package Auth import ( "encoding/json" "net/http" "time" "git.tovijaeschke.xyz/tovi/SuddenImpactRecords/Database" "git.tovijaeschke.xyz/tovi/SuddenImpactRecords/Models" "github.com/gofrs/uuid" ) type Credentials struct { Email string `json:"email"` Password string `json:"password"` } func Login(w http.ResponseWriter, r *http.Request) { var ( creds Credentials userData Models.User sessionToken uuid.UUID expiresAt time.Time err error ) err = json.NewDecoder(r.Body).Decode(&creds) if err != nil { w.WriteHeader(http.StatusBadRequest) return } userData, err = Database.GetUserByEmail(creds.Email) if err != nil { w.WriteHeader(http.StatusUnauthorized) return } if !CheckPasswordHash(creds.Password, userData.Password) { w.WriteHeader(http.StatusUnauthorized) return } sessionToken, err = uuid.NewV4() if err != nil { w.WriteHeader(http.StatusInternalServerError) return } expiresAt = time.Now().Add(1 * time.Hour) Sessions[sessionToken.String()] = Session{ Username: userData.Email, Expiry: expiresAt, } http.SetCookie(w, &http.Cookie{ Name: "session_token", Value: sessionToken.String(), Expires: expiresAt, }) w.WriteHeader(http.StatusOK) }