diff options
| author | xengineering <me@xengineering.eu> | 2026-05-24 14:12:03 +0200 |
|---|---|---|
| committer | xengineering <me@xengineering.eu> | 2026-05-24 14:45:33 +0200 |
| commit | 3b28132b56836d2f7bd3ce01430d334eb7bffa3b (patch) | |
| tree | 108025b93a270e5ba84aa7f6497b0b5d2d11e5e3 /handlers.go | |
| parent | d7d46df8c4d019be48f7aa0790aa8a2349e45e20 (diff) | |
| download | finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.tar finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.tar.zst finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.zip | |
Add POST /api/registration
This URL sets a random 32 octet token as cookie `token` in Base64
encoding.
The SHA256 hash of the binary token is written as response also in
Base64 encoding.
Diffstat (limited to 'handlers.go')
| -rw-r--r-- | handlers.go | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/handlers.go b/handlers.go index 141230d..f23171f 100644 --- a/handlers.go +++ b/handlers.go @@ -13,6 +13,7 @@ var frontendEmbed embed.FS func init() { router.HandleFunc("/api/version", version) + router.HandleFunc("/api/registration", registration).Methods("POST") // frontend must come last to make sure /api takes precedence frontend, err := fs.Sub(frontendEmbed, "build/frontend/public") @@ -25,3 +26,23 @@ func init() { func version(w http.ResponseWriter, r *http.Request) { fmt.Fprint(w, versionTxt) } + +func registration(w http.ResponseWriter, r *http.Request) { + token, err := NewToken() + if err != nil { + http.Error(w, "Failed to generate token.", http.StatusInternalServerError) + return + } + + cookie := http.Cookie{ + Name: "token", + Value: token.Private(), + HttpOnly: true, + Secure: true, + SameSite: http.SameSiteStrictMode, + } + + http.SetCookie(w, &cookie) + + fmt.Fprintf(w, "%s\n", token.Public()) +} |