-
Notifications
You must be signed in to change notification settings - Fork 28
/
auth.go
94 lines (79 loc) · 2.62 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package controller
import (
"net/http"
"time"
"github.com/RobyFerro/go-web/app/auth"
"github.com/RobyFerro/go-web-framework/kernel"
"github.com/RobyFerro/go-web/database/model"
"github.com/gorilla/sessions"
"github.com/jinzhu/gorm"
"golang.org/x/crypto/bcrypt"
)
type AuthController struct {
kernel.BaseController
}
// JWTAuthentication provides user authentication with JWT
func (c *AuthController) JWTAuthentication(db *gorm.DB, conf *kernel.ServerConf, req kernel.Request) {
var user *model.User
var jwt auth.JWTAuth
c.Response.Header().Add("Content-Type", "application/json")
if u, ok := attemptLogin(db, req["username"].(string), req["password"].(string)); !ok {
c.Response.WriteHeader(http.StatusForbidden)
_, _ = c.Response.Write([]byte("Invalid credentials"))
return
} else {
user = u
}
jwt.Name = user.Name
jwt.Surname = user.Surname
jwt.Username = user.Username
jwt.ID = user.ID
if token, ok := jwt.NewToken(conf.Key, 2*time.Hour); !ok {
c.Response.WriteHeader(http.StatusInternalServerError)
_, _ = c.Response.Write([]byte(`{"error":"token_generation_failed"}`))
return
} else {
_, _ = c.Response.Write([]byte(`{"token":"` + token + `"}`))
}
}
// BasicAuthentication perform basic authentication method
func (c *AuthController) BasicAuthentication(db *gorm.DB, session *sessions.CookieStore, req kernel.Request) {
if user, ok := attemptLogin(db, req["username"].(string), req["password"].(string)); !ok {
c.Response.WriteHeader(http.StatusForbidden)
_, _ = c.Response.Write([]byte("Invalid credentials"))
return
} else {
if err := createAuthSession(session, user, c.Request, c.Response); err != nil {
c.Response.WriteHeader(http.StatusInternalServerError)
_, _ = c.Response.Write([]byte("Invalid credentials"))
return
}
}
c.Response.WriteHeader(http.StatusAccepted)
}
// Create auth session for the current user
func createAuthSession(s *sessions.CookieStore, user *model.User, r *http.Request, w http.ResponseWriter) error {
if session, err := s.Get(r, "basic-auth"); err != nil {
return err
} else {
// Remove password from user structure
//userJson, _ := json.Marshal(user)
session.Values["user"] = user
if err := session.Save(r, w); err != nil {
return err
}
}
return nil
}
// Attempt login
func attemptLogin(db *gorm.DB, username, password string) (*model.User, bool) {
var user model.User
if err := db.Where("username = ?", username).Find(&user); err != nil && err.RecordNotFound() {
return nil, false
}
// Check password
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
return nil, false
}
return &user, true
}