package apiimport ( "github.com/dchest/uniuri" "github.com/gin-gonic/gin

1. package api
2.  
3. import (
4.     "github.com/dchest/uniuri"
5.     "github.com/gin-gonic/gin"
6.     "mastersapi/database"
7.     "mastersapi/models"
8.     "net/http"
9.     "strings"
10.     "time"
11. )
12.  
13. type LoginForm struct {
14.     Email    string `json:"email" binding:"required,email"`
15.     Password string `json:"password" binding:"required"`
16. }
17.  
18. func Login(c *gin.Context) {
19.     loginForm := LoginForm{}
20.  
21.     if err := c.ShouldBindJSON(&loginForm); err != nil {
22.         FailureWithMessage(c, http.StatusBadRequest, err.Error())
23.         return
24.     }
25.  
26.     account := models.Account{}
27.     count := database.Get().Where(&models.Account{Email: loginForm.Email}).Take(&account).RowsAffected
28.  
29.     if count > 0 && account.CheckPassword(loginForm.Password) {
30.         key := strings.ToUpper(uniuri.NewLen(32))
31.         session := models.AccountSession{
32.             AccountId: account.ID,
33.             Key:       key,
34.             ExpiresAt: time.Now().Unix() + 3600*24*1000,
35.         }
36.  
37.         err := database.Get().Create(&session).Error
38.  
39.         if err != nil {
40.             FailureWithMessage(c, 500, err.Error())
41.             return
42.         } else {
43.             if account.LoginErrors > 0 {
44.                 account.LoginErrors = 0
45.                 database.Get().Save(&account)
46.             }
47.             Success(c, http.StatusOK, gin.H{"key": session.Key, "email": account.Email})
48.             return
49.         }
50.     } else {
51.         if account.LoginErrors > 5 {
52.             sleep := 2 * time.Second
53.             time.Sleep(time.Duration(sleep))
54.         }
55.         account.LoginErrors++
56.         err := database.Get().Save(&account).Error
57.         if err != nil {
58.             FailureWithMessage(c, http.StatusInternalServerError, err.Error())
59.         } else {
60.             Failure(c, 403)
61.         }
62.     }
63. }
64.  
65. func Logout(c *gin.Context) {
66.     sessionID := c.GetInt("session_id")
67.     session := models.AccountSession{}
68.     database.Get().Take(&session, sessionID)
69.     database.Get().Delete(&session)
70.     Success(c, http.StatusOK, gin.H{})
71. }
72.  
73. type RegisterForm struct {
74.     Email    string `json:"email" binding:"required,email"`
75.     Password string `json:"password" binding:"required"`
76. }
77.  
78. func Register(c *gin.Context) {
79.     rform := RegisterForm{}
80.     if err := c.ShouldBindJSON(&rform); err != nil {
81.         FailureWithMessage(c, http.StatusBadRequest, err.Error())
82.         return
83.     }
84.     account := models.Account{}
85.  
86.     account.Email = rform.Email
87.     account.CreatedAt = time.Now().Unix()
88.     account.SetPassword(rform.Password)
89.  
90.     tx := database.Get().First(&models.Account{}, models.Account{Email:account.Email})
91.     notFound := tx.RecordNotFound()
92.     err := tx.Error
93.  
94.     if !notFound && err == nil {
95.         FailureWithMessage(c, http.StatusBadRequest, "User with email " + account.Email + " already exists")
96.         return
97.     }
98.  
99.     err = database.Get().Create(&account).Error
100.  
101.     if err != nil {
102.         FailureWithMessage(c, http.StatusInternalServerError, err.Error())
103.     } else {
104.         Success(c, http.StatusOK, gin.H{"email": rform.Email})
105.     }
106. }