diff options
Diffstat (limited to 'main.go')
| -rw-r--r-- | main.go | 31 |
1 files changed, 16 insertions, 15 deletions
@@ -43,25 +43,26 @@ func (app *App) validateHandler(w http.ResponseWriter, r *http.Request) { func (app *App) loginHandler(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodPost { - if err := r.ParseForm(); err != nil { - panic(err) + username := r.FormValue("username") + password := r.FormValue("password") + hash := md5.Sum([]byte(password)) + dst := make([]byte, hex.EncodedLen(md5.Size)) + hex.Encode(dst, hash[:]) + u, ok := app.GetUser(username) + next := r.FormValue("next") + if ok && subtle.ConstantTimeCompare(u.Password, dst) == 1 { + http.Redirect(w, r, next, http.StatusSeeOther) } else { - username := r.Form.Get("username") - password := r.Form.Get("password") - hash := md5.Sum([]byte(password)) - dst := make([]byte, hex.EncodedLen(md5.Size)) - hex.Encode(dst, hash[:]) - u, ok := app.GetUser(username) - if ok && subtle.ConstantTimeCompare(u.Password, dst) == 1 { - - } else { - - } + app.Template.ExecuteTemplate(w, "login.tmpl", struct { + Next string + }{next}) } } else if r.Method == http.MethodGet { - app.Template.ExecuteTemplate(w, "login.tmpl", nil) + next := r.FormValue("next") + app.Template.ExecuteTemplate(w, "login.tmpl", struct { + Next string + }{next}) } - } func main() { |