cmte
/
authentication-go-preact


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
							package routes

import (
	"encoding/gob"
	"encoding/json"
	"fmt"
	"net/http"

	"github.com/andreanidouglas/auth/model"
	"github.com/gorilla/securecookie"
	"golang.org/x/crypto/bcrypt"

	"github.com/gorilla/sessions"
)

type user struct {
    Email string `json:"email"`
    Password string `jsob:"password"`
}

type authenticated struct {
    Email string
    Authenticated bool
}

const (
    AUTH_KEY string =  "session_id"
    USER_ID string = "user_id"
)

var store *sessions.CookieStore

func Init() {
    auth_key := securecookie.GenerateRandomKey(64)
    encryption_key := securecookie.GenerateRandomKey(32)

    store = sessions.NewCookieStore(
        auth_key,
        encryption_key,
    )

    store.Options = &sessions.Options{
        Path: "/auth",
        MaxAge: 60 * 15,
        HttpOnly: true,
    }

    gob.Register(authenticated{})
}

func getUser(s *sessions.Session) authenticated {
    val := s.Values["user"]
    var user = authenticated{}
    user, ok := val.(authenticated)
    if !ok {
        return authenticated{Authenticated: false}
    }
    return user
}

func AuthMiddleware(next http.HandlerFunc) func(http.ResponseWriter, *http.Request) {
    
    return func(w http.ResponseWriter, r *http.Request) {

        fmt.Printf("got store: %v", store)
        session, err := store.Get(r, "cookie-name")
        if err != nil {
            w.WriteHeader(500)
            fmt.Fprintf(w, "Internal Server Error: %v", err)
            return 
        }

        authed := getUser(session)
        if auth := authed.Authenticated; !auth {
            w.WriteHeader(403)
            fmt.Fprintf(w, "Unauthorized")
            return
        }

        next.ServeHTTP(w, r)
    }
}

func Login(w http.ResponseWriter, r *http.Request) {
    accepts := r.Header.Get("Accepts")
    if accepts != "application/json" {
        w.WriteHeader(400)
        fmt.Fprintf(w, "Could not process request. Incorrect body type")
        return 
    }

    sessions, err := store.Get(r, "cookie-name")
    if err != nil {
        w.WriteHeader(500)
        fmt.Fprintf(w, "Internal server error: %v", err)
    }

    db := model.NewDb("./auth.db")
    db.Setup()

    var data user

    err = json.NewDecoder(r.Body).Decode(&data)
    if err != nil {
        w.WriteHeader(400)
        fmt.Fprintf(w, "Could not process request. Incorrect body format")
        return
    }
    
    var user model.User
    if !model.CheckEmail(data.Email, &user, &db) {
        w.WriteHeader(403)
        fmt.Fprintf(w, "Unauthorized")
        return
    }

    err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(data.Password))
    if err != nil {
        w.WriteHeader(403)
        fmt.Fprintf(w, "Unauthorized")
        return
    }
    authed := authenticated {
        Email: user.Email,
        Authenticated: true,
    }
    sessions.Values["user"] = authed
    err = sessions.Save(r, w)
    if err != nil {
        w.WriteHeader(500)
        fmt.Fprintf(w, "Internal Server Error: %v", err)
    }

    w.WriteHeader(200)
    fmt.Fprintf(w, "Authorized")
}