func login(w http.ResponseWriter, r *http.Request) {
defer r.Body.Close()
req := loginReq{}
if err := util.ParseJSON(r.Body, w, &req); err != nil {
// ParseJSON handles error reponse
return
}
user, err := models.GetUser("", req.Email)
if err != nil {
logger.Debug.Println("User not found")
util.JSONResponse(w, incorectEmailOrPassword, 401)
return
}
if !user.CheckPass(req.Password) {
logger.Debug.Println("Incorrect Password")
util.JSONResponse(w, incorectEmailOrPassword, 401)
return
}
token, err := userToken.New(user.ID, time.Now().Add(userTokenExp))
if err != nil {
logger.Error.Print(err)
w.WriteHeader(500)
return
}
util.JSONResponse(w, loginRes{Token: token}, 200)
}
// CheckAuth checks authentication and
func CheckAuth(fn UserReq) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
valid, usrID := userToken.Valid(r.Header.Get("Authorization"))
if !valid {
util.JSONResponse(w, invalidToken, 401)
return
}
usr, err := models.GetUser(usrID, "")
if err == gorm.RecordNotFound {
util.JSONResponse(w, invalidToken, 401)
return
} else if err != nil {
logger.Error.Print(err)
w.WriteHeader(500)
return
}
fn(w, r, usr)
}
}
