package controller import ( "git.lumeweb.com/LumeWeb/portal/controller/request" "git.lumeweb.com/LumeWeb/portal/controller/response" "git.lumeweb.com/LumeWeb/portal/service/auth" "github.com/kataras/iris/v12" ) type AuthController struct { Controller } // PostLogin handles the POST /api/auth/login request to authenticate a user and return a JWT token. func (a *AuthController) PostLogin() { ri, success := tryParseRequest(request.LoginRequest{}, a.Ctx) if !success { return } r, _ := ri.(*request.LoginRequest) token, err := auth.LoginWithPassword(r.Email, r.Password) if err != nil { if err == auth.ErrFailedGenerateToken { a.Ctx.StopWithError(iris.StatusInternalServerError, err) } else { a.Ctx.StopWithError(iris.StatusUnauthorized, err) } return } a.respondJSON(&response.LoginResponse{Token: token}) } // PostChallenge handles the POST /api/auth/pubkey/challenge request to generate a challenge for a user's public key. func (a *AuthController) PostPubkeyChallenge() { ri, success := tryParseRequest(request.PubkeyChallengeRequest{}, a.Ctx) if !success { return } r, _ := (ri).(*request.PubkeyChallengeRequest) challenge, err := auth.GeneratePubkeyChallenge(r.Pubkey) if err != nil { if err == auth.ErrFailedGenerateKeyChallenge { a.Ctx.StopWithError(iris.StatusInternalServerError, err) } else { a.Ctx.StopWithError(iris.StatusUnauthorized, err) } return } a.respondJSON(&response.ChallengeResponse{Challenge: challenge}) } // PostKeyLogin handles the POST /api/auth/pubkey/login request to authenticate a user using a public key challenge and return a JWT token. func (a *AuthController) PostPubkeyLogin() { ri, success := tryParseRequest(request.PubkeyLoginRequest{}, a.Ctx) if !success { return } r, _ := ri.(*request.PubkeyLoginRequest) token, err := auth.LoginWithPubkey(r.Pubkey, r.Challenge, r.Signature) if err != nil { if err == auth.ErrFailedGenerateKeyChallenge || err == auth.ErrFailedGenerateToken || err == auth.ErrFailedSaveToken { a.Ctx.StopWithError(iris.StatusInternalServerError, err) } else { a.Ctx.StopWithError(iris.StatusUnauthorized, err) } return } a.respondJSON(&response.LoginResponse{Token: token}) } // PostLogout handles the POST /api/auth/logout request to invalidate a JWT token. func (a *AuthController) PostLogout() { ri, success := tryParseRequest(request.LogoutRequest{}, a.Ctx) if !success { return } r, _ := ri.(*request.LogoutRequest) err := auth.Logout(r.Token) if err != nil { a.Ctx.StopWithError(iris.StatusBadRequest, err) return } // Return a success response to the client. a.Ctx.StatusCode(iris.StatusNoContent) }