From ea4bd88963724c13f7b906d856af2d1c715fc056 Mon Sep 17 00:00:00 2001 From: xengineering Date: Sat, 27 Jun 2026 20:47:36 +0200 Subject: Add core functionality of /api/authenticate This handler now actually validates the username and password and returns a matching HTTP response code. --- handlers.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'handlers.go') diff --git a/handlers.go b/handlers.go index ceeb79a..0ff2f26 100644 --- a/handlers.go +++ b/handlers.go @@ -45,7 +45,7 @@ func ApiAuthentication(db *sql.DB) http.Handler { err := dec.Decode(&data) if err != nil { - log.Printf("Failed to decode: %v", err) + log.Printf("Failed to decode: %v.", err) w.WriteHeader(http.StatusBadRequest) return } @@ -61,5 +61,12 @@ func ApiAuthentication(db *sql.DB) http.Handler { w.WriteHeader(http.StatusBadRequest) return } + + err = Authenticate(db, data.Username, data.Password) + if err != nil { + log.Printf("Bad password on authentication of user '%s'.", data.Username) + w.WriteHeader(http.StatusUnauthorized) + return + } }) } -- cgit v1.3.1