D auth.go

@@ -1,43 +0,0 @@
-package main
-
-import (
-	"bufio"
-	"fmt"
-	"golang.org/x/crypto/bcrypt"
-	"os"
-	"strings"
-)
-
-func addUser(username string, password string) error {
-	file, err := os.OpenFile(c.PasswdFile, os.O_APPEND|os.O_CREATE, 0644)
-	if err != nil {
-		return err
-	}
-	defer file.Close()
-	hash, err := bcrypt.GenerateFromPassword([]byte(password), -1)
-	if err != nil {
-		return err
-	}
-	newUser := fmt.Sprintf("%s:%s\n", username, hash)
-	file.WriteString(newUser)
-	return nil
-}
-func checkAuth(username string, password string) error {
-	file, err := os.OpenFile(c.PasswdFile, os.O_CREATE, 0644)
-	if err != nil {
-		return err
-	}
-	defer file.Close()
-	scanner := bufio.NewScanner(file)
-	for scanner.Scan() {
-		line := scanner.Text()
-		parts := strings.Split(line, ":")
-		if len(parts) != 2 {
-			return fmt.Errorf("malformed line, no colon: %s", line)
-		}
-		if username == parts[0] {
-			return bcrypt.CompareHashAndPassword([]byte(parts[1]), []byte(password))
-		}
-	}
-	return fmt.Errorf("User not found")
-}

M http.go → http.go

@@ -192,10 +192,13 @@ } else if r.Method == "POST" {
 		r.ParseForm()
 		name := r.Form.Get("username")
 		password := r.Form.Get("password")
-		err := checkAuth(name, password)
-		if err == nil {
+		row := DB.QueryRow("SELECT password_hash FROM user where username = $1", name)
+		var db_password []byte
+		_ = row.Scan(&db_password)
+		if bcrypt.CompareHashAndPassword(db_password, []byte(password)) == nil {
 			log.Println("logged in")
-			// redirect home
+			// create session
+			http.Redirect(w, r, "/", 302)
 		} else {
 			data := struct {
 				Error     string
@@ -208,10 +211,6 @@ renderError(w, InternalServerErrorMsg, 500)
 				return
 			}
 		}
-		// create session
-		// redirect home
-		// verify login
-		// check for errors
 	}
 }