From 8f7dec8ba6b2f9bde01afd0a110596ebbd43e0ed Mon Sep 17 00:00:00 2001
From: Leonardo Bishop <me@leonardobishop.com>
Date: Fri, 15 Aug 2025 19:20:48 +0100
Subject: Implement OIDC

---
 api/handlers/users.go | 53 +++++++++++----------------------------------------
 1 file changed, 11 insertions(+), 42 deletions(-)

(limited to 'api/handlers/users.go')

diff --git a/api/handlers/users.go b/api/handlers/users.go
index efb2e29..3a1788d 100644
--- a/api/handlers/users.go
+++ b/api/handlers/users.go
@@ -5,18 +5,27 @@ import (
 	"net/http"
 
 	"github.com/LMBishop/confplanner/api/dto"
+	"github.com/LMBishop/confplanner/pkg/auth"
 	"github.com/LMBishop/confplanner/pkg/session"
 	"github.com/LMBishop/confplanner/pkg/user"
 )
 
-func Register(service user.Service) http.HandlerFunc {
+func Register(userService user.Service, authService auth.Service) http.HandlerFunc {
 	return dto.WrapResponseFunc(func(w http.ResponseWriter, r *http.Request) error {
 		var request dto.RegisterRequest
 		if err := dto.ReadDto(r, &request); err != nil {
 			return err
 		}
 
-		createdUser, err := service.CreateUser(request.Username, request.Password)
+		basicAuthProvider := authService.GetAuthProvider("basic")
+		if _, ok := basicAuthProvider.(*auth.BasicAuthProvider); !ok {
+			return &dto.ErrorResponse{
+				Code:    http.StatusForbidden,
+				Message: "Registrations are only accepted via an identity provider",
+			}
+		}
+
+		createdUser, err := userService.CreateUser(request.Username, request.Password)
 		if err != nil {
 			if errors.Is(err, user.ErrUserExists) {
 				return &dto.ErrorResponse{
@@ -42,46 +51,6 @@ func Register(service user.Service) http.HandlerFunc {
 	})
 }
 
-func Login(service user.Service, store session.Service) http.HandlerFunc {
-	return dto.WrapResponseFunc(func(w http.ResponseWriter, r *http.Request) error {
-		var request dto.LoginRequest
-		if err := dto.ReadDto(r, &request); err != nil {
-			return err
-		}
-
-		user, err := service.Authenticate(request.Username, request.Password)
-		if err != nil {
-			return err
-		}
-
-		if user == nil {
-			return &dto.ErrorResponse{
-				Code:    http.StatusBadRequest,
-				Message: "Username and password combination not found",
-			}
-		}
-
-		session, err := store.Create(user.ID, user.Username, r.RemoteAddr, r.UserAgent())
-		if err != nil {
-			return err
-		}
-
-		cookie := &http.Cookie{
-			Name:  "confplanner_session",
-			Value: session.Token,
-		}
-		http.SetCookie(w, cookie)
-
-		return &dto.OkResponse{
-			Code: http.StatusOK,
-			Data: &dto.LoginResponse{
-				ID:       user.ID,
-				Username: user.Username,
-			},
-		}
-	})
-}
-
 func Logout(store session.Service) http.HandlerFunc {
 	return dto.WrapResponseFunc(func(w http.ResponseWriter, r *http.Request) error {
 		session := r.Context().Value("session").(*session.UserSession)
-- 
cgit v1.2.3-70-g09d2