102 lines
2.6 KiB
Go
102 lines
2.6 KiB
Go
package controller
|
|
|
|
import (
|
|
"git.lumeweb.com/LumeWeb/portal/controller/request"
|
|
"git.lumeweb.com/LumeWeb/portal/controller/response"
|
|
"git.lumeweb.com/LumeWeb/portal/service/auth"
|
|
"github.com/kataras/iris/v12"
|
|
)
|
|
|
|
type AuthController struct {
|
|
Controller
|
|
}
|
|
|
|
// PostLogin handles the POST /api/auth/login request to authenticate a user and return a JWT token.
|
|
func (a *AuthController) PostLogin() {
|
|
ri, success := tryParseRequest(request.LoginRequest{}, a.Ctx)
|
|
if !success {
|
|
return
|
|
}
|
|
|
|
r, _ := ri.(*request.LoginRequest)
|
|
|
|
token, err := auth.LoginWithPassword(r.Email, r.Password)
|
|
|
|
if err != nil {
|
|
if err == auth.ErrFailedGenerateToken {
|
|
a.Ctx.StopWithError(iris.StatusInternalServerError, err)
|
|
} else {
|
|
a.Ctx.StopWithError(iris.StatusUnauthorized, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
a.respondJSON(&response.LoginResponse{Token: token})
|
|
}
|
|
|
|
// PostChallenge handles the POST /api/auth/pubkey/challenge request to generate a challenge for a user's public key.
|
|
func (a *AuthController) PostPubkeyChallenge() {
|
|
ri, success := tryParseRequest(request.PubkeyChallengeRequest{}, a.Ctx)
|
|
if !success {
|
|
return
|
|
}
|
|
|
|
r, _ := (ri).(*request.PubkeyChallengeRequest)
|
|
|
|
challenge, err := auth.GeneratePubkeyChallenge(r.Pubkey)
|
|
if err != nil {
|
|
if err == auth.ErrFailedGenerateKeyChallenge {
|
|
a.Ctx.StopWithError(iris.StatusInternalServerError, err)
|
|
} else {
|
|
a.Ctx.StopWithError(iris.StatusUnauthorized, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
a.respondJSON(&response.ChallengeResponse{Challenge: challenge})
|
|
}
|
|
|
|
// PostKeyLogin handles the POST /api/auth/pubkey/login request to authenticate a user using a public key challenge and return a JWT token.
|
|
func (a *AuthController) PostPubkeyLogin() {
|
|
ri, success := tryParseRequest(request.PubkeyLoginRequest{}, a.Ctx)
|
|
if !success {
|
|
return
|
|
}
|
|
|
|
r, _ := ri.(*request.PubkeyLoginRequest)
|
|
|
|
token, err := auth.LoginWithPubkey(r.Pubkey, r.Challenge, r.Signature)
|
|
|
|
if err != nil {
|
|
if err == auth.ErrFailedGenerateKeyChallenge || err == auth.ErrFailedGenerateToken || err == auth.ErrFailedSaveToken {
|
|
a.Ctx.StopWithError(iris.StatusInternalServerError, err)
|
|
} else {
|
|
a.Ctx.StopWithError(iris.StatusUnauthorized, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
a.respondJSON(&response.LoginResponse{Token: token})
|
|
|
|
}
|
|
|
|
// PostLogout handles the POST /api/auth/logout request to invalidate a JWT token.
|
|
func (a *AuthController) PostLogout() {
|
|
ri, success := tryParseRequest(request.LogoutRequest{}, a.Ctx)
|
|
if !success {
|
|
return
|
|
}
|
|
|
|
r, _ := ri.(*request.LogoutRequest)
|
|
|
|
err := auth.Logout(r.Token)
|
|
|
|
if err != nil {
|
|
a.Ctx.StopWithError(iris.StatusBadRequest, err)
|
|
return
|
|
}
|
|
|
|
// Return a success response to the client.
|
|
a.Ctx.StatusCode(iris.StatusNoContent)
|
|
}
|