Created
January 18, 2022 13:29
-
-
Save fulviodenza/67a9c543cb04299a1dcd22daf478ed86 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Register receiver method is the handler for | |
| // /register endpoint, this method takes echo.Context | |
| // in which is located the user input as json request | |
| // as input with the following format: | |
| // { | |
| // "email":"[email protected]", | |
| // "user":{ | |
| // "username":"exampleusername", | |
| // "password":"Hello4world!" | |
| // } | |
| // } | |
| // and returns a Json containing the error with this format: | |
| // { | |
| // "error": { | |
| // "Message_": "Example message error" | |
| // } | |
| // } | |
| func (a *App) Register(c echo.Context, v validator.Validate) (err error) { | |
| r := new(Response) | |
| u := new(UserRegister) | |
| u.User.UUID = uuid.New() | |
| // Bind the user input saved in context to the u(User) variable and validate it | |
| if err = c.Bind(u); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| if err = c.Validate(u); err != nil { | |
| return err | |
| } | |
| if err = v.Struct(u.User); err != nil { | |
| return err | |
| } | |
| user := &cognito.SignUpInput{ | |
| Username: aws.String(u.User.Username), | |
| Password: aws.String(u.User.Password), | |
| ClientId: aws.String(a.AppClientID), | |
| UserAttributes: []*cognito.AttributeType{ | |
| { | |
| Name: aws.String("email"), | |
| Value: aws.String(u.Email), | |
| }, | |
| }, | |
| } | |
| secretHash := computeSecretHash(a.AppClientSecret, u.User.Username, a.AppClientID) | |
| user.SecretHash = aws.String(secretHash) | |
| // Make signup operation using cognito's api | |
| _, r.Error = a.CognitoClient.SignUp(user) | |
| if r.Error != nil { | |
| return c.JSON(http.StatusInternalServerError, r) | |
| } | |
| return c.JSON(http.StatusOK, r) | |
| } | |
| // OTP receiver method is the handler for | |
| // /otp endpoint, this method takes echo.Context | |
| // in which is located the user input as json request | |
| // as input with the following format: | |
| // { | |
| // "username":"exampleusername", | |
| // "otp":"123456" | |
| // } | |
| // otp field is received via email | |
| // and returns a Json containing the error with this format: | |
| // { | |
| // "error": { | |
| // "Message_": "Example message error" | |
| // } | |
| // } | |
| func (a *App) OTP(c echo.Context) (err error) { | |
| r := new(Response) | |
| o := new(OTP) | |
| if err = c.Bind(o); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| if err = c.Validate(o); err != nil { | |
| return err | |
| } | |
| user := &cognito.ConfirmSignUpInput{ | |
| ConfirmationCode: aws.String(o.OTP), | |
| Username: aws.String(o.Username), | |
| ClientId: aws.String(a.AppClientID), | |
| } | |
| secretHash := computeSecretHash(a.AppClientSecret, o.Username, a.AppClientID) | |
| user.SecretHash = aws.String(secretHash) | |
| _, r.Error = a.CognitoClient.ConfirmSignUp(user) | |
| if err != nil { | |
| fmt.Println(err) | |
| return c.JSON(http.StatusInternalServerError, r) | |
| } | |
| return c.JSON(http.StatusOK, r) | |
| } | |
| // Login receiver method is the handler for | |
| // /login endpoint, this method takes echo.Context | |
| // in which is located the user input as json request | |
| // as input with the following format: | |
| // { | |
| // "username":"exampleusername", | |
| // "password":"ExamplePassword1!" | |
| // } | |
| // and returns a Json containing the error with this format: | |
| // { | |
| // "AuthenticationResult": { | |
| // "AccessToken": "AccessTokenExample", | |
| // "ExpiresIn": 3600, | |
| // "IdToken": "IdTokenExample", | |
| // "NewDeviceMetadata": null, | |
| // "RefreshToken": "RefreshTokenExample", | |
| // "TokenType": "Bearer" | |
| // }, | |
| // "ChallengeName": null, | |
| // "ChallengeParameters": {}, | |
| // "Session": null | |
| // } | |
| func (a *App) Login(c echo.Context) (err error) { | |
| // r := new(Response) | |
| u := new(User) | |
| if err = c.Bind(u); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| if err = c.Validate(u); err != nil { | |
| return err | |
| } | |
| // if err = v.Struct(u.User); err != nil { | |
| // return err | |
| // } | |
| params := map[string]*string{ | |
| "USERNAME": aws.String(u.Username), | |
| "PASSWORD": aws.String(u.Password), | |
| } | |
| secretHash := computeSecretHash(a.AppClientSecret, u.Username, a.AppClientID) | |
| params["SECRET_HASH"] = aws.String(secretHash) | |
| authTry := &cognito.InitiateAuthInput{ | |
| AuthFlow: aws.String("USER_PASSWORD_AUTH"), | |
| AuthParameters: map[string]*string{ | |
| "USERNAME": aws.String(*params["USERNAME"]), | |
| "PASSWORD": aws.String(*params["PASSWORD"]), | |
| "SECRET_HASH": aws.String(*params["SECRET_HASH"]), | |
| }, | |
| ClientId: aws.String(a.AppClientID), // this is the app client ID | |
| } | |
| authResp, err := a.CognitoClient.InitiateAuth(authTry) | |
| if err != nil { | |
| return c.JSON(http.StatusInternalServerError, authResp) | |
| } | |
| a.Token = *authResp.AuthenticationResult.AccessToken | |
| return c.JSON(http.StatusOK, authResp) | |
| } | |
| func (a *App) ForgotPassword(c echo.Context) (err error) { | |
| u := new(UserForgot) | |
| if err = c.Bind(u); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| if err = c.Validate(u); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| secretHash := computeSecretHash(a.AppClientSecret, u.Username, a.AppClientID) | |
| cognitoUser := &cognito.ForgotPasswordInput{ | |
| SecretHash: aws.String(secretHash), | |
| ClientId: aws.String(a.AppClientID), | |
| Username: &u.Username, | |
| } | |
| cognitoUser.Validate() | |
| forgotPasswordOutput, err := a.CognitoClient.ForgotPassword(cognitoUser) | |
| if err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| return echo.NewHTTPError(http.StatusOK, forgotPasswordOutput) | |
| } | |
| func (a *App) ConfirmForgotPassword(c echo.Context, v validator.Validate) (err error) { | |
| u := new(UserConfirmationCode) | |
| if err = c.Bind(u); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| if err = c.Validate(u); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| if err = v.Struct(u.User); err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| secretHash := computeSecretHash(a.AppClientSecret, u.User.Username, a.AppClientID) | |
| cognitoUser := &cognito.ConfirmForgotPasswordInput{ | |
| SecretHash: aws.String(secretHash), | |
| ClientId: aws.String(a.AppClientID), | |
| Username: &u.User.Username, | |
| ConfirmationCode: &u.ConfirmationCode, | |
| Password: &u.User.Password, | |
| } | |
| resp, err := a.CognitoClient.ConfirmForgotPassword(cognitoUser) | |
| if err != nil { | |
| return echo.NewHTTPError(http.StatusBadRequest, err.Error()) | |
| } | |
| return echo.NewHTTPError(http.StatusOK, resp) | |
| } | |
| func (a *App) Verify() | |
| func computeSecretHash(clientSecret string, username string, clientId string) string { | |
| mac := hmac.New(sha256.New, []byte(clientSecret)) | |
| mac.Write([]byte(username + clientId)) | |
| return base64.StdEncoding.EncodeToString(mac.Sum(nil)) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment