package main import ( "encoding/json" "io/ioutil" "log" "net/http" "github.com/andreanidouglas/auth-go/dao" "github.com/andreanidouglas/auth-go/internals" model "github.com/andreanidouglas/auth-go/model" ) type ResponseLogin struct { Authenticated bool `json:"authenticated"` User model.AuthUser `json:"user,omitempty"` } type ResponseSignup struct { Created bool `json:"created"` User model.CreateUser `json:"user,omitempty"` } func (r *ResponseSignup) JsonResponseSignInSetAndWrite(rw http.ResponseWriter, authenticated bool, u *model.CreateUser) error { r.Created = authenticated r.User = *u b, err := json.Marshal(r) if err != nil { return err } _, err = rw.Write(append(b, '\n')) return err } func (r *ResponseLogin) JsonResponseSetAndWrite(rw http.ResponseWriter, authenticated bool, u *model.AuthUser) error { r.Authenticated = authenticated u.PasswordHash = "" r.User = *u b, err := json.Marshal(r) if err != nil { return err } _, err = rw.Write(append(b, '\n')) return err } func setupRoute() { dao := dao.NewUserRepository() crypt := internals.NewCrypt() http.HandleFunc("/all", func(rw http.ResponseWriter, r *http.Request) { var authUser model.GetUser if r.Method == "POST" { rw.WriteHeader(http.StatusMethodNotAllowed) return } all, err := authUser.GetAllUsers(dao) if err != nil { rw.WriteHeader(http.StatusInternalServerError) return } jsonRes, err := json.Marshal(all) if err != nil { rw.WriteHeader(http.StatusInternalServerError) return } rw.WriteHeader(http.StatusOK) rw.Write(jsonRes) }) http.HandleFunc("/signup", func(rw http.ResponseWriter, r *http.Request) { var newUser model.CreateUser res := &ResponseSignup{Created: false} if r.Method == "GET" { rw.WriteHeader(http.StatusMethodNotAllowed) return } reqBody, err := ioutil.ReadAll(r.Body) if err != nil { rw.WriteHeader(http.StatusBadRequest) return } err = json.Unmarshal(reqBody, &newUser) if err != nil { rw.WriteHeader(http.StatusBadRequest) return } _, err = newUser.CreateUser(dao, crypt) if err != nil { rw.WriteHeader(http.StatusBadRequest) res.JsonResponseSignInSetAndWrite(rw, false, &model.CreateUser{}) return } rw.WriteHeader(http.StatusOK) rw.Header().Add("Content-Type", "application/json") if err = res.JsonResponseSignInSetAndWrite(rw, true, &newUser); err != nil { log.Fatalf("could not write back to client: %v", err) } }) http.HandleFunc("/login", func(rw http.ResponseWriter, r *http.Request) { var authUser model.AuthUser rw.Header().Add("Access-Control-Allow-Origin", "*") res := &ResponseLogin{Authenticated: false} if r.Method == "GET" { rw.WriteHeader(http.StatusMethodNotAllowed) return } reqBody, err := ioutil.ReadAll(r.Body) if err != nil { rw.WriteHeader(http.StatusBadRequest) return } err = json.Unmarshal(reqBody, &authUser) if err != nil { rw.WriteHeader(http.StatusBadRequest) return } id, err := authUser.AuthenticateUser(dao, crypt) if err != nil { log.Printf("could not authenticate user: %v", err) rw.WriteHeader(http.StatusUnauthorized) res.JsonResponseSetAndWrite(rw, false, &model.AuthUser{}) return } authUser.Id = id rw.Header().Add("Content-Type", "application/json") // TODO: This wont work on http connection. Needs to update the server to https //rw.Header().Add("Set-Cookie", "jwt=1234567; Expires: Wed, 24 Aug 2022 00:00:00 GMT; Secure; HttpOnly") rw.WriteHeader(http.StatusOK) if err = res.JsonResponseSetAndWrite(rw, true, &authUser); err != nil { log.Fatalf("could not write back to client: %v", err) } }) } func main() { setupRoute() log.Fatal(http.ListenAndServe("192.168.100.227:8080", nil)) }