cabinet/web/auth.go

106 lines
1.9 KiB
Go

package web
import (
"encoding/json"
"fmt"
"net/http"
"code.chrissexton.org/cws/cabinet/auth"
"code.chrissexton.org/cws/cabinet/config"
"github.com/rs/zerolog/log"
)
func (web *Web) auth(w http.ResponseWriter, r *http.Request) {
req := struct {
Username string
Password string
}{}
dec := json.NewDecoder(r.Body)
err := dec.Decode(&req)
if err != nil {
log.Error().Err(err).Msg("Error decoding json request")
w.WriteHeader(500)
fmt.Fprint(w, err)
return
}
user, err := auth.Get(web.db, req.Username)
if err != nil {
w.WriteHeader(401)
resp := struct {
Status bool
Err string
}{
false,
"User and password combination is invalid",
}
j, err := json.Marshal(resp)
if err != nil {
w.WriteHeader(500)
log.Error().Err(err).Msg("Error encoding json response")
return
}
w.Write(j)
return
}
if user.Validate(req.Password) {
resp := struct {
Status bool
User auth.User
}{
true,
*user,
}
j, err := json.Marshal(resp)
if err != nil {
w.WriteHeader(500)
log.Error().Err(err).Msg("Error encoding json response")
return
}
w.WriteHeader(200)
w.Write(j)
return
}
w.WriteHeader(401)
resp := struct {
Status bool
Message string
}{Message: "incorrect credentials"}
j, err := json.Marshal(resp)
if err != nil {
w.WriteHeader(500)
log.Error().Err(err).Msg("Error encoding json response")
return
}
w.Write(j)
}
func (web *Web) newUser(w http.ResponseWriter, r *http.Request) {
secret := r.Header.Get("X-secret")
if secret != config.Get("secret", "abc123") {
w.WriteHeader(401)
return
}
dec := json.NewDecoder(r.Body)
req := struct {
Username string
Password string
}{}
err := dec.Decode(&req)
if err != nil {
w.WriteHeader(500)
fmt.Fprint(w, err)
return
}
_, err = auth.New(web.db, req.Username, req.Password)
if err != nil {
w.WriteHeader(500)
fmt.Fprint(w, err)
log.Error().Err(err).Msg("Could not create user")
return
}
w.WriteHeader(200)
}