package controllers import ( "go-crud/initializers" "go-crud/models" "net/http" "os" "time" "github.com/gin-gonic/gin" "github.com/golang-jwt/jwt/v4" "golang.org/x/crypto/bcrypt" ) func Signup(c *gin.Context) { // Get the email/pass off req body var body struct { Email string Password string } if err := c.ShouldBind(&body); err != nil { c.JSON(http.StatusBadRequest, gin.H{ "error": "Failed to read body", }) return } // Hash the password hash, err := bcrypt.GenerateFromPassword([]byte(body.Password), 10) if err != nil { c.JSON(http.StatusBadRequest, gin.H{ "error": "Failed to generate pass hash", }) return } // Create the user user := models.User{Email: body.Email, Password: string(hash)} result := initializers.DB.Create(&user) if result.Error != nil { c.JSON(http.StatusBadRequest, gin.H{ "error": "Failed to create user", }) return } // Respond c.JSON(http.StatusOK, gin.H{}) } func Login(c *gin.Context) { // Get the email/pass off req body var body struct { Email string Password string } if err := c.ShouldBind(&body); err != nil { c.JSON(http.StatusBadRequest, gin.H{ "error": "Failed to read body", }) return } // Look up requested user var user models.User initializers.DB.First(&user, "email = ?", body.Email) if user.ID == 0 { c.JSON(http.StatusBadRequest, gin.H{ "error": "Invalid email or pass", }) return } // Compare sent in pass with saved user pass hash err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(body.Password)) if err != nil { c.JSON(http.StatusBadRequest, gin.H{ "error": "Invalid email or pass", }) return } // Generate a jwt token token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ "sub": user.ID, "exp": time.Now().Add(time.Hour * 24 * 30).Unix(), }) // Sign and get the complete encoded token as a string using the secret token tokenString, err := token.SignedString([]byte(os.Getenv("SECRET"))) if err != nil { c.JSON(http.StatusBadRequest, gin.H{ "error": "Failed to create token", }) return } // Send it back c.SetSameSite(http.SameSiteLaxMode) c.SetCookie("Authorization", tokenString, 3600*24*30, "", "", false, true) c.JSON(http.StatusOK, gin.H{ "token": tokenString, }) } func Validate(c *gin.Context) { user, _ := c.Get("user") c.JSON(http.StatusOK, gin.H{ "message": user, }) }