Actually compare to users in database

2016-12-20 13:36:30 +01:00 · 2016-12-20 13:36:30 +01:00 · e955638510
commit e955638510
parent 7b235f83ad
3 changed files with 22 additions and 2 deletions
--- a/http/http.go
+++ b/http/http.go
@ -107,12 +107,18 @@ func (h *Handler) loginPost(c *gin.Context) {
 	username, _ := c.GetPostForm("username")
 	password, _ := c.GetPostForm("password")

-	if username != "jan" || password != "passwort" {
+	user, err := h.UserService.UserByUsername(username)
+	if err != nil {
 		c.AbortWithStatus(http.StatusUnauthorized)
 		return
 	}

-	t, err := h.TokenVerifier.CreateToken(username, "Jan Bader")
+	if password != user.Password {
+		c.AbortWithStatus(http.StatusUnauthorized)
+		return
+	}
+
+	t, err := h.TokenVerifier.CreateToken(user.Email, user.Name)
 	if err != nil {
 		c.AbortWithStatus(http.StatusUnauthorized)
 	}
--- a/postgres/userservice.go
+++ b/postgres/userservice.go
@ -21,6 +21,19 @@ func (s *UserService) User(id budgeteer.ID) (*budgeteer.User, error) {
 	return u, nil
 }

+// UserByUsername returns a user for a given username.
+func (s *UserService) UserByUsername(username string) (*budgeteer.User, error) {
+	u := &budgeteer.User{Email: username}
+	err := s.DB.Model(&u).
+		Where("email = ?", username).
+		Limit(1).
+		Select()
+	if err != nil {
+		return nil, err
+	}
+	return u, nil
+}
+
 // CreateUser saves a user to the DB
 func (s *UserService) CreateUser(user *budgeteer.User) error {
 	user.ID = s.IDGenerator.New()
--- a/user.go
+++ b/user.go
@ -11,6 +11,7 @@ type User struct {
 // UserService provides Methods for CRUD of Users
 type UserService interface {
 	User(id ID) (*User, error)
+	UserByUsername(username string) (*User, error)
 	//Users() ([]*User, error)
 	CreateUser(u *User) error
 	//DeleteUser(id int) error