commit 5d8a7e046625a5551aacbb3f40b8b94e87a859b7
parent cf7acdfdde0364c1a0ccd3a55b6f7bd7103f0624
Author: Sigrid Solveig Haflínudóttir <ftrvxmtrx@gmail.com>
Date: Wed, 12 Jan 2022 00:05:07 +0100
server: simplify login error handling and remove non-working redirection to index (WriteHeader called twice)
Diffstat:
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/server/server.go b/server/server.go
@@ -197,14 +197,11 @@ func (h RequestHandler) LoginRoute(res http.ResponseWriter, req *http.Request) {
// * hash received password and compare to stored hash
passwordHash, userid, err := h.db.GetPasswordHash(username)
// make sure user exists
- if err = ed.Eout(err, "getting password hash and uid"); err != nil {
- fmt.Println(err)
- h.renderView(res, "login", TemplateData{LoginData{FailedAttempt: true}, loggedIn, ""})
- IndexRedirect(res, req)
- return
+ if err = ed.Eout(err, "getting password hash and uid"); err == nil && !crypto.ValidatePasswordHash(password, passwordHash) {
+ err = errors.New("incorrect password")
}
- if !crypto.ValidatePasswordHash(password, passwordHash) {
- fmt.Println("incorrect password!")
+ if err != nil {
+ fmt.Println(err)
h.renderView(res, "login", TemplateData{LoginData{FailedAttempt: true}, loggedIn, ""})
return
}
