diff options
| author | xengineering <me@xengineering.eu> | 2026-06-27 20:47:36 +0200 |
|---|---|---|
| committer | xengineering <me@xengineering.eu> | 2026-06-27 20:47:36 +0200 |
| commit | ea4bd88963724c13f7b906d856af2d1c715fc056 (patch) | |
| tree | fac5e3a690353b8124df28b4ff6be221bb0046a3 /handlers.go | |
| parent | 485fb6556eed127c59e52915ec2984ee84c8210b (diff) | |
| download | finserv-ea4bd88963724c13f7b906d856af2d1c715fc056.tar finserv-ea4bd88963724c13f7b906d856af2d1c715fc056.tar.zst finserv-ea4bd88963724c13f7b906d856af2d1c715fc056.zip | |
Add core functionality of /api/authenticate
This handler now actually validates the username and password and
returns a matching HTTP response code.
Diffstat (limited to 'handlers.go')
| -rw-r--r-- | handlers.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/handlers.go b/handlers.go index ceeb79a..0ff2f26 100644 --- a/handlers.go +++ b/handlers.go @@ -45,7 +45,7 @@ func ApiAuthentication(db *sql.DB) http.Handler { err := dec.Decode(&data) if err != nil { - log.Printf("Failed to decode: %v", err) + log.Printf("Failed to decode: %v.", err) w.WriteHeader(http.StatusBadRequest) return } @@ -61,5 +61,12 @@ func ApiAuthentication(db *sql.DB) http.Handler { w.WriteHeader(http.StatusBadRequest) return } + + err = Authenticate(db, data.Username, data.Password) + if err != nil { + log.Printf("Bad password on authentication of user '%s'.", data.Username) + w.WriteHeader(http.StatusUnauthorized) + return + } }) } |
