Localbase/Internal/core/services/authService.go at 4082ff1716e7206f603d9d04aabf2e312525bcbc · Arjuna-Ragil/Localbase · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
package services

import (
	"errors"
	"time"

	"github.com/Arjuna-Ragil/Localbase/Internal/adapters/repository"
	"github.com/Arjuna-Ragil/Localbase/Internal/config"
	"github.com/Arjuna-Ragil/Localbase/Internal/core/domain"
	"github.com/golang-jwt/jwt/v5"
	"github.com/google/uuid"
	"golang.org/x/crypto/bcrypt"
)

type AuthService struct {
	AuthRepo *repository.AuthRepo
	SysRepo  *repository.SystemRepo
}

type RegisterInput struct {
	Username string `json:"username" binding:"required"`
	Email    string `json:"email" binding:"required,email"`
	Password string `json:"password" binding:"required,min=6"`
	Role     string `json:"role" binding:"required"`
	Token    string `json:"token"`
}

type LoginInput struct {
	Email    string `json:"email" binding:"required,email"`
	Password string `json:"password" binding:"required,min=6"`
}

func NewAuthService(auth *repository.AuthRepo, sys *repository.SystemRepo) *AuthService {
	return &AuthService{AuthRepo: auth, SysRepo: sys}
}

func (as *AuthService) RegisterService(input *RegisterInput) error {
	isInitialized, err := as.SysRepo.IsAppInitialized()
	if err != nil {
		return err
	}

	if !isInitialized {
		user := domain.User{
			Username: input.Username,
			Email:    input.Email,
			Password: input.Password,
			Role:     "admin",
		}

		if err := as.AuthRepo.RegisterRepo(&user); err != nil {
			return err
		}

	} else {
		if input.Token == "" {
			return errors.New("token is required")
		}

		invite, err := as.VerifyInviteService(input.Token)
		if err != nil {
			return err
		}

		if invite.Email == "" && invite.Email != input.Email {
			return errors.New("email does not match")
		}

		user := domain.User{
			Username: input.Username,
			Email:    invite.Email,
			Password: input.Password,
			Role:     invite.Role,
		}

		if err := as.AuthRepo.MarkInviteUsed(input.Token); err != nil {
			return err
		}

		if err := as.AuthRepo.RegisterRepo(&user); err != nil {
			return err
		}
	}
	return nil
}

func (as *AuthService) LoginService(input *LoginInput) (string, error) {
	cfg := config.LoadConfig()

	user, err := as.AuthRepo.LoginRepo(input.Email)
	if err != nil {
		return "", err
	}
	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(input.Password)); err != nil {
		return "", err
	}
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
		"sub": user.Id,
		"exp": time.Now().Add(time.Hour * 48).Unix(),
	})
	tokenString, err := token.SignedString([]byte(cfg.SecretKey))
	if err != nil {
		return "", err
	}
	return tokenString, nil
}

func (as *AuthService) GenerateInviteService(email string, role string) (string, error) {
	token := uuid.NewString()
	expiresAt := time.Now().Add(time.Hour * 24)
	invite := domain.Invitation{
		Email:     email,
		Token:     token,
		Role:      role,
		Used:      false,
		ExpiresAt: expiresAt,
	}
	if err := as.AuthRepo.CreateInvite(&invite); err != nil {
		return "", err
	}
	linkInvite := "http://localhost:5173/registerinvite?token=" + token //Change link if different
	return linkInvite, nil
}

func (as *AuthService) VerifyInviteService(token string) (*domain.Invitation, error) {
	invite, err := as.AuthRepo.FindInviteByToken(token)
	if err != nil {
		return nil, err
	}
	if invite.Used == true {
		return nil, errors.New("invite already used")
	}
	if time.Now().After(invite.ExpiresAt) {
		return nil, errors.New("invite expired")
	}
	return invite, nil
}