#73 add sign up with session cookie
All checks were successful
Build Docker Image / Explore-Gitea-Actions (push) Successful in 47s
All checks were successful
Build Docker Image / Explore-Gitea-Actions (push) Successful in 47s
This commit is contained in:
Tim
120
service/auth.go
120
service/auth.go
@@ -3,6 +3,7 @@ package service
|
||||
import (
|
||||
"crypto/rand"
|
||||
"database/sql"
|
||||
"encoding/base64"
|
||||
"log"
|
||||
"net/http"
|
||||
"net/mail"
|
||||
@@ -25,57 +26,14 @@ func SignUpPage(w http.ResponseWriter, r *http.Request) {
|
||||
template.Layout(signIn).Render(r.Context(), w)
|
||||
}
|
||||
|
||||
func SignUp(db *sql.DB) http.HandlerFunc {
|
||||
func UserInfoComp(db *sql.DB) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
//TODO
|
||||
}
|
||||
}
|
||||
|
||||
// var (
|
||||
// metricsAuthSignUp = promauto.NewCounterVec(
|
||||
// prometheus.CounterOpts{
|
||||
// Name: "mefit_api_auth_signup_total",
|
||||
// Help: "The total number of auth signup api requests processed",
|
||||
// },
|
||||
// []string{"result"},
|
||||
// )
|
||||
//
|
||||
// metricsError = promauto.NewCounterVec(
|
||||
// prometheus.CounterOpts{
|
||||
// Name: "mefit_api_error_total",
|
||||
// Help: "The total number of errors",
|
||||
// },
|
||||
// []string{"result"},
|
||||
// )
|
||||
//
|
||||
// // metricsAuthSignIn = promauto.NewCounterVec(
|
||||
// // prometheus.CounterOpts{
|
||||
// // Name: "mefit_api_auth_signin_total",
|
||||
// // },
|
||||
// // []string{"result"},
|
||||
// // )
|
||||
//
|
||||
// privateKey = func() *ecdsa.PrivateKey {
|
||||
// keyBase64 := os.Getenv("PRIVATE_KEY")
|
||||
// if keyBase64 == "" {
|
||||
// log.Fatal("PRIVATE_KEY not defined")
|
||||
// }
|
||||
// keyData, err := base64.StdEncoding.DecodeString(keyBase64)
|
||||
// if err != nil {
|
||||
// log.Fatalf("Could not decode private key: %v", err)
|
||||
// }
|
||||
// key, err := x509.ParseECPrivateKey(keyData)
|
||||
// if err != nil {
|
||||
// log.Fatalf("Could not parse private key: %v", err)
|
||||
// }
|
||||
// log.Println("Successfully imported private key")
|
||||
// return key
|
||||
// }()
|
||||
// )
|
||||
|
||||
func PostSignup(db *sql.DB) http.HandlerFunc {
|
||||
func SignUp(db *sql.DB) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
var email = r.FormValue("email")
|
||||
var password = r.FormValue("password")
|
||||
|
||||
@@ -104,12 +62,12 @@ func PostSignup(db *sql.DB) http.HandlerFunc {
|
||||
salt := make([]byte, 16)
|
||||
rand.Read(salt)
|
||||
|
||||
hash := argon2.IDKey([]byte(password), salt, 1, 64*1024, 1, 16)
|
||||
hash := getHashPassword(password, salt)
|
||||
|
||||
_, err = db.Exec("INSERT INTO user (user_uuid, email, email_verified, is_admin, password, salt, created_at) VALUES (?, ?, FALSE, FALSE, ?, ?, datetime())", user_uuid, email, hash, salt)
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "email") {
|
||||
http.Error(w, "Email already exists", http.StatusBadRequest)
|
||||
http.Error(w, "Bad Request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -118,7 +76,71 @@ func PostSignup(db *sql.DB) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
result := tryCreateSessionAndSetCookie(r, w, db, user_uuid)
|
||||
if !result {
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
// w.Write([]byte(token))
|
||||
}
|
||||
}
|
||||
|
||||
// var (
|
||||
// metricsAuthSignUp = promauto.NewCounterVec(
|
||||
// prometheus.CounterOpts{
|
||||
// Name: "mefit_api_auth_signup_total",
|
||||
// Help: "The total number of auth signup api requests processed",
|
||||
// },
|
||||
// []string{"result"},
|
||||
// )
|
||||
//
|
||||
// metricsError = promauto.NewCounterVec(
|
||||
// prometheus.CounterOpts{
|
||||
// Name: "mefit_api_error_total",
|
||||
// Help: "The total number of errors",
|
||||
// },
|
||||
// []string{"result"},
|
||||
// )
|
||||
//
|
||||
// // metricsAuthSignIn = promauto.NewCounterVec(
|
||||
// // prometheus.CounterOpts{
|
||||
// // Name: "mefit_api_auth_signin_total",
|
||||
// // },
|
||||
// // []string{"result"},
|
||||
// // )
|
||||
// )
|
||||
|
||||
func tryCreateSessionAndSetCookie(r *http.Request, w http.ResponseWriter, db *sql.DB, user_uuid uuid.UUID) bool {
|
||||
var session_id_bytes []byte = make([]byte, 32)
|
||||
_, err := rand.Reader.Read(session_id_bytes)
|
||||
if err != nil {
|
||||
log.Printf("Could not generate session ID: %v", err)
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
session_id := base64.StdEncoding.EncodeToString(session_id_bytes)
|
||||
|
||||
_, err = db.Exec("INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime())", session_id, user_uuid)
|
||||
if err != nil {
|
||||
log.Printf("Could not insert session: %v", err)
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
cookie := http.Cookie{
|
||||
Name: "id",
|
||||
Value: session_id,
|
||||
MaxAge: 60 * 60 * 8, // 8 hours
|
||||
Secure: true,
|
||||
HttpOnly: true,
|
||||
SameSite: http.SameSiteStrictMode,
|
||||
Path: "/",
|
||||
}
|
||||
http.SetCookie(w, &cookie)
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func getHashPassword(password string, salt []byte) []byte {
|
||||
return argon2.IDKey([]byte(password), salt, 1, 64*1024, 1, 16)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user