tulip/server/login.go

74 lines
1.9 KiB
Go
Raw Normal View History

package server
import (
"database/sql"
"errors"
"github.com/1f349/tulip/database"
"github.com/1f349/tulip/pages"
"github.com/google/uuid"
"github.com/julienschmidt/httprouter"
"golang.org/x/crypto/bcrypt"
"net/http"
"net/url"
)
func (h *HttpServer) LoginGet(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
if !auth.IsGuest() {
h.SafeRedirect(rw, req)
return
}
rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "login", map[string]any{
"ServiceName": h.serviceName,
"Redirect": req.URL.Query().Get("redirect"),
})
}
func (h *HttpServer) LoginPost(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
un := req.FormValue("username")
pw := req.FormValue("password")
var userSub uuid.UUID
var hasOtp bool
if h.DbTx(rw, func(tx *database.Tx) error {
loginUser, hasOtpRaw, err := tx.CheckLogin(un, pw)
if err != nil {
if errors.Is(err, sql.ErrNoRows) || errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
http.Redirect(rw, req, "/login?mismatch=1", http.StatusFound)
return nil
}
http.Error(rw, "Internal server error", http.StatusInternalServerError)
return err
}
userSub = loginUser.Sub
hasOtp = hasOtpRaw
return nil
}) {
return
}
// only continues if the above tx succeeds
auth.Data = SessionData{
ID: userSub,
NeedOtp: hasOtp,
}
if auth.SaveSessionData() != nil {
http.Error(rw, "Failed to save session", http.StatusInternalServerError)
return
}
if hasOtp {
originUrl, err := url.Parse(req.FormValue("redirect"))
if err != nil {
http.Error(rw, "400 Bad Request: Invalid redirect URL", http.StatusBadRequest)
return
}
redirectUrl := PrepareRedirectUrl("/login/otp", originUrl)
http.Redirect(rw, req, redirectUrl.String(), http.StatusFound)
return
}
h.SafeRedirect(rw, req)
}