From 93dfe2be64e8658839bcfe5356adf35f8cde7075 Mon Sep 17 00:00:00 2001
From: Nicolas James <Eele1Ephe7uZahRie@tutanota.com>
Date: Thu, 13 Feb 2025 18:04:18 +1100
Subject: initial commit

---
 src/server/handlers/login.go | 55 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 src/server/handlers/login.go

(limited to 'src/server/handlers/login.go')

diff --git a/src/server/handlers/login.go b/src/server/handlers/login.go
new file mode 100644
index 0000000..745e64a
--- /dev/null
+++ b/src/server/handlers/login.go
@@ -0,0 +1,55 @@
+package handlers
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"server/database"
+	"server/helper"
+)
+
+type loginRequest struct {
+	Email    string
+	Password string
+}
+
+func Login(writer http.ResponseWriter, request *http.Request) {
+	if request.Method != "POST" {
+		helper.WriteErrorJson("expected POST method", writer, http.StatusBadRequest)
+		return
+	}
+
+	var login_request loginRequest
+	err := json.NewDecoder(request.Body).Decode(&login_request)
+	if err != nil {
+		helper.WriteErrorJson(err.Error(), writer, http.StatusBadRequest)
+		return
+	}
+
+	user, err := database.MaybeGetUser(login_request.Email)
+	if err != nil {
+		helper.WriteInternalErrorJson(err, writer)
+		return
+	}
+	if user == nil {
+		helper.WriteErrorJson("incorrect email or password", writer, http.StatusForbidden)
+		return
+	}
+
+	hash, err := helper.GenerateHash(login_request.Password, user.Password_salt)
+	if err != nil {
+		helper.WriteInternalErrorJson(err, writer)
+		return
+	}
+	if hash != user.Password_hash {
+		helper.WriteErrorJson("incorrect email or password", writer, http.StatusForbidden)
+		return
+	}
+
+	// Login is successful, issue a valid jwt.
+	err = helper.IssueToken(user.Uid, writer)
+	if err != nil {
+		helper.WriteInternalErrorJson(err, writer)
+		return
+	}
+}
-- 
cgit v1.2.3