package handlers import ( "net/http" "adam-french.co.uk/backend/models" "github.com/gin-gonic/gin" "golang.org/x/crypto/bcrypt" ) func (store *Store) AuthMiddlewear(ctx *gin.Context) { access_token, err := ctx.Cookie("access_token") if err != nil { ctx.AbortWithStatusJSON(401, gin.H{"error": "unauthorized"}) return } claims, err := store.Auth.VerifyJWT(access_token) if err != nil { ctx.AbortWithStatusJSON(401, gin.H{"error": err.Error()}) return } // store claims in Gin context ctx.Set("userClaims", claims) ctx.Next() } func (store *Store) CheckToken(ctx *gin.Context) { access_token, err := ctx.Cookie("access_token") if err != nil { ctx.JSON(401, gin.H{"error": "unauthorized"}) return } claims, err := store.Auth.VerifyJWT(access_token) if err != nil { ctx.JSON(401, gin.H{"error": err.Error()}) return } ctx.JSON(http.StatusOK, gin.H{"data": gin.H{ "id": (*claims)["id"], "username": (*claims)["username"], "admin": (*claims)["admin"], }}) } func (store *Store) RefreshToken(ctx *gin.Context) { refreshToken, err := ctx.Cookie("refresh_token") if err != nil { ctx.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()}) return } claims, err := store.Auth.VerifyJWT(refreshToken) if err != nil { ctx.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()}) } userId, ok := (*claims)["id"].(uint) if !ok { ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid token claims"}) return } user := models.User{} tx := store.DB.First(&user, userId) if tx.Error != nil { ctx.JSON(http.StatusNotFound, gin.H{"error": tx.Error.Error()}) return } tokens, err := store.Auth.GenerateJWT(&user) if err != nil { ctx.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) return } ctx.SetCookie( "access_token", tokens.AccessToken, int(store.Auth.Config.AccessTokenLifetime.Seconds()), store.Auth.Config.Endpoint, store.Auth.Config.Domain, true, true, ) ctx.SetCookie( "refresh_token", tokens.RefreshToken, int(store.Auth.Config.RefreshTokenLifetime.Seconds()), store.Auth.Config.Endpoint, store.Auth.Config.Domain, true, true, ) ctx.JSON(http.StatusAccepted, gin.H{"data": user}) } func (store *Store) Login(ctx *gin.Context) { var input UserCredentials if err := ctx.ShouldBindBodyWithJSON(&input); err != nil { ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return } user := models.User{Username: input.Username} if err := store.DB.Where("username = ?", input.Username).First(&user).Error; err != nil { ctx.JSON(http.StatusNotFound, gin.H{"error": err.Error()}) return } if err := bcrypt.CompareHashAndPassword(user.Password, []byte(input.Password)); err != nil { ctx.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()}) return } // Generate JWT token tokens, err := store.Auth.GenerateJWT(&user) if err != nil { ctx.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) return } ctx.SetCookie( "access_token", tokens.AccessToken, int(store.Auth.Config.AccessTokenLifetime.Seconds()), store.Auth.Config.Endpoint, store.Auth.Config.Domain, true, true, ) ctx.SetCookie( "refresh_token", tokens.RefreshToken, int(store.Auth.Config.RefreshTokenLifetime.Seconds()), store.Auth.Config.Endpoint, store.Auth.Config.Domain, true, true, ) ctx.JSON(http.StatusAccepted, gin.H{"data": user}) }