6 năm trước cách đây · 4e3566c4bd
--- a/handlers/handlers.go
+++ b/handlers/handlers.go
@@ -32,7 +32,8 @@ type PathPattern struct {
 
				 var (
			
 
				 	signingKey = []byte("secret")
			
 
				 	store      = sessions.NewCookieStore([]byte("something-very-secret"))
			
 
				-	jwtCookie  = jwtmiddleware.New(jwtmiddleware.Options{
			
 
				+
			
 
				+	jwtCookie = jwtmiddleware.New(jwtmiddleware.Options{
			
 
				 		ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
			
 
				 			return signingKey, nil
			
 
				 		},
			
@@ -46,8 +47,6 @@ var (
 
				 			return signingKey, nil
			
 
				 		},
			
 
				 		SigningMethod: jwt.SigningMethodHS256,
			
 
				-		Extractor:     fromCookie,
			
 
				-		ErrorHandler:  onError,
			
 
				 	})
			
 
				 
			
 
				 	patterns []PathPattern = []PathPattern{
			
@@ -103,12 +102,12 @@ func Handlers() *mux.Router {
 
				 		generateHandler(r, model)
			
 
				 	}
			
 
				 
			
 
				-	for _, model := range []string{"teachers"} {
			
 
				+	for _, model := range []string{"teachers", "classes", "subjects", "activities"} {
			
 
				 		generateAPIHandler(r, model)
			
 
				 	}
			
 
				 
			
 
				-	// // Token handling
			
 
				-	// r.Handle("/get_token", getToken(db))
			
 
				+	// Token handling
			
 
				+	r.Handle("/get_token", getTokenHandler())
			
 
				 
			
 
				 	// Static file server
			
 
				 
			
--- a/handlers/login.go
+++ b/handlers/login.go
@@ -2,7 +2,7 @@ package api
 
				 
			
 
				 import (
			
 
				 	"errors"
			
 
				-	"log"
			
 
				+	"fmt"
			
 
				 	"net/http"
			
 
				 	"net/url"
			
 
				 	"time"
			
@@ -55,8 +55,7 @@ func loginHandler() http.Handler {
 
				 	return http.HandlerFunc(fn)
			
 
				 }
			
 
				 
			
 
				-func queryDB(username string, password string) (*User, error) {
			
 
				-	log.Println(username, config.Config.Admin.Username, password, config.Config.Admin.Password)
			
 
				+func checkCredential(username string, password string) (*User, error) {
			
 
				 	if username == config.Config.Admin.Username && password == config.Config.Admin.Password {
			
 
				 		return &User{username, true}, nil
			
 
				 	}
			
@@ -64,7 +63,8 @@ func queryDB(username string, password string) (*User, error) {
 
				 }
			
 
				 
			
 
				 func getToken(username string, password string) ([]byte, error) {
			
 
				-	user, err := queryDB(username, password)
			
 
				+	user, err := checkCredential(username, password)
			
 
				+
			
 
				 	if err != nil {
			
 
				 		return nil, err
			
 
				 	}
			
@@ -86,3 +86,33 @@ func getToken(username string, password string) ([]byte, error) {
 
				 
			
 
				 	return []byte(tokenString), nil
			
 
				 }
			
 
				+
			
 
				+func getTokenHandler() http.Handler {
			
 
				+	fn := func(w http.ResponseWriter, r *http.Request) {
			
 
				+		username, password, _ := r.BasicAuth()
			
 
				+
			
 
				+		user, err := checkCredential(username, password)
			
 
				+		if err != nil {
			
 
				+			panic(err)
			
 
				+		}
			
 
				+
			
 
				+		/* Set token claims */
			
 
				+		claims := make(map[string]interface{})
			
 
				+		claims["admin"] = true
			
 
				+		claims["name"] = user.Name
			
 
				+		claims["exp"] = time.Now().Add(time.Hour * 24).Unix()
			
 
				+
			
 
				+		/* Create the token */
			
 
				+		token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(claims))
			
 
				+
			
 
				+		/* Sign the token with our secret */
			
 
				+		tokenString, err := token.SignedString(signingKey)
			
 
				+		if err != nil {
			
 
				+			panic(err)
			
 
				+		}
			
 
				+
			
 
				+		w.Header().Set("Content-Type", "application/json; charset=utf-8")
			
 
				+		w.Write([]byte(fmt.Sprintf("{\"Token\":\"%s\",\"User\":\"%s\"}", tokenString, user.Name)))
			
 
				+	}
			
 
				+	return http.HandlerFunc(fn)
			
 
				+}