Compare commits
3 Commits
6862ef1bc0
...
769a24dff3
Author | SHA1 | Date | |
---|---|---|---|
769a24dff3 | |||
e7f6983a22 | |||
6b7ce5b719 |
@ -2,10 +2,12 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
"myapp/internal/cards"
|
"myapp/internal/cards"
|
||||||
"myapp/internal/models"
|
"myapp/internal/models"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/go-chi/chi/v5"
|
"github.com/go-chi/chi/v5"
|
||||||
"github.com/stripe/stripe-go/v79"
|
"github.com/stripe/stripe-go/v79"
|
||||||
@ -266,16 +268,32 @@ func (app *application) CreateAuthToken(w http.ResponseWriter, r *http.Request)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// generate the token
|
// generate the token
|
||||||
|
token, err := models.GenerateToken(user.ID, 24*time.Hour, models.ScopeAuthentication)
|
||||||
|
if err != nil {
|
||||||
|
app.errorLog.Println(err)
|
||||||
|
app.badRequest(w, r, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// save to DB
|
||||||
|
err = app.DB.InsertToken(token, user)
|
||||||
|
if err != nil {
|
||||||
|
app.errorLog.Println(err)
|
||||||
|
app.badRequest(w, r, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// send response
|
// send response
|
||||||
|
|
||||||
var payload struct {
|
var payload struct {
|
||||||
Error bool `json:"error"`
|
Error bool `json:"error"`
|
||||||
Message string `json:"message"`
|
Message string `json:"message"`
|
||||||
|
Token *models.Token `json:"authentication_token"`
|
||||||
}
|
}
|
||||||
|
|
||||||
payload.Error = false
|
payload.Error = false
|
||||||
payload.Message = "Success!"
|
payload.Message = fmt.Sprintf("token for %s created", userInput.Email)
|
||||||
|
payload.Token = token
|
||||||
|
|
||||||
_ = app.writeJSON(w, http.StatusOK, payload)
|
_ = app.writeJSON(w, http.StatusOK, payload)
|
||||||
}
|
}
|
||||||
|
@ -3,42 +3,47 @@
|
|||||||
Login
|
Login
|
||||||
{{ end }}
|
{{ end }}
|
||||||
{{ define "content" }}
|
{{ define "content" }}
|
||||||
<form action=""
|
<div class="row">
|
||||||
method="post"
|
<div class="col-md-6 offset-md-3">
|
||||||
name="login-form"
|
<div class="alert alert-danger text-center d-none" id="login-messages"></div>
|
||||||
id="login-form"
|
<form action=""
|
||||||
class="d-blick needs-validation col-sm-6"
|
method="post"
|
||||||
autocomplete="off"
|
name="login-form"
|
||||||
novalidate="">
|
id="login-form"
|
||||||
<h2 class="mt-2 mb-3 text-center">Login</h2>
|
class="d-blick needs-validation"
|
||||||
<hr>
|
autocomplete="off"
|
||||||
<div class="mb-3">
|
novalidate="">
|
||||||
<label for="-email" class="form-label">Email</label>
|
<h2 class="mt-2 mb-3 text-center">Login</h2>
|
||||||
<input type="text"
|
<hr>
|
||||||
id="email"
|
<div class="mb-3">
|
||||||
name="email"
|
<label for="-email" class="form-label">Email</label>
|
||||||
autocomplete="email-new"
|
<input type="text"
|
||||||
required=""
|
id="email"
|
||||||
class="form-control">
|
name="email"
|
||||||
|
autocomplete="email-new"
|
||||||
|
required=""
|
||||||
|
class="form-control">
|
||||||
|
</div>
|
||||||
|
<div class="mb-3">
|
||||||
|
<label for="password" class="form-label">Password</label>
|
||||||
|
<input type="password"
|
||||||
|
id="password"
|
||||||
|
name="password"
|
||||||
|
autocomplete="password-new"
|
||||||
|
required=""
|
||||||
|
class="form-control">
|
||||||
|
</div>
|
||||||
|
<hr>
|
||||||
|
<a href="javascript:void(0)" id="login-btn" class="btn btn-primary">Login</a>
|
||||||
|
</form>
|
||||||
</div>
|
</div>
|
||||||
<div class="mb-3">
|
</div>
|
||||||
<label for="password" class="form-label">Password</label>
|
|
||||||
<input type="password"
|
|
||||||
id="password"
|
|
||||||
name="password"
|
|
||||||
autocomplete="password-new"
|
|
||||||
required=""
|
|
||||||
class="form-control">
|
|
||||||
</div>
|
|
||||||
<hr>
|
|
||||||
<a href="javascript:void(0)" id="login-btn" class="btn btn-primary">Login</a>
|
|
||||||
</form>
|
|
||||||
{{ end }}
|
{{ end }}
|
||||||
{{define "js"}}
|
{{ define "js" }}
|
||||||
<script type="module">
|
<script type="module">
|
||||||
import {val} from "/static/js/login.js"
|
import {val} from "/static/js/login.js"
|
||||||
document.getElementById("login-btn").addEventListener("click", () => {
|
document.getElementById("login-btn").addEventListener("click", () => {
|
||||||
val({{.API}});
|
val({{.API}});
|
||||||
})
|
})
|
||||||
</script>
|
</script>
|
||||||
{{end}}
|
{{ end }}
|
||||||
|
73
internal/models/tokens.go
Normal file
73
internal/models/tokens.go
Normal file
@ -0,0 +1,73 @@
|
|||||||
|
package models
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"crypto/rand"
|
||||||
|
"crypto/sha256"
|
||||||
|
"encoding/base32"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
ScopeAuthentication = "authentication"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Token is the type for authentication tokens
|
||||||
|
type Token struct {
|
||||||
|
PlainText string `json:"token"`
|
||||||
|
UserID int64 `json:"-"`
|
||||||
|
Hash []byte `json:"-"`
|
||||||
|
Expiry time.Time `json:"expiry"`
|
||||||
|
Scope string `json:"-"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// GenerateToken Generates a token that lasts for ttl, and returns it
|
||||||
|
func GenerateToken(userID int, ttl time.Duration, scope string) (*Token, error) {
|
||||||
|
token := &Token{
|
||||||
|
UserID: int64(userID),
|
||||||
|
Expiry: time.Now().Add(ttl),
|
||||||
|
Scope: scope,
|
||||||
|
}
|
||||||
|
|
||||||
|
randomBytes := make([]byte, 16)
|
||||||
|
_, err := rand.Read(randomBytes)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
token.PlainText = base32.StdEncoding.WithPadding((base32.NoPadding)).
