From bfcec8e9fc3ea9de740d5334a2d92dc8fbdeeecc Mon Sep 17 00:00:00 2001
From: Julien Leicher <jleicher@gmail.com>
Date: Tue, 23 Apr 2024 14:00:50 +0200
Subject: [PATCH] feat: refresh API key, closes #47

---
 api.http                                      |  4 ++
 cmd/serve/front/src/lib/localization/en.ts    |  2 +
 cmd/serve/front/src/lib/localization/fr.ts    |  3 ++
 cmd/serve/front/src/lib/resources/users.ts    |  7 ++-
 .../src/routes/(main)/profile/+page.svelte    | 22 ++++++++-
 cmd/serve/server.go                           |  1 +
 cmd/serve/users.go                            | 23 +++++++++
 .../app/refresh_api_key/refresh_api_key.go    | 44 +++++++++++++++++
 .../refresh_api_key/refresh_api_key_test.go   | 48 +++++++++++++++++++
 internal/auth/domain/user.go                  | 22 +++++++++
 internal/auth/domain/user_test.go             | 12 +++++
 internal/auth/infra/memory/users.go           |  8 ++++
 internal/auth/infra/mod.go                    |  2 +
 internal/auth/infra/sqlite/users.go           |  7 +++
 14 files changed, 202 insertions(+), 3 deletions(-)
 create mode 100644 internal/auth/app/refresh_api_key/refresh_api_key.go
 create mode 100644 internal/auth/app/refresh_api_key/refresh_api_key_test.go

diff --git a/api.http b/api.http
index 15eb3b7b..62cb6899 100644
--- a/api.http
+++ b/api.http
@@ -33,6 +33,10 @@ Content-Type: application/json
 
 ###
 
+PUT {{url}}/profile/key
+
+###
+
 GET {{url}}/targets
 
 ###
diff --git a/cmd/serve/front/src/lib/localization/en.ts b/cmd/serve/front/src/lib/localization/en.ts
index 97289b6d..ed42baf2 100644
--- a/cmd/serve/front/src/lib/localization/en.ts
+++ b/cmd/serve/front/src/lib/localization/en.ts
@@ -141,6 +141,8 @@ You may reconsider and try to make the target reachable before deleting it.`,
 	'profile.key': 'API Key',
 	'profile.key.help':
 		'Pass this token as an <code>Authorization: Bearer</code> header to communicate with the seelf API. <strong>You MUST keep it secret!</strong>',
+	'profile.key.refresh': 'Regenerate API Key',
+	'profile.key.refresh.confirm': 'It will make the old key invalid. Do you confirm?',
 	// Deployment
 	'deployment.new': 'New deployment',
 	'deployment.deploy': 'Deploy',
diff --git a/cmd/serve/front/src/lib/localization/fr.ts b/cmd/serve/front/src/lib/localization/fr.ts
index 32e0468d..ba3d393f 100644
--- a/cmd/serve/front/src/lib/localization/fr.ts
+++ b/cmd/serve/front/src/lib/localization/fr.ts
@@ -144,6 +144,9 @@ Vous devriez probablement essayer de rendre la cible accessible avant de la supp
 		'profile.key': 'Clé API',
 		'profile.key.help':
 			"Passez ce jeton dans l'entête <code>Authorization: Bearer</code> pour communiquer avec l'API seelf. <strong>Vous devez le garder secret !</strong>",
+		'profile.key.refresh': "Regénérer la clé d'API",
+		'profile.key.refresh.confirm':
+			"L'ancienne clé ne sera plus valide. Confirmez-vous cette action ?",
 		// Deployment
 		'deployment.new': 'Nouveau déploiement',
 		'deployment.deploy': 'Déployer',
diff --git a/cmd/serve/front/src/lib/resources/users.ts b/cmd/serve/front/src/lib/resources/users.ts
index 295ba4ac..146dbfa0 100644
--- a/cmd/serve/front/src/lib/resources/users.ts
+++ b/cmd/serve/front/src/lib/resources/users.ts
@@ -19,13 +19,18 @@ export type UpdateProfileData = {
 
 export interface UsersService {
 	update(payload: UpdateProfileData): Promise<Profile>;
+	refreshAPIKey(): Promise<Pick<Profile, 'api_key'>>;
 }
 
 export class RemoteUsersService implements UsersService {
 	constructor(private readonly _fetcher: FetchService) {}
 
 	update(payload: UpdateProfileData): Promise<Profile> {
-		return this._fetcher.patch<Profile, UpdateProfileData>('/api/v1/profile', payload);
+		return this._fetcher.patch('/api/v1/profile', payload);
+	}
+
+	refreshAPIKey(): Promise<Pick<Profile, 'api_key'>> {
+		return this._fetcher.put('/api/v1/profile/key');
 	}
 }
 
