diff --git a/go/lesson3/.gitignore b/go/lesson3/.gitignore new file mode 100644 index 0000000..66fd13c --- /dev/null +++ b/go/lesson3/.gitignore @@ -0,0 +1,15 @@ +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Dependency directories (remove the comment below to include it) +# vendor/ diff --git a/go/lesson3/controllers/controllers.go b/go/lesson3/controllers/controllers.go new file mode 100644 index 0000000..b6b1711 --- /dev/null +++ b/go/lesson3/controllers/controllers.go @@ -0,0 +1,134 @@ +package controllers + +import ( + strconv "strconv" + time "time" + + fiber "github.com/gofiber/fiber/v2" + jwt "github.com/golang-jwt/jwt" + bcrypt "golang.org/x/crypto/bcrypt" + database "lesson3/database" + models "lesson3/models" +) + +func Register(c *fiber.Ctx) error { + var data map[string]string + + if err := c.BodyParser(&data); err != nil { + return err + } + + password, _ := bcrypt.GenerateFromPassword( + []byte(data["password"]), + 14, + ) // GenerateFromPassword returns the bcrypt hash of the password at the given cost i.e. (14 in our case). + + user := models.User{ + Name: data["name"], + Email: data["email"], + Password: password, + } + + database.DB.Create(&user) // Adds the data to the DB + + return c.JSON(user) +} + +const SecretKey = "secret" + +func Login(c *fiber.Ctx) error { + var data map[string]string + + if err := c.BodyParser(&data); err != nil { + return err + } + + var user models.User + + database.DB.Where("email = ?", data["email"]). + First(&user) + // Check the email is present in the DB + + if user.ID == 0 { // If the ID return is '0' then there is no such email present in the DB + c.Status(fiber.StatusNotFound) + return c.JSON(fiber.Map{ + "message": "user not found", + }) + } + + if err := bcrypt.CompareHashAndPassword(user.Password, []byte(data["password"])); err != nil { + c.Status(fiber.StatusBadRequest) + return c.JSON(fiber.Map{ + "message": "incorrect password", + }) + } // If the email is present in the DB then compare the Passwords and if incorrect password then return error. + + claims := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.StandardClaims{ + Issuer: strconv.Itoa(int(user.ID)), + ExpiresAt: time.Now().Add(time.Hour * 24).Unix(), // 1 day + }) + + token, err := claims.SignedString([]byte(SecretKey)) + if err != nil { + c.Status(fiber.StatusInternalServerError) + return c.JSON(fiber.Map{ + "message": "could not login", + }) + } + + cookie := fiber.Cookie{ + Name: "jwt", + Value: token, + Expires: time.Now().Add(time.Hour * 24), + HTTPOnly: true, + } + + c.Cookie(&cookie) + + return c.JSON(fiber.Map{ + "message": "success", + }) +} + +func User(c *fiber.Ctx) error { + cookie := c.Cookies("jwt") + + token, err := jwt.ParseWithClaims( + cookie, + &jwt.StandardClaims{}, + func(token *jwt.Token) (interface{}, error) { + return []byte(SecretKey), nil + }, + ) + if err != nil { + c.Status(fiber.StatusUnauthorized) + return c.JSON(fiber.Map{ + "message": "unauthenticated", + }) + } + + claims := token.Claims.(*jwt.StandardClaims) + + var user models.User + + database.DB.Where("id = ?", claims.Issuer).First(&user) + + return c.JSON(user) +} + +func Logout(c *fiber.Ctx) error { + cookie := fiber.Cookie{ + Name: "jwt", + Value: "", + Expires: time.Now(). + Add(-time.Hour), + // Sets the expiry time an hour ago in the past. + HTTPOnly: true, + } + + c.Cookie(&cookie) + + return c.JSON(fiber.Map{ + "message": "success", + }) +} diff --git a/go/lesson3/database/dbconn.go b/go/lesson3/database/dbconn.go new file mode 100644 index 0000000..21f0b4a --- /dev/null +++ b/go/lesson3/database/dbconn.go @@ -0,0 +1,37 @@ +package database + +import ( + fmt "fmt" + log "log" + + postgres "gorm.io/driver/postgres" + gorm "gorm.io/gorm" + + models "lesson3/models" +) + +const ( + host = "localhost" + port = 5432 + user = "postgres" + password = "password" + dbname = "lesson3" +) + +var dsn string = fmt.Sprintf("host=%s port=%d user=%s "+ + "password=%s dbname=%s sslmode=disable TimeZone=Asia/Shanghai", + host, port, user, password, dbname) + +var DB *gorm.DB + +func DBconn() { + db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{}) + if err != nil { + log.Fatal(err) + } + DB = db + + db.AutoMigrate( + &models.User{}, + ) // we are going to create a models.go file for the User Model. +} diff --git a/go/lesson3/go.mod b/go/lesson3/go.mod new file mode 100644 index 0000000..5980ba0 --- /dev/null +++ b/go/lesson3/go.mod @@ -0,0 +1,35 @@ +module lesson3 + +go 1.19 + +require ( + github.com/gofiber/fiber/v2 v2.40.1 + github.com/golang-jwt/jwt v3.2.2+incompatible +) + +require ( + github.com/andybalholm/brotli v1.0.4 // indirect + github.com/jackc/chunkreader/v2 v2.0.1 // indirect + github.com/jackc/pgconn v1.13.0 // indirect + github.com/jackc/pgio v1.0.0 // indirect + github.com/jackc/pgpassfile v1.0.0 // indirect + github.com/jackc/pgproto3/v2 v2.3.1 // indirect + github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect + github.com/jackc/pgtype v1.12.0 // indirect + github.com/jackc/pgx/v4 v4.17.2 // indirect + github.com/jinzhu/inflection v1.0.0 // indirect + github.com/jinzhu/now v1.1.4 // indirect + github.com/klauspost/compress v1.15.9 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.16 // indirect + github.com/mattn/go-runewidth v0.0.14 // indirect + github.com/rivo/uniseg v0.2.0 // indirect + github.com/valyala/bytebufferpool v1.0.0 // indirect + github.com/valyala/fasthttp v1.41.0 // indirect + github.com/valyala/tcplisten v1.0.0 // indirect + golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa + golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab // indirect + golang.org/x/text v0.3.7 // indirect + gorm.io/driver/postgres v1.4.5 + gorm.io/gorm v1.24.1-0.20221019064659-5dd2bb482755 +) diff --git a/go/lesson3/main.go b/go/lesson3/main.go new file mode 100644 index 0000000..4e599d2 --- /dev/null +++ b/go/lesson3/main.go @@ -0,0 +1,23 @@ +package main + +import ( + fiber "github.com/gofiber/fiber/v2" + cors "github.com/gofiber/fiber/v2/middleware/cors" + + database "lesson3/database" + routes "lesson3/routes" +) + +func main() { + database.DBconn() + + app := fiber.New() + + app.Use(cors.New(cors.Config{ + AllowCredentials: true, + })) + + routes.Setup(app) + + app.Listen(":8000") +} diff --git a/go/lesson3/models/models.go b/go/lesson3/models/models.go new file mode 100644 index 0000000..fdfe1c8 --- /dev/null +++ b/go/lesson3/models/models.go @@ -0,0 +1,12 @@ +package models + +import ( + gorm "gorm.io/gorm" +) + +type User struct { + gorm.Model + Name string `json:"name"` + Email string `json:"email" gorm:"unique"` + Password []byte `json:"-"` +} diff --git a/go/lesson3/routes/routes.go b/go/lesson3/routes/routes.go new file mode 100644 index 0000000..7ca293c --- /dev/null +++ b/go/lesson3/routes/routes.go @@ -0,0 +1,19 @@ +package routes + +import ( + controllers "lesson3/controllers" + + fiber "github.com/gofiber/fiber/v2" +) + +func Setup(app *fiber.App) { + api := app.Group("/user") + + api.Get("/get-user", controllers.User) + + api.Post("/register", controllers.Register) + + api.Post("/login", controllers.Login) + + api.Post("/logout", controllers.Logout) +}