feature: changed authentication method

config.json

@@ -1,29 +1,30 @@
 {
-    "version": "1.1.0",
-    "release": [
-        {
-            "releasetype": "prod",
-            "data": {
-                "API_PORT": 8111,
-                "DB_HOST": "177.153.50.98",
-                "DB_DRIVER": "postgres",
-                "DB_USER": "pcast",
-                "DB_PASSWORD": "@407Smc837",
-                "DB_NAME": "pcast",
-                "DB_PORT": 5432
-            }
-        },
-        {
-            "releasetype": "homolog",
-            "data": {
-                "API_PORT": 8112,
-                "DB_HOST": "177.153.50.98",
-                "DB_DRIVER": "postgres",
-                "DB_USER": "pcasth",
-                "DB_PASSWORD": "@407Smc837",
-                "DB_NAME": "pcasth",
-                "DB_PORT": 5432
-            }
-        }
-    ]
-}
+  "version": "1.1.0",
+  "apisecret": "pcast",
+  "release": [
+    {
+      "releasetype": "prod",
+      "data": {
+        "API_PORT": 8111,
+        "DB_HOST": "177.153.50.98",
+        "DB_DRIVER": "postgres",
+        "DB_USER": "pcast",
+        "DB_PASSWORD": "@407Smc837",
+        "DB_NAME": "pcast",
+        "DB_PORT": 5432
+      }
+    },
+    {
+      "releasetype": "homolog",
+      "data": {
+        "API_PORT": 8112,
+        "DB_HOST": "177.153.50.98",
+        "DB_DRIVER": "postgres",
+        "DB_USER": "pcasth",
+        "DB_PASSWORD": "@407Smc837",
+        "DB_NAME": "pcasth",
+        "DB_PORT": 5432
+      }
+    }
+  ]
+}

config/config.go

@@ -8,8 +8,9 @@ import (
 )
 
 type Config struct {
-	Version string
-	Release []ConfigType
+	Version   string
+	ApiSecret string
+	Release   []ConfigType
 }
 
 type ConfigType struct {

controllers/authController.go

@@ -1,17 +1,17 @@
 package controllers
 
 import (
+	"api/config"
 	"api/database"
 	"api/models"
 	"api/utils"
 	"log"
-	"os"
 	"strconv"
 	"strings"
 	"time"
 
-	"github.com/dgrijalva/jwt-go"
 	"github.com/gofiber/fiber/v2"
+	"github.com/golang-jwt/jwt/v5"
 	"golang.org/x/crypto/bcrypt"
 )
 
@@ -31,57 +31,38 @@ func Login(c *fiber.Ctx) error {
 
 	if user.ID == 0 {
 		return c.JSON(fiber.Map{
-			"message":  "Usuário não encontrado",
-			"userId":   0,
-			"userType": "",
-			"userName": "",
-			"token":    ""})
+			"message": "Usuário não encontrado",
+			"token":   ""})
 	}
 
 	if err := bcrypt.CompareHashAndPassword(user.Password, []byte(data["password"])); err != nil {
 		return c.JSON(fiber.Map{
-			"message":  "Senha inválida",
-			"userId":   0,
-			"userType": "",
-			"userName": "",
-			"token":    ""})
+			"message": "Senha inválida",
+			"token":   ""})
 	}
 
 	if user.Blocked == "S" {
 		return c.JSON(fiber.Map{
-			"message":  "Usuário bloqueado",
-			"userId":   0,
-			"userType": "",
-			"userName": "",
-			"token":    ""})
+			"message": "Usuário bloqueado",
+			"token":   ""})
 	}
 
-	type customClaims struct {
-		Userid string `json:"user"`
-		jwt.StandardClaims
+	claims := &jwt.RegisteredClaims{
+		ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(30 * time.Second)}, // Token expiration time
+		Issuer:    strconv.Itoa(int(user.ID)),                               // Subject of the token
 	}
 
-	tok := customClaims{
-		Userid: strconv.Itoa(int(user.ID)),
-		StandardClaims: jwt.StandardClaims{
-			Issuer:    strconv.Itoa(int(user.ID)),
-			ExpiresAt: time.Now().Add(time.Hour * 1).Unix(),
-		},
-	}
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 
-	claims := jwt.NewWithClaims(jwt.SigningMethodHS256, tok)
+	tk, err := token.SignedString([]byte(config.Conf.ApiSecret))
 
