diff options
Diffstat (limited to 'backend/controllers')
| -rw-r--r-- | backend/controllers/controllers.go | 73 |
1 files changed, 50 insertions, 23 deletions
diff --git a/backend/controllers/controllers.go b/backend/controllers/controllers.go index 8ce4860..79fc223 100644 --- a/backend/controllers/controllers.go +++ b/backend/controllers/controllers.go | |||
| @@ -8,6 +8,7 @@ import ( | |||
| 8 | 8 | ||
| 9 | "github.com/gin-contrib/sessions" | 9 | "github.com/gin-contrib/sessions" |
| 10 | "github.com/gin-gonic/gin" | 10 | "github.com/gin-gonic/gin" |
| 11 | "github.com/golang-jwt/jwt/v4" | ||
| 11 | "github.com/pektezol/leastportals/backend/database" | 12 | "github.com/pektezol/leastportals/backend/database" |
| 12 | "github.com/solovev/steam_go" | 13 | "github.com/solovev/steam_go" |
| 13 | ) | 14 | ) |
| @@ -31,47 +32,73 @@ func Home(c *gin.Context) { | |||
| 31 | } | 32 | } |
| 32 | 33 | ||
| 33 | func Login(c *gin.Context) { | 34 | func Login(c *gin.Context) { |
| 34 | opId := steam_go.NewOpenId(c.Request) | 35 | openID := steam_go.NewOpenId(c.Request) |
| 35 | switch opId.Mode() { | 36 | switch openID.Mode() { |
| 36 | case "": | 37 | case "": |
| 37 | http.Redirect(c.Writer, c.Request, opId.AuthUrl(), 301) | 38 | c.Redirect(http.StatusMovedPermanently, openID.AuthUrl()) |
| 38 | case "cancel": | 39 | case "cancel": |
| 39 | c.Writer.Write([]byte("Authorization cancelled")) | 40 | c.Redirect(http.StatusMovedPermanently, "/") |
| 40 | default: | 41 | default: |
| 41 | steamId, err := opId.ValidateAndGetId() | 42 | steamID, err := openID.ValidateAndGetId() |
| 42 | if err != nil { | 43 | if err != nil { |
| 43 | http.Error(c.Writer, err.Error(), http.StatusInternalServerError) | 44 | http.Error(c.Writer, err.Error(), http.StatusInternalServerError) |
| 44 | } | 45 | } |
| 45 | // Create user if new | 46 | // Create user if new |
| 46 | var checkSteamID int64 | 47 | var checkSteamID int64 |
| 47 | database.DB.QueryRow("SELECT steam_id FROM users WHERE steamid = $1", steamId).Scan(&checkSteamID) | 48 | database.DB.QueryRow("SELECT steam_id FROM users WHERE steamid = $1", steamID).Scan(&checkSteamID) |
| 48 | if checkSteamID == 0 { // User does not exist | 49 | // User does not exist |
| 49 | user, err := steam_go.GetPlayerSummaries(steamId, os.Getenv("API_KEY")) | 50 | if checkSteamID == 0 { |
| 51 | user, err := steam_go.GetPlayerSummaries(steamID, os.Getenv("API_KEY")) | ||
| 50 | if err != nil { | 52 | if err != nil { |
| 51 | log.Panic(err) | 53 | log.Panic(err) |
| 52 | } | 54 | } |
| 55 | // Insert new user to database | ||
| 53 | database.DB.Exec(`INSERT INTO users (steam_id, username, avatar_link, country_code, created_at, updated_at, user_type) | 56 | database.DB.Exec(`INSERT INTO users (steam_id, username, avatar_link, country_code, created_at, updated_at, user_type) |
| 54 | VALUES ($1, $2, $3, $4, $5, $6, $7)`, steamId, user.PersonaName, user.Avatar, user.LocCountryCode, time.Now().UTC(), time.Now().UTC(), 0) | 57 | VALUES ($1, $2, $3, $4, $5, $6, $7)`, steamID, user.PersonaName, user.Avatar, user.LocCountryCode, time.Now().UTC(), time.Now().UTC(), 0) |
| 58 | } | ||
| 59 | // Update updated_at | ||
| 60 | database.DB.Exec(`UPDATE users SET updated_at = $1 WHERE steam_id = $2`, time.Now().UTC(), steamID) | ||
| 61 | // Generate JWT token | ||
| 62 | token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ | ||
| 63 | "sub": steamID, | ||
| 64 | "exp": time.Now().Add(time.Hour * 24 * 30).Unix(), | ||
| 65 | }) | ||
| 66 | // Sign and get the complete encoded token as a string using the secret | ||
| 67 | tokenString, err := token.SignedString([]byte(os.Getenv("SECRET_KEY"))) | ||
| 68 | if err != nil { | ||
| 69 | c.JSON(http.StatusBadRequest, gin.H{ | ||
| 70 | "error": "failed to create token", | ||
| 71 | }) | ||
| 72 | return | ||
| 55 | } | 73 | } |
| 56 | session := sessions.Default(c) | 74 | // Create auth cookie |
| 57 | session.Set("id", steamId) | 75 | c.SetSameSite(http.SameSiteLaxMode) |
| 58 | session.Save() | 76 | c.SetCookie("auth", tokenString, 3600*24*30, "/", "", true, true) |
| 59 | // Do whatever you want with steam id | ||
| 60 | c.Redirect(http.StatusMovedPermanently, "/") | 77 | c.Redirect(http.StatusMovedPermanently, "/") |
| 61 | c.Writer.Write([]byte(steamId)) | ||
| 62 | } | 78 | } |
| 63 | } | 79 | } |
| 64 | 80 | ||
| 65 | func Logout(c *gin.Context) { | 81 | func Logout(c *gin.Context) { |
| 66 | session := sessions.Default(c) | 82 | // Check if user exists |
| 67 | if session.Get("id") == nil { | 83 | _, exists := c.Get("user") |
| 68 | c.JSON(http.StatusBadRequest, "no id, not auth") | 84 | if !exists { |
| 85 | c.JSON(http.StatusBadRequest, gin.H{ | ||
| 86 | "error": "not logged in", | ||
| 87 | }) | ||
| 69 | } else { | 88 | } else { |
| 70 | session.Set("id", "") | 89 | // Set auth cookie to die |
| 71 | session.Clear() | 90 | tokenString, _ := c.Cookie("auth") |
| 72 | session.Options(sessions.Options{Path: "/", MaxAge: -1}) | 91 | c.SetCookie("auth", tokenString, -1, "/", "", true, true) |
| 73 | session.Save() | 92 | c.JSON(http.StatusOK, gin.H{ |
| 74 | log.Print("id", session.Get("id")) | 93 | "output": "logout success", |
| 75 | c.Redirect(http.StatusPermanentRedirect, "/") | 94 | }) |
| 95 | //c.Redirect(http.StatusPermanentRedirect, "/") | ||
| 76 | } | 96 | } |
| 77 | } | 97 | } |
| 98 | |||
| 99 | func Validate(c *gin.Context) { | ||
| 100 | user, _ := c.Get("user") | ||
| 101 | c.JSON(http.StatusOK, gin.H{ | ||
| 102 | "output": user, | ||
| 103 | }) | ||
| 104 | } | ||