169 lines
4.6 KiB
Go
169 lines
4.6 KiB
Go
package controllers
|
|
|
|
import (
|
|
"log"
|
|
"main/database"
|
|
"main/models"
|
|
"os"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/golang-jwt/jwt/v4"
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
"github.com/joho/godotenv"
|
|
)
|
|
|
|
var (
|
|
SecretKey string
|
|
blockedTokens = make(map[string]struct{})
|
|
blockedTokensMu sync.Mutex
|
|
)
|
|
|
|
func init() {
|
|
if err := godotenv.Load(); err != nil {
|
|
log.Fatal("Ошибка загрузки .env файла")
|
|
}
|
|
SecretKey = os.Getenv("JWT_SECRET_KEY")
|
|
if SecretKey == "" {
|
|
log.Fatal("JWT_SECRET_KEY не задан в .env")
|
|
}
|
|
}
|
|
|
|
func Register(c *fiber.Ctx) error {
|
|
var data map[string]string
|
|
if err := c.BodyParser(&data); err != nil {
|
|
log.Println("Ошибка парсинга тела запроса:", err)
|
|
return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"message": "Invalid request body"})
|
|
}
|
|
|
|
if data["password"] == "" {
|
|
return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"message": "Password is required"})
|
|
}
|
|
|
|
var existingUser models.User
|
|
if err := database.DB.Where("email = ?", data["email"]).First(&existingUser).Error; err == nil {
|
|
return c.Status(fiber.StatusConflict).JSON(fiber.Map{"message": "Email already taken"})
|
|
}
|
|
|
|
passwordHash, err := bcrypt.GenerateFromPassword([]byte(data["password"]), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
log.Println("Ошибка хеширования пароля:", err)
|
|
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"message": "Could not process password"})
|
|
}
|
|
|
|
user := models.User{
|
|
Name: data["name"],
|
|
Email: data["email"],
|
|
Password: passwordHash,
|
|
}
|
|
database.DB.Create(&user)
|
|
|
|
log.Println("Пользователь зарегистрирован:", user.Email)
|
|
return c.JSON(user)
|
|
}
|
|
|
|
func generateToken(user models.User) (string, error) {
|
|
claims := jwt.MapClaims{
|
|
"user_id": user.Id,
|
|
"exp": time.Now().Add(time.Hour * 24).Unix(),
|
|
}
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
|
return token.SignedString([]byte(SecretKey))
|
|
}
|
|
|
|
func isTokenBlocked(token string) bool {
|
|
blockedTokensMu.Lock()
|
|
defer blockedTokensMu.Unlock()
|
|
_, exists := blockedTokens[token]
|
|
return exists
|
|
}
|
|
|
|
func blockToken(token string) {
|
|
blockedTokensMu.Lock()
|
|
defer blockedTokensMu.Unlock()
|
|
blockedTokens[token] = struct{}{}
|
|
}
|
|
|
|
func Login(c *fiber.Ctx) error {
|
|
var data map[string]string
|
|
if err := c.BodyParser(&data); err != nil {
|
|
log.Println("Ошибка парсинга тела запроса:", err)
|
|
return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"message": "Invalid request body"})
|
|
}
|
|
|
|
var user models.User
|
|
database.DB.Where("email = ?", data["email"]).First(&user)
|
|
if user.Id == 0 {
|
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Invalid email or password"})
|
|
}
|
|
|
|
if err := bcrypt.CompareHashAndPassword(user.Password, []byte(data["password"])); err != nil {
|
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Invalid email or password"})
|
|
}
|
|
|
|
token, err := generateToken(user)
|
|
if err != nil {
|
|
log.Println("Ошибка генерации JWT токена:", err)
|
|
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"message": "Could not generate token"})
|
|
}
|
|
|
|
c.Cookie(&fiber.Cookie{
|
|
Name: "jwt",
|
|
Value: token,
|
|
Expires: time.Now().Add(time.Hour * 24),
|
|
HTTPOnly: true,
|
|
Secure: true,
|
|
SameSite: "Strict",
|
|
})
|
|
|
|
log.Println("Пользователь вошел в систему:", user.Email)
|
|
return c.JSON(fiber.Map{"message": "Login successful"})
|
|
}
|
|
|
|
func User(c *fiber.Ctx) error {
|
|
cookie := c.Cookies("jwt")
|
|
if isTokenBlocked(cookie) {
|
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Token is blocked"})
|
|
}
|
|
|
|
token, err := jwt.ParseWithClaims(cookie, &jwt.MapClaims{}, func(token *jwt.Token) (interface{}, error) {
|
|
return []byte(SecretKey), nil
|
|
})
|
|
|
|
if err != nil {
|
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
|
|
}
|
|
|
|
claims, ok := token.Claims.(*jwt.MapClaims)
|
|
if !ok || !token.Valid {
|
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Invalid token"})
|
|
}
|
|
|
|
var user models.User
|
|
database.DB.Where("id = ?", (*claims)["user_id"]).First(&user)
|
|
if user.Id == 0 {
|
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "User not found"})
|
|
}
|
|
|
|
return c.JSON(user)
|
|
}
|
|
|
|
func Logout(c *fiber.Ctx) error {
|
|
cookie := c.Cookies("jwt")
|
|
blockToken(cookie)
|
|
|
|
c.Cookie(&fiber.Cookie{
|
|
Name: "jwt",
|
|
Value: "",
|
|
Expires: time.Now().Add(-time.Hour),
|
|
HTTPOnly: true,
|
|
Secure: true,
|
|
SameSite: "Strict",
|
|
})
|
|
|
|
log.Println("Пользователь вышел из системы")
|
|
return c.JSON(fiber.Map{"message": "Logout successful"})
|
|
}
|