api/pkg/routes/api/v1/login.go

package v1

import (
	"code.vikunja.io/api/pkg/models"
	"code.vikunja.io/api/pkg/routes/crud"
	"crypto/md5"
	"encoding/hex"
	"github.com/dgrijalva/jwt-go"
	"github.com/labstack/echo"
	"github.com/spf13/viper"
	"net/http"
	"time"
)

// Login is the login handler
func Login(c echo.Context) error {
	// swagger:operation POST /login user login
	// ---
	// summary: Logs a user in. Returns a JWT-Token to authenticate requests
	// consumes:
	// - application/json
	// produces:
	// - application/json
	// parameters:
	// - name: body
	//   in: body
	//   schema:
	//     "$ref": "#/definitions/UserLogin"
	// responses:
	//   "200":
	//     "$ref": "#/responses/Token"
	//   "400":
	//     "$ref": "#/responses/Message"
	//   "403":
	//     "$ref": "#/responses/Message"

	u := models.UserLogin{}
	if err := c.Bind(&u); err != nil {
		return c.JSON(http.StatusBadRequest, models.Message{"Please provide a username and password."})
	}

	// Check user
	user, err := models.CheckUserCredentials(&u)
	if err != nil {
		return crud.HandleHTTPError(err)
	}

	// Create token
	token := jwt.New(jwt.SigningMethodHS256)

	// Set claims
	claims := token.Claims.(jwt.MapClaims)
	claims["username"] = user.Username
	claims["email"] = user.Email
	claims["id"] = user.ID
	claims["exp"] = time.Now().Add(time.Hour * 72).Unix()

	avatar := md5.Sum([]byte(user.Email))
	claims["avatar"] = hex.EncodeToString(avatar[:])

	// Generate encoded token and send it as response.
	t, err := token.SignedString([]byte(viper.GetString("service.JWTSecret")))
	if err != nil {
		return err
	}

	return c.JSON(http.StatusOK, map[string]string{
		"token": t,
	})
}
Made registration work 2018-06-10 09:34:59 +00:00			`package v1`
initial commit 2018-06-10 09:11:41 +00:00
			`import (`
New structure (#7) 2018-10-31 12:42:38 +00:00			`"code.vikunja.io/api/pkg/models"`
Prevent login from inactive (aka non-verified) users (#8) 2018-11-01 22:47:41 +00:00			`"code.vikunja.io/api/pkg/routes/crud"`
initial commit 2018-06-10 09:11:41 +00:00			`"crypto/md5"`
			`"encoding/hex"`
			`"github.com/dgrijalva/jwt-go"`
			`"github.com/labstack/echo"`
Vikunja now uses viper to handle config 2018-09-08 11:29:35 +00:00			`"github.com/spf13/viper"`
initial commit 2018-06-10 09:11:41 +00:00			`"net/http"`
			`"time"`
			`)`

			`// Login is the login handler`
			`func Login(c echo.Context) error {`
Added docs via swagger 2018-06-13 11:45:22 +00:00			`// swagger:operation POST /login user login`
			`// ---`
			`// summary: Logs a user in. Returns a JWT-Token to authenticate requests`
			`// consumes:`
			`// - application/json`
			`// produces:`
			`// - application/json`
			`// parameters:`
			`// - name: body`
			`// in: body`
			`// schema:`
			`// "$ref": "#/definitions/UserLogin"`
			`// responses:`
			`// "200":`
			`// "$ref": "#/responses/Token"`
			`// "400":`
			`// "$ref": "#/responses/Message"`
			`// "403":`
			`// "$ref": "#/responses/Message"`

more optimization 2018-07-10 22:28:53 +00:00			`u := models.UserLogin{}`
			`if err := c.Bind(&u); err != nil {`
initial commit 2018-06-10 09:11:41 +00:00			`return c.JSON(http.StatusBadRequest, models.Message{"Please provide a username and password."})`
			`}`

			`// Check user`
more optimization 2018-07-10 22:28:53 +00:00			`user, err := models.CheckUserCredentials(&u)`
initial commit 2018-06-10 09:11:41 +00:00			`if err != nil {`
Prevent login from inactive (aka non-verified) users (#8) 2018-11-01 22:47:41 +00:00			`return crud.HandleHTTPError(err)`
initial commit 2018-06-10 09:11:41 +00:00			`}`

			`// Create token`
			`token := jwt.New(jwt.SigningMethodHS256)`

			`// Set claims`
			`claims := token.Claims.(jwt.MapClaims)`
			`claims["username"] = user.Username`
			`claims["email"] = user.Email`
			`claims["id"] = user.ID`
			`claims["exp"] = time.Now().Add(time.Hour * 72).Unix()`

			`avatar := md5.Sum([]byte(user.Email))`
			`claims["avatar"] = hex.EncodeToString(avatar[:])`

			`// Generate encoded token and send it as response.`
Vikunja now uses viper to handle config 2018-09-08 11:29:35 +00:00			`t, err := token.SignedString([]byte(viper.GetString("service.JWTSecret")))`
initial commit 2018-06-10 09:11:41 +00:00			`if err != nil {`
			`return err`
			`}`

			`return c.JSON(http.StatusOK, map[string]string{`
			`"token": t,`
			`})`
			`}`