117 lines
3.2 KiB
Go
Executable file
117 lines
3.2 KiB
Go
Executable file
/*
|
|
ScheduleTogether Backend
|
|
Copyright (C) 2024, Marco Vitchi Thulin
|
|
|
|
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License version 3
|
|
as published by the Free Software Foundation.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License version 3 for more details.
|
|
|
|
This program incorporates external libraries for certain functionalities.
|
|
These libraries are covered by their respective licenses, and their usage
|
|
agreements are as outlined in their respective documentation or source
|
|
code.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package accounts
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/kataras/iris/v12"
|
|
"github.com/kataras/iris/v12/middleware/jwt"
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
db "git.zervo.org/scheduletogether/scheduletogetherbackend/internal/database"
|
|
"git.zervo.org/scheduletogether/scheduletogetherbackend/pkg/helpers/config"
|
|
"git.zervo.org/scheduletogether/scheduletogetherbackend/pkg/types"
|
|
)
|
|
|
|
// AccountSignin_Service signs in a user and returns a jwt token
|
|
func AccountSignin_Service(ctx iris.Context, req types.AccountLoginRequest) {
|
|
cfg, err := config.LoadConfig()
|
|
if err != nil {
|
|
ctx.StatusCode(iris.StatusInternalServerError)
|
|
ctx.JSON(types.CommonErrorResponse{
|
|
Error: "An error occured while registering your account, please try again later",
|
|
})
|
|
return
|
|
}
|
|
|
|
// Create signer
|
|
signer := jwt.NewSigner(jwt.HS256, []byte(cfg.JWTSecret), time.Duration(cfg.JWTExpiration)*time.Minute)
|
|
|
|
// Check if user exists
|
|
var user db.User
|
|
err = db.Db.Where("username = ?", req.Username).First(&user).Error
|
|
if err != nil {
|
|
ctx.StatusCode(iris.StatusUnauthorized)
|
|
ctx.JSON(types.CommonErrorResponse{
|
|
Error: "Invalid username or password",
|
|
})
|
|
return
|
|
}
|
|
|
|
// Check if user is verified
|
|
if !user.Verified {
|
|
ctx.StatusCode(iris.StatusUnauthorized)
|
|
ctx.JSON(types.CommonErrorResponse{
|
|
Error: "Please verify your account",
|
|
})
|
|
return
|
|
}
|
|
|
|
// Check if password is correct
|
|
err = bcrypt.CompareHashAndPassword([]byte(user.Hash), []byte(req.Password))
|
|
if err != nil {
|
|
ctx.StatusCode(iris.StatusUnauthorized)
|
|
ctx.JSON(types.CommonErrorResponse{
|
|
Error: "Invalid username or password",
|
|
})
|
|
return
|
|
}
|
|
|
|
// Generate a JWT Id
|
|
generated_jti, err := uuid.NewRandom()
|
|
if err != nil {
|
|
ctx.StopWithError(iris.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
jti := generated_jti.String()
|
|
|
|
// Create claims
|
|
claims := &types.Claims{
|
|
UserId: user.ID,
|
|
Role: user.Role,
|
|
Username: user.Username,
|
|
Email: user.Email,
|
|
}
|
|
|
|
// Sign token
|
|
token, err := signer.Sign(claims, jwt.Claims{
|
|
ID: jti,
|
|
Issuer: "scheduletogether",
|
|
})
|
|
if err != nil {
|
|
ctx.StatusCode(iris.StatusInternalServerError)
|
|
ctx.JSON(types.CommonErrorResponse{
|
|
Error: "An error occured, please try again later",
|
|
})
|
|
return
|
|
}
|
|
|
|
// Return token
|
|
ctx.JSON(types.AccountSigninResponse{
|
|
Token: string(token),
|
|
})
|
|
}
|