-	token, err := claims.SignedString([]byte(os.Getenv("API_SECRET")))
 	if err != nil {
 		return fiber.ErrInternalServerError
 	}
 
 	return c.JSON(fiber.Map{
-		"message":  "",
-		"userId":   user.ID,
-		"userType": user.UserType,
-		"userName": user.Name,
-		"token":    token})
+		"message": "",
+		"token":   tk})
 }
 
 // Register/AdUser - Adds or register a user to the database
@@ -144,22 +125,9 @@ func AddUser(c *fiber.Ctx) error {
 // GetOwnUser - Returns the current	user
 func GetOwnUser(c *fiber.Ctx) error {
 
-	var user models.User
+	user := c.Locals("user").(models.User)
 
-	userCode, err := utils.ProcessToken(c)
-	if err != nil {
-		return fiber.ErrUnauthorized
-	}
-
-	database.DB.Where("id = ?", userCode).First(&user)
-
-	if user.ID == 0 {
-		return fiber.ErrUnauthorized
-	}
-
-	return c.JSON(fiber.Map{
-		"user": user,
-	})
+	return c.JSON(user)
 }
 
 // GetAllUsers - Returns all users
@@ -167,8 +135,9 @@ func GetAllUsers(c *fiber.Ctx) error {
 
 	var users []models.User
 
-	_, err := utils.ProcessToken(c)
-	if err != nil {
+	user := c.Locals("user").(models.User)
+
+	if user.UserType != "A" {
 		return fiber.ErrUnauthorized
 	}
 
@@ -183,10 +152,9 @@ func GetAllUsers(c *fiber.Ctx) error {
 
 func GetUserByEmail(c *fiber.Ctx) error {
 
-	var user models.User
+	user := c.Locals("user").(models.User)
 
-	_, err := utils.ProcessToken(c)
-	if err != nil {
+	if user.UserType != "A" {
 		return fiber.ErrUnauthorized
 	}
 

controllers/eventController.go

@@ -2,10 +2,7 @@ package controllers
 
 import (
 	"api/database"
-	"api/dbaccess"
 	"api/models"
-	"api/utils"
-	"strconv"
 	"time"
 
 	"github.com/gofiber/fiber/v2"
@@ -14,32 +11,19 @@ import (
 func AddEvent(c *fiber.Ctx) error {
 	var data map[string]string
 	var startdt time.Time
+	var err error
 
-	_, err := utils.ProcessToken(c)
-	if err != nil {
-		return fiber.ErrUnauthorized
-	}
+	user := c.Locals("user").(models.User)
 
 	if err := c.BodyParser(&data); err != nil {
 		return fiber.ErrBadRequest
 	}
 
-	u, err := strconv.Atoi(data["user"])
-	if err != nil {
-		return fiber.ErrBadRequest
-	}
-
 	if data["name"] == "" || data["description"] == "" {
 		return fiber.ErrBadRequest
 	}
 
-	user := dbaccess.GetUserById(u)
-
-	if user.ID == 0 {
-		return fiber.ErrBadRequest
-	}
-
-	if user.Blocked == "Y" || user.Cancelled == "Y" {
+	if user.Blocked == "S" || user.Cancelled == "S" {
 		return fiber.ErrForbidden
 	}
 
@@ -75,8 +59,9 @@ func GetAllEvents(c *fiber.Ctx) error {
 
 	var events []models.Event
 
-	_, err := utils.ProcessToken(c)
-	if err != nil {
+	user := c.Locals("user").(models.User)
+
+	if user.UserType != "A" {
 		return fiber.ErrUnauthorized
 	}
 
@@ -93,10 +78,10 @@ func GetAllEvents(c *fiber.Ctx) error {
 func GetEventsByUser(c *fiber.Ctx) error {
 
 	var events []models.Event
-	var user models.User
 
-	_, err := utils.ProcessToken(c)
-	if err != nil {
+	user := c.Locals("user").(models.User)
+
+	if user.UserType != "A" {
 		return fiber.ErrUnauthorized
 	}
 

controllers/serverController.go

@@ -3,7 +3,6 @@ package controllers
 import (
 	"api/database"
 	"api/models"
-	"api/utils"
 
 	"github.com/shirou/gopsutil/v3/cpu"
 	"github.com/shirou/gopsutil/v3/disk"
@@ -43,13 +42,14 @@ func AddServer(c *fiber.Ctx) error {
 // GetAllServers - Returns all servers
 func GetAllServers(c *fiber.Ctx) error {
 
