Asara/sudoscientist-go-backend
Archived
1
0
Fork 0
Code Issues Pull requests Releases 2 Wiki Activity

Basic migrations, started breaking out postal stuff

Browse source
This commit is contained in:
Amarpreet Minhas 2020-01-19 00:09:58 -05:00
parent f8cd0cdcf6
commit e082f55ebe
5 changed files with 43 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
main.go
View file

@ -31,7 +31,7 @@ func main() {
users.TokenAuth = auth.TokenAuth users.TokenAuth = auth.TokenAuth
blog.TokenAuth = auth.TokenAuth blog.TokenAuth = auth.TokenAuth
// initilize auth // initilize auth for email verification
auth.Init() auth.Init()
// initiate the routes // initiate the routes

4
migrations/1579409382_verification.down.sql Normal file
View file

@ -0,0 +1,4 @@
BEGIN;
ALTER TABLE users
DROP COLUMN verified IF EXISTS;
COMMIT;

4
migrations/1579409382_verification.up.sql Normal file
View file

@ -0,0 +1,4 @@
BEGIN;
ALTER TABLE users
ADD COLUMN verified boolean NOT NULL DEFAULT false;
COMMIT;

45
packages/auth/auth.go
View file

@ -21,6 +21,7 @@ import (
var ( var (
DB *sql.DB DB *sql.DB
TokenAuth *jwtauth.JWTAuth TokenAuth *jwtauth.JWTAuth
EmailAuth *jwtauth.JWTAuth
PostalEnabled bool PostalEnabled bool
PostalKey string PostalKey string
PostalAPI string PostalAPI string
@ -28,10 +29,13 @@ var (
func Init() { func Init() {
if postal_key, ok := os.LookupEnv("POSTAL_KEY"); ok { if postal_key, ok := os.LookupEnv("POSTAL_KEY"); ok {
PostalKey = postal_key
if postal_api, ok := os.LookupEnv("POSTAL_API"); ok { if postal_api, ok := os.LookupEnv("POSTAL_API"); ok {
PostalAPI = postal_api if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok {
PostalEnabled = true EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil)
PostalKey = postal_key
PostalAPI = postal_api
PostalEnabled = true
}
} }
} }
} }
@ -40,6 +44,10 @@ type ReturnError struct {
Message string `json:"error"` Message string `json:"error"`
} }
type ReturnSuccess struct {
Message string `json:"msg"`
}
type SignUpCredentials struct { type SignUpCredentials struct {
Username string `json:"username", db:"username"` Username string `json:"username", db:"username"`
Email string `json:"email", db:"email"` Email string `json:"email", db:"email"`
@ -74,6 +82,7 @@ func Routes() *chi.Mux {
func register(w http.ResponseWriter, r *http.Request) { func register(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{} returnError := ReturnError{}
returnSuccess := ReturnSuccess{}
creds := &SignUpCredentials{} creds := &SignUpCredentials{}
err := json.NewDecoder(r.Body).Decode(creds) err := json.NewDecoder(r.Body).Decode(creds)
if err != nil { if err != nil {
@ -108,26 +117,38 @@ func register(w http.ResponseWriter, r *http.Request) {
} }
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(creds.Password), 10) hashedPassword, err := bcrypt.GenerateFromPassword([]byte(creds.Password), 10)
s := `INSERT INTO users (username, email, password, admin) s := `INSERT INTO users (username, email, password, admin, verified)
VALUES ($1, $2, $3, $4)` VALUES ($1, $2, $3, $4, $5)`
if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false); err != nil { if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false, false); err != nil {
returnError.Message = "unexpected error. please contact the administrator"
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
fmt.Println(err) fmt.Println(err)
return return
} }
users.CreateProfile(creds.Username, creds.Email) users.CreateProfile(creds.Username, creds.Email)
w.WriteHeader(http.StatusCreated) expirationTime := time.Now().Add(24 * time.Hour)
expirationTime := time.Now().Add(6 * time.Hour)
claims := &Claims{ claims := &Claims{
Username: creds.Username, Username: creds.Username,
StandardClaims: jwt.StandardClaims{ StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(), ExpiresAt: expirationTime.Unix(),
}, },
} }
if PostalEnabled {
_, emailToken, _ := EmailAuth.Encode(claims)
fmt.Println(emailToken)
w.WriteHeader(http.StatusCreated)
//returnSuccess.Message = "User added. Please check your email for a verification link"
returnSuccess.Message = emailToken
render.JSON(w, r, returnSuccess)
return
}
_, tokenString, _ := TokenAuth.Encode(claims) _, tokenString, _ := TokenAuth.Encode(claims)
token := setCookies(w, tokenString, expirationTime) setCookies(w, tokenString, expirationTime)
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusCreated)
render.JSON(w, r, token) returnSuccess.Message = "User created! Welcome to the site!"
render.JSON(w, r, returnSuccess)
return
} }
func signin(w http.ResponseWriter, r *http.Request) { func signin(w http.ResponseWriter, r *http.Request) {
@ -151,7 +172,7 @@ func signin(w http.ResponseWriter, r *http.Request) {
if err = bcrypt.CompareHashAndPassword([]byte(storedCreds.Password), []byte(creds.Password)); err != nil { if err = bcrypt.CompareHashAndPassword([]byte(storedCreds.Password), []byte(creds.Password)); err != nil {
w.WriteHeader(http.StatusUnauthorized) w.WriteHeader(http.StatusUnauthorized)
} }
expirationTime := time.Now().Add(5 * time.Hour) expirationTime := time.Now().Add(24 * time.Hour)
claims := &Claims{ claims := &Claims{
Username: creds.Username, Username: creds.Username,
StandardClaims: jwt.StandardClaims{ StandardClaims: jwt.StandardClaims{

1
settings/website.env-sample
View file

@ -1,3 +1,4 @@
export API_PORT="8080" export API_PORT="8080"
export EMAIL_SECRET="CHANGEMEALSOPLS"
export JWT_SECRET="CHANGEMEALSO" export JWT_SECRET="CHANGEMEALSO"
export POSTAL_API="https://POSTAL_URL" export POSTAL_API="https://POSTAL_URL"