diff --git a/cmd/cc-backend/main.go b/cmd/cc-backend/main.go index e51791f..5a50dce 100644 --- a/cmd/cc-backend/main.go +++ b/cmd/cc-backend/main.go @@ -109,6 +109,13 @@ var ( version string ) +// ErrorResponse model +type ErrorResponse struct { + // Statustext of Errorcode + Status string `json:"status"` + Error string `json:"error"` // Error Message +} + func initEnv() { if util.CheckFileExists("var") { fmt.Print("Directory ./var already exists. Exiting!\n") @@ -338,9 +345,6 @@ func main() { web.RenderTemplate(rw, "privacy.tmpl", &web.Page{Title: "Privacy", Build: buildInfo}) }) - // Some routes, such as /login or /query, should only be accessible to a user that is logged in. - // Those should be mounted to this subrouter. If authentication is enabled, a middleware will prevent - // any unauthenticated accesses. secured := r.PathPrefix("/").Subrouter() if !config.Keys.DisableAuthentication { @@ -360,6 +364,20 @@ func main() { }) })).Methods(http.MethodPost) + r.Handle("/jwt-login", authentication.Login( + // On success: + http.RedirectHandler("/", http.StatusTemporaryRedirect), + + // On failure: + func(rw http.ResponseWriter, r *http.Request, err error) { + rw.Header().Add("Content-Type", "application/json") + rw.WriteHeader(http.StatusForbidden) + json.NewEncoder(rw).Encode(ErrorResponse{ + Status: http.StatusText(http.StatusForbidden), + Error: err.Error(), + }) + })).Methods(http.MethodGet) + r.Handle("/logout", authentication.Logout( http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { rw.Header().Add("Content-Type", "text/html; charset=utf-8")