Update

Author: nkshah2

recipe/dashboard/api/implementation.go

@@ -50,6 +50,8 @@ func MakeAPIImplementation() dashboardmodels.APIInterface {
 		}
 		dashboardAppPath := options.AppInfo.APIBasePath.AppendPath(normalizedDashboardPath).GetAsStringDangerous()
 
+		authMode := string(options.Config.AuthMode)
+
 		return `
 		<html>
 		<head>
@@ -58,6 +60,7 @@ func MakeAPIImplementation() dashboardmodels.APIInterface {
 						window.staticBasePath = "` + bundleDomain + `/static"
 						window.dashboardAppPath = "` + dashboardAppPath + `"
 						window.connectionURI = "` + connectionURI + `"
+						window.authMode = "` + authMode + `"
 				</script>
 				<script defer src="` + bundleDomain + `/static/js/bundle.js"></script></head>
 				<link href="` + bundleDomain + `/static/css/main.css" rel="stylesheet" type="text/css">

recipe/dashboard/api/signInPost.go

@@ -0,0 +1,79 @@
+package api
+
+import (
+	"encoding/json"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/supertokens"
+)
+
+type signInPostResponse struct {
+	Status    string `json:"status"`
+	SessionId string `json:"sessionId,omitempty"`
+	Message   string `json:"message,omitempty"`
+}
+
+type signInRequestBody struct {
+	Email    *string `json:"email"`
+	Password *string `json:"password"`
+}
+
+func SignInPost(apiInterface dashboardmodels.APIInterface, options dashboardmodels.APIOptions) (signInPostResponse, error) {
+	body, err := supertokens.ReadFromRequest(options.Req)
+
+	if err != nil {
+		return signInPostResponse{}, err
+	}
+
+	var readBody signInRequestBody
+	err = json.Unmarshal(body, &readBody)
+	if err != nil {
+		return signInPostResponse{}, err
+	}
+
+	if readBody.Email == nil {
+		return signInPostResponse{}, supertokens.BadInputError{
+			Msg: "Required parameter 'email' is missing",
+		}
+	}
+
+	if readBody.Password == nil {
+		return signInPostResponse{}, supertokens.BadInputError{
+			Msg: "Required parameter 'password' is missing",
+		}
+	}
+
+	querier, querierErr := supertokens.GetNewQuerierInstanceOrThrowError("dashboard")
+
+	if querierErr != nil {
+		return signInPostResponse{}, querierErr
+	}
+
+	apiResponse, apiErr := querier.SendPostRequest("/recipe/dashboard/signin", map[string]interface{}{
+		"email":    *readBody.Email,
+		"password": *readBody.Password,
+	})
+
+	if apiErr != nil {
+		return signInPostResponse{}, apiErr
+	}
+
+	status, ok := apiResponse["status"]
+
+	if ok && status == "OK" {
+		return signInPostResponse{
+			Status:    "OK",
+			SessionId: apiResponse["sessionId"].(string),
+		}, nil
+	}
+
+	if status == "USER_SUSPENDED_ERROR" {
+		return signInPostResponse{
+			Status:  "USER_SUSPENDED_ERROR",
+			Message: apiResponse["message"].(string),
+		}, nil
+	}
+
+	return signInPostResponse{
+		Status: "INVAlID_CREDENTIALS_ERROR",
+	}, nil
+}

recipe/dashboard/api/signOutPost.go

@@ -0,0 +1,43 @@
+package api
+
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/supertokens"
+	"strings"
+)
+
+type signOutPostResponse struct {
+	Status string `json:"status"`
+}
+
+func SignOutPost(apiInterface dashboardmodels.APIInterface, options dashboardmodels.APIOptions) (signOutPostResponse, error) {
+	if options.Config.ApiKey != nil {
+		return signOutPostResponse{
+			Status: "OK",
+		}, nil
+	}
+
+	sessionIdFromHeader := options.Req.Header.Get("authorization")
+
+	// We receive the api key as `Bearer API_KEY`, this retrieves just the key
+	keyParts := strings.Split(sessionIdFromHeader, " ")
+	sessionIdFromHeader = keyParts[len(keyParts)-1]
+
+	querier, querierErr := supertokens.GetNewQuerierInstanceOrThrowError("dashboard")
+
+	if querierErr != nil {
+		return signOutPostResponse{}, querierErr
+	}
+
+	_, apiError := querier.SendDeleteRequest("/recipe/dashboard/session", map[string]interface{}{}, map[string]string{
+		"sessionId": sessionIdFromHeader,
+	})
+
+	if apiError != nil {
+		return signOutPostResponse{}, apiError
+	}
+
+	return signOutPostResponse{
+		Status: "OK",
+	}, nil
+}

