64 lines
1.1 KiB
Go
64 lines
1.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"os"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type Handler struct {
|
|
service *Service
|
|
}
|
|
|
|
func NewHandler(s *Service) *Handler {
|
|
return &Handler{service: s}
|
|
}
|
|
|
|
func (h *Handler) Me(c *gin.Context) {
|
|
userID, _ := c.Get("user_id")
|
|
role, _ := c.Get("role")
|
|
|
|
c.JSON(200, gin.H{
|
|
"user_id": userID,
|
|
"role": role,
|
|
})
|
|
}
|
|
|
|
func (h *Handler) AdminCheck(c *gin.Context) {
|
|
c.JSON(200, gin.H{
|
|
"message": "you are an admin",
|
|
})
|
|
}
|
|
|
|
func (h *Handler) Login(c *gin.Context) {
|
|
var req struct {
|
|
Username string `json:"username" binding:"required"`
|
|
Password string `json:"password" binding:"required"`
|
|
}
|
|
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
c.JSON(400, gin.H{"error": "Invalid request body"})
|
|
return
|
|
}
|
|
|
|
token, err := h.service.Login(req.Username, req.Password)
|
|
if err != nil {
|
|
c.JSON(401, gin.H{"error": "Invalid credentials"})
|
|
return
|
|
}
|
|
|
|
isSecure := os.Getenv("USE_HTTPS") == "true"
|
|
|
|
c.SetCookie(
|
|
"auth_token",
|
|
token,
|
|
3600*24,
|
|
"/",
|
|
os.Getenv("DOMAIN"),
|
|
isSecure,
|
|
true, // httpOnly (IMPORTANT)
|
|
)
|
|
|
|
c.JSON(200, gin.H{"token": token})
|
|
}
|