Created
December 6, 2017 19:35
-
-
Save bunyk/bb5787e83c66f2ef31227372cfa52e00 to your computer and use it in GitHub Desktop.
JWT token login
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"encoding/json" | |
"fmt" | |
"github.com/dgrijalva/jwt-go" | |
"io/ioutil" | |
"log" | |
"net/http" | |
"time" | |
) | |
func main() { | |
initDB() | |
err := loadKeys() | |
if err != nil { | |
log.Fatal(err) | |
} | |
http.HandleFunc("/login", loginHandler) | |
http.HandleFunc("/", handler) | |
fmt.Println("Listening at 8080") | |
http.ListenAndServe(":8080", nil) | |
} | |
// "database" | |
var messages []string | |
var PublicKey, PrivateKey []byte | |
func initDB() { | |
messages = make([]string, 0) | |
messages = append(messages, "Hello") | |
messages = append(messages, "World") | |
} | |
func handler(w http.ResponseWriter, r *http.Request) { | |
if r.Method == "GET" { | |
data, err := json.Marshal(messages) | |
if errorHandler(w, err, http.StatusInternalServerError) { | |
return | |
} | |
w.Write(data) | |
} else if r.Method == "POST" { | |
bodybytes, err := ioutil.ReadAll(r.Body) | |
if errorHandler(w, err, http.StatusInternalServerError) { | |
return | |
} | |
messages = append(messages, string(bodybytes)) | |
w.Write(bodybytes) | |
} else { | |
errorHandler(w, fmt.Errorf("Method not allowed: %s", r.Method), http.StatusMethodNotAllowed) | |
} | |
} | |
type UserCredentials struct { | |
Login string `json:"login"` | |
Password string `json:"password"` | |
} | |
func loginHandler(w http.ResponseWriter, r *http.Request) { | |
var user UserCredentials | |
var err error | |
bodybytes, err := ioutil.ReadAll(r.Body) | |
fmt.Println(string(bodybytes)) | |
err = json.Unmarshal(bodybytes, &user) | |
if errorHandler(w, err, http.StatusUnprocessableEntity) { | |
return | |
} | |
if (user.Login != "LOGIN") && (user.Password != "PASSWORD") { | |
errorHandler(w, fmt.Errorf("Bad credentials"), http.StatusForbidden) | |
return | |
} | |
token := jwt.NewWithClaims(jwt.GetSigningMethod("RSA256"), jwt.MapClaims{ | |
"allow": "post", | |
"exp": time.Now().Add(time.Minute * 30).Unix(), | |
}) | |
fmt.Println(string(PrivateKey)) | |
tokenString, err := token.SignedString(PrivateKey) | |
if errorHandler(w, err, http.StatusInternalServerError) { | |
return | |
} | |
msg, _ := json.Marshal(map[string]string{ | |
"token": tokenString, | |
}) | |
w.Write(msg) | |
} | |
func loadKeys() error { | |
var err error | |
PrivateKey, err = ioutil.ReadFile("./key.rsa") | |
if err != nil { | |
return err | |
} | |
PublicKey, err = ioutil.ReadFile("./key.rsa.pub") | |
if err != nil { | |
return err | |
} | |
return nil | |
} | |
func errorHandler(w http.ResponseWriter, err error, code int) bool { | |
if err == nil { | |
return false | |
} | |
fmt.Println(err) | |
msg, _ := json.Marshal(map[string]string{ | |
"error": err.Error(), | |
}) | |
w.Write(msg) | |
return true | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment