-
Notifications
You must be signed in to change notification settings - Fork 1
/
tokens.go
131 lines (115 loc) · 2.99 KB
/
tokens.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package views
import (
"encoding/json"
"io/ioutil"
"log"
"net/http"
"time"
"github.com/dgrijalva/jwt-go"
"github.com/spf13/viper"
"github.com/tnyie/tny-api/models"
"github.com/tnyie/tny-api/util"
)
// InspectToken returns a status 200 if logged in, 403 if not
func InspectToken(w http.ResponseWriter, r *http.Request) {
user, valid, admin := util.CheckLogin(r, "")
if valid {
jsonResp := make(map[string]interface{})
jsonResp["user_id"] = user.UID
if admin {
jsonResp["admin"] = admin
}
encoded, err := json.Marshal(jsonResp)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Println("Couldn't unmarshall response")
return
}
respondJSON(w, encoded, http.StatusOK)
return
}
log.Println(user, valid, admin)
w.WriteHeader(http.StatusUnauthorized)
}
// CreateToken creates an API token
func CreateToken(w http.ResponseWriter, r *http.Request) {
userAuth := getLogin(r)
if userAuth == nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
expirationTime := time.Now().Add(time.Hour * 5)
claims := &models.JWTClaims{
UserID: userAuth.UID,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(),
IssuedAt: time.Now().Unix(),
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString([]byte(viper.GetString("tny.auth.key")))
if err != nil {
log.Println("Couldn't sign jwt\n", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
jsonResp := make(map[string]interface{})
jsonResp["token"] = tokenString
encoded, err := json.Marshal(jsonResp)
if err != nil {
log.Println("Couldn't unmarshall token response")
w.WriteHeader(http.StatusInternalServerError)
return
}
respondJSON(w, encoded, http.StatusCreated)
}
func CreateAPIKey(w http.ResponseWriter, r *http.Request) {
user := getLogin(r)
if user != nil {
key, err := models.GenerateAPIKey(user.UID)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Println("Couldn't create api key")
return
}
jsonResp := make(map[string]interface{})
jsonResp["key"] = key.ID
encoded, err := json.Marshal(jsonResp)
if err != nil {
log.Println("Couldn't unmarshall token response")
w.WriteHeader(http.StatusInternalServerError)
return
}
respondJSON(w, encoded, http.StatusCreated)
return
}
w.WriteHeader(http.StatusUnauthorized)
}
func getLogin(r *http.Request) *models.UserAuth {
jsonMap := make(map[string]string)
bd, err := ioutil.ReadAll(r.Body)
if err != nil {
log.Println("Error reading request body\n", err)
return nil
}
err = json.Unmarshal(bd, &jsonMap)
if err != nil {
log.Println("Couldn't unmarshall json body")
return nil
}
userAuth := &models.UserAuth{
Email: jsonMap["email"],
// Username: jsonMap["username"],
}
err = userAuth.GetByEmail()
if err != nil {
log.Println("Failed to fetch user auth")
return nil
}
err = userAuth.VerifyPassword(jsonMap["password"])
if err != nil {
log.Println("Incorrect password")
return nil
}
return userAuth
}