Handle user creation upon registration.

controllers/login.go

@@ -1,8 +1,11 @@
 package controllers
 
 import (
+	"goweb/ent/user"
 	"goweb/msg"
 
+	"golang.org/x/crypto/bcrypt"
+
 	"github.com/labstack/echo/v4"
 )
 
@@ -20,6 +23,27 @@ func (l *Login) Get(c echo.Context) error {
 }
 
 func (l *Login) Post(c echo.Context) error {
-	msg.Danger(c, "Invalid credentials. Please try again.")
+	name := c.FormValue("username")
+	pw := c.FormValue("password")
+
+	if name == "" || pw == "" {
+		msg.Warning(c, "All fields are required.")
+		return l.Get(c)
+	}
+
+	u, err := l.Container.Ent.User.
+		Query().
+		Where(user.Username(name)).
+		First(c.Request().Context())
+
+	if err != nil {
+		c.Logger().Errorf("error querying user during login: %v", err)
+	} else {
+		err = bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(pw))
+		if err != nil {
+			msg.Danger(c, "Invalid credentials. Please try again.")
+		}
+	}
+
 	return l.Get(c)
 }

controllers/register.go

@@ -3,35 +3,70 @@ package controllers
 import (
 	"goweb/msg"
 
+	"golang.org/x/crypto/bcrypt"
+
 	"github.com/labstack/echo/v4"
 )
 
-type Register struct {
-	Controller
-}
+type (
+	Register struct {
+		Controller
+		form RegisterForm
+	}
+
+	RegisterForm struct {
+		Username string `form:"username" validate:"required"`
+		Password string `form:"password" validate:"required"`
+	}
+)
 
 func (r *Register) Get(c echo.Context) error {
 	p := NewPage(c)
 	p.Layout = "auth"
 	p.Name = "register"
 	p.Title = "Register"
-	p.Data = "This is the login page"
+	p.Data = r.form
 	return r.RenderPage(c, p)
 }
 
 func (r *Register) Post(c echo.Context) error {
+	fail := func(message string, err error) error {
+		c.Logger().Errorf("%s: %v", message, err)
+		msg.Danger(c, "An error occurred. Please try again.")
+		return r.Get(c)
+	}
+
+	// Parse the form values
+	form := new(RegisterForm)
+	if err := c.Bind(form); err != nil {
+		return fail("unable to parse form values", err)
+	}
+	r.form = *form
+
+	// Validate the form
+	if err := c.Validate(form); err != nil {
+		msg.Danger(c, "All fields are required.")
+		return r.Get(c)
+	}
+
+	// Hash the password
+	pwHash, err := bcrypt.GenerateFromPassword([]byte(form.Password), bcrypt.DefaultCost)
+	if err != nil {
+		return fail("unable to hash password", err)
+	}
+
+	// Attempt creating the user
 	u, err := r.Container.Ent.User.
 		Create().
-		SetUsername(c.FormValue("username")).
-		SetPassword(c.FormValue("password")).
+		SetUsername(form.Username).
+		SetPassword(string(pwHash)).
 		Save(c.Request().Context())
 
 	if err != nil {
-		c.Logger().Error(err)
-	} else {
-		c.Logger().Infof("user created: %s", u.Username)
+		return fail("unable to create user", err)
 	}
 
-	msg.Danger(c, "Registration is currently disabled.")
-	return r.Get(c)
+	c.Logger().Infof("user created: %s", u.Username)
+	msg.Info(c, "Your account has been created. You are now logged in.")
+	return r.Redirect(c, "home")
 }

controllers/router.go

@@ -6,6 +6,8 @@ import (
 	"goweb/config"
 	"goweb/middleware"
 
+	"github.com/go-playground/validator/v10"
+
 	"github.com/gorilla/sessions"
 	"github.com/labstack/echo-contrib/session"
 
@@ -15,6 +17,19 @@ import (
 	"goweb/container"
 )
 
+type Validator struct {
+	validator *validator.Validate
+}
+
+func (v *Validator) Validate(i interface{}) error {
+	if err := v.validator.Struct(i); err != nil {
+		return err
+	}
+	return nil
+}
+
+// TODO: This is doing more than building the router
+
 func BuildRouter(c *container.Container) {
 	// Static files with proper cache control
 	// funcmap.File() should be used in templates to append a cache key to the URL in order to break cache
@@ -50,6 +65,9 @@ func BuildRouter(c *container.Container) {
 	err := Error{Controller: ctr}
 	c.Web.HTTPErrorHandler = err.Get
 
+	// Validator
+	c.Web.Validator = &Validator{validator: validator.New()}
+
 	// Routes
 	navRoutes(g, ctr)
 	userRoutes(g, ctr)