|
||||||
|
EncodeToString((randomBytes))
|
||||||
|
hash := sha256.Sum256([]byte(token.PlainText))
|
||||||
|
token.Hash = hash[:]
|
||||||
|
return token, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *DBModel) InsertToken(t *Token, u User) error {
|
||||||
|
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
|
||||||
|
defer cancel()
|
||||||
|
|
||||||
|
// delete existing tokens
|
||||||
|
stmt := `DELETE FROM tokens WHERE user_id = ?`
|
||||||
|
|
||||||
|
_, err := m.DB.ExecContext(ctx, stmt, u.ID)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
stmt = `INSERT INTO tokens
|
||||||
|
(user_id, name, email, token_hash, created_at, updated_at)
|
||||||
|
VALUES (?, ?, ?, ?, ?, ?)`
|
||||||
|
|
||||||
|
_, err = m.DB.ExecContext(ctx, stmt,
|
||||||
|
u.ID,
|
||||||
|
u.LastName,
|
||||||
|
u.Email,
|
||||||
|
t.Hash,
|
||||||
|
time.Now(),
|
||||||
|
time.Now(),
|
||||||
|
)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
2
migrations/20240813194454_create_tokens_table.down.fizz
Normal file
2
migrations/20240813194454_create_tokens_table.down.fizz
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
drop_table("tokens")
|
||||||
|
|
11
migrations/20240813194454_create_tokens_table.up.fizz
Normal file
11
migrations/20240813194454_create_tokens_table.up.fizz
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
create_table("tokens") {
|
||||||
|
t.Column("id", "integer", {primary: true})
|
||||||
|
t.Column("user_id", "integer", {"unsigned": true})
|
||||||
|
t.Column("name", "string", {"size": 255})
|
||||||
|
t.Column("email", "string", {})
|
||||||
|
t.Column("token_hash", "string", {})
|
||||||
|
}
|
||||||
|
|
||||||
|
sql("ALTER TABLE tokens MODIFY token_hash varbinary(255);")
|
||||||
|
sql("ALTER TABLE tokens ALTER COLUMN created_at SET DEFAULT now();")
|
||||||
|
sql("ALTER TABLE tokens ALTER COLUMN updated_at SET DEFAULT now();")
|
@ -1,6 +1,5 @@
|
|||||||
export let card;
|
export let card;
|
||||||
export let stripe;
|
export let stripe;
|
||||||
const cardMessages = document.getElementById("card-messages");
|
|
||||||
const payButton = document.getElementById("pay-button");
|
const payButton = document.getElementById("pay-button");
|
||||||
export const processing = document.getElementById("processing-payment");
|
export const processing = document.getElementById("processing-payment");
|
||||||
|
|
||||||
@ -14,18 +13,20 @@ export function showPayButton() {
|
|||||||
processing.classList.add("d-none");
|
processing.classList.add("d-none");
|
||||||
}
|
}
|
||||||
|
|
||||||
export function showCardError(msg) {
|
export function showError(element, msg) {
|
||||||
cardMessages.classList.add("alert-danger");
|
const messages = document.getElementById(element);
|
||||||
cardMessages.classList.remove("alert-success");
|
messages.classList.add("alert-danger");
|
||||||
cardMessages.classList.remove("d-none");
|
messages.classList.remove("alert-success");
|
||||||
cardMessages.innerText = msg;
|
messages.classList.remove("d-none");
|
||||||
|
messages.innerText = msg;
|
||||||
}
|
}
|
||||||
|
|
||||||
export function showCardSuccess() {
|
export function showSuccess(element, msg) {
|
||||||
cardMessages.classList.add("alert-success");
|
const messages = document.getElementById(element);
|
||||||
cardMessages.classList.remove("alert-danger");
|
messages.classList.add("alert-success");
|
||||||
cardMessages.classList.remove("d-none");
|
messages.classList.remove("alert-danger");
|
||||||
cardMessages.innerText = "Trasaction successful";
|
messages.classList.remove("d-none");
|
||||||
|
messages.innerText = msg;
|
||||||
}
|
}
|
||||||
|
|
||||||
export function stripeInit(pubKey) {
|
export function stripeInit(pubKey) {
|
||||||
|
@ -1,3 +1,8 @@
|
|||||||
|
import {
|
||||||
|
showError,
|
||||||
|
showSuccess,
|
||||||
|
} from './common.js';
|
||||||
|
|
||||||
export function val(api) {
|
export function val(api) {
|
||||||
let form = document.getElementById("login-form");
|
let form = document.getElementById("login-form");
|
||||||
|
|
||||||
@ -27,6 +32,13 @@ export function val(api) {
|
|||||||
.then(response => response.json())
|
.then(response => response.json())
|
||||||
.then(response => {
|
.then(response => {
|
||||||
console.log(response)
|
console.log(response)
|
||||||
|
if (response.error === false) {
|
||||||
|
localStorage.setItem("token", response.authentication_token.token);
|
||||||
|
localStorage.setItem("token_expiry", response.authentication_token.expiry);
|
||||||
|
showSuccess("login-messages", "Login successful.")
