diff --git a/api/data/main.go b/api/data/main.go index 393ca73..baa44f8 100644 --- a/api/data/main.go +++ b/api/data/main.go @@ -1,6 +1,11 @@ package data -import "github.com/uug-ai/facial-access-control/api/models" +import ( + "log" + + "github.com/uug-ai/facial-access-control/api/models" + "github.com/uug-ai/facial-access-control/api/utils" +) var Users = []models.User{ {Id: 0, FirstName: "admin", LastName: "admin", Email: "admin@example.com", Password: "admin", Role: "admin", Language: "en"}, @@ -23,5 +28,14 @@ var Locations = []models.Location{ {Id: 4, Name: "Location 4", Address: "Address 4", Lat: 4.0, Lng: 4.0}, } - +// Initialize function to hash passwords +func Initialize() { + for i, user := range Users { + hashedPassword, err := utils.Hash(user.Password) + if err != nil { + log.Fatalf("Error hashing password for user %s: %v", user.Email, err) + } + Users[i].Password = hashedPassword + } +} diff --git a/api/database/file.go b/api/database/file.go index 9d1ab8b..c0b852a 100644 --- a/api/database/file.go +++ b/api/database/file.go @@ -10,41 +10,33 @@ import ( func GetUsersFromFile() []models.User { - users := GetUsersWithHashedPasswordFromFile() - return users -} - -func GetUsersWithHashedPasswordFromFile() []models.User { - users := data.Users - for i := range users { - users[i].Password,_ = utils.Hash(users[i].Password) - } - return users + // Directly return users from data without re-hashing passwords + return data.Users } func GetUserByIdFromFile(id int) models.User { - users := GetUsersWithHashedPasswordFromFile() - for _, user := range users { - if user.Id == id { - return user - } - } - return models.User{} + users := GetUsersFromFile() + for _, user := range users { + if user.Id == id { + return user + } + } + return models.User{} } func GetUserByEmailFromFile(email string) models.User { - users := GetUsersWithHashedPasswordFromFile() - for _, user := range users { - if user.Email == email { - return user - } - } - return models.User{} + users := GetUsersFromFile() + for _, user := range users { + if user.Email == email { + return user + } + } + return models.User{} } func AddUserToFile(user models.User) error { - users := GetUsersWithHashedPasswordFromFile() + users := GetUsersFromFile() // Find the maximum ID in the current user list maxID := 0 @@ -57,19 +49,26 @@ func AddUserToFile(user models.User) error { // Assign the new user an ID that is one greater than the current maximum user.Id = maxID + 1 + // Hash the user's password before saving + hashedPassword, err := utils.Hash(user.Password) + if err != nil { + return err + } + user.Password = hashedPassword + data.Users = append(data.Users, user) return nil } func DeleteUserFromFile(id int) error { - users := data.Users - for i, user := range users { - if user.Id == id { - data.Users = append(users[:i], users[i+1:]...) - return nil - } - } - return errors.New("user not found") + users := GetUsersFromFile() + for i, user := range users { + if user.Id == id { + data.Users = append(users[:i], users[i+1:]...) + return nil + } + } + return errors.New("user not found") } diff --git a/api/routers/http/Server.go b/api/routers/http/Server.go index fbd9b50..1ad8148 100644 --- a/api/routers/http/Server.go +++ b/api/routers/http/Server.go @@ -8,6 +8,7 @@ import ( swaggerFiles "github.com/swaggo/files" ginSwagger "github.com/swaggo/gin-swagger" + "github.com/uug-ai/facial-access-control/api/data" _ "github.com/uug-ai/facial-access-control/api/docs" ) @@ -52,6 +53,9 @@ func StartServer(port string) { // Print running port log.Println("Running on port: " + port) + // Initialize data (hash passwords) + data.Initialize() + // Run the API on the specified port if err := r.Run(":" + port); err != nil { log.Fatal(err) diff --git a/api/routers/http/jwt_middleware.go b/api/routers/http/jwt_middleware.go index 65ea1b6..a5e08f7 100644 --- a/api/routers/http/jwt_middleware.go +++ b/api/routers/http/jwt_middleware.go @@ -44,29 +44,35 @@ func JWTMiddleware() *jwt.GinJWTMiddleware { Role: user["role"].(string), } }, - Authenticator: func(c *gin.Context) (interface{}, error) { - var user models.User - if err := c.ShouldBind(&user); err != nil { - return "", jwt.ErrMissingLoginValues - } - email := user.Email - password := user.Password + Authenticator: func(c *gin.Context) (interface{}, error) { + var user models.User + if err := c.ShouldBind(&user); err != nil { + log.Println("Binding error:", err) + return "", jwt.ErrMissingLoginValues + } + email := user.Email + password := user.Password - userFound := database.GetUserByEmail(email) + log.Println("Attempting to authenticate user:", email) + userFound := database.GetUserByEmail(email) - hashedpw, _ := utils.Hash(userFound.Password) - println("Hashed password: ", hashedpw) + if userFound.Email != "" { + log.Printf("Stored hashed password: %s\n", userFound.Password) + if utils.IsSame(password, userFound.Password) { + log.Println("Authentication successful for user:", email) + return &models.User{ + Email: userFound.Email, + }, nil + } else { + log.Println("Password mismatch for user:", email) + } + } else { + log.Println("User not found for email:", email) + } - if userFound.Email != "" { - if utils.IsSame(userFound.Password, password) { - return &models.User{ - Email: userFound.Email, - }, nil - } - } + return nil, jwt.ErrFailedAuthentication +}, - return nil, jwt.ErrFailedAuthentication - }, LoginResponse: func(c *gin.Context, code int, token string, expire time.Time) { // Decrypt the token hmacSecret := []byte(myKey) // Key used for decrypting the token