package httpserver import ( "errors" "strconv" "github.com/SamuelTariku/FortuneBet-Backend/internal/services/authentication" jwtutil "github.com/SamuelTariku/FortuneBet-Backend/internal/web_server/jwt" "github.com/SamuelTariku/FortuneBet-Backend/internal/web_server/response" "github.com/gofiber/fiber/v2" ) type loginCustomerReq struct { Email string `json:"email" example:"john.doe@example.com"` PhoneNumber string `json:"phone_number" example:"1234567890"` Password string `json:"password" example:"password123"` } type loginCustomerRes struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` } // LoginCustomer godoc // @Summary Login customer // @Description Login customer // @Tags auth // @Accept json // @Produce json // @Param login body loginCustomerReq true "Login customer" // @Success 200 {object} loginCustomerRes // @Failure 400 {object} response.APIResponse // @Failure 401 {object} response.APIResponse // @Failure 500 {object} response.APIResponse // @Router /auth/login [post] func (a *App) LoginCustomer(c *fiber.Ctx) error { var req loginCustomerReq if err := c.BodyParser(&req); err != nil { a.logger.Error("Login failed", "error", err) response.WriteJSON(c, fiber.StatusBadRequest, "Invalid request", nil, nil) } valErrs, ok := a.validator.Validate(c, req) if !ok { response.WriteJSON(c, fiber.StatusBadRequest, "Invalid request", valErrs, nil) return nil } successRes, err := a.authSvc.Login(c.Context(), req.Email, req.PhoneNumber, req.Password) if err != nil { a.logger.Info("Login failed", "error", err) if errors.Is(err, authentication.ErrInvalidPassword) { response.WriteJSON(c, fiber.StatusUnauthorized, "Invalid password or not registered", nil, nil) return nil } if errors.Is(err, authentication.ErrUserNotFound) { response.WriteJSON(c, fiber.StatusUnauthorized, "Invalid password or not registered", nil, nil) return nil } a.logger.Error("Login failed", "error", err) response.WriteJSON(c, fiber.StatusInternalServerError, "Internal server error", nil, nil) return nil } accessToken, err := jwtutil.CreateJwt(strconv.Itoa(int(successRes.UserId)), successRes.Role, a.JwtConfig.JwtAccessKey, a.JwtConfig.JwtAccessExpiry) res := loginCustomerRes{ AccessToken: accessToken, RefreshToken: successRes.RfToken, } return response.WriteJSON(c, fiber.StatusOK, "Login successful", res, nil) } type refreshToken struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` } // RefreshToken godoc // @Summary Refresh token // @Description Refresh token // @Tags auth // @Accept json // @Produce json // @Param refresh body refreshToken true "tokens" // @Success 200 {object} loginCustomerRes // @Failure 400 {object} response.APIResponse // @Failure 401 {object} response.APIResponse // @Failure 500 {object} response.APIResponse // @Router /auth/refresh [post] func (a *App) RefreshToken(c *fiber.Ctx) error { var req refreshToken if err := c.BodyParser(&req); err != nil { response.WriteJSON(c, fiber.StatusBadRequest, "Invalid request", nil, nil) } valErrs, ok := a.validator.Validate(c, req) if !ok { response.WriteJSON(c, fiber.StatusBadRequest, "Invalid request", valErrs, nil) return nil } rf, err := a.authSvc.RefreshToken(c.Context(), req.RefreshToken) if err != nil { a.logger.Info("Refresh token failed", "error", err) if errors.Is(err, authentication.ErrExpiredToken) { response.WriteJSON(c, fiber.StatusUnauthorized, "The refresh token has expired", nil, nil) return nil } if errors.Is(err, authentication.ErrRefreshTokenNotFound) { response.WriteJSON(c, fiber.StatusUnauthorized, "Refresh token not found", nil, nil) return nil } a.logger.Error("Refresh token failed", "error", err) response.WriteJSON(c, fiber.StatusInternalServerError, "Internal server error", nil, nil) return nil } accessToken, err := jwtutil.CreateJwt("", "", a.JwtConfig.JwtAccessKey, a.JwtConfig.JwtAccessExpiry) if err != nil { a.logger.Error("Create jwt failed", "error", err) response.WriteJSON(c, fiber.StatusInternalServerError, "Internal server error", nil, nil) return nil } res := loginCustomerRes{ AccessToken: accessToken, RefreshToken: rf, } return response.WriteJSON(c, fiber.StatusOK, "refresh successful", res, nil) } type logoutReq struct { RefreshToken string `json:"refresh_token"` } // LogOutCustomer godoc // @Summary Logout customer // @Description Logout customer // @Tags auth // @Accept json // @Produce json // @Param logout body logoutReq true "Logout customer" // @Success 200 {object} response.APIResponse // @Failure 400 {object} response.APIResponse // @Failure 401 {object} response.APIResponse // @Failure 500 {object} response.APIResponse // @Router /auth/logout [post] func (a *App) LogOutCustomer(c *fiber.Ctx) error { var req logoutReq if err := c.BodyParser(&req); err != nil { response.WriteJSON(c, fiber.StatusBadRequest, "Invalid request", nil, nil) } valErrs, ok := a.validator.Validate(c, req) if !ok { response.WriteJSON(c, fiber.StatusBadRequest, "Invalid request", valErrs, nil) return nil } err := a.authSvc.Logout(c.Context(), req.RefreshToken) if err != nil { a.logger.Info("Logout failed", "error", err) if errors.Is(err, authentication.ErrExpiredToken) { response.WriteJSON(c, fiber.StatusUnauthorized, "The refresh token has expired", nil, nil) return nil } if errors.Is(err, authentication.ErrRefreshTokenNotFound) { response.WriteJSON(c, fiber.StatusUnauthorized, "Refresh token not found", nil, nil) return nil } a.logger.Error("Logout failed", "error", err) response.WriteJSON(c, fiber.StatusInternalServerError, "Internal server error", nil, nil) return nil } return response.WriteJSON(c, fiber.StatusOK, "Logout successful", nil, nil) }