From ec4a7ed39624fac7fca355133e3ea9a24a2d40b0 Mon Sep 17 00:00:00 2001
From: grumbulon <grumbulon@grumbulon.xyz>
Date: Sat, 31 Dec 2022 13:23:09 -0500
Subject: [PATCH] fixed a big oops

---
 internal/api/auth.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/internal/api/auth.go b/internal/api/auth.go
index 3bb4a3e..e1eab2c 100644
--- a/internal/api/auth.go
+++ b/internal/api/auth.go
@@ -23,10 +23,6 @@ func Login(w http.ResponseWriter, r *http.Request) {
 
 	username := r.Form.Get("username")
 
-	if username == "" {
-		username = autoUname()
-	}
-
 	password := r.Form.Get("password")
 
 	if password == "" {
@@ -40,8 +36,12 @@ func Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	db.Model(internal.User{Username: username}).First(&result)
+	db.Where("username = ?", username).First(&result)
+	if result.Username == "" {
+		http.Error(w, "User not registered", http.StatusUnauthorized)
 
+		return
+	}
 	err = bcrypt.CompareHashAndPassword([]byte(result.HashedPassword), []byte(password))
 
 	if err != nil {