diff options
| author | Bobby <[email protected]> | 2026-03-29 22:52:46 +0530 |
|---|---|---|
| committer | Bobby <[email protected]> | 2026-03-29 22:52:46 +0530 |
| commit | 9eb9b7f4bd552a641235764f66483e1f940fcfd9 (patch) | |
| tree | da520b923b5e6758d5457b6233dd6671fc640914 /nexus/services/auth | |
| parent | 65a143a0871c35989b7c7ea6723d39a0585c089e (diff) | |
| download | echoes-of-vaelun-main.tar.xz echoes-of-vaelun-main.zip | |
Diffstat (limited to 'nexus/services/auth')
| -rw-r--r-- | nexus/services/auth/auth.go | 129 | ||||
| -rw-r--r-- | nexus/services/auth/defaults.go | 3 | ||||
| -rw-r--r-- | nexus/services/auth/messages.go | 17 |
3 files changed, 149 insertions, 0 deletions
diff --git a/nexus/services/auth/auth.go b/nexus/services/auth/auth.go new file mode 100644 index 0000000..c9c97c6 --- /dev/null +++ b/nexus/services/auth/auth.go @@ -0,0 +1,129 @@ +package auth
+
+import (
+ "fmt"
+ "nexus/config"
+ "nexus/models"
+ "nexus/repositories/account"
+ "nexus/repositories/session"
+ "nexus/types/auth"
+ "nexus/utils/logger"
+ "nexus/utils/shortcuts"
+ "nexus/utils/token"
+ "time"
+
+ "github.com/gofiber/fiber/v2"
+ "github.com/google/uuid"
+)
+
+func Register(req auth.RegisterRequest) (*models.Account, *fiber.Error) {
+ if existing, _ := account.FindByEmail(req.Email); existing != nil {
+ return nil, shortcuts.ServiceError(fiber.StatusConflict, ErrEmailTaken)
+ }
+
+ if existing, _ := account.FindByUsername(req.Username); existing != nil {
+ return nil, shortcuts.ServiceError(fiber.StatusConflict, ErrUsernameTaken)
+ }
+
+ a := &models.Account{
+ Username: req.Username,
+ Email: req.Email,
+ }
+
+ if err := a.SetPassword(req.Password); err != nil {
+ logger.Errorf(LogPrefix, PasswordHashFailed, err)
+ return nil, shortcuts.ServiceError(fiber.StatusInternalServerError, fmt.Sprintf(PasswordHashFailed, err))
+ }
+
+ if err := account.Create(a); err != nil {
+ logger.Errorf(LogPrefix, AccountCreateFailed, err)
+ return nil, shortcuts.ServiceError(fiber.StatusInternalServerError, fmt.Sprintf(AccountCreateFailed, err))
+ }
+
+ logger.Successf(LogPrefix, AccountCreated, a.Username)
+ return a, nil
+}
+
+func Login(req auth.LoginRequest, ip string, userAgent string) (*models.Session, *fiber.Error) {
+ a, err := account.FindByEmail(req.Email)
+ if err != nil || a == nil {
+ return nil, shortcuts.ServiceError(fiber.StatusUnauthorized, ErrInvalidCredentials)
+ }
+
+ if !a.IsActive {
+ return nil, shortcuts.ServiceError(fiber.StatusForbidden, ErrAccountDisabled)
+ }
+
+ if !a.CheckPassword(req.Password) {
+ return nil, shortcuts.ServiceError(fiber.StatusUnauthorized, ErrInvalidCredentials)
+ }
+
+ s, sessionErr := createSession(a.ID, ip, userAgent)
+ if sessionErr != nil {
+ return nil, sessionErr
+ }
+
+ logger.Successf(LogPrefix, LoginSuccess, a.Username)
+ return s, nil
+}
+
+func Refresh(refreshToken string, ip string, userAgent string) (*models.Session, *fiber.Error) {
+ s, err := session.FindByRefreshToken(refreshToken)
+ if err != nil || s == nil {
+ return nil, shortcuts.ServiceError(fiber.StatusUnauthorized, ErrInvalidToken)
+ }
+
+ if s.IsRefreshExpired() {
+ _ = session.Delete(s.ID)
+ return nil, shortcuts.ServiceError(fiber.StatusUnauthorized, ErrTokenExpired)
+ }
+
+ _ = session.Delete(s.ID)
+
+ return createSession(s.AccountID, ip, userAgent)
+}
+
+func Logout(authToken string) *fiber.Error {
+ s, err := session.FindByAuthToken(authToken)
+ if err != nil || s == nil {
+ return shortcuts.ServiceError(fiber.StatusUnauthorized, ErrInvalidToken)
+ }
+
+ if err := session.Delete(s.ID); err != nil {
+ logger.Errorf(LogPrefix, LogoutFailed, err)
+ return shortcuts.ServiceError(fiber.StatusInternalServerError, fmt.Sprintf(LogoutFailed, err))
+ }
+
+ return nil
+}
+
+func createSession(accountID uuid.UUID, ip string, userAgent string) (*models.Session, *fiber.Error) {
+ authToken, err := token.Generate()
+ if err != nil {
+ logger.Errorf(LogPrefix, TokenGenerateFailed, err)
+ return nil, shortcuts.ServiceError(fiber.StatusInternalServerError, fmt.Sprintf(TokenGenerateFailed, err))
+ }
+
+ refreshToken, err := token.Generate()
+ if err != nil {
+ logger.Errorf(LogPrefix, TokenGenerateFailed, err)
+ return nil, shortcuts.ServiceError(fiber.StatusInternalServerError, fmt.Sprintf(TokenGenerateFailed, err))
+ }
+
+ s := &models.Session{
+ AccountID: accountID,
+ AuthToken: authToken,
+ RefreshToken: refreshToken,
+ AuthExpiry: time.Now().Add(time.Duration(config.Token.AuthExpiry) * time.Minute),
+ RefreshExpiry: time.Now().Add(time.Duration(config.Token.RefreshExpiry) * 24 * time.Hour),
+ IPAddress: ip,
+ UserAgent: userAgent,
+ }
+
+ if err := session.Create(s); err != nil {
+ logger.Errorf(LogPrefix, SessionCreateFailed, err)
+ return nil, shortcuts.ServiceError(fiber.StatusInternalServerError, fmt.Sprintf(SessionCreateFailed, err))
+ }
+
+ return s, nil
+}
diff --git a/nexus/services/auth/defaults.go b/nexus/services/auth/defaults.go new file mode 100644 index 0000000..3a18c38 --- /dev/null +++ b/nexus/services/auth/defaults.go @@ -0,0 +1,3 @@ +package auth
+
+const LogPrefix = "Auth"
diff --git a/nexus/services/auth/messages.go b/nexus/services/auth/messages.go new file mode 100644 index 0000000..b13dfe6 --- /dev/null +++ b/nexus/services/auth/messages.go @@ -0,0 +1,17 @@ +package auth
+
+const (
+ ErrEmailTaken = "email is already taken"
+ ErrUsernameTaken = "username is already taken"
+ ErrInvalidCredentials = "invalid email or password"
+ ErrAccountDisabled = "account is disabled"
+ ErrInvalidToken = "invalid token"
+ ErrTokenExpired = "token has expired"
+ PasswordHashFailed = "failed to hash password: %v"
+ AccountCreateFailed = "failed to create account: %v"
+ AccountCreated = "account created: %s"
+ LoginSuccess = "login successful: %s"
+ LogoutFailed = "failed to logout: %v"
+ TokenGenerateFailed = "failed to generate token: %v"
+ SessionCreateFailed = "failed to create session: %v"
+)
|