diff --git a/web/auth/error.go b/web/auth/error.go index 8062e08..2fed1c7 100644 --- a/web/auth/error.go +++ b/web/auth/error.go @@ -1,10 +1,15 @@ package auth const ( - APIErrorUserNotFound string = "user not found" + // APIErrorUserNotFound api error string if user not found + APIErrorUserNotFound string = "user not found" + // APIErrorIncorrectPassword api error string if password is incorrect APIErrorIncorrectPassword string = "incorrect password" - APIErrorNoSession string = "no session" - APIErrorCreateSession string = "create session" + // APIErrorNoSession api error string if no session exists + APIErrorNoSession string = "no session" + // APIErrorCreateSession api error string if session could not created + APIErrorCreateSession string = "create session" + // APIErrroCreatePassword api error string if password could not created APIErrroCreatePassword string = "error during create password" ) diff --git a/web/auth/lib_user.go b/web/auth/lib_user.go index 82c18a9..70609a7 100644 --- a/web/auth/lib_user.go +++ b/web/auth/lib_user.go @@ -12,6 +12,7 @@ import ( "dev.sum7.eu/genofire/golang-lib/web" ) +// GetCurrentUserID get UserID of session in golang-gin func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) { session := sessions.Default(c) @@ -27,6 +28,7 @@ func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) { return id, true } +// GetCurrentUser get User of session from database in golang-gin func GetCurrentUser(c *gin.Context, ws *web.Service) (*User, bool) { id, ok := GetCurrentUserID(c) if !ok { diff --git a/web/auth/middleware.go b/web/auth/middleware.go index 1a69cf5..58616d4 100644 --- a/web/auth/middleware.go +++ b/web/auth/middleware.go @@ -9,6 +9,7 @@ import ( "dev.sum7.eu/genofire/golang-lib/web" ) +// MiddlewareLogin if user id in session for golang-gin func MiddlewareLogin(ws *web.Service) gin.HandlerFunc { return func(c *gin.Context) { _, ok := GetCurrentUserID(c) @@ -18,9 +19,12 @@ func MiddlewareLogin(ws *web.Service) gin.HandlerFunc { } } +// MiddlewarePermissionParamUUID if user has access to obj, check access by uuid in golang-gin url param uuid func MiddlewarePermissionParamUUID(ws *web.Service, obj HasPermission) gin.HandlerFunc { return MiddlewarePermissionParam(ws, obj, "uuid") } + +// MiddlewarePermissionParam if user has access to obj, check access in golang-gin url by param func MiddlewarePermissionParam(ws *web.Service, obj HasPermission, param string) gin.HandlerFunc { return func(c *gin.Context) { userID, ok := GetCurrentUserID(c) diff --git a/web/auth/models.go b/web/auth/models.go index fb94c74..c1fae55 100644 --- a/web/auth/models.go +++ b/web/auth/models.go @@ -6,12 +6,14 @@ import ( "gorm.io/gorm" ) +// User struct - default User model which could be extended type User struct { ID uuid.UUID `json:"id" gorm:"type:uuid;default:gen_random_uuid()" example:"88078ec0-2135-445f-bf05-632701c77695"` Username string `json:"username" gorm:"unique" example:"kukoon"` Password string `json:"-" example:"super secret password"` } +// NewUser by username and password func NewUser(username, password string) (*User, error) { user := &User{ Username: username, @@ -22,20 +24,23 @@ func NewUser(username, password string) (*User, error) { return user, nil } -func (this *User) SetPassword(password string) error { +// SetPassword - create new hash of password +func (u *User) SetPassword(password string) error { p, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) if err != nil { return err } - this.Password = string(p) + u.Password = string(p) return nil } -func (this *User) ValidatePassword(password string) bool { - err := bcrypt.CompareHashAndPassword([]byte(this.Password), []byte(password)) +// ValidatePassword - check if given password is equal to saved hash +func (u *User) ValidatePassword(password string) bool { + err := bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(password)) return err == nil } +// HasPermission interface for middleware check in other models type HasPermission interface { HasPermission(tx *gorm.DB, userID, objID uuid.UUID) (interface{}, error) }