diff --git a/internal/auth/login.go b/internal/auth/login.go index 6c9d772..631a63e 100644 --- a/internal/auth/login.go +++ b/internal/auth/login.go @@ -2,15 +2,12 @@ package auth import ( "encoding/json" - "fmt" "log" "net/http" "gitea.local/admin/hspguard/internal/repository" - "gitea.local/admin/hspguard/internal/types" "gitea.local/admin/hspguard/internal/util" "gitea.local/admin/hspguard/internal/web" - "github.com/avct/uasurfer" ) type LoginParams struct { @@ -36,12 +33,14 @@ func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) { user, err := h.repo.FindUserEmail(r.Context(), params.Email) if err != nil { - web.Error(w, "user with provided email does not exists", http.StatusBadRequest) + log.Printf("DEBUG: No user found with '%s' email: %v\n", params.Email, err) + web.Error(w, "email or/and password are incorrect", http.StatusBadRequest) return } if !util.VerifyPassword(params.Password, user.PasswordHash) { - web.Error(w, "username or/and password are incorrect", http.StatusBadRequest) + log.Printf("DEBUG: Incorrect password '%s' for '%s' email: %v\n", params.Password, params.Email, err) + web.Error(w, "email or/and password are incorrect", http.StatusBadRequest) return } @@ -53,29 +52,8 @@ func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) { userAgent := r.UserAgent() - var deviceInfo types.DeviceInfo - - parsed := uasurfer.Parse(userAgent) - - deviceInfo.Browser = parsed.Browser.Name.StringTrimPrefix() - deviceInfo.BrowserVersion = fmt.Sprintf("%d.%d.%d", parsed.Browser.Version.Major, parsed.Browser.Version.Minor, parsed.Browser.Version.Patch) - deviceInfo.DeviceName = fmt.Sprintf("%s %s", parsed.OS.Platform.StringTrimPrefix(), parsed.OS.Name.StringTrimPrefix()) - deviceInfo.DeviceType = parsed.DeviceType.StringTrimPrefix() - deviceInfo.OS = parsed.OS.Platform.StringTrimPrefix() - deviceInfo.OSVersion = fmt.Sprintf("%d.%d.%d", parsed.OS.Version.Major, parsed.OS.Version.Minor, parsed.OS.Version.Patch) - deviceInfo.UserAgent = userAgent - - if location, err := util.GetLocation(r.RemoteAddr); err != nil { - log.Printf("WARN: Failed to get location from ip (%s): %v\n", r.RemoteAddr, err) - } else { - deviceInfo.Location = fmt.Sprintf("%s, %s, %s", location.Country, location.Region, location.City) - } - - serialized, err := json.Marshal(deviceInfo) - if err != nil { - log.Printf("ERR: Failed to serialize device info: %v\n", err) - serialized = []byte{'{', '}'} - } + ipAddr := util.GetClientIP(r) + deviceInfo := util.BuildDeviceInfo(userAgent, ipAddr) // Create User Session session, err := h.repo.CreateUserSession(r.Context(), repository.CreateUserSessionParams{ @@ -83,17 +61,17 @@ func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) { SessionType: "user", ExpiresAt: &refresh.ExpiresAt, LastActive: nil, - IpAddress: &r.RemoteAddr, + IpAddress: &ipAddr, UserAgent: &userAgent, AccessTokenID: &access.ID, RefreshTokenID: &refresh.ID, - DeviceInfo: serialized, + DeviceInfo: deviceInfo, }) if err != nil { - log.Printf("ERR: Failedd to create user session after logging in: %v\n", err) + log.Printf("ERR: Failed to create user session after logging in: %v\n", err) } - log.Printf("INFO: User session created for '%s': %#v\n", user.Email, session) + log.Printf("INFO: User session created for '%s' with '%s' id\n", user.Email, session.ID.String()) if err := h.repo.UpdateLastLogin(r.Context(), user.ID); err != nil { web.Error(w, "failed to update user's last login", http.StatusInternalServerError)