diff --git a/internal/features/auth/auth.go b/internal/features/auth/auth.go index 64ff5e2..2720198 100644 --- a/internal/features/auth/auth.go +++ b/internal/features/auth/auth.go @@ -28,6 +28,8 @@ var ( ErrInvalidRecoveryKey = errors.New("invalid recovery details") ) +const bcryptCost = 12 + type Service struct { db database.Querier } @@ -87,7 +89,7 @@ func (s *Service) RegisterUser(ctx context.Context, username, password string) ( return nil, "", fmt.Errorf("%w: %v", ErrInvalidPassword, err) } - hash, err := bcrypt.GenerateFromPassword([]byte(password), 12) // higher cost + hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost) if err != nil { return nil, "", fmt.Errorf("failed to hash password: %w", err) } @@ -128,7 +130,7 @@ func (s *Service) RecoverAccount(ctx context.Context, username, recoveryKey, new return "", fmt.Errorf("failed to lookup user for recovery: %w", err) } - newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12) + newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost) if err != nil { return "", fmt.Errorf("failed to hash new password: %w", err) } @@ -169,7 +171,7 @@ func (s *Service) ChangePassword(ctx context.Context, userID, currentPassword, n return ErrInvalidCredentials } - newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12) + newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost) if err != nil { return fmt.Errorf("failed to hash new password: %w", err) } diff --git a/internal/features/auth/handler.go b/internal/features/auth/handler.go index 8a0a3bf..2507719 100644 --- a/internal/features/auth/handler.go +++ b/internal/features/auth/handler.go @@ -51,7 +51,13 @@ func NewHandler(authService *Service) *Handler { return &Handler{authService: authService} } -// Render the login/register pages here (assuming you have these templates) +func rateLimitErrorFromQuery(r *http.Request) string { + if r.URL.Query().Get("error") == "rate_limited" { + return rateLimitFormError + } + + return "" +} func (h *Handler) HandleLogin(w http.ResponseWriter, r *http.Request) { if err := r.ParseForm(); err != nil { @@ -127,27 +133,15 @@ func (h *Handler) HandleLogout(w http.ResponseWriter, r *http.Request) { } func (h *Handler) HandleLoginPage(w http.ResponseWriter, r *http.Request) { - formError := "" - if r.URL.Query().Get("error") == "rate_limited" { - formError = rateLimitFormError - } - templates.Login(formError, "").Render(r.Context(), w) + templates.Login(rateLimitErrorFromQuery(r), "").Render(r.Context(), w) } func (h *Handler) HandleRegisterPage(w http.ResponseWriter, r *http.Request) { - formError := "" - if r.URL.Query().Get("error") == "rate_limited" { - formError = rateLimitFormError - } - templates.Register(formError, "").Render(r.Context(), w) + templates.Register(rateLimitErrorFromQuery(r), "").Render(r.Context(), w) } func (h *Handler) HandleRecoverPage(w http.ResponseWriter, r *http.Request) { - formError := "" - if r.URL.Query().Get("error") == "rate_limited" { - formError = rateLimitFormError - } - templates.Recover(formError, "", "").Render(r.Context(), w) + templates.Recover(rateLimitErrorFromQuery(r), "", "").Render(r.Context(), w) } func (h *Handler) HandleRecover(w http.ResponseWriter, r *http.Request) {