diff options
Diffstat (limited to 'auth')
| -rw-r--r-- | auth/controller.go | 52 | ||||
| -rw-r--r-- | auth/middleware.go | 4 |
2 files changed, 28 insertions, 28 deletions
diff --git a/auth/controller.go b/auth/controller.go index 8de7370..c5c931a 100644 --- a/auth/controller.go +++ b/auth/controller.go @@ -22,23 +22,24 @@ import ( "github.com/golang-jwt/jwt/v5" "github.com/spf13/viper" "golang.org/x/crypto/bcrypt" - "vidhukant.com/openbills/user" "net/http" "time" "vidhukant.com/openbills/errors" + "vidhukant.com/openbills/user" ) var ( - COST int + COST int AUTH_KEY, REFRESH_KEY []byte ) + func init() { COST = viper.GetInt("cryptography.password_hashing_cost") AUTH_KEY = []byte(viper.GetString("cryptography.auth_key")) REFRESH_KEY = []byte(viper.GetString("cryptography.refresh_key")) } -func handleSignUp (ctx *gin.Context) { +func handleSignUp(ctx *gin.Context) { var u user.User ctx.Bind(&u) @@ -72,7 +73,7 @@ func handleSignUp (ctx *gin.Context) { ctx.JSON(http.StatusOK, nil) } -func handleSignIn (ctx *gin.Context) { +func handleSignIn(ctx *gin.Context) { var req LoginReq ctx.Bind(&req) @@ -88,9 +89,9 @@ func handleSignIn (ctx *gin.Context) { } authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), + AuthClaims{ + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), }, u.ID, @@ -105,10 +106,10 @@ func handleSignIn (ctx *gin.Context) { } refreshToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - RefreshClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)), + RefreshClaims{ + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), + ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)), }, u.ID, u.TokenVersion, @@ -125,17 +126,17 @@ func handleSignIn (ctx *gin.Context) { u.Password = "" ctx.JSON(http.StatusOK, gin.H{ - "auth_token": authToken, + "auth_token": authToken, "refresh_token": refreshToken, - "data": u, + "data": u, }) } -func handleRefresh (ctx *gin.Context) { +func handleRefresh(ctx *gin.Context) { var req RefreshReq ctx.Bind(&req) - tk, _ := jwt.ParseWithClaims(req.RefreshToken, &RefreshClaims{}, func (token *jwt.Token) (interface{}, error) { + tk, _ := jwt.ParseWithClaims(req.RefreshToken, &RefreshClaims{}, func(token *jwt.Token) (interface{}, error) { return []byte(REFRESH_KEY), nil }) @@ -152,22 +153,21 @@ func handleRefresh (ctx *gin.Context) { if err != nil { if err == errors.ErrNotFound { // user doesn't exist - ctx.Error(errors.ErrUnauthorized) - ctx.Abort() - return + ctx.Error(errors.ErrUnauthorized) + ctx.Abort() + return } else { - ctx.Error(err) - ctx.Abort() - return + ctx.Error(err) + ctx.Abort() + return } } - if (u.TokenVersion != claims.Version) { + if u.TokenVersion != claims.Version { ctx.Error(errors.ErrSessionExpired) ctx.Abort() return } - if !tk.Valid { eat := claims.ExpiresAt.Unix() if eat != 0 && eat < time.Now().Unix() { @@ -181,9 +181,9 @@ func handleRefresh (ctx *gin.Context) { } authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), + AuthClaims{ + jwt.RegisteredClaims{ + IssuedAt: jwt.NewNumericDate(time.Now()), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), }, u.ID, diff --git a/auth/middleware.go b/auth/middleware.go index 80e512e..e587681 100644 --- a/auth/middleware.go +++ b/auth/middleware.go @@ -18,11 +18,11 @@ package auth import ( - "vidhukant.com/openbills/errors" "github.com/gin-gonic/gin" "github.com/golang-jwt/jwt/v5" "strings" "time" + "vidhukant.com/openbills/errors" ) func getBearerToken(header []string) (string, error) { @@ -47,7 +47,7 @@ func Authorize() gin.HandlerFunc { return } - tk, _ := jwt.ParseWithClaims(bearerToken, &AuthClaims{}, func (token *jwt.Token) (interface{}, error) { + tk, _ := jwt.ParseWithClaims(bearerToken, &AuthClaims{}, func(token *jwt.Token) (interface{}, error) { return []byte(AUTH_KEY), nil }) |