From ab0d8dea8b825889afc2c87d9fa570acb5a449ef Mon Sep 17 00:00:00 2001 From: smavros Date: Sat, 18 May 2019 18:54:58 +0200 Subject: [PATCH] Work in progress: /authenticate endpoint handler --- go.mod | 1 + go.sum | 2 ++ routes/user/userEndpoints.go | 58 ++++++++++++++++++++++++++++++++++++ start.go | 6 ++-- 4 files changed, 65 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 2887ab2..af15572 100644 --- a/go.mod +++ b/go.mod @@ -2,6 +2,7 @@ module git.rwth-aachen.de/acs/public/villas/villasweb-backend-go require ( github.com/denisenkom/go-mssqldb v0.0.0-20190401154936-ce35bd87d4b3 // indirect + github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 // indirect github.com/gin-contrib/sse v0.0.0-20190301062529-5545eab6dad3 // indirect github.com/gin-gonic/gin v1.3.0 diff --git a/go.sum b/go.sum index 51d48d0..552585e 100644 --- a/go.sum +++ b/go.sum @@ -20,6 +20,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/denisenkom/go-mssqldb v0.0.0-20190401154936-ce35bd87d4b3 h1:3mNLx0iFqaq/Ssxqkjte26072KMu96uz1VBlbiZhQU4= github.com/denisenkom/go-mssqldb v0.0.0-20190401154936-ce35bd87d4b3/go.mod h1:EcO5fNtMZHCMjAvj8LE6T+5bphSdR6LQ75n+m1TtsFI= +github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= diff --git a/routes/user/userEndpoints.go b/routes/user/userEndpoints.go index b28235d..8e262a1 100644 --- a/routes/user/userEndpoints.go +++ b/routes/user/userEndpoints.go @@ -1,11 +1,20 @@ package user import ( + "git.rwth-aachen.de/acs/public/villas/villasweb-backend-go/common" "github.com/gin-gonic/gin" "net/http" ) +type Credentials struct { + Username string `form:"Username"` + Password string `form:"Password"` + Role string `form:"Role"` + Mail string `form:"Mail"` +} + func UsersRegister(r *gin.RouterGroup) { + r.POST("/authenticate", authenticationEp) r.GET("/", usersReadEp) r.POST("/", userRegistrationEp) r.PUT("/:UserID", userUpdateEp) @@ -14,6 +23,48 @@ func UsersRegister(r *gin.RouterGroup) { //r.GET("/me", userSelfEp) // TODO: this conflicts with GET /:userID } +func authenticationEp(c *gin.Context) { + + // Bind the response (context) with the Credentials struct + var userLogin Credentials + err := c.BindJSON(&userLogin) + if err != nil { + panic(err) + } + + // Check if the Username or Password are empty + if userLogin.Username == "" || userLogin.Password == "" { + c.JSON(http.StatusUnauthorized, gin.H{ + "success": false, + "message": "Invalid credentials", + }) + return + } + + // Find the username in the database + db := common.GetDB() + var user common.User + err = db.Find(&user, "Username = ?", userLogin.Username).Error + if err != nil { + c.JSON(http.StatusNotFound, gin.H{ + "success": false, + "message": "User not found", + }) + return + } + + // TODO: Validate password + + // TODO: generate jwt + + c.JSON(http.StatusOK, gin.H{ + "success": true, + "message": "Authenticated", + "token": "NOT yet implemented", + "Original request": userLogin, // TODO: remove that + }) +} + func usersReadEp(c *gin.Context) { allUsers, _, _ := FindAllUsers() serializer := UsersSerializer{c, allUsers} @@ -23,6 +74,13 @@ func usersReadEp(c *gin.Context) { } func userRegistrationEp(c *gin.Context) { + //// dummy TODO: check in the middleware if the user is authorized + //authorized := false + //// TODO: move this redirect in the authentication middleware + //if !authorized { + //c.Redirect(http.StatusSeeOther, "/authenticate") + //return + //} c.JSON(http.StatusOK, gin.H{ "message": "NOT implemented", }) diff --git a/start.go b/start.go index da938f8..9d3cec7 100644 --- a/start.go +++ b/start.go @@ -15,16 +15,18 @@ import ( func main() { // Testing - db := common.InitDB() + db := common.DummyInitDB() common.MigrateModels(db) defer db.Close() + common.DummyPopulateDB(db) + r := gin.Default() api := r.Group("/api/v1") // All endpoints require authentication TODO: except /authenticate - api.Use(user.Authentication(true)) + //api.Use(user.Authentication(false)) user.UsersRegister(api.Group("/users")) file.FilesRegister(api.Group("/files"))