Preston_PLB
/
Capstone
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

B: working login and logoout 

Todo:
add validation to email and password to make sure bogus values aren't set
add password verifcation on signup
This commit is contained in:
Preston Baxter 2023-10-28 18:25:51 -05:00
parent 1bfcdce01a
commit 344c17fb27
4 changed files with 129 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ui/controllers/auth.go
View File

@ -70,11 +70,17 @@ func SignUpHandler (c *gin.Context) {
return return
} }
now := time.Now().Unix()
exp := time.Now().Add(12 * time.Hour).Unix()
//build jwt //build jwt
token := jwt.NewWithClaims(jwt.SigningMethodHS256, token := jwt.NewWithClaims(jwt.SigningMethodHS256,
jwt.MapClaims{ AuthClaims{
"sub": user.UserId, Subject: user.UserId,
"exp": time.Now().Add(12 * time.Hour).Unix(), Expires: exp,
IssuedAt: now,
NotBefore: now,
Issuer: "capstone.preston-baxter.com",
Audience: "capstone.preston-baxter.com",
}, },
) )
@ -132,11 +138,17 @@ func LoginHandler(c *gin.Context) {
return return
} }
now := time.Now().Unix()
exp := time.Now().Add(12 * time.Hour).Unix()
//build jwt //build jwt
token := jwt.NewWithClaims(jwt.SigningMethodHS256, token := jwt.NewWithClaims(jwt.SigningMethodHS256,
jwt.MapClaims{ AuthClaims{
"sub": user.UserId, Subject: user.UserId,
"exp": time.Now().Add(12 * time.Hour).Unix(), Expires: exp,
IssuedAt: now,
NotBefore: now,
Issuer: "capstone.preston-baxter.com",
Audience: "capstone.preston-baxter.com",
}, },
) )

107
ui/controllers/auth_middleware.go Normal file
View File

@ -0,0 +1,107 @@
package controllers
import (
"net/http"
"time"
"git.preston-baxter.com/Preston_PLB/capstone/frontend-service/config"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
)
type AuthClaims struct {
Subject string `json:"sub"`
Expires int64 `json:"exp"`
IssuedAt int64 `json:"iat"`
NotBefore int64 `json:"nbf"`
Issuer string `json:"iss"`
Audience string `json:"aud"`
}
func (claims AuthClaims) GetExpirationTime() (*jwt.NumericDate, error) {
time := time.Unix(claims.Expires, 0)
return jwt.NewNumericDate(time), nil
}
func (claims AuthClaims) GetIssuedAt() (*jwt.NumericDate, error) {
time := time.Unix(claims.IssuedAt, 0)
return jwt.NewNumericDate(time), nil
}
func (claims AuthClaims) GetNotBefore() (*jwt.NumericDate, error) {
time := time.Unix(claims.NotBefore, 0)
return jwt.NewNumericDate(time), nil
}
func (claims AuthClaims) GetIssuer() (string, error) {
return claims.Issuer, nil
}
func (claims AuthClaims) GetSubject() (string, error) {
return claims.Subject, nil
}
func (claims AuthClaims) GetAudience() (jwt.ClaimStrings, error) {
return []string{claims.Subject}, nil
}
func AuthMiddleware(strict bool) gin.HandlerFunc {
conf := config.Config()
return func(c *gin.Context) {
//check for cookie
token, err := c.Cookie("authorization")
if err != nil {
if err == http.ErrNoCookie {
if strict {
c.Redirect(301, "/login")
return
} else {
return
}
} else {
log.WithError(err).Error("Unable to get cookie from browser")
c.AbortWithError(504, err)
return
}
}
claims := &AuthClaims{}
parsedToken, err := jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (any, error) {
return []byte(conf.JwtSecret), nil
})
if err != nil {
if err == jwt.ErrSignatureInvalid {
log.Warn("Redirecting, jwt invalid")
c.Redirect(301, "/login")
return
}
log.WithError(err).Error("Unable to get cookie from browser")
c.AbortWithError(504, err)
return
}
if !parsedToken.Valid {
if strict {
log.Warn("Redirecting, jwt invalid")
c.Redirect(301, "/login")
return
} else {
log.Warn("Jwt is invalid, but auth is not strict")
return
}
}
user, err := mongo.FindUserById(claims.Subject)
if err != nil {
log.WithError(err).Errorf("Unable to get user: %s from DB", claims.Subject)
c.AbortWithError(504, err)
}
if user == nil {
log.Errorf("Unable to find user: %s in DB", claims.Subject)
c.AbortWithError(504, nil)
}
c.Set("UserObj", user)
}
}

9
ui/controllers/controllers.go
View File

@ -3,7 +3,6 @@ package controllers
import ( import (
"git.preston-baxter.com/Preston_PLB/capstone/frontend-service/config" "git.preston-baxter.com/Preston_PLB/capstone/frontend-service/config"
"git.preston-baxter.com/Preston_PLB/capstone/frontend-service/db" "git.preston-baxter.com/Preston_PLB/capstone/frontend-service/db"
"git.preston-baxter.com/Preston_PLB/capstone/frontend-service/middleware"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
@ -25,16 +24,16 @@ func BuildRouter(r *gin.Engine) {
ForceColors: true, ForceColors: true,
}) })
r.GET("/", middleware.AuthMiddleware(false) ,LandingPage) r.GET("/", LandingPage)
r.GET("/login", middleware.AuthMiddleware(false), LoginPage) r.GET("/login", AuthMiddleware(false), LoginPage)
r.GET("/signup", middleware.AuthMiddleware(false), SignUpPage) r.GET("/signup",AuthMiddleware(false), SignUpPage)
r.POST("/login", LoginHandler) r.POST("/login", LoginHandler)
r.POST("/signup", SignUpHandler) r.POST("/signup", SignUpHandler)
r.POST("/logout", LogoutHandler) r.POST("/logout", LogoutHandler)
dashboard := r.Group("/dashboard") dashboard := r.Group("/dashboard")
dashboard.Use(middleware.AuthMiddleware(true)) dashboard.Use(AuthMiddleware(true))
dashboard.GET("/", DashboardPage) dashboard.GET("/", DashboardPage)
} }

34
ui/middleware/auth.go
View File

@ -1,34 +0,0 @@
package middleware
import (
//"git.preston-baxter.com/Preston_PLB/capstone/frontend-service/config"
"github.com/gin-gonic/gin"
)
func AuthMiddleware(strict bool) gin.HandlerFunc {
//conf := config.Config();
return func(c *gin.Context) {
//check for cookie
/*
no cookie:
if strict
route login
else:
continue with nil auth_user
*/
/*
cookie:
validate jwt:
if valid:
set context with auth_user
else:
if strict
route login
else:
continue with nil auth_user
*/
}
}