initial commit
This commit is contained in:
commit
d40b69f1f9
SSH key fingerprint:
SHA256:y04xIFL/yqNaG9ae9Vl95vELtHfApGAIoOGLeVLP/fE
58 changed files with 7919 additions and 0 deletions
86
backend/routes/login.go
Normal file
86
backend/routes/login.go
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
package routes
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"git.red-panda.pet/pandaware/house/backend/db"
|
||||
"git.red-panda.pet/pandaware/house/backend/middleware"
|
||||
"git.red-panda.pet/pandaware/house/backend/router"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
func init() {
|
||||
routes["POST"]["/login"] = new(Login)
|
||||
}
|
||||
|
||||
type loginBody struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
type loginResponse struct {
|
||||
User db.GetUserRow `json:"user"`
|
||||
}
|
||||
|
||||
type Login struct{}
|
||||
|
||||
// ValidateBody implements router.ValidatedBodyRoute.
|
||||
func (l *Login) ValidateBody(ctx *router.Context) error {
|
||||
return middleware.ParseJSONBody[loginBody](ctx)
|
||||
}
|
||||
|
||||
// Handle implements router.Route.
|
||||
func (l *Login) Handle(ctx *router.Context) error {
|
||||
body := middleware.JSONBody[loginBody](l, ctx)
|
||||
|
||||
user, err := ctx.Query.GetUserPassword(ctx, body.Username)
|
||||
if err != nil {
|
||||
return ctx.Error(err, http.StatusBadRequest, "Invalid credentials")
|
||||
}
|
||||
|
||||
err = bcrypt.CompareHashAndPassword(user.Password, []byte(body.Password))
|
||||
if err != nil {
|
||||
return ctx.Error(err, http.StatusBadRequest, "Invalid credentials")
|
||||
}
|
||||
|
||||
tokenBs := make([]byte, 32)
|
||||
_, err = rand.Read(tokenBs)
|
||||
if err != nil {
|
||||
return ctx.GenericError(err, http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
encodedToken := base64.StdEncoding.EncodeToString(tokenBs)
|
||||
hashedToken := sha256.Sum256(tokenBs)
|
||||
|
||||
_, err = ctx.Query.CreateSession(ctx, db.CreateSessionParams{
|
||||
Key: hashedToken[:],
|
||||
UserID: user.ID,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return ctx.GenericError(err, http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
loggedInUser, err := ctx.Query.GetUser(ctx, user.ID)
|
||||
if err != nil {
|
||||
return ctx.GenericError(err, http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
ctx.SetCookie(&http.Cookie{
|
||||
Name: "session",
|
||||
Value: encodedToken,
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
})
|
||||
|
||||
return ctx.JSON(200, loginResponse{
|
||||
User: loggedInUser,
|
||||
})
|
||||
}
|
||||
|
||||
var _ router.ValidatedBodyRoute = new(Login)
|
||||
Loading…
Add table
Add a link
Reference in a new issue