some golfing, start on registration

trunk
vilmibm 2022-04-24 12:33:19 -05:00
parent c2b26da9fc
commit 44343a429e
1 changed files with 42 additions and 21 deletions

View File

@ -193,33 +193,54 @@ func setupAPI(opts Opts) {
}) })
})) }))
http.HandleFunc("/check_auth", handler(opts, func(w http.ResponseWriter, req *http.Request) { badMethod := func(w http.ResponseWriter) {
if req.Method != "POST" {
writeErrorResponse(w, 400, BBJResponse{ writeErrorResponse(w, 400, BBJResponse{
Error: true, Error: true,
Data: "bad method", Data: "bad method",
}) })
return
} }
type args struct { invalidArgs := func(w http.ResponseWriter) {
TargetUser string `json:"target_user"`
TargetHash string `json:"target_hash"`
}
var a args
err := json.NewDecoder(req.Body).Decode(&a)
if err != nil {
writeErrorResponse(w, 400, BBJResponse{ writeErrorResponse(w, 400, BBJResponse{
Error: true, Error: true,
Data: "invalid arguments", Data: "invalid args",
}) })
}
type AuthArgs struct {
Username string `json:"target_user"`
AuthHash string `json:"target_hash"`
}
http.HandleFunc("/user_register", handler(opts, func(w http.ResponseWriter, req *http.Request) {
if req.Method != "POST" {
badMethod(w)
return return
} }
opts.Logf("got %s %s", a.TargetUser, a.TargetHash) var args AuthArgs
if err := json.NewDecoder(req.Body).Decode(&args); err != nil {
invalidArgs(w)
return
}
// TODO check if user exists
// TODO compare hash
}))
http.HandleFunc("/check_auth", handler(opts, func(w http.ResponseWriter, req *http.Request) {
if req.Method != "POST" {
badMethod(w)
return
}
var args AuthArgs
if err := json.NewDecoder(req.Body).Decode(&args); err != nil {
invalidArgs(w)
return
}
opts.Logf("got %s %s", args.Username, args.AuthHash)
db := opts.DB db := opts.DB
@ -240,7 +261,7 @@ func setupAPI(opts Opts) {
defer stmt.Close() defer stmt.Close()
var authHash string var authHash string
err = stmt.QueryRow(a.TargetUser).Scan(&authHash) err = stmt.QueryRow(args.Username).Scan(&authHash)
if err != nil { if err != nil {
if strings.Contains(err.Error(), "no rows in result") { if strings.Contains(err.Error(), "no rows in result") {
opts.Logf("user not found") opts.Logf("user not found")
@ -260,7 +281,7 @@ func setupAPI(opts Opts) {
// TODO unique constraint on user_name // TODO unique constraint on user_name
if authHash != a.TargetHash { if authHash != args.AuthHash {
http.Error(w, "incorrect password", 403) http.Error(w, "incorrect password", 403)
writeErrorResponse(w, 403, BBJResponse{ writeErrorResponse(w, 403, BBJResponse{
Error: true, Error: true,