added more functionality
This commit is contained in:
43
auth/auth.go
43
auth/auth.go
@@ -4,28 +4,17 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"hash"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"acoolname.co/backend/user"
|
||||
// "acoolname.co/backend/models"
|
||||
|
||||
"acooldomain.co/backend/models"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/golang-jwt/jwt"
|
||||
"go.mongodb.org/mongo-driver/bson"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
)
|
||||
|
||||
type Permission int
|
||||
|
||||
const (
|
||||
Start Permission = 1 << iota
|
||||
Stop
|
||||
Browse
|
||||
Create
|
||||
Delete
|
||||
RunCommand
|
||||
Admin
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
var hmacSampleSecret []byte
|
||||
@@ -35,8 +24,8 @@ type Connection struct {
|
||||
}
|
||||
|
||||
type TokenInfo struct {
|
||||
Username string `json:"username"`
|
||||
Permissions Permission `json:"permissions"`
|
||||
Username string `json:"username"`
|
||||
Permissions models.Permission `json:"permissions"`
|
||||
}
|
||||
|
||||
type AuthClaims struct {
|
||||
@@ -58,7 +47,12 @@ func signToken(token TokenInfo) (string, error) {
|
||||
return t.SignedString(hmacSampleSecret)
|
||||
}
|
||||
|
||||
func AuthorizedTo(requiredPermissions Permission) gin.HandlerFunc {
|
||||
func hashPassword(password string) (string, error) {
|
||||
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
|
||||
return string(bytes), err
|
||||
}
|
||||
|
||||
func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
|
||||
return func(ctx *gin.Context) {
|
||||
fmt.Println("Auth logic starts")
|
||||
authCookie, err := ctx.Request.Cookie("auth")
|
||||
@@ -126,13 +120,19 @@ func (con Connection) signIn(c *gin.Context) {
|
||||
if err != nil {
|
||||
c.AbortWithError(500, err)
|
||||
}
|
||||
var userItem user.User
|
||||
var userItem models.User
|
||||
err = con.connection.Database("Backend").Collection("Users").FindOne(context.TODO(), bson.D{{Key: "username", Value: request.username}}).Decode(&userItem)
|
||||
if err != nil {
|
||||
c.AbortWithError(403, err)
|
||||
}
|
||||
|
||||
if userItem.hashedPass == hash.Hash64() {
|
||||
if hashedPass, err := hashPassword(request.password); err != nil || userItem.HashedPass != hashedPass {
|
||||
c.AbortWithStatus(403)
|
||||
}
|
||||
|
||||
token := TokenInfo{
|
||||
Username: userItem.Username,
|
||||
Permissions: userItem.Permissions,
|
||||
}
|
||||
|
||||
signedToken, err := signToken(token)
|
||||
@@ -155,9 +155,10 @@ func (con Connection) test(c *gin.Context) {
|
||||
|
||||
func LoadGroup(group *gin.RouterGroup, client *mongo.Client) {
|
||||
connection := Connection{connection: client}
|
||||
group.POST("/signup", connection.signUp)
|
||||
group.Use(AuthorizedTo(Admin))
|
||||
group.POST("/signin", connection.signIn)
|
||||
group.Use(AuthorizedTo(models.Admin))
|
||||
{
|
||||
group.POST("/signup", connection.signUp)
|
||||
group.GET("/test", connection.test)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
module acooldomain.co/backend/auth
|
||||
|
||||
go 1.22.0
|
||||
|
||||
require golang.org/x/crypto v0.23.0 // indirect
|
||||
|
||||
2
auth/go.sum
Normal file
2
auth/go.sum
Normal file
@@ -0,0 +1,2 @@
|
||||
golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
|
||||
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
|
||||
Reference in New Issue
Block a user