|
- package endpoints
-
- import (
- "encoding/json"
- "net/http"
- "time"
-
- "github.com/golang-jwt/jwt/v4"
- "github.com/imosed/signet/auth"
- . "github.com/imosed/signet/data"
- "github.com/rs/zerolog/log"
- "github.com/spf13/viper"
- )
-
- type LoginResponse struct {
- Token *string `json:"token"`
- }
-
- func Login(w http.ResponseWriter, r *http.Request) {
- var req AuthenticationRequest
- err := json.NewDecoder(r.Body).Decode(&req)
- if err != nil {
- log.Error().Err(err).Msg("Failed to decode body in login attempt")
- return
- }
-
- var userData struct {
- ID uint
- Password string
- Privileges uint
- }
-
- var resp LoginResponse
- Db.Table("users").Select("id, password, privileges").
- Where("username = ?", req.Username).First(&userData)
- var passwordMatches bool
- passwordMatches, err = ComparePasswordAndHash(req.Password, userData.Password)
- if err != nil {
- log.Error().Err(err).Msg("Could not compare password to hash in login attempt")
- return
- }
- if !passwordMatches {
- resp.Token = nil
- err = json.NewEncoder(w).Encode(resp)
- if err != nil {
- log.Error().Err(err).Msg("Failed to deliver failed login attempt response")
- }
- return
- }
-
- token := jwt.NewWithClaims(jwt.SigningMethodHS256, &auth.Claims{
- Username: req.Username,
- Privileges: userData.Privileges,
- RegisteredClaims: jwt.RegisteredClaims{
- ExpiresAt: jwt.NewNumericDate(time.Now().Add(10 * time.Hour)),
- },
- })
-
- secret := viper.GetString("app.secretKey")
- tokenString, err := token.SignedString([]byte(secret))
- if err != nil {
- log.Error().Err(err).Msg("Could not generate JWT token")
- return
- }
- resp.Token = &tokenString
-
- err = json.NewEncoder(w).Encode(resp)
- if err != nil {
- log.Error().Err(err).Msg("Could not deliver response in Login call")
- }
- }
|
