docs: web/auth module
continuous-integration/drone the build was successful
Details
continuous-integration/drone the build was successful
Details
This commit is contained in:
parent
a2bea2277b
commit
0902defa8a
|
@ -1,10 +1,15 @@
|
|||
package auth
|
||||
|
||||
const (
|
||||
// APIErrorUserNotFound api error string if user not found
|
||||
APIErrorUserNotFound string = "user not found"
|
||||
// APIErrorIncorrectPassword api error string if password is incorrect
|
||||
APIErrorIncorrectPassword string = "incorrect password"
|
||||
// APIErrorNoSession api error string if no session exists
|
||||
APIErrorNoSession string = "no session"
|
||||
// APIErrorCreateSession api error string if session could not created
|
||||
APIErrorCreateSession string = "create session"
|
||||
|
||||
// APIErrroCreatePassword api error string if password could not created
|
||||
APIErrroCreatePassword string = "error during create password"
|
||||
)
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
"dev.sum7.eu/genofire/golang-lib/web"
|
||||
)
|
||||
|
||||
// GetCurrentUserID get UserID of session in golang-gin
|
||||
func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) {
|
||||
session := sessions.Default(c)
|
||||
|
||||
|
@ -27,6 +28,7 @@ func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) {
|
|||
return id, true
|
||||
}
|
||||
|
||||
// GetCurrentUser get User of session from database in golang-gin
|
||||
func GetCurrentUser(c *gin.Context, ws *web.Service) (*User, bool) {
|
||||
id, ok := GetCurrentUserID(c)
|
||||
if !ok {
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"dev.sum7.eu/genofire/golang-lib/web"
|
||||
)
|
||||
|
||||
// MiddlewareLogin if user id in session for golang-gin
|
||||
func MiddlewareLogin(ws *web.Service) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
_, ok := GetCurrentUserID(c)
|
||||
|
@ -18,9 +19,12 @@ func MiddlewareLogin(ws *web.Service) gin.HandlerFunc {
|
|||
}
|
||||
}
|
||||
|
||||
// MiddlewarePermissionParamUUID if user has access to obj, check access by uuid in golang-gin url param uuid
|
||||
func MiddlewarePermissionParamUUID(ws *web.Service, obj HasPermission) gin.HandlerFunc {
|
||||
return MiddlewarePermissionParam(ws, obj, "uuid")
|
||||
}
|
||||
|
||||
// MiddlewarePermissionParam if user has access to obj, check access in golang-gin url by param
|
||||
func MiddlewarePermissionParam(ws *web.Service, obj HasPermission, param string) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
userID, ok := GetCurrentUserID(c)
|
||||
|
|
|
@ -6,12 +6,14 @@ import (
|
|||
"gorm.io/gorm"
|
||||
)
|
||||
|
||||
// User struct - default User model which could be extended
|
||||
type User struct {
|
||||
ID uuid.UUID `json:"id" gorm:"type:uuid;default:gen_random_uuid()" example:"88078ec0-2135-445f-bf05-632701c77695"`
|
||||
Username string `json:"username" gorm:"unique" example:"kukoon"`
|
||||
Password string `json:"-" example:"super secret password"`
|
||||
}
|
||||
|
||||
// NewUser by username and password
|
||||
func NewUser(username, password string) (*User, error) {
|
||||
user := &User{
|
||||
Username: username,
|
||||
|
@ -22,20 +24,23 @@ func NewUser(username, password string) (*User, error) {
|
|||
return user, nil
|
||||
}
|
||||
|
||||
func (this *User) SetPassword(password string) error {
|
||||
// SetPassword - create new hash of password
|
||||
func (u *User) SetPassword(password string) error {
|
||||
p, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
this.Password = string(p)
|
||||
u.Password = string(p)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (this *User) ValidatePassword(password string) bool {
|
||||
err := bcrypt.CompareHashAndPassword([]byte(this.Password), []byte(password))
|
||||
// ValidatePassword - check if given password is equal to saved hash
|
||||
func (u *User) ValidatePassword(password string) bool {
|
||||
err := bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(password))
|
||||
return err == nil
|
||||
}
|
||||
|
||||
// HasPermission interface for middleware check in other models
|
||||
type HasPermission interface {
|
||||
HasPermission(tx *gorm.DB, userID, objID uuid.UUID) (interface{}, error)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue