forked from jriou/coller
feat: Encode password
Fixes #38. Signed-off-by: Julien Riou <julien@riou.xyz>
This commit is contained in:
parent
f721e56371
commit
de24146991
GPG key ID:
9A099EDA51316854
7 changed files with 42 additions and 20 deletions
|
|
@ -28,6 +28,8 @@ func apiError(level int, w http.ResponseWriter, logger *slog.Logger, topLevelErr
|
|||
// Wrap error for logging
|
||||
if err != nil {
|
||||
err = fmt.Errorf("%v: %w", topLevelErr, err)
|
||||
} else {
|
||||
err = topLevelErr
|
||||
}
|
||||
logger.Error(fmt.Sprintf("%v", err))
|
||||
|
||||
|
|
@ -106,13 +108,18 @@ func (h *CreateNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
content, err := internal.Decode(body.Content)
|
||||
|
||||
if err != nil {
|
||||
APIError(w, logger, ErrCouldNotDecodeContent, err)
|
||||
return
|
||||
}
|
||||
|
||||
note, err := h.db.Create(content, body.Password, body.EncryptionKey, body.Encrypted, body.Expiration, body.DeleteAfterRead, body.Language)
|
||||
password, err := internal.Decode(body.Password)
|
||||
if err != nil {
|
||||
APIError(w, logger, ErrCouldNotDecodePassword, err)
|
||||
return
|
||||
}
|
||||
|
||||
note, err := h.db.Create(content, password, body.EncryptionKey, body.Encrypted, body.Expiration, body.DeleteAfterRead, body.Language)
|
||||
if err != nil {
|
||||
APIError(w, logger, ErrCouldNotCreateNote, err)
|
||||
return
|
||||
|
|
@ -143,9 +150,9 @@ func (h *GetNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||
if err != nil {
|
||||
APIError(w, logger, ErrCouldNotFindNote, err)
|
||||
} else if note == nil {
|
||||
APIErrorNotFound(w, logger, ErrNoteDoesNotExist, err)
|
||||
APIErrorNotFound(w, logger, ErrNoteDoesNotExist, nil)
|
||||
} else if note.PasswordHash != nil {
|
||||
APIErrorBadRequest(w, logger, ErrNoteIsPasswordProtected, err)
|
||||
APIErrorBadRequest(w, logger, ErrNoteIsPasswordProtected, nil)
|
||||
} else {
|
||||
if note.Encrypted {
|
||||
w.Header().Set("Content-Type", "application/octet-stream")
|
||||
|
|
@ -209,7 +216,7 @@ func (h *GetProtectedNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Reque
|
|||
if len(note.PasswordHash) > 0 {
|
||||
err := bcrypt.CompareHashAndPassword(note.PasswordHash, []byte(body.Password))
|
||||
if err != nil {
|
||||
APIError(w, logger, ErrInvalidPassword, err)
|
||||
APIErrorBadRequest(w, logger, ErrInvalidPassword, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue