From 2c3ab103355b616815756f1f3ba74b147a02a857 Mon Sep 17 00:00:00 2001 From: Thibaut Horel Date: Fri, 28 Dec 2018 05:57:39 -0500 Subject: Add redirect logic to login flow --- main.go | 31 ++++++++++++++++--------------- templates/login.tmpl | 1 + 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/main.go b/main.go index b459324..998791a 100644 --- a/main.go +++ b/main.go @@ -43,25 +43,26 @@ func (app *App) validateHandler(w http.ResponseWriter, r *http.Request) { func (app *App) loginHandler(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodPost { - if err := r.ParseForm(); err != nil { - panic(err) + username := r.FormValue("username") + password := r.FormValue("password") + hash := md5.Sum([]byte(password)) + dst := make([]byte, hex.EncodedLen(md5.Size)) + hex.Encode(dst, hash[:]) + u, ok := app.GetUser(username) + next := r.FormValue("next") + if ok && subtle.ConstantTimeCompare(u.Password, dst) == 1 { + http.Redirect(w, r, next, http.StatusSeeOther) } else { - username := r.Form.Get("username") - password := r.Form.Get("password") - hash := md5.Sum([]byte(password)) - dst := make([]byte, hex.EncodedLen(md5.Size)) - hex.Encode(dst, hash[:]) - u, ok := app.GetUser(username) - if ok && subtle.ConstantTimeCompare(u.Password, dst) == 1 { - - } else { - - } + app.Template.ExecuteTemplate(w, "login.tmpl", struct { + Next string + }{next}) } } else if r.Method == http.MethodGet { - app.Template.ExecuteTemplate(w, "login.tmpl", nil) + next := r.FormValue("next") + app.Template.ExecuteTemplate(w, "login.tmpl", struct { + Next string + }{next}) } - } func main() { diff --git a/templates/login.tmpl b/templates/login.tmpl index 28529a7..67d0000 100644 --- a/templates/login.tmpl +++ b/templates/login.tmpl @@ -29,6 +29,7 @@ button:hover {background-color: #1967be; border-color: #1862b5} +
-- cgit v1.2.3-70-g09d2