From 1c67d06c50eb5e7f3c8e833d80598aa208f4f9de Mon Sep 17 00:00:00 2001 From: LeonG11 Date: Thu, 7 May 2026 11:39:41 +0300 Subject: [PATCH] Add handler auth --- backend/database/db.go | 2 +- backend/go.mod | 3 ++ backend/go.sum | 6 ++++ backend/handlers/auth_handler.go | 50 ++++++++++++++++++++++++++++++++ backend/main.go | 8 +++++ backend/models/user.go | 10 +++++++ 6 files changed, 78 insertions(+), 1 deletion(-) create mode 100644 backend/handlers/auth_handler.go create mode 100644 backend/models/user.go diff --git a/backend/database/db.go b/backend/database/db.go index deec381..a85aa67 100644 --- a/backend/database/db.go +++ b/backend/database/db.go @@ -20,5 +20,5 @@ func InitDB() { log.Fatal("Failed to connect to database:", err) } - DB.AutoMigrate(&models.Order{}, &models.Part{}) + DB.AutoMigrate(&models.Order{}, &models.Part{}, &models.User{}) } diff --git a/backend/go.mod b/backend/go.mod index e8d7264..48b8fb1 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -20,11 +20,14 @@ require ( github.com/go-playground/validator/v10 v10.30.1 // indirect github.com/goccy/go-json v0.10.5 // indirect github.com/goccy/go-yaml v1.19.2 // indirect + github.com/golang-jwt/jwt v3.2.2+incompatible // indirect + github.com/golang-jwt/jwt/v5 v5.3.1 // indirect github.com/jackc/pgpassfile v1.0.0 // indirect github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect github.com/jackc/pgx/v5 v5.4.3 // indirect github.com/jinzhu/inflection v1.0.0 // indirect github.com/jinzhu/now v1.1.5 // indirect + github.com/joho/godotenv v1.5.1 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/cpuid/v2 v2.3.0 // indirect github.com/leodido/go-urn v1.4.0 // indirect diff --git a/backend/go.sum b/backend/go.sum index 893eac8..593f931 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -27,6 +27,10 @@ github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM= github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= +github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= +github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= +github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY= +github.com/golang-jwt/jwt/v5 v5.3.1/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -40,6 +44,8 @@ github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ= github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y= diff --git a/backend/handlers/auth_handler.go b/backend/handlers/auth_handler.go new file mode 100644 index 0000000..087b644 --- /dev/null +++ b/backend/handlers/auth_handler.go @@ -0,0 +1,50 @@ +package handlers + +import ( + "net/http" + "time" + "os" + + "github.com/gin-gonic/gin" + "github.com/golang-jwt/jwt/v5" + "golang.org/x/crypto/bcrypt" + + "viplight-mrp/database" + "viplight-mrp/models" +) + +jwtSecret := os.Getenv("JWT_SECRET") +jwtKey := []byte(jwtSecret) + +func Login(c *gin.Context) { + var input struct { + Username string `json:"username"` + Password string `json:"password"` + } + + if err := c.ShouldBindJSON(&input); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid input"}) + return + } + + var user models.User + + err := database.DB.Where("username = ?", input.Username).First(&user).Error + + passErr := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(input.Password)) + + if err != nil || passErr != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid login or password"}) + return + } + + token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ + "user_id": user.ID, + "role": user.Role, + "exp": time.Now().Add(time.Hour * 24).Unix(), + }) + + tokenString, _ := token.SignedString(jwtKey) + + c.JSON(http.StatusOK, gin.H{"token": tokenString}) +} diff --git a/backend/main.go b/backend/main.go index c2cfb55..a3425c0 100644 --- a/backend/main.go +++ b/backend/main.go @@ -1,7 +1,10 @@ package main import ( + "log" + "github.com/gin-gonic/gin" + "github.com/joho/godotenv" "viplight-mrp/database" "viplight-mrp/handlers" @@ -12,6 +15,11 @@ func main() { r := gin.Default() + err := godotenv.Load() + if err != nil { + log.Println("Файл .env не был найден в папке backend, использую системные переменные") + } + // CORS Middleware r.Use(func(c *gin.Context) { c.Writer.Header().Set("Access-Control-Allow-Origin", "https://mrp.kkhome.ru") diff --git a/backend/models/user.go b/backend/models/user.go new file mode 100644 index 0000000..e5b2979 --- /dev/null +++ b/backend/models/user.go @@ -0,0 +1,10 @@ +package models + +import "gorm.io/gorm" + +type User struct { + gorm.Model `json:"-"` + Username string `gorm:"unique;not null"` + Password string `gorm:"not null" json:"-"` + Role string `gorm:"default:'Рабочий'" json:"role"` +}