diff options
| author | Santo Cariotti <santo@dcariotti.me> | 2025-04-03 12:36:34 +0200 |
|---|---|---|
| committer | Santo Cariotti <santo@dcariotti.me> | 2025-04-03 12:36:34 +0200 |
| commit | 0d987f5c97cc8c0e205193ef8c67745ac981d5bf (patch) | |
| tree | 8cee10db15c6b36abee89663fe1c7159a6b4d658 /api/handlers/handlers.go | |
| parent | a9b84f3f3b1d92335188d43048587e32e0921079 (diff) | |
Fix login and register
Diffstat (limited to 'api/handlers/handlers.go')
| -rw-r--r-- | api/handlers/handlers.go | 44 |
1 files changed, 33 insertions, 11 deletions
diff --git a/api/handlers/handlers.go b/api/handlers/handlers.go index 7d5fd10..cc7a9d9 100644 --- a/api/handlers/handlers.go +++ b/api/handlers/handlers.go @@ -2,44 +2,66 @@ package handlers import ( "encoding/json" + "log/slog" "net/http" "github.com/boozec/rahanna/api/auth" "github.com/boozec/rahanna/api/database" + utils "github.com/boozec/rahanna/pkg" "golang.org/x/crypto/bcrypt" ) func RegisterUser(w http.ResponseWriter, r *http.Request) { + slog.Info("POST /register") var user database.User err := json.NewDecoder(r.Body).Decode(&user) if err != nil { - http.Error(w, err.Error(), http.StatusBadRequest) + utils.JsonError(&w, err.Error()) + return + } + + if len(user.Password) < 4 { + utils.JsonError(&w, "password too short") + return + } + + var storedUser database.User + db, _ := database.GetDb() + result := db.Where("username = ?", user.Username).First(&storedUser) + + if result.Error == nil { + utils.JsonError(&w, "user with this username already exists") return } hashedPassword, err := bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost) if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) + utils.JsonError(&w, err.Error()) return } user.Password = string(hashedPassword) - db, _ := database.GetDb() - - result := db.Create(&user) + result = db.Create(&user) if result.Error != nil { - http.Error(w, result.Error.Error(), http.StatusInternalServerError) + utils.JsonError(&w, result.Error.Error()) + return + } + + token, err := auth.GenerateJWT(user.ID) + if err != nil { + utils.JsonError(&w, err.Error()) return } - w.WriteHeader(http.StatusCreated) + json.NewEncoder(w).Encode(map[string]string{"token": token}) } func LoginUser(w http.ResponseWriter, r *http.Request) { + slog.Info("POST /login") var inputUser database.User err := json.NewDecoder(r.Body).Decode(&inputUser) if err != nil { - http.Error(w, err.Error(), http.StatusBadRequest) + utils.JsonError(&w, err.Error()) return } @@ -48,19 +70,19 @@ func LoginUser(w http.ResponseWriter, r *http.Request) { db, _ := database.GetDb() result := db.Where("username = ?", inputUser.Username).First(&storedUser) if result.Error != nil { - http.Error(w, "Invalid credentials", http.StatusUnauthorized) + utils.JsonError(&w, "invalid credentials") return } err = bcrypt.CompareHashAndPassword([]byte(storedUser.Password), []byte(inputUser.Password)) if err != nil { - http.Error(w, "Invalid credentials", http.StatusUnauthorized) + utils.JsonError(&w, "invalid credentials") return } token, err := auth.GenerateJWT(storedUser.ID) if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) + utils.JsonError(&w, err.Error()) return } |