4 changed files with 50 additions and 46 deletions
--- a/api/handlers/authHandler.go
+++ b/api/handlers/authHandler.go
@ -14,15 +14,19 @@ import (
 func Login(w http.ResponseWriter, r *http.Request) {
 	var u *types.LoginUser

-	if r.Header.Get("HX-Request") == "true" {
-		u = handleHtmxLogin(r)
-	} else {
-		u = handleHttpLogin(w, r, u)
-	}
+	isHtmx := r.Header.Get("HX-Request")

-	if u == nil {
+	if isHtmx == "true" {
+		u = &types.LoginUser{
+			Email:    r.PostFormValue("email"),
+			Password: r.PostFormValue("password"),
+		}
+	} else {
+		if err := json.NewDecoder(r.Body).Decode(&u); err != nil {
+			InternalServerErrorHandler(w, err)
 			return
 		}
+	}

 	User, err := query.GetLogin(context.Background(), u)
 	if err != nil {
@ -30,18 +34,16 @@ func Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	if !bcrypt.CheckPasswordHash(u.Password, User.Password) {
-		UnauthorizedHandler(w)
-		return
-	}
+	if bcrypt.CheckPasswordHash(u.Password, User.Password) {

 		jwtToken := jwt.CreateUserJWT(User.Name, User.ID, string(User.Role))

-	cookie := &http.Cookie{
-		Name:     "jwt",
+		if jwtToken != "" {
+
+			cookie := &http.Cookie{Name: "jwt",
 				Value: jwtToken,
-		HttpOnly: true,
-		Secure:   true,
+				//HttpOnly: true,
+				//Secure:   true,
 				SameSite: http.SameSiteLaxMode,
 				Expires:  time.Now().Add(24 * time.Hour),
 			}
@ -50,21 +52,17 @@ func Login(w http.ResponseWriter, r *http.Request) {

 			w.WriteHeader(http.StatusOK)
 			_, err = w.Write([]byte("login success"))
-}
-
-func handleHtmxLogin(r *http.Request) *types.LoginUser {
-	return &types.LoginUser{
-		Email:    r.PostFormValue("email"),
-		Password: r.PostFormValue("password"),
-	}
-}
-
-func handleHttpLogin(w http.ResponseWriter, r *http.Request, u *types.LoginUser) *types.LoginUser {
-	if err := json.NewDecoder(r.Body).Decode(&u); err != nil {
+			return
+		} else {
 			InternalServerErrorHandler(w, err)
-		return nil
+			return
+		}
+
+	} else {
+		UnauthorizedHandler(w)
+
+		println("unauthorized")
 	}
-	return u
 }

 func CanEdit(w http.ResponseWriter, r *http.Request) {
@ -73,12 +71,14 @@ func CanEdit(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte(""))
+		return
 	}
-	if audience == "owner" || audience == "admin" {
+	if audience == "owner" || audience == "visitor" {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte("<button class=\"button is-link\">Edit</button>"))
 	} else {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte(""))
 	}
+	return
 }
--- a/api/handlers/errorHandlers.go
+++ b/api/handlers/errorHandlers.go
@ -22,7 +22,6 @@ func UnprocessableEntityHandler(w http.ResponseWriter, err error) {
 }

 func UnauthorizedHandler(w http.ResponseWriter) {
-	log.Println("unauthorized")
 	setError(w, http.StatusUnauthorized, "Unauthorized")
 }

--- a/api/handlers/userHandler.go
+++ b/api/handlers/userHandler.go
@ -15,11 +15,11 @@ func CreateUserHandler(w http.ResponseWriter, r *http.Request) {

 	var u *types.RegisterUser

-	if r.Header.Get("HX-Request") == "true" {
+	isHtmx := r.Header.Get("HX-Request")
+
+	if isHtmx == "true" {
 		u = &types.RegisterUser{
 			Name: r.PostFormValue("name"),
-			Password: r.PostFormValue("password"),
-			Email:    r.PostFormValue("email"),
 			//Role: user.Role(r.PostFormValue("role")),
 		}
 	} else {
@ -28,6 +28,7 @@ func CreateUserHandler(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
+	u.Password = "123"
 	if !validate.UserIsValid(u) {
 		BadRequestHandler(w)
 		return
--- a/web/components/projectList.go
+++ b/web/components/projectList.go
@ -69,5 +69,9 @@ func EditProject(project *ent.Project) g.Node {
 		b.Content(
 			b.Textarea(project.Description, e.Name("project_description")),
 		),
+
+		//b.CardFooter(
+		//Save(),
+		//),
 	)
 }