usememos · boojack · Aug 10, 2023 · Aug 10, 2023
@@ -19,8 +19,6 @@ const (
 
 	// CookieExpDuration expires slightly earlier than the jwt expiration. Client would be logged out if the user
 	// cookie expires, thus the client would always logout first before attempting to make a request with the expired jwt.
-	// Suppose we have a valid refresh token, we will refresh the token in cases:
-	// 1. The access token has already expired, we refresh the token so that the ongoing request can pass through.
 	CookieExpDuration = AccessTokenDuration - 1*time.Minute
 	// AccessTokenCookieName is the cookie name of access token.
 	AccessTokenCookieName = "memos.access-token"

@@ -37,7 +37,7 @@ func GenerateTokensAndSetCookies(c echo.Context, user *store.User, secret string
 	return nil
 }
 
-// RemoveTokensAndCookies removes the jwt token and refresh token from the cookies.
+// RemoveTokensAndCookies removes the jwt token from the cookies.
 func RemoveTokensAndCookies(c echo.Context) {
 	cookieExp := time.Now().Add(-1 * time.Hour)
 	setTokenCookie(c, auth.AccessTokenCookieName, "", cookieExp)
@@ -121,8 +121,6 @@ func audienceContains(audience jwt.ClaimStrings, token string) bool {
 }
 
 // JWTMiddleware validates the access token.
-// If the access token is about to expire or has expired and the request has a valid refresh token, it
-// will try to generate new access token and refresh token.
 func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) echo.HandlerFunc {
 	return func(c echo.Context) error {
 		ctx := c.Request().Context()
@@ -172,7 +170,7 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
 			return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
 		}
 
-		// We either have a valid access token or we will attempt to generate new access token and refresh token
+		// We either have a valid access token or we will attempt to generate new access token.
 		userID, err := util.ConvertStringToInt32(claims.Subject)
 		if err != nil {
 			return echo.NewHTTPError(http.StatusUnauthorized, "Malformed ID in the token.")

@@ -748,35 +748,6 @@ info:
   title: memos API
   version: "1.0"
 paths:
-  /api/v1/GetSystemStatus:
-    get:
-      produces:
-      - application/json
-      responses:
-        "200":
-          description: System GetSystemStatus
-          schema:
-            $ref: '#/definitions/v1.SystemStatus'
-        "401":
-          description: Missing user in session | Unauthorized
-        "500":
-          description: Failed to find host user | Failed to find system setting list
-            | Failed to unmarshal system setting customized profile value
-      summary: Get system GetSystemStatus
-      tags:
-      - system
-  /api/v1/PingSystem:
-    get:
-      produces:
-      - application/json
-      responses:
-        "200":
-          description: System profile
-          schema:
-            $ref: '#/definitions/profile.Profile'
-      summary: Ping the system
-      tags:
-      - system
   /api/v1/auth/signin:
     post:
       consumes:
@@ -1509,6 +1480,18 @@ paths:
       summary: Get memo stats by creator ID or username
       tags:
       - memo
+  /api/v1/ping:
+    get:
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: If succeed to ping the system
+          schema:
+            type: boolean
+      summary: Ping the system
+      tags:
+      - system
   /api/v1/resource:
     get:
       parameters:
@@ -1660,6 +1643,23 @@ paths:
       summary: Upload resource
       tags:
       - resource
+  /api/v1/status:
+    get:
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: System GetSystemStatus
+          schema:
+            $ref: '#/definitions/v1.SystemStatus'
+        "401":
+          description: Missing user in session | Unauthorized
+        "500":
+          description: Failed to find host user | Failed to find system setting list
+            | Failed to unmarshal system setting customized profile value
+      summary: Get system GetSystemStatus
+      tags:
+      - system
   /api/v1/storage:
     get:
       produces:
@@ -1769,24 +1769,6 @@ paths:
       summary: Update a storage
       tags:
       - storage
-  /api/v1/system/ExecVacuum:
-    post:
-      produces:
-      - application/json
-      responses:
-        "200":
-          description: Database vacuumed
-          schema:
-            type: boolean
-        "401":
-          description: Missing user in session | Unauthorized
-        "500":
-          description: Failed to find user | Failed to ExecVacuum database
-      security:
-      - ApiKeyAuth: []
-      summary: Vacuum the database
-      tags:
-      - system
   /api/v1/system/setting:
     get:
       produces:
@@ -1837,6 +1819,24 @@ paths:
       summary: Create system setting
       tags:
       - system-setting
+  /api/v1/system/vacuum:
+    post:
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: Database vacuumed
+          schema:
+            type: boolean
+        "401":
+          description: Missing user in session | Unauthorized
+        "500":
+          description: Failed to find user | Failed to ExecVacuum database
+      security:
+      - ApiKeyAuth: []
+      summary: Vacuum the database
+      tags:
+      - system
   /api/v1/tag:
     get:
       produces:

@@ -53,10 +53,10 @@ func (s *APIV1Service) registerSystemRoutes(g *echo.Group) {
 //	@Summary	Ping the system
 //	@Tags		system
 //	@Produce	json
-//	@Success	200	{object}	profile.Profile	"System profile"
-//	@Router		/api/v1/PingSystem [GET]
-func (s *APIV1Service) PingSystem(c echo.Context) error {
-	return c.JSON(http.StatusOK, s.Profile)
+//	@Success	200	{boolean}	true	"If succeed to ping the system"
+//	@Router		/api/v1/ping [GET]
+func (*APIV1Service) PingSystem(c echo.Context) error {
+	return c.JSON(http.StatusOK, true)
 }
 
 // GetSystemStatus godoc
@@ -67,7 +67,7 @@ func (s *APIV1Service) PingSystem(c echo.Context) error {
 //	@Success	200	{object}	SystemStatus	"System GetSystemStatus"
 //	@Failure	401	{object}	nil				"Missing user in session | Unauthorized"
 //	@Failure	500	{object}	nil				"Failed to find host user | Failed to find system setting list | Failed to unmarshal system setting customized profile value"
-//	@Router		/api/v1/GetSystemStatus [GET]
+//	@Router		/api/v1/status [GET]
 func (s *APIV1Service) GetSystemStatus(c echo.Context) error {
 	ctx := c.Request().Context()
 
@@ -165,7 +165,7 @@ func (s *APIV1Service) GetSystemStatus(c echo.Context) error {
 //	@Failure	401	{object}	nil		"Missing user in session | Unauthorized"
 //	@Failure	500	{object}	nil		"Failed to find user | Failed to ExecVacuum database"
 //	@Security	ApiKeyAuth
-//	@Router		/api/v1/system/ExecVacuum [POST]
+//	@Router		/api/v1/system/vacuum [POST]
 func (s *APIV1Service) ExecVacuum(c echo.Context) error {
 	ctx := c.Request().Context()
 	userID, ok := c.Get(auth.UserIDContextKey).(int32)

@@ -90,11 +90,10 @@ func newMockServer(t *testing.T, code, accessToken string, userinfo []byte) *htt
 
 		w.Header().Set("Content-Type", "application/json")
 		err = json.NewEncoder(w).Encode(map[string]any{
-			"access_token":  accessToken,
-			"token_type":    "Bearer",
-			"refresh_token": "test-refresh-token",
-			"expires_in":    3600,
-			"id_token":      rawIDToken,
+			"access_token": accessToken,
+			"token_type":   "Bearer",
+			"expires_in":   3600,
+			"id_token":     rawIDToken,
 		})
 		require.NoError(t, err)
 	})