nyanimedb/modules/auth/handlers/handlers.go

package handlers

import (
	"context"
	"fmt"
	auth "nyanimedb/auth"
	sqlc "nyanimedb/sql"
	"strconv"
	"time"

	"github.com/golang-jwt/jwt/v5"
)

var secretKey = []byte("my_secret_key")

func generateToken(userID string) (string, error) {
	claims := jwt.MapClaims{
		"user_id": userID,
		"exp":     time.Now().Add(time.Hour * 24).Unix(),
	}

	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	return token.SignedString(secretKey)
}

var UserDb = make(map[string]string) //TEMP

type Server struct {
	db *sqlc.Queries
}

func NewServer(db *sqlc.Queries) Server {
	return Server{db: db}
}

func parseInt64(s string) (int32, error) {
	i, err := strconv.ParseInt(s, 10, 64)
	return int32(i), err
}

func (s Server) PostAuthSignIn(ctx context.Context, req auth.PostAuthSignInRequestObject) (auth.PostAuthSignInResponseObject, error) {
	err := ""
	success := true
	t, _ := generateToken(req.Body.Nickname)

	UserDb[req.Body.Nickname] = req.Body.Pass

	return auth.PostAuthSignIn200JSONResponse{
		Error:   &err,
		Success: &success,
		UserId:  &req.Body.Nickname,
		Token:   &t,
	}, nil
}

func (s Server) PostAuthSignUp(ctx context.Context, req auth.PostAuthSignUpRequestObject) (auth.PostAuthSignUpResponseObject, error) {
	err := ""
	success := true
	UserDb[req.Body.Nickname] = req.Body.Pass

	return auth.PostAuthSignUp200JSONResponse{
		Error:   &err,
		Success: &success,
		UserId:  &req.Body.Nickname,
	}, nil
}

func (s Server) PostAuthVerifyToken(ctx context.Context, req auth.PostAuthVerifyTokenRequestObject) (auth.PostAuthVerifyTokenResponseObject, error) {
	valid := false
	var userID *string
	var errStr *string

	token, err := jwt.Parse(req.Body.Token, func(t *jwt.Token) (interface{}, error) {
		if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
			return nil, fmt.Errorf("unexpected signing method")
		}
		return secretKey, nil
	})

	if err != nil {
		e := err.Error()
		errStr = &e
		return auth.PostAuthVerifyToken200JSONResponse{
			Valid:  &valid,
			UserId: userID,
			Error:  errStr,
		}, nil
	}

	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
		if uid, ok := claims["user_id"].(string); ok {
			valid = true
			userID = &uid
		} else {
			e := "user_id not found in token"
			errStr = &e
		}
	} else {
		e := "invalid token claims"
		errStr = &e
	}

	return auth.PostAuthVerifyToken200JSONResponse{
		Valid:  &valid,
		UserId: userID,
		Error:  errStr,
	}, nil
}