-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
110 lines (93 loc) · 2.94 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
package main
import (
"log"
"net/http"
"os"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
"golang.org/x/crypto/bcrypt"
)
var jwtSecret = []byte(os.Getenv("JWT_SECRET"))
type Claims struct {
Username string `json:"username"`
jwt.RegisteredClaims
}
// Signup handler - Register a new user
func signupHandler(c *gin.Context) {
var creds struct {
Username string `json:"username"`
Password string `json:"password"`
}
if err := c.ShouldBindJSON(&creds); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid input"})
return
}
// Hash the password
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(creds.Password), bcrypt.DefaultCost)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to hash password"})
return
}
// Create a new user
user := User{
Username: creds.Username,
Password: string(hashedPassword),
}
// Save the user in the database
if err := db.Create(&user).Error; err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create user"})
return
}
c.JSON(http.StatusCreated, gin.H{"message": "User created successfully"})
}
func loginHandler(c *gin.Context) {
var creds struct {
Username string `json:"username"`
Password string `json:"password"`
}
log.Printf("In login handlers")
if err := c.ShouldBindJSON(&creds); err != nil {
log.Print("Error in line 63:", err)
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid input"})
return
}
// Find the user in the database
var user User
if err := db.Where("username = ?", creds.Username).First(&user).Error; err != nil {
log.Print("Error in line 71:", err)
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid credentials"})
return
}
// Check if the password matches
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(creds.Password)); err != nil {
log.Print("Error in line 78:", err)
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid credentials"})
return
}
// Generate JWT token
log.Print("Generating jwt token")
expirationTime := time.Now().Add(24 * time.Hour)
claims := &Claims{
Username: creds.Username,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(expirationTime),
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString(jwtSecret)
if err != nil {
log.Print("Error in line 95:", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not generate token"})
return
}
// Set the token as an HttpOnly cookie
log.Print("Setting the token as an HttpOnly cookie")
c.SetCookie("jwt_token", tokenString, 86400, "/", "", true, true) // Secure, HttpOnly
c.JSON(http.StatusOK, gin.H{"message": "Login successful"})
}
func logoutHandler(c *gin.Context) {
// Clear the JWT token cookie by setting an expired cookie
c.SetCookie("jwt_token", "", -1, "/", "", false, true)
c.JSON(http.StatusOK, gin.H{"message": "Logged out successfully"})
}