Basic JWT is now working #12

Merged
jtom38 merged 12 commits from features/jwt/maybe into main 2024-03-29 14:51:01 -07:00
3 changed files with 11 additions and 10 deletions
Showing only changes of commit 2508dac595 - Show all commits

View File

@ -22,7 +22,7 @@ func generateJwt() (string, error) {
//TODO use env here //TODO use env here
secret := []byte("ThisIsABadSecretDontReallyUseThis") secret := []byte("ThisIsABadSecretDontReallyUseThis")
token := jwt.New(jwt.SigningMethodEdDSA) token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims) claims := token.Claims.(jwt.MapClaims)
claims["exp"] = time.Now().Add(10 * time.Minute) claims["exp"] = time.Now().Add(10 * time.Minute)
claims["authorized"] = true claims["authorized"] = true

View File

@ -36,18 +36,19 @@ func (us UserService) DoesUserExist(username string) error {
} }
func (us UserService) DoesPasswordMatchHash(username, password string) error { func (us UserService) DoesPasswordMatchHash(username, password string) error {
passwordBytes := []byte(password) //passwordBytes := []byte(password)
hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost) //hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
if err != nil { //if err != nil {
return err // return err
} //}
model, err := us.GetUser(username) model, err := us.GetUser(username)
if err != nil { if err != nil {
return err return err
} }
if model.Hash != string(hash) { err = bcrypt.CompareHashAndPassword([]byte(model.Hash), []byte(password))
if err != nil {
return errors.New(ErrInvalidPassword) return errors.New(ErrInvalidPassword)
} }
@ -83,7 +84,7 @@ func (us UserService) CheckPasswordForRequirements(password string) error {
} }
func (us UserService) checkPasswordLength(password string) error { func (us UserService) checkPasswordLength(password string) error {
if len(password) <= 8 { if len(password) < 8 {
return errors.New(ErrPasswordNotLongEnough) return errors.New(ErrPasswordNotLongEnough)
} }
return nil return nil

View File

@ -1,7 +1,7 @@
### ###
POST http://localhost:1323/api/v1/register?username=test&password=test POST http://localhost:1323/api/v1/register?username=test&password=test1234!
### ###
POST http://localhost:1323/api/v1/login?username=test&password=test POST http://localhost:1323/api/v1/login?username=test&password=test1234!
### ###
GET http://localhost:1323/api/v1/demo/hello GET http://localhost:1323/api/v1/demo/hello
### ###