modified: serv_nginx/api_bb/internal/handlers/auth.go

change method login
2025-10-11 11:30:45 +05:00
parent 556780fd28
commit ce433e6187
1 changed files with 69 additions and 46 deletions
@@ -164,60 +164,83 @@ func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) {
 }

 func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
+    h.logger.Info("handling login request",
+        zap.String("method", r.Method),
+        zap.String("path", r.URL.Path),
+        zap.String("remote_addr", r.RemoteAddr),
+    )

-	h.logger.Info("handling login request",
-		zap.String("method", r.Method),
-		zap.String("path", r.URL.Path),
-		zap.String("remote_addr", r.RemoteAddr),
-	)
+    // Проверяем Content-Type
+    if r.Header.Get("Content-Type") != "application/json" {
+        h.logger.Warn("invalid content type", zap.String("content_type", r.Header.Get("Content-Type")))
+        utils.RespondWithError(w, http.StatusBadRequest, "Content-Type must be application/json")
+        return
+    }

-	var req LoginRequest
-	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
-		h.logger.Error("failed to decode login request", zap.Error(err))
-		utils.RespondWithError(w, http.StatusBadRequest, "Invalid request payload: "+err.Error())
-		return
-	}
+    // Читаем и логируем тело запроса
+    bodyBytes, err := io.ReadAll(r.Body)
+    if err != nil {
+        h.logger.Error("failed to read request body", zap.Error(err))
+        utils.RespondWithError(w, http.StatusBadRequest, "Failed to read request body")
+        return
+    }
+    defer r.Body.Close()

-	// Валидация
-	if req.Email == "" || req.Password == "" {
-		h.logger.Warn("login failed - email or password empty")
-		utils.RespondWithError(w, http.StatusBadRequest, "Email and password are required")
-		return
-	}
+    // Восстанавливаем тело
+    r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))

-	h.logger.Info("attempting user login", zap.String("email", req.Email))
+    h.logger.Debug("request body", zap.String("body", string(bodyBytes)))

-	user, token, err := h.authService.Login(req.Email, req.Password)
-	if err != nil {
-		h.logger.Warn("login failed",
-			zap.String("email", req.Email),
-			zap.Error(err),
-		)
-		utils.RespondWithError(w, http.StatusUnauthorized, err.Error())
-		return
-	}
+    var req LoginRequest
+    if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+        h.logger.Error("JSON decode failed", 
+            zap.Error(err),
+            zap.String("raw_body", string(bodyBytes)),
+        )
+        utils.RespondWithError(w, http.StatusBadRequest, "Invalid JSON: "+err.Error())
+        return
+    }

-	// Устанавливаем токен в куки
-	http.SetCookie(w, &http.Cookie{
-		Name:     "auth_token",
-		Value:    token,
-		Path:     "/",
-		HttpOnly: true,
-		Secure:   false, // В production установить true
-		SameSite: http.SameSiteLaxMode,
-		Expires:  time.Now().Add(24 * time.Hour),
-	})
+    // Валидация
+    if req.Email == "" || req.Password == "" {
+        h.logger.Warn("validation failed", 
+            zap.String("email", req.Email),
+            zap.Int("password_len", len(req.Password)),
+        )
+        utils.RespondWithError(w, http.StatusBadRequest, "Email and password are required")
+        return
+    }

-	h.logger.Info("user logged in successfully",
-		zap.Uint("user_id", user.ID),
-		zap.String("email", user.Email),
-	)
+    h.logger.Info("attempting login", zap.String("email", req.Email))

-	utils.RespondWithJSON(w, http.StatusOK, map[string]interface{}{
-		"message": "Login successful",
-		"token":   token,
-		"user":    toUserResponse(user),
-	})
+    user, token, err := h.authService.Login(req.Email, req.Password)
+    if err != nil {
+        h.logger.Warn("login failed", zap.String("email", req.Email), zap.Error(err))
+        utils.RespondWithError(w, http.StatusUnauthorized, err.Error())
+        return
+    }
+
+    // Устанавливаем куки
+    http.SetCookie(w, &http.Cookie{
+        Name:     "auth_token",
+        Value:    token,
+        Path:     "/",
+        HttpOnly: true,
+        Secure:   false,
+        SameSite: http.SameSiteLaxMode,
+        Expires:  time.Now().Add(24 * time.Hour),
+    })
+
+    h.logger.Info("login successful", 
+        zap.Uint("user_id", user.ID),
+        zap.String("email", user.Email),
+    )
+
+    utils.RespondWithJSON(w, http.StatusOK, map[string]interface{}{
+        "message": "Login successful",
+        "token":   token,
+        "user":    toUserResponse(user),
+    })
 }

 func (h *AuthHandler) Logout(w http.ResponseWriter, r *http.Request) {