Added endpoint to auth with username and password
This commit is contained in:
parent
b46e72999e
commit
6da74e0adc
|
@ -58,7 +58,7 @@ func (d Db) AccountCreate(input AccountCreateInput) (CreatedAccount, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// AccountGet fetches an account from the database
|
// AccountGet fetches an account from the database
|
||||||
func (d Db) AccountGet(accountID string, APIKey string) (Account, error) {
|
func (d Db) AccountGet(accountID string, APIKey string, Name string) (Account, error) {
|
||||||
logContext := log.WithFields(log.Fields{
|
logContext := log.WithFields(log.Fields{
|
||||||
"accountID": accountID,
|
"accountID": accountID,
|
||||||
"APIKey": len(APIKey),
|
"APIKey": len(APIKey),
|
||||||
|
@ -75,6 +75,9 @@ func (d Db) AccountGet(accountID string, APIKey string) (Account, error) {
|
||||||
} else if APIKey != "" {
|
} else if APIKey != "" {
|
||||||
accountSQL = accountSQL + "\"apiKey\" = $1"
|
accountSQL = accountSQL + "\"apiKey\" = $1"
|
||||||
searchParam = APIKey
|
searchParam = APIKey
|
||||||
|
} else if Name != "" {
|
||||||
|
accountSQL = accountSQL + "name = $1"
|
||||||
|
searchParam = Name
|
||||||
}
|
}
|
||||||
|
|
||||||
accountErr := d.DbPool.QueryRow(context.Background(), accountSQL, searchParam).Scan(&account.ID, &account.Created, &account.Name, &account.Password)
|
accountErr := d.DbPool.QueryRow(context.Background(), accountSQL, searchParam).Scan(&account.ID, &account.Created, &account.Name, &account.Password)
|
||||||
|
@ -114,7 +117,7 @@ func (d Db) AccountGet(accountID string, APIKey string) (Account, error) {
|
||||||
func (d Db) RenewalTokenGet(accountID string) (string, error) {
|
func (d Db) RenewalTokenGet(accountID string) (string, error) {
|
||||||
logContext := log.WithFields(log.Fields{"accountID": accountID})
|
logContext := log.WithFields(log.Fields{"accountID": accountID})
|
||||||
|
|
||||||
logContext.Debug("Createing new renewal token")
|
logContext.Debug("Creating new renewal token")
|
||||||
|
|
||||||
newToken := utils.RandString(60)
|
newToken := utils.RandString(60)
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,7 @@ func (h Handlers) AccountGet(c *fiber.Ctx) error {
|
||||||
return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}})
|
return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}})
|
||||||
}
|
}
|
||||||
|
|
||||||
account, accountErr := h.Db.AccountGet(accountID, "")
|
account, accountErr := h.Db.AccountGet(accountID, "", "")
|
||||||
if accountErr != nil {
|
if accountErr != nil {
|
||||||
return c.Status(500).JSON([]ResJSONError{{Error: accountErr.Error()}})
|
return c.Status(500).JSON([]ResJSONError{{Error: accountErr.Error()}})
|
||||||
}
|
}
|
||||||
|
|
|
@ -75,7 +75,7 @@ func (h Handlers) AccountAuthAPIKey(c *fiber.Ctx) error {
|
||||||
inputAPIKey := string(c.Request().Body())
|
inputAPIKey := string(c.Request().Body())
|
||||||
inputAPIKey = inputAPIKey[1 : len(inputAPIKey)-1]
|
inputAPIKey = inputAPIKey[1 : len(inputAPIKey)-1]
|
||||||
|
|
||||||
resolvedAccount, accountErr := h.Db.AccountGet("", inputAPIKey)
|
resolvedAccount, accountErr := h.Db.AccountGet("", inputAPIKey, "")
|
||||||
if accountErr != nil {
|
if accountErr != nil {
|
||||||
if accountErr.Error() == "no rows in result set" {
|
if accountErr.Error() == "no rows in result set" {
|
||||||
return c.Status(403).JSON([]ResJSONError{{Error: "Invalid credentials"}})
|
return c.Status(403).JSON([]ResJSONError{{Error: "Invalid credentials"}})
|
||||||
|
@ -86,3 +86,31 @@ func (h Handlers) AccountAuthAPIKey(c *fiber.Ctx) error {
|
||||||
|
|
||||||
return h.returnTokens(resolvedAccount, c)
|
return h.returnTokens(resolvedAccount, c)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// AccountAuthPassword auths a name/password pair
|
||||||
|
func (h Handlers) AccountAuthPassword(c *fiber.Ctx) error {
|
||||||
|
type AuthInput struct {
|
||||||
|
Name string `json:"name"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
}
|
||||||
|
|
||||||
|
authInput := new(AuthInput)
|
||||||
|
if err := c.BodyParser(authInput); err != nil {
|
||||||
|
return c.Status(400).JSON([]ResJSONError{{Error: err.Error()}})
|
||||||
|
}
|
||||||
|
|
||||||
|
resolvedAccount, err := h.Db.AccountGet("", "", authInput.Name)
|
||||||
|
if err != nil {
|
||||||
|
if err.Error() == "No account found" {
|
||||||
|
return c.Status(403).JSON([]ResJSONError{{Error: "Invalid name or password"}})
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.Status(500).JSON([]ResJSONError{{Error: err.Error()}})
|
||||||
|
}
|
||||||
|
|
||||||
|
if utils.CheckPasswordHash(authInput.Password, resolvedAccount.Password) == false {
|
||||||
|
return c.Status(403).JSON([]ResJSONError{{Error: "Invalid name or password"}})
|
||||||
|
}
|
||||||
|
|
||||||
|
return h.returnTokens(resolvedAccount, c)
|
||||||
|
}
|
||||||
|
|
|
@ -76,6 +76,7 @@ func main() {
|
||||||
app.Get("/account/:accountID", handlers.AccountGet)
|
app.Get("/account/:accountID", handlers.AccountGet)
|
||||||
app.Post("/account", handlers.AccountCreate)
|
app.Post("/account", handlers.AccountCreate)
|
||||||
app.Post("/auth/api-key", handlers.AccountAuthAPIKey)
|
app.Post("/auth/api-key", handlers.AccountAuthAPIKey)
|
||||||
|
app.Post("/auth/password", handlers.AccountAuthPassword)
|
||||||
|
|
||||||
log.WithFields(log.Fields{"WEB_BIND_HOST": os.Getenv("WEB_BIND_HOST")}).Info("Trying to start web server")
|
log.WithFields(log.Fields{"WEB_BIND_HOST": os.Getenv("WEB_BIND_HOST")}).Info("Trying to start web server")
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user