RestApiv2/internal/restserver/usermidleware.go

package restserver

import (
	"context"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"os"
	"time"

	"git.ukamnya.ru/stulyaganov/RestApiv2/internal/bd/model"
	"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/jwt"
	"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/password"
	"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/validator"
)

func (r *RestServer) chekUserRegistr(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, res *http.Request) {
		w.Header().Set("Access-Control-Allow-Origin", "*")
		w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
		w.Header().Set("Content-Type", "application/json")
		users := &model.User{}
		valid := validator.NewValidator(8, 32, 1)
		err := json.NewDecoder(res.Body).Decode(users)
		if err != nil {
			r.logger.Error(err)
			w.WriteHeader(http.StatusBadRequest)
			io.WriteString(w, `{"data":"Что-то пошло не так"}`)
			return
		}
		user, err := r.db.User().FindByLogin(users.Login)
		if err != nil {
			r.logger.Error(err)
		}
		if user.Login != "" {
			io.WriteString(w, `{"data":"Такой Логин уже занят попробуйте придумать другой"}`)
			return
		}
		user, err = r.db.User().FindByEmail(users.Email)
		if err != nil {
			r.logger.Error(err)
			return
		}
		if user.Email != "" {
			io.WriteString(w, `{"data":"Такой email уже используется другим пользователем"}`)
			return
		}
		_, err = valid.CheckValid(users.Password)
		if err != nil {
			io.WriteString(w, fmt.Sprintf(`{"data":"%s"}`, err))
			return
		}
		users.PermisionLVL = defaultPermLvl
		// jwtToken, _ := jwt.GenerateTokens(*users)

		// cookie := http.Cookie{
		// 	Name:     "refreshToken",
		// 	Value:    jwtToken.RefreshToken,
		// 	Expires:  time.Now().Add(time.Hour * 24 * 360),
		// 	HttpOnly: true,
		// }
		// http.SetCookie(w, &cookie)
		// users.AccesToken = jwtToken.AccesToken
		// users.RefreshToken = jwtToken.RefreshToken
		next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))
	}
}

func (r *RestServer) chekUserLogin(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, res *http.Request) {
		users := &model.User{}
		err := json.NewDecoder(res.Body).Decode(users)
		if err != nil {
			r.logger.Error(err)
			w.WriteHeader(http.StatusUnauthorized)
			io.WriteString(w, `{"data":"Что-то пошло не так"}`)
			return
		}
		user, err := r.db.User().FindByLoginPas(users.Login)
		if err != nil {
			r.logger.Error(err)
			w.WriteHeader(http.StatusUnauthorized)
			io.WriteString(w, `{"data":"Что-то пошло не так"}`)
			return
		}
		if user.Login == "" {
			w.WriteHeader(http.StatusUnauthorized)
			io.WriteString(w, `{"data":"Неверный логин или пароль"}`)
			return
		}
		checkPass := password.CheckValid(users.Password, user.Password)
		if !checkPass {
			w.WriteHeader(http.StatusUnauthorized)
			io.WriteString(w, `{"data":"Неверный логин или пароль"}`)
			return
		}
		jwtToken, _ := jwt.GenerateTokens(*user)
		Reftoken, err := r.db.Token().FindByLogin(users.Login)
		if err != nil {
			w.WriteHeader(http.StatusBadRequest)
			io.WriteString(w, `{"data":"Что-то пошло не так "}`)
			return
		}
		if *Reftoken != "" {
			jwtToken.RefreshToken = *Reftoken
		} else {
			r.db.Token().Create(users.Login, jwtToken.RefreshToken)
		}
		cookie := http.Cookie{
			Name:     "refreshToken",
			Value:    jwtToken.RefreshToken,
			Path:     "/",
			SameSite: http.SameSiteDefaultMode,
			Expires:  time.Now().Add(time.Hour * 24 * 360),
			HttpOnly: true,
		}
		http.SetCookie(w, &cookie)
		users.AccesToken = jwtToken.AccesToken
		users.PermisionLVL = user.PermisionLVL
		users.Email = user.Email
		next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))
	}
}

func (r *RestServer) chekUserLogout(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, res *http.Request) {
		checkCookie, err := res.Cookie("refreshToken")
		if err != nil {
			r.logger.Error(err)
		} else {
			if checkCookie.Value != "" {
				login, _ := r.db.Token().FindByToken(checkCookie.Value)
				if *login != "" {
					r.db.Token().DeleteByLogin(*login)
				}
				cookie := http.Cookie{
					Name:     "refreshToken",
					Value:    "",
					MaxAge:   -1,
					Path:     "/",
					HttpOnly: true,
				}
				http.SetCookie(w, &cookie)
			}
		}

