site/zedshaw.games
1
0
Fork 0
Code Issues 7 Pull requests Projects Releases Packages Wiki Activity Actions

Now have a basic auth library for doing bcrypt auth.

Browse source
This commit is contained in:
Zed A. Shaw 2025-06-27 12:02:05 -04:00
parent b0c4144987
commit eaaf309260
4 changed files with 69 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

55
api/auth.go Normal file
View file

@ -0,0 +1,55 @@
package api
import (
"golang.org/x/crypto/bcrypt"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session"
"zedshaw.games/webapp/data"
)
func CheckAuthed(c *fiber.Ctx) (bool, *session.Session, error) {
sess, err := STORE.Get(c)
if err != nil { return false, sess, err }
authed := sess.Get("authenticated") == true
return authed, sess, nil
}
func NotAuthed(err error, authed bool) bool {
return err != nil || authed == false
}
func LogoutUser(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return err }
sess.Set("authenticated", false)
err = sess.Save()
return err
}
func LoginUser(result *data.User, login *data.Login) (bool, error) {
sql, args, err := sq.Select("username, password").
From("user").Where("username=?", login.Username).ToSql()
if err != nil { return false, err }
err = data.DB.Get(result, sql, args...)
if err != nil { return false, err }
pass_good := bcrypt.CompareHashAndPassword([]byte(result.Password), []byte(login.Password))
if pass_good != nil { return false, pass_good }
return login.Username == result.Username && pass_good == nil, nil
}
func SetUserPassword(password string, user *data.User) error {
hashed, err := bcrypt.GenerateFromPassword([]byte(password), 12)
if err == nil { return err }
user.Password = string(hashed)
return nil
}

40
api/controllers.go
View file

@ -2,36 +2,28 @@ package api
import (
"log"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session"
"zedshaw.games/webapp/data"
)
var STORE *session.Store
func Logout(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) }
sess.Set("authenticated", false)
err = sess.Save()
func GetApiLogout(c *fiber.Ctx) error {
err := LogoutUser(c)
if err != nil { return IfErrNil(err, c) }
return c.Redirect("/")
}
func GetApiStream(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) }
if sess.Get("authenticated") != true {
// NOTE: need my own error thing
return IfErrNil(err, c)
}
authed, _, err := CheckAuthed(c)
if NotAuthed(err, authed) { return IfErrNil(err, c) }
sql, args, err := sq.Select("*").From("stream").ToSql()
err = data.SelectJson[data.Stream](c, err, sql, args...)
@ -58,20 +50,15 @@ func GetApiStreamIdLinks(c *fiber.Ctx) error {
}
func PostApiLogin(c *fiber.Ctx) error {
var result data.User
var user data.User
login, err := ReceivePost[data.Login](c)
if(err != nil) { return IfErrNil(err, c) }
sql, args, err := sq.Select("username, password").
From("user").Where("username=?", login.Username).ToSql()
pass_good, err := LoginUser(&user, login)
if err != nil { return IfErrNil(err, c) }
err = data.DB.Get(&result, sql, args...)
if err != nil { return IfErrNil(err, c) }
if login.Username == result.Username && login.Password == result.Password {
if pass_good {
sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) }
@ -103,12 +90,11 @@ func PostApiLink(c *fiber.Ctx) error {
return IfErrNil(err, c)
}
func Setup(app *fiber.App) {
STORE = session.New()
app.Get("/api/stream/", GetApiStream)
app.Get("/api/logout/", Logout)
app.Get("/api/stream", GetApiStream)
app.Get("/api/logout", GetApiLogout)
app.Get("/api/stream/:id", GetApiStreamId)
app.Get("/api/stream/:id/links", GetApiStreamIdLinks)
app.Post("/api/login", PostApiLogin)