-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth_controller.go
123 lines (102 loc) · 3.05 KB
/
auth_controller.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package controller
import (
"encoding/json"
"net/http"
"time"
"github.com/eaciit/toolkit"
"github.com/kharism/microservice_simple/util"
"github.com/kharism/microservice_simple/service"
"github.com/kharism/microservice_simple/model"
"github.com/dgrijalva/jwt-go"
"github.com/go-chi/chi"
"github.com/go-chi/jwtauth"
"github.com/spf13/viper"
)
const jwtKeyID = "_id"
// IAuthRestAPI user controller interface
// RegisterUser -> the register user request handler
// VerifyLogin -> this is the one handling login request
type IAuthRestAPI interface {
VerifyLogin(w http.ResponseWriter, r *http.Request)
RegisterUser(w http.ResponseWriter, r *http.Request)
Register() http.Handler
}
// authentication controller struct
// simple implementation with mongodb backend as prototyping backend
type authController struct {
tokenAuth *jwtauth.JWTAuth
auth func() service.IAuth
//rkas func() service.IRKAS
}
// create new auth controller
func NewAuth(tokenAuth *jwtauth.JWTAuth) IAuthRestAPI {
return &authController{
auth: service.NewAuth,
//rkas: service.NewRKAS,
tokenAuth: tokenAuth,
}
}
// handler for register new user
// payload :
// {
// "Username":"string",
// "Password":"string",
// }
func (c *authController) RegisterUser(w http.ResponseWriter, r *http.Request) {
data := model.User{}
if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
util.WriteJSONError(w, err)
return
}
err := c.auth().RegisterUser(data)
if err != nil {
util.WriteJSONError(w, err)
return
}
response := toolkit.M{}
response["IsError"] = false
util.WriteJSONData(w, response)
}
// handler for login. On success login return the userdata with JWT Token.
// Probably need to remove unneccessary field due to security reason
// payload :
// {
// "Username":"string",
// "Password":"string",
// }
// response: json representation of the User struct with Token field filled with JWTAuth token
// Some service in the microserve will require JWT Token as authentication method
// use the token as HTTP Header "Authorization" with value "BEARER "+token
// for more example refer to TestItems functions on auth_controller_test.go
func (c *authController) VerifyLogin(w http.ResponseWriter, r *http.Request) {
var (
user model.User
err error
)
// parse basic auth request
data := model.User{}
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
util.WriteJSONError(w, err)
return
}
user, err = c.auth().VerifyPassword(data.Username, data.Password)
if err != nil {
util.WriteJSONError(w, err)
return
}
// use user id and username info on generating jwt token
expirationInSecond := viper.GetInt64("jwt_expiration_duration")
_, tokenString, _ := c.tokenAuth.Encode(jwt.MapClaims{
jwtKeyID: user.ID,
"username": user.Username,
"exp": int64(time.Now().Add(time.Second * time.Duration(expirationInSecond)).Unix()),
})
user.Token = tokenString
util.WriteJSONData(w, user)
}
func (c *authController) Register() http.Handler {
r := chi.NewRouter()
r.Post("/", c.VerifyLogin)
r.Post("/registeruser", c.RegisterUser)
return r
}