|
|
@ -3,6 +3,7 @@ package Auth |
|
|
|
import ( |
|
|
|
"database/sql/driver" |
|
|
|
"encoding/json" |
|
|
|
"fmt" |
|
|
|
"net/http" |
|
|
|
"time" |
|
|
|
|
|
|
@ -16,73 +17,43 @@ type credentials struct { |
|
|
|
} |
|
|
|
|
|
|
|
type loginResponse struct { |
|
|
|
Status string `json:"status"` |
|
|
|
Message string `json:"message"` |
|
|
|
AsymmetricPublicKey string `json:"asymmetric_public_key"` |
|
|
|
AsymmetricPrivateKey string `json:"asymmetric_private_key"` |
|
|
|
UserID string `json:"user_id"` |
|
|
|
Username string `json:"username"` |
|
|
|
AsymmetricPublicKey string `json:"asymmetric_public_key"` |
|
|
|
AsymmetricPrivateKey string `json:"asymmetric_private_key"` |
|
|
|
SymmetricKey string `json:"symmetric_key"` |
|
|
|
MessageExpiryDefault string `json:"message_expiry_default"` |
|
|
|
ImageLink string `json:"image_link"` |
|
|
|
} |
|
|
|
|
|
|
|
func makeLoginResponse(w http.ResponseWriter, code int, message, pubKey, privKey string, user Models.User) { |
|
|
|
// Login logs the user into the system
|
|
|
|
func Login(w http.ResponseWriter, r *http.Request) { |
|
|
|
var ( |
|
|
|
status = "error" |
|
|
|
creds credentials |
|
|
|
user Models.User |
|
|
|
session Models.Session |
|
|
|
expiresAt time.Time |
|
|
|
messageExpiryRaw driver.Value |
|
|
|
messageExpiry string |
|
|
|
imageLink string |
|
|
|
returnJSON []byte |
|
|
|
err error |
|
|
|
) |
|
|
|
if code >= 200 && code <= 300 { |
|
|
|
status = "success" |
|
|
|
} |
|
|
|
|
|
|
|
messageExpiryRaw, _ = user.MessageExpiryDefault.Value() |
|
|
|
messageExpiry, _ = messageExpiryRaw.(string) |
|
|
|
|
|
|
|
returnJSON, err = json.MarshalIndent(loginResponse{ |
|
|
|
Status: status, |
|
|
|
Message: message, |
|
|
|
AsymmetricPublicKey: pubKey, |
|
|
|
AsymmetricPrivateKey: privKey, |
|
|
|
UserID: user.ID.String(), |
|
|
|
Username: user.Username, |
|
|
|
MessageExpiryDefault: messageExpiry, |
|
|
|
}, "", " ") |
|
|
|
if err != nil { |
|
|
|
http.Error(w, "Error", http.StatusInternalServerError) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
|
// Return updated json
|
|
|
|
w.WriteHeader(code) |
|
|
|
w.Write(returnJSON) |
|
|
|
} |
|
|
|
|
|
|
|
// Login logs the user into the system
|
|
|
|
func Login(w http.ResponseWriter, r *http.Request) { |
|
|
|
var ( |
|
|
|
creds credentials |
|
|
|
userData Models.User |
|
|
|
session Models.Session |
|
|
|
expiresAt time.Time |
|
|
|
err error |
|
|
|
) |
|
|
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&creds) |
|
|
|
if err != nil { |
|
|
|
makeLoginResponse(w, http.StatusInternalServerError, "An error occurred", "", "", userData) |
|
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
|
userData, err = Database.GetUserByUsername(creds.Username) |
|
|
|
user, err = Database.GetUserByUsername(creds.Username) |
|
|
|
if err != nil { |
|
|
|
makeLoginResponse(w, http.StatusUnauthorized, "An error occurred", "", "", userData) |
|
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
|
if !CheckPasswordHash(creds.Password, userData.Password) { |
|
|
|
makeLoginResponse(w, http.StatusUnauthorized, "An error occurred", "", "", userData) |
|
|
|
if !CheckPasswordHash(creds.Password, user.Password) { |
|
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
@ -90,13 +61,13 @@ func Login(w http.ResponseWriter, r *http.Request) { |
|
|
|
expiresAt = time.Now().Add(12 * time.Hour) |
|
|
|
|
|
|
|
session = Models.Session{ |
|
|
|
UserID: userData.ID, |
|
|
|
UserID: user.ID, |
|
|
|
Expiry: expiresAt, |
|
|
|
} |
|
|
|
|
|
|
|
err = Database.CreateSession(&session) |
|
|
|
if err != nil { |
|
|
|
makeLoginResponse(w, http.StatusUnauthorized, "An error occurred", "", "", userData) |
|
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
@ -106,12 +77,32 @@ func Login(w http.ResponseWriter, r *http.Request) { |
|
|
|
Expires: expiresAt, |
|
|
|
}) |
|
|
|
|
|
|
|
makeLoginResponse( |
|
|
|
w, |
|
|
|
http.StatusOK, |
|
|
|
"Successfully logged in", |
|
|
|
userData.AsymmetricPublicKey, |
|
|
|
userData.AsymmetricPrivateKey, |
|
|
|
userData, |
|
|
|
) |
|
|
|
if user.AttachmentID != nil { |
|
|
|
imageLink = fmt.Sprintf( |
|
|
|
"http://192.168.1.5:8080/files/%s", |
|
|
|
user.Attachment.FilePath, |
|
|
|
) |
|
|
|
} |
|
|
|
|
|
|
|
messageExpiryRaw, _ = user.MessageExpiryDefault.Value() |
|
|
|
messageExpiry, _ = messageExpiryRaw.(string) |
|
|
|
|
|
|
|
returnJSON, err = json.MarshalIndent(loginResponse{ |
|
|
|
UserID: user.ID.String(), |
|
|
|
Username: user.Username, |
|
|
|
AsymmetricPublicKey: user.AsymmetricPublicKey, |
|
|
|
AsymmetricPrivateKey: user.AsymmetricPrivateKey, |
|
|
|
SymmetricKey: user.SymmetricKey, |
|
|
|
MessageExpiryDefault: messageExpiry, |
|
|
|
ImageLink: imageLink, |
|
|
|
}, "", " ") |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
|
// Return updated json
|
|
|
|
w.WriteHeader(http.StatusOK) |
|
|
|
w.Write(returnJSON) |
|
|
|
} |