Compare commits

..

5 Commits

4 changed files with 28 additions and 13 deletions

1
.gitignore vendored
View File

@ -24,5 +24,6 @@ go.work
gonuts gonuts
*.db *.db
bin* bin*
*.log
docs/ docs/

View File

@ -25,8 +25,12 @@ func Connect() *gorm.DB {
if udb != nil { if udb != nil {
return udb return udb
} }
logFile, err := os.OpenFile("db.log", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
panic(err)
}
newLogger := logger.New( newLogger := logger.New(
log.New(os.Stdout, "\r\n", log.LstdFlags), log.New(logFile, "\r\n", log.LstdFlags),
logger.Config{ logger.Config{
SlowThreshold: time.Second, SlowThreshold: time.Second,
LogLevel: logger.Error, LogLevel: logger.Error,

View File

@ -48,6 +48,11 @@ func UserRegister(c *gin.Context) {
} }
token1 = token token1 = token
} }
err := tokens.CreateSessionFromToken(token1.Val, dbUser.ID)
if err != nil {
log.Printf("tokens.CreateSessionFromToken: %v\n", err)
c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"})
}
c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true) c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true)
acc := types.Account{ acc := types.Account{
ID: dbUser.ID, ID: dbUser.ID,
@ -100,6 +105,11 @@ func UserLogin(c *gin.Context) {
} }
token1 = token token1 = token
} }
err := tokens.CreateSessionFromToken(token1.Val, foundUser.ID)
if err != nil {
log.Printf("tokens.CreateSessionFromToken: %v\n", err)
c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"})
}
c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true) c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true)
acc := types.Account{ acc := types.Account{
ID: foundUser.ID, ID: foundUser.ID,

View File

@ -2,19 +2,15 @@ package tokens
import ( import (
"crypto/sha256" "crypto/sha256"
"encoding/base64"
"log" "log"
"time" "time"
"git.qowevisa.me/Qowevisa/fin-check-api/db" "git.qowevisa.me/Qowevisa/fin-check-api/db"
) )
func getSalt() []byte {
return []byte("w40DJV3v1flySvFdxHWbBSJsIOaakkVs5FG7brq4oi1#nEz2fEZxpUfyBwkkww7f")
}
func CreateSessionFromToken(token string, userID uint) error { func CreateSessionFromToken(token string, userID uint) error {
salt := getSalt() sessionID := getSessionIDFromToken(token)
sessionID := sha256.New().Sum(append(salt, []byte(token)...))
dbc := db.Connect() dbc := db.Connect()
session := &db.Session{ session := &db.Session{
ID: string(sessionID), ID: string(sessionID),
@ -28,11 +24,10 @@ func CreateSessionFromToken(token string, userID uint) error {
} }
func ValidateSessionToken(token string) bool { func ValidateSessionToken(token string) bool {
salt := getSalt() sessionID := getSessionIDFromToken(token)
sessionID := sha256.New().Sum(append(salt, []byte(token)...))
dbc := db.Connect() dbc := db.Connect()
session := &db.Session{} session := &db.Session{}
if err := dbc.Find(session, sessionID).Error; err != nil { if err := dbc.Find(session, db.Session{ID: sessionID}).Error; err != nil {
log.Printf("DBERROR: %v\n", err) log.Printf("DBERROR: %v\n", err)
return false return false
} }
@ -47,12 +42,17 @@ func ValidateSessionToken(token string) bool {
} }
func GetSession(token string) (*db.Session, error) { func GetSession(token string) (*db.Session, error) {
salt := getSalt() sessionID := getSessionIDFromToken(token)
sessionID := sha256.New().Sum(append(salt, []byte(token)...))
dbc := db.Connect() dbc := db.Connect()
session := &db.Session{} session := &db.Session{}
if err := dbc.Find(session, sessionID).Error; err != nil { if err := dbc.Find(session, db.Session{ID: sessionID}).Error; err != nil {
return nil, err return nil, err
} }
return session, nil return session, nil
} }
func getSessionIDFromToken(token string) string {
salt := []byte("w40DJV3v1flySvFdxHWbBSJsIOaakkVs5FG7brq4oi1#nEz2fEZxpUfyBwkkww7f")
bytes := sha256.New().Sum(append(salt, []byte(token)...))
return base64.URLEncoding.EncodeToString(bytes)
}