From 59d215f6a35409b2187f78115386018254ee430d Mon Sep 17 00:00:00 2001
From: Immanuel Onyeka <immanuel@onyeka.ca>
Date: Fri, 14 May 2021 14:54:19 -0400
Subject: [PATCH] Handle invalid login attempts

---
 app/Http/Controllers/UserController.php | 8 ++++----
 resources/js/main.js                    | 7 +++++--
 resources/scss/main.scss                | 4 ++++
 resources/views/master.blade.php        | 2 +-
 routes/web.php                          | 3 +--
 5 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index 640aa8d..2a5f281 100644
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -66,12 +66,12 @@ class UserController extends Controller
 
 		//This should probably be changed to not return a page
 		if (Auth::attempt($credentials)) {
+			Log::debug(Auth::attempt($credentials));
+			/* Log::debug("I don't know why this works") */
 			$request->session()->regenerate();
-			return response()->json(["status" => "success"]);
+		} else {
+			abort(401);
 		}
-
-		/* return response()->json(["status" => "error"]); */
-
 	}
 
 	public function logout(Request $request) {
diff --git a/resources/js/main.js b/resources/js/main.js
index 3e718e5..7bc0a95 100644
--- a/resources/js/main.js
+++ b/resources/js/main.js
@@ -40,7 +40,10 @@ function login(event) {
 		"password": document.getElementById("login_password").value}),
 	}).then(response => {
 		if (response.ok) {
-
+			window.location.assign("/panel")
+		} else {
+			document.querySelector("#login_form .error").innerText =
+				"Invalid credentials."
 		}
 	})
 	event.preventDefault();
@@ -77,7 +80,7 @@ if (!token) {getToken()}
 
 if (window.location.pathname == '/') {
 	document.getElementById('nav_toggle').addEventListener('click', toggleNav)
-	document.getElementById('login_form').addEventListener('submit', login)
+	document.querySelector('#login_form button').addEventListener('click', login)
 	app.token = token
 	// console.log(app.token)
 	// console.log(app.$data.active)
diff --git a/resources/scss/main.scss b/resources/scss/main.scss
index 2be4306..e80711a 100644
--- a/resources/scss/main.scss
+++ b/resources/scss/main.scss
@@ -103,6 +103,10 @@ nav form button {
 	min-width: 5em;
 }
 
+nav form p {
+	margin-top: 0;
+}
+
 nav form input,label {
 	opacity: 0.7;
 }
diff --git a/resources/views/master.blade.php b/resources/views/master.blade.php
index 2a0583f..90946b9 100644
--- a/resources/views/master.blade.php
+++ b/resources/views/master.blade.php
@@ -18,7 +18,6 @@
 		</a>
 		@guest
 		<form id='login_form' class= 'login' method='POST'>
-			@csrf
 			<div>
 			<label for='sender_email'>Email</label>
 			<input required id='login_email' type='email' name='sender_email' placeholder=''
@@ -29,6 +28,7 @@ spellcheck='false'>
 			<input required id='login_password' type='password' name='sender_password' placeholder='' spellcheck='false'>
 			</div>
 			<button class='login-btn'type="login">Log in</button>
+			<div><p class="error"></p></div>
 		</form>
 		<div id="nav_toggle" class="nav-toggle"><div>
 			
diff --git a/routes/web.php b/routes/web.php
index 0415173..a0d9d49 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -53,5 +53,4 @@ Route::post('/reset-passowrd', [UserController::class,
 	'resetPassword'])->middleware('guest');
 
 Route::post('/login', [UserController::class,
-	'login']);
-
+	'login'])->middleware('guest');