From 04bbb64f2cdcad9a2ee7d3dc477171d6717d3b29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D1=82=D0=BE=D0=BD?= Date: Sat, 20 Sep 2025 10:55:48 +0300 Subject: [PATCH] =?UTF-8?q?=D0=A0=D0=B0=D0=B1=D0=BE=D1=87=D0=B0=D1=8F=20?= =?UTF-8?q?=D1=81=D0=B1=D0=BE=D1=80=D0=BA=D0=B0=20=D0=B2=D1=82=D0=BE=D1=80?= =?UTF-8?q?=D0=BE=D0=B3=D0=BE=20executor'=D0=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/endpoints_handlers/AuthLoginExecutor.h | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/src/endpoints_handlers/AuthLoginExecutor.h b/src/endpoints_handlers/AuthLoginExecutor.h index 07e2dd3..b17e65d 100644 --- a/src/endpoints_handlers/AuthLoginExecutor.h +++ b/src/endpoints_handlers/AuthLoginExecutor.h @@ -46,8 +46,8 @@ public: { req_json = json::parse(body); - std::string login = req_json.as_object().at("login").as_string().c_str(); - std::string password = req_json.as_object().at("password").as_string().c_str(); + const std::string login = req_json.as_object().at("login").as_string().c_str(); + const std::string password = req_json.as_object().at("password").as_string().c_str(); if (login.empty() || password.empty()) { @@ -61,9 +61,19 @@ public: return res; } - std::string hashed_password = HashPassword(password); + std::optional user = user_dao_->GetByLogin(login); - std::optional maybe_user = user_dao_->GetByLogin(login); + if (!user.has_value() || (user.value().GetHashedPassword() != HashPassword(password))) + { + http::response res{http::status::unprocessable_entity, req.version()}; + response_body.as_object().emplace("Result", "Incorrect login or password"); + + res.body() = serialize(response_body); + res.set(http::field::content_type, "application/json"); + res.content_length(res.body().size()); + + return res; + } } catch (const system::system_error& err) {