From 8f2e2cd5f6230caf91ec36fdd19ceb615227576b Mon Sep 17 00:00:00 2001
From: Niko Abeler <niko@rerere.org>
Date: Sun, 4 Dec 2022 19:48:46 +0100
Subject: [PATCH] show wrong password hint

---
 cmd/owl/web/editor_handler.go | 14 +++++++-------
 cmd/owl/web/editor_test.go    |  2 +-
 embed/editor/login.html       |  7 +++++++
 renderer.go                   |  4 +++-
 4 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/cmd/owl/web/editor_handler.go b/cmd/owl/web/editor_handler.go
index f493a13..b07e032 100644
--- a/cmd/owl/web/editor_handler.go
+++ b/cmd/owl/web/editor_handler.go
@@ -60,7 +60,11 @@ func userLoginGetHandler(repo *owl.Repository) func(http.ResponseWriter, *http.R
 			return
 		}
 		csrfToken := setCSRFCookie(w)
-		html, err := owl.RenderLoginPage(user, csrfToken)
+
+		// get error from query
+		error_type := r.URL.Query().Get("error")
+
+		html, err := owl.RenderLoginPage(user, error_type, csrfToken)
 		if err != nil {
 			println("Error rendering login page: ", err.Error())
 			w.WriteHeader(http.StatusInternalServerError)
@@ -107,12 +111,8 @@ func userLoginPostHandler(repo *owl.Repository) func(http.ResponseWriter, *http.
 		}
 
 		password := r.Form.Get("password")
-		if password == "" {
-			userLoginGetHandler(repo)(w, r, ps)
-			return
-		}
-		if !user.VerifyPassword(password) {
-			userLoginGetHandler(repo)(w, r, ps)
+		if password == "" || !user.VerifyPassword(password) {
+			http.Redirect(w, r, user.EditorLoginUrl()+"?error=wrong_password", http.StatusFound)
 			return
 		}
 
diff --git a/cmd/owl/web/editor_test.go b/cmd/owl/web/editor_test.go
index de5cb65..7c5878a 100644
--- a/cmd/owl/web/editor_test.go
+++ b/cmd/owl/web/editor_test.go
@@ -56,7 +56,7 @@ func TestLoginWrongPassword(t *testing.T) {
 
 	// check redirect to login page
 
-	assertions.AssertNotEqual(t, rr.Header().Get("Location"), user.EditorUrl())
+	assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorLoginUrl()+"?error=wrong_password")
 }
 
 func TestLoginCorrectPassword(t *testing.T) {
diff --git a/embed/editor/login.html b/embed/editor/login.html
index f42eb23..f3e7dc4 100644
--- a/embed/editor/login.html
+++ b/embed/editor/login.html
@@ -1,3 +1,10 @@
+{{ if eq .Error "wrong_password" }}
+<article style="background-color: #dd867f;color: #481212;padding: 1em;">
+    Wrong Password
+</article>
+{{ end }}
+
+
 <form action="" method="post">
     <h2>Login to Editor</h2>
     <input type="hidden" name="csrf_token" value="{{.CsrfToken}}">
diff --git a/renderer.go b/renderer.go
index 16ad26b..b2f7d85 100644
--- a/renderer.go
+++ b/renderer.go
@@ -37,6 +37,7 @@ type AuthRequestData struct {
 
 type EditorViewData struct {
 	User      User
+	Error     string
 	CsrfToken string
 }
 
@@ -210,9 +211,10 @@ func RenderUserList(repo Repository) (string, error) {
 	return renderTemplateStr([]byte(baseTemplate), data)
 }
 
-func RenderLoginPage(user User, csrfToken string) (string, error) {
+func RenderLoginPage(user User, error_type string, csrfToken string) (string, error) {
 	loginHtml, err := renderEmbedTemplate("embed/editor/login.html", EditorViewData{
 		User:      user,
+		Error:     error_type,
 		CsrfToken: csrfToken,
 	})
 	if err != nil {