feat/user: reworking auth

internal/use-case/main-use-case/authentication/case.go

@@ -10,14 +10,17 @@ import (
 	"github.com/golang-jwt/jwt"
 	"github.com/google/uuid"
 
+	"simrs-vx/internal/domain/main-entities/intern"
 	eu "simrs-vx/internal/domain/main-entities/user"
 
 	pa "simrs-vx/pkg/auth-helper"
 	el "simrs-vx/pkg/logger"
 	p "simrs-vx/pkg/password"
 
+	ed "simrs-vx/internal/domain/main-entities/doctor"
 	ee "simrs-vx/internal/domain/main-entities/employee"
 	erc "simrs-vx/internal/domain/references/common"
+	erg "simrs-vx/internal/domain/references/organization"
 
 	a "github.com/karincake/apem"
 	dg "github.com/karincake/apem/db-gorm-pg"
@@ -92,43 +95,60 @@ func GenToken(input eu.LoginDto) (*d.Data, error) {
 	atExpires := time.Now().Add(duration).Unix()
 	atSecretKey := authCfg.AtSecretKey
 
-	// extra
-	role := []string{}
-	if user.ContractPosition_Code == "employee" {
-		employee := ee.Employee{}
-		dg.I.Where("user_id = ?", user.Id).First(&employee)
-		role = append(role, "emp-"+string(*employee.Position_Code))
-	} else if user.ContractPosition_Code == "intern" {
-		// specialistIntern := esi.SpecialistIntern{}
-		// dg.I.Where("user_id = ?", user.Id).First(&specialistIntern)
-		role = append(role, "spi")
-	}
-
-	// Creating Access Token
+	// Create Claim
 	atClaims := jwt.MapClaims{}
 	atClaims["user_id"] = user.Id
 	atClaims["user_name"] = user.Name
-	// atClaims["user_email"] = user.Email
-	// atClaims["user_position_code"] = user.Position_Code
-	atClaims["user_employementStatus_code"] = user.ContractPosition_Code
-	// atClaims["user_ref_id"] = user.Ref_Id
-	atClaims["exp"] = atExpires
+	atClaims["user_contractPosition_code"] = user.ContractPosition_Code
+	atClaims["division_positions"] = userDivisionPositions
 	atClaims["uuid"] = aUuid
-	atClaims["user_division_positions"] = userDivisionPositions
+	atClaims["exp"] = atExpires
+
+	// Create output
+	outputData := d.II{
+		"user_id":                    strconv.Itoa(int(user.Id)),
+		"user_name":                  user.Name,
+		"user_contractPosition_code": user.ContractPosition_Code,
+	}
+
+	// extra
+	role := []string{}
+	switch user.ContractPosition_Code {
+	case erg.CSCEmp:
+		// employee
+		employee := ee.Employee{}
+		dg.I.Where("\"User_Id\" = ?", user.Id).First(&employee)
+		role = append(role, "emp-"+string(*employee.Position_Code))
+		atClaims["employee_division_code"] = employee.Division_Code
+		outputData["employee_division_code"] = employee.Division_Code
+		// doctor
+		if employee.Id > 0 && employee.Position_Code != nil && *employee.Position_Code == erg.EPCDoc {
+			doctor := ed.Doctor{}
+			dg.I.Where("\"Employee_Id\" = ?", employee.Id).First(&doctor)
+			if doctor.Specialist_Id != nil {
+				atClaims["specialist_id"] = doctor.Specialist_Id
+				outputData["specialist_id"] = doctor.Specialist_Id
+			}
+			if doctor.Subspecialist_Id != nil {
+				atClaims["subspecialist_id"] = doctor.Subspecialist_Id
+				outputData["subspecialist_id"] = doctor.Subspecialist_Id
+			}
+		}
+	case erg.CSCInt:
+		intern := intern.Intern{}
+		dg.I.Where("\"User_Id\" = ?", user.Id).First(&intern)
+		role = append(role, "int-"+string(*intern.Position_Code))
+	}
+	atClaims["roles"] = role
+	outputData["roles"] = role
+
+	// Generate jwt
 	at := jwt.NewWithClaims(jwt.SigningMethodHS256, atClaims)
 	ats, err := at.SignedString([]byte(atSecretKey))
 	if err != nil {
 		return nil, d.FieldErrors{"user": d.FieldError{Code: "token-sign-err", Message: el.GenMessage("token-sign-err")}}
 	}
-
-	outputData := d.II{
-		"user_id":   strconv.Itoa(int(user.Id)),
-		"user_name": user.Name,
-		// "user_email":         user.Email,
-		"user_contractPosition_code": user.ContractPosition_Code,
-		// "user_ref_id":        user.Ref_Id,
-		"accessToken": ats,
-	}
+	outputData["accessToken"] = ats
 
 	// Save to redis
 	now := time.Now()

internal/use-case/main-use-case/authentication/helper.go

@@ -54,7 +54,7 @@ func getDivisionPosition(user_id uint) ([]pa.DivisionPosition, error) {
 		result = append(result, pa.DivisionPosition{
 			Division_Code: func() string {
 				if dp.Division != nil {
-					return dp.Division.Code
+					return "div-" + dp.Division.Code
 				}
 				return ""
 			}(),

internal/use-case/main-use-case/user/case.go

@@ -83,7 +83,7 @@ func Create(input e.CreateDto) (*d.Data, error) {
 			data = *resData
 		}
 
-		if input.ContractPosition_Code == ero.CSCSpi {
+		if input.ContractPosition_Code == ero.CSCInt {
 			createInt := esi.CreateDto{
 				Person_Id:        input.Person_Id,
 				Specialist_Id:    input.Specialist_Id,
@@ -336,7 +336,7 @@ func Update(input e.UpdateDto) (*d.Data, error) {
 			return err
 		}
 
-		if input.ContractPosition_Code == ero.CSCSpi {
+		if input.ContractPosition_Code == ero.CSCInt {
 			readInt := esi.ReadDetailDto{User_Id: &data.Id}
 			readIntData, err := usi.ReadDetailData(readInt, &event, tx)
 			if err != nil {

internal/use-case/main-use-case/user/helper.go

@@ -56,7 +56,7 @@ func setDataEmployeeUpdate(src e.EmployeUpdateDto) ee.UpdateDto {
 func getPersonIdByUserId(userId uint, positionCode erg.ContractPositionCode, event *pl.Event, tx *gorm.DB) (*uint, error) {
 	pl.SetLogInfo(event, nil, "started", "DBGetPersonIdByUserId")
 	if positionCode == erg.CSCEmp {
-	} else if positionCode == erg.CSCSpi {
+	} else if positionCode == erg.CSCInt {
 		specInt, err := usi.ReadDetailData(esi.ReadDetailDto{User_Id: &userId}, event, tx)
 		if err != nil {
 			return nil, err