func signinHandler(w http.ResponseWriter, r *http.Request) {
	var dbpassword []byte
	valid := false
	username := r.FormValue("suUsername")
	password := r.FormValue("suPassword")
	signinPassword := []byte(password)
	rows, err := db.Query("select username, password from users where username = $1;", username)
	util.CheckErr(err)
	log.Println(err)
	defer rows.Close()
	for rows.Next() {
		err := rows.Scan(&username, &dbpassword)
		util.CheckErr(err)
		log.Println(username)
		log.Println(dbpassword)
		log.Println(signinPassword)
		util.CheckErr(bcrypt.CompareHashAndPassword(dbpassword, signinPassword)) //if no message about nonmatch, successful login verification achieved
		//util.CheckErr(bcrypt.CompareHashAndPassword(dbpassword, hashedSigninPassword))
		if err == nil {
			valid = true
		}
	}
	err = rows.Err()
	util.CheckErr(err)
	fmt.Println(valid)
	if valid == true {
		http.Redirect(w, r, "http://localhost:8080/homepage/v.html", 302)
	}
}
func signupHandler(w http.ResponseWriter, r *http.Request) {
	var (
		firstname = r.FormValue("firstName")
		lastname  = r.FormValue("lastName")
		email     = r.FormValue("email")
		username  = r.FormValue("userName")
		password1 = r.FormValue("pw1")
		//password2 = r.FormValue("pw2")
	)

	r.ParseForm()
	signupPassword := []byte(password1)
	hashedSignupPassword, check := bcrypt.GenerateFromPassword(signupPassword, bcrypt.DefaultCost)
	util.CheckErr(check)
	fmt.Println(string(hashedSignupPassword))
	check = bcrypt.CompareHashAndPassword(hashedSignupPassword, signupPassword)
	fmt.Println(check) // nil means it is a match

	var lastInsertId string
	err := db.QueryRow("INSERT INTO users(first_name, last_name, email, username, password) VALUES($1,$2,$3,$4,$5) returning username;", firstname, lastname, email, username, hashedSignupPassword).Scan(&lastInsertId)
	util.CheckErr(err)
	fmt.Println("last inserted id =", lastInsertId)
	//w.WriteHeader(http.StatusCreated)
}
Beispiel #3
0
func createDBConnection() *sql.DB {
	db, err := sql.Open("postgres", dbinfo)
	util.CheckErr(err)
	util.CheckErr(db.Ping())
	return db
}