pye/auth.go

package main

import (
	"log/slog"
	"net/http"
	"net/mail"
	"strings"
)

func ValidEmail(email string) bool {
	_, err := mail.ParseAddress(email)
	return err == nil
}
func ValidPass(pass string) bool {
	// TODO: Obviously, we *might* want something more sophisticated here
	return len(pass) >= 8
}
func EmailTaken(email string) bool {
	// FIXME: Implement properly
	return EmailExists(email)
}
func Register(w http.ResponseWriter, r *http.Request) {
	email, password, ok := r.BasicAuth()

	if ok {
		email = strings.TrimSpace(email)
		password = strings.TrimSpace(password)
		if !(ValidEmail(email) && ValidPass(password) && !EmailTaken(email)) {
			slog.Info("Outcome",
				"email", ValidEmail(email),
				"pass", ValidPass(password),
				"taken", !EmailTaken(email))
			http.Error(w, "invalid auth credentials", http.StatusBadRequest)
			return
		}
		user, err := NewUser(email, password)
		if err != nil {
			slog.Error("error creating a new user", "error", err)
		}
		slog.Info("user", "user", user)
		AddUser(user)
		w.WriteHeader(http.StatusCreated)
		w.Write([]byte("User created"))
		return
	}

	// No email and password was provided
	w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
	http.Error(w, "This API requires authorization", http.StatusUnauthorized)
}

func Login(w http.ResponseWriter, r *http.Request) {
	email, password, ok := r.BasicAuth()

	if ok {
		email = strings.TrimSpace(email)
		password = strings.TrimSpace(password)
		user, ok := ByEmail(email)
		if !ok || !user.PasswordFits(password) {
			http.Error(w, "you did something wrong", http.StatusUnauthorized)
			return
		}

		s, err := CreateJWT(user)
		if err != nil {
			http.Error(w, "error creating jwt", http.StatusInternalServerError)
			return
		}
		w.Write([]byte(s))
		return
	}

	// No email and password was provided
	w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
	http.Error(w, "This API requires authorization", http.StatusUnauthorized)
}
Initial commit 2024-10-11 11:38:08 +03:00			`package main`

			`import (`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`"log/slog"`
Initial commit 2024-10-11 11:38:08 +03:00			`"net/http"`
			`"net/mail"`
			`"strings"`
			`)`

			`func ValidEmail(email string) bool {`
			`_, err := mail.ParseAddress(email)`
			`return err == nil`
			`}`
			`func ValidPass(pass string) bool {`
Implement basic API 2024-10-12 09:55:58 +03:00			`// TODO: Obviously, we might want something more sophisticated here`
Move to RSA and add verification 2024-10-12 16:59:47 +03:00			`return len(pass) >= 8`
Initial commit 2024-10-11 11:38:08 +03:00			`}`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`func EmailTaken(email string) bool {`
Move to RSA and add verification 2024-10-12 16:59:47 +03:00			`// FIXME: Implement properly`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`return EmailExists(email)`
Initial commit 2024-10-11 11:38:08 +03:00			`}`
			`func Register(w http.ResponseWriter, r *http.Request) {`
			`email, password, ok := r.BasicAuth()`

Implement basic API 2024-10-12 09:55:58 +03:00			`if ok {`
Initial commit 2024-10-11 11:38:08 +03:00			`email = strings.TrimSpace(email)`
			`password = strings.TrimSpace(password)`
Implement basic API 2024-10-12 09:55:58 +03:00			`if !(ValidEmail(email) && ValidPass(password) && !EmailTaken(email)) {`
			`slog.Info("Outcome",`
			`"email", ValidEmail(email),`
			`"pass", ValidPass(password),`
			`"taken", !EmailTaken(email))`
Move to RSA and add verification 2024-10-12 16:59:47 +03:00			`http.Error(w, "invalid auth credentials", http.StatusBadRequest)`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`return`
Initial commit 2024-10-11 11:38:08 +03:00			`}`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`user, err := NewUser(email, password)`
			`if err != nil {`
Implement basic API 2024-10-12 09:55:58 +03:00			`slog.Error("error creating a new user", "error", err)`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`}`
Implement basic API 2024-10-12 09:55:58 +03:00			`slog.Info("user", "user", user)`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`AddUser(user)`
Implement basic API 2024-10-12 09:55:58 +03:00			`w.WriteHeader(http.StatusCreated)`
			`w.Write([]byte("User created"))`
			`return`
Initial commit 2024-10-11 11:38:08 +03:00			`}`

			`// No email and password was provided`
			w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
			`http.Error(w, "This API requires authorization", http.StatusUnauthorized)`
			`}`
Add encryption experiments 2024-10-11 23:57:57 +03:00
			`func Login(w http.ResponseWriter, r *http.Request) {`
			`email, password, ok := r.BasicAuth()`

Implement basic API 2024-10-12 09:55:58 +03:00			`if ok {`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`email = strings.TrimSpace(email)`
			`password = strings.TrimSpace(password)`
			`user, ok := ByEmail(email)`
			`if !ok \|\| !user.PasswordFits(password) {`
Move to RSA and add verification 2024-10-12 16:59:47 +03:00			`http.Error(w, "you did something wrong", http.StatusUnauthorized)`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`return`
			`}`
Implement basic API 2024-10-12 09:55:58 +03:00
			`s, err := CreateJWT(user)`
			`if err != nil {`
			`http.Error(w, "error creating jwt", http.StatusInternalServerError)`
			`return`
			`}`
			`w.Write([]byte(s))`
			`return`
Add encryption experiments 2024-10-11 23:57:57 +03:00			`}`

			`// No email and password was provided`
			w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
			`http.Error(w, "This API requires authorization", http.StatusUnauthorized)`
Implement basic API 2024-10-12 09:55:58 +03:00			`}`