diff --git a/cmd/serve/front/src/routes/(main)/profile/+page.svelte b/cmd/serve/front/src/routes/(main)/profile/+page.svelte
index 2bcc362c..88cfba17 100644
--- a/cmd/serve/front/src/routes/(main)/profile/+page.svelte
+++ b/cmd/serve/front/src/routes/(main)/profile/+page.svelte
@@ -8,14 +8,16 @@
 	import Stack from '$components/stack.svelte';
 	import TextArea from '$components/text-area.svelte';
 	import TextInput from '$components/text-input.svelte';
+	import Dropdown from '$components/dropdown.svelte';
+	import { submitter } from '$lib/form.js';
 	import service from '$lib/resources/users';
 	import l from '$lib/localization';
-	import Dropdown from '$components/dropdown.svelte';
 
 	export let data;
 
 	let email = data.user.email;
 	let password: Maybe<string>;
+	let apiKey = data.user.api_key;
 	let locale = l.locale();
 
 	const locales = l.locales().map((l) => ({ label: l.displayName, value: l.code }));
@@ -27,6 +29,14 @@
 				password: password ? password : undefined
 			})
 			.then(() => l.locale(locale));
+
+	const {
+		submit: refreshKey,
+		loading,
+		errors: refreshErr
+	} = submitter(() => service.refreshAPIKey().then((d) => (apiKey = d.api_key)), {
+		confirmation: l.translate('profile.key.refresh.confirm')
+	});
 </script>
 
 <Form handler={submit} let:submitting let:errors>
@@ -64,11 +74,19 @@
 			</FormSection>
 
 			<FormSection title="profile.integration">
+				<Button
+					slot="actions"
+					variant="outlined"
+					on:click={refreshKey}
+					loading={$loading}
+					text="profile.key.refresh"
+				/>
 				<Stack direction="column">
+					<FormErrors errors={$refreshErr} />
 					<Panel title="profile.integration.title" variant="help">
 						<p>{@html l.translate('profile.integration.description')}</p>
 					</Panel>
-					<TextArea label="profile.key" rows={1} code value={data.user.api_key} readonly>
+					<TextArea label="profile.key" rows={1} code value={apiKey} readonly>
 						<p>
 							{@html l.translate('profile.key.help')}
 						</p>
diff --git a/cmd/serve/server.go b/cmd/serve/server.go
index 063923a6..a9a189b7 100644
--- a/cmd/serve/server.go
+++ b/cmd/serve/server.go
@@ -85,6 +85,7 @@ func newHttpServer(options ServerOptions, root startup.ServerRoot) *server {
 	v1secured.DELETE("/jobs/:id", s.deleteJobsHandler())
 	v1secured.GET("/profile", s.getProfileHandler())
 	v1secured.PATCH("/profile", s.updateProfileHandler())
+	v1secured.PUT("/profile/key", s.refreshProfileKeyHandler())
 	v1secured.POST("/targets", s.createTargetHandler())
 	v1secured.PATCH("/targets/:id", s.updateTargetHandler())
 	v1secured.POST("/targets/:id/reconfigure", s.reconfigureTargetHandler())
diff --git a/cmd/serve/users.go b/cmd/serve/users.go
index 5e8310d4..402403f0 100644
--- a/cmd/serve/users.go
+++ b/cmd/serve/users.go
@@ -2,6 +2,7 @@ package serve
 
 import (
 	"github.com/YuukanOO/seelf/internal/auth/app/get_profile"
+	"github.com/YuukanOO/seelf/internal/auth/app/refresh_api_key"
 	"github.com/YuukanOO/seelf/internal/auth/app/update_user"
 	"github.com/YuukanOO/seelf/internal/auth/domain"
 	"github.com/YuukanOO/seelf/pkg/bus"
@@ -30,6 +31,28 @@ func (s *server) updateProfileHandler() gin.HandlerFunc {
 	})
 }
 
