You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
2.0 KiB
80 lines
2.0 KiB
package controllers
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.aiterp.net/lucifer/lucifer/internal/respond"
|
|
"git.aiterp.net/lucifer/lucifer/models"
|
|
"github.com/gorilla/mux"
|
|
)
|
|
|
|
// The UserController is a controller for all user inports.
|
|
type UserController struct {
|
|
users models.UserRepository
|
|
}
|
|
|
|
// getUsers (`GET /`): List users
|
|
func (c *UserController) getUsers(w http.ResponseWriter, r *http.Request) {
|
|
if session := models.SessionFromContext(r.Context()); session == nil {
|
|
respond.Error(w, 403, "permission_denied", "You must log in")
|
|
return
|
|
}
|
|
|
|
users, err := c.users.List(r.Context())
|
|
if err != nil {
|
|
respond.Error(w, 500, "db_error", err.Error())
|
|
return
|
|
}
|
|
|
|
respond.JSON(w, 200, users)
|
|
}
|
|
|
|
// login (`POST /login`): Log in as user
|
|
func (c *UserController) login(w http.ResponseWriter, r *http.Request) {
|
|
loginData := struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}{}
|
|
|
|
err := json.NewDecoder(r.Body).Decode(&loginData)
|
|
if err != nil {
|
|
respond.Error(w, 400, "invalid_json", "Input is not valid JSON.")
|
|
return
|
|
}
|
|
|
|
user, err := c.users.FindByName(r.Context(), loginData.Username)
|
|
if err != nil {
|
|
respond.Error(w, http.StatusUnauthorized, "login_failed", "Login failed.")
|
|
return
|
|
}
|
|
|
|
if err := user.CheckPassword(loginData.Password); err != nil {
|
|
respond.Error(w, http.StatusUnauthorized, "login_failed", "Login failed.")
|
|
return
|
|
}
|
|
|
|
session := models.Session{
|
|
Expires: time.Now().Add(7 * 24 * time.Hour),
|
|
UserID: user.ID,
|
|
}
|
|
session.GenerateID()
|
|
|
|
http.SetCookie(w, session.Cookie())
|
|
|
|
respond.JSON(w, 200, user)
|
|
}
|
|
|
|
// Mount mounts the controller
|
|
func (c *UserController) Mount(router *mux.Router, prefix string) {
|
|
sub := router.PathPrefix(prefix).Subrouter()
|
|
|
|
sub.HandleFunc("/", c.getUsers).Methods("GET")
|
|
sub.HandleFunc("/login", c.login).Methods("POST")
|
|
}
|
|
|
|
// NewUserController creates a new UserController.
|
|
func NewUserController(users models.UserRepository) *UserController {
|
|
return &UserController{users: users}
|
|
}
|