1 files changed, 24 insertions, 19 deletions

diff --git a/pages/auth.fnl b/pages/auth.fnl
index 1f40cab..29187df 100644
--- a/pages/auth.fnl
+++ b/pages/auth.fnl
@@ -3,7 +3,8 @@
 (local lib (require :lib))
 (local templates (require :templates))
 
-(local auth-form
+(local %page-title "Вход")
+(local %auth-form
  [{:title ""
    :fields [
      (forms.text-input "name" "Пользователь" true)
@@ -19,7 +20,7 @@
     [:section {:class "content"}
      [:div {:class "back"} [:a {:href "/"} "⟵ Обратно на главную"]]
      [:h2 {} "Войти"]
-     (forms.render-form auth-form data errors)])])
+     (forms.render-form %auth-form data errors)])])
 
 (fn create-session [db user expires-at]
   (local id (_G.must (luna.crypto.random-string 64)))
@@ -48,22 +49,26 @@
   (if authenticated?
     (values 302 {:Location "/"} "")
     (if request.form
-      (let [name request.form.name
-            entered-password request.form.password
-            correct-creds? (check-user db name entered-password)]
-        (if correct-creds?
-          (let [next-week (+ (os.time) (* 60 60 24 7))
-                session-id (create-session
-                             db name (os.date "%Y-%m-%d %H:%M:%S" next-week))
-                cookie-expires (os.date "%a, %d %b %Y %H:%M:%S GMT" next-week)]
-            (values 302 {:Location "/shop"
-                         :Set-Cookie (.. "auth=" session-id "; HttpOnly; SameSite=strict;"
-                                         "Expires=" cookie-expires
-                                         (if luna.debug? "" "; Secure"))} ""))
-          (values 400 {}
-            (templates.base
-              (content request.form
-                {:password "Пользователя с таким именем и паролем не существует."})))))
-      (values 200 {} (templates.base (content {} {}))))))
+      (let [errors (forms.validate %auth-form request.form)
+            has-errors? (not (lib.empty-table? errors))
+            {: name : password } request.form
+            correct-creds? (check-user db name password)]
+        (if has-errors?
+          (values 400 {} (templates.base (content request.form errors) %page-title))
+          (if correct-creds?
+            (let [next-week (+ (os.time) (* 60 60 24 7))
+                  session-id (create-session
+                               db name (os.date "%Y-%m-%d %H:%M:%S" next-week))
+                  cookie-expires (os.date "%a, %d %b %Y %H:%M:%S GMT" next-week)]
+              (values 302 {:Location "/shop"
+                           :Set-Cookie (.. "auth=" session-id "; HttpOnly; SameSite=strict;"
+                                           "Expires=" cookie-expires
+                                           (if luna.debug? "" "; Secure"))} ""))
+            (values 400 {}
+              (templates.base
+                (content request.form
+                  {:password "Пользователя с таким именем и паролем не существует."})
+                %page-title)))))
+      (values 200 {} (templates.base (content {} {}) %page-title)))))
 
 {: render}