add auth module

2026-04-15 19:17:10 +06:00
parent e50f81f7f3
commit be0b13acbf
12 changed files with 410 additions and 8 deletions
--- a/backend/internal/auth/service.go
+++ b/backend/internal/auth/service.go
@@ -0,0 +1,98 @@
+package auth
+
+import (
+	"context"
+	"errors"
+	"time"
+
+	sqlc "github.com/chedius/delivery-tracker/internal/db/sqlc"
+	"github.com/google/uuid"
+
+	"github.com/jackc/pgx/v5"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type Service struct {
+	queries *sqlc.Queries
+	secret  []byte
+	expiry  time.Duration
+}
+
+type User struct {
+	ID       string
+	Username string
+	// Password string
+}
+
+func New(queries *sqlc.Queries, secret []byte, expiry time.Duration) *Service {
+	return &Service{queries, secret, expiry}
+}
+
+func (s *Service) Register(ctx context.Context, username, password string) (User, string, error) {
+	if username == "" || password == "" {
+		return User{}, "", ErrCredentialsEmpty
+	}
+	if _, err := s.queries.GetUserByUsername(ctx, username); err == nil {
+		return User{}, "", ErrUserExists
+	}
+	if len(password) < 6 {
+		return User{}, "", ErrPasswordTooShort
+	}
+	hashedPassword, err := s.HashPassword(password)
+	if err != nil {
+		return User{}, "", err
+	}
+
+	user, err := s.queries.CreateUser(ctx, sqlc.CreateUserParams{
+		Username:     username,
+		PasswordHash: hashedPassword,
+	})
+	if err != nil {
+		return User{}, "", err
+	}
+
+	token, err := GenerateToken(uuid.UUID(user.ID.Bytes), s.secret, s.expiry)
+	if err != nil {
+		return User{}, "", err
+	}
+
+	return User{
+		ID:       user.ID.String(),
+		Username: user.Username,
+	}, token, nil
+}
+
+func (s *Service) Login(ctx context.Context, username, password string) (string, error) { // returns JWT
+	user, err := s.queries.GetUserByUsername(ctx, username)
+	if err != nil {
+		if errors.Is(err, pgx.ErrNoRows) {
+			return "", ErrUserNotFound
+		}
+		return "", err
+	}
+
+	if !s.VerifyPassword(user.PasswordHash, password) {
+		return "", ErrInvalidCredentials
+	}
+
+	token, err := GenerateToken(uuid.UUID(user.ID.Bytes), s.secret, s.expiry)
+	if err != nil {
+		return "", err
+	}
+
+	return token, nil
+}
+
+func (s *Service) HashPassword(password string) (string, error) {
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return "", err
+	}
+
+	return string(hash), nil
+}
+func (s *Service) VerifyPassword(hash, password string) bool {
+	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
+
+	return err == nil
+}