package web import ( "encoding/json" "fmt" "net/http" "code.chrissexton.org/cws/cabinet/auth" "code.chrissexton.org/cws/cabinet/config" "github.com/rs/zerolog/log" ) func (web *Web) auth(w http.ResponseWriter, r *http.Request) { name := r.Header.Get("X-user-name") password := r.Header.Get("X-user-password") user, err := auth.Get(web.db, name) if err != nil { w.WriteHeader(500) return } if user.Validate(password) { resp := struct { Status bool User auth.User }{ true, *user, } j, err := json.Marshal(resp) if err != nil { w.WriteHeader(500) log.Error().Err(err).Msg("Error encoding json response") return } w.WriteHeader(200) w.Write(j) return } w.WriteHeader(401) resp := struct { Status bool Message string }{Message: "incorrect credentials"} j, err := json.Marshal(resp) if err != nil { w.WriteHeader(500) log.Error().Err(err).Msg("Error encoding json response") return } w.Write(j) } func (web *Web) newUser(w http.ResponseWriter, r *http.Request) { secret := r.Header.Get("X-secret") if secret != config.Get("secret", "abc123") { w.WriteHeader(401) return } dec := json.NewDecoder(r.Body) req := struct { Username string Password string }{} err := dec.Decode(&req) if err != nil { w.WriteHeader(500) fmt.Fprint(w, err) return } _, err = auth.New(web.db, req.Username, req.Password) if err != nil { w.WriteHeader(500) fmt.Fprint(w, err) log.Error().Err(err).Msg("Could not create user") return } w.WriteHeader(200) }