package Auth
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.tovijaeschke.xyz/tovi/Envelope/Backend/Database"
|
|
"git.tovijaeschke.xyz/tovi/Envelope/Backend/Models"
|
|
)
|
|
|
|
type Credentials struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
type loginResponse struct {
|
|
Status string `json:"status"`
|
|
Message string `json:"message"`
|
|
AsymmetricPublicKey string `json:"asymmetric_public_key"`
|
|
AsymmetricPrivateKey string `json:"asymmetric_private_key"`
|
|
UserID string `json:"user_id"`
|
|
Username string `json:"username"`
|
|
}
|
|
|
|
func makeLoginResponse(w http.ResponseWriter, code int, message, pubKey, privKey string, user Models.User) {
|
|
var (
|
|
status string = "error"
|
|
returnJson []byte
|
|
err error
|
|
)
|
|
if code > 200 && code < 300 {
|
|
status = "success"
|
|
}
|
|
|
|
returnJson, err = json.MarshalIndent(loginResponse{
|
|
Status: status,
|
|
Message: message,
|
|
AsymmetricPublicKey: pubKey,
|
|
AsymmetricPrivateKey: privKey,
|
|
UserID: user.ID.String(),
|
|
Username: user.Username,
|
|
}, "", " ")
|
|
if err != nil {
|
|
http.Error(w, "Error", http.StatusInternalServerError)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
// Return updated json
|
|
w.WriteHeader(code)
|
|
w.Write(returnJson)
|
|
}
|
|
|
|
func Login(w http.ResponseWriter, r *http.Request) {
|
|
var (
|
|
creds Credentials
|
|
userData Models.User
|
|
session Models.Session
|
|
expiresAt time.Time
|
|
err error
|
|
)
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&creds)
|
|
if err != nil {
|
|
makeLoginResponse(w, http.StatusInternalServerError, "An error occurred", "", "", userData)
|
|
return
|
|
}
|
|
|
|
userData, err = Database.GetUserByUsername(creds.Username)
|
|
if err != nil {
|
|
makeLoginResponse(w, http.StatusUnauthorized, "An error occurred", "", "", userData)
|
|
return
|
|
}
|
|
|
|
if !CheckPasswordHash(creds.Password, userData.Password) {
|
|
makeLoginResponse(w, http.StatusUnauthorized, "An error occurred", "", "", userData)
|
|
return
|
|
}
|
|
|
|
// TODO: Revisit before production
|
|
expiresAt = time.Now().Add(12 * time.Hour)
|
|
|
|
session = Models.Session{
|
|
UserID: userData.ID,
|
|
Expiry: expiresAt,
|
|
}
|
|
|
|
err = Database.CreateSession(&session)
|
|
if err != nil {
|
|
makeLoginResponse(w, http.StatusUnauthorized, "An error occurred", "", "", userData)
|
|
return
|
|
}
|
|
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: "session_token",
|
|
Value: session.ID.String(),
|
|
Expires: expiresAt,
|
|
})
|
|
|
|
makeLoginResponse(
|
|
w,
|
|
http.StatusOK,
|
|
"Successfully logged in",
|
|
userData.AsymmetricPublicKey,
|
|
userData.AsymmetricPrivateKey,
|
|
userData,
|
|
)
|
|
}
|