+type refreshProfileKeyResult struct {
+	APIKey string `json:"api_key"`
+}
+
+func (s *server) refreshProfileKeyHandler() gin.HandlerFunc {
+	return http.Send(s, func(ctx *gin.Context) error {
+		c := ctx.Request.Context()
+		currentUserID := domain.CurrentUser(c).MustGet()
+		key, err := bus.Send(s.bus, c, refresh_api_key.Command{
+			ID: string(currentUserID),
+		})
+
+		if err != nil {
+			return err
+		}
+
+		return http.Ok(ctx, refreshProfileKeyResult{
+			APIKey: key,
+		})
+	})
+}
+
 func (s *server) getProfileHandler() gin.HandlerFunc {
 	return http.Send(s, func(ctx *gin.Context) error {
 		c := ctx.Request.Context()
diff --git a/internal/auth/app/refresh_api_key/refresh_api_key.go b/internal/auth/app/refresh_api_key/refresh_api_key.go
new file mode 100644
index 00000000..b3a20101
--- /dev/null
+++ b/internal/auth/app/refresh_api_key/refresh_api_key.go
@@ -0,0 +1,44 @@
+package refresh_api_key
+
+import (
+	"context"
+
+	"github.com/YuukanOO/seelf/internal/auth/domain"
+	"github.com/YuukanOO/seelf/pkg/bus"
+)
+
+type Command struct {
+	bus.Command[string]
+
+	ID string `json:"-"`
+}
+
+func (Command) Name_() string { return "auth.command.refresh_api_key" }
+
+func Handler(
+	reader domain.UsersReader,
+	writer domain.UsersWriter,
+	generator domain.KeyGenerator,
+) bus.RequestHandler[string, Command] {
+	return func(ctx context.Context, cmd Command) (string, error) {
+		user, err := reader.GetByID(ctx, domain.UserID(cmd.ID))
+
+		if err != nil {
+			return "", err
+		}
+
+		key, err := generator.Generate()
+
+		if err != nil {
+			return "", err
+		}
+
+		user.HasAPIKey(key)
+
+		if err = writer.Write(ctx, &user); err != nil {
+			return "", err
+		}
+
+		return string(key), nil
+	}
+}
diff --git a/internal/auth/app/refresh_api_key/refresh_api_key_test.go b/internal/auth/app/refresh_api_key/refresh_api_key_test.go
new file mode 100644
index 00000000..bfe84bdc
--- /dev/null
+++ b/internal/auth/app/refresh_api_key/refresh_api_key_test.go
@@ -0,0 +1,48 @@
+package refresh_api_key_test
+
+import (
+	"context"
+	"testing"
+
+	"github.com/YuukanOO/seelf/internal/auth/app/refresh_api_key"
+	"github.com/YuukanOO/seelf/internal/auth/domain"
+	"github.com/YuukanOO/seelf/internal/auth/infra/crypto"
+	"github.com/YuukanOO/seelf/internal/auth/infra/memory"
+	"github.com/YuukanOO/seelf/pkg/apperr"
+	"github.com/YuukanOO/seelf/pkg/bus"
+	"github.com/YuukanOO/seelf/pkg/must"
+	"github.com/YuukanOO/seelf/pkg/testutil"
+)
+
+func Test_RefreshApiKey(t *testing.T) {
+	sut := func(existingUsers ...*domain.User) bus.RequestHandler[string, refresh_api_key.Command] {
+		store := memory.NewUsersStore(existingUsers...)
+
+		return refresh_api_key.Handler(store, store, crypto.NewKeyGenerator())
+	}
+
+	t.Run("should fail if the user does not exists", func(t *testing.T) {
+		uc := sut()
+
+		_, err := uc(context.Background(), refresh_api_key.Command{})
+
+		testutil.ErrorIs(t, apperr.ErrNotFound, err)
+	})
+
+	t.Run("should refresh the user's API key if everything is good", func(t *testing.T) {
+		user := must.Panic(domain.NewUser(domain.NewEmailRequirement("some@email.com", true), "someHashedPassword", "apikey"))
+		uc := sut(&user)
+
+		key, err := uc(context.Background(), refresh_api_key.Command{
+			ID: string(user.ID())},
+		)
+
+		testutil.IsNil(t, err)
+		testutil.NotEquals(t, "", key)
+
+		evt := testutil.EventIs[domain.UserAPIKeyChanged](t, &user, 1)
+
+		testutil.Equals(t, user.ID(), evt.ID)
+		testutil.Equals(t, key, string(evt.Key))
+	})
+}
diff --git a/internal/auth/domain/user.go b/internal/auth/domain/user.go
index fd6e21db..f1c7dd7b 100644
--- a/internal/auth/domain/user.go
+++ b/internal/auth/domain/user.go
@@ -75,11 +75,19 @@ type (
 		ID       UserID
 		Password PasswordHash
 	}
+
+	UserAPIKeyChanged struct {
+		bus.Notification
+
+		ID  UserID
+		Key APIKey
+	}
 )
 
 func (UserRegistered) Name_() string      { return "auth.event.user_registered" }
 func (UserEmailChanged) Name_() string    { return "auth.event.user_email_changed" }
 func (UserPasswordChanged) Name_() string { return "auth.event.user_password_changed" }
+func (UserAPIKeyChanged) Name_() string   { return "auth.event.user_api_key_changed" }
 
 func NewUser(emailRequirement EmailRequirement, password PasswordHash, key APIKey) (u User, err error) {
 	email, err := emailRequirement.Met()
@@ -144,6 +152,18 @@ func (u *User) HasPassword(password PasswordHash) {
 	})
 }
 
