2 files changed, 109 insertions, 2 deletions
diff --git a/controllers/constants.go b/controllers/constants.go
new file mode 100644
index 0000000..95d75c1
--- /dev/null
+++ b/controllers/constants.go
@@ -0,0 +1,37 @@
+package controllers
+
+const (
+	// Page titles
+	PT_HOME        = "Home Page"
+	PT_LOGIN       = "Login"
+	PT_POSTS       = "Posts"
+	PT_PREFERENCES = "Preferences"
+	PT_REGISTER    = "Register"
+	PT_404         = "Page Not Found"
+
+	// Template names
+	TEMPLATE_HOME        = "home"
+	TEMPLATE_LOGIN       = "login"
+	TEMPLATE_POSTS       = "posts"
+	TEMPLATE_PREFERENCES = "preferences"
+	TEMPLATE_REGISTER    = "register"
+	TEMPLATE_404         = "404"
+
+	// URL constants for various routes
+	URL_HOME                = "/"
+	URL_LOGIN               = "/login"
+	URL_POSTS               = "/posts"
+	URL_PREFERENCES         = "/preferences"
+	URL_REGISTER            = "/register"
+	URL_FORGOT_PASSWORD     = "/accounts/forgot-password"
+	URL_RESEND_VERIFICATION = "/accounts/resend-verification"
+
+	// Error messages
+	ERR_INVALID_FORM_DATA         = "The submitted form data is invalid. Check your input and try again."
+	ERR_USER_NOT_FOUND            = `User with that username not found. Maybe you want to <a href="` + URL_REGISTER + `">register</a>?`
+	ERR_LOGIN_INVALID_CREDENTIALS = `The credentials you provided are incorrect. Did you <a href="` + URL_FORGOT_PASSWORD + `">forget your password</a>?`
+	ERR_ACCOUNT_DISABLED          = `Your account is disabled or banned. You can reach out to support for assistance.`
+	ERR_ACCOUNT_UNABLE_TO_LOGIN   = `You cannot log in at this time. Verify your email or contact support. If you misplaced your verification email, you can <a href="` + URL_RESEND_VERIFICATION + `">request a new one</a>.`
+	ERR_SESSION_FAILED_TO_CREATE  = "Failed to create session. Please try again later."
+	ERR_SESSION_FAILED_TO_SAVE    = "Failed to save session. Please try again later."
+)
diff --git a/controllers/login.go b/controllers/login.go
index 1ea9caf..12262e3 100644
--- a/controllers/login.go
+++ b/controllers/login.go
@@ -1,12 +1,82 @@
 package controllers
 
 import (
+	"imageboard/database"
+	"imageboard/session"
 	"imageboard/utils/shortcuts"
 
 	"github.com/gofiber/fiber/v2"
 )
 
+func getRedirectURL(ctx *fiber.Ctx) string {
+	referer := ctx.Get("Referer")
+	if referer != "" && referer != ctx.BaseURL()+URL_LOGIN && referer != ctx.BaseURL()+URL_REGISTER {
+		return referer
+	}
+	return URL_HOME
+}
+
+func renderLoginError(ctx *fiber.Ctx, errorMsg string, statusCode int) error {
+	return shortcuts.RenderWithStatus(ctx, TEMPLATE_LOGIN, fiber.Map{
+		"Error":    errorMsg,
+		"Username": ctx.FormValue("username"), // Preserve username in form
+	}, statusCode)
+}
+
 func LoginPageController(ctx *fiber.Ctx) error {
-	ctx.Locals("Title", "Login")
-	return shortcuts.Render(ctx, "login", nil)
+	ctx.Locals("Title", PT_LOGIN)
+	sess, err := session.Store.Get(ctx)
+	if err == nil {
+		if userID, ok := sess.Get("user_id").(int); ok && userID != 0 {
+			return ctx.Redirect(getRedirectURL(ctx), fiber.StatusSeeOther)
+		}
+	}
+
+	return shortcuts.Render(ctx, TEMPLATE_LOGIN, nil)
+}
+
+func LoginPostController(ctx *fiber.Ctx) error {
+	ctx.Locals("Title", PT_LOGIN)
+	type LoginForm struct {
+		Username string `json:"username" form:"username"`
+		Password string `json:"password" form:"password"`
+	}
+
+	var form LoginForm
+	var err error
+	if err = ctx.BodyParser(&form); err != nil {
+		return renderLoginError(ctx, ERR_INVALID_FORM_DATA, fiber.StatusBadRequest)
+	}
+
+	user, err := database.GetUserByUsername(form.Username)
+	if err != nil {
+		return renderLoginError(ctx, ERR_USER_NOT_FOUND, fiber.StatusUnauthorized)
+	}
+
+	if !user.CheckPassword(form.Password) {
+		return renderLoginError(ctx, ERR_LOGIN_INVALID_CREDENTIALS, fiber.StatusUnauthorized)
+	}
+
+	if !user.IsActive() {
+		return renderLoginError(ctx, ERR_ACCOUNT_DISABLED, fiber.StatusForbidden)
+	}
+
+	if !user.CanLogin() {
+		return renderLoginError(ctx, ERR_ACCOUNT_UNABLE_TO_LOGIN, fiber.StatusForbidden)
+	}
+
+	sess, err := session.Store.Get(ctx)
+	if err != nil {
+		return renderLoginError(ctx, ERR_SESSION_FAILED_TO_CREATE, fiber.StatusInternalServerError)
+	}
+	sess.Set("user_id", user.ID)
+	sess.Set("username", user.Username)
+	if err := sess.Save(); err != nil {
+		return renderLoginError(ctx, ERR_SESSION_FAILED_TO_SAVE, fiber.StatusInternalServerError)
+	}
+
+	user.UpdateLastUserLogin(database.DB)
+	user.UpdateLastUserActivity(database.DB)
+
+	return ctx.Redirect(getRedirectURL(ctx), fiber.StatusSeeOther)
 }