func login(w http.ResponseWriter, r *http.Request) { defer r.Body.Close() req := loginReq{} if err := util.ParseJSON(r.Body, w, &req); err != nil { // ParseJSON handles error reponse return } user, err := models.GetUser("", req.Email) if err != nil { logger.Debug.Println("User not found") util.JSONResponse(w, incorectEmailOrPassword, 401) return } if !user.CheckPass(req.Password) { logger.Debug.Println("Incorrect Password") util.JSONResponse(w, incorectEmailOrPassword, 401) return } token, err := userToken.New(user.ID, time.Now().Add(userTokenExp)) if err != nil { logger.Error.Print(err) w.WriteHeader(500) return } util.JSONResponse(w, loginRes{Token: token}, 200) }
// CheckAuth checks authentication and func CheckAuth(fn UserReq) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { valid, usrID := userToken.Valid(r.Header.Get("Authorization")) if !valid { util.JSONResponse(w, invalidToken, 401) return } usr, err := models.GetUser(usrID, "") if err == gorm.RecordNotFound { util.JSONResponse(w, invalidToken, 401) return } else if err != nil { logger.Error.Print(err) w.WriteHeader(500) return } fn(w, r, usr) } }