114 lines
2.9 KiB
Go
114 lines
2.9 KiB
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"veola/internal/auth"
|
|
"veola/internal/models"
|
|
"veola/templates"
|
|
)
|
|
|
|
func (a *App) GetLogin(w http.ResponseWriter, r *http.Request) {
|
|
if auth.CurrentUserFromRequest(r) != nil {
|
|
http.Redirect(w, r, "/", http.StatusSeeOther)
|
|
return
|
|
}
|
|
render(w, r, templates.Login(templates.LoginData{
|
|
Page: a.page(r, "Sign in", ""),
|
|
}))
|
|
}
|
|
|
|
func (a *App) PostLogin(w http.ResponseWriter, r *http.Request) {
|
|
if err := r.ParseForm(); err != nil {
|
|
http.Error(w, "bad form", http.StatusBadRequest)
|
|
return
|
|
}
|
|
username := strings.TrimSpace(r.PostFormValue("username"))
|
|
password := r.PostFormValue("password")
|
|
u, err := a.Store.GetUserByUsername(r.Context(), username)
|
|
if err != nil || u == nil || !auth.CheckPassword(u.PasswordHash, password) {
|
|
render(w, r, templates.Login(templates.LoginData{
|
|
Page: a.page(r, "Sign in", ""),
|
|
Error: "Invalid username or password",
|
|
Username: username,
|
|
}))
|
|
return
|
|
}
|
|
if err := a.Auth.LogIn(r.Context(), u.ID); err != nil {
|
|
http.Error(w, "session error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
http.Redirect(w, r, "/", http.StatusSeeOther)
|
|
}
|
|
|
|
func (a *App) PostLogout(w http.ResponseWriter, r *http.Request) {
|
|
_ = a.Auth.LogOut(r.Context())
|
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
}
|
|
|
|
func (a *App) GetSetup(w http.ResponseWriter, r *http.Request) {
|
|
n, err := a.Store.UserCount(r.Context())
|
|
if err != nil {
|
|
http.Error(w, "db error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
if n > 0 {
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
render(w, r, templates.Setup(templates.SetupData{
|
|
Page: a.page(r, "Setup", ""),
|
|
}))
|
|
}
|
|
|
|
func (a *App) PostSetup(w http.ResponseWriter, r *http.Request) {
|
|
n, err := a.Store.UserCount(r.Context())
|
|
if err != nil {
|
|
http.Error(w, "db error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
if n > 0 {
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
if err := r.ParseForm(); err != nil {
|
|
http.Error(w, "bad form", http.StatusBadRequest)
|
|
return
|
|
}
|
|
username := strings.TrimSpace(r.PostFormValue("username"))
|
|
password := r.PostFormValue("password")
|
|
confirm := r.PostFormValue("password_confirm")
|
|
errMsg := ""
|
|
switch {
|
|
case username == "":
|
|
errMsg = "Username is required"
|
|
case len(password) < auth.MinPasswordLen:
|
|
errMsg = "Password must be at least 12 characters"
|
|
case password != confirm:
|
|
errMsg = "Passwords do not match"
|
|
}
|
|
if errMsg != "" {
|
|
render(w, r, templates.Setup(templates.SetupData{
|
|
Page: a.page(r, "Setup", ""),
|
|
Error: errMsg,
|
|
Username: username,
|
|
}))
|
|
return
|
|
}
|
|
hash, err := auth.HashPassword(password)
|
|
if err != nil {
|
|
http.Error(w, "hash error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
if _, err := a.Store.CreateUser(r.Context(), username, hash, models.RoleAdmin); err != nil {
|
|
render(w, r, templates.Setup(templates.SetupData{
|
|
Page: a.page(r, "Setup", ""),
|
|
Error: "Could not create user: " + err.Error(),
|
|
Username: username,
|
|
}))
|
|
return
|
|
}
|
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
}
|