50 lines
1.2 KiB
Go
50 lines
1.2 KiB
Go
package auth
|
|
|
|
import (
|
|
"lishwist/db"
|
|
"lishwist/types"
|
|
"log"
|
|
"net/http"
|
|
"time"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
func (auth *AuthMiddleware) LoginPost(w http.ResponseWriter, r *http.Request) {
|
|
if err := r.ParseForm(); err != nil {
|
|
http.Error(w, "Couldn't parse form", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
username := r.Form.Get("username")
|
|
password := r.Form.Get("password")
|
|
|
|
user, ok := db.Get("user:" + username).(types.UserData)
|
|
if !ok {
|
|
time.Sleep(2 * time.Second)
|
|
http.Error(w, "Username or password invalid", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
err := bcrypt.CompareHashAndPassword(user.PassHash, []byte(password))
|
|
if err != nil {
|
|
http.Error(w, "Username or password invalid", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
session, err := auth.Store.Get(r, "lishwist_user")
|
|
if err != nil {
|
|
http.Error(w, "Something went wrong. Error code: Sokka", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
session.Values["authorized"] = true
|
|
session.Values["username"] = username
|
|
if err := session.Save(r, w); err != nil {
|
|
log.Println("Couldn't save session:", err)
|
|
http.Error(w, "Something went wrong. Error code: Zuko", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
http.Redirect(w, r, r.URL.Path, http.StatusSeeOther)
|
|
}
|