-	var servers []models.Server
+	u := c.Locals("user").(models.User)
 
-	_, err := utils.ProcessToken(c)
-	if err != nil {
-		return fiber.ErrUnauthorized
+	if u.UserType != "A" {
+		return fiber.NewError(fiber.StatusUnauthorized, "Unauthorized: User is not admin")
 	}
 
+	var servers []models.Server
+
 	database.DB.Find(&servers)
 
 	if len(servers) == 0 {

go.mod

@@ -3,9 +3,8 @@ module api
 go 1.18
 
 require (
-	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/gofiber/fiber/v2 v2.32.0
-	github.com/gofiber/jwt/v3 v3.2.0
+	github.com/golang-jwt/jwt/v5 v5.0.0
 	github.com/joho/godotenv v1.4.0
 	github.com/shirou/gopsutil/v3 v3.23.9
 	github.com/spf13/viper v1.17.0
@@ -18,7 +17,6 @@ require (
 	github.com/andybalholm/brotli v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/golang-jwt/jwt/v4 v4.1.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/jackc/chunkreader/v2 v2.0.1 // indirect
 	github.com/jackc/pgconn v1.12.1 // indirect

go.sum

@@ -40,7 +40,6 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc=
 github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=
-github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
 github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
 github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
@@ -59,8 +58,6 @@ github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7Do
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@@ -78,15 +75,12 @@ github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG
 github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
-github.com/gofiber/fiber/v2 v2.20.1/go.mod h1:/LdZHMUXZvTTo7gU4+b1hclqCAdoQphNQ9bi9gutPyI=
 github.com/gofiber/fiber/v2 v2.32.0 h1:lpgcGEq1UENv27uVuOaufAhU8wUKnX8yb9L7559Neec=
 github.com/gofiber/fiber/v2 v2.32.0/go.mod h1:CMy5ZLiXkn6qwthrl03YMyW1NLfj0rhxz2LKl4t7ZTY=
-github.com/gofiber/jwt/v3 v3.2.0 h1:brHGfuuAJI2NxdPQO0Yoa7L01I0Uc/CKZ3Z2lYE5W30=
-github.com/gofiber/jwt/v3 v3.2.0/go.mod h1:Z05kGvvdRqbWMvb3uYmAPwfFyCV8/n/QVorzq4XjwvU=
 github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
 github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
-github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0=
-github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
+github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@@ -112,7 +106,6 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq
 github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -207,7 +200,6 @@ github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwA
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/klauspost/compress v1.17.0 h1:Rnbp4K9EjcDuVuHtd0dgA4qNuv9yKDYKK1ulpJwgrqM=
 github.com/klauspost/compress v1.17.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
@@ -300,7 +292,6 @@ github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+F
 github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/valyala/fasthttp v1.29.0/go.mod h1:2rsYD01CKFrjjsvFxx75KlEUNpWNBY9JWD3K/7o2Cus=
 github.com/valyala/fasthttp v1.35.0 h1:wwkR8mZn2NbigFsaw2Zj5r+xkmzjbrA/lyTmiSlal/Y=
 github.com/valyala/fasthttp v1.35.0/go.mod h1:t/G+3rLek+CyY9bnIE+YlMRddxVAAGjhxndDB4i4C0I=
 github.com/valyala/tcplisten v1.0.0 h1:rBHj/Xf+E1tRGZyWIWwJDiRY0zc1Js+CV5DqwacVSA8=
@@ -342,7 +333,6 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
-golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
@@ -417,7 +407,6 @@ golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwY
 golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -482,7 +471,6 @@ golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

main.go

@@ -85,7 +85,7 @@ func main() {
 
 	port := strconv.Itoa(config.Configurations.Data.API_PORT)
 
