1 files changed, 66 insertions, 0 deletions
diff --git a/api/internal/controllers/auth.go b/api/internal/controllers/auth.go
new file mode 100644
index 0000000..744a884
--- /dev/null
+++ b/api/internal/controllers/auth.go
@@ -0,0 +1,66 @@
+package controllers
+import (
+        "encoding/base64"
+        "net/http"
+        "github.com/gin-gonic/gin"
+        "water/api/database"
+        "errors"
+        "crypto/rand"
+        "database/sql"
+        
+        "water/api/models"
+        _ "github.com/mattn/go-sqlite3"
+        "golang.org/x/crypto/bcrypt"
+)
+func AuthHandler (c *gin.Context) {
+        username, password, ok := c.Request.BasicAuth()
+        if !ok {
+                c.Header("WWW-Authenticate", `Basic realm="Please enter your username and password."`)
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+        db := database.EstablishDBConnection()
+        defer func(db *sql.DB) {
+                err := db.Close()
+                if err != nil {
+                        c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+                        return
+                }
+        }(db)
+        var user models.User
+        var preference models.Preference
+        var size models.Size
+        row := db.QueryRow("SELECT name, uuid, password, color, size, unit FROM Users u INNER JOIN Preferences p ON p.user_id = u.id INNER JOIN Sizes s ON p.size_id = s.id WHERE u.name = ?", username)
+        if err := row.Scan(&user.Name, &user.UUID, &user.Password, &preference.Color, &size.Size, &size.Unit); err != nil {
+                if errors.Is(err, sql.ErrNoRows) {
+                        c.AbortWithStatus(http.StatusUnauthorized)
+                        return
+                }
+        }
+        if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+        preference.Size = size
+        // Generate a simple API token
+        apiToken := generateToken()
+        c.JSON(http.StatusOK, gin.H{"token": apiToken, "user": user, "preferences": preference})
+}
+// generatToken will g
+func generateToken() string {
+        token := make([]byte, 32)
+        _, err := rand.Read(token)
+        if err != nil {
+                return ""
+        }
+        return base64.StdEncoding.EncodeToString(token)
+}
+\ No newline at end of file

diff --git a/api/internal/controllers/auth.go b/api/internal/controllers/auth.go new file mode 100644 index 0000000..744a884 --- /dev/null +++ b/api/internal/controllers/auth.go
@@ -0,0 +1,66 @@
	1	package controllers
	2
	3	import (
	4	"encoding/base64"
	5	"net/http"
	6	"github.com/gin-gonic/gin"
	7	"water/api/database"
	8	"errors"
	9	"crypto/rand"
	10	"database/sql"
	11
	12	"water/api/models"
	13	_ "github.com/mattn/go-sqlite3"
	14	"golang.org/x/crypto/bcrypt"
	15	)
	16
	17	func AuthHandler (c *gin.Context) {
	18	username, password, ok := c.Request.BasicAuth()
	19	if !ok {
	20	c.Header("WWW-Authenticate", `Basic realm="Please enter your username and password."`)
	21	c.AbortWithStatus(http.StatusUnauthorized)
	22	return
	23	}
	24
	25	db := database.EstablishDBConnection()
	26	defer func(db *sql.DB) {
	27	err := db.Close()
	28	if err != nil {
	29	c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
	30	return
	31	}
	32	}(db)
	33
	34	var user models.User
	35	var preference models.Preference
	36	var size models.Size
	37
	38	row := db.QueryRow("SELECT name, uuid, password, color, size, unit FROM Users u INNER JOIN Preferences p ON p.user_id = u.id INNER JOIN Sizes s ON p.size_id = s.id WHERE u.name = ?", username)
	39	if err := row.Scan(&user.Name, &user.UUID, &user.Password, &preference.Color, &size.Size, &size.Unit); err != nil {
	40	if errors.Is(err, sql.ErrNoRows) {
	41	c.AbortWithStatus(http.StatusUnauthorized)
	42	return
	43	}
	44	}
	45
	46	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
	47	c.AbortWithStatus(http.StatusUnauthorized)
	48	return
	49	}
	50
	51	preference.Size = size
	52
	53	// Generate a simple API token
	54	apiToken := generateToken()
	55	c.JSON(http.StatusOK, gin.H{"token": apiToken, "user": user, "preferences": preference})
	56	}
	57
	58	// generatToken will g
	59	func generateToken() string {
	60	token := make([]byte, 32)
	61	_, err := rand.Read(token)
	62	if err != nil {
	63	return ""
	64	}
	65	return base64.StdEncoding.EncodeToString(token)
	66	} \ No newline at end of file