From c02c47efcb00782feb1461534923023a711d4f15 Mon Sep 17 00:00:00 2001
From: sowgro <tpoke.ferrari@gmail.com>
Date: Sun, 2 Mar 2025 11:22:48 -0500
Subject: First attempt at an authentication system.

---
 .../api/ufundapi/controller/AuthController.java    | 54 ++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java

(limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java')

diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java
new file mode 100644
index 0000000..aa27e3f
--- /dev/null
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/AuthController.java
@@ -0,0 +1,54 @@
+package com.ufund.api.ufundapi.controller;
+
+import com.ufund.api.ufundapi.model.UserAuth;
+import com.ufund.api.ufundapi.persistence.UserAuthDAO;
+import com.ufund.api.ufundapi.persistence.UserDAO;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.io.IOException;
+import java.util.Map;
+
+@RestController
+@RequestMapping("auth")
+public class AuthController {
+    private final UserDAO userDAO;
+    private final UserAuthDAO userAuthDAO;
+
+    public AuthController(UserDAO userDAO, UserAuthDAO userAuthDAO) {
+        this.userDAO = userDAO;
+        this.userAuthDAO = userAuthDAO;
+    }
+
+    /**
+     * Attempts to log in as a user
+     * @param params A map/json object in the format {username: string, password: string}
+     * @return An api key if the auth was successful, null otherwise
+     */
+    @PostMapping("")
+    public ResponseEntity<String> login(@RequestBody Map<String, String> params) {
+        String username = params.get("username");
+        String password = params.get("password");
+        try {
+            var usr = userDAO.getUser(username);
+            if (usr == null || !usr.verifyPassword(password)) {
+                return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
+            }
+            var userAuth = UserAuth.generate(username);
+            userAuthDAO.addUserAuth(userAuth);
+            return new ResponseEntity<>(userAuth.getKey(), HttpStatus.OK);
+        } catch (IOException ex) {
+            return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+
+    /**
+     * TODO
+     * @return
+     */
+    @DeleteMapping("")
+    public ResponseEntity<Object> logout() {
+        return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED);
+    }
+}
-- 
cgit v1.2.3