syketag/syketagCompliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1eac72b3cdb17b195394b945e05d45aa24d64738
syketagCompliance/cmd/server/login.go
T
admin 1eac72b3cd Initial commit
2026-05-12 15:40:22 -06:00

79 lines
2.1 KiB
Go
Raw Blame History

package main
import (
"encoding/json"
"errors"
"net/http"
"time"
"logjensticks/internal/auth"
"logjensticks/internal/db"
)
type loginRequest struct {
Username string `json:"username"`
Password string `json:"password"`
}
func handleLogin(dbc *db.Client, secureCookie bool) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", "method not allowed")
return
}
var req loginRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil || req.Username == "" || req.Password == "" {
writeError(w, http.StatusBadRequest, "BAD_REQUEST", "username and password required")
return
}
token, session, err := auth.Login(r.Context(), dbc, req.Username, req.Password)
if errors.Is(err, auth.ErrInvalidCredentials) {
writeError(w, http.StatusUnauthorized, "INVALID_CREDENTIALS", "invalid username or password")
return
}
if err != nil {
writeError(w, http.StatusInternalServerError, "SERVER_ERROR", "internal server error")
return
}
http.SetCookie(w, &http.Cookie{
Name: auth.CookieName,
Value: token,
Path: "/",
HttpOnly: true,
Secure: secureCookie,
SameSite: http.SameSiteStrictMode,
MaxAge: int(db.SessionTTL / time.Second),
})
writeSuccess(w, http.StatusOK, map[string]string{"role": session.Role})
}
}
func handleLogout(dbc *db.Client, secureCookie bool) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", "method not allowed")
return
}
if cookie, err := r.Cookie(auth.CookieName); err == nil {
auth.DeleteSession(r.Context(), dbc, cookie.Value)
}
http.SetCookie(w, &http.Cookie{
Name: auth.CookieName,
Value: "",
Path: "/",
HttpOnly: true,
Secure: secureCookie,
SameSite: http.SameSiteStrictMode,
MaxAge: -1,
})
writeSuccess(w, http.StatusOK, nil)
}
}
Reference in New Issue View Git Blame Copy Permalink