Removes jwt token from localStorage and store in the http cookie

Signed-off-by: Shiv Verma <[email protected]>

api/design/rating.go

@@ -15,7 +15,6 @@
 package design
 
 import (
-	"github.com/tektoncd/hub/api/design/types"
 	. "goa.design/goa/v3/dsl"
 )
 
@@ -29,13 +28,10 @@ var _ = Service("rating", func() {
 
 	Method("Get", func() {
 		Description("Find user's rating for a resource")
-		Security(types.JWTAuth, func() {
-			Scope("rating:read")
-		})
 		Payload(func() {
 			Attribute("id", UInt, "ID of a resource")
-			Token("token", String, "JWT")
-			Required("id", "token")
+			Attribute("session", String, "Session ID")
+			Required("id", "session")
 		})
 		Result(func() {
 			Attribute("rating", Int, "User rating for resource", func() {
@@ -46,7 +42,8 @@ var _ = Service("rating", func() {
 
 		HTTP(func() {
 			GET("/resource/{id}/rating")
-			Header("token:Authorization")
+			// Header("token:Authorization")
+			Cookie("session:accessToken")
 
 			Response(StatusOK)
 			Response("not-found", StatusNotFound)
@@ -58,22 +55,19 @@ var _ = Service("rating", func() {
 
 	Method("Update", func() {
 		Description("Update user's rating for a resource")
-		Security(types.JWTAuth, func() {
-			Scope("rating:write")
-		})
 		Payload(func() {
 			Attribute("id", UInt, "ID of a resource")
 			Attribute("rating", UInt, "User rating for resource", func() {
 				Minimum(0)
 				Maximum(5)
 			})
-			Token("token", String, "JWT")
-			Required("id", "token", "rating")
+			Attribute("session", String, "Session ID")
+			Required("id", "rating", "session")
 		})
 
 		HTTP(func() {
 			PUT("/resource/{id}/rating")
-			Header("token:Authorization")
+			Cookie("session:accessToken")
 
 			Response(StatusOK)
 			Response("not-found", StatusNotFound)

api/gen/http/openapi.yaml

@@ -158,23 +158,14 @@ paths:
       tags:
       - rating
       summary: Get rating
-      description: |-
-        Find user's rating for a resource
-
-        **Required security scopes for jwt**:
-          * `rating:read`
+      description: Find user's rating for a resource
       operationId: rating#Get
       parameters:
       - name: id
         in: path
         description: ID of a resource
         required: true
         type: integer
-      - name: Authorization
-        in: header
-        description: JWT
-        required: true
-        type: string
       responses:
         "200":
           description: OK response.
@@ -200,29 +191,18 @@ paths:
             $ref: '#/definitions/RatingGetInternalErrorResponseBody'
       schemes:
       - https
-      security:
-      - jwt_header_Authorization: []
     put:
       tags:
       - rating
       summary: Update rating
-      description: |-
-        Update user's rating for a resource
-
-        **Required security scopes for jwt**:
-          * `rating:write`
+      description: Update user's rating for a resource
       operationId: rating#Update
       parameters:
       - name: id
         in: path
         description: ID of a resource
         required: true
         type: integer
-      - name: Authorization
-        in: header
-        description: JWT
-        required: true
-        type: string
       - name: UpdateRequestBody
         in: body
         required: true
@@ -251,8 +231,6 @@ paths:
             $ref: '#/definitions/RatingUpdateInternalErrorResponseBody'
       schemes:
       - https
-      security:
-      - jwt_header_Authorization: []
   /schema/swagger.json:
     get:
       tags:

api/gen/http/openapi3.yaml

@@ -249,6 +249,16 @@ paths:
           description: ID of a resource
           example: 17081788299688252022
         example: 11089527418313215274
+      - name: accessToken
+        in: cookie
+        description: Session ID
+        allowEmptyValue: true
+        required: true
+        schema:
+          type: string
+          description: Session ID
+          example: Ipsum tenetur unde et amet eum hic.
+        example: Consequatur explicabo.
       responses:
         "200":
           description: OK response.
@@ -298,14 +308,6 @@ paths:
                 id: 3F1FKVRR
                 message: Value of ID must be an integer
                 name: bad_request
-      security:
-      - jwt_header_Authorization:
-        - rating:read
-        - rating:write
-        - agent:create
-        - catalog:refresh
-        - config:refresh
-        - refresh:token
     put:
       tags:
       - rating
@@ -320,8 +322,18 @@ paths:
         schema:
           type: integer
           description: ID of a resource
-          example: 9739613307880178607
-        example: 2070151992422837927
+          example: 8741701717887354389
+        example: 12793890618565952106
+      - name: accessToken
+        in: cookie
+        description: Session ID
+        allowEmptyValue: true
+        required: true
+        schema:
+          type: string
+          description: Session ID
+          example: Ipsa minus ut.
+        example: Dolor sit.
       requestBody:
         required: true
         content:
@@ -373,14 +385,6 @@ paths:
                 id: 3F1FKVRR
                 message: Value of ID must be an integer
                 name: bad_request
-      security:
-      - jwt_header_Authorization:
-        - rating:read
-        - rating:write
-        - agent:create
-        - catalog:refresh
-        - config:refresh
-        - refresh:token
   /schema/swagger.json:
     get:
       tags: