You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
115 lines
2.4 KiB
115 lines
2.4 KiB
package controllers |
|
|
|
import ( |
|
"go-crud/initializers" |
|
"go-crud/models" |
|
"net/http" |
|
"os" |
|
"time" |
|
|
|
"github.com/gin-gonic/gin" |
|
"github.com/golang-jwt/jwt/v4" |
|
"golang.org/x/crypto/bcrypt" |
|
) |
|
|
|
func Signup(c *gin.Context) { |
|
// Get the email/pass off req body |
|
var body struct { |
|
Email string |
|
Password string |
|
} |
|
if err := c.ShouldBind(&body); err != nil { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Failed to read body", |
|
}) |
|
return |
|
} |
|
|
|
// Hash the password |
|
hash, err := bcrypt.GenerateFromPassword([]byte(body.Password), 10) |
|
if err != nil { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Failed to generate pass hash", |
|
}) |
|
return |
|
} |
|
|
|
// Create the user |
|
user := models.User{Email: body.Email, Password: string(hash)} |
|
result := initializers.DB.Create(&user) |
|
|
|
if result.Error != nil { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Failed to create user", |
|
}) |
|
return |
|
} |
|
|
|
// Respond |
|
c.JSON(http.StatusOK, gin.H{}) |
|
} |
|
|
|
func Login(c *gin.Context) { |
|
// Get the email/pass off req body |
|
var body struct { |
|
Email string |
|
Password string |
|
} |
|
if err := c.ShouldBind(&body); err != nil { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Failed to read body", |
|
}) |
|
return |
|
} |
|
|
|
// Look up requested user |
|
var user models.User |
|
initializers.DB.First(&user, "email = ?", body.Email) |
|
if user.ID == 0 { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Invalid email or pass", |
|
}) |
|
return |
|
} |
|
|
|
// Compare sent in pass with saved user pass hash |
|
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(body.Password)) |
|
|
|
if err != nil { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Invalid email or pass", |
|
}) |
|
return |
|
} |
|
|
|
// Generate a jwt token |
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ |
|
"sub": user.ID, |
|
"exp": time.Now().Add(time.Hour * 24 * 30).Unix(), |
|
}) |
|
|
|
// Sign and get the complete encoded token as a string using the secret token |
|
tokenString, err := token.SignedString([]byte(os.Getenv("SECRET"))) |
|
|
|
if err != nil { |
|
c.JSON(http.StatusBadRequest, gin.H{ |
|
"error": "Failed to create token", |
|
}) |
|
return |
|
} |
|
|
|
// Send it back |
|
c.SetSameSite(http.SameSiteLaxMode) |
|
c.SetCookie("Authorization", tokenString, 3600*24*30, "", "", false, true) |
|
c.JSON(http.StatusOK, gin.H{ |
|
"token": tokenString, |
|
}) |
|
} |
|
|
|
func Validate(c *gin.Context) { |
|
user, _ := c.Get("user") |
|
|
|
c.JSON(http.StatusOK, gin.H{ |
|
"message": user, |
|
}) |
|
}
|
|
|