121 lines
2.7 KiB
Go
121 lines
2.7 KiB
Go
package api
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/golang-jwt/jwt/v5"
|
|
core "fr.latosa-escrima/api/core"
|
|
)
|
|
|
|
var MySigningKey = []byte("COUCOU")
|
|
|
|
type LoginInformation struct {
|
|
Email string `json:"email"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
type Claims struct {
|
|
UserID string `json:"user_id"`
|
|
jwt.RegisteredClaims
|
|
}
|
|
|
|
func HandleLogin(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method != http.MethodPost {
|
|
log.Fatal("Not post method")
|
|
}
|
|
|
|
if r.Body == nil {
|
|
log.Fatal("No body")
|
|
}
|
|
|
|
body, err := io.ReadAll(r.Body)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
var login LoginInformation
|
|
err = json.Unmarshal(body, &login)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
var user core.User
|
|
err = core.DB.NewSelect().
|
|
Model(&user).
|
|
Where("email = ? AND password = ?", login.Email, login.Password).
|
|
Limit(1).
|
|
Scan(context.Background())
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
claims := Claims{
|
|
UserID: user.UserID.String(),
|
|
RegisteredClaims: jwt.RegisteredClaims{
|
|
Issuer: "latosa-escrima.fr",
|
|
Subject: "authentification",
|
|
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 24)),
|
|
IssuedAt: jwt.NewNumericDate(time.Now()),
|
|
},
|
|
}
|
|
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
|
signed, err := token.SignedString([]byte("hello"))
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
fmt.Println(signed)
|
|
}
|
|
|
|
func HandleMiddlewareRoute(pattern string,
|
|
handler func(w http.ResponseWriter, r *http.Request),
|
|
middleware func(http.Handler) http.Handler,
|
|
mux *http.ServeMux,
|
|
) {
|
|
mux.HandleFunc(pattern, handler)
|
|
http.Handle(pattern, middleware(mux))
|
|
}
|
|
|
|
func AuthJWT(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// Check if the Authorization header is provided
|
|
authHeader := r.Header.Get("Authorization")
|
|
if authHeader == "" {
|
|
http.Error(w, "Missing Authorization header", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// Bearer token is expected, so split the header into "Bearer <token>"
|
|
tokenString := strings.TrimPrefix(authHeader, "Bearer ")
|
|
if tokenString == authHeader {
|
|
http.Error(w, "Invalid Authorization header format", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// Parse the token
|
|
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
|
// Ensure that the token's signing method is valid
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
|
}
|
|
return MySigningKey, nil
|
|
})
|
|
|
|
if err != nil || !token.Valid {
|
|
http.Error(w, "Invalid token", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// Call the next handler if the JWT is valid
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|