add simple register and login function

This commit is contained in:
Adora Laura Kalb 2023-12-06 23:25:34 +01:00
parent 3836f814bf
commit e501ea51e4
Signed by: adoralaura
GPG key ID: 7A4552166FC8C056
12 changed files with 242 additions and 11 deletions

1
.gitignore vendored
View file

@ -95,3 +95,4 @@ fabric.properties
testdata/ testdata/
config/ config/
bin/ bin/
*.sqlite

View file

@ -15,9 +15,15 @@ func Run() error {
//go app.CleanupLogins() //go app.CleanupLogins()
//go app.CleanupLoginsCronJob() //go app.CleanupLoginsCronJob()
dberr := app.InitializeDB()
if dberr != nil {
return fmt.Errorf("couldn't initialize DB: %v", dberr.Error())
}
err := app.SetupFiber() err := app.SetupFiber()
if err != nil { if err != nil {
return fmt.Errorf("couldn't start webserver: %v", err.Error()) return fmt.Errorf("couldn't start webserver: %v", err.Error())
} }
return nil return nil
} }

20
go.mod
View file

@ -2,21 +2,33 @@ module code.lila.network/lauralani/tlm-login-server
go 1.21.4 go 1.21.4
require (
github.com/gofiber/fiber/v2 v2.51.0
github.com/rs/zerolog v1.31.0
gorm.io/gorm v1.25.5
)
require ( require (
github.com/andybalholm/brotli v1.0.5 // indirect github.com/andybalholm/brotli v1.0.5 // indirect
github.com/gofiber/fiber/v2 v2.51.0 // indirect github.com/dustin/go-humanize v1.0.1 // indirect
github.com/glebarez/go-sqlite v1.21.2 // indirect
github.com/glebarez/sqlite v1.10.0 // indirect
github.com/google/uuid v1.4.0 // indirect github.com/google/uuid v1.4.0 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.5 // indirect github.com/jinzhu/now v1.1.5 // indirect
github.com/klauspost/compress v1.16.7 // indirect github.com/klauspost/compress v1.17.0 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-runewidth v0.0.15 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
github.com/rivo/uniseg v0.2.0 // indirect github.com/rivo/uniseg v0.2.0 // indirect
github.com/rs/zerolog v1.31.0 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/valyala/fasthttp v1.50.0 // indirect github.com/valyala/fasthttp v1.50.0 // indirect
github.com/valyala/tcplisten v1.0.0 // indirect github.com/valyala/tcplisten v1.0.0 // indirect
golang.org/x/crypto v0.16.0 // indirect
golang.org/x/sys v0.15.0 // indirect golang.org/x/sys v0.15.0 // indirect
gorm.io/gorm v1.25.5 // indirect modernc.org/libc v1.22.5 // indirect
modernc.org/mathutil v1.5.0 // indirect
modernc.org/memory v1.5.0 // indirect
modernc.org/sqlite v1.23.1 // indirect
) )

