moved stuff around

auth/auth.go

@@ -7,8 +7,6 @@ import (
 	"net/http"
 	"time"
 
-	// "acoolname.co/backend/models"
-
 	"acooldomain.co/backend/models"
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
@@ -17,7 +15,8 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
-var hmacSampleSecret []byte
+var secret []byte
+var method string
 
 type Connection struct {
 	connection *mongo.Client
@@ -33,9 +32,15 @@ type AuthClaims struct {
 	TokenInfo
 }
 
+type InviteToken struct {
+	Email       string              `bson:"Email"`
+	Permissions []models.Permission `bson:"Permissions"`
+	Token       string              `bson:"Token"`
+}
+
 func signToken(token TokenInfo) (string, error) {
 
-	t := jwt.New(jwt.GetSigningMethod("HS512"))
+	t := jwt.New(jwt.GetSigningMethod(method))
 
 	t.Claims = &AuthClaims{
 		&jwt.StandardClaims{
@@ -44,7 +49,7 @@ func signToken(token TokenInfo) (string, error) {
 		token,
 	}
 
-	return t.SignedString(hmacSampleSecret)
+	return t.SignedString(secret)
 }
 
 func hashPassword(password string) (string, error) {
@@ -67,7 +72,7 @@ func AuthorizedTo(requiredPermissions models.Permission, overwriters ...func(*gi
 			}
 
 			// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
-			return hmacSampleSecret, nil
+			return secret, nil
 		})
 		if err != nil {
 			ctx.AbortWithError(403, err)
@@ -90,14 +95,15 @@ func AuthorizedTo(requiredPermissions models.Permission, overwriters ...func(*gi
 	}
 }
 
+type SignUpRequest struct {
+	Token    string
+	Username string
+	Password string
+}
+
 func (con Connection) signUp(c *gin.Context) {
 	var token TokenInfo
 
-	type SignUpRequest struct {
-		token    string
-		username string
-		password string
-	}
 	err := json.NewDecoder(c.Request.Body).Decode(&token)
 	if err != nil {
 		c.AbortWithError(500, err)
@@ -163,10 +169,13 @@ func (con Connection) test(c *gin.Context) {
 	c.IndentedJSON(http.StatusOK, claims)
 }
 
-func LoadGroup(group *gin.RouterGroup, client *mongo.Client) {
+func LoadGroup(group *gin.RouterGroup, client *mongo.Client, config models.GlobalConfig) {
 	connection := Connection{connection: client}
-	group.POST("/signin", connection.signIn)
 
+	secret = []byte(config.Key)
+	method = config.Algorithm
+
+	group.POST("/signin", connection.signIn)
 	group.POST("/signup", AuthorizedTo(models.Admin), connection.signUp)
 	group.GET("/test", AuthorizedTo(models.Admin), connection.test)
 }