MCPcopy
hub / github.com/usefathom/fathom / CreateSession

Method CreateSession

pkg/api/auth.go:50–79  ·  view source on GitHub ↗

URL: POST /api/session

(w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

48
49// URL: POST /api/session
50func (api *API) CreateSession(w http.ResponseWriter, r *http.Request) error {
51 // check login creds
52 var l login
53 err := json.NewDecoder(r.Body).Decode(&l)
54 if err != nil {
55 return err
56 }
57 l.Sanitize()
58
59 // find user with given email
60 u, err := api.database.GetUserByEmail(l.Email)
61 if err != nil && err != datastore.ErrNoResults {
62 return err
63 }
64
65 // compare pwd
66 if err == datastore.ErrNoResults || u.ComparePassword(l.Password) != nil {
67 return respond(w, http.StatusUnauthorized, envelope{Error: "invalid_credentials"})
68 }
69
70 // ignore error here as we want a (new) session regardless
71 session, _ := api.sessions.Get(r, "auth")
72 session.Values["user_id"] = u.ID
73 err = session.Save(r, w)
74 if err != nil {
75 return err
76 }
77
78 return respond(w, http.StatusOK, envelope{Data: true})
79}
80
81// URL: DELETE /api/session
82func (api *API) DeleteSession(w http.ResponseWriter, r *http.Request) error {

Callers

nothing calls this directly

Calls 4

SanitizeMethod · 0.95
respondFunction · 0.85
ComparePasswordMethod · 0.80
GetUserByEmailMethod · 0.65

Tested by

no test coverage detected