diff options
Diffstat (limited to 'auth')
| -rw-r--r-- | auth/auth.go | 5 | ||||
| -rw-r--r-- | auth/controller.go | 36 | ||||
| -rw-r--r-- | auth/middleware.go | 3 |
3 files changed, 25 insertions, 19 deletions
diff --git a/auth/auth.go b/auth/auth.go index 4ac6445..0b28b57 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -1,5 +1,5 @@ /* openbills - Server for web based Libre Billing Software - * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * Copyright (C) 2023-2025 Vidhu Kant Sharma <vidhukant@vidhukant.com> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -23,7 +23,8 @@ import ( type AuthClaims struct { jwt.RegisteredClaims - UserID uint `json:"userid"` + UserID uint `json:"userid"` + Roles []string `json:"roles"` } type RefreshClaims struct { diff --git a/auth/controller.go b/auth/controller.go index 961518a..8de7370 100644 --- a/auth/controller.go +++ b/auth/controller.go @@ -1,5 +1,5 @@ /* openbills - Server for web based Libre Billing Software - * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * Copyright (C) 2023-2025 Vidhu Kant Sharma <vidhukant@vidhukant.com> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,36 +39,37 @@ func init() { } func handleSignUp (ctx *gin.Context) { - var user user.User - ctx.Bind(&user) + var u user.User + ctx.Bind(&u) var err error // hash password var bytes []byte - bytes, err = bcrypt.GenerateFromPassword([]byte(user.Password), 14) + bytes, err = bcrypt.GenerateFromPassword([]byte(u.Password), 14) if err != nil { // TODO: handle potential errors ctx.Error(err) ctx.Abort() return } - user.Password = string(bytes) + u.Password = string(bytes) + + // for now everyone's an admin + // TODO: fix this shit + u.Roles = []user.Role{ + {0, 0, "admin"}, + } - err = user.Create() + err = u.Create() if err != nil { ctx.Error(err) ctx.Abort() return } - // remove password hash from response - user.Password = "" - - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - "data": user, - }) + // TODO: email verification and shit before this + ctx.JSON(http.StatusOK, nil) } func handleSignIn (ctx *gin.Context) { @@ -93,6 +94,7 @@ func handleSignIn (ctx *gin.Context) { ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), }, u.ID, + user.RolesToStringList(u.Roles), }, ).SignedString(AUTH_KEY) if err != nil { @@ -125,7 +127,6 @@ func handleSignIn (ctx *gin.Context) { ctx.JSON(http.StatusOK, gin.H{ "auth_token": authToken, "refresh_token": refreshToken, - "message": "success", "data": u, }) } @@ -147,9 +148,10 @@ func handleRefresh (ctx *gin.Context) { // check token version var u user.User - err := user.GetUser(&u, claims.UserID) + err := user.GetUserById(&u, claims.UserID) if err != nil { if err == errors.ErrNotFound { + // user doesn't exist ctx.Error(errors.ErrUnauthorized) ctx.Abort() return @@ -184,7 +186,8 @@ func handleRefresh (ctx *gin.Context) { IssuedAt: jwt.NewNumericDate(time.Now()), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), }, - claims.UserID, + u.ID, + user.RolesToStringList(u.Roles), }, ).SignedString(AUTH_KEY) if err != nil { @@ -196,6 +199,5 @@ func handleRefresh (ctx *gin.Context) { ctx.JSON(http.StatusOK, gin.H{ "auth_token": authToken, - "message": "success", }) } diff --git a/auth/middleware.go b/auth/middleware.go index 9ce5e12..80e512e 100644 --- a/auth/middleware.go +++ b/auth/middleware.go @@ -70,6 +70,9 @@ func Authorize() gin.HandlerFunc { return } + ctx.Set("UserID", claims.UserID) + ctx.Set("Roles", claims.Roles) + ctx.Next() } } |