50 lines
1.2 KiB
Go
50 lines
1.2 KiB
Go
package controller
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"database/sql"
|
|
"encoding/base64"
|
|
"log"
|
|
"net/http"
|
|
|
|
"github.com/google/uuid"
|
|
"golang.org/x/crypto/argon2"
|
|
)
|
|
|
|
func PostSignup(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
// metrics.WithLabelValues("new").Inc()
|
|
|
|
var email = r.FormValue("email")
|
|
var password = r.FormValue("password")
|
|
|
|
if email == "" || password == "" {
|
|
http.Error(w, "Missing required fields", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
salt := make([]byte, 16)
|
|
rand.Read(salt)
|
|
|
|
hash := argon2.IDKey([]byte(password), salt, 1, 64*1024, 1, 16)
|
|
hashStr := base64.StdEncoding.EncodeToString(hash)
|
|
|
|
user_uuid, err := uuid.NewRandom()
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
log.Printf("Could not generate UUID: %v", err)
|
|
return
|
|
}
|
|
|
|
_, err = db.Exec("INSERT INTO user (user_uuid, email, email_verified, is_admin, password, salt, created_at) VALUES (?, ?, FALSE, FALSE, ?, ?, CURRENT_DATE)", user_uuid, email, hash, salt)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
log.Printf("Could not insert user: %v", err)
|
|
return
|
|
}
|
|
|
|
w.WriteHeader(http.StatusCreated)
|
|
w.Write([]byte(hashStr))
|
|
}
|
|
}
|