cleanup code, redirect to auth page when need

2026-04-23 09:18:51 +02:00 · 2025-01-13 07:15:29 +08:00
parent ef277ef57f
commit 76fe5345d8
11 changed files with 113 additions and 109 deletions
--- a/internal/api/v1/auth/userpass.go
+++ b/internal/api/v1/auth/userpass.go
@@ -0,0 +1,45 @@
+package auth
+
+import (
+	"bytes"
+	"encoding/json"
+	"net/http"
+
+	U "github.com/yusing/go-proxy/internal/api/v1/utils"
+	"github.com/yusing/go-proxy/internal/common"
+	E "github.com/yusing/go-proxy/internal/error"
+)
+
+var (
+	ErrInvalidUsername = E.New("invalid username")
+	ErrInvalidPassword = E.New("invalid password")
+)
+
+func validatePassword(cred *Credentials) error {
+	if cred.Username != common.APIUser {
+		return ErrInvalidUsername.Subject(cred.Username)
+	}
+	if !bytes.Equal(common.HashPassword(cred.Password), common.APIPasswordHash) {
+		return ErrInvalidPassword.Subject(cred.Password)
+	}
+	return nil
+}
+
+// UserPassLoginHandler handles user login.
+func UserPassLoginHandler(w http.ResponseWriter, r *http.Request) {
+	var creds Credentials
+	err := json.NewDecoder(r.Body).Decode(&creds)
+	if err != nil {
+		U.HandleErr(w, r, err, http.StatusBadRequest)
+		return
+	}
+	if err := validatePassword(&creds); err != nil {
+		U.HandleErr(w, r, err, http.StatusUnauthorized)
+		return
+	}
+	if err := setAuthenticatedCookie(w, creds.Username); err != nil {
+		U.HandleErr(w, r, err, http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}