refactor(server/api): migrate auth/me handlers to writeErr(err) (T3a)
This commit is contained in:
@@ -12,6 +12,7 @@ import (
|
||||
"github.com/jackc/pgx/v5/pgconn"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
|
||||
"git.fabledsword.com/bvandeusen/minstrel/internal/apierror"
|
||||
"git.fabledsword.com/bvandeusen/minstrel/internal/audit"
|
||||
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
|
||||
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
|
||||
@@ -56,15 +57,15 @@ type registerReq struct {
|
||||
func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
var req registerReq
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
writeErr(w, http.StatusBadRequest, "invalid_body", "invalid JSON body")
|
||||
writeErr(w, apierror.BadRequest("invalid_body", "invalid JSON body"))
|
||||
return
|
||||
}
|
||||
if !usernameRe.MatchString(req.Username) {
|
||||
writeErr(w, http.StatusBadRequest, "username_invalid", "username must be 3-32 chars, alphanumeric + underscore + hyphen")
|
||||
writeErr(w, apierror.BadRequest("username_invalid", "username must be 3-32 chars, alphanumeric + underscore + hyphen"))
|
||||
return
|
||||
}
|
||||
if len(req.Password) < minPasswordLength {
|
||||
writeErr(w, http.StatusBadRequest, "password_too_short", "password must be at least 8 chars")
|
||||
writeErr(w, apierror.BadRequest("password_too_short", "password must be at least 8 chars"))
|
||||
return
|
||||
}
|
||||
|
||||
@@ -74,7 +75,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
userCount, err := q.CountUsers(r.Context())
|
||||
if err != nil {
|
||||
h.logger.Error("register: count users failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
|
||||
@@ -84,12 +85,12 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
mode, err := q.GetRegistrationMode(r.Context())
|
||||
if err != nil {
|
||||
h.logger.Error("register: get mode failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
if mode == "invite_only" {
|
||||
if req.InviteToken == "" {
|
||||
writeErr(w, http.StatusBadRequest, "invite_required", "an invite token is required to register")
|
||||
writeErr(w, apierror.BadRequest("invite_required", "an invite token is required to register"))
|
||||
return
|
||||
}
|
||||
// Pre-validate existence + non-redeemed + non-expired so we fail
|
||||
@@ -97,15 +98,15 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
invite, ierr := q.GetInviteByToken(r.Context(), req.InviteToken)
|
||||
if ierr != nil {
|
||||
if errors.Is(ierr, pgx.ErrNoRows) {
|
||||
writeErr(w, http.StatusBadRequest, "invite_invalid", "invite token not found")
|
||||
writeErr(w, apierror.BadRequest("invite_invalid", "invite token not found"))
|
||||
return
|
||||
}
|
||||
h.logger.Error("register: get invite failed", "err", ierr)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(ierr))
|
||||
return
|
||||
}
|
||||
if invite.RedeemedAt.Valid || invite.ExpiresAt.Time.Before(time.Now()) {
|
||||
writeErr(w, http.StatusBadRequest, "invite_invalid", "invite token is expired or already redeemed")
|
||||
writeErr(w, apierror.BadRequest("invite_invalid", "invite token is expired or already redeemed"))
|
||||
return
|
||||
}
|
||||
usedInviteToken = req.InviteToken
|
||||
@@ -116,7 +117,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
hash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
h.logger.Error("register: hash password failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
|
||||
@@ -124,7 +125,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
apiToken, err := auth.MintSessionToken()
|
||||
if err != nil {
|
||||
h.logger.Error("register: mint api_token failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
|
||||
@@ -138,11 +139,11 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
if err != nil {
|
||||
var pgErr *pgconn.PgError
|
||||
if errors.As(err, &pgErr) && pgErr.Code == pgerrcode.UniqueViolation {
|
||||
writeErr(w, http.StatusConflict, "username_taken", "username is already taken")
|
||||
writeErr(w, apierror.Conflict("username_taken", "username is already taken"))
|
||||
return
|
||||
}
|
||||
h.logger.Error("register: create user failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
|
||||
@@ -167,7 +168,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
sessionToken, err := auth.MintSessionToken()
|
||||
if err != nil {
|
||||
h.logger.Error("register: mint session failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
if _, err := q.InsertSession(r.Context(), dbq.InsertSessionParams{
|
||||
@@ -176,7 +177,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
|
||||
UserAgent: r.UserAgent(),
|
||||
}); err != nil {
|
||||
h.logger.Error("register: insert session failed", "err", err)
|
||||
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
||||
writeErr(w, apierror.Internal(err))
|
||||
return
|
||||
}
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
|
||||
Reference in New Issue
Block a user