presumably working basic routing + db queries

2025-05-28 20:43:37 +05:00
parent b47e0d3445
commit 5ed47a796f
5 changed files with 106 additions and 70 deletions
--- a/controllers/user/router.go
+++ b/controllers/user/router.go
@@ -0,0 +1,12 @@
+package user
+
+import (
+	"github.com/gin-gonic/gin"
+)
+
+func UserRouter(r *gin.Engine) *gin.Engine {
+	r.POST("/login", Login)
+	r.POST("/register", Register)
+
+	return r
+}
--- a/controllers/user/user.go
+++ b/controllers/user/user.go
@@ -0,0 +1,103 @@
+package user
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/yourusername/go-sqlc-jwt/db"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type AuthHandler struct {
+	Queries   *db.Queries
+	JWTSecret string
+}
+
+func NewAuthHandler(q *db.Queries, secret string) *AuthHandler {
+	return &AuthHandler{
+		Queries:   q,
+		JWTSecret: secret,
+	}
+}
+
+type loginRequest struct {
+	Username string `json:"username" binding:"required"`
+	Password string `json:"password" binding:"required"`
+}
+
+func (h *AuthHandler) Login(c *gin.Context) {
+	var req loginRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	user, err := h.Queries.GetUserByUsername(c.Request.Context(), req.Username)
+	if err != nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid credentials"})
+		return
+	}
+
+	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(req.Password)); err != nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid credentials"})
+		return
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"sub":      user.ID,
+		"username": user.Username,
+		"exp":      time.Now().Add(time.Hour * 24).Unix(),
+	})
+
+	tokenString, err := token.SignedString([]byte(h.JWTSecret))
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to generate token"})
+		return
+	}
+
+	// Create session in database
+	_, err = h.Queries.CreateSession(c.Request.Context(), db.CreateSessionParams{
+		UserID:    user.ID,
+		ExpiresAt: time.Now().Add(time.Hour * 24),
+	})
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to create session"})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"token":      tokenString,
+		"expires_in": 3600 * 24,
+	})
+}
+
+func (h *AuthHandler) Register(c *gin.Context) {
+	var req loginRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to hash password"})
+		return
+	}
+
+	user, err := h.Queries.CreateUser(c.Request.Context(), db.CreateUserParams{
+		Username: req.Username,
+		Password: string(hashedPassword),
+	})
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to create user"})
+		return
+	}
+
+	c.JSON(http.StatusCreated, gin.H{
+		"id":       user.ID,
+		"username": user.Username,
+	})
+}
+