diff options
Diffstat (limited to 'internal/handlers/auth.go')
| -rw-r--r-- | internal/handlers/auth.go | 56 |
1 files changed, 52 insertions, 4 deletions
diff --git a/internal/handlers/auth.go b/internal/handlers/auth.go index e7eca50..0287960 100644 --- a/internal/handlers/auth.go +++ b/internal/handlers/auth.go @@ -11,6 +11,8 @@ import ( "net/http" "strings" "time" + + "golang.org/x/crypto/bcrypt" ) func abortWithError(w http.ResponseWriter, msg string) { @@ -18,7 +20,7 @@ func abortWithError(w http.ResponseWriter, msg string) { tmpl.ExecuteTemplate(w, "error", msg) } -func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { +func (h *Handlers) HandleSignup(w http.ResponseWriter, r *http.Request) { r.ParseForm() username := r.PostFormValue("username") if username == "" { @@ -34,7 +36,24 @@ func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { abortWithError(w, msg) return } + // TODO: make sure username does not exists cleanName := utils.RemoveSpacesFromStr(username) + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 8) + // create user in db + now := time.Now() + nextMidnight := time.Date(now.Year(), now.Month(), now.Day(), + 0, 0, 0, 0, time.UTC).Add(time.Hour * 24) + newUser := &models.UserScore{ + Username: cleanName, Password: string(hashedPassword), + BurnTime: nextMidnight, CreatedAt: now, + } + if err := h.repo.DBUserScoreCreate(newUser); err != nil { + msg := "failed to create user" + h.log.Error(msg, "user", newUser) + abortWithError(w, msg) + return + } + // TODO: login user cookie, err := h.makeCookie(cleanName, r.RemoteAddr) if err != nil { h.log.Error("failed to login", "error", err) @@ -47,12 +66,33 @@ func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { if err != nil { panic(err) } + tmpl.ExecuteTemplate(w, "main", newUser) +} + +func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { + r.ParseForm() + username := r.PostFormValue("username") + if username == "" { + msg := "username not provided" + h.log.Error(msg) + abortWithError(w, msg) + return + } + password := r.PostFormValue("password") + if password == "" { + msg := "password not provided" + h.log.Error(msg) + abortWithError(w, msg) + return + } + cleanName := utils.RemoveSpacesFromStr(username) + tmpl, err := template.ParseGlob("components/*.html") + if err != nil { + panic(err) + } userScore, err := h.repo.DBUserScoreGet(cleanName) if err != nil { h.log.Warn("got db err", "err", err) - if err := h.repo.DBUserScoreCreate(&us); err != nil { - panic(err) - } tmpl.ExecuteTemplate(w, "main", nil) return } @@ -60,6 +100,14 @@ func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { if err != nil { panic(err) } + cookie, err := h.makeCookie(cleanName, r.RemoteAddr) + if err != nil { + h.log.Error("failed to login", "error", err) + abortWithError(w, err.Error()) + return + } + http.SetCookie(w, cookie) + // http.Redirect(w, r, "/", 302) tmpl.ExecuteTemplate(w, "main", userScore) } |