diff options
| author | Leonardo Bishop <me@leonardobishop.com> | 2025-08-15 19:20:48 +0100 |
|---|---|---|
| committer | Leonardo Bishop <me@leonardobishop.com> | 2025-08-15 19:20:48 +0100 |
| commit | 8f7dec8ba6b2f9bde01afd0a110596ebbd43e0ed (patch) | |
| tree | 7b4f203d92f4b99b1e98fac314415e293984196b /api/handlers/users.go | |
| parent | 4697556cac819c47d068819b9fc9c3b4ea84e279 (diff) | |
Implement OIDC
Diffstat (limited to 'api/handlers/users.go')
| -rw-r--r-- | api/handlers/users.go | 53 |
1 files changed, 11 insertions, 42 deletions
diff --git a/api/handlers/users.go b/api/handlers/users.go index efb2e29..3a1788d 100644 --- a/api/handlers/users.go +++ b/api/handlers/users.go @@ -5,18 +5,27 @@ import ( "net/http" "github.com/LMBishop/confplanner/api/dto" + "github.com/LMBishop/confplanner/pkg/auth" "github.com/LMBishop/confplanner/pkg/session" "github.com/LMBishop/confplanner/pkg/user" ) -func Register(service user.Service) http.HandlerFunc { +func Register(userService user.Service, authService auth.Service) http.HandlerFunc { return dto.WrapResponseFunc(func(w http.ResponseWriter, r *http.Request) error { var request dto.RegisterRequest if err := dto.ReadDto(r, &request); err != nil { return err } - createdUser, err := service.CreateUser(request.Username, request.Password) + basicAuthProvider := authService.GetAuthProvider("basic") + if _, ok := basicAuthProvider.(*auth.BasicAuthProvider); !ok { + return &dto.ErrorResponse{ + Code: http.StatusForbidden, + Message: "Registrations are only accepted via an identity provider", + } + } + + createdUser, err := userService.CreateUser(request.Username, request.Password) if err != nil { if errors.Is(err, user.ErrUserExists) { return &dto.ErrorResponse{ @@ -42,46 +51,6 @@ func Register(service user.Service) http.HandlerFunc { }) } -func Login(service user.Service, store session.Service) http.HandlerFunc { - return dto.WrapResponseFunc(func(w http.ResponseWriter, r *http.Request) error { - var request dto.LoginRequest - if err := dto.ReadDto(r, &request); err != nil { - return err - } - - user, err := service.Authenticate(request.Username, request.Password) - if err != nil { - return err - } - - if user == nil { - return &dto.ErrorResponse{ - Code: http.StatusBadRequest, - Message: "Username and password combination not found", - } - } - - session, err := store.Create(user.ID, user.Username, r.RemoteAddr, r.UserAgent()) - if err != nil { - return err - } - - cookie := &http.Cookie{ - Name: "confplanner_session", - Value: session.Token, - } - http.SetCookie(w, cookie) - - return &dto.OkResponse{ - Code: http.StatusOK, - Data: &dto.LoginResponse{ - ID: user.ID, - Username: user.Username, - }, - } - }) -} - func Logout(store session.Service) http.HandlerFunc { return dto.WrapResponseFunc(func(w http.ResponseWriter, r *http.Request) error { session := r.Context().Value("session").(*session.UserSession) |