this damn refresh token

2025-11-22 23:03:00 -06:00
parent 364b3a7dcb
commit ae21aac137
1 changed files with 37 additions and 1 deletions
--- a/internal/auth/handler.go
+++ b/internal/auth/handler.go
@@ -103,6 +103,36 @@ func (h *Handler) Login(w http.ResponseWriter, r *http.Request) {
 	})
 }
 func (h *Handler) RefreshToken(w http.ResponseWriter, r *http.Request) {
 	var req struct {
 		RefreshToken string `json:"refresh_token"`
 	}
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusBadRequest)
 		json.NewEncoder(w).Encode(map[string]string{"error": "invalid request"})
 		return
 	}
 	// Verify refresh token and get user
 	claims, err := config.VerifyRefreshToken(req.RefreshToken)
 	if err != nil {
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusUnauthorized)
 		json.NewEncoder(w).Encode(map[string]string{"error": "invalid refresh token"})
 		return
 	}
 	// Generate new access token
 	newAccessToken, _ := config.GenerateAccessToken(claims.UserID, claims.Email, claims.Username)
 	w.Header().Set("Content-Type", "application/json")
 	json.NewEncoder(w).Encode(map[string]interface{}{
 		"access_token": newAccessToken,
 		"expires_in":   900,
 	})
 }
 func (h *Handler) RequestPasswordReset(w http.ResponseWriter, r *http.Request) {
 	var req struct {
 		Email string `json:"email"`
@@ -114,7 +144,13 @@ func (h *Handler) RequestPasswordReset(w http.ResponseWriter, r *http.Request) {
 		return
 	}
-	h.userService.RequestPasswordReset(req.Email)
+	err := h.userService.RequestPasswordReset(req.Email)
 	if err != nil {
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusBadRequest)
 		json.NewEncoder(w).Encode(map[string]string{"error": err.Error()})
 		return
 	}
 	w.Header().Set("Content-Type", "application/json")
 	json.NewEncoder(w).Encode(map[string]string{