Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- func Login(db *gorm.DB) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "application/json")
- result := models.Encrypt{}
- user := models.Usr_{}
- user_profile := models.UserProfile{}
- avatar_url := "http://xadminx.shortir.com/avatar/small/"
- login_resp := models.LoginResp{}
- db.Table("usr_").Where("email = ?", r.FormValue("email")).Scan(&user)
- if user.Id > 0 {
- // create iv and key
- key, _ := base64.StdEncoding.DecodeString(settings.APP_KEY)
- result.Iv = make([]byte, 16)
- rand.Read(result.Iv)
- crypter, _ := utils.NewCrypter(key, result.Iv)
- // encoded, _ := crypter.Encrypt([]byte("adgjmptw"))
- // result.Value = base64.StdEncoding.EncodeToString(encoded)
- // Iv := base64.StdEncoding.EncodeToString(result.Iv)
- // result.Mac = hash(encoded, []byte(Iv),key)
- // jsons, _ := json.Marshal(result)
- // encrypted := base64.StdEncoding.EncodeToString(jsons)
- decoded, _ := crypter.Decrypt([]byte(user.Password))
- s := strings.Split(string(decoded), ":\"")
- if user.Status == 1 {
- if len(s) > 1 {
- s[1] = strings.TrimRight(s[1], "\";")
- password := s[1]
- hasher := md5.New()
- hasher.Write([]byte(r.FormValue("password")))
- if password == r.FormValue("password") || user.Password == hex.EncodeToString(hasher.Sum(nil)) {
- db.Table("usr_").Select(`
- usr_.id as id_usr,
- usr_.full_name,
- usr_.email,
- usr_.phone,
- usr_.banned,
- usr_.log,
- usr_.latest_post,
- usr_.push_notif,
- usr_profile.location,
- usr_profile.quotes,
- usr_profile.website,
- usr_profile.gender,
- CONCAT( '`+avatar_url+`' , usr_profile.avatar) as avatar
- `).Where("usr_.id = ?", user.Id).Joins(`
- JOIN usr_profile ON usr_profile.id_usr = usr_.id
- `).Order("usr_.latest_post DESC").First(&user_profile)
- // update token
- newToken := md5.New()
- newToken.Write([]byte(time.Now().String()))
- db.Model(&user).Update("token", hex.EncodeToString(newToken.Sum(nil)))
- // empty password
- user.Password = ""
- user.Passview = ""
- login_resp.Message = "Login sukses!"
- login_resp.Status = true
- login_resp.Data = &user
- login_resp.Profile = &user_profile
- outgoingJSON, _ := json.Marshal(login_resp)
- fmt.Fprint(w, string(outgoingJSON))
- } else {
- login_resp.Message = "Login gagal!"
- login_resp.Status = false
- outgoingJSON, _ := json.Marshal(login_resp)
- fmt.Fprint(w, string(outgoingJSON))
- }
- } else {
- password := string(decoded)
- hasher := md5.New()
- hasher.Write([]byte(r.FormValue("password")))
- if password == r.FormValue("password") || user.Password == hex.EncodeToString(hasher.Sum(nil)) {
- db.Table("usr_").Select(`
- usr_.id as id_usr,
- usr_.full_name,
- usr_.email,
- usr_.phone,
- usr_.banned,
- usr_.log,
- usr_.latest_post,
- usr_.push_notif,
- usr_profile.location,
- usr_profile.quotes,
- usr_profile.website,
- usr_profile.gender,
- CONCAT( '`+avatar_url+`' , usr_profile.avatar) as avatar
- `).Where("usr_.id = ?", user.Id).Joins(`
- JOIN usr_profile ON usr_profile.id_usr = usr_.id
- `).Order("usr_.latest_post DESC").First(&user_profile)
- // update token
- newToken := md5.New()
- newToken.Write([]byte(time.Now().String()))
- db.Model(&user).Update("token", hex.EncodeToString(newToken.Sum(nil)))
- // empty password
- user.Password = ""
- user.Passview = ""
- login_resp.Message = "Login sukses!"
- login_resp.Status = true
- login_resp.Data = &user
- login_resp.Profile = &user_profile
- outgoingJSON, _ := json.Marshal(login_resp)
- fmt.Fprint(w, string(outgoingJSON))
- } else {
- login_resp.Message = "Login gagal!"
- login_resp.Status = false
- outgoingJSON, _ := json.Marshal(login_resp)
- fmt.Fprint(w, string(outgoingJSON))
- }
- }
- } else {
- login_resp.Message = "Akun belum diaktivasi!"
- login_resp.Status = false
- outgoingJSON, _ := json.Marshal(login_resp)
- fmt.Fprint(w, string(outgoingJSON))
- }
- } else {
- login_resp.Message = "Login gagal!"
- login_resp.Status = false
- outgoingJSON, _ := json.Marshal(login_resp)
- fmt.Fprint(w, string(outgoingJSON))
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement