summaryrefslogtreecommitdiff
path: root/handlers.go
diff options
context:
space:
mode:
Diffstat (limited to 'handlers.go')
-rw-r--r--handlers.go39
1 files changed, 39 insertions, 0 deletions
diff --git a/handlers.go b/handlers.go
index e6d60fb..35e4998 100644
--- a/handlers.go
+++ b/handlers.go
@@ -18,6 +18,7 @@ var frontendEmbed embed.FS
func registerHandlers(r *mux.Router, db *sql.DB) {
r.Handle("/api/version", version(db))
r.Handle("/api/registration", register(db))
+ r.Handle("/api/authentication", authenticate(db))
// frontend must come last to make sure /api takes precedence
frontend, err := fs.Sub(frontendEmbed, "build/frontend/public")
@@ -70,3 +71,41 @@ func register(db *sql.DB) http.Handler {
}
})
}
+
+func authenticate(db *sql.DB) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ var data struct {
+ Username string
+ Password string
+ }
+
+ dec := json.NewDecoder(r.Body)
+ dec.DisallowUnknownFields()
+
+ err := dec.Decode(&data)
+ if err != nil {
+ log.Printf("Failed to decode: %v", err)
+ w.WriteHeader(http.StatusBadRequest)
+ return
+ }
+
+ if data.Username == "" {
+ log.Print("Got registration request with empty username.")
+ w.WriteHeader(http.StatusBadRequest)
+ return
+ }
+
+ if data.Password == "" {
+ log.Print("Got registration request with empty password.")
+ w.WriteHeader(http.StatusBadRequest)
+ return
+ }
+
+ err = Authenticate(db, data.Username, data.Password)
+ if err != nil {
+ log.Print("Failed to authenticate user.")
+ w.WriteHeader(http.StatusUnauthorized)
+ return
+ }
+ })
+}