diff options
author | Julien Dessaux | 2024-11-17 00:05:22 +0100 |
---|---|---|
committer | Julien Dessaux | 2024-12-17 23:19:18 +0100 |
commit | 25ed1188ed970a19675befef12afe68045565c4a (patch) | |
tree | 5cfc55047d833400028fb69a7f069f5cedecaacd /pkg/basic_auth | |
parent | fix(tfstated): hash passwords instead of relying on the database encryption key (diff) | |
download | tfstated-25ed1188ed970a19675befef12afe68045565c4a.tar.gz tfstated-25ed1188ed970a19675befef12afe68045565c4a.tar.bz2 tfstated-25ed1188ed970a19675befef12afe68045565c4a.zip |
chore(tfstated): refactor helpers to their own package
Diffstat (limited to 'pkg/basic_auth')
-rw-r--r-- | pkg/basic_auth/middleware.go | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go index 7f8fb4a..0e22ad3 100644 --- a/pkg/basic_auth/middleware.go +++ b/pkg/basic_auth/middleware.go @@ -2,10 +2,12 @@ package basic_auth import ( "context" + "fmt" "net/http" "time" "git.adyxax.org/adyxax/tfstated/pkg/database" + "git.adyxax.org/adyxax/tfstated/pkg/helpers" "git.adyxax.org/adyxax/tfstated/pkg/model" ) @@ -15,26 +17,22 @@ func Middleware(db *database.DB) func(http.Handler) http.Handler { username, password, ok := r.BasicAuth() if !ok { w.Header().Set("WWW-Authenticate", `Basic realm="tfstated", charset="UTF-8"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) + helpers.ErrorResponse(w, http.StatusUnauthorized, fmt.Errorf("Unauthorized")) return } account, err := db.LoadAccountByUsername(username) if err != nil { - http.Error(w, "Internal Server Error", http.StatusInternalServerError) + helpers.ErrorResponse(w, http.StatusInternalServerError, err) return } - if account == nil { - http.Error(w, "Forbidden", http.StatusForbidden) - return - } - if !account.CheckPassword(password) { - http.Error(w, "Forbidden", http.StatusForbidden) + if account == nil || !account.CheckPassword(password) { + helpers.ErrorResponse(w, http.StatusForbidden, fmt.Errorf("Forbidden")) return } now := time.Now().UTC() _, err = db.Exec(`UPDATE accounts SET last_login = ? WHERE id = ?`, now.Unix(), account.Id) if err != nil { - http.Error(w, "Internal Server Error", http.StatusInternalServerError) + helpers.ErrorResponse(w, http.StatusInternalServerError, err) return } ctx := context.WithValue(r.Context(), model.AccountContextKey{}, account) |