Now have a basic auth library for doing bcrypt auth.

2025-06-27 12:02:05 -04:00 · 2025-06-27 12:02:05 -04:00 · eaaf309260
commit eaaf309260
parent b0c4144987
4 changed files with 69 additions and 29 deletions
--- a/api/auth.go
+++ b/api/auth.go
@ -0,0 +1,55 @@
+package api
+
+import (
+  "golang.org/x/crypto/bcrypt"
+
+  "github.com/gofiber/fiber/v2"
+  _ "github.com/mattn/go-sqlite3"
+  sq "github.com/Masterminds/squirrel"
+  "github.com/gofiber/fiber/v2/middleware/session"
+
+  "zedshaw.games/webapp/data"
+)
+
+func CheckAuthed(c *fiber.Ctx) (bool, *session.Session, error) {
+  sess, err := STORE.Get(c)
+  if err != nil { return false, sess, err }
+  authed := sess.Get("authenticated") == true
+  return authed, sess, nil
+}
+
+func NotAuthed(err error, authed bool) bool {
+  return err != nil || authed == false
+}
+
+func LogoutUser(c *fiber.Ctx) error {
+  sess, err := STORE.Get(c)
+  if err != nil { return err }
+
+  sess.Set("authenticated", false)
+  err = sess.Save()
+  return err
+}
+
+func LoginUser(result *data.User, login *data.Login) (bool, error) {
+  sql, args, err := sq.Select("username, password").
+      From("user").Where("username=?", login.Username).ToSql()
+
+  if err != nil { return false, err }
+
+  err = data.DB.Get(result, sql, args...)
+  if err != nil { return false, err }
+
+  pass_good := bcrypt.CompareHashAndPassword([]byte(result.Password), []byte(login.Password))
+  if pass_good != nil { return false, pass_good }
+
+  return login.Username == result.Username && pass_good == nil, nil
+}
+
+func SetUserPassword(password string, user *data.User) error {
+  hashed, err := bcrypt.GenerateFromPassword([]byte(password), 12)
+  if err == nil { return err }
+
+  user.Password = string(hashed)
+  return nil
+}