updated to use jwt for authentication
parent
5fef21b0c7
commit
8a55954d92
|
|
@ -1,2 +1,4 @@
|
|||
.vscode
|
||||
|
||||
api
|
||||
api.exe
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ import (
|
|||
|
||||
func Version(c *fiber.Ctx) error {
|
||||
return c.JSON(fiber.Map{
|
||||
"version": "1.0.0",
|
||||
"version": "1.0.1",
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -67,31 +67,8 @@ func Login(c *fiber.Ctx) error {
|
|||
})
|
||||
}
|
||||
|
||||
cookie := fiber.Cookie{
|
||||
Name: "jwt",
|
||||
Value: token,
|
||||
Expires: time.Now().Add(time.Hour * 1),
|
||||
HTTPOnly: true,
|
||||
}
|
||||
|
||||
c.Cookie(&cookie)
|
||||
|
||||
return c.JSON(token)
|
||||
}
|
||||
|
||||
func Logout(c *fiber.Ctx) error {
|
||||
cookie := fiber.Cookie{
|
||||
Name: "jwt",
|
||||
Value: "",
|
||||
Expires: time.Now().Add(-time.Hour),
|
||||
HTTPOnly: true,
|
||||
}
|
||||
|
||||
c.Cookie(&cookie)
|
||||
|
||||
return c.JSON(fiber.Map{
|
||||
"message": "Successful logout",
|
||||
})
|
||||
"token": token})
|
||||
}
|
||||
|
||||
func AddUser(c *fiber.Ctx) error {
|
||||
|
|
@ -124,24 +101,23 @@ func AddUser(c *fiber.Ctx) error {
|
|||
}
|
||||
|
||||
func GetOwnUser(c *fiber.Ctx) error {
|
||||
cookie := c.Cookies("jwt")
|
||||
|
||||
var user models.User
|
||||
|
||||
claims, err := utils.VerifyAuthentication(c, cookie)
|
||||
userCode, err := utils.ProcessToken(c)
|
||||
if err != nil {
|
||||
c.Status(fiber.StatusUnauthorized)
|
||||
c.Status(fiber.StatusBadRequest)
|
||||
return c.JSON(fiber.Map{
|
||||
"message": "Unauthenticated",
|
||||
"message": "Invalid authorization",
|
||||
})
|
||||
}
|
||||
|
||||
database.DB.Where("id = ?", claims.Issuer).First(&user)
|
||||
database.DB.Where("id = ?", userCode).First(&user)
|
||||
|
||||
if user.Id == 0 {
|
||||
c.Status(fiber.StatusUnauthorized)
|
||||
c.Status(fiber.StatusInternalServerError)
|
||||
return c.JSON(fiber.Map{
|
||||
"message": "Unauthenticated",
|
||||
"message": "Invalid token when should be ok",
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -149,11 +125,9 @@ func GetOwnUser(c *fiber.Ctx) error {
|
|||
}
|
||||
|
||||
func GetAllUsers(c *fiber.Ctx) error {
|
||||
cookie := c.Cookies("jwt")
|
||||
var users []models.User
|
||||
|
||||
var user []models.User
|
||||
|
||||
_, err := utils.VerifyAuthentication(c, cookie)
|
||||
_, err := utils.ProcessToken(c)
|
||||
if err != nil {
|
||||
c.Status(fiber.StatusUnauthorized)
|
||||
return c.JSON(fiber.Map{
|
||||
|
|
@ -161,14 +135,14 @@ func GetAllUsers(c *fiber.Ctx) error {
|
|||
})
|
||||
}
|
||||
|
||||
database.DB.Find(&user)
|
||||
database.DB.Find(&users)
|
||||
|
||||
if len(user) == 0 {
|
||||
if len(users) == 0 {
|
||||
c.Status(fiber.StatusUnauthorized)
|
||||
return c.JSON(fiber.Map{
|
||||
"message": "Unauthenticated",
|
||||
})
|
||||
}
|
||||
|
||||
return c.JSON(user)
|
||||
return c.JSON(users)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import (
|
|||
"api/database"
|
||||
"api/dbaccess"
|
||||
"api/models"
|
||||
"api/utils"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
|
|
@ -15,6 +16,14 @@ func AddEvent(c *fiber.Ctx) error {
|
|||
var audience int
|
||||
var startdt time.Time
|
||||
|
||||
_, err := utils.ProcessToken(c)
|
||||
if err != nil {
|
||||
c.Status(fiber.StatusBadRequest)
|
||||
return c.JSON(fiber.Map{
|
||||
"message": "Invalid authorization",
|
||||
})
|
||||
}
|
||||
|
||||
if err := c.BodyParser(&data); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
2
go.mod
2
go.mod
|
|
@ -5,6 +5,7 @@ go 1.17
|
|||
require (
|
||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible
|
||||
