// Handle requests containing JSON with user credentials. If the credentials are valid the response will set a session cookie effectively logging in the user.
//
// Expected JSON format:
// {"Username":"******", "Password":"******"}
//
// Invalid credentials will result in a 401 StatusUnauthorized response. Malformed JSON will result in a 400 StatusBadRequest or possibly 500 StatusInternalServerError.
func AuthHandlerFunc(w http.ResponseWriter, r *http.Request) {
// Parse the JSON into a user object
loginInfo := new(data.User)
decoder := json.NewDecoder(r.Body)
err := decoder.Decode(&loginInfo)
if err != nil {
log.Println("JSON problem")
log.Println(err)
http.Error(w, "Malformed json.", http.StatusBadRequest)
return
}
// Try and load the actual user
user := new(data.User)
user.Username = loginInfo.Username
err = storage.Select(user)
if err == storage.ErrZeroAffected {
log.Println("No such user: "******"Invalid credentials.", http.StatusUnauthorized)
return
} else if err != nil {
log.Println(err)
http.Error(w, "Database error, likely due to malformed request.", http.StatusInternalServerError)
return
}
// Validate
if !user.Auth(loginInfo.Password) {
log.Println("Wrong Password for: ", user.Username)
http.Error(w, "Invalid credentials.", http.StatusUnauthorized)
return
}
// Get role permissions
role := new(data.Role)
role.Title = user.Role
err = storage.Select(role)
if err != nil {
log.Println("Issues loading role during auth", err)
role.Permissions = 0 // Default to no permissions
}
// Build a cookie session
session, _ := store.Get(r, "rter-credentials")
session.Values["username"] = user.Username
session.Values["role"] = user.Role
session.Values["permissions"] = role.Permissions
err = session.Save(r, w)
if err != nil {
log.Println(err)
}
}
