Added ability to login

cmd/data/db.go

@@ -64,21 +64,46 @@ func (db *DB) AddUser(user, pass, first, last string, writer, editor, admin bool
 	return nil
 }
 
-func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
-	var oldHashedPass string
+func (db *DB) GetID(user string) (int64, error) {
+	var id int64
 
-	selectQuery := `
+	query := `
+    SELECT id FROM
+        users
+    WHERE
+        username = ?
+    `
+	row := db.QueryRow(query, user)
+	if err := row.Scan(&id); err != nil {
+		return 0, fmt.Errorf("user not in DB: %v", err)
+	}
+
+	return id, nil
+}
+
+func (db *DB) CheckPassword(id int64, pass string) error {
+	var queriedPass string
+
+	query := `
     SELECT password FROM
         users
     WHERE
         id = ?
     `
-	row := db.QueryRow(selectQuery, id)
-	if err := row.Scan(&oldHashedPass); err != nil {
+	row := db.QueryRow(query, id)
+	if err := row.Scan(&queriedPass); err != nil {
 		return fmt.Errorf("error reading password from DB: %v", err)
 	}
 
-	if err := bcrypt.CompareHashAndPassword([]byte(oldHashedPass), []byte(oldPass)); err != nil {
+	if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
+		return fmt.Errorf("incorrect password: %v", err)
+	}
+
+	return nil
+}
+
+func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
+	if err := db.CheckPassword(id, oldPass); err != nil {
 		return fmt.Errorf("error checking password: %v", err)
 	}
 
@@ -88,9 +113,10 @@ func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
 	}
 
 	updateQuery := `
-    UPDATE users
-    SET password = ?
-    WHERE id = ?
+    UPDATE users SET
+        password = ?
+    WHERE
+        id = ?
     `
 	_, err = db.Exec(updateQuery, string(newHashedPass), id)
 	if err != nil {

cmd/data/markdown.go

@@ -1,4 +1,4 @@
-package articles
+package data
 
 import (
 	"bytes"

cmd/handlers/editor.go

@@ -1,27 +0,0 @@
-package handlers
-
-import (
-	"log"
-	"net/http"
-
-	"streifling.com/jason/cpolis/cmd/articles"
-	"streifling.com/jason/cpolis/cmd/feed"
-)
-
-func HandleFinishedEdit(f *feed.Feed) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		title := r.PostFormValue("editor-title")
-		desc := r.PostFormValue("editor-desc")
-		mdContent := r.PostFormValue("editor-text")
-
-		content, err := articles.ConvertToHTML(mdContent)
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			log.Panicln(err)
-		}
-
-		feed.AddToFeed(f, title, desc, content)
-		feed.SaveFeed(f, "tmp/rss.gob")
-		// template.Must(template.ParseFiles("web/templates/editor.html")).ExecuteTemplate(w, "html-result", rssItem)
-	}
-}

cmd/ui/ui.go

@@ -0,0 +1,47 @@
+package ui
+
+import (
+	"html/template"
+	"log"
+	"net/http"
+
+	"streifling.com/jason/cpolis/cmd/data"
+	"streifling.com/jason/cpolis/cmd/feed"
+)
+
+func HandleLogin(db *data.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user := r.PostFormValue("username")
+		pass := r.PostFormValue("password")
+
+		id, err := db.GetID(user)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			// TODO: und nun?
+		}
+
+		if err := db.CheckPassword(id, pass); err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+		} else {
+			template.Must(template.ParseFiles("web/templates/editor.html")).ExecuteTemplate(w, "page-content", nil)
+		}
+	}
+}
+
+func HandleFinishedEdit(f *feed.Feed) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		title := r.PostFormValue("editor-title")
+		desc := r.PostFormValue("editor-desc")
+		mdContent := r.PostFormValue("editor-text")
+
+		content, err := data.ConvertToHTML(mdContent)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			log.Panicln(err)
+		}
+
+		feed.AddToFeed(f, title, desc, content)
+		feed.SaveFeed(f, "tmp/rss.gob")
+		// template.Must(template.ParseFiles("web/templates/editor.html")).ExecuteTemplate(w, "html-result", rssItem)
+	}
+}