refactor(server/api): migrate auth/me handlers to writeErr(err) (T3a)

This commit is contained in:
2026-05-07 20:25:26 -04:00
parent 58766dbebe
commit e382b0d718
9 changed files with 66 additions and 56 deletions
+16 -15
View File
@@ -12,6 +12,7 @@ import (
"github.com/jackc/pgx/v5/pgconn"
"golang.org/x/crypto/bcrypt"
"git.fabledsword.com/bvandeusen/minstrel/internal/apierror"
"git.fabledsword.com/bvandeusen/minstrel/internal/audit"
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
@@ -56,15 +57,15 @@ type registerReq struct {
func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
var req registerReq
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
writeErr(w, http.StatusBadRequest, "invalid_body", "invalid JSON body")
writeErr(w, apierror.BadRequest("invalid_body", "invalid JSON body"))
return
}
if !usernameRe.MatchString(req.Username) {
writeErr(w, http.StatusBadRequest, "username_invalid", "username must be 3-32 chars, alphanumeric + underscore + hyphen")
writeErr(w, apierror.BadRequest("username_invalid", "username must be 3-32 chars, alphanumeric + underscore + hyphen"))
return
}
if len(req.Password) < minPasswordLength {
writeErr(w, http.StatusBadRequest, "password_too_short", "password must be at least 8 chars")
writeErr(w, apierror.BadRequest("password_too_short", "password must be at least 8 chars"))
return
}
@@ -74,7 +75,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
userCount, err := q.CountUsers(r.Context())
if err != nil {
h.logger.Error("register: count users failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
@@ -84,12 +85,12 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
mode, err := q.GetRegistrationMode(r.Context())
if err != nil {
h.logger.Error("register: get mode failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
if mode == "invite_only" {
if req.InviteToken == "" {
writeErr(w, http.StatusBadRequest, "invite_required", "an invite token is required to register")
writeErr(w, apierror.BadRequest("invite_required", "an invite token is required to register"))
return
}
// Pre-validate existence + non-redeemed + non-expired so we fail
@@ -97,15 +98,15 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
invite, ierr := q.GetInviteByToken(r.Context(), req.InviteToken)
if ierr != nil {
if errors.Is(ierr, pgx.ErrNoRows) {
writeErr(w, http.StatusBadRequest, "invite_invalid", "invite token not found")
writeErr(w, apierror.BadRequest("invite_invalid", "invite token not found"))
return
}
h.logger.Error("register: get invite failed", "err", ierr)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(ierr))
return
}
if invite.RedeemedAt.Valid || invite.ExpiresAt.Time.Before(time.Now()) {
writeErr(w, http.StatusBadRequest, "invite_invalid", "invite token is expired or already redeemed")
writeErr(w, apierror.BadRequest("invite_invalid", "invite token is expired or already redeemed"))
return
}
usedInviteToken = req.InviteToken
@@ -116,7 +117,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
hash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
if err != nil {
h.logger.Error("register: hash password failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
@@ -124,7 +125,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
apiToken, err := auth.MintSessionToken()
if err != nil {
h.logger.Error("register: mint api_token failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
@@ -138,11 +139,11 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
if err != nil {
var pgErr *pgconn.PgError
if errors.As(err, &pgErr) && pgErr.Code == pgerrcode.UniqueViolation {
writeErr(w, http.StatusConflict, "username_taken", "username is already taken")
writeErr(w, apierror.Conflict("username_taken", "username is already taken"))
return
}
h.logger.Error("register: create user failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
@@ -167,7 +168,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
sessionToken, err := auth.MintSessionToken()
if err != nil {
h.logger.Error("register: mint session failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
if _, err := q.InsertSession(r.Context(), dbq.InsertSessionParams{
@@ -176,7 +177,7 @@ func (h *handlers) handleRegister(w http.ResponseWriter, r *http.Request) {
UserAgent: r.UserAgent(),
}); err != nil {
h.logger.Error("register: insert session failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErr(w, apierror.Internal(err))
return
}
http.SetCookie(w, &http.Cookie{