Add JWT Login feature

Author: tyouwei

authentication-service/controllers/token_login.go

@@ -0,0 +1,55 @@
+package controllers
+
+import (
+	"net/http"
+
+	"authentication-service/models"
+	"authentication-service/services"
+	"authentication-service/utils"
+	"github.com/golang-jwt/jwt"
+	"github.com/gin-gonic/gin"
+)
+
+// Handles JWT token requests
+func TokenLogin(c *gin.Context) {
+	// Get the token from the request query string
+	var tokenString = c.Query("token")
+	if tokenString == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Token not provided"})
+		return
+	}
+
+	// Verify the token using the utility function
+	token, err := utils.VerifyToken(tokenString)
+	if err != nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or expired token"})
+		return
+	}
+
+	// Extract claims from the token (e.g., the user's email)
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if !ok || !token.Valid {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token claims"})
+		return
+	}
+
+	// Retrieve user details based on the email claim
+	email, ok := claims["email"].(string)
+	if !ok {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token claims"})
+		return
+	}
+
+	var user models.UserModel
+	err = services.GetUserByEmail(c.Request.Context(), email, &user)
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "User not found"})
+		return
+	}
+
+	// Return the user's account details
+	c.JSON(http.StatusOK, gin.H{
+		"email": user.Email,
+		"name":  user.Name,
+	})
+}

authentication-service/routes/routes.go

@@ -8,4 +8,5 @@ import (
 func InitialiseRoutes(r *gin.Engine) {
     r.POST("/register", controllers.RegisterUser)
 	r.POST("/login", controllers.LoginUser)
+    r.GET("/jwt", controllers.TokenLogin)
 }

authentication-service/utils/jwt_utils.go

@@ -3,6 +3,7 @@ package utils
 import (
 	"os"
 	"log"
+	"errors"
 	"time"
 
 	"authentication-service/models"
@@ -28,3 +29,35 @@ func GenerateToken(user models.UserModel) (string, error) {
 	// Sign the token with the secret key
 	return token.SignedString(jwtSecret)
 }
+
+func VerifyToken(tokenString string) (*jwt.Token, error) {
+	err := godotenv.Load(".env.dev")
+	if err != nil {
+		return nil, errors.New("error loading .env file")
+	}
+	var jwtSecret = []byte(os.Getenv("JWT_SECRET_KEY"))
+
+	// Parse the token
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		// Validate the algorithm
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, errors.New("unexpected signing method")
+		}
+		return jwtSecret, nil
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	// Verify if token is valid and not expired
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		expiry := int64(claims["exp"].(float64))
+		if expiry < time.Now().Unix() {
+			return nil, errors.New("token has expired")
+		}
+		return token, nil
+	}
+
+	return nil, errors.New("invalid token")
+}