From a5393f471f400097c0187298f84e8353b3d73e8c Mon Sep 17 00:00:00 2001 From: Thomas Peetz Date: Thu, 4 Dec 2025 17:23:59 +0100 Subject: [PATCH] fix login functionality --- kontor-api-go/go.mod | 1 + kontor-api-go/go.sum | 2 + kontor-api-go/pkg/handler/auth.go | 36 ++++++++++-------- kontor-api-go/pkg/schema/auth.go | 62 +++++++++++++++++++++++++++++++ kontor-api-go/pkg/utils/auth.go | 8 ++++ kontor-api-go/pkg/utils/token.go | 38 +++++++++++++++++++ 6 files changed, 131 insertions(+), 16 deletions(-) create mode 100644 kontor-api-go/pkg/schema/auth.go create mode 100644 kontor-api-go/pkg/utils/auth.go create mode 100644 kontor-api-go/pkg/utils/token.go diff --git a/kontor-api-go/go.mod b/kontor-api-go/go.mod index 6958a7e..9ed8e1a 100644 --- a/kontor-api-go/go.mod +++ b/kontor-api-go/go.mod @@ -12,6 +12,7 @@ require ( github.com/golang-jwt/jwt/v5 v5.3.0 // indirect github.com/google/uuid v1.6.0 // indirect github.com/jinzhu/inflection v1.0.0 // indirect + github.com/joho/godotenv v1.5.1 // indirect github.com/klauspost/compress v1.18.1 // indirect github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect diff --git a/kontor-api-go/go.sum b/kontor-api-go/go.sum index 33c3839..ed39e3a 100644 --- a/kontor-api-go/go.sum +++ b/kontor-api-go/go.sum @@ -25,6 +25,8 @@ github.com/gorilla/schema v1.4.1 h1:jUg5hUjCSDZpNGLuXQOgIWGdlgrIdYvgQ0wZtdK1M3E= github.com/gorilla/schema v1.4.1/go.mod h1:Dg5SSm5PV60mhF2NFaTV1xuYYj8tV8NOPRo4FggUMnM= github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/klauspost/compress v1.10.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.18.1 h1:bcSGx7UbpBqMChDtsF28Lw6v/G94LPrrbMbdC3JH2co= github.com/klauspost/compress v1.18.1/go.mod h1:ZQFFVG+MdnR0P+l6wpXgIL4NTtwiKIdBnrBd8Nrxr+0= diff --git a/kontor-api-go/pkg/handler/auth.go b/kontor-api-go/pkg/handler/auth.go index 45b913f..b0c9b0b 100644 --- a/kontor-api-go/pkg/handler/auth.go +++ b/kontor-api-go/pkg/handler/auth.go @@ -1,38 +1,42 @@ package handler import ( - "time" + "context" + "kontor-api-go/pkg/schema" + "kontor-api-go/pkg/utils" "github.com/gofiber/fiber/v2" "github.com/golang-jwt/jwt/v5" + "github.com/uptrace/bun" ) func Login(c *fiber.Ctx) error { user := c.FormValue("user") pass := c.FormValue("pass") - // Throws Unauthorized error - if user != "john" || pass != "doe" { + var profile schema.Profile + var err error + var db *bun.DB + ctx := context.Background() + + db, _ = schema.GetDatabase() + err = db.NewSelect().Model(&profile).Where("email = ?", user).Scan(ctx) + if err != nil { + return c.Status(400).JSON(fiber.Map{ + "message": err.Error(), + }) + } + + if !utils.ComparePassword(profile.Password, pass) { return c.SendStatus(fiber.StatusUnauthorized) } - // Create the Claims - claims := jwt.MapClaims{ - "name": "John Doe", - "admin": true, - "exp": time.Now().Add(time.Hour * 72).Unix(), - } - - // Create token - token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) - - // Generate encoded token and send it as response. - t, err := token.SignedString([]byte("secret")) + token, err := utils.GenerateToken(profile) if err != nil { return c.SendStatus(fiber.StatusInternalServerError) } - return c.JSON(fiber.Map{"token": t}) + return c.JSON(fiber.Map{"token": token}) } func Restricted(c *fiber.Ctx) error { diff --git a/kontor-api-go/pkg/schema/auth.go b/kontor-api-go/pkg/schema/auth.go new file mode 100644 index 0000000..0e39f9e --- /dev/null +++ b/kontor-api-go/pkg/schema/auth.go @@ -0,0 +1,62 @@ +package schema + +import ( + "time" + + "github.com/uptrace/bun" +) + +type Profile struct { + bun.BaseModel `bun:"table:profile"` + + ID string `bun:"id,pk"` + CreatedAt time.Time `bun:"created_date,nullzero,notnull,default:current_timestamp"` + UpdatedAt time.Time `bun:"last_modified_date,nullzero,notnull,default:current_timestamp"` + Version int `bun:"version,default:0"` + FirstName string `bun:"first_name"` + LastName string `bun:"last_name"` + UserName string `bun:"user_name,unique:user_name"` + Email string `bun:"email"` + Password string `bun:"password"` + Enabled bool `bun:"enabled"` + Assignments []Assignment `bun:"rel:has-many,join:id=profile_id"` + Tokens []Token `bun:"rel:has-many,join:id=profile_id"` +} + +type Permission struct { + bun.BaseModel `bun:"table:permission"` + + ID string `bun:"id,pk"` + CreatedAt time.Time `bun:"created_date,nullzero,notnull,default:current_timestamp"` + UpdatedAt time.Time `bun:"last_modified_date,nullzero,notnull,default:current_timestamp"` + Version int `bun:"version,default:0"` + Name string `bun:"name,unique:name"` + Assignments []Assignment `bun:"rel:has-many,join:id=permission_id"` +} + +type Token struct { + bun.BaseModel `bun:"table:token"` + + ID string `bun:"id,pk"` + CreatedAt time.Time `bun:"created_date,nullzero,notnull,default:current_timestamp"` + UpdatedAt time.Time `bun:"last_modified_date,nullzero,notnull,default:current_timestamp"` + Version int `bun:"version,default:0"` + Name string `bun:"name,unique:name"` + LastUsedAt time.Time `bun:"last_used_date,nullzero,notnull,default:current_timestamp"` + Enabled bool `bun:"enabled,default:true"` + ProfileID *string `bun:"profile_id"` + Profile *Profile `bun:"rel:belongs-to,join:profile_id=id"` +} + +type Assignment struct { + bun.BaseModel `bun:"table:assignment"` + + ID string `bun:"id,pk"` + CreatedAt time.Time `bun:"created_date,nullzero,notnull,default:current_timestamp"` + UpdatedAt time.Time `bun:"last_modified_date,nullzero,notnull,default:current_timestamp"` + Version int `bun:"version,default:0"` + ProfileID *string `bun:"profile_id"` + Profile *Profile `bun:"rel:belongs-to,join:profile_id=id"` + PermissionID *string `bun:"permission_id"` + Permission *Permission `bun:"rel:belongs-to,join:permission_id=id"` +} diff --git a/kontor-api-go/pkg/utils/auth.go b/kontor-api-go/pkg/utils/auth.go new file mode 100644 index 0000000..11caccc --- /dev/null +++ b/kontor-api-go/pkg/utils/auth.go @@ -0,0 +1,8 @@ +package utils + +import "golang.org/x/crypto/bcrypt" + +func ComparePassword(hashedPassword, password string) bool { + err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password)) + return err == nil +} diff --git a/kontor-api-go/pkg/utils/token.go b/kontor-api-go/pkg/utils/token.go new file mode 100644 index 0000000..5562c66 --- /dev/null +++ b/kontor-api-go/pkg/utils/token.go @@ -0,0 +1,38 @@ +package utils + +import ( + "kontor-api-go/pkg/schema" + "time" + + "github.com/golang-jwt/jwt/v5" +) + +func GenerateToken(user schema.Profile) (string, error) { + // Create the Claims + claims := jwt.MapClaims{ + "name": user.FirstName + ", " + user.LastName, + "admin": true, + "exp": time.Now().Add(time.Hour * 72).Unix(), + } + + // Create token + token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) + + // Generate encoded token and send it as response. + t, err := token.SignedString([]byte("secret")) + if err != nil { + return "", err + } + return t, nil +} + +func VerifyToken(tokenString string) (bool, error) { + token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { + return []byte("secret"), nil + }) + if err != nil { + return false, err + } + + return token.Valid, nil +}