/
auth.go
71 lines (60 loc) · 1.7 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package api
import (
"bytes"
"crypto/sha512"
"database/sql"
"net/http"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v4"
"golang.org/x/crypto/bcrypt"
)
type loginRequest struct {
Username string `json:"username" binding:"required"`
Password string `json:"password" binding:"required"`
}
type Claims struct {
Username string `json:"username"`
jwt.RegisteredClaims
}
func (server *Server) login(ctx *gin.Context) {
var req loginRequest
err := ctx.ShouldBindJSON(&req)
if err != nil {
ctx.JSON(http.StatusBadRequest, errorResponse(err))
}
user, err := server.store.GetUser(ctx, req.Username)
if err != nil {
if err == sql.ErrNoRows {
ctx.JSON(http.StatusNotFound, errorResponse(err))
return
}
ctx.JSON(http.StatusInternalServerError, errorResponse(err))
return
}
hashedInput := sha512.Sum512_256([]byte(req.Password))
trimmedHash := bytes.Trim(hashedInput[:], "\x00")
preparedPassword := string(trimmedHash)
plainTextInBytes := []byte(preparedPassword)
hashTextInBytes := []byte(user.Password)
err = bcrypt.CompareHashAndPassword(hashTextInBytes, plainTextInBytes)
if err != nil {
ctx.JSON(http.StatusUnauthorized, errorResponse(err))
return
}
expirationTime := time.Now().Add(100 * time.Minute)
claims := &Claims{
Username: req.Username,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(expirationTime),
},
}
generatedToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
var jwtSignedKey = []byte("secret_key")
generatedTokenToString, err := generatedToken.SignedString(jwtSignedKey)
if err != nil {
ctx.JSON(http.StatusInternalServerError, errorResponse(err))
return
}
ctx.JSON(http.StatusOK, generatedTokenToString)
}