feat : jwt and middlewear

Author: Puskar-Roy

src/controllers/authControllers.go

@@ -5,14 +5,16 @@ import (
 	"gin-mongo-api/src/database"
 	"gin-mongo-api/src/models"
 	"gin-mongo-api/src/res"
+	"gin-mongo-api/src/utils"
+	"net/http"
+	"time"
+
 	"github.com/gin-gonic/gin"
 	"github.com/go-playground/validator/v10"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/bson/primitive"
 	"go.mongodb.org/mongo-driver/mongo"
 	"golang.org/x/crypto/bcrypt"
-	"net/http"
-	"time"
 )
 
 var userCollection *mongo.Collection = database.GetCollection(database.DB, "users")
@@ -78,6 +80,7 @@ func Greeting() gin.HandlerFunc {
 	}
 }
 
+
 func Login() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
@@ -97,22 +100,42 @@ func Login() gin.HandlerFunc {
 		existingUser := models.User{}
 		err := userCollection.FindOne(ctx, bson.M{"email": loginData.Email}).Decode(&existingUser)
 		if err == mongo.ErrNoDocuments {
-
 			c.JSON(http.StatusNotFound, res.UserResponse{Status: http.StatusNotFound, Message: "error", Data: map[string]interface{}{"data": "User not found"}})
 			return
 		} else if err != nil {
-
 			c.JSON(http.StatusInternalServerError, res.UserResponse{Status: http.StatusInternalServerError, Message: "error", Data: map[string]interface{}{"data": err.Error()}})
 			return
 		}
 
 		err = bcrypt.CompareHashAndPassword([]byte(existingUser.Password), []byte(loginData.Password))
 		if err != nil {
-
 			c.JSON(http.StatusUnauthorized, res.UserResponse{Status: http.StatusUnauthorized, Message: "error", Data: map[string]interface{}{"data": "Invalid credentials"}})
 			return
 		}
 
-		c.JSON(http.StatusOK, res.UserResponse{Status: http.StatusOK, Message: "success", Data: map[string]interface{}{"data": "Login successful"}})
+		
+	
+		token, err := utils.GenerateJWTToken(existingUser.ID.Hex())
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, res.UserResponse{Status: http.StatusInternalServerError, Message: "error", Data: map[string]interface{}{"data": "Failed to generate JWT token"}})
+			return
+		}
+
+		
+		c.Header("Authorization", "Bearer "+token)
+
+		
+		cookie := http.Cookie{
+			Name:     "jwt",
+			Value:    token,
+			Expires:  time.Now().Add(24 * time.Hour), 
+			HttpOnly: true,
+			Secure:   true, 
+			SameSite: http.SameSiteStrictMode,
+		}
+		http.SetCookie(c.Writer, &cookie)
+
+		
+		c.JSON(http.StatusOK, res.UserResponse{Status: http.StatusOK, Message: "success", Data: map[string]interface{}{"data": "Login successful", "token": token}})
 	}
 }

src/middlewear/authMiddlewear.go

@@ -0,0 +1,40 @@
+package middleware
+
+import (
+	"gin-mongo-api/src/utils"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+func AuthMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		authorizationHeader := c.Request.Header.Get("Authorization")
+		if authorizationHeader == "" {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
+				"error": "Unauthorized",
+			})
+			return
+		}
+		tokenParts := strings.Split(authorizationHeader, " ")
+		if len(tokenParts) != 2 || tokenParts[0] != "Bearer" {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
+				"error": "Invalid Authorization header format",
+			})
+			return
+		}
+		token := tokenParts[1]
+
+		claims, err := utils.ValidateJWTToken(token)
+		if err != nil {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
+				"error": "Invalid token",
+			})
+			return
+		}
+
+		c.Set("userId", claims["userId"])
+		c.Next()
+	}
+}

src/routes/userRoutes.go

@@ -1,10 +1,14 @@
 package routes
 
 import ("github.com/gin-gonic/gin"
-		"gin-mongo-api/src/controllers")
+		"gin-mongo-api/src/controllers"
+		"gin-mongo-api/src/middlewear"
+	)
 
 func UserRoute(router *gin.Engine)  {
-	router.GET("/",controllers.Greeting())
-    router.POST("/register", controllers.Register());
-	router.POST("/login",controllers.Login())
+
+	router.GET("/",middleware.AuthMiddleware(),controllers.Greeting())
+	apiGroup := router.Group("/api/auth")
+    apiGroup.POST("/register", controllers.Register());
+	apiGroup.POST("/login",controllers.Login())
 };

src/utils/jwt.go

@@ -0,0 +1,38 @@
+package utils
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/dgrijalva/jwt-go"
+)
+
+var jwtSecret = []byte("your-secret-key")
+
+func ValidateJWTToken(tokenString string) (jwt.MapClaims, error) {
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
+		}
+		return jwtSecret, nil
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		return claims, nil
+	}
+
+	return nil, fmt.Errorf("Invalid token")
+}
+
+func GenerateJWTToken(userID string) (string, error) {
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"userId": userID,
+		"exp":    time.Now().Add(time.Hour * 24).Unix(),
+	})
+
+	return token.SignedString(jwtSecret)
+}