From 73ce55047fff42f6bfba30d38094517d0bc637a6 Mon Sep 17 00:00:00 2001
From: Logan <logan@gatlintc.com>
Date: Fri, 27 Sep 2024 15:57:10 -0500
Subject: [PATCH] Removed unused dependencies

---
 README.md |  4 ++++
 db.json   |  1 -
 go.mod    |  8 ++++----
 go.sum    |  4 ++--
 server.go |  1 -
 users.go  | 53 ++++++++++++++++++++++++++++++++---------------------
 6 files changed, 42 insertions(+), 29 deletions(-)
 delete mode 100644 db.json

diff --git a/README.md b/README.md
index d04a874..beee391 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,10 @@ within a restricted amount of time to make art.
 2. Run the command `go run .` inside this folder
 3. View the website at [127.0.0.1:8080](http://127.0.0.1:8080/)
 
+## Go project structure
+* [go.mod](go.mod) Go version and library dependencies
+* [go.sum](go.sum) Checksums for libraries
+
 ## Backend Source
 Our back-end is written in [Go](https://go.dev/) using the standard library.
 * [Request handling](server.go)
diff --git a/db.json b/db.json
deleted file mode 100644
index f7fe8a3..0000000
--- a/db.json
+++ /dev/null
@@ -1 +0,0 @@
-{"xterminate18181@gmail.com":{"email":"xterminate18181@gmail.com","password":"123","account-created":"2024-09-27T05:39:11.331520582-05:00","last-login":"2024-09-27T05:39:11.331520621-05:00"}}
diff --git a/go.mod b/go.mod
index d3e4ddd..55c3846 100644
--- a/go.mod
+++ b/go.mod
@@ -2,9 +2,9 @@ module github.com/adanrsantos/ThePlaceHolders
 
 go 1.23
 
-require github.com/gorilla/sessions v1.4.0
-
 require (
-	github.com/gorilla/mux v1.8.1 // indirect
-	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/sessions v1.4.0
+	golang.org/x/crypto v0.27.0
 )
+
+require github.com/gorilla/securecookie v1.1.2 // indirect
diff --git a/go.sum b/go.sum
index 7e011b0..b04990b 100644
--- a/go.sum
+++ b/go.sum
@@ -1,8 +1,8 @@
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
-github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
 github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
 github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
diff --git a/server.go b/server.go
index 734938b..c4b9890 100644
--- a/server.go
+++ b/server.go
@@ -4,7 +4,6 @@ import (
 	"fmt"
 	"log"
 	"net/http"
-	"strings"
 
 	"github.com/gorilla/sessions"
 )
diff --git a/users.go b/users.go
index f7dd3a6..3181e67 100644
--- a/users.go
+++ b/users.go
@@ -1,21 +1,36 @@
 package main
 
 import (
-	"encoding/json"
-	"fmt"
 	"net/http"
-	"os"
+	"regexp"
+	"strings"
 	"time"
+
+	"golang.org/x/crypto/bcrypt"
 )
 
 const SESSION_COOKIE_NAME = "utsa-place-session"
 const SESSION_AUTH = "auth"
 
+const ENCRYPTION_STRENGTH = 14
+
 type UserData struct {
-	Email          string    `json:"email"`
-	Password       string    `json:"password"`
-	AccountCreated time.Time `json:"account-created"`
-	LastLogin      time.Time `json:"last-login"`
+	Email          string
+	Password       string
+	AccountCreated time.Time
+	LastLogin      time.Time
+}
+
+func validate_email(email string) (string, bool) {
+	email = strings.ToLower(email)
+	regex := regexp.MustCompile("^[a-z]+.[a-z]+@(my.)?utsa.edu")
+	ok := regex.MatchString(email)
+	return email, ok
+}
+
+func hash_password(password string) string {
+	bytes, _ := bcrypt.GenerateFromPassword([]byte(password), ENCRYPTION_STRENGTH)
+	return string(bytes)
 }
 
 // Handles requests to /login.html
@@ -65,13 +80,19 @@ func (s *Server) handle_register(w http.ResponseWriter, r *http.Request) {
 		http.ServeFile(w, r, "./static/register.html")
 	case http.MethodPost:
 		// Get data from form
-		email := r.FormValue("email")
+		email, ok := validate_email(r.FormValue("email"))
+		if !ok {
+			http.Error(w, "Invalid email address", http.StatusForbidden)
+			return
+		}
 		password := r.FormValue("password")
-		fmt.Println(r.Form)
+		if len(password) < 5 || len(password) >= 70 {
+			http.Error(w, "Invalid password length", http.StatusForbidden)
+			return
+		}
 		// Check that this email is not already registered
 		if _, ok := s.Users[email]; ok {
-			fmt.Println("Already registered")
-			http.Error(w, "Forbidden", http.StatusForbidden)
+			http.Error(w, "Already registered", http.StatusForbidden)
 			return
 		}
 		// Generate session
@@ -94,7 +115,6 @@ func (s *Server) handle_register(w http.ResponseWriter, r *http.Request) {
 		// Send session token to browser
 		session.Save(r, w)
 		// Redirect to index.html
-		s.save_state()
 		http.Redirect(w, r, "/", http.StatusFound)
 	default:
 		http.Error(w, "Forbidden", http.StatusForbidden)
@@ -114,12 +134,3 @@ func (s *Server) handle_logout(w http.ResponseWriter, r *http.Request) {
 		MaxAge: -1,
 	})
 }
-
-func (s *Server) save_state() {
-	file, err := os.Create("db.json")
-	if err != nil {
-		panic(err)
-	}
-	defer file.Close()
-	json.NewEncoder(file).Encode(s.Users)
-}