diff options
Diffstat (limited to 'auth/controller.go')
| -rw-r--r-- | auth/controller.go | 52 |
1 files changed, 26 insertions, 26 deletions
diff --git a/auth/controller.go b/auth/controller.go index 8de7370..c5c931a 100644 --- a/auth/controller.go +++ b/auth/controller.go @@ -22,23 +22,24 @@ import ( "github.com/golang-jwt/jwt/v5" "github.com/spf13/viper" "golang.org/x/crypto/bcrypt" - "vidhukant.com/openbills/user" "net/http" "time" "vidhukant.com/openbills/errors" + "vidhukant.com/openbills/user" ) var ( - COST int + COST int AUTH_KEY, REFRESH_KEY []byte ) + func init() { COST = viper.GetInt("cryptography.password_hashing_cost") AUTH_KEY = []byte(viper.GetString("cryptography.auth_key")) REFRESH_KEY = []byte(viper.GetString("cryptography.refresh_key")) } -func handleSignUp (ctx *gin.Context) { +func handleSignUp(ctx *gin.Context) { var u user.User ctx.Bind(&u) @@ -72,7 +73,7 @@ func handleSignUp (ctx *gin.Context) { ctx.JSON(http.StatusOK, nil) } -func handleSignIn (ctx *gin.Context) { +func handleSignIn(ctx *gin.Context) { var req LoginReq ctx.Bind(&req) @@ -88,9 +89,9 @@ func handleSignIn (ctx *gin.Context) { } authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), + AuthClaims{ + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), }, u.ID, @@ -105,10 +106,10 @@ func handleSignIn (ctx *gin.Context) { } refreshToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - RefreshClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)), + RefreshClaims{ + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), + ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)), }, u.ID, u.TokenVersion, @@ -125,17 +126,17 @@ func handleSignIn (ctx *gin.Context) { u.Password = "" ctx.JSON(http.StatusOK, gin.H{ - "auth_token": authToken, + "auth_token": authToken, "refresh_token": refreshToken, - "data": u, + "data": u, }) } -func handleRefresh (ctx *gin.Context) { +func handleRefresh(ctx *gin.Context) { var req RefreshReq ctx.Bind(&req) - tk, _ := jwt.ParseWithClaims(req.RefreshToken, &RefreshClaims{}, func (token *jwt.Token) (interface{}, error) { + tk, _ := jwt.ParseWithClaims(req.RefreshToken, &RefreshClaims{}, func(token *jwt.Token) (interface{}, error) { return []byte(REFRESH_KEY), nil }) @@ -152,22 +153,21 @@ func handleRefresh (ctx *gin.Context) { if err != nil { if err == errors.ErrNotFound { // user doesn't exist - ctx.Error(errors.ErrUnauthorized) - ctx.Abort() - return + ctx.Error(errors.ErrUnauthorized) + ctx.Abort() + return } else { - ctx.Error(err) - ctx.Abort() - return + ctx.Error(err) + ctx.Abort() + return } } - if (u.TokenVersion != claims.Version) { + if u.TokenVersion != claims.Version { ctx.Error(errors.ErrSessionExpired) ctx.Abort() return } - if !tk.Valid { eat := claims.ExpiresAt.Unix() if eat != 0 && eat < time.Now().Unix() { @@ -181,9 +181,9 @@ func handleRefresh (ctx *gin.Context) { } authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), + AuthClaims{ + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), }, u.ID, |