		next(w, res)
	}
}

func (r *RestServer) checkUserRefresh(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, res *http.Request) {
		users := &model.User{}
		checkCookie, err := res.Cookie("refreshToken")
		if err != nil {
			r.logger.Error(err)
			w.WriteHeader(http.StatusUnauthorized)
			return
		}
		chekToken, err := jwt.ValidateToken(checkCookie.Value, []byte(os.Getenv("JWT_SECRET_KEY_REFRESH")))
		if err != nil {
			r.logger.Error(err)
			w.WriteHeader(http.StatusUnauthorized)
			return
		}
		login, err := r.db.Token().FindByToken(checkCookie.Value)
		if err != nil {
			r.logger.Error(err)
			w.WriteHeader(http.StatusUnauthorized)
			return
		}
		if *login != "" && chekToken {
			userdb, _ := r.db.User().FindByLoginPas(*login)
			jwtToken, _ := jwt.GenerateTokens(*userdb)
			users.Login = userdb.Login
			users.AccesToken = jwtToken.AccesToken
			users.PermisionLVL = userdb.PermisionLVL
			users.Email = userdb.Email
			next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))
		}
	}
}
add register user 2023-04-14 17:35:25 +03:00			`package restserver`

			`import (`
			`"context"`
			`"encoding/json"`
			`"fmt"`
			`"io"`
			`"net/http"`
add jwt authentication, and fix cours for next js 2023-05-02 11:02:06 +03:00			`"os"`
			`"time"`
add register user 2023-04-14 17:35:25 +03:00
			`"git.ukamnya.ru/stulyaganov/RestApiv2/internal/bd/model"`
add jwt authentication, and fix cours for next js 2023-05-02 11:02:06 +03:00			`"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/jwt"`
			`"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/password"`
add register user 2023-04-14 17:35:25 +03:00			`"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/validator"`
			`)`

			`func (r *RestServer) chekUserRegistr(next http.HandlerFunc) http.HandlerFunc {`
			`return func(w http.ResponseWriter, res *http.Request) {`
			`w.Header().Set("Access-Control-Allow-Origin", "*")`
			`w.Header().Set("Access-Control-Allow-Headers", "Content-Type")`
			`w.Header().Set("Content-Type", "application/json")`
			`users := &model.User{}`
			`valid := validator.NewValidator(8, 32, 1)`
			`err := json.NewDecoder(res.Body).Decode(users)`
			`if err != nil {`
			`r.logger.Error(err)`
add jwt authentication, and fix cours for next js 2023-05-02 11:02:06 +03:00			`w.WriteHeader(http.StatusBadRequest)`
			io.WriteString(w, `{"data":"Что-то пошло не так"}`)
			`return`
add register user 2023-04-14 17:35:25 +03:00			`}`
			`user, err := r.db.User().FindByLogin(users.Login)`
			`if err != nil {`
			`r.logger.Error(err)`
			`}`
			`if user.Login != "" {`
			io.WriteString(w, `{"data":"Такой Логин уже занят попробуйте придумать другой"}`)
			`return`
			`}`
			`user, err = r.db.User().FindByEmail(users.Email)`
			`if err != nil {`
			`r.logger.Error(err)`
			`return`
			`}`
			`if user.Email != "" {`
			io.WriteString(w, `{"data":"Такой email уже используется другим пользователем"}`)
			`return`
			`}`
			`_, err = valid.CheckValid(users.Password)`
			`if err != nil {`
			io.WriteString(w, fmt.Sprintf(`{"data":"%s"}`, err))
			`return`
			`}`
add jwt authentication, and fix cours for next js 2023-05-02 11:02:06 +03:00			`users.PermisionLVL = defaultPermLvl`
			`// jwtToken, _ := jwt.GenerateTokens(*users)`

			`// cookie := http.Cookie{`
			`// Name: "refreshToken",`
			`// Value: jwtToken.RefreshToken,`
			`// Expires: time.Now().Add(time.Hour * 24 * 360),`
			`// HttpOnly: true,`
			`// }`
			`// http.SetCookie(w, &cookie)`
			`// users.AccesToken = jwtToken.AccesToken`
			`// users.RefreshToken = jwtToken.RefreshToken`
			`next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))`
			`}`
			`}`