github.com/gofiber/fiber/v2 v2.20.1
|
||||
github.com/gofiber/jwt/v3 v3.2.0
|
||||
github.com/joho/godotenv v1.4.0
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
|
||||
gorm.io/driver/mysql v1.1.2
|
||||
|
|
@ -14,6 +15,7 @@ require (
|
|||
require (
|
||||
github.com/andybalholm/brotli v1.0.3 // indirect
|
||||
github.com/go-sql-driver/mysql v1.6.0 // indirect
|
||||
github.com/golang-jwt/jwt/v4 v4.1.0 // indirect
|
||||
github.com/jinzhu/inflection v1.0.0 // indirect
|
||||
github.com/jinzhu/now v1.1.2 // indirect
|
||||
github.com/klauspost/compress v1.13.6 // indirect
|
||||
|
|
|
|||
4
go.sum
4
go.sum
|
|
@ -7,6 +7,10 @@ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfC
|
|||
github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
|
||||
github.com/gofiber/fiber/v2 v2.20.1 h1:p463gd/RI8YeYxP4WMGS+u1UtBS88yk8oLiPkEiDYx4=
|
||||
github.com/gofiber/fiber/v2 v2.20.1/go.mod h1:/LdZHMUXZvTTo7gU4+b1hclqCAdoQphNQ9bi9gutPyI=
|
||||
github.com/gofiber/jwt/v3 v3.2.0 h1:brHGfuuAJI2NxdPQO0Yoa7L01I0Uc/CKZ3Z2lYE5W30=
|
||||
github.com/gofiber/jwt/v3 v3.2.0/go.mod h1:Z05kGvvdRqbWMvb3uYmAPwfFyCV8/n/QVorzq4XjwvU=
|
||||
github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0=
|
||||
github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
|
||||
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
|
||||
github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
|
||||
|
|
|
|||
|
|
@ -2,8 +2,11 @@ package routes
|
|||
|
||||
import (
|
||||
"api/controllers"
|
||||
"os"
|
||||
|
||||
"github.com/gofiber/fiber/v2"
|
||||
|
||||
jwtware "github.com/gofiber/jwt/v3"
|
||||
)
|
||||
|
||||
func Setup(app *fiber.App) {
|
||||
|
|
@ -11,11 +14,15 @@ func Setup(app *fiber.App) {
|
|||
app.Get("/version", controllers.Version)
|
||||
|
||||
app.Post("/login", controllers.Login)
|
||||
app.Post("/logout", controllers.Logout)
|
||||
|
||||
app.Get("/user", controllers.GetOwnUser)
|
||||
app.Get("/users", controllers.GetAllUsers)
|
||||
app.Post("/user", controllers.AddUser)
|
||||
protected := app.Group("/")
|
||||
protected.Use(jwtware.New(jwtware.Config{
|
||||
SigningKey: []byte(os.Getenv("API_SECRET")),
|
||||
}))
|
||||
|
||||
app.Post("/event", controllers.AddEvent)
|
||||
protected.Get("user", controllers.GetOwnUser)
|
||||
protected.Get("users", controllers.GetAllUsers)
|
||||
protected.Post("user", controllers.AddUser)
|
||||
|
||||
protected.Post("event", controllers.AddEvent)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
package utils
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
"github.com/gofiber/fiber/v2"
|
||||
|
|
@ -26,3 +28,37 @@ func VerifyAuthentication(c *fiber.Ctx, cookie string) (*jwt.StandardClaims, err
|
|||
|
||||
return claims, nil
|
||||
}
|
||||
|
||||
func ProcessToken(c *fiber.Ctx) (interface{}, error) {
|
||||
bearToken := c.Get("Authorization")
|
||||
|
||||
var token string
|
||||
|
||||
// Normally Authorization HTTP header.
|
||||
onlyToken := strings.Split(bearToken, " ")
|
||||
if len(onlyToken) == 2 {
|
||||
token = onlyToken[1]
|
||||
} else {
|
||||
token = bearToken
|
||||
}
|
||||
|
||||
tk, err := jwt.Parse(token, jwtKeyFunc)
|
||||
|
||||
if err != nil {
|
||||
fmt.Println("Error 1")
|
||||
return nil, err
|
||||
}
|
||||
|
||||
claims, ok := tk.Claims.(jwt.MapClaims)
|
||||
|
||||
if ok && tk.Valid {
|
||||
fmt.Printf("claims user: %v\n", claims["user"])
|
||||
return claims["user"], nil
|
||||
}
|
||||
|
||||
return nil, err
|
||||
}
|
||||
|
||||
func jwtKeyFunc(token *jwt.Token) (interface{}, error) {
|
||||
return []byte(os.Getenv("API_SECRET")), nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue