refactor: simplify auth handlers

This commit is contained in:
2026-04-14 22:23:01 +02:00
parent d78b4e7848
commit 7bf75205bd
2 changed files with 15 additions and 19 deletions

View File

@@ -28,6 +28,8 @@ var (
ErrInvalidRecoveryKey = errors.New("invalid recovery details")
)
const bcryptCost = 12
type Service struct {
db database.Querier
}
@@ -87,7 +89,7 @@ func (s *Service) RegisterUser(ctx context.Context, username, password string) (
return nil, "", fmt.Errorf("%w: %v", ErrInvalidPassword, err)
}
hash, err := bcrypt.GenerateFromPassword([]byte(password), 12) // higher cost
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost)
if err != nil {
return nil, "", fmt.Errorf("failed to hash password: %w", err)
}
@@ -128,7 +130,7 @@ func (s *Service) RecoverAccount(ctx context.Context, username, recoveryKey, new
return "", fmt.Errorf("failed to lookup user for recovery: %w", err)
}
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12)
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost)
if err != nil {
return "", fmt.Errorf("failed to hash new password: %w", err)
}
@@ -169,7 +171,7 @@ func (s *Service) ChangePassword(ctx context.Context, userID, currentPassword, n
return ErrInvalidCredentials
}
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), 12)
newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcryptCost)
if err != nil {
return fmt.Errorf("failed to hash new password: %w", err)
}

View File

@@ -51,7 +51,13 @@ func NewHandler(authService *Service) *Handler {
return &Handler{authService: authService}
}
// Render the login/register pages here (assuming you have these templates)
func rateLimitErrorFromQuery(r *http.Request) string {
if r.URL.Query().Get("error") == "rate_limited" {
return rateLimitFormError
}
return ""
}
func (h *Handler) HandleLogin(w http.ResponseWriter, r *http.Request) {
if err := r.ParseForm(); err != nil {
@@ -127,27 +133,15 @@ func (h *Handler) HandleLogout(w http.ResponseWriter, r *http.Request) {
}
func (h *Handler) HandleLoginPage(w http.ResponseWriter, r *http.Request) {
formError := ""
if r.URL.Query().Get("error") == "rate_limited" {
formError = rateLimitFormError
}
templates.Login(formError, "").Render(r.Context(), w)
templates.Login(rateLimitErrorFromQuery(r), "").Render(r.Context(), w)
}
func (h *Handler) HandleRegisterPage(w http.ResponseWriter, r *http.Request) {
formError := ""
if r.URL.Query().Get("error") == "rate_limited" {
formError = rateLimitFormError
}
templates.Register(formError, "").Render(r.Context(), w)
templates.Register(rateLimitErrorFromQuery(r), "").Render(r.Context(), w)
}
func (h *Handler) HandleRecoverPage(w http.ResponseWriter, r *http.Request) {
formError := ""
if r.URL.Query().Get("error") == "rate_limited" {
formError = rateLimitFormError
}
templates.Recover(formError, "", "").Render(r.Context(), w)
templates.Recover(rateLimitErrorFromQuery(r), "", "").Render(r.Context(), w)
}
func (h *Handler) HandleRecover(w http.ResponseWriter, r *http.Request) {