diff options
Diffstat (limited to 'handlers.go')
| -rw-r--r-- | handlers.go | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/handlers.go b/handlers.go index e6d60fb..35e4998 100644 --- a/handlers.go +++ b/handlers.go @@ -18,6 +18,7 @@ var frontendEmbed embed.FS func registerHandlers(r *mux.Router, db *sql.DB) { r.Handle("/api/version", version(db)) r.Handle("/api/registration", register(db)) + r.Handle("/api/authentication", authenticate(db)) // frontend must come last to make sure /api takes precedence frontend, err := fs.Sub(frontendEmbed, "build/frontend/public") @@ -70,3 +71,41 @@ func register(db *sql.DB) http.Handler { } }) } + +func authenticate(db *sql.DB) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + var data struct { + Username string + Password string + } + + dec := json.NewDecoder(r.Body) + dec.DisallowUnknownFields() + + err := dec.Decode(&data) + if err != nil { + log.Printf("Failed to decode: %v", err) + w.WriteHeader(http.StatusBadRequest) + return + } + + if data.Username == "" { + log.Print("Got registration request with empty username.") + w.WriteHeader(http.StatusBadRequest) + return + } + + if data.Password == "" { + log.Print("Got registration request with empty password.") + w.WriteHeader(http.StatusBadRequest) + return + } + + err = Authenticate(db, data.Username, data.Password) + if err != nil { + log.Print("Failed to authenticate user.") + w.WriteHeader(http.StatusUnauthorized) + return + } + }) +} |
