From 45ccb1924510c86dfa835318591aa46413f0a992 Mon Sep 17 00:00:00 2001
From: Darius klein <dklei@afsgroup.nl>
Date: Fri, 9 May 2025 21:31:48 +0200
Subject: [PATCH] login refactor

---
 api/handlers/authHandler.go   | 82 +++++++++++++++++------------------
 api/handlers/errorHandlers.go |  1 +
 api/handlers/userHandler.go   |  9 ++--
 web/components/projectList.go |  4 --
 4 files changed, 46 insertions(+), 50 deletions(-)

diff --git a/api/handlers/authHandler.go b/api/handlers/authHandler.go
index 6e5c3f2..d233dc7 100644
--- a/api/handlers/authHandler.go
+++ b/api/handlers/authHandler.go
@@ -14,18 +14,14 @@ import (
 func Login(w http.ResponseWriter, r *http.Request) {
 	var u *types.LoginUser
 
-	isHtmx := r.Header.Get("HX-Request")
-
-	if isHtmx == "true" {
-		u = &types.LoginUser{
-			Email:    r.PostFormValue("email"),
-			Password: r.PostFormValue("password"),
-		}
+	if r.Header.Get("HX-Request") == "true" {
+		u = handleHtmxLogin(r)
 	} else {
-		if err := json.NewDecoder(r.Body).Decode(&u); err != nil {
-			InternalServerErrorHandler(w, err)
-			return
-		}
+		u = handleHttpLogin(w, r, u)
+	}
+
+	if u == nil {
+		return
 	}
 
 	User, err := query.GetLogin(context.Background(), u)
@@ -34,35 +30,41 @@ func Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if bcrypt.CheckPasswordHash(u.Password, User.Password) {
-
-		jwtToken := jwt.CreateUserJWT(User.Name, User.ID, string(User.Role))
-
-		if jwtToken != "" {
-
-			cookie := &http.Cookie{Name: "jwt",
-				Value: jwtToken,
-				//HttpOnly: true,
-				//Secure:   true,
-				SameSite: http.SameSiteLaxMode,
-				Expires:  time.Now().Add(24 * time.Hour),
-			}
-
-			http.SetCookie(w, cookie)
-
-			w.WriteHeader(http.StatusOK)
-			_, err = w.Write([]byte("login success"))
-			return
-		} else {
-			InternalServerErrorHandler(w, err)
-			return
-		}
-
-	} else {
+	if !bcrypt.CheckPasswordHash(u.Password, User.Password) {
 		UnauthorizedHandler(w)
-
-		println("unauthorized")
+		return
 	}
+
+	jwtToken := jwt.CreateUserJWT(User.Name, User.ID, string(User.Role))
+
+	cookie := &http.Cookie{
+		Name:     "jwt",
+		Value:    jwtToken,
+		HttpOnly: true,
+		Secure:   true,
+		SameSite: http.SameSiteLaxMode,
+		Expires:  time.Now().Add(24 * time.Hour),
+	}
+
+	http.SetCookie(w, cookie)
+
+	w.WriteHeader(http.StatusOK)
+	_, err = w.Write([]byte("login success"))
+}
+
+func handleHtmxLogin(r *http.Request) *types.LoginUser {
+	return &types.LoginUser{
+		Email:    r.PostFormValue("email"),
+		Password: r.PostFormValue("password"),
+	}
+}
+
+func handleHttpLogin(w http.ResponseWriter, r *http.Request, u *types.LoginUser) *types.LoginUser {
+	if err := json.NewDecoder(r.Body).Decode(&u); err != nil {
+		InternalServerErrorHandler(w, err)
+		return nil
+	}
+	return u
 }
 
 func CanEdit(w http.ResponseWriter, r *http.Request) {
@@ -71,14 +73,12 @@ func CanEdit(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte(""))
-		return
 	}
-	if audience == "owner" || audience == "visitor" {
+	if audience == "owner" || audience == "admin" {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte("<button class=\"button is-link\">Edit</button>"))
 	} else {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte(""))
 	}
-	return
 }
diff --git a/api/handlers/errorHandlers.go b/api/handlers/errorHandlers.go
index f788338..2b7bede 100644
--- a/api/handlers/errorHandlers.go
+++ b/api/handlers/errorHandlers.go
@@ -22,6 +22,7 @@ func UnprocessableEntityHandler(w http.ResponseWriter, err error) {
 }
 
 func UnauthorizedHandler(w http.ResponseWriter) {
+	log.Println("unauthorized")
 	setError(w, http.StatusUnauthorized, "Unauthorized")
 }
 
diff --git a/api/handlers/userHandler.go b/api/handlers/userHandler.go
index d20a2be..2f1d6ea 100644
--- a/api/handlers/userHandler.go
+++ b/api/handlers/userHandler.go
@@ -15,11 +15,11 @@ func CreateUserHandler(w http.ResponseWriter, r *http.Request) {
 
 	var u *types.RegisterUser
 
-	isHtmx := r.Header.Get("HX-Request")
-
-	if isHtmx == "true" {
+	if r.Header.Get("HX-Request") == "true" {
 		u = &types.RegisterUser{
-			Name: r.PostFormValue("name"),
+			Name:     r.PostFormValue("name"),
+			Password: r.PostFormValue("password"),
+			Email:    r.PostFormValue("email"),
 			//Role: user.Role(r.PostFormValue("role")),
 		}
 	} else {
@@ -28,7 +28,6 @@ func CreateUserHandler(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	u.Password = "123"
 	if !validate.UserIsValid(u) {
 		BadRequestHandler(w)
 		return
diff --git a/web/components/projectList.go b/web/components/projectList.go
index f6dbe27..fb4f201 100644
--- a/web/components/projectList.go
+++ b/web/components/projectList.go
@@ -69,9 +69,5 @@ func EditProject(project *ent.Project) g.Node {
 		b.Content(
 			b.Textarea(project.Description, e.Name("project_description")),
 		),
-
-		//b.CardFooter(
-		//Save(),
-		//),
 	)
 }