fix: harden login for MLPS requirements

This commit is contained in:
2026-05-14 11:05:20 +08:00
parent ecf3ee1ef0
commit 879677516f
39 changed files with 1230 additions and 71 deletions
@@ -25,10 +25,19 @@ func NewAuthHandler(a *bootstrap.App) *AuthHandler {
a.JWT,
a.Sessions,
a.LoginGuard,
),
).WithPasswordCipher(a.PasswordCipher),
}
}
func (h *AuthHandler) PasswordPublicKey(c *gin.Context) {
key := h.svc.PasswordPublicKey()
if key == nil {
response.Error(c, response.ErrNotFound(40420, "password_cipher_disabled", "password cipher is disabled"))
return
}
response.Success(c, key)
}
func (h *AuthHandler) Login(c *gin.Context) {
var req app.LoginRequest
if err := c.ShouldBindJSON(&req); err != nil {