refactor: simplify auth handlers
This commit is contained in:
@@ -28,6 +28,8 @@ var (
|
||||
ErrInvalidRecoveryKey = errors.New("invalid recovery details")
|
||||
)
|
||||
|
||||
const bcryptCost = 12
|
||||
|
||||
type Service struct {
|
||||
db database.Querier
|
||||
}
|
||||
@@ -87,7 +89,7 @@ func (s *Service) RegisterUser(ctx context.Context, username, password string) (
|
||||
return nil, "", fmt.Errorf("%w: %v", ErrInvalidPassword, err)
|
||||
}
|
||||
|
||||
hash, err := bcrypt.GenerateFromPassword([]byte(password), 12) // higher cost
|
||||
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost)
|
||||
if err != nil {
|
||||
return nil, "", fmt.Errorf("failed to hash password: %w", err)
|
||||
}
|
||||
@@ -128,7 +130,7 @@ func (s *Service) RecoverAccount(ctx context.Context, username, recoveryKey, new
|
||||
return "", fmt.Errorf("failed to lookup user for recovery: %w", err)
|
||||
}
|
||||
|
||||
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12)
|
||||
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to hash new password: %w", err)
|
||||
}
|
||||
@@ -169,7 +171,7 @@ func (s *Service) ChangePassword(ctx context.Context, userID, currentPassword, n
|
||||
return ErrInvalidCredentials
|
||||
}
|
||||
|
||||
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12)
|
||||
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to hash new password: %w", err)
|
||||
}
|
||||
|
||||
@@ -51,7 +51,13 @@ func NewHandler(authService *Service) *Handler {
|
||||
return &Handler{authService: authService}
|
||||
}
|
||||
|
||||
// Render the login/register pages here (assuming you have these templates)
|
||||
func rateLimitErrorFromQuery(r *http.Request) string {
|
||||
if r.URL.Query().Get("error") == "rate_limited" {
|
||||
return rateLimitFormError
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
func (h *Handler) HandleLogin(w http.ResponseWriter, r *http.Request) {
|
||||
if err := r.ParseForm(); err != nil {
|
||||
@@ -127,27 +133,15 @@ func (h *Handler) HandleLogout(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
func (h *Handler) HandleLoginPage(w http.ResponseWriter, r *http.Request) {
|
||||
formError := ""
|
||||
if r.URL.Query().Get("error") == "rate_limited" {
|
||||
formError = rateLimitFormError
|
||||
}
|
||||
templates.Login(formError, "").Render(r.Context(), w)
|
||||
templates.Login(rateLimitErrorFromQuery(r), "").Render(r.Context(), w)
|
||||
}
|
||||
|
||||
func (h *Handler) HandleRegisterPage(w http.ResponseWriter, r *http.Request) {
|
||||
formError := ""
|
||||
if r.URL.Query().Get("error") == "rate_limited" {
|
||||
formError = rateLimitFormError
|
||||
}
|
||||
templates.Register(formError, "").Render(r.Context(), w)
|
||||
templates.Register(rateLimitErrorFromQuery(r), "").Render(r.Context(), w)
|
||||
}
|
||||
|
||||
func (h *Handler) HandleRecoverPage(w http.ResponseWriter, r *http.Request) {
|
||||
formError := ""
|
||||
if r.URL.Query().Get("error") == "rate_limited" {
|
||||
formError = rateLimitFormError
|
||||
}
|
||||
templates.Recover(formError, "", "").Render(r.Context(), w)
|
||||
templates.Recover(rateLimitErrorFromQuery(r), "", "").Render(r.Context(), w)
|
||||
}
|
||||
|
||||
func (h *Handler) HandleRecover(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
Reference in New Issue
Block a user