refactor: ensure we set a cookie, auth header and json response in both login and otp validate
This commit is contained in:
parent
e380dacced
commit
e11340ad2b
|
@ -5,6 +5,7 @@ import (
|
|||
"crypto/ed25519"
|
||||
_ "embed"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"git.lumeweb.com/LumeWeb/portal/api/swagger"
|
||||
|
||||
|
@ -103,13 +104,22 @@ func (a AccountAPI) login(jc jape.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
jwt, _, err := a.accounts.LoginPassword(request.Email, request.Password, jc.Request.RemoteAddr)
|
||||
jwt, user, err := a.accounts.LoginPassword(request.Email, request.Password, jc.Request.RemoteAddr)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
http.SetCookie(jc.ResponseWriter, &http.Cookie{
|
||||
Name: "jwt",
|
||||
Value: jwt,
|
||||
Expires: time.Now().Add(24 * time.Hour),
|
||||
HttpOnly: true,
|
||||
})
|
||||
account.SendJWT(jc, jwt)
|
||||
|
||||
jc.Encode(&LoginResponse{
|
||||
Token: jwt,
|
||||
Otp: user.OTPEnabled && user.OTPVerified,
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -199,7 +209,18 @@ func (a AccountAPI) otpValidate(jc jape.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
http.SetCookie(jc.ResponseWriter, &http.Cookie{
|
||||
Name: "jwt",
|
||||
Value: jwt,
|
||||
Expires: time.Now().Add(24 * time.Hour),
|
||||
HttpOnly: true,
|
||||
})
|
||||
account.SendJWT(jc, jwt)
|
||||
|
||||
jc.Encode(&LoginResponse{
|
||||
Token: jwt,
|
||||
Otp: false,
|
||||
})
|
||||
}
|
||||
|
||||
func (a AccountAPI) otpDisable(jc jape.Context) {
|
||||
|
|
|
@ -7,6 +7,7 @@ type LoginRequest struct {
|
|||
|
||||
type LoginResponse struct {
|
||||
Token string `json:"token"`
|
||||
Otp bool `json:"otp"`
|
||||
}
|
||||
|
||||
type RegisterRequest struct {
|
||||
|
|
Loading…
Reference in New Issue