108 lines
3.0 KiB
Go
108 lines
3.0 KiB
Go
package auth
|
|
|
|
import (
|
|
"encoding/json"
|
|
"log"
|
|
"net/http"
|
|
|
|
"gitea.local/admin/hspguard/internal/repository"
|
|
"gitea.local/admin/hspguard/internal/util"
|
|
"gitea.local/admin/hspguard/internal/web"
|
|
)
|
|
|
|
type LoginParams struct {
|
|
Email string `json:"email"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) {
|
|
var params LoginParams
|
|
|
|
decoder := json.NewDecoder(r.Body)
|
|
if err := decoder.Decode(¶ms); err != nil {
|
|
web.Error(w, "failed to parse request body", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
if params.Email == "" || params.Password == "" {
|
|
web.Error(w, "missing required fields", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
log.Printf("DEBUG: looking for user with following params: %#v\n", params)
|
|
|
|
user, err := h.repo.FindUserEmail(r.Context(), params.Email)
|
|
if err != nil {
|
|
log.Printf("DEBUG: No user found with '%s' email: %v\n", params.Email, err)
|
|
web.Error(w, "email or/and password are incorrect", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
if !util.VerifyPassword(params.Password, user.PasswordHash) {
|
|
log.Printf("DEBUG: Incorrect password '%s' for '%s' email: %v\n", params.Password, params.Email, err)
|
|
web.Error(w, "email or/and password are incorrect", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
access, refresh, err := h.signTokens(&user)
|
|
if err != nil {
|
|
web.Error(w, "failed to generate tokens", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
userAgent := r.UserAgent()
|
|
|
|
ipAddr := util.GetClientIP(r)
|
|
deviceInfo := util.BuildDeviceInfo(userAgent, ipAddr)
|
|
|
|
// Create User Session
|
|
session, err := h.repo.CreateUserSession(r.Context(), repository.CreateUserSessionParams{
|
|
UserID: user.ID,
|
|
SessionType: "user",
|
|
ExpiresAt: &refresh.ExpiresAt,
|
|
LastActive: nil,
|
|
IpAddress: &ipAddr,
|
|
UserAgent: &userAgent,
|
|
AccessTokenID: &access.ID,
|
|
RefreshTokenID: &refresh.ID,
|
|
DeviceInfo: deviceInfo,
|
|
})
|
|
if err != nil {
|
|
log.Printf("ERR: Failed to create user session after logging in: %v\n", err)
|
|
}
|
|
|
|
log.Printf("INFO: User session created for '%s' with '%s' id\n", user.Email, session.ID.String())
|
|
|
|
if err := h.repo.UpdateLastLogin(r.Context(), user.ID); err != nil {
|
|
web.Error(w, "failed to update user's last login", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
encoder := json.NewEncoder(w)
|
|
|
|
type Response struct {
|
|
AccessToken string `json:"access"`
|
|
RefreshToken string `json:"refresh"`
|
|
// fields required for UI in account selector, e.g. email, full name and avatar
|
|
FullName string `json:"full_name"`
|
|
Email string `json:"email"`
|
|
Id string `json:"id"`
|
|
ProfilePicture *string `json:"profile_picture"`
|
|
// Avatar
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
if err := encoder.Encode(Response{
|
|
AccessToken: access.Token,
|
|
RefreshToken: refresh.Token,
|
|
FullName: user.FullName,
|
|
Email: user.Email,
|
|
Id: user.ID.String(),
|
|
ProfilePicture: user.ProfilePicture,
|
|
// Avatar
|
|
}); err != nil {
|
|
web.Error(w, "failed to encode response", http.StatusInternalServerError)
|
|
}
|
|
}
|