flounder

A simple gemini site builder
Log | Files | Refs | README | LICENSE

commit f7d80c2a661b1b8f7717b743082d263952667591
parent 1c780cf98187163d3149ff1a98f04c9657bd69e5
Author: alex wennerberg <alex@alexwennerberg.com>
Date:   Sat, 24 Oct 2020 13:28:01 -0700

add basic login function

Diffstat:
Dauth.go | 43-------------------------------------------
Mhttp.go | 13++++++-------
2 files changed, 6 insertions(+), 50 deletions(-)

diff --git a/auth.go b/auth.go @@ -1,43 +0,0 @@ -package main - -import ( - "bufio" - "fmt" - "golang.org/x/crypto/bcrypt" - "os" - "strings" -) - -func addUser(username string, password string) error { - file, err := os.OpenFile(c.PasswdFile, os.O_APPEND|os.O_CREATE, 0644) - if err != nil { - return err - } - defer file.Close() - hash, err := bcrypt.GenerateFromPassword([]byte(password), -1) - if err != nil { - return err - } - newUser := fmt.Sprintf("%s:%s\n", username, hash) - file.WriteString(newUser) - return nil -} -func checkAuth(username string, password string) error { - file, err := os.OpenFile(c.PasswdFile, os.O_CREATE, 0644) - if err != nil { - return err - } - defer file.Close() - scanner := bufio.NewScanner(file) - for scanner.Scan() { - line := scanner.Text() - parts := strings.Split(line, ":") - if len(parts) != 2 { - return fmt.Errorf("malformed line, no colon: %s", line) - } - if username == parts[0] { - return bcrypt.CompareHashAndPassword([]byte(parts[1]), []byte(password)) - } - } - return fmt.Errorf("User not found") -} diff --git a/http.go b/http.go @@ -192,10 +192,13 @@ func loginHandler(w http.ResponseWriter, r *http.Request) { r.ParseForm() name := r.Form.Get("username") password := r.Form.Get("password") - err := checkAuth(name, password) - if err == nil { + row := DB.QueryRow("SELECT password_hash FROM user where username = $1", name) + var db_password []byte + _ = row.Scan(&db_password) + if bcrypt.CompareHashAndPassword(db_password, []byte(password)) == nil { log.Println("logged in") - // redirect home + // create session + http.Redirect(w, r, "/", 302) } else { data := struct { Error string @@ -208,10 +211,6 @@ func loginHandler(w http.ResponseWriter, r *http.Request) { return } } - // create session - // redirect home - // verify login - // check for errors } }