identity-provider-api/controllers/auth.go

package controllers

import (
	"encoding/base64"
	"fmt"
	"log"
	"time"

	"git.secnex.io/secnex/idp-api/api"
	"git.secnex.io/secnex/idp-api/db"
	"git.secnex.io/secnex/idp-api/models"
	"git.secnex.io/secnex/idp-api/repositories"
	"git.secnex.io/secnex/idp-api/utils"
	"github.com/gofiber/fiber/v2"
)

type DtoLoginRequest struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

type DtoRegisterRequest struct {
	Username string `json:"username"`
	Password string `json:"password"`
	Email    string `json:"email"`
}

type DtoSessionInfoRequest struct {
	Session string `json:"session"`
}

type DtoLogoutRequest struct {
	Session string `json:"session"`
}

func UserLogin(c *fiber.Ctx) error {
	database := db.GetDB()
	userRepo := repositories.NewUserRepository(database)
	sessionRepo := repositories.NewSessionRepository(database)
	body := new(DtoLoginRequest)
	if err := c.BodyParser(body); err != nil {
		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{
			"message": "Invalid request body",
		})
	}

	user, err := userRepo.GetUserByUsername(body.Username)
	if err != nil {
		return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
			"message": "Invalid username or password",
		})
	}

	passwordMatch, err := utils.VerifyPassword(body.Password, user.Password)
	if err != nil {
		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
			"message": "Failed to verify password",
		})
	}
	if !passwordMatch {
		return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
			"message": "Invalid username or password",
		})
	}

	session := &models.Session{
		UserID:    user.ID,
		ExpiresAt: time.Now().Add(time.Hour * 24),
	}

	if err := sessionRepo.CreateSession(session); err != nil {
		log.Println("Failed to create session", err)
		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
			"message": "Failed to create session",
		})
	}

	sessionToken := base64.StdEncoding.EncodeToString([]byte(session.ID.String()))

	return api.Success(c, fiber.Map{
		"session": fmt.Sprintf("%s:%s", string(utils.AuthTypeSession), sessionToken),
	}, fiber.StatusOK, nil, nil)
}

func UserLogout(c *fiber.Ctx) error {
	database := db.GetDB()
	sessionRepo := repositories.NewSessionRepository(database)
	body := new(DtoLogoutRequest)
	if err := c.BodyParser(body); err != nil {
		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{
			"message": "Invalid request body",
		})
	}

	if err := sessionRepo.LogoutSessionByID(body.Session); err != nil {
		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
			"message": "Failed to logout session",
		})
	}

	return api.Success(c, nil, fiber.StatusOK, nil, nil)
}

func SessionInfo(c *fiber.Ctx) error {
	database := db.GetDB()
	sessionRepo := repositories.NewSessionRepository(database)
	body := new(DtoSessionInfoRequest)
	if err := c.BodyParser(body); err != nil {
		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{
			"message": "Invalid request body",
		})
	}

	sessionId, err := utils.ExtractSessionFromHeader(body.Session, c)
	if err != nil {
		return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
			"message": "Invalid session",
		})
	}

	session, err := sessionRepo.GetSessionByID(sessionId, true)
	if err != nil {
		return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
			"message": "Invalid session",
		})
	}

	return api.Success(c, session, fiber.StatusOK, nil, nil)
}