cerca

lean forum software (pmc local branch)
Log | Files | Refs | README | LICENSE
commit 353ffd85e9390780c2f1671aa32c95c1e003e785
parent 0a230e8f22602082a750526fe70a81784dd073f0
Author: Alexander Cobleigh <cblgh@cblgh.org>
Date:   Wed, 12 Jan 2022 10:15:28 +0100

Merge pull request #5 from ftrvxmtrx/sigrid

server: simplify login error handling and remove non-working redirection to index
Diffstat:

Mcrypto/crypto.go | 2+-


Mdatabase/database.go | 2+-


Mrun.go | 4++--


Mserver/server.go | 13+++++--------


Mserver/session/session.go | 2+-


5 files changed, 10 insertions(+), 13 deletions(-)

diff --git a/crypto/crypto.go b/crypto/crypto.go
@@ -1,12 +1,12 @@
 package crypto
 
 import (
+	"cerca/util"
 	"crypto/ed25519"
 	crand "crypto/rand"
 	"encoding/binary"
 	"encoding/json"
 	"fmt"
-	"cerca/util"
 	"github.com/synacor/argon2id"
 	rand "math/rand"
 )
diff --git a/database/database.go b/database/database.go
@@ -1,10 +1,10 @@
 package database
 
 import (
+	"cerca/util"
 	"context"
 	"database/sql"
 	"fmt"
-	"cerca/util"
 	"html/template"
 	"log"
 	"net/url"
diff --git a/run.go b/run.go
@@ -1,10 +1,10 @@
 package main
 
 import (
-	"flag"
-	"fmt"
 	"cerca/server"
 	"cerca/util"
+	"flag"
+	"fmt"
 	"os"
 	"strings"
 )
diff --git a/server/server.go b/server/server.go
@@ -205,14 +205,11 @@ func (h RequestHandler) LoginRoute(res http.ResponseWriter, req *http.Request) {
 		// * hash received password and compare to stored hash
 		passwordHash, userid, err := h.db.GetPasswordHash(username)
 		// make sure user exists
-		if err = ed.Eout(err, "getting password hash and uid"); err != nil {
-			fmt.Println(err)
-			h.renderView(res, "login", TemplateData{LoginData{FailedAttempt: true}, loggedIn, ""})
-			IndexRedirect(res, req)
-			return
+		if err = ed.Eout(err, "getting password hash and uid"); err == nil && !crypto.ValidatePasswordHash(password, passwordHash) {
+			err = errors.New("incorrect password")
 		}
-		if !crypto.ValidatePasswordHash(password, passwordHash) {
-			fmt.Println("incorrect password!")
+		if err != nil {
+			fmt.Println(err)
 			h.renderView(res, "login", TemplateData{LoginData{FailedAttempt: true}, loggedIn, ""})
 			return
 		}
@@ -375,7 +372,7 @@ func (h RequestHandler) AboutRoute(res http.ResponseWriter, req *http.Request) {
 }
 
 func (h RequestHandler) RobotsRoute(res http.ResponseWriter, req *http.Request) {
-  fmt.Fprintln(res, "User-agent: *\nDisallow: /")
+	fmt.Fprintln(res, "User-agent: *\nDisallow: /")
 }
 
 func (h RequestHandler) NewThreadRoute(res http.ResponseWriter, req *http.Request) {
diff --git a/server/session/session.go b/server/session/session.go
@@ -27,9 +27,9 @@ USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
 import (
+	"cerca/util"
 	"errors"
 	"fmt"
-	"cerca/util"
 	"net/http"
 
 	"github.com/gorilla/sessions"