core/auth/auth.go

package auth

import (
	"errors"
	"system-trace/core/app/constants"
	"system-trace/core/users"
	"system-trace/core/validators"
	"time"

	"github.com/gofiber/fiber/v2"
)

// ReqTokens godoc
// @Summary      Request pair of tokens
// @Description  Returns pair of access and refresh tokens
// @Tags         auth
// @Produce      json
// @Param        request body AuthBody true "Request body"
// @Header			 200 {string} Token "accessToken=..."
// @Header			 200 {string} Set-Cookie "refreshToken=..."
// @Success 		 200
// @Router       /auth/login [post]
func ReqTokens(c *fiber.Ctx) error {
	ab := new(AuthBody)
	if err := c.BodyParser(ab); err != nil {
		return err
	}
	if err := validators.Validate(c, ab); err != nil {
		return err
	}

	u, err := users.FindByEmailAndPassword(ab.Email, ab.Password)
	if err != nil {
		e := err.Error()
		if e == "sql: no rows in result set" {
			e = constants.AUTH_FAILED
		}
		return c.
			Status(fiber.StatusBadRequest).
			JSON(fiber.Map{
				"error": e,
			})
	}
	if u != nil {
		err = GeneratePairAndSetCookie(c, u.ID)
		if err != nil {
			return c.
				Status(fiber.StatusBadRequest).
				JSON(fiber.Map{
					"error": err.Error(),
				})
		}
		users.Login(u)
		return c.SendStatus(fiber.StatusOK)
	}

	return errors.New(constants.AUTH_FAILED)
}

func GeneratePairAndSetCookie(c *fiber.Ctx, id int32) error {
	p, err := genPair(id)
	if err != nil {
		return err
	}
	setCookie(c, p)

	return nil
}

func setCookie(c *fiber.Ctx, p *PairTokens) {
	// Access token
	atc := new(fiber.Cookie)
	atc.Name = "accessToken"
	atc.Value = p.AccessToken
	atc.Expires = time.Now().Add(time.Duration(AccessTokenLifetime) * time.Hour)
	atc.Secure = true
	atc.HTTPOnly = true
	c.Cookie(atc)
	// Refresh token
	rtc := new(fiber.Cookie)
	rtc.Name = "refreshToken"
	rtc.Value = p.RefreshToken
	rtc.Expires = time.Now().Add(time.Duration(RefreshTokenLifetime) * time.Hour)
	rtc.Secure = true
	rtc.HTTPOnly = true
	c.Cookie(rtc)
}