184 lines
5.4 KiB
Go
184 lines
5.4 KiB
Go
package restserver
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"os"
|
|
"time"
|
|
|
|
"git.ukamnya.ru/stulyaganov/RestApiv2/internal/bd/model"
|
|
"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/jwt"
|
|
"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/password"
|
|
"git.ukamnya.ru/stulyaganov/RestApiv2/pkg/utils/validator"
|
|
)
|
|
|
|
func (r *RestServer) chekUserRegistr(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, res *http.Request) {
|
|
w.Header().Set("Access-Control-Allow-Origin", "*")
|
|
w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
|
|
w.Header().Set("Content-Type", "application/json")
|
|
users := &model.User{}
|
|
valid := validator.NewValidator(8, 32, 1)
|
|
err := json.NewDecoder(res.Body).Decode(users)
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
io.WriteString(w, `{"data":"Что-то пошло не так"}`)
|
|
return
|
|
}
|
|
user, err := r.db.User().FindByLogin(users.Login)
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
}
|
|
if user.Login != "" {
|
|
io.WriteString(w, `{"data":"Такой Логин уже занят попробуйте придумать другой"}`)
|
|
return
|
|
}
|
|
user, err = r.db.User().FindByEmail(users.Email)
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
return
|
|
}
|
|
if user.Email != "" {
|
|
io.WriteString(w, `{"data":"Такой email уже используется другим пользователем"}`)
|
|
return
|
|
}
|
|
_, err = valid.CheckValid(users.Password)
|
|
if err != nil {
|
|
io.WriteString(w, fmt.Sprintf(`{"data":"%s"}`, err))
|
|
return
|
|
}
|
|
users.PermisionLVL = defaultPermLvl
|
|
// jwtToken, _ := jwt.GenerateTokens(*users)
|
|
|
|
// cookie := http.Cookie{
|
|
// Name: "refreshToken",
|
|
// Value: jwtToken.RefreshToken,
|
|
// Expires: time.Now().Add(time.Hour * 24 * 360),
|
|
// HttpOnly: true,
|
|
// }
|
|
// http.SetCookie(w, &cookie)
|
|
// users.AccesToken = jwtToken.AccesToken
|
|
// users.RefreshToken = jwtToken.RefreshToken
|
|
next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))
|
|
}
|
|
}
|
|
|
|
func (r *RestServer) chekUserLogin(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, res *http.Request) {
|
|
users := &model.User{}
|
|
err := json.NewDecoder(res.Body).Decode(users)
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
io.WriteString(w, `{"data":"Что-то пошло не так"}`)
|
|
return
|
|
}
|
|
user, err := r.db.User().FindByLoginPas(users.Login)
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
io.WriteString(w, `{"data":"Что-то пошло не так"}`)
|
|
return
|
|
}
|
|
if user.Login == "" {
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
io.WriteString(w, `{"data":"Неверный логин или пароль"}`)
|
|
return
|
|
}
|
|
checkPass := password.CheckValid(users.Password, user.Password)
|
|
if !checkPass {
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
io.WriteString(w, `{"data":"Неверный логин или пароль"}`)
|
|
return
|
|
}
|
|
jwtToken, _ := jwt.GenerateTokens(*user)
|
|
Reftoken, err := r.db.Token().FindByLogin(users.Login)
|
|
if err != nil {
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
io.WriteString(w, `{"data":"Что-то пошло не так "}`)
|
|
return
|
|
}
|
|
if *Reftoken != "" {
|
|
jwtToken.RefreshToken = *Reftoken
|
|
} else {
|
|
r.db.Token().Create(users.Login, jwtToken.RefreshToken)
|
|
}
|
|
cookie := http.Cookie{
|
|
Name: "refreshToken",
|
|
Value: jwtToken.RefreshToken,
|
|
Path: "/",
|
|
SameSite: http.SameSiteDefaultMode,
|
|
Expires: time.Now().Add(time.Hour * 24 * 360),
|
|
HttpOnly: true,
|
|
}
|
|
http.SetCookie(w, &cookie)
|
|
users.AccesToken = jwtToken.AccesToken
|
|
users.PermisionLVL = user.PermisionLVL
|
|
users.Email = user.Email
|
|
next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))
|
|
}
|
|
}
|
|
|
|
func (r *RestServer) chekUserLogout(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, res *http.Request) {
|
|
checkCookie, err := res.Cookie("refreshToken")
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
} else {
|
|
if checkCookie.Value != "" {
|
|
login, _ := r.db.Token().FindByToken(checkCookie.Value)
|
|
if *login != "" {
|
|
r.db.Token().DeleteByLogin(*login)
|
|
}
|
|
cookie := http.Cookie{
|
|
Name: "refreshToken",
|
|
Value: "",
|
|
MaxAge: -1,
|
|
Path: "/",
|
|
HttpOnly: true,
|
|
}
|
|
http.SetCookie(w, &cookie)
|
|
}
|
|
}
|
|
|
|
next(w, res)
|
|
}
|
|
}
|
|
|
|
func (r *RestServer) checkUserRefresh(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, res *http.Request) {
|
|
users := &model.User{}
|
|
checkCookie, err := res.Cookie("refreshToken")
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
chekToken, err := jwt.ValidateToken(checkCookie.Value, []byte(os.Getenv("JWT_SECRET_KEY_REFRESH")))
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
login, err := r.db.Token().FindByToken(checkCookie.Value)
|
|
if err != nil {
|
|
r.logger.Error(err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
if *login != "" && chekToken {
|
|
userdb, _ := r.db.User().FindByLoginPas(*login)
|
|
jwtToken, _ := jwt.GenerateTokens(*userdb)
|
|
users.Login = userdb.Login
|
|
users.AccesToken = jwtToken.AccesToken
|
|
users.PermisionLVL = userdb.PermisionLVL
|
|
users.Email = userdb.Email
|
|
next(w, res.WithContext(context.WithValue(res.Context(), ContextKeyUser, users)))
|
|
}
|
|
}
|
|
}
|