From 8a55954d926ce28569c1e0886bbe499ca647a784 Mon Sep 17 00:00:00 2001 From: Nilo Roberto C Paim Date: Mon, 1 Nov 2021 20:42:17 -0300 Subject: [PATCH] updated to use jwt for authentication --- .gitignore | 2 ++ controllers/authController.go | 52 +++++++++------------------------- controllers/eventController.go | 9 ++++++ go.mod | 2 ++ go.sum | 4 +++ routes/routes.go | 17 +++++++---- utils/utils.go | 36 +++++++++++++++++++++++ 7 files changed, 78 insertions(+), 44 deletions(-) diff --git a/.gitignore b/.gitignore index d9b7480..74a743e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ +.vscode + api api.exe diff --git a/controllers/authController.go b/controllers/authController.go index e62c5bb..6385a59 100644 --- a/controllers/authController.go +++ b/controllers/authController.go @@ -15,7 +15,7 @@ import ( func Version(c *fiber.Ctx) error { return c.JSON(fiber.Map{ - "version": "1.0.0", + "version": "1.0.1", }) } @@ -67,31 +67,8 @@ func Login(c *fiber.Ctx) error { }) } - cookie := fiber.Cookie{ - Name: "jwt", - Value: token, - Expires: time.Now().Add(time.Hour * 1), - HTTPOnly: true, - } - - c.Cookie(&cookie) - - return c.JSON(token) -} - -func Logout(c *fiber.Ctx) error { - cookie := fiber.Cookie{ - Name: "jwt", - Value: "", - Expires: time.Now().Add(-time.Hour), - HTTPOnly: true, - } - - c.Cookie(&cookie) - return c.JSON(fiber.Map{ - "message": "Successful logout", - }) + "token": token}) } func AddUser(c *fiber.Ctx) error { @@ -124,24 +101,23 @@ func AddUser(c *fiber.Ctx) error { } func GetOwnUser(c *fiber.Ctx) error { - cookie := c.Cookies("jwt") var user models.User - claims, err := utils.VerifyAuthentication(c, cookie) + userCode, err := utils.ProcessToken(c) if err != nil { - c.Status(fiber.StatusUnauthorized) + c.Status(fiber.StatusBadRequest) return c.JSON(fiber.Map{ - "message": "Unauthenticated", + "message": "Invalid authorization", }) } - database.DB.Where("id = ?", claims.Issuer).First(&user) + database.DB.Where("id = ?", userCode).First(&user) if user.Id == 0 { - c.Status(fiber.StatusUnauthorized) + c.Status(fiber.StatusInternalServerError) return c.JSON(fiber.Map{ - "message": "Unauthenticated", + "message": "Invalid token when should be ok", }) } @@ -149,11 +125,9 @@ func GetOwnUser(c *fiber.Ctx) error { } func GetAllUsers(c *fiber.Ctx) error { - cookie := c.Cookies("jwt") + var users []models.User - var user []models.User - - _, err := utils.VerifyAuthentication(c, cookie) + _, err := utils.ProcessToken(c) if err != nil { c.Status(fiber.StatusUnauthorized) return c.JSON(fiber.Map{ @@ -161,14 +135,14 @@ func GetAllUsers(c *fiber.Ctx) error { }) } - database.DB.Find(&user) + database.DB.Find(&users) - if len(user) == 0 { + if len(users) == 0 { c.Status(fiber.StatusUnauthorized) return c.JSON(fiber.Map{ "message": "Unauthenticated", }) } - return c.JSON(user) + return c.JSON(users) } diff --git a/controllers/eventController.go b/controllers/eventController.go index 7df9a88..fc0b45b 100644 --- a/controllers/eventController.go +++ b/controllers/eventController.go @@ -4,6 +4,7 @@ import ( "api/database" "api/dbaccess" "api/models" + "api/utils" "strconv" "time" @@ -15,6 +16,14 @@ func AddEvent(c *fiber.Ctx) error { var audience int var startdt time.Time + _, err := utils.ProcessToken(c) + if err != nil { + c.Status(fiber.StatusBadRequest) + return c.JSON(fiber.Map{ + "message": "Invalid authorization", + }) + } + if err := c.BodyParser(&data); err != nil { return err } diff --git a/go.mod b/go.mod index d3379d1..c421f9d 100644 --- a/go.mod +++ b/go.mod @@ -5,6 +5,7 @@ go 1.17 require ( github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/gofiber/fiber/v2 v2.20.1 + github.com/gofiber/jwt/v3 v3.2.0 github.com/joho/godotenv v1.4.0 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 gorm.io/driver/mysql v1.1.2 @@ -14,6 +15,7 @@ require ( require ( github.com/andybalholm/brotli v1.0.3 // indirect github.com/go-sql-driver/mysql v1.6.0 // indirect + github.com/golang-jwt/jwt/v4 v4.1.0 // indirect github.com/jinzhu/inflection v1.0.0 // indirect github.com/jinzhu/now v1.1.2 // indirect github.com/klauspost/compress v1.13.6 // indirect diff --git a/go.sum b/go.sum index 19e8bce..91735a6 100644 --- a/go.sum +++ b/go.sum @@ -7,6 +7,10 @@ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfC github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/gofiber/fiber/v2 v2.20.1 h1:p463gd/RI8YeYxP4WMGS+u1UtBS88yk8oLiPkEiDYx4= github.com/gofiber/fiber/v2 v2.20.1/go.mod h1:/LdZHMUXZvTTo7gU4+b1hclqCAdoQphNQ9bi9gutPyI= +github.com/gofiber/jwt/v3 v3.2.0 h1:brHGfuuAJI2NxdPQO0Yoa7L01I0Uc/CKZ3Z2lYE5W30= +github.com/gofiber/jwt/v3 v3.2.0/go.mod h1:Z05kGvvdRqbWMvb3uYmAPwfFyCV8/n/QVorzq4XjwvU= +github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0= +github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= diff --git a/routes/routes.go b/routes/routes.go index 357e335..ea407cd 100644 --- a/routes/routes.go +++ b/routes/routes.go @@ -2,8 +2,11 @@ package routes import ( "api/controllers" + "os" "github.com/gofiber/fiber/v2" + + jwtware "github.com/gofiber/jwt/v3" ) func Setup(app *fiber.App) { @@ -11,11 +14,15 @@ func Setup(app *fiber.App) { app.Get("/version", controllers.Version) app.Post("/login", controllers.Login) - app.Post("/logout", controllers.Logout) - app.Get("/user", controllers.GetOwnUser) - app.Get("/users", controllers.GetAllUsers) - app.Post("/user", controllers.AddUser) + protected := app.Group("/") + protected.Use(jwtware.New(jwtware.Config{ + SigningKey: []byte(os.Getenv("API_SECRET")), + })) - app.Post("/event", controllers.AddEvent) + protected.Get("user", controllers.GetOwnUser) + protected.Get("users", controllers.GetAllUsers) + protected.Post("user", controllers.AddUser) + + protected.Post("event", controllers.AddEvent) } diff --git a/utils/utils.go b/utils/utils.go index bbe9e74..39c2167 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -1,7 +1,9 @@ package utils import ( + "fmt" "os" + "strings" "github.com/dgrijalva/jwt-go" "github.com/gofiber/fiber/v2" @@ -26,3 +28,37 @@ func VerifyAuthentication(c *fiber.Ctx, cookie string) (*jwt.StandardClaims, err return claims, nil } + +func ProcessToken(c *fiber.Ctx) (interface{}, error) { + bearToken := c.Get("Authorization") + + var token string + + // Normally Authorization HTTP header. + onlyToken := strings.Split(bearToken, " ") + if len(onlyToken) == 2 { + token = onlyToken[1] + } else { + token = bearToken + } + + tk, err := jwt.Parse(token, jwtKeyFunc) + + if err != nil { + fmt.Println("Error 1") + return nil, err + } + + claims, ok := tk.Claims.(jwt.MapClaims) + + if ok && tk.Valid { + fmt.Printf("claims user: %v\n", claims["user"]) + return claims["user"], nil + } + + return nil, err +} + +func jwtKeyFunc(token *jwt.Token) (interface{}, error) { + return []byte(os.Getenv("API_SECRET")), nil +}