-
Notifications
You must be signed in to change notification settings - Fork 2
/
auth-frontend.go
87 lines (72 loc) · 1.99 KB
/
auth-frontend.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package main
import (
"encoding/json"
"fmt"
"net/http"
"time"
jwtmiddleware "github.com/auth0/go-jwt-middleware"
"github.com/form3tech-oss/jwt-go"
)
func MakeUserAuthToken(isAdmin bool, userId, userName string) string {
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"admin": isAdmin,
"userId": userId,
"userName": userName,
"nbf": time.Date(2015, 10, 10, 12, 0, 0, 0, time.UTC).Unix(),
"exp": time.Now().Add(time.Hour * 24).Unix(),
})
tokenString, _ := token.SignedString([]byte(config.Jwtsecret))
return tokenString
}
var jwtMiddleware = jwtmiddleware.New(jwtmiddleware.Options{
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
return ([]byte(config.Jwtsecret)), nil
},
SigningMethod: jwt.SigningMethodHS256,
})
var GetTokenHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Content-Type", "application/json")
var userId string
var password string
type AuthReq struct {
UserId string
Password string
}
decoder := json.NewDecoder(r.Body)
var au AuthReq
err := decoder.Decode(&au)
if err != nil {
//panic()
fmt.Println("Error json")
}
userId = au.UserId
password = au.Password
isAdmin := false
isAuthenticated := false
// Authentication
if userId == "admin" && password == config.AdminPassword {
isAuthenticated = true
isAdmin = true
logger.Infof("Admin %s authenticated successfully", userId)
} else if password == config.UserPassword {
isAuthenticated = true
isAdmin = false
logger.Infof("User %s authenticated successfully", userId)
}
token := MakeUserAuthToken(isAdmin, userId, userId)
body := make(map[string]interface{})
body["token"] = token
if isAuthenticated {
body["token"] = token
body["authenticated"] = true
} else {
body["token"] = ""
body["authenticated"] = false
}
err = json.NewEncoder(w).Encode(body)
if err != nil {
http.Error(w, "Internal server error", 500)
return
}
})