lets-go:11.4 login

2024-02-07 16:27:03 -08:00 · 2024-02-07 16:27:03 -08:00 · 7aecca2131
commit 7aecca2131
parent e50ffaaf9e
4 changed files with 66 additions and 19 deletions
--- a/snippetbox/cmd/web/handlers.go
+++ b/snippetbox/cmd/web/handlers.go
@ -118,7 +118,6 @@ func (app *application) userSignup(w http.ResponseWriter, r *http.Request) {
 	app.render(w, r, http.StatusOK, "signup.tmpl", data)
 }

-
 // userSignupPost ...
 func (app *application) userSignupPost(w http.ResponseWriter, r *http.Request) {
 	var form userSignupForm
@ -163,7 +162,7 @@ func (app *application) userSignupPost(w http.ResponseWriter, r *http.Request) {
 }

 type userLoginForm struct {
-	Username    string  `form:"username"`
+	Email               string `form:"email"`
 	Password            string `form:"password"`
 	validator.Validator `form:"-"`
 }
@ -187,7 +186,7 @@ func (app *application) userLoginPost(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	form.CheckField(validator.NotBlank(form.Username), "username", "This field cannot be blank")
+	form.CheckField(validator.NotBlank(form.Email), "email", "This field cannot be blank")
 	form.CheckField(validator.NotBlank(form.Password), "password", "This field cannot be blank")

 	if !form.Valid() {
@ -197,10 +196,27 @@ func (app *application) userLoginPost(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	userID, err := app.users.Authenticate(form.Email, form.Password)
+	if err != nil {
+		if errors.Is(err, models.ErrInvalidCredentials) {
+			form.AddNonFieldError("Email or password is incorrect")

-	app.sessionManager.Put(r.Context(), "authenticatedUserID", 1)
+			data := app.newTemplateData(r)
+			data.Form = form
+			app.render(w, r, http.StatusUnprocessableEntity, "login.tmpl", data)
+		} else {
+			app.serverError(w, r, err)
+		}
+		return
+	}
+	err = app.sessionManager.RenewToken(r.Context())
+	if err != nil {
+		app.serverError(w, r, err)
+		return
+	}

-	app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("LOGGED IN USER %s! (not really)", form.Username))
+	app.sessionManager.Put(r.Context(), "authenticatedUserID", userID)
+	app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("LOGGED IN USER %d!", userID))

 	http.Redirect(w, r, "/", http.StatusSeeOther)
 }
--- a/snippetbox/internal/models/users.go
+++ b/snippetbox/internal/models/users.go
@ -47,8 +47,31 @@ func (m *UserModel) Insert(username, email, password string) error {
 }

 // Authenticate
-func (m *UserModel) Authenticate(email int, password string) (int, error) {
-	return 0, nil
+func (m *UserModel) Authenticate(email, password string) (int, error) {
+	var id int
+	var hashedPassword []byte
+
+	stmt := "SELECT id, hashed_password FROM users WHERE email = ?"
+
+	err := m.DB.QueryRow(stmt, email).Scan(&id, &hashedPassword)
+	if err != nil {
+		if errors.Is(err, sql.ErrNoRows) {
+			return 0, ErrInvalidCredentials
+		} else {
+			return 0, err
+		}
+	}
+
+	err = bcrypt.CompareHashAndPassword(hashedPassword, []byte(password))
+	if err != nil {
+		if errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
+			return 0, ErrInvalidCredentials
+		} else {
+			return 0, err
+		}
+	}
+
+	return id, nil
 }

 // Exists
--- a/snippetbox/internal/validator/validator.go
+++ b/snippetbox/internal/validator/validator.go
@ -10,12 +10,13 @@ import (
 var EmailRX = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")

 type Validator struct {
+	NonFieldErrors []string
 	FieldErrors map[string]string
 }

 // Valid() ...
 func (v *Validator) Valid() bool {
-	return len(v.FieldErrors) == 0
+	return len(v.FieldErrors) == 0 && len(v.NonFieldErrors) == 0
 }

 // AddFieldError ...
@ -29,6 +30,10 @@ func (v *Validator) AddFieldError(key, message string) {
 	}
 }

+func (v *Validator) AddNonFieldError(message string) {
+	v.NonFieldErrors = append(v.NonFieldErrors, message)
+}
+
 // CheckField ...
 func (v *Validator) CheckField(ok bool, key, message string)  {
 	if !ok {
--- a/snippetbox/ui/html/pages/login.tmpl
+++ b/snippetbox/ui/html/pages/login.tmpl
@ -1,20 +1,23 @@
-{{define "title"}}User Login{{end}}
+{{define "title"}}Login{{end}}

 {{define "main"}}
 <form action='/user/login' method='POST'>
+  {{range .Form.NonFieldErrors}}
+  <div class="error">{{.}}</div>
+  {{end}}
  <div>
    <label>Username:</label>
-    {{with .Form.FieldErrors.username}}
+    {{with .Form.FieldErrors.email}}
    <label class='error'>{{.}}</label>
    {{end}}
-    <input type='text' name='username' value='{{.Form.Username}}'>
+    <input type='text' name='email' value='{{.Form.Email}}'>
  </div>
  <div>
    <label>Password:</label>
    {{with .Form.FieldErrors.password}}
    <label class='error'>{{.}}</label>
    {{end}}
-    <input type='text' name='password' value='{{.Form.Password}}'>
+    <input type='password' name='password'>
  </div>
  <div>
    <input type='submit' value='Login'>