-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathmain.go
More file actions
140 lines (114 loc) · 3.22 KB
/
main.go
File metadata and controls
140 lines (114 loc) · 3.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
package main
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/pquerna/otp/totp"
)
// User represents a user in the system
type User struct {
Username string
Password string
Secret string
TwoFAEnabled bool
}
var users = make(map[string]User)
func main() {
router := gin.Default()
router.Use(gin.Recovery())
router.Use(gin.Logger())
auth := router.Group("/auth")
auth.POST("/signup", signUp)
auth.POST("/login", login)
auth.POST("/enable-2fa", enable2FA)
auth.POST("/verify", verify2FA)
router.Run(":8080")
}
// signUp handles user registration
func signUp(c *gin.Context) {
var newUser User
if err := c.ShouldBindJSON(&newUser); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Check if the user already exists
if _, exists := users[newUser.Username]; exists {
c.JSON(http.StatusConflict, gin.H{"error": "Username already exists"})
return
}
// Save the user in the map
users[newUser.Username] = newUser
c.JSON(http.StatusCreated, gin.H{"message": "User created successfully"})
}
// login handles user login and 2FA verification
func login(c *gin.Context) {
var credentials struct {
Username string `json:"username"`
Password string `json:"password"`
}
if err := c.ShouldBindJSON(&credentials); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Check if the user exists
user, exists := users[credentials.Username]
if !exists || user.Password != credentials.Password {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid credentials"})
return
}
c.JSON(http.StatusOK, gin.H{"message": "Login successful"})
}
// verify2FA handles 2FA code verification
func verify2FA(c *gin.Context) {
var verification struct {
Username string `json:"username"`
Code string `json:"code"`
}
if err := c.ShouldBindJSON(&verification); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Check if the user exists
user, exists := users[verification.Username]
if !exists {
c.JSON(http.StatusNotFound, gin.H{"error": "User not found"})
return
}
// Verify the provided code
valid := totp.Validate(verification.Code, user.Secret)
if !valid {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid 2FA code"})
return
}
c.JSON(http.StatusOK, gin.H{"message": "2FA code is valid"})
}
// enable2FA generates a secret and QR code for 2FA setup
func enable2FA(c *gin.Context) {
var req struct {
Username string `json:"username"`
}
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Check if the user exists
user, exists := users[req.Username]
if !exists {
c.JSON(http.StatusNotFound, gin.H{"error": "User not found"})
return
}
// Generate a secret for the user
secret, err := totp.Generate(totp.GenerateOpts{
Issuer: "MyApp",
AccountName: user.Username,
Period: 60,
})
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Error generating QR code"})
return
}
// Save the secret in the user object
user.Secret = secret.Secret()
user.TwoFAEnabled = true
users[req.Username] = user
c.JSON(http.StatusOK, gin.H{"secret": secret.Secret(), "url": secret.URL()})
}