feat: add API token authentication
This commit is contained in:
@@ -20,6 +20,7 @@ func (h *AuthHandler) Register(r *gin.Engine) {
|
||||
r.GET("/login", h.HandleLoginPage)
|
||||
r.POST("/login", h.HandleLogin)
|
||||
r.GET("/logout", h.HandleLogout)
|
||||
r.POST("/api/auth/login", h.HandleAPILogin)
|
||||
}
|
||||
|
||||
func (h *AuthHandler) HandleLoginPage(c *gin.Context) {
|
||||
@@ -59,3 +60,35 @@ func (h *AuthHandler) HandleLogout(c *gin.Context) {
|
||||
c.SetCookie("session_id", "", -1, "/", "", false, true)
|
||||
c.Redirect(http.StatusSeeOther, "/login")
|
||||
}
|
||||
|
||||
func (h *AuthHandler) HandleAPILogin(c *gin.Context) {
|
||||
var body struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
Name string `json:"name"`
|
||||
}
|
||||
if err := c.ShouldBindJSON(&body); err != nil || body.Username == "" || body.Password == "" {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request"})
|
||||
return
|
||||
}
|
||||
|
||||
token, user, err := h.svc.LoginForAPIToken(c.Request.Context(), body.Username, body.Password, body.Name)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid username or password"})
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, gin.H{
|
||||
"token": token,
|
||||
"user": gin.H{
|
||||
"id": user.ID,
|
||||
"username": user.Username,
|
||||
"avatarUrl": func() string {
|
||||
if user.AvatarUrl == "" {
|
||||
return ""
|
||||
}
|
||||
return user.AvatarUrl
|
||||
}(),
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user