25
go.sum
View file

@ -1,6 +1,12 @@
github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs= github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/glebarez/go-sqlite v1.21.2 h1:3a6LFC4sKahUunAmynQKLZceZCOzUthkRkEAl9gAXWo=
github.com/glebarez/go-sqlite v1.21.2/go.mod h1:sfxdZyhQjTM2Wry3gVYWaW072Ri1WMdWJi0k6+3382k=
github.com/glebarez/sqlite v1.10.0 h1:u4gt8y7OND/cCei/NMHmfbLxF6xP2wgKcT/BJf2pYkc=
github.com/glebarez/sqlite v1.10.0/go.mod h1:IJ+lfSOmiekhQsFTJRx/lHtGYmCdtAiTaf5wI9u5uHA=
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
github.com/gofiber/fiber/v2 v2.51.0 h1:JNACcZy5e2tGApWB2QrRpenTWn0fq0hkFm6k0C86gKQ= github.com/gofiber/fiber/v2 v2.51.0 h1:JNACcZy5e2tGApWB2QrRpenTWn0fq0hkFm6k0C86gKQ=
github.com/gofiber/fiber/v2 v2.51.0/go.mod h1:xaQRZQJGqnKOQnbQw+ltvku3/h8QxvNi8o6JiJ7Ll0U= github.com/gofiber/fiber/v2 v2.51.0/go.mod h1:xaQRZQJGqnKOQnbQw+ltvku3/h8QxvNi8o6JiJ7Ll0U=
@ -10,8 +16,8 @@ github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD
github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ= github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
github.com/klauspost/compress v1.16.7 h1:2mk3MPGNzKyxErAw8YaohYh69+pa4sIQSC0fPGCFR9I= github.com/klauspost/compress v1.17.0 h1:Rnbp4K9EjcDuVuHtd0dgA4qNuv9yKDYKK1ulpJwgrqM=
github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/compress v1.17.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
@ -21,6 +27,9 @@ github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
@ -32,12 +41,20 @@ github.com/valyala/fasthttp v1.50.0 h1:H7fweIlBm0rXLs2q0XbalvJ6r0CUPFWK3/bB4N13e
github.com/valyala/fasthttp v1.50.0/go.mod h1:k2zXd82h/7UZc3VOdJ2WaUqt1uZ/XpXAfE9i+HBC3lA= github.com/valyala/fasthttp v1.50.0/go.mod h1:k2zXd82h/7UZc3VOdJ2WaUqt1uZ/XpXAfE9i+HBC3lA=
github.com/valyala/tcplisten v1.0.0 h1:rBHj/Xf+E1tRGZyWIWwJDiRY0zc1Js+CV5DqwacVSA8= github.com/valyala/tcplisten v1.0.0 h1:rBHj/Xf+E1tRGZyWIWwJDiRY0zc1Js+CV5DqwacVSA8=
github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc= github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
gorm.io/gorm v1.25.5 h1:zR9lOiiYf09VNh5Q1gphfyia1JpiClIWG9hQaxB/mls= gorm.io/gorm v1.25.5 h1:zR9lOiiYf09VNh5Q1gphfyia1JpiClIWG9hQaxB/mls=
gorm.io/gorm v1.25.5/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8= gorm.io/gorm v1.25.5/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
modernc.org/libc v1.22.5 h1:91BNch/e5B0uPbJFgqbxXuOnxBQjlS//icfQEGmvyjE=
modernc.org/libc v1.22.5/go.mod h1:jj+Z7dTNX8fBScMVNRAYZ/jF91K8fdT2hYMThc3YjBY=
modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
modernc.org/memory v1.5.0 h1:N+/8c5rE6EqugZwHii4IFsaJ7MUhoWX07J5tC/iI5Ds=
modernc.org/memory v1.5.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
modernc.org/sqlite v1.23.1 h1:nrSBg4aRQQwq59JpvGEQ15tNxoO5pX/kUjcRNwSAGQM=
modernc.org/sqlite v1.23.1/go.mod h1:OrDj17Mggn6MhE+iPbBNf7RGKODDE9NFT0f3EwDzJqk=

35
internal/app/db.go Normal file
View file

@ -0,0 +1,35 @@
package app
import (
"code.lila.network/lauralani/tlm-login-server/internal/models"
"github.com/glebarez/sqlite"
//"gorm.io/driver/sqlite" with CGo
"gorm.io/gorm"
"log/slog"
"os"
)
func InitializeDB() error {
var err error
var db *gorm.DB
var dbpath = os.Getenv("TLM_SQLITE_PATH")
db, err = gorm.Open(sqlite.Open(dbpath), &gorm.Config{})
if err != nil {
slog.Error("Can't open DB")
os.Exit(1)
}
models.DB = db
err = models.DB.AutoMigrate(&models.User{})
if err != nil {
slog.Error("Can't do DB Migration", "Model", "User")
return err
}
return nil
}

View file

@ -1,6 +1,7 @@
package app package app
import ( import (
"code.lila.network/lauralani/tlm-login-server/internal/handlers"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/compress" "github.com/gofiber/fiber/v2/middleware/compress"
"github.com/gofiber/fiber/v2/middleware/cors" "github.com/gofiber/fiber/v2/middleware/cors"
@ -54,6 +55,8 @@ func SetupFiber() error {
fiberapp.Use(recover.New()) fiberapp.Use(recover.New())
//fiberapp.Static("/admin/", "./web") //fiberapp.Static("/admin/", "./web")
fiberapp.Add("POST", "/api/users/register", handlers.POSTUserRegister)
fiberapp.Add("POST", "/api/users/login", handlers.POSTUserLogin)
v1 := fiberapp.Group("/api/v1") v1 := fiberapp.Group("/api/v1")
v1.Use(cors.New(cors.Config{AllowOrigins: "*"})) v1.Use(cors.New(cors.Config{AllowOrigins: "*"}))

