106 lines
2.5 KiB
Go
106 lines
2.5 KiB
Go
package main
|
|
|
|
import (
|
|
"InfantrySkillCalculator/controllers"
|
|
"InfantrySkillCalculator/models"
|
|
"InfantrySkillCalculator/utils"
|
|
"errors"
|
|
"fmt"
|
|
"github.com/gin-gonic/gin"
|
|
"golang.org/x/crypto/bcrypt"
|
|
"gorm.io/gorm"
|
|
"log"
|
|
"net/http"
|
|
)
|
|
|
|
func checkUserCredentials(username, password string) bool {
|
|
var hashedPassword string
|
|
|
|
hashedPassword, err := getUserPassword(username)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
err = bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
|
|
return err == nil
|
|
}
|
|
|
|
func getUserPassword(username string) (string, error) {
|
|
var user models.User
|
|
|
|
if err := models.DB.Where("username = ?", username).First(&user).Error; err != nil {
|
|
if !errors.Is(err, gorm.ErrRecordNotFound) {
|
|
log.Fatal(err)
|
|
}
|
|
return "", err
|
|
}
|
|
|
|
return user.Password, nil
|
|
}
|
|
|
|
func hashPassword(password string) (string, error) {
|
|
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to hash password: %w", err)
|
|
}
|
|
return string(hashedPassword), nil
|
|
}
|
|
|
|
func AuthRequired() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
session, _ := utils.Store.Get(c.Request, utils.LoginSessionName)
|
|
if auth, ok := session.Values["authenticated"].(bool); !ok || !auth || !controllers.IsUserEnabled(session.Values["username"].(string)) {
|
|
redirectToLogin(c)
|
|
return
|
|
}
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func AdminAuthRequired() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
session, _ := utils.Store.Get(c.Request, utils.LoginSessionName)
|
|
if auth, ok := session.Values["authenticated"].(bool); !ok || !auth {
|
|
redirectToLogin(c)
|
|
return
|
|
}
|
|
|
|
username, ok := session.Values["username"].(string)
|
|
if !ok || !controllers.IsUserEnabled(username) || !controllers.IsUserAdmin(username) {
|
|
redirectToLogin(c)
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func isUserAdmin(c *gin.Context) bool {
|
|
session, _ := utils.Store.Get(c.Request, utils.LoginSessionName)
|
|
username, ok := session.Values["username"].(string)
|
|
if !ok {
|
|
return false
|
|
}
|
|
return controllers.IsUserAdmin(username)
|
|
}
|
|
|
|
func redirectToLogin(c *gin.Context) {
|
|
session, _ := utils.Store.Get(c.Request, utils.LoginSessionName)
|
|
session.Options.MaxAge = -1
|
|
err := session.Save(c.Request, c.Writer)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
c.Redirect(http.StatusFound, "/login")
|
|
c.Abort()
|
|
}
|
|
|
|
func isValidCode(code string) bool {
|
|
var activationCode models.ActivationCode
|
|
if err := models.DB.Where("code = ?", code).First(&activationCode).Error; err != nil {
|
|
return false
|
|
}
|
|
|
|
return activationCode.Code == code && activationCode.UsedForUsername == ""
|
|
}
|