@@ -70,7 +70,7 @@ func (users *users) createInitialUser(rw http.ResponseWriter, r *http.Request) {
70
70
})
71
71
return
72
72
}
73
- user , err : = users .Database .GetUserByEmailOrUsername (r .Context (), database.GetUserByEmailOrUsernameParams {
73
+ _ , err = users .Database .GetUserByEmailOrUsername (r .Context (), database.GetUserByEmailOrUsernameParams {
74
74
Email : createUser .Email ,
75
75
Username : createUser .Username ,
76
76
})
@@ -91,7 +91,7 @@ func (users *users) createInitialUser(rw http.ResponseWriter, r *http.Request) {
91
91
return
92
92
}
93
93
94
- user , err = users .Database .InsertUser (context .Background (), database.InsertUserParams {
94
+ user , err : = users .Database .InsertUser (context .Background (), database.InsertUserParams {
95
95
ID : uuid .NewString (),
96
96
Email : createUser .Email ,
97
97
HashedPassword : []byte (hashedPassword ),
@@ -111,7 +111,7 @@ func (users *users) createInitialUser(rw http.ResponseWriter, r *http.Request) {
111
111
}
112
112
113
113
// Returns the currently authenticated user.
114
- func (users * users ) getAuthenticatedUser (rw http.ResponseWriter , r * http.Request ) {
114
+ func (* users ) authenticatedUser (rw http.ResponseWriter , r * http.Request ) {
115
115
user := httpmw .User (r )
116
116
117
117
render .JSON (rw , r , User {
@@ -158,11 +158,17 @@ func (users *users) loginWithPassword(rw http.ResponseWriter, r *http.Request) {
158
158
return
159
159
}
160
160
161
- id , secret , err := generateAPIKeyIDSecret ()
162
- hashed := sha256 .Sum256 ([]byte (secret ))
161
+ keyID , keySecret , err := generateAPIKeyIDSecret ()
162
+ if err != nil {
163
+ httpapi .Write (rw , http .StatusInternalServerError , httpapi.Response {
164
+ Message : fmt .Sprintf ("generate api key parts: %s" , err .Error ()),
165
+ })
166
+ return
167
+ }
168
+ hashed := sha256 .Sum256 ([]byte (keySecret ))
163
169
164
170
_ , err = users .Database .InsertAPIKey (r .Context (), database.InsertAPIKeyParams {
165
- ID : id ,
171
+ ID : keyID ,
166
172
UserID : user .ID ,
167
173
ExpiresAt : database .Now ().Add (24 * time .Hour ),
168
174
CreatedAt : database .Now (),
@@ -178,7 +184,7 @@ func (users *users) loginWithPassword(rw http.ResponseWriter, r *http.Request) {
178
184
}
179
185
180
186
// This format is consumed by the APIKey middleware.
181
- sessionToken := fmt .Sprintf ("%s-%s" , id , secret )
187
+ sessionToken := fmt .Sprintf ("%s-%s" , keyID , keySecret )
182
188
http .SetCookie (rw , & http.Cookie {
183
189
Name : httpmw .AuthCookie ,
184
190
Value : sessionToken ,
@@ -194,14 +200,14 @@ func (users *users) loginWithPassword(rw http.ResponseWriter, r *http.Request) {
194
200
}
195
201
196
202
// Generates a new ID and secret for an API key.
197
- func generateAPIKeyIDSecret () (string , string , error ) {
203
+ func generateAPIKeyIDSecret () (id string , secret string , err error ) {
198
204
// Length of an API Key ID.
199
- id , err : = cryptorand .String (10 )
205
+ id , err = cryptorand .String (10 )
200
206
if err != nil {
201
207
return "" , "" , err
202
208
}
203
209
// Length of an API Key secret.
204
- secret , err : = cryptorand .String (22 )
210
+ secret , err = cryptorand .String (22 )
205
211
if err != nil {
206
212
return "" , "" , err
207
213
}
0 commit comments