From 66d84b2b49f55e6c652816466a5c3b4202234134 Mon Sep 17 00:00:00 2001
From: Alexander Kavon <me+git@alexkavon.com>
Date: Mon, 22 Jan 2024 17:56:22 -0500
Subject: added login authentication route logic, added compareSecretToHash,
 decodeHash, hashArgon2, renamed HashSecret to hashSecret

---
 src/user/routes.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'src/user/routes.go')

diff --git a/src/user/routes.go b/src/user/routes.go
index 7cbd3fb..5399418 100644
--- a/src/user/routes.go
+++ b/src/user/routes.go
@@ -92,10 +92,26 @@ func LoginForm(s *server.Server) http.HandlerFunc {
 
 func Login(s *server.Server) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
+		r.ParseForm()
 		// look up the user from the db
+		user, err := models.Users(models.UserWhere.Username.EQ(r.PostFormValue("username"))).One(r.Context(), s.Db.ToSqlDb())
+		if err != nil {
+			log.Fatal(err)
+		}
+
 		// hash the form secret
 		// compare form hash to db hash
+		valid, err := compareSecretToHash(r.PostFormValue("secret"), user.Secret)
+		if err != nil {
+			log.Fatal(err)
+		}
+		if !valid {
+			log.Fatal("Incorrect login credentials TODO resolve with compareSecretToHash err")
+		}
+
 		// login or dont
+		sessions.NewSession(w, sessions.SessionValues{"uid": user.ID, "username": user.Username})
+		http.Redirect(w, r, "/u/me", http.StatusSeeOther)
 	}
 }
 
-- 
cgit v1.2.3