show wrong password hint

This commit is contained in:
Niko Abeler 2022-12-04 19:48:46 +01:00
parent 668eb658b2
commit 8f2e2cd5f6
4 changed files with 18 additions and 9 deletions

View File

@ -60,7 +60,11 @@ func userLoginGetHandler(repo *owl.Repository) func(http.ResponseWriter, *http.R
return
}
csrfToken := setCSRFCookie(w)
html, err := owl.RenderLoginPage(user, csrfToken)
// get error from query
error_type := r.URL.Query().Get("error")
html, err := owl.RenderLoginPage(user, error_type, csrfToken)
if err != nil {
println("Error rendering login page: ", err.Error())
w.WriteHeader(http.StatusInternalServerError)
@ -107,12 +111,8 @@ func userLoginPostHandler(repo *owl.Repository) func(http.ResponseWriter, *http.
}
password := r.Form.Get("password")
if password == "" {
userLoginGetHandler(repo)(w, r, ps)
return
}
if !user.VerifyPassword(password) {
userLoginGetHandler(repo)(w, r, ps)
if password == "" || !user.VerifyPassword(password) {
http.Redirect(w, r, user.EditorLoginUrl()+"?error=wrong_password", http.StatusFound)
return
}

View File

@ -56,7 +56,7 @@ func TestLoginWrongPassword(t *testing.T) {
// check redirect to login page
assertions.AssertNotEqual(t, rr.Header().Get("Location"), user.EditorUrl())
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorLoginUrl()+"?error=wrong_password")
}
func TestLoginCorrectPassword(t *testing.T) {

View File

@ -1,3 +1,10 @@
{{ if eq .Error "wrong_password" }}
<article style="background-color: #dd867f;color: #481212;padding: 1em;">
Wrong Password
</article>
{{ end }}
<form action="" method="post">
<h2>Login to Editor</h2>
<input type="hidden" name="csrf_token" value="{{.CsrfToken}}">

View File

@ -37,6 +37,7 @@ type AuthRequestData struct {
type EditorViewData struct {
User User
Error string
CsrfToken string
}
@ -210,9 +211,10 @@ func RenderUserList(repo Repository) (string, error) {
return renderTemplateStr([]byte(baseTemplate), data)
}
func RenderLoginPage(user User, csrfToken string) (string, error) {
func RenderLoginPage(user User, error_type string, csrfToken string) (string, error) {
loginHtml, err := renderEmbedTemplate("embed/editor/login.html", EditorViewData{
User: user,
Error: error_type,
CsrfToken: csrfToken,
})
if err != nil {