Added api endpoints and tests

2022-01-24 12:59:43 +01:00
parent 10b768743b
commit cfbdcc7f82
36 changed files with 1781 additions and 315 deletions
--- a/api/login.go
+++ b/api/login.go
@@ -0,0 +1,49 @@
+package api
+
+import (
+	"TheAdversary/database"
+	"TheAdversary/schema"
+	"encoding/json"
+	"golang.org/x/crypto/bcrypt"
+	"math/rand"
+	"net/http"
+)
+
+type loginPayload struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+func Login(w http.ResponseWriter, r *http.Request) {
+	var payload loginPayload
+	if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
+		InvalidJson.Send(w)
+		return
+	}
+	var author schema.Author
+	database.GetDB().Table("author").Select("id", "password").Where("name = ?", payload.Username).Take(&author)
+	if author.Id == 0 || bcrypt.CompareHashAndPassword([]byte(author.Password), []byte(payload.Password)) != nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
+	sessionID := sessionId()
+
+	sessions[sessionID] = author.Id
+
+	http.SetCookie(w, &http.Cookie{
+		Name:  "session_id",
+		Value: sessionID,
+	})
+	w.WriteHeader(http.StatusOK)
+}
+
+func sessionId() string {
+	var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
+
+	s := make([]rune, 32)
+	for i := range s {
+		s[i] = letters[rand.Intn(len(letters))]
+	}
+	return string(s)
+}