create password auth skeleton
This commit is contained in:
@@ -53,7 +53,14 @@ func Start() {
|
||||
r.Use(UserCtx) // Load user
|
||||
r.Get("/", GetUser)
|
||||
})
|
||||
r.Post("/new", NewUser)
|
||||
})
|
||||
|
||||
r.Route("/login", func(r chi.Router) {
|
||||
r.Post("/", Login)
|
||||
})
|
||||
|
||||
r.Route("/register", func(r chi.Router) {
|
||||
r.Post("/", NewUser)
|
||||
})
|
||||
|
||||
if *routes {
|
||||
|
||||
30
api/db.go
30
api/db.go
@@ -19,8 +19,29 @@ func dbGetUser(id string) (*User, error) {
|
||||
user := u.(map[string]interface{})
|
||||
if user["ID"].(string) == id {
|
||||
return &User{
|
||||
ID: user["ID"].(string),
|
||||
Name: user["Name"].(string),
|
||||
ID: user["ID"].(string),
|
||||
Name: user["Name"].(string),
|
||||
Password: user["Password"].(string),
|
||||
}, nil
|
||||
}
|
||||
}
|
||||
return nil, errors.New("User not found")
|
||||
}
|
||||
|
||||
func dbGetUserByName(username string) (*User, error) {
|
||||
data := db.ExecDB("users")
|
||||
if data == nil {
|
||||
return nil, errors.New("failed to load users database")
|
||||
}
|
||||
|
||||
users := data["users"].([]interface{})
|
||||
for _, u := range users {
|
||||
user := u.(map[string]interface{})
|
||||
if user["Name"].(string) == username {
|
||||
return &User{
|
||||
ID: user["ID"].(string),
|
||||
Name: user["Name"].(string),
|
||||
Password: user["Password"].(string),
|
||||
}, nil
|
||||
}
|
||||
}
|
||||
@@ -133,8 +154,9 @@ func dbAddUser(user *User) error {
|
||||
}
|
||||
|
||||
dbUser := map[string]interface{}{
|
||||
"ID": user.ID,
|
||||
"Name": user.Name,
|
||||
"ID": user.ID,
|
||||
"Name": user.Name,
|
||||
"Password": user.Password,
|
||||
}
|
||||
|
||||
users = append(users, dbUser)
|
||||
|
||||
55
api/user.go
55
api/user.go
@@ -7,6 +7,7 @@ import (
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/go-chi/render"
|
||||
"github.com/google/uuid"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
func UserCtx(next http.Handler) http.Handler {
|
||||
@@ -67,10 +68,17 @@ func NewUser(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
newUserName := r.FormValue("name")
|
||||
password := r.FormValue("password")
|
||||
if newUserName == "" || password == "" {
|
||||
http.Error(w, "Username and password cannot be empty", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
hashedPassword, err := hashPassword(password)
|
||||
newUser := User{
|
||||
ID: newUserID(),
|
||||
Name: newUserName,
|
||||
ID: newUserID(),
|
||||
Name: newUserName,
|
||||
Password: hashedPassword,
|
||||
}
|
||||
|
||||
err = dbAddUser(&newUser)
|
||||
@@ -82,15 +90,54 @@ func NewUser(w http.ResponseWriter, r *http.Request) {
|
||||
render.Render(w, r, NewUserPayloadResponse(&newUser))
|
||||
}
|
||||
|
||||
func Login(w http.ResponseWriter, r *http.Request) {
|
||||
err := r.ParseMultipartForm(64 << 10)
|
||||
if err != nil {
|
||||
http.Error(w, "Unable to parse form", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
username := r.FormValue("name")
|
||||
password := r.FormValue("password")
|
||||
if username == "" || password == "" {
|
||||
http.Error(w, "Username and password cannot be empty", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user, err := dbGetUserByName(username)
|
||||
if err != nil {
|
||||
http.Error(w, "Invalid username or password", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
err = validatePassword(user.Password, password)
|
||||
if err != nil {
|
||||
http.Error(w, "Invalid username or password", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
w.Write([]byte("Login successful"))
|
||||
}
|
||||
|
||||
func (u *UserPayload) Render(w http.ResponseWriter, r *http.Request) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func hashPassword(password string) (string, error) {
|
||||
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
return string(hashedPassword), err
|
||||
}
|
||||
|
||||
func validatePassword(hashedPassword, password string) error {
|
||||
return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
|
||||
}
|
||||
|
||||
type userKey struct{}
|
||||
|
||||
type User struct {
|
||||
ID string `json:"id"`
|
||||
Name string `json:"name"`
|
||||
ID string `json:"id"`
|
||||
Name string `json:"name"`
|
||||
Password string `json:"-"`
|
||||
}
|
||||
|
||||
type UserPayload struct {
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
[
|
||||
{
|
||||
"ID": "user_8d7cd2ed-0aa2-4810-a172-42dd58563a54",
|
||||
"Name": "duby"
|
||||
},
|
||||
{
|
||||
"ID": "user_63dac6ad-f255-4af8-a057-4b064a982a84",
|
||||
"Name": "astolfo"
|
||||
}
|
||||
{
|
||||
"ID": "user_8d7cd2ed-0aa2-4810-a172-42dd58563a54",
|
||||
"Name": "duby",
|
||||
"Password": "$2a$10$fYKgHJRgR6hJl9VAAu4HPeeyTbDP3UCxiAxZMMKDL8A0ya0Sdg.pq"
|
||||
},
|
||||
{
|
||||
"ID": "user_63dac6ad-f255-4af8-a057-4b064a982a84",
|
||||
"Name": "astolfo",
|
||||
"Password": "$2a$10$ryzbb6l/hkZH6wwtdLdbYew3R1ug4O3tdHi4581WQHui8JKSPFqSu"
|
||||
}
|
||||
]
|
||||
Reference in New Issue
Block a user