+// Updates the user API key
+func (u *User) HasAPIKey(key APIKey) {
+	if u.key == key {
+		return
+	}
+
+	u.apply(UserAPIKeyChanged{
+		ID:  u.id,
+		Key: key,
+	})
+}
+
 func (u *User) ID() UserID             { return u.id }
 func (u *User) Password() PasswordHash { return u.password }
 
@@ -159,6 +179,8 @@ func (u *User) apply(e event.Event) {
 		u.email = evt.Email
 	case UserPasswordChanged:
 		u.password = evt.Password
+	case UserAPIKeyChanged:
+		u.key = evt.Key
 	}
 
 	event.Store(u, e)
diff --git a/internal/auth/domain/user_test.go b/internal/auth/domain/user_test.go
index 58e491f5..76441676 100644
--- a/internal/auth/domain/user_test.go
+++ b/internal/auth/domain/user_test.go
@@ -65,4 +65,16 @@ func Test_User(t *testing.T) {
 		testutil.Equals(t, u.ID(), evt.ID)
 		testutil.Equals(t, "anotherPassword", evt.Password)
 	})
+
+	t.Run("should be able to change API key", func(t *testing.T) {
+		u := must.Panic(domain.NewUser(domain.NewEmailRequirement("some@email.com", true), "someHashedPassword", "apikey"))
+
+		u.HasAPIKey("apikey") // no change, should not trigger events
+		u.HasAPIKey("anotherKey")
+
+		testutil.HasNEvents(t, &u, 2)
+		evt := testutil.EventIs[domain.UserAPIKeyChanged](t, &u, 1)
+		testutil.Equals(t, u.ID(), evt.ID)
+		testutil.Equals(t, "anotherKey", evt.Key)
+	})
 }
diff --git a/internal/auth/infra/memory/users.go b/internal/auth/infra/memory/users.go
index ba9cbf39..760061f2 100644
--- a/internal/auth/infra/memory/users.go
+++ b/internal/auth/infra/memory/users.go
@@ -103,6 +103,14 @@ func (s *usersStore) Write(ctx context.Context, users ...*domain.User) error {
 					key:   evt.Key,
 					value: user,
 				})
+			case domain.UserAPIKeyChanged:
+				for _, u := range s.users {
+					if u.id == evt.ID {
+						u.key = evt.Key
+						*u.value = *user
+						break
+					}
+				}
 			default:
 				for _, u := range s.users {
 					if u.id == user.ID() {
diff --git a/internal/auth/infra/mod.go b/internal/auth/infra/mod.go
index 3fe89bcd..64ef3186 100644
--- a/internal/auth/infra/mod.go
+++ b/internal/auth/infra/mod.go
@@ -7,6 +7,7 @@ import (
 
 	"github.com/YuukanOO/seelf/internal/auth/app/create_first_account"
 	"github.com/YuukanOO/seelf/internal/auth/app/login"
+	"github.com/YuukanOO/seelf/internal/auth/app/refresh_api_key"
 	"github.com/YuukanOO/seelf/internal/auth/app/update_user"
 	"github.com/YuukanOO/seelf/internal/auth/domain"
 	"github.com/YuukanOO/seelf/internal/auth/infra/crypto"
@@ -28,6 +29,7 @@ func Setup(
 	bus.Register(b, login.Handler(usersStore, passwordHasher))
 	bus.Register(b, create_first_account.Handler(usersStore, usersStore, passwordHasher, keyGenerator))
 	bus.Register(b, update_user.Handler(usersStore, usersStore, passwordHasher))
+	bus.Register(b, refresh_api_key.Handler(usersStore, usersStore, keyGenerator))
 	bus.Register(b, authQueryHandler.GetProfile)
 
 	return usersStore, db.Migrate(authsqlite.Migrations)
diff --git a/internal/auth/infra/sqlite/users.go b/internal/auth/infra/sqlite/users.go
index 8cdcf9d0..0149f604 100644
--- a/internal/auth/infra/sqlite/users.go
+++ b/internal/auth/infra/sqlite/users.go
@@ -110,6 +110,13 @@ func (s *usersStore) Write(c context.Context, users ...*domain.User) error {
 				}).
 				F("WHERE id = ?", evt.ID).
 				Exec(s.db, ctx)
+		case domain.UserAPIKeyChanged:
+			return builder.
+				Update("users", builder.Values{
+					"api_key": evt.Key,
+				}).
+				F("WHERE id = ?", evt.ID).
+				Exec(s.db, ctx)
 		default:
 			return nil
 		}