Hugging Face's logo

Spaces:
lifedebugger
/
quzuu-api-dev
Runtime error

App Files Community
quzuu-api-dev
File size: 2,205 Bytes 
2d9d20d
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
package services

import (
	"errors"
	"strings"
	"time"

	"github.com/golang-jwt/jwt/v5"
	"github.com/google/uuid"
	"godp.abdanhafidz.com/config"
	"godp.abdanhafidz.com/models"
	"golang.org/x/crypto/bcrypt"
)

var salt = config.Salt
var secretKey = []byte(salt)

func GenerateToken(user *models.Account) (string, error) {
	claims := models.CustomClaims{
		UserID: user.Id,
		RegisteredClaims: jwt.RegisteredClaims{
			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 24)), // Token berlaku 24 jam
			IssuedAt:  jwt.NewNumericDate(time.Now()),
			Issuer:    "apqobiltu.id",
		},
	}

	// Buat token dengan metode signing
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	return token.SignedString(secretKey)
}

func ExtractBearerToken(authHeader string) (string, error) {
	parts := strings.Split(authHeader, " ")
	if len(parts) != 2 || parts[0] != "Bearer" {
		return "", errors.New("invalid authorization header format")
	}
	return parts[1], nil
}

func VerifyToken(bearerToken string) (uuid.UUID, string, error) {
	// fmt.Println("bearerToken :", bearerToken)

	tokenData, err := ExtractBearerToken(bearerToken)
	if err != nil {
		return uuid.UUID{}, "invalid-token", err
	} else {
		// fmt.Println("Extracted Token:", tokenData)
	}

	token, err := jwt.ParseWithClaims(tokenData, &models.CustomClaims{}, func(token *jwt.Token) (interface{}, error) {
		return secretKey, nil
	})

	if err != nil {
		return uuid.UUID{}, "invalid-token", err
	}

	// Extract the claims
	claims, ok := token.Claims.(*models.CustomClaims)
	if !ok || !token.Valid {
		return uuid.UUID{}, "invalid-token", err
	}
	if claims.ExpiresAt != nil && claims.ExpiresAt.Time.Before(time.Now()) {
		return uuid.UUID{}, "expired", err
	}

	return claims.UserID, "valid", err
}

func VerifyPassword(hashedPassword, password string) error {
	err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
	if err != nil {
		return errors.New("invalid password")
	}
	return nil
}
func HashPassword(password string) (string, error) {
	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
	return string(bytes), err
}