59 lines
1.3 KiB
Go
59 lines
1.3 KiB
Go
package auth
|
|
|
|
import (
|
|
"errors"
|
|
"time"
|
|
|
|
"git.tek.govt.hu/dowerx/szoe-pontok/config"
|
|
"git.tek.govt.hu/dowerx/szoe-pontok/database"
|
|
"git.tek.govt.hu/dowerx/szoe-pontok/model"
|
|
"golang.org/x/crypto/bcrypt"
|
|
"golang.org/x/exp/rand"
|
|
)
|
|
|
|
func generateToken(length int) string {
|
|
validRunes := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789")
|
|
token := make([]rune, length)
|
|
for i := range token {
|
|
token[i] = validRunes[rand.Intn(len(validRunes))]
|
|
}
|
|
return string(token)
|
|
}
|
|
|
|
func Login(user model.User) (string, error) {
|
|
db := database.GetDB()
|
|
|
|
rows, err := db.NamedQuery(`select "password" from "user" where "neptun" = :neptun and "email" = :email`,
|
|
map[string]interface{}{
|
|
"neptun": user.Neptun,
|
|
"email": user.Email,
|
|
})
|
|
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
if !rows.Next() {
|
|
return "", errors.New("no such user")
|
|
}
|
|
|
|
var hash string
|
|
if err = rows.Scan(&hash); err != nil {
|
|
return "", err
|
|
}
|
|
|
|
if bcrypt.CompareHashAndPassword([]byte(hash), []byte(user.Password)) != nil {
|
|
return "", errors.New("wrong password")
|
|
}
|
|
|
|
token := generateToken(32)
|
|
|
|
rdb, ctx := database.GetRDB()
|
|
result := rdb.Set(ctx, token, user.Neptun, time.Duration(config.GetConfig().API.TokenLife)*time.Second)
|
|
if result.Err() != nil {
|
|
return "", result.Err()
|
|
}
|
|
|
|
return token, nil
|
|
}
|