generated code
  - Implemented in Identity Service gRPC server
  - Added to Identity Service client interface and gRPC client

- Complete RefreshToken implementation
  - Store refresh tokens in database using RefreshToken entity
  - Validate refresh tokens with expiration checking
  - Revoke refresh tokens on logout and token rotation

- Integrate Authz Service for role retrieval
  - Added AuthzServiceClient to Auth Service
  - Get user roles during login and token refresh
  - Gracefully handle Authz Service failures

- Require JWT secret in configuration
  - Removed default secret fallback
  - Service fails to start if JWT secret is not configured

- Fix Consul health checks for Docker
  - Services now register with Docker service names (e.g., audit-service)
  - Allows Consul (in Docker) to reach services via Docker DNS
  - Health checks use gRPC service names instead of localhost

This completes all TODOs in auth_service_fx.go and fixes the Consul
health check failures in Docker environments.
This commit is contained in:
0x1d
2025-11-06 21:26:34 +01:00
parent b02c1d44c8
commit 04022b835e
34 changed files with 6775 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
internal/ent/runtime.go
View File

@@ -7,6 +7,7 @@ import (
"git.dcentral.systems/toolz/goplt/internal/ent/auditlog"
"git.dcentral.systems/toolz/goplt/internal/ent/permission"
"git.dcentral.systems/toolz/goplt/internal/ent/refreshtoken"
"git.dcentral.systems/toolz/goplt/internal/ent/role"
"git.dcentral.systems/toolz/goplt/internal/ent/schema"
"git.dcentral.systems/toolz/goplt/internal/ent/user"
@@ -36,6 +37,20 @@ func init() {
permissionDescName := permissionFields[1].Descriptor()
// permission.NameValidator is a validator for the "name" field. It is called by the builders before save.
permission.NameValidator = permissionDescName.Validators[0].(func(string) error)
refreshtokenFields := schema.RefreshToken{}.Fields()
_ = refreshtokenFields
// refreshtokenDescUserID is the schema descriptor for user_id field.
refreshtokenDescUserID := refreshtokenFields[1].Descriptor()
// refreshtoken.UserIDValidator is a validator for the "user_id" field. It is called by the builders before save.
refreshtoken.UserIDValidator = refreshtokenDescUserID.Validators[0].(func(string) error)
// refreshtokenDescTokenHash is the schema descriptor for token_hash field.
refreshtokenDescTokenHash := refreshtokenFields[2].Descriptor()
// refreshtoken.TokenHashValidator is a validator for the "token_hash" field. It is called by the builders before save.
refreshtoken.TokenHashValidator = refreshtokenDescTokenHash.Validators[0].(func(string) error)
// refreshtokenDescCreatedAt is the schema descriptor for created_at field.
refreshtokenDescCreatedAt := refreshtokenFields[4].Descriptor()
// refreshtoken.DefaultCreatedAt holds the default value on creation for the created_at field.
refreshtoken.DefaultCreatedAt = refreshtokenDescCreatedAt.Default.(func() time.Time)
roleFields := schema.Role{}.Fields()
_ = roleFields
// roleDescName is the schema descriptor for name field.