tovi
/
Envelope
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Encrypted messaging app
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
61 Commits
3 Branches
16 MiB
Tree: 727928ba2f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '727928ba2f'
${ noResults }
Envelope/Backend/Api/Auth/Login.go

103 lines
2.5 KiB
Raw Normal View History

Working on initial encryption key generation & authentication
2 years ago
Update the profile page Add change password page and route Add disappearing messages page and route Add the ability to change the server URL Update the look and feel of the qr code
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Rebrand back to "Envelope" Add back button to QR Reader page
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Update the profile page Add change password page and route Add disappearing messages page and route Add the ability to change the server URL Update the look and feel of the qr code
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Message conversations syncing to device
2 years ago
Finish sending messages
2 years ago
Add profile images for user profiles
2 years ago
Update the profile page Add change password page and route Add disappearing messages page and route Add the ability to change the server URL Update the look and feel of the qr code
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Refactor to use model based create / update / delete
2 years ago
Add profile images for user profiles
2 years ago
Update the profile page Add change password page and route Add disappearing messages page and route Add the ability to change the server URL Update the look and feel of the qr code
2 years ago
Add profile images for user profiles
2 years ago
Update the profile page Add change password page and route Add disappearing messages page and route Add the ability to change the server URL Update the look and feel of the qr code
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Message conversations syncing to device
2 years ago
Friends and conversations sync to device
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Refactor to use model based create / update / delete
2 years ago
Add profile images for user profiles
2 years ago
Friends and conversations sync to device
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Refactor to use model based create / update / delete
2 years ago
Friends and conversations sync to device
2 years ago
Add profile images for user profiles
2 years ago
Friends and conversations sync to device
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Friends and conversations sync to device
2 years ago
Working on initial encryption key generation & authentication
2 years ago
Add profile images for user profiles
2 years ago
Update attachements to send back filename not link
2 years ago
Add profile images for user profiles
2 years ago
Working on initial encryption key generation & authentication
2 years ago
 
  1. package Auth
  2. 

  3. import (
  4. 	"database/sql/driver"
  5. 	"encoding/json"
  6. 	"net/http"
  7. 	"time"
  8. 

  9. 	"git.tovijaeschke.xyz/tovi/Envelope/Backend/Database"
  10. )
  11. 

  12. type credentials struct {
  13. 	Username string `json:"username"`
  14. 	Password string `json:"password"`
  15. }
  16. 

  17. type loginResponse struct {
  18. 	UserID               string `json:"user_id"`
  19. 	Username             string `json:"username"`
  20. 	AsymmetricPublicKey  string `json:"asymmetric_public_key"`
  21. 	AsymmetricPrivateKey string `json:"asymmetric_private_key"`
  22. 	SymmetricKey         string `json:"symmetric_key"`
  23. 	MessageExpiryDefault string `json:"message_expiry_default"`
  24. 	ImageLink            string `json:"image_link"`
  25. }
  26. 

  27. // Login logs the user into the system

  28. func Login(w http.ResponseWriter, r *http.Request) {
  29. 	var (
  30. 		creds            credentials
  31. 		user             Database.User
  32. 		session          Database.Session
  33. 		expiresAt        time.Time
  34. 		messageExpiryRaw driver.Value
  35. 		messageExpiry    string
  36. 		imageLink        string
  37. 		returnJSON       []byte
  38. 		err              error
  39. 	)
  40. 

  41. 	err = json.NewDecoder(r.Body).Decode(&creds)
  42. 	if err != nil {
  43. 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
  44. 		return
  45. 	}
  46. 

  47. 	user, err = Database.GetUserByUsername(creds.Username)
  48. 	if err != nil {
  49. 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
  50. 		return
  51. 	}
  52. 

  53. 	if !CheckPasswordHash(creds.Password, user.Password) {
  54. 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
  55. 		return
  56. 	}
  57. 

  58. 	// TODO: Revisit before production

  59. 	expiresAt = time.Now().Add(12 * time.Hour)
  60. 

  61. 	session = Database.Session{
  62. 		UserID: user.ID,
  63. 		Expiry: expiresAt,
  64. 	}
  65. 

  66. 	err = (&session).CreateSession()
  67. 	if err != nil {
  68. 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
  69. 		return
  70. 	}
  71. 

  72. 	http.SetCookie(w, &http.Cookie{
  73. 		Name:    "session_token",
  74. 		Value:   session.ID.String(),
  75. 		Expires: expiresAt,
  76. 	})
  77. 

  78. 	if user.AttachmentID != nil {
  79. 		imageLink = user.Attachment.FilePath
  80. 	}
  81. 

  82. 	messageExpiryRaw, _ = user.MessageExpiryDefault.Value()
  83. 	messageExpiry, _ = messageExpiryRaw.(string)
  84. 

  85. 	returnJSON, err = json.MarshalIndent(loginResponse{
  86. 		UserID:               user.ID.String(),
  87. 		Username:             user.Username,
  88. 		AsymmetricPublicKey:  user.AsymmetricPublicKey,
  89. 		AsymmetricPrivateKey: user.AsymmetricPrivateKey,
  90. 		SymmetricKey:         user.SymmetricKey,
  91. 		MessageExpiryDefault: messageExpiry,
  92. 		ImageLink:            imageLink,
  93. 	}, "", "  ")
  94. 

  95. 	if err != nil {
  96. 		http.Error(w, "Unauthorized", http.StatusUnauthorized)
  97. 		return
  98. 	}
  99. 

  100. 	// Return updated json

  101. 	w.WriteHeader(http.StatusOK)
  102. 	w.Write(returnJSON)
  103. }