49 lines
1.2 KiB
Go
49 lines
1.2 KiB
Go
package main
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
)
|
|
|
|
func (app *App) handleLogin(w http.ResponseWriter, r *http.Request) {
|
|
var body struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
|
writeError(w, "invalid request", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
user, hash, err := app.getUserByUsername(body.Username)
|
|
if err != nil {
|
|
writeError(w, "internal error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
if user == nil || !checkPassword(hash, body.Password) {
|
|
writeError(w, "invalid credentials", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
token, err := app.signToken(user)
|
|
if err != nil {
|
|
writeError(w, "token error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
writeJSON(w, map[string]any{"token": token, "user": user})
|
|
}
|
|
|
|
func (app *App) handleLogout(w http.ResponseWriter, r *http.Request) {
|
|
writeJSON(w, map[string]string{"ok": "logged out"})
|
|
}
|
|
|
|
func (app *App) handleMe(w http.ResponseWriter, r *http.Request) {
|
|
claims := claimsFromContext(r)
|
|
user, err := app.getUserByID(claims.UserID)
|
|
if err != nil || user == nil {
|
|
writeError(w, "not found", http.StatusNotFound)
|
|
return
|
|
}
|
|
writeJSON(w, user)
|
|
}
|