yobble/scala_monolith
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add bcrypt

Browse Source
This commit is contained in:
cheykrym 2025-08-06 04:27:35 +03:00
parent 7f9337cd16
commit 4ce6cc2a90
3 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
build.sbt
View File

@ -13,6 +13,7 @@ val logbackVersion = "1.4.11"
val vaultVersion = "3.6.0" val vaultVersion = "3.6.0"
val doobieVersion = "1.0.0-RC5" val doobieVersion = "1.0.0-RC5"
val postgresqlVersion = "42.7.4" val postgresqlVersion = "42.7.4"
val bcryptVersion = "0.10.2"
lazy val root = (project in file(".")) lazy val root = (project in file("."))
@ -44,6 +45,9 @@ lazy val root = (project in file("."))
"org.tpolecat" %% "doobie-core" % doobieVersion, "org.tpolecat" %% "doobie-core" % doobieVersion,
"org.tpolecat" %% "doobie-hikari" % doobieVersion, "org.tpolecat" %% "doobie-hikari" % doobieVersion,
"org.tpolecat" %% "doobie-postgres" % doobieVersion, "org.tpolecat" %% "doobie-postgres" % doobieVersion,
"org.postgresql" % "postgresql" % postgresqlVersion "org.postgresql" % "postgresql" % postgresqlVersion,
// Bcrypt
"at.favre.lib" % "bcrypt" % bcryptVersion
) )
) )

1
src/main/scala/org/yobble/scala_monolith/api/endpoint/auth/AuthEndpoints.scala
View File

@ -14,6 +14,7 @@ object AuthEndpoints {
val loginEndpoint: PublicEndpoint[LoginRequest, ErrorResponse, LoginResponse, Any] = val loginEndpoint: PublicEndpoint[LoginRequest, ErrorResponse, LoginResponse, Any] =
endpoint.post endpoint.post
.in("auth" / "login") .in("auth" / "login")
.tags(List("Auth"))
.in(jsonBody[LoginRequest]) .in(jsonBody[LoginRequest])
.out(jsonBody[LoginResponse]) .out(jsonBody[LoginResponse])
.errorOut( .errorOut(

17
src/main/scala/org/yobble/scala_monolith/service/AuthService.scala
View File

@ -1,5 +1,6 @@
package org.yobble.scala_monolith.service package org.yobble.scala_monolith.service
import at.favre.lib.crypto.bcrypt.BCrypt
import cats.effect.IO import cats.effect.IO
import org.yobble.scala_monolith.api.dto.{LoginRequest, LoginResponse} import org.yobble.scala_monolith.api.dto.{LoginRequest, LoginResponse}
import org.yobble.scala_monolith.api.response.ErrorResponse import org.yobble.scala_monolith.api.response.ErrorResponse
@ -10,16 +11,18 @@ class AuthService(userRepository: UserRepository) {
def login(request: LoginRequest): IO[Either[ErrorResponse, LoginResponse]] = { def login(request: LoginRequest): IO[Either[ErrorResponse, LoginResponse]] = {
userRepository.findByLogin(request.login).map { userRepository.findByLogin(request.login).map {
case Some(user) if user.passwordHash != request.password =>
Left(ErrorUtils.unauthorized("Invalid login or password"))
case Some(user) if user.isBlocked =>
Left(ErrorUtils.forbidden("User account is disabled"))
case Some(user) if user.isDeleted =>
Left(ErrorUtils.forbidden("User account is deleted"))
case Some(user) => case Some(user) =>
// TODO: Implement proper password hashing (e.g., with bcrypt) val passwordMatches = BCrypt.verifyer().verify(request.password.toCharArray, user.passwordHash).verified
if (!passwordMatches) {
Left(ErrorUtils.unauthorized("Invalid login or password"))
} else if (user.isBlocked) {
Left(ErrorUtils.forbidden("User account is disabled"))
} else if (user.isDeleted) {
Left(ErrorUtils.forbidden("User account is deleted"))
} else {
// TODO: Implement real token generation // TODO: Implement real token generation
Right(LoginResponse(accessToken = "fake-access-token", refreshToken = "fake-refresh-token")) Right(LoginResponse(accessToken = "fake-access-token", refreshToken = "fake-refresh-token"))
}
case None => case None =>
Left(ErrorUtils.unauthorized("Invalid login or password")) Left(ErrorUtils.unauthorized("Invalid login or password"))
} }