Skip to content
This repository has been archived by the owner on May 8, 2024. It is now read-only.

Remember me backend #14

Closed
wants to merge 3 commits into from
Closed

Remember me backend #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a88ba8c
fixed commit
clovertera Mar 18, 2024
4fc786f
using JWTSecret as key
clovertera Mar 18, 2024
2fa4d0f
change JWTExpireSeconds based on remember var
clovertera Mar 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 58 additions & 0 deletions app/controller/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
package controller

import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"fmt"
"io"
"math/big"
"time"

Expand Down Expand Up @@ -70,6 +74,11 @@ func Login(c *fiber.Ctx) error {
"msg": err.Error(),
})
}
if !login.Remember {
config.Conf.JWTExpireSeconds = 1800
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should add a new parameter for JWTExpireSeconds, this conf change will affect all the users.

} else {
config.Conf.JWTExpireSeconds = 1209600
}
c.Cookie(&fiber.Cookie{
Name: "access_token",
Value: token,
Expand Down Expand Up @@ -124,7 +133,15 @@ func Register(c *fiber.Ctx) error {
"msg": "user with this username or email already exists",
})
}
// bcrypt encryption for password
register.Password, _ = GeneratePasswordHash([]byte(register.Password))

// AES encryption for payment info
key := []byte(config.Conf.JWTSecret) // 16 byte key
register.CardNumber, _ = AESEncrypt(key, register.CardNumber)
register.CardType, _ = AESEncrypt(key, register.CardNumber)
register.CardExpiration, _ = AESEncrypt(key, register.CardNumber)

newUser := model.User{}
if err := convert.Update(&newUser, &register); err != nil {
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
Expand Down Expand Up @@ -272,6 +289,47 @@ func GeneratePasswordHash(password []byte) (string, error) {
return string(hashedPassword), nil
}

func AESEncrypt(key []byte, plaintext string) (string, error) {
byteString := []byte(plaintext)
block, err := aes.NewCipher(key)
// err: cipher cannot be created
if err != nil {
return "", err
}
cipherText := make([]byte, aes.BlockSize+len(byteString))
iv := cipherText[:aes.BlockSize] // extends to blocksize
// err: can't encrypt
if _, err = io.ReadFull(rand.Reader, iv); err != nil {
return "", err
}
stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(cipherText[aes.BlockSize:], byteString)
return base64.StdEncoding.EncodeToString(cipherText), nil
}

func AESDecrypt(key []byte, plaintext string) (string, error) {
cipherText, err := base64.StdEncoding.DecodeString(plaintext)
// err: cannot base64 decode
if err != nil {
return "", err
}
block, err := aes.NewCipher(key)
// err: cannot make new cipher
if err != nil {
return "", err
}
// err: ciphertext block size is wrong
if len(cipherText) < aes.BlockSize {
return "", fmt.Errorf("ciphertext wrong block size")
}
iv := cipherText[:aes.BlockSize]
cipherText = cipherText[aes.BlockSize:]
stream := cipher.NewCFBDecrypter(block, iv)
stream.XORKeyStream(cipherText, cipherText)

return string(cipherText), nil
}

func IsValidPassword(hash, password []byte) bool {
err := bcrypt.CompareHashAndPassword(hash, password)
return err == nil
Expand Down
1 change: 1 addition & 0 deletions app/schema/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ type UserListResponse = ListResponse[User]
type Auth struct {
Username string `json:"username" default:"demo"`
Password string `json:"password" default:"123456"`
Remember bool `json:"remember" default:"false"`
}

type JWT struct {
Expand Down
Loading