View file

@ -0,0 +1,34 @@
package handlers
import (
"code.lila.network/lauralani/tlm-login-server/internal/models"
"code.lila.network/lauralani/tlm-login-server/internal/shared"
"encoding/json"
"github.com/gofiber/fiber/v2"
"log"
"log/slog"
)
func POSTUserLogin(c *fiber.Ctx) error {
var loginrequest models.LoginRequest
var existinguser models.User
err := json.Unmarshal(c.Body(), &loginrequest)
if err != nil {
log.Println(err.Error())
return fiber.NewError(fiber.StatusBadRequest, "400 Bad Request")
}
userquery := models.DB.Where("username = ?", loginrequest.Username).First(&existinguser)
if userquery.RowsAffected == 0 {
slog.Info("Failed login for nonexistent user", "Username", loginrequest.Username, "Request-IP", c.IP())
return fiber.NewError(fiber.StatusBadRequest, "400 Bad Request")
}
if shared.CheckPassword([]byte(loginrequest.Password), existinguser.PasswordHash) {
c.Status(fiber.StatusOK)
return nil
} else {
return fiber.NewError(fiber.StatusBadRequest, "400 Bad Request")
}
}

View file

@ -0,0 +1,58 @@
package handlers
import (
"code.lila.network/lauralani/tlm-login-server/internal/models"
"code.lila.network/lauralani/tlm-login-server/internal/shared"
"encoding/json"
"github.com/gofiber/fiber/v2"
"log"
"log/slog"
)
func POSTUserRegister(c *fiber.Ctx) error {
var registration models.RegistrationRequest
var user models.User
var queryuser models.User
err := json.Unmarshal(c.Body(), &registration)
if err != nil {
log.Println(err.Error())
return fiber.NewError(fiber.StatusBadRequest, "400 Bad Request")
}
duplicatequery := models.DB.Where("username = ?", registration.Username).First(&queryuser)
if duplicatequery.RowsAffected != 0 {
c.Status(fiber.StatusBadRequest)
err = c.JSON(models.ErrorReply{
Status: "error",
Message: "Username is already taken!",
})
if err != nil {
log.Println(err)
}
return nil
}
user.PasswordHash = shared.HashPassword(registration.Password)
user.Username = registration.Username
user.Email = registration.Email
dbop := models.DB.Create(&user)
if dbop.Error != nil {
slog.Error("Error creating user", "Username", registration.Username, "Error", err.Error())
}
var httpreply models.RegistrationReply
httpreply.ID = user.ID
httpreply.Username = user.Username
httpreply.CreatedAt = user.CreatedAt
c.Status(fiber.StatusCreated)
err = c.JSON(httpreply)
if err != nil {
log.Println(err)
}
return nil
}

View file

@ -5,11 +5,12 @@ import (
"time" "time"
) )
var DB *gorm.DB
type User struct { type User struct {
gorm.Model gorm.Model
Username string Username string
Email string Email string
PasswordHash []byte PasswordHash []byte `gorm:"size:255"`
PasswordSalt string
LastLoginAt time.Time LastLoginAt time.Time
} }

25
internal/models/http.go Normal file
View file

@ -0,0 +1,25 @@
package models
import "time"
type LoginRequest struct {
Username string `json:"username"`
Password string `json:"password"`
}
type RegistrationRequest struct {
Username string `json:"username"`
Password string `json:"password"`
Email string `json:"email"`
}
type RegistrationReply struct {
ID uint `json:"id"`
Username string `json:"username"`
CreatedAt time.Time `json:"created_at"`
}
type ErrorReply struct {
Status string `json:"status"`
Message string `json:"message"`
}

View file

@ -0,0 +1,17 @@
package shared
import (
"fmt"
"golang.org/x/crypto/bcrypt"
)
// CheckPassword compares []byte password and []byte hash.
//
// Returns true if hashes match, false if not.
func CheckPassword(password []byte, hash []byte) bool {
fmt.Println(fmt.Sprintf("Hash: %v", hash))
fmt.Println(fmt.Sprintf("Hashlength: %v", len(hash)))
err := bcrypt.CompareHashAndPassword(hash, password)
return err == nil
}

View file

@ -0,0 +1,22 @@
package shared
import (
"fmt"
"golang.org/x/crypto/bcrypt"
"log/slog"
)
func HashPassword(password string) []byte {
passwordbytes := []byte(password)
// Hashing the password with the default cost of 10
passwordhash, err := bcrypt.GenerateFromPassword(passwordbytes, bcrypt.DefaultCost)
if err != nil {
slog.Error("Can't hash password")
}
fmt.Println(fmt.Sprintf("Hash: %v", passwordhash))
fmt.Println(fmt.Sprintf("Hashlength: %v", len(passwordhash)))
return passwordhash
}