|
- package endpoints
-
- import (
- "encoding/json"
- "net/http"
- "time"
-
- "github.com/golang-jwt/jwt/v4"
- "github.com/imosed/signet/auth"
- . "github.com/imosed/signet/data"
- "github.com/rs/zerolog/log"
- "github.com/spf13/viper"
- )
-
- type LoginResponse struct {
- Token *string `json:"token"`
- LastLogin *time.Time `json:"lastLogin"`
- }
-
- func Login(w http.ResponseWriter, r *http.Request) {
- var req AuthenticationRequest
- err := json.NewDecoder(r.Body).Decode(&req)
- if err != nil {
- log.Error().Err(err).Msg("Failed to decode body in login attempt")
- return
- }
-
- var userData User
-
- var loginTime = time.Now()
-
- var resp LoginResponse
- Db.Table("users").Select("id, password, privileges, last_login").
- Where("username = ?", req.Username).First(&userData)
- var passwordMatches bool
- passwordMatches, err = ComparePasswordAndHash(req.Password, userData.Password)
- if err != nil {
- log.Error().Err(err).Msg("Could not compare password to hash in login attempt")
- return
- }
- if !passwordMatches {
- err = json.NewEncoder(w).Encode(resp)
- if err != nil {
- log.Error().Err(err).Msg("Failed to deliver failed login attempt response")
- }
- return
- }
-
- token := jwt.NewWithClaims(jwt.SigningMethodHS256, &auth.Claims{
- ID: userData.ID,
- Username: req.Username,
- Privileges: userData.Privileges,
- RegisteredClaims: jwt.RegisteredClaims{
- ExpiresAt: jwt.NewNumericDate(loginTime.Add(10 * time.Hour)),
- },
- })
-
- secret := viper.GetString("app.secretKey")
- tokenString, err := token.SignedString([]byte(secret))
- if err != nil {
- log.Error().Err(err).Msg("Could not generate JWT token")
- return
- }
- resp.Token = &tokenString
- resp.LastLogin = userData.LastLogin
-
- if userData.LastLogin != nil {
- // need to set this after the user changes their password
- Db.Table("users").Where("id = ?", userData.ID).Update("last_login", loginTime)
- }
-
- err = json.NewEncoder(w).Encode(resp)
- if err != nil {
- log.Error().Err(err).Msg("Could not deliver response in Login call")
- }
- }
|
