diff --git a/controllers/users_controller.go b/controllers/users_controller.go index 74e2177..55a46ea 100644 --- a/controllers/users_controller.go +++ b/controllers/users_controller.go @@ -3,6 +3,7 @@ package controllers import ( "crypto/rand" "encoding/base64" + "log" "net/http" "strings" @@ -115,7 +116,7 @@ func UpdatePassword(c *gin.Context) { } func Login(c *gin.Context) { - var req models.User + var req models.LoginRequest if err := c.BindJSON(&req); err != nil { c.JSON(http.StatusBadRequest, gin.H{"error": "Bad request"}) return @@ -130,12 +131,13 @@ func Login(c *gin.Context) { if usr.CheckPassword(user.Password, req.Password) { if user.IsActive && user.LoginAttempts < 10 { // Proceed with creating JWT token and resetting login attempts - // if len(user.Companies) == 0 { - // c.JSON(http.StatusInternalServerError, gin.H{"error": "User is not connected to a company"}) - // return - // } + log.Printf("Companies length %v", len(user.Companies)) + if len(user.Companies) == 0 { + c.JSON(http.StatusInternalServerError, gin.H{"error": "User is not connected to a company"}) + return + } - token, err := usr.CreateSessionToken(user.ID, 2) + token, err := usr.CreateSessionToken(user.ID, user.Companies[0].ID) if err != nil { c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not create JWT token"}) return diff --git a/database/user/user.go b/database/user/user.go index 9cc42c3..836b48e 100644 --- a/database/user/user.go +++ b/database/user/user.go @@ -36,8 +36,8 @@ func SaveResetTokenToDB(userID uint, resetToken string) error { func GetUserByEmail(email string) (*models.User, error) { var user models.User - // Query the database for a user with the specified email - if err := shared.GetDb().Where("email = ?", email).First(&user).Error; err != nil { + // Query the database for a user with the specified email and preload Companies + if err := shared.GetDb().Preload("Companies").Where("email = ?", email).First(&user).Error; err != nil { if gorm.IsRecordNotFoundError(err) { return nil, nil } diff --git a/main.go b/main.go index c031061..492180f 100644 --- a/main.go +++ b/main.go @@ -40,8 +40,15 @@ func main() { // Allow Admin to manage User resource company := Admin.AddResource(&models.Company{}) + + userResource := Admin.AddResource(&models.User{}) + + // Hide the Password field in the QOR admin UI + userResource.EditAttrs("-Password") + userResource.NewAttrs("-Password") + userResource.ShowAttrs("-Password") // Add User and Device resources - Admin.AddResource(&models.User{}) + // Admin.AddResource(&models.User{}) Admin.AddResource(&models.Device{}) Admin.AddResource(&models.ProductTemplate{}) company.Meta(&admin.Meta{Name: "Users", Config: &admin.SelectManyConfig{SelectMode: "bottom_sheet"}}) diff --git a/models/company.go b/models/company.go index cc07a7c..3af45ad 100644 --- a/models/company.go +++ b/models/company.go @@ -20,6 +20,7 @@ type Company struct { Phone string `json:"phone"` Users []User `gorm:"many2many:user_companies;"` Devices []Device `json:"devices"` + IsBuyer bool `json:"isBuyer"` } type School struct { diff --git a/models/user.go b/models/user.go index f59e322..124a8cd 100644 --- a/models/user.go +++ b/models/user.go @@ -3,7 +3,7 @@ package models type User struct { BaseModel Username string `json:"username"` - Password string `json:"password"` + Password string `json:"-"` Email string `json:"email"` Avatar string `json:"avatar"` IsActive bool `json:"isActive" gorm:"default:false"` @@ -13,6 +13,11 @@ type User struct { LoginAttempts int `gorm:"default:0"` } +type LoginRequest struct { + Email string `json:"email"` + Password string `json:"password"` +} + type ResetPasswordRequest struct { Email string `json:"email"` }