pye/auth.go

79 lines
2 KiB
Go
Raw Normal View History

2024-10-11 11:38:08 +03:00
package main
import (
2024-10-11 23:57:57 +03:00
"log/slog"
2024-10-11 11:38:08 +03:00
"net/http"
"net/mail"
"strings"
)
func ValidEmail(email string) bool {
_, err := mail.ParseAddress(email)
return err == nil
}
func ValidPass(pass string) bool {
2024-10-12 09:55:58 +03:00
// TODO: Obviously, we *might* want something more sophisticated here
return true
//return len(pass) >= 8
2024-10-11 11:38:08 +03:00
}
2024-10-11 23:57:57 +03:00
func EmailTaken(email string) bool {
// TODO: Implement properly
return EmailExists(email)
2024-10-11 11:38:08 +03:00
}
func Register(w http.ResponseWriter, r *http.Request) {
email, password, ok := r.BasicAuth()
2024-10-12 09:55:58 +03:00
if ok {
2024-10-11 11:38:08 +03:00
email = strings.TrimSpace(email)
password = strings.TrimSpace(password)
2024-10-12 09:55:58 +03:00
if !(ValidEmail(email) && ValidPass(password) && !EmailTaken(email)) {
2024-10-11 11:38:08 +03:00
// TODO: Provide descriptive error and check if 400 is best code?
2024-10-12 09:55:58 +03:00
slog.Info("Outcome",
"email", ValidEmail(email),
"pass", ValidPass(password),
"taken", !EmailTaken(email))
2024-10-11 11:38:08 +03:00
http.Error(w, "Invalid auth credentials", http.StatusBadRequest)
2024-10-11 23:57:57 +03:00
return
2024-10-11 11:38:08 +03:00
}
2024-10-11 23:57:57 +03:00
user, err := NewUser(email, password)
if err != nil {
2024-10-12 09:55:58 +03:00
slog.Error("error creating a new user", "error", err)
2024-10-11 23:57:57 +03:00
}
2024-10-12 09:55:58 +03:00
slog.Info("user", "user", user)
2024-10-11 23:57:57 +03:00
AddUser(user)
2024-10-12 09:55:58 +03:00
w.WriteHeader(http.StatusCreated)
w.Write([]byte("User created"))
return
2024-10-11 11:38:08 +03:00
}
// No email and password was provided
w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
http.Error(w, "This API requires authorization", http.StatusUnauthorized)
}
2024-10-11 23:57:57 +03:00
func Login(w http.ResponseWriter, r *http.Request) {
email, password, ok := r.BasicAuth()
2024-10-12 09:55:58 +03:00
if ok {
2024-10-11 23:57:57 +03:00
email = strings.TrimSpace(email)
password = strings.TrimSpace(password)
user, ok := ByEmail(email)
if !ok || !user.PasswordFits(password) {
http.Error(w, "You did something wrong", http.StatusUnauthorized)
return
}
2024-10-12 09:55:58 +03:00
s, err := CreateJWT(user)
if err != nil {
http.Error(w, "error creating jwt", http.StatusInternalServerError)
return
}
w.Write([]byte(s))
return
2024-10-11 23:57:57 +03:00
}
// No email and password was provided
w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
http.Error(w, "This API requires authorization", http.StatusUnauthorized)
2024-10-12 09:55:58 +03:00
}