This repository has been archived on 2023-07-09. You can view files and clone it, but cannot push or open issues or pull requests.
sudoscientist-go-backend/packages/auth/auth.go

178 lines
4.3 KiB
Go
Raw Normal View History

2019-02-03 06:57:08 +00:00
package auth
import (
"database/sql"
"encoding/json"
2019-04-14 03:38:51 +00:00
"fmt"
2019-02-07 04:46:30 +00:00
"git.minhas.io/asara/sudoscientist/packages/users"
2019-04-14 03:38:51 +00:00
"github.com/badoux/checkmail"
2019-02-03 06:57:08 +00:00
"github.com/dgrijalva/jwt-go"
"github.com/go-chi/chi"
"github.com/go-chi/jwtauth"
"github.com/go-chi/render"
"golang.org/x/crypto/bcrypt"
"net/http"
2019-04-14 03:38:51 +00:00
"time"
2019-02-03 06:57:08 +00:00
)
var (
DB *sql.DB
TokenAuth *jwtauth.JWTAuth
)
2019-04-14 03:38:51 +00:00
type RegistrationError struct {
Message string `json:"error"`
}
type SignUpCredentials struct {
Username string `json:"username", db:"username"`
Email string `json:"email", db:"email"`
Password string `json:"password", db:"password"`
}
type SignInCredentials struct {
2019-02-03 06:57:08 +00:00
Username string `json:"username", db:"username"`
2019-02-07 04:46:30 +00:00
Password string `json:"password", db:"password"`
2019-02-03 06:57:08 +00:00
}
2019-04-14 03:38:51 +00:00
type Claims struct {
Username string `json:"username"`
jwt.StandardClaims
}
2019-04-14 16:44:02 +00:00
type JWT struct {
2019-04-14 03:38:51 +00:00
JWT string `json:"jwt"`
}
2019-02-03 06:57:08 +00:00
func Init() {
2019-04-14 03:38:51 +00:00
DB.Exec("CREATE TABLE IF NOT EXISTS users (username text primary key, email text, password text, admin boolean);")
2019-02-03 06:57:08 +00:00
}
func Routes() *chi.Mux {
2019-04-14 16:44:02 +00:00
r := chi.NewRouter()
r.Post("/signin", signin)
r.Post("/register", register)
r.Group(func(r chi.Router) {
r.Use(jwtauth.Verifier(TokenAuth))
r.Use(jwtauth.Authenticator)
r.Post("/refresh", refresh)
})
return r
2019-02-03 06:57:08 +00:00
}
2019-04-14 16:44:02 +00:00
func register(w http.ResponseWriter, r *http.Request) {
2019-04-14 03:38:51 +00:00
returnError := RegistrationError{}
creds := &SignUpCredentials{}
2019-02-03 06:57:08 +00:00
err := json.NewDecoder(r.Body).Decode(creds)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
2019-04-14 03:38:51 +00:00
fmt.Println(err)
return
}
if creds.Username == "" {
returnError.Message = "username is required"
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
2019-02-03 06:57:08 +00:00
return
}
2019-04-14 03:38:51 +00:00
if creds.Password == "" {
returnError.Message = "password is required"
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
return
}
if creds.Email == "" {
returnError.Message = "email is required"
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
return
}
err = checkmail.ValidateFormat(creds.Email)
if err != nil {
returnError.Message = "email not valid"
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
return
}
2019-02-03 06:57:08 +00:00
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(creds.Password), 10)
2019-04-14 03:38:51 +00:00
s := `INSERT INTO users (username, email, password, admin)
VALUES ($1, $2, $3, $4)`
if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false); err != nil {
2019-02-03 06:57:08 +00:00
w.WriteHeader(http.StatusInternalServerError)
fmt.Println(err)
return
}
2019-04-14 03:38:51 +00:00
users.CreateProfile(creds.Username, creds.Email)
2019-02-03 06:57:08 +00:00
w.WriteHeader(http.StatusCreated)
2019-04-14 03:38:51 +00:00
expirationTime := time.Now().Add(6 * time.Hour)
claims := &Claims{
Username: creds.Username,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(),
},
}
_, tokenString, _ := TokenAuth.Encode(claims)
2019-04-14 16:44:02 +00:00
token := JWT{
2019-04-14 03:38:51 +00:00
JWT: tokenString,
}
render.JSON(w, r, token)
2019-02-03 06:57:08 +00:00
}
2019-02-08 04:43:26 +00:00
func signin(w http.ResponseWriter, r *http.Request) {
2019-04-14 03:38:51 +00:00
creds := &SignInCredentials{}
2019-02-03 06:57:08 +00:00
err := json.NewDecoder(r.Body).Decode(creds)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
result := DB.QueryRow("SELECT password FROM users WHERE username=$1", creds.Username)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
2019-04-14 03:38:51 +00:00
storedCreds := &SignInCredentials{}
2019-02-03 06:57:08 +00:00
err = result.Scan(&storedCreds.Password)
if err != nil {
if err == sql.ErrNoRows {
w.WriteHeader(http.StatusUnauthorized)
return
}
w.WriteHeader(http.StatusInternalServerError)
return
}
if err = bcrypt.CompareHashAndPassword([]byte(storedCreds.Password), []byte(creds.Password)); err != nil {
w.WriteHeader(http.StatusUnauthorized)
}
w.WriteHeader(http.StatusOK)
2019-04-14 03:38:51 +00:00
expirationTime := time.Now().Add(5 * time.Hour)
claims := &Claims{
Username: creds.Username,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(),
},
}
_, tokenString, _ := TokenAuth.Encode(claims)
2019-04-14 16:44:02 +00:00
token := JWT{
JWT: tokenString,
}
render.JSON(w, r, token)
}
func refresh(w http.ResponseWriter, r *http.Request) {
_, claims, _ := jwtauth.FromContext(r.Context())
w.WriteHeader(http.StatusOK)
expirationTime := time.Now().Add(5 * time.Hour)
2019-04-14 17:29:15 +00:00
newClaims := &Claims{
2019-04-14 16:44:02 +00:00
Username: claims["username"].(string),
StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(),
},
}
_, tokenString, _ := TokenAuth.Encode(newClaims)
token := JWT{
2019-04-14 03:38:51 +00:00
JWT: tokenString,
}
render.JSON(w, r, token)
2019-02-03 06:57:08 +00:00
}