From de28470432f76250cacfe77ac8b860157c974a43 Mon Sep 17 00:00:00 2001
From: LandaMm <qwer.009771@gmail.com>
Date: Wed, 21 May 2025 21:17:30 +0200
Subject: [PATCH] feat: check passwords on login

---
 internal/auth/routes.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/internal/auth/routes.go b/internal/auth/routes.go
index eb96de3..0e18254 100644
--- a/internal/auth/routes.go
+++ b/internal/auth/routes.go
@@ -81,6 +81,11 @@ func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if !util.VerifyPassword(params.Password, user.PasswordHash) {
+		web.Error(w, "username or/and password are incorrect", http.StatusBadRequest)
+		return
+	}
+
 	claims := types.UserClaims{
 		UserID: user.ID.String(),
 		RegisteredClaims: jwt.RegisteredClaims{