Prevent signup from UI when a user already exists
Build and Deploy / build-and-deploy (push) Successful in 1m25s
Build and Deploy / build-and-deploy (push) Successful in 1m25s
This commit is contained in:
+14
-3
@@ -54,6 +54,12 @@ type AuthHandler struct {
|
||||
}
|
||||
|
||||
func (h *AuthHandler) ServeSignup(w http.ResponseWriter, r *http.Request) {
|
||||
count, err := h.Store.UserCount()
|
||||
if err == nil && count > 0 {
|
||||
http.Redirect(w, r, "/signin", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == http.MethodGet {
|
||||
h.Tpl.Render(w, "signup", nil)
|
||||
return
|
||||
@@ -91,9 +97,14 @@ func (h *AuthHandler) ServeSignup(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
}
|
||||
|
||||
func (h *AuthHandler) hasUsers() bool {
|
||||
count, err := h.Store.UserCount()
|
||||
return err == nil && count > 0
|
||||
}
|
||||
|
||||
func (h *AuthHandler) ServeSignin(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == http.MethodGet {
|
||||
h.Tpl.Render(w, "signin", nil)
|
||||
h.Tpl.Render(w, "signin", map[string]any{"HasUser": h.hasUsers()})
|
||||
return
|
||||
}
|
||||
|
||||
@@ -103,12 +114,12 @@ func (h *AuthHandler) ServeSignin(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
user, err := h.Store.UserByEmail(email)
|
||||
if err != nil {
|
||||
h.Tpl.Render(w, "signin", map[string]string{"Error": "Invalid email or password."})
|
||||
h.Tpl.Render(w, "signin", map[string]any{"Error": "Invalid email or password.", "HasUser": h.hasUsers()})
|
||||
return
|
||||
}
|
||||
|
||||
if err := bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password)); err != nil {
|
||||
h.Tpl.Render(w, "signin", map[string]string{"Error": "Invalid email or password."})
|
||||
h.Tpl.Render(w, "signin", map[string]any{"Error": "Invalid email or password.", "HasUser": h.hasUsers()})
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user