|
||||||
|
} else {
|
||||||
|
showError("login-messages", response.message)
|
||||||
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
import {
|
import {
|
||||||
hidePayButton,
|
hidePayButton,
|
||||||
showPayButton,
|
showPayButton,
|
||||||
showCardError,
|
showError,
|
||||||
showCardSuccess,
|
showSuccess,
|
||||||
stripe,
|
stripe,
|
||||||
card,
|
card,
|
||||||
processing,
|
processing,
|
||||||
@ -35,7 +35,7 @@ export function val(plan_id, api) {
|
|||||||
|
|
||||||
function stripePaymentMethodHandler(result, plan_id, api) {
|
function stripePaymentMethodHandler(result, plan_id, api) {
|
||||||
if (result.error) {
|
if (result.error) {
|
||||||
showCardError(result.error.message);
|
showError("card-messages", result.error.message);
|
||||||
} else {
|
} else {
|
||||||
// create a customer and subscribe to plan
|
// create a customer and subscribe to plan
|
||||||
let payload = {
|
let payload = {
|
||||||
@ -66,7 +66,7 @@ function stripePaymentMethodHandler(result, plan_id, api) {
|
|||||||
.then(function (data) {
|
.then(function (data) {
|
||||||
console.log(data);
|
console.log(data);
|
||||||
processing.classList.add("d-none");
|
processing.classList.add("d-none");
|
||||||
showCardSuccess();
|
showSuccess("card-messages", "Transaction successful!");
|
||||||
sessionStorage.first_name = document.getElementById("first-name").value;
|
sessionStorage.first_name = document.getElementById("first-name").value;
|
||||||
sessionStorage.last_name = document.getElementById("last-name").value;
|
sessionStorage.last_name = document.getElementById("last-name").value;
|
||||||
sessionStorage.amount = document.getElementById("amount").value;
|
sessionStorage.amount = document.getElementById("amount").value;
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
import {
|
import {
|
||||||
hidePayButton,
|
hidePayButton,
|
||||||
showPayButton,
|
showPayButton,
|
||||||
showCardError,
|
showError,
|
||||||
showCardSuccess,
|
showSuccess,
|
||||||
stripe,
|
stripe,
|
||||||
card,
|
card,
|
||||||
processing,
|
processing,
|
||||||
@ -52,7 +52,7 @@ export function val(api) {
|
|||||||
}).then(function (result) {
|
}).then(function (result) {
|
||||||
if (result.error) {
|
if (result.error) {
|
||||||
// card declined, or sth went wrong with the card
|
// card declined, or sth went wrong with the card
|
||||||
showCardError(result.error.message);
|
showError("card-messages", result.error.message);
|
||||||
showPayButton();
|
showPayButton();
|
||||||
} else if (result.paymentIntent) {
|
} else if (result.paymentIntent) {
|
||||||
if (result.paymentIntent.status === "succeeded") {
|
if (result.paymentIntent.status === "succeeded") {
|
||||||
@ -62,7 +62,7 @@ export function val(api) {
|
|||||||
document.getElementById("payment_amount").value = result.paymentIntent.amount;
|
document.getElementById("payment_amount").value = result.paymentIntent.amount;
|
||||||
document.getElementById("payment_currency").value = result.paymentIntent.currency;
|
document.getElementById("payment_currency").value = result.paymentIntent.currency;
|
||||||
processing.classList.add("d-none");
|
processing.classList.add("d-none");
|
||||||
showCardSuccess();
|
showSuccess("card-messages", "Trasaction successful!");
|
||||||
document.getElementById("charge_form").submit();
|
document.getElementById("charge_form").submit();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user