recipe/dashboard/api/validateKey.go

@@ -2,20 +2,22 @@ package api
 
 import (
 	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/validationUtils"
 	"github.com/supertokens/supertokens-golang/supertokens"
 )
 
 func ValidateKey(apiImplementation dashboardmodels.APIInterface, options dashboardmodels.APIOptions) error {
-	shouldAllowAccess, err := (*options.RecipeImplementation.ShouldAllowAccess)(options.Req, options.Config, supertokens.MakeDefaultUserContextFromAPI(options.Req))
+	isKeyValid, err := validationUtils.ValidateApiKey(options.Req, options.Config, supertokens.MakeDefaultUserContextFromAPI(options.Req))
+
 	if err != nil {
 		return err
 	}
 
-	if !shouldAllowAccess {
+	if isKeyValid {
+		return supertokens.Send200Response(options.Res, map[string]interface{}{
+			"status": "OK",
+		})
+	} else {
 		return supertokens.SendUnauthorisedAccess(options.Res)
 	}
-
-	return supertokens.Send200Response(options.Res, map[string]interface{}{
-		"status": "OK",
-	})
 }

recipe/dashboard/constants.go

@@ -10,3 +10,5 @@ const userSessionsAPI = "/api/user/sessions"
 const userMetaDataAPI = "/api/user/metadata"
 const userEmailVerifyTokenAPI = "/api/user/email/verify/token"
 const userPasswordAPI = "/api/user/password"
+const signInAPI = "/api/signin"
+const signOutAPI = "/api/signout"

recipe/dashboard/recipe.go

@@ -41,7 +41,12 @@ func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *
 	verifiedConfig := validateAndNormaliseUserInput(appInfo, config)
 	r.Config = verifiedConfig
 
-	recipeImplementation := makeRecipeImplementation()
+	querierInstance, err := supertokens.GetNewQuerierInstanceOrThrowError(recipeId)
+	if err != nil {
+		return Recipe{}, err
+	}
+
+	recipeImplementation := makeRecipeImplementation(*querierInstance)
 	r.RecipeImpl = verifiedConfig.Override.Functions(recipeImplementation)
 
 	r.APIImpl = verifiedConfig.Override.APIs(api.MakeAPIImplementation())
@@ -156,6 +161,10 @@ func (r *Recipe) handleAPIRequest(id string, req *http.Request, res http.Respons
 			return userdetails.UserEmailVerifyTokenPost(r.APIImpl, options)
 		} else if id == userPasswordAPI {
 			return userdetails.UserPasswordPut(r.APIImpl, options)
+		} else if id == signInAPI {
+			return api.SignInPost(r.APIImpl, options)
+		} else if id == signOutAPI {
+			return api.SignOutPost(r.APIImpl, options)
 		}
 		return nil, errors.New("should never come here")
 	})

recipe/dashboard/recipeimplementation.go

@@ -17,36 +17,46 @@ package dashboard
 
 import (
 	"fmt"
-	"net/http"
-	"strings"
-
 	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/validationUtils"
 	"github.com/supertokens/supertokens-golang/supertokens"
+	"net/http"
+	"strings"
 )
 