-	log.Println("Server started in port " + port) // os.Getenv("API_PORT"))
+	log.Println("Server started in port " + port)
 	if err = app.Listen(":" + port); err != nil {
 		panic(err)
 	}

middlewares/authentication.go

@@ -0,0 +1,52 @@
+package middlewares
+
+import (
+	"api/config"
+	"api/models"
+	"api/services"
+	"strings"
+
+	"github.com/gofiber/fiber/v2"
+	"github.com/golang-jwt/jwt/v5"
+)
+
+var usr models.User
+
+func Authenticate(c *fiber.Ctx) error {
+
+	tk := c.Get("Authorization")
+
+	if tk == "" {
+		return fiber.NewError(fiber.StatusUnauthorized, "Unauthorized: No token provided")
+	}
+
+	tokenstr := strings.Split(tk, " ")[1]
+
+	token, err := jwt.Parse(tokenstr, func(token *jwt.Token) (interface{}, error) {
+		return []byte(config.Conf.ApiSecret), nil
+	})
+
+	if err != nil {
+		return fiber.NewError(fiber.StatusUnauthorized, "Unauthorized: "+strings.Replace(err.Error(), "token has invalid claims: ", "", -1))
+	}
+
+	if token.Valid {
+		if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+			usr = services.GetUser(claims["iss"].(string))
+
+			if usr.Blocked == "S" {
+				return fiber.NewError(fiber.StatusUnauthorized, "Unauthorized: User blocked")
+			}
+
+			if usr.Cancelled == "S" {
+				return fiber.NewError(fiber.StatusUnauthorized, "Unauthorized: User cancelled")
+			}
+
+			c.Locals("user", usr)
+
+			return c.Next()
+		}
+	}
+
+	return fiber.NewError(fiber.StatusUnauthorized, "Unauthorized: Invalid token")
+}

routes/routes.go

@@ -2,11 +2,9 @@ package routes
 
 import (
 	"api/controllers"
-	"os"
+	"api/middlewares"
 
 	"github.com/gofiber/fiber/v2"
-
-	jwtware "github.com/gofiber/jwt/v3"
 )
 
 // Setup sets up the routes
@@ -31,9 +29,7 @@ func Setup(app *fiber.App) {
 	// Protected routes. Needs login before.
 	protected := app.Group("/")
 
-	protected.Use(jwtware.New(jwtware.Config{
-		SigningKey: []byte(os.Getenv("API_SECRET")),
-	}))
+	protected.Use(middlewares.Authenticate)
 
 	protected.Get("servers", controllers.GetAllServers)
 	protected.Post("server", controllers.AddServer)

services/user_services.go

@@ -1,14 +1,14 @@
-package dbaccess
-
-import (
-	"api/database"
-	"api/models"
-)
-
-func GetUserById(id int) models.User {
-	var user models.User
-
-	database.DB.Where("id = ?", id).First(&user)
-
-	return user
-}
+package services
+
+import (
+	"api/database"
+	"api/models"
+)
+
+func GetUser(id string) models.User {
+	var user models.User
+
+	database.DB.Where("id = ?", id).First(&user)
+
+	return user
+}

utils/utils.go

@@ -4,11 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"log"
-	"os"
-	"strings"
 
-	"github.com/dgrijalva/jwt-go"
-	"github.com/gofiber/fiber/v2"
 	"golang.org/x/crypto/bcrypt"
 )
 
@@ -16,54 +12,6 @@ func HashPassword(password string) ([]byte, error) {
 	return bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 }
 
-func VerifyAuthentication(c *fiber.Ctx, cookie string) (*jwt.StandardClaims, error) {
-
-	token, err := jwt.ParseWithClaims(cookie, &jwt.StandardClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return []byte(os.Getenv("API_SECRET")), nil
-	})
-
-	if err != nil {
-		return nil, err
-	}
-
-	claims := token.Claims.(*jwt.StandardClaims)
-
-	return claims, nil
-}
-
-func ProcessToken(c *fiber.Ctx) (interface{}, error) {
-	bearToken := c.Get("Authorization")
-
-	var token string
-
-	// Normally Authorization HTTP header.
-	onlyToken := strings.Split(bearToken, " ")
-	if len(onlyToken) == 2 {
-		token = onlyToken[1]
-	} else {
-		token = bearToken
-	}
-
-	tk, err := jwt.Parse(token, jwtKeyFunc)
-
-	if err != nil {
-		fmt.Println("Error 1")
-		return nil, err
-	}
-
-	claims, ok := tk.Claims.(jwt.MapClaims)
-
-	if ok && tk.Valid {
-		return claims["user"], nil
-	}
-
-	return nil, err
-}
-
-func jwtKeyFunc(token *jwt.Token) (interface{}, error) {
-	return []byte(os.Getenv("API_SECRET")), nil
-}
-
 func PrettyPrintJson(data interface{}) {
 	b, err := json.MarshalIndent(data, "", "  ")
 	if err != nil {