refactor(server/api): migrate auth/me handlers to writeErr(err) (T3a)

This commit is contained in:
2026-05-07 20:25:26 -04:00
parent 58766dbebe
commit e382b0d718
9 changed files with 66 additions and 56 deletions
+8 -7
View File
@@ -9,6 +9,7 @@ import (
"github.com/jackc/pgx/v5"
"git.fabledsword.com/bvandeusen/minstrel/internal/apierror"
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
)
@@ -61,11 +62,11 @@ func sessionTokenFromHTTP(r *http.Request) string {
func (h *handlers) handleLogin(w http.ResponseWriter, r *http.Request) {
var req LoginRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid JSON body")
writeErr(w, apierror.BadRequest("bad_request", "invalid JSON body"))
return
}
if req.Username == "" || req.Password == "" {
writeErr(w, http.StatusBadRequest, "bad_request", "username and password required")
writeErr(w, apierror.BadRequest("bad_request", "username and password required"))
return
}
@@ -73,22 +74,22 @@ func (h *handlers) handleLogin(w http.ResponseWriter, r *http.Request) {
user, err := q.GetUserByUsername(r.Context(), req.Username)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeErr(w, http.StatusUnauthorized, "invalid_credentials", "invalid username or password")
writeErr(w, apierror.Unauthorized("invalid_credentials", "invalid username or password"))
return
}
h.logger.Error("api: user lookup failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed")
writeErr(w, apierror.InternalMsg("lookup failed", err))
return
}
if !auth.VerifyPassword(user.PasswordHash, req.Password) {
writeErr(w, http.StatusUnauthorized, "invalid_credentials", "invalid username or password")
writeErr(w, apierror.Unauthorized("invalid_credentials", "invalid username or password"))
return
}
token, err := auth.MintSessionToken()
if err != nil {
h.logger.Error("api: mint session token failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "mint failed")
writeErr(w, apierror.InternalMsg("mint failed", err))
return
}
if _, err := q.InsertSession(r.Context(), dbq.InsertSessionParams{
@@ -97,7 +98,7 @@ func (h *handlers) handleLogin(w http.ResponseWriter, r *http.Request) {
UserAgent: r.UserAgent(),
}); err != nil {
h.logger.Error("api: insert session failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "insert failed")
writeErr(w, apierror.InternalMsg("insert failed", err))
return
}