-func makeRecipeImplementation() dashboardmodels.RecipeInterface {
+func makeRecipeImplementation(querier supertokens.Querier) dashboardmodels.RecipeInterface {
 
 	getDashboardBundleLocation := func(userContext supertokens.UserContext) (string, error) {
 		return fmt.Sprintf("https://cdn.jsdelivr.net/gh/supertokens/dashboard@v%s/build/", supertokens.DashboardVersion), nil
 	}
 
 	shouldAllowAccess := func(req *http.Request, config dashboardmodels.TypeNormalisedInput, userContext supertokens.UserContext) (bool, error) {
 		if config.ApiKey == nil {
-			// TODO Handle sign in logic here
-			return false, nil
-		}
+			authHeaderValue := req.Header.Get("authorization")
+			// We receive the api key as `Bearer API_KEY`, this retrieves just the key
+			keyParts := strings.Split(authHeaderValue, " ")
+			authHeaderValue = keyParts[len(keyParts)-1]
+
+			verifyResponse, err := querier.SendPostRequest("/recipe/dashboard/session/verify", map[string]interface{}{
+				"sessionId": authHeaderValue,
+			})
+
+			if err != nil {
+				return false, err
+			}
 
-		apiKeyHeaderValue := req.Header.Get("authorization")
+			status, ok := verifyResponse["status"]
+
+			return ok && status.(string) == "OK", nil
+		}
 
-		// We receieve the api key as `Bearer API_KEY`, this retrieves just the key
-		keyParts := strings.Split(apiKeyHeaderValue, " ")
-		apiKeyHeaderValue = keyParts[len(keyParts)-1]
+		validateKeyResponse, err := validationUtils.ValidateApiKey(req, config, userContext)
 
-		if apiKeyHeaderValue == "" {
-			return false, nil
+		if err != nil {
+			return false, err
 		}
 
-		return apiKeyHeaderValue == *config.ApiKey, nil
+		return validateKeyResponse, nil
 	}
 
 	return dashboardmodels.RecipeInterface{

recipe/dashboard/utils.go

@@ -124,5 +124,15 @@ func getApiIdIfMatched(path supertokens.NormalisedURLPath, method string) (*stri
 		return &val, nil
 	}
 
+	if method == http.MethodPost && strings.HasSuffix(path.GetAsStringDangerous(), signInAPI) {
+		val := signInAPI
+		return &val, nil
+	}
+
+	if method == http.MethodPost && strings.HasSuffix(path.GetAsStringDangerous(), signOutAPI) {
+		val := signOutAPI
+		return &val, nil
+	}
+
 	return nil, nil
 }

recipe/dashboard/validationUtils/main.go

@@ -0,0 +1,22 @@
+package validationUtils
+
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/supertokens"
+	"net/http"
+	"strings"
+)
+
+func ValidateApiKey(req *http.Request, config dashboardmodels.TypeNormalisedInput, usercontext supertokens.UserContext) (bool, error) {
+	apiKeyHeaderValue := req.Header.Get("authorization")
+
+	// We receive the api key as `Bearer API_KEY`, this retrieves just the key
+	keyParts := strings.Split(apiKeyHeaderValue, " ")
+	apiKeyHeaderValue = keyParts[len(keyParts)-1]
+
+	if apiKeyHeaderValue == "" {
+		return false, nil
+	}
+
+	return apiKeyHeaderValue == *config.ApiKey, nil
+}

supertokens/querier.go

@@ -144,7 +144,7 @@ func (q *Querier) SendPostRequest(path string, data map[string]interface{}) (map
 	}, len(QuerierHosts))
 }
 
-func (q *Querier) SendDeleteRequest(path string, data map[string]interface{}) (map[string]interface{}, error) {
+func (q *Querier) SendDeleteRequest(path string, data map[string]interface{}, params map[string]string) (map[string]interface{}, error) {
 	nP, err := NewNormalisedURLPath(path)
 	if err != nil {
 		return nil, err
@@ -159,6 +159,13 @@ func (q *Querier) SendDeleteRequest(path string, data map[string]interface{}) (m
 			return nil, err
 		}
 
+		query := req.URL.Query()
+
+		for k, v := range params {
+			query.Add(k, v)
+		}
+		req.URL.RawQuery = query.Encode()
+
 		apiVerion, querierAPIVersionError := q.GetQuerierAPIVersion()
 		if querierAPIVersionError != nil {
 			return nil, querierAPIVersionError