refactor: simplify auth handlers
This commit is contained in:
@@ -28,6 +28,8 @@ var (
|
|||||||
ErrInvalidRecoveryKey = errors.New("invalid recovery details")
|
ErrInvalidRecoveryKey = errors.New("invalid recovery details")
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const bcryptCost = 12
|
||||||
|
|
||||||
type Service struct {
|
type Service struct {
|
||||||
db database.Querier
|
db database.Querier
|
||||||
}
|
}
|
||||||
@@ -87,7 +89,7 @@ func (s *Service) RegisterUser(ctx context.Context, username, password string) (
|
|||||||
return nil, "", fmt.Errorf("%w: %v", ErrInvalidPassword, err)
|
return nil, "", fmt.Errorf("%w: %v", ErrInvalidPassword, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
hash, err := bcrypt.GenerateFromPassword([]byte(password), 12) // higher cost
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, "", fmt.Errorf("failed to hash password: %w", err)
|
return nil, "", fmt.Errorf("failed to hash password: %w", err)
|
||||||
}
|
}
|
||||||
@@ -128,7 +130,7 @@ func (s *Service) RecoverAccount(ctx context.Context, username, recoveryKey, new
|
|||||||
return "", fmt.Errorf("failed to lookup user for recovery: %w", err)
|
return "", fmt.Errorf("failed to lookup user for recovery: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12)
|
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", fmt.Errorf("failed to hash new password: %w", err)
|
return "", fmt.Errorf("failed to hash new password: %w", err)
|
||||||
}
|
}
|
||||||
@@ -169,7 +171,7 @@ func (s *Service) ChangePassword(ctx context.Context, userID, currentPassword, n
|
|||||||
return ErrInvalidCredentials
|
return ErrInvalidCredentials
|
||||||
}
|
}
|
||||||
|
|
||||||
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12)
|
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to hash new password: %w", err)
|
return fmt.Errorf("failed to hash new password: %w", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -51,7 +51,13 @@ func NewHandler(authService *Service) *Handler {
|
|||||||
return &Handler{authService: authService}
|
return &Handler{authService: authService}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Render the login/register pages here (assuming you have these templates)
|
func rateLimitErrorFromQuery(r *http.Request) string {
|
||||||
|
if r.URL.Query().Get("error") == "rate_limited" {
|
||||||
|
return rateLimitFormError
|
||||||
|
}
|
||||||
|
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
func (h *Handler) HandleLogin(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleLogin(w http.ResponseWriter, r *http.Request) {
|
||||||
if err := r.ParseForm(); err != nil {
|
if err := r.ParseForm(); err != nil {
|
||||||
@@ -127,27 +133,15 @@ func (h *Handler) HandleLogout(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) HandleLoginPage(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleLoginPage(w http.ResponseWriter, r *http.Request) {
|
||||||
formError := ""
|
templates.Login(rateLimitErrorFromQuery(r), "").Render(r.Context(), w)
|
||||||
if r.URL.Query().Get("error") == "rate_limited" {
|
|
||||||
formError = rateLimitFormError
|
|
||||||
}
|
|
||||||
templates.Login(formError, "").Render(r.Context(), w)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) HandleRegisterPage(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleRegisterPage(w http.ResponseWriter, r *http.Request) {
|
||||||
formError := ""
|
templates.Register(rateLimitErrorFromQuery(r), "").Render(r.Context(), w)
|
||||||
if r.URL.Query().Get("error") == "rate_limited" {
|
|
||||||
formError = rateLimitFormError
|
|
||||||
}
|
|
||||||
templates.Register(formError, "").Render(r.Context(), w)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) HandleRecoverPage(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleRecoverPage(w http.ResponseWriter, r *http.Request) {
|
||||||
formError := ""
|
templates.Recover(rateLimitErrorFromQuery(r), "", "").Render(r.Context(), w)
|
||||||
if r.URL.Query().Get("error") == "rate_limited" {
|
|
||||||
formError = rateLimitFormError
|
|
||||||
}
|
|
||||||
templates.Recover(formError, "", "").Render(r.Context(), w)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) HandleRecover(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) HandleRecover(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|||||||
Reference in New Issue
Block a user