87 lines
2.0 KiB
Go
87 lines
2.0 KiB
Go
package main
|
|
|
|
import (
|
|
"InfantrySkillCalculator/controllers"
|
|
"InfantrySkillCalculator/models"
|
|
"InfantrySkillCalculator/utils"
|
|
"errors"
|
|
"fmt"
|
|
"github.com/gin-gonic/gin"
|
|
"golang.org/x/crypto/bcrypt"
|
|
"gorm.io/gorm"
|
|
"log"
|
|
"net/http"
|
|
)
|
|
|
|
func checkUserCredentials(username, password string) bool {
|
|
var hashedPassword string
|
|
|
|
hashedPassword, err := getUserPassword(username)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
err = bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
|
|
return err == nil
|
|
}
|
|
|
|
func getUserPassword(username string) (string, error) {
|
|
var user models.User
|
|
|
|
if err := models.DB.Where("username = ?", username).First(&user).Error; err != nil {
|
|
if !errors.Is(err, gorm.ErrRecordNotFound) {
|
|
log.Fatal(err)
|
|
}
|
|
return "", err
|
|
}
|
|
|
|
return user.Password, nil
|
|
}
|
|
|
|
func hashPassword(password string) (string, error) {
|
|
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to hash password: %w", err)
|
|
}
|
|
return string(hashedPassword), nil
|
|
}
|
|
|
|
func AuthRequired() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
session, _ := utils.Store.Get(c.Request, utils.LoginSessionName)
|
|
if auth, ok := session.Values["authenticated"].(bool); !ok || !auth || !controllers.IsUserEnabled(session.Values["username"].(string)) {
|
|
session.Options.MaxAge = -1
|
|
err := session.Save(c.Request, c.Writer)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
c.Redirect(http.StatusFound, "/login")
|
|
c.Abort()
|
|
return
|
|
}
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func isValidCode(code string) bool {
|
|
var activationCode models.ActivationCode
|
|
if err := models.DB.Where("code = ?", code).First(&activationCode).Error; err != nil {
|
|
return false
|
|
}
|
|
|
|
if activationCode.Code == code && !activationCode.Used {
|
|
models.DB.Model(&activationCode).Updates(map[string]interface{}{
|
|
"Code": code,
|
|
"Used": true,
|
|
})
|
|
|
|
newCode := utils.GenerateActivationCode()
|
|
newCodeObj := models.ActivationCode{Code: newCode, Used: false}
|
|
models.DB.Create(&newCodeObj)
|
|
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|