lets-go:11.4 login

This commit is contained in:
tamsin johnson 2024-02-07 16:27:03 -08:00
parent e50ffaaf9e
commit 7aecca2131
4 changed files with 66 additions and 19 deletions

View File

@ -63,9 +63,9 @@ func (app *application) snippetCreate(w http.ResponseWriter, r *http.Request) {
}
type snippetCreateForm struct {
Title string `form:"title"`
Content string `form:"content"`
Expires int `form:"expires"`
Title string `form:"title"`
Content string `form:"content"`
Expires int `form:"expires"`
validator.Validator `form:"-"`
}
@ -103,9 +103,9 @@ func (app *application) snippetCreatePost(w http.ResponseWriter, r *http.Request
}
type userSignupForm struct {
Username string `form:"username"`
Email string `form:"email"`
Password string `form:"password"`
Username string `form:"username"`
Email string `form:"email"`
Password string `form:"password"`
validator.Validator `form:"-"`
}
@ -118,7 +118,6 @@ func (app *application) userSignup(w http.ResponseWriter, r *http.Request) {
app.render(w, r, http.StatusOK, "signup.tmpl", data)
}
// userSignupPost ...
func (app *application) userSignupPost(w http.ResponseWriter, r *http.Request) {
var form userSignupForm
@ -163,8 +162,8 @@ func (app *application) userSignupPost(w http.ResponseWriter, r *http.Request) {
}
type userLoginForm struct {
Username string `form:"username"`
Password string `form:"password"`
Email string `form:"email"`
Password string `form:"password"`
validator.Validator `form:"-"`
}
@ -187,7 +186,7 @@ func (app *application) userLoginPost(w http.ResponseWriter, r *http.Request) {
return
}
form.CheckField(validator.NotBlank(form.Username), "username", "This field cannot be blank")
form.CheckField(validator.NotBlank(form.Email), "email", "This field cannot be blank")
form.CheckField(validator.NotBlank(form.Password), "password", "This field cannot be blank")
if !form.Valid() {
@ -197,10 +196,27 @@ func (app *application) userLoginPost(w http.ResponseWriter, r *http.Request) {
return
}
userID, err := app.users.Authenticate(form.Email, form.Password)
if err != nil {
if errors.Is(err, models.ErrInvalidCredentials) {
form.AddNonFieldError("Email or password is incorrect")
app.sessionManager.Put(r.Context(), "authenticatedUserID", 1)
data := app.newTemplateData(r)
data.Form = form
app.render(w, r, http.StatusUnprocessableEntity, "login.tmpl", data)
} else {
app.serverError(w, r, err)
}
return
}
err = app.sessionManager.RenewToken(r.Context())
if err != nil {
app.serverError(w, r, err)
return
}
app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("LOGGED IN USER %s! (not really)", form.Username))
app.sessionManager.Put(r.Context(), "authenticatedUserID", userID)
app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("LOGGED IN USER %d!", userID))
http.Redirect(w, r, "/", http.StatusSeeOther)
}

View File

@ -47,8 +47,31 @@ func (m *UserModel) Insert(username, email, password string) error {
}
// Authenticate
func (m *UserModel) Authenticate(email int, password string) (int, error) {
return 0, nil
func (m *UserModel) Authenticate(email, password string) (int, error) {
var id int
var hashedPassword []byte
stmt := "SELECT id, hashed_password FROM users WHERE email = ?"
err := m.DB.QueryRow(stmt, email).Scan(&id, &hashedPassword)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
return 0, ErrInvalidCredentials
} else {
return 0, err
}
}
err = bcrypt.CompareHashAndPassword(hashedPassword, []byte(password))
if err != nil {
if errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
return 0, ErrInvalidCredentials
} else {
return 0, err
}
}
return id, nil
}
// Exists

View File

@ -10,12 +10,13 @@ import (
var EmailRX = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
type Validator struct {
NonFieldErrors []string
FieldErrors map[string]string
}
// Valid() ...
func (v *Validator) Valid() bool {
return len(v.FieldErrors) == 0
return len(v.FieldErrors) == 0 && len(v.NonFieldErrors) == 0
}
// AddFieldError ...
@ -29,6 +30,10 @@ func (v *Validator) AddFieldError(key, message string) {
}
}
func (v *Validator) AddNonFieldError(message string) {
v.NonFieldErrors = append(v.NonFieldErrors, message)
}
// CheckField ...
func (v *Validator) CheckField(ok bool, key, message string) {
if !ok {

View File

@ -1,20 +1,23 @@
{{define "title"}}User Login{{end}}
{{define "title"}}Login{{end}}
{{define "main"}}
<form action='/user/login' method='POST'>
{{range .Form.NonFieldErrors}}
<div class="error">{{.}}</div>
{{end}}
<div>
<label>Username:</label>
{{with .Form.FieldErrors.username}}
{{with .Form.FieldErrors.email}}
<label class='error'>{{.}}</label>
{{end}}
<input type='text' name='username' value='{{.Form.Username}}'>
<input type='text' name='email' value='{{.Form.Email}}'>
</div>
<div>
<label>Password:</label>
{{with .Form.FieldErrors.password}}
<label class='error'>{{.}}</label>
{{end}}
<input type='text' name='password' value='{{.Form.Password}}'>
<input type='password' name='password'>
</div>
<div>
<input type='submit' value='Login'>