aboutsummaryrefslogtreecommitdiff
path: root/backend/controllers
diff options
context:
space:
mode:
authorArda Serdar Pektezol <1669855+pektezol@users.noreply.github.com>2022-10-27 01:17:14 +0300
committerArda Serdar Pektezol <1669855+pektezol@users.noreply.github.com>2022-10-27 01:17:14 +0300
commit66929b059af90cedce1d25d5fefc7768f8f2843d (patch)
tree3e54992bb9d7a68ff6be3537f16bbb2cd7f11b75 /backend/controllers
parent(#2) add validate endpoint (diff)
downloadlphub-66929b059af90cedce1d25d5fefc7768f8f2843d.tar.gz
lphub-66929b059af90cedce1d25d5fefc7768f8f2843d.tar.bz2
lphub-66929b059af90cedce1d25d5fefc7768f8f2843d.zip
(#2) finished user authentication with steam (probably)
Diffstat (limited to 'backend/controllers')
-rw-r--r--backend/controllers/controllers.go73
1 files changed, 50 insertions, 23 deletions
diff --git a/backend/controllers/controllers.go b/backend/controllers/controllers.go
index 8ce4860..79fc223 100644
--- a/backend/controllers/controllers.go
+++ b/backend/controllers/controllers.go
@@ -8,6 +8,7 @@ import (
8 8
9 "github.com/gin-contrib/sessions" 9 "github.com/gin-contrib/sessions"
10 "github.com/gin-gonic/gin" 10 "github.com/gin-gonic/gin"
11 "github.com/golang-jwt/jwt/v4"
11 "github.com/pektezol/leastportals/backend/database" 12 "github.com/pektezol/leastportals/backend/database"
12 "github.com/solovev/steam_go" 13 "github.com/solovev/steam_go"
13) 14)
@@ -31,47 +32,73 @@ func Home(c *gin.Context) {
31} 32}
32 33
33func Login(c *gin.Context) { 34func Login(c *gin.Context) {
34 opId := steam_go.NewOpenId(c.Request) 35 openID := steam_go.NewOpenId(c.Request)
35 switch opId.Mode() { 36 switch openID.Mode() {
36 case "": 37 case "":
37 http.Redirect(c.Writer, c.Request, opId.AuthUrl(), 301) 38 c.Redirect(http.StatusMovedPermanently, openID.AuthUrl())
38 case "cancel": 39 case "cancel":
39 c.Writer.Write([]byte("Authorization cancelled")) 40 c.Redirect(http.StatusMovedPermanently, "/")
40 default: 41 default:
41 steamId, err := opId.ValidateAndGetId() 42 steamID, err := openID.ValidateAndGetId()
42 if err != nil { 43 if err != nil {
43 http.Error(c.Writer, err.Error(), http.StatusInternalServerError) 44 http.Error(c.Writer, err.Error(), http.StatusInternalServerError)
44 } 45 }
45 // Create user if new 46 // Create user if new
46 var checkSteamID int64 47 var checkSteamID int64
47 database.DB.QueryRow("SELECT steam_id FROM users WHERE steamid = $1", steamId).Scan(&checkSteamID) 48 database.DB.QueryRow("SELECT steam_id FROM users WHERE steamid = $1", steamID).Scan(&checkSteamID)
48 if checkSteamID == 0 { // User does not exist 49 // User does not exist
49 user, err := steam_go.GetPlayerSummaries(steamId, os.Getenv("API_KEY")) 50 if checkSteamID == 0 {
51 user, err := steam_go.GetPlayerSummaries(steamID, os.Getenv("API_KEY"))
50 if err != nil { 52 if err != nil {
51 log.Panic(err) 53 log.Panic(err)
52 } 54 }
55 // Insert new user to database
53 database.DB.Exec(`INSERT INTO users (steam_id, username, avatar_link, country_code, created_at, updated_at, user_type) 56 database.DB.Exec(`INSERT INTO users (steam_id, username, avatar_link, country_code, created_at, updated_at, user_type)
54 VALUES ($1, $2, $3, $4, $5, $6, $7)`, steamId, user.PersonaName, user.Avatar, user.LocCountryCode, time.Now().UTC(), time.Now().UTC(), 0) 57 VALUES ($1, $2, $3, $4, $5, $6, $7)`, steamID, user.PersonaName, user.Avatar, user.LocCountryCode, time.Now().UTC(), time.Now().UTC(), 0)
58 }
59 // Update updated_at
60 database.DB.Exec(`UPDATE users SET updated_at = $1 WHERE steam_id = $2`, time.Now().UTC(), steamID)
61 // Generate JWT token
62 token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
63 "sub": steamID,
64 "exp": time.Now().Add(time.Hour * 24 * 30).Unix(),
65 })
66 // Sign and get the complete encoded token as a string using the secret
67 tokenString, err := token.SignedString([]byte(os.Getenv("SECRET_KEY")))
68 if err != nil {
69 c.JSON(http.StatusBadRequest, gin.H{
70 "error": "failed to create token",
71 })
72 return
55 } 73 }
56 session := sessions.Default(c) 74 // Create auth cookie
57 session.Set("id", steamId) 75 c.SetSameSite(http.SameSiteLaxMode)
58 session.Save() 76 c.SetCookie("auth", tokenString, 3600*24*30, "/", "", true, true)
59 // Do whatever you want with steam id
60 c.Redirect(http.StatusMovedPermanently, "/") 77 c.Redirect(http.StatusMovedPermanently, "/")
61 c.Writer.Write([]byte(steamId))
62 } 78 }
63} 79}
64 80
65func Logout(c *gin.Context) { 81func Logout(c *gin.Context) {
66 session := sessions.Default(c) 82 // Check if user exists
67 if session.Get("id") == nil { 83 _, exists := c.Get("user")
68 c.JSON(http.StatusBadRequest, "no id, not auth") 84 if !exists {
85 c.JSON(http.StatusBadRequest, gin.H{
86 "error": "not logged in",
87 })
69 } else { 88 } else {
70 session.Set("id", "") 89 // Set auth cookie to die
71 session.Clear() 90 tokenString, _ := c.Cookie("auth")
72 session.Options(sessions.Options{Path: "/", MaxAge: -1}) 91 c.SetCookie("auth", tokenString, -1, "/", "", true, true)
73 session.Save() 92 c.JSON(http.StatusOK, gin.H{
74 log.Print("id", session.Get("id")) 93 "output": "logout success",
75 c.Redirect(http.StatusPermanentRedirect, "/") 94 })
95 //c.Redirect(http.StatusPermanentRedirect, "/")
76 } 96 }
77} 97}
98
99func Validate(c *gin.Context) {
100 user, _ := c.Get("user")
101 c.JSON(http.StatusOK, gin.H{
102 "output": user,
103 })
104}
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-09 16:44:30 +0000