From f03e4eae659e3cf76ba39a688651d061aee52100 Mon Sep 17 00:00:00 2001
From: Teajey <21069848+Teajey@users.noreply.github.com>
Date: Wed, 8 May 2024 01:11:40 +1200
Subject: [PATCH] fix: check user exists on login

---
 auth/login.go | 2 +-
 main.go       | 3 ---
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/auth/login.go b/auth/login.go
index dc02f63..279dad9 100644
--- a/auth/login.go
+++ b/auth/login.go
@@ -19,7 +19,7 @@ func (auth *AuthMiddleware) LoginPost(w http.ResponseWriter, r *http.Request) {
 	password := r.Form.Get("password")
 
 	user, err := db.GetUserByName(username)
-	if err != nil {
+	if user == nil || err != nil {
 		time.Sleep(time.Second)
 		http.Error(w, "Username or password invalid", http.StatusUnauthorized)
 		return
diff --git a/main.go b/main.go
index 2f13e14..0a19d85 100644
--- a/main.go
+++ b/main.go
@@ -41,9 +41,6 @@ func main() {
 	protectedMux.HandleFunc("POST /wishlist/delete", ctx.WishlistDelete)
 	protectedMux.HandleFunc("POST /logout", authMiddleware.LogoutPost)
 
-	// TODO: Remove me
-	protectedMux.HandleFunc("GET /logout", authMiddleware.LogoutPost)
-
 	http.Handle("/", authMiddleware)
 
 	http.ListenAndServe(":4000", nil)