			`func (r *RestServer) chekUserLogin(next http.HandlerFunc) http.HandlerFunc {`
			`return func(w http.ResponseWriter, res *http.Request) {`
			`users := &model.User{}`
			`err := json.NewDecoder(res.Body).Decode(users)`
			`if err != nil {`
			`r.logger.Error(err)`
			`w.WriteHeader(http.StatusUnauthorized)`
			io.WriteString(w, `{"data":"Что-то пошло не так"}`)
			`return`
			`}`
			`user, err := r.db.User().FindByLoginPas(users.Login)`
			`if err != nil {`
			`r.logger.Error(err)`
			`w.WriteHeader(http.StatusUnauthorized)`
			io.WriteString(w, `{"data":"Что-то пошло не так"}`)
			`return`
			`}`
			`if user.Login == "" {`
			`w.WriteHeader(http.StatusUnauthorized)`
			io.WriteString(w, `{"data":"Неверный логин или пароль"}`)
			`return`
			`}`
			`checkPass := password.CheckValid(users.Password, user.Password)`
			`if !checkPass {`
			`w.WriteHeader(http.StatusUnauthorized)`
			io.WriteString(w, `{"data":"Неверный логин или пароль"}`)
			`return`
			`}`
			`jwtToken, _ := jwt.GenerateTokens(*user)`
			`Reftoken, err := r.db.Token().FindByLogin(users.Login)`
			`if err != nil {`
			`w.WriteHeader(http.StatusBadRequest)`
			io.WriteString(w, `{"data":"Что-то пошло не так "}`)
			`return`
			`}`
			`if *Reftoken != "" {`
			`jwtToken.RefreshToken = *Reftoken`
			`} else {`
			`r.db.Token().Create(users.Login, jwtToken.RefreshToken)`
			`}`
			`cookie := http.Cookie{`
			`Name: "refreshToken",`
			`Value: jwtToken.RefreshToken,`
			`Path: "/",`
			`SameSite: http.SameSiteDefaultMode,`
			`Expires: time.Now().Add(time.Hour * 24 * 360),`
			`HttpOnly: true,`
			`}`
			`http.SetCookie(w, &cookie)`
			`users.AccesToken = jwtToken.AccesToken`
			`users.PermisionLVL = user.PermisionLVL`
			`users.Email = user.Email`
add register user 2023-04-14 17:35:25 +03:00			`next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))`
			`}`
			`}`
add jwt authentication, and fix cours for next js 2023-05-02 11:02:06 +03:00
			`func (r *RestServer) chekUserLogout(next http.HandlerFunc) http.HandlerFunc {`
			`return func(w http.ResponseWriter, res *http.Request) {`
			`checkCookie, err := res.Cookie("refreshToken")`
			`if err != nil {`
			`r.logger.Error(err)`
			`} else {`
			`if checkCookie.Value != "" {`
			`login, _ := r.db.Token().FindByToken(checkCookie.Value)`
			`if *login != "" {`
			`r.db.Token().DeleteByLogin(*login)`
			`}`
			`cookie := http.Cookie{`
			`Name: "refreshToken",`
			`Value: "",`
			`MaxAge: -1,`
			`Path: "/",`
			`HttpOnly: true,`
			`}`
			`http.SetCookie(w, &cookie)`
			`}`
			`}`

			`next(w, res)`
			`}`
			`}`

			`func (r *RestServer) checkUserRefresh(next http.HandlerFunc) http.HandlerFunc {`
			`return func(w http.ResponseWriter, res *http.Request) {`
			`users := &model.User{}`
			`checkCookie, err := res.Cookie("refreshToken")`
			`if err != nil {`
			`r.logger.Error(err)`
			`w.WriteHeader(http.StatusUnauthorized)`
			`return`
			`}`
			`chekToken, err := jwt.ValidateToken(checkCookie.Value, []byte(os.Getenv("JWT_SECRET_KEY_REFRESH")))`
			`if err != nil {`
			`r.logger.Error(err)`
			`w.WriteHeader(http.StatusUnauthorized)`
			`return`
			`}`
			`login, err := r.db.Token().FindByToken(checkCookie.Value)`
			`if err != nil {`
			`r.logger.Error(err)`
			`w.WriteHeader(http.StatusUnauthorized)`
			`return`
			`}`
			`if *login != "" && chekToken {`
			`userdb, _ := r.db.User().FindByLoginPas(*login)`
			`jwtToken, _ := jwt.GenerateTokens(*userdb)`
			`users.Login = userdb.Login`
			`users.AccesToken = jwtToken.AccesToken`
			`users.PermisionLVL = userdb.PermisionLVL`
			`users.Email = userdb.Email`
			`next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))`
			`}`
			`}`
			`}`