create password auth skeleton

2025-03-30 20:54:41 -04:00
parent cd4ebf9dc7
commit 824ca781d4
4 changed files with 95 additions and 17 deletions
--- a/api/api.go
+++ b/api/api.go
@@ -53,7 +53,14 @@ func Start() {
 			r.Use(UserCtx) // Load user
 			r.Get("/", GetUser)
 		})
-		r.Post("/new", NewUser)
+	})
 	r.Route("/login", func(r chi.Router) {
 		r.Post("/", Login)
 	})
 	r.Route("/register", func(r chi.Router) {
 		r.Post("/", NewUser)
 	})
 	if *routes {
--- a/api/db.go
+++ b/api/db.go
@@ -21,6 +21,27 @@ func dbGetUser(id string) (*User, error) {
 			return &User{
 				ID:       user["ID"].(string),
 				Name:     user["Name"].(string),
 				Password: user["Password"].(string),
 			}, nil
 		}
 	}
 	return nil, errors.New("User not found")
 }
 func dbGetUserByName(username string) (*User, error) {
 	data := db.ExecDB("users")
 	if data == nil {
 		return nil, errors.New("failed to load users database")
 	}
 	users := data["users"].([]interface{})
 	for _, u := range users {
 		user := u.(map[string]interface{})
 		if user["Name"].(string) == username {
 			return &User{
 				ID:       user["ID"].(string),
 				Name:     user["Name"].(string),
 				Password: user["Password"].(string),
 			}, nil
 		}
 	}
@@ -135,6 +156,7 @@ func dbAddUser(user *User) error {
 	dbUser := map[string]interface{}{
 		"ID":       user.ID,
 		"Name":     user.Name,
 		"Password": user.Password,
 	}
 	users = append(users, dbUser)
--- a/api/user.go
+++ b/api/user.go
@@ -7,6 +7,7 @@ import (
 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/render"
 	"github.com/google/uuid"
 	"golang.org/x/crypto/bcrypt"
 )
 func UserCtx(next http.Handler) http.Handler {
@@ -67,10 +68,17 @@ func NewUser(w http.ResponseWriter, r *http.Request) {
 	}
 	newUserName := r.FormValue("name")
 	password := r.FormValue("password")
 	if newUserName == "" || password == "" {
 		http.Error(w, "Username and password cannot be empty", http.StatusBadRequest)
 		return
 	}
 	hashedPassword, err := hashPassword(password)
 	newUser := User{
 		ID:       newUserID(),
 		Name:     newUserName,
 		Password: hashedPassword,
 	}
 	err = dbAddUser(&newUser)
@@ -82,15 +90,54 @@ func NewUser(w http.ResponseWriter, r *http.Request) {
 	render.Render(w, r, NewUserPayloadResponse(&newUser))
 }
 func Login(w http.ResponseWriter, r *http.Request) {
 	err := r.ParseMultipartForm(64 << 10)
 	if err != nil {
 		http.Error(w, "Unable to parse form", http.StatusBadRequest)
 		return
 	}
 	username := r.FormValue("name")
 	password := r.FormValue("password")
 	if username == "" || password == "" {
 		http.Error(w, "Username and password cannot be empty", http.StatusBadRequest)
 		return
 	}
 	user, err := dbGetUserByName(username)
 	if err != nil {
 		http.Error(w, "Invalid username or password", http.StatusUnauthorized)
 		return
 	}
 	err = validatePassword(user.Password, password)
 	if err != nil {
 		http.Error(w, "Invalid username or password", http.StatusUnauthorized)
 		return
 	}
 	w.Write([]byte("Login successful"))
 }
 func (u *UserPayload) Render(w http.ResponseWriter, r *http.Request) error {
 	return nil
 }
 func hashPassword(password string) (string, error) {
 	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	return string(hashedPassword), err
 }
 func validatePassword(hashedPassword, password string) error {
 	return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
 }
 type userKey struct{}
 type User struct {
 	ID       string `json:"id"`
 	Name     string `json:"name"`
 	Password string `json:"-"`
 }
 type UserPayload struct {
--- a/test_data/users.json
+++ b/test_data/users.json
@@ -1,10 +1,12 @@
 [
  {
    "ID": "user_8d7cd2ed-0aa2-4810-a172-42dd58563a54",
-        "Name": "duby"
+    "Name": "duby",
    "Password": "$2a$10$fYKgHJRgR6hJl9VAAu4HPeeyTbDP3UCxiAxZMMKDL8A0ya0Sdg.pq"
  },
  {
    "ID": "user_63dac6ad-f255-4af8-a057-4b064a982a84",
-        "Name": "astolfo"
+    "Name": "astolfo",
    "Password": "$2a$10$ryzbb6l/hkZH6wwtdLdbYew3R1ug4O3tdHi4581WQHui8JKSPFqSu"
  }
 ]