auth middlewear
This commit is contained in:
parent
eeb3b81405
commit
969d6dca0b
GPG key ID:
CACB010F463A77D0
4 changed files with 99 additions and 48 deletions
62
gargoyle.go
62
gargoyle.go
|
|
@ -2,7 +2,7 @@ package main
|
|||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/pquerna/otp/totp"
|
||||
"github.com/google/uuid"
|
||||
"gorm.io/driver/sqlite"
|
||||
"gorm.io/gorm"
|
||||
)
|
||||
|
|
@ -15,7 +15,7 @@ type User struct {
|
|||
gorm.Model
|
||||
Secret string
|
||||
Username string `gorm:"uniqueIndex"`
|
||||
Email string
|
||||
Token uuid.UUID
|
||||
}
|
||||
|
||||
func init() {
|
||||
|
|
@ -29,55 +29,21 @@ func init() {
|
|||
|
||||
func main() {
|
||||
r := gin.Default()
|
||||
r.GET("/ping", func(c *gin.Context) {
|
||||
c.String(200, "format string, values ...any")
|
||||
})
|
||||
r.POST("/signup", signup)
|
||||
r.POST("/login", login)
|
||||
r.Run() // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")}
|
||||
r.Use(check_auth)
|
||||
r.GET("/api/signup", signup)
|
||||
r.GET("/api/login", login)
|
||||
r.GET("/api/reset", reset_token)
|
||||
r.GET("/", show)
|
||||
r.Run() // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")
|
||||
}
|
||||
|
||||
type Signup struct {
|
||||
Username string `form:"username"`
|
||||
Email string `form:"email"`
|
||||
}
|
||||
func show(c *gin.Context) {
|
||||
auth := c.MustGet("authorized").(bool)
|
||||
|
||||
func signup(c *gin.Context) {
|
||||
var s Signup
|
||||
c.Bind(&s)
|
||||
|
||||
key, err := totp.Generate(totp.GenerateOpts{AccountName: s.Username, Issuer: "me"})
|
||||
if err != nil {
|
||||
c.Status(502)
|
||||
return
|
||||
}
|
||||
|
||||
var user User
|
||||
user.Email = s.Email
|
||||
user.Username = s.Username
|
||||
user.Secret = key.Secret()
|
||||
db.Create(&user)
|
||||
|
||||
c.String(200, "%s", key.Secret())
|
||||
}
|
||||
|
||||
type Login struct {
|
||||
Username string `form:"username"`
|
||||
Code string `form:"code"`
|
||||
}
|
||||
|
||||
func login(c *gin.Context) {
|
||||
var login Login
|
||||
var user User
|
||||
c.Bind(&login)
|
||||
if err := db.Where("username = ?", login.Username).First(&user).Error; err != nil {
|
||||
c.String(404, "something went wrong")
|
||||
return
|
||||
}
|
||||
correct := totp.Validate(login.Code, user.Secret)
|
||||
if correct {
|
||||
c.String(200, "success!")
|
||||
if auth {
|
||||
user := c.MustGet("user").(User)
|
||||
c.String(200, "%s", user)
|
||||
} else {
|
||||
c.String(404, "something went wrong")
|
||||
c.String(200, "not logged in")
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue