1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package controllers
import (
"encoding/base64"
"net/http"
"github.com/gin-gonic/gin"
"water/api/database"
"errors"
"crypto/rand"
"database/sql"
"water/api/models"
_ "github.com/mattn/go-sqlite3"
"golang.org/x/crypto/bcrypt"
)
func AuthHandler (c *gin.Context) {
username, password, ok := c.Request.BasicAuth()
if !ok {
c.Header("WWW-Authenticate", `Basic realm="Please enter your username and password."`)
c.AbortWithStatus(http.StatusUnauthorized)
return
}
db := database.EstablishDBConnection()
defer func(db *sql.DB) {
err := db.Close()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
}(db)
var user models.User
var preference models.Preference
var size models.Size
row := db.QueryRow("SELECT name, uuid, password, color, size, unit FROM Users u INNER JOIN Preferences p ON p.user_id = u.id INNER JOIN Sizes s ON p.size_id = s.id WHERE u.name = ?", username)
if err := row.Scan(&user.Name, &user.UUID, &user.Password, &preference.Color, &size.Size, &size.Unit); err != nil {
if errors.Is(err, sql.ErrNoRows) {
c.AbortWithStatus(http.StatusUnauthorized)
return
}
}
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
c.AbortWithStatus(http.StatusUnauthorized)
return
}
preference.Size = size
// Generate a simple API token
apiToken := generateToken()
c.JSON(http.StatusOK, gin.H{"token": apiToken, "user": user, "preferences": preference})
}
// generatToken will g
func generateToken() string {
token := make([]byte, 32)
_, err := rand.Read(token)
if err != nil {
return ""
}
return base64.StdEncoding.EncodeToString(token)
}
|
