From 03cd6bdfbd473dba3f3dc50a1b15e389aac5bc70 Mon Sep 17 00:00:00 2001
From: Leonardo Bishop <me@leonardobishop.net>
Date: Wed, 7 Jan 2026 23:39:53 +0000
Subject: Initial commit

---
 web/handler/auth.go | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)
 create mode 100644 web/handler/auth.go

(limited to 'web/handler/auth.go')

diff --git a/web/handler/auth.go b/web/handler/auth.go
new file mode 100644
index 0000000..38b87b6
--- /dev/null
+++ b/web/handler/auth.go
@@ -0,0 +1,89 @@
+package handler
+
+import (
+	"html/template"
+	"log/slog"
+	"net/http"
+	"strconv"
+	"time"
+
+	"git.leonardobishop.net/instancer/pkg/session"
+)
+
+func GetAuth(tmpl *template.Template) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		tmpl.ExecuteTemplate(w, "auth.html", nil)
+	}
+}
+
+func PostAuth(tmpl *template.Template, session *session.MemoryStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if err := r.ParseForm(); err != nil {
+			tmpl.ExecuteTemplate(w, "f_auth_error.html", struct {
+				Message string
+			}{
+				Message: "Invalid form data",
+			})
+			return
+		}
+
+		team := r.FormValue("team")
+		if team == "" {
+			tmpl.ExecuteTemplate(w, "f_auth_error.html", struct {
+				Message string
+			}{
+				Message: "No team entered",
+			})
+			return
+		}
+
+		if _, err := strconv.Atoi(team); err != nil {
+			tmpl.ExecuteTemplate(w, "f_auth_error.html", struct {
+				Message string
+			}{
+				Message: "Team ID must be number",
+			})
+			return
+		}
+
+		session, err := session.Create(team)
+		if err != nil {
+			slog.Error("could not create session", "cause", err)
+			tmpl.ExecuteTemplate(w, "f_auth_error.html", struct {
+				Message string
+			}{
+				Message: "Could not create session",
+			})
+			return
+		}
+
+		http.SetCookie(w, &http.Cookie{
+			Name:  "session",
+			Value: session.Token,
+
+			Path:     "/",
+			Secure:   true,
+			SameSite: http.SameSiteStrictMode,
+			HttpOnly: true,
+		})
+		w.Header().Add("HX-Redirect", "/")
+	}
+}
+
+func GetLogout(session *session.MemoryStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		//TODO expire session here
+
+		http.SetCookie(w, &http.Cookie{
+			Name:    "session",
+			Value:   "",
+			Expires: time.Unix(0, 0),
+
+			Path:     "/",
+			Secure:   true,
+			SameSite: http.SameSiteStrictMode,
+			HttpOnly: true,
+		})
+		http.Redirect(w, r, "/auth", http.StatusFound)
+	}
+}
-- 
cgit v1.2.3-70-g09d2