From 557e9d2335c5b153ded9a627c34fad3bad4b45e2 Mon Sep 17 00:00:00 2001
From: Roland Bewick <roland.bewick@gmail.com>
Date: Thu, 1 Feb 2024 17:52:01 +0700
Subject: [PATCH] chore: use existing CheckUnlockPassword function, improve
 unlock error message

---
 http_service.go | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/http_service.go b/http_service.go
index 779c6614..50742db3 100644
--- a/http_service.go
+++ b/http_service.go
@@ -16,9 +16,8 @@ import (
 )
 
 type HttpService struct {
-	svc           *Service
-	api           *API
-	encryptionKey string
+	svc *Service
+	api *API
 }
 
 func NewHttpService(svc *Service) *HttpService {
@@ -105,8 +104,6 @@ func (httpSvc *HttpService) startHandler(c echo.Context) error {
 		})
 	}
 
-	httpSvc.encryptionKey = startRequest.UnlockPassword
-
 	return c.NoContent(http.StatusNoContent)
 }
 
@@ -118,8 +115,10 @@ func (httpSvc *HttpService) unlockHandler(c echo.Context) error {
 		})
 	}
 
-	if unlockRequest.UnlockPassword != httpSvc.encryptionKey {
-		return c.NoContent(http.StatusUnauthorized)
+	if !httpSvc.svc.cfg.CheckUnlockPassword(unlockRequest.UnlockPassword) {
+		return c.JSON(http.StatusUnauthorized, ErrorResponse{
+			Message: "Invalid password",
+		})
 	}
 
 	err := httpSvc.saveSessionCookie(c)