admin/go-socket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

complete group creation endpoint with auth and validation, change parameter and return pointer usage in some get func

Browse Source
This commit is contained in:
Sisi
2026-03-13 09:56:08 +01:00
parent eeea54492b
commit bb1acfe38f
4 changed files with 52 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
database.go
+6 -6
View File
@@ -86,25 +86,25 @@ func isPassValid(ctx context.Context, id uint32, plainPassword string) bool {
return bcrypt.CompareHashAndPassword([]byte(controlHash), []byte(plainPassword)) == nil return bcrypt.CompareHashAndPassword([]byte(controlHash), []byte(plainPassword)) == nil
} }
func GetUserDataById(ctx context.Context, id uint32) (*User, error) { func GetUserDataById(ctx context.Context, id uint32) (User, error) {
var user User var user User
err := dbConnection.QueryRow(ctx, "SELECT id, name, pass_hash, color FROM users WHERE id = $1", id). err := dbConnection.QueryRow(ctx, "SELECT id, name, pass_hash, color FROM users WHERE id = $1", id).
Scan(&user.Id, &user.Name, &user.Password, &user.Color) Scan(&user.Id, &user.Name, &user.Password, &user.Color)
if err != nil { if err != nil {
return &User{}, err return User{}, err
} }
user.IsPasswordHashed = true user.IsPasswordHashed = true
return &user, nil return user, nil
} }
func GetUserDataByName(ctx context.Context, name string) (*User, error) { func GetUserDataByName(ctx context.Context, name string) (User, error) {
var user User var user User
err := dbConnection.QueryRow(ctx, "SELECT id, name, pass_hash, color FROM users WHERE name = $1", name). err := dbConnection.QueryRow(ctx, "SELECT id, name, pass_hash, color FROM users WHERE name = $1", name).
Scan(&user.Id, &user.Name, &user.Password, &user.Color) Scan(&user.Id, &user.Name, &user.Password, &user.Color)
if err != nil { if err != nil {
return &User{}, err return User{}, err
} }
user.IsPasswordHashed = true user.IsPasswordHashed = true
return &user, nil return user, nil
} }
func CreateChatGroupWithoutMembers(ctx context.Context, group *ChatGroup) (uint32, error) { func CreateChatGroupWithoutMembers(ctx context.Context, group *ChatGroup) (uint32, error) {
go-socket
BIN
View File
Binary file not shown.
http.go
+45 -21
View File
@@ -3,6 +3,7 @@ package main
import ( import (
"log" "log"
"net/http" "net/http"
"time"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
) )
@@ -24,14 +25,14 @@ func RegisterHandler(response http.ResponseWriter, request *http.Request) {
password := request.FormValue("password") password := request.FormValue("password")
if len(username) < 2 { if len(username) < 2 {
http.Error(response, "short username", http.StatusBadRequest) http.Error(response, "no or short username", http.StatusBadRequest)
return return
} }
if username == "server" { if username == "server" {
http.Error(response, "only server can use such name", http.StatusBadRequest) http.Error(response, "only server can use such name", http.StatusBadRequest)
} }
if len(password) < 8 { if len(password) < 8 {
http.Error(response, "short password", http.StatusBadRequest) http.Error(response, "short or no password", http.StatusBadRequest)
return return
} }
@@ -78,7 +79,7 @@ func LoginHandler(response http.ResponseWriter, request *http.Request) {
} }
if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) == nil { if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) == nil {
token, err := GetToken(user) token, err := GetToken(&user)
if err != nil { if err != nil {
respondBadLogin() respondBadLogin()
return return
@@ -101,37 +102,60 @@ func CreateGroupHandler(response http.ResponseWriter, request *http.Request) {
ctx := request.Context() ctx := request.Context()
username := request.FormValue("username") username := request.FormValue("username")
password := request.FormValue("password") password := request.FormValue("password")
token := request.FormValue("token")
respondBadLogin := func() { respondBadLogin := func() {
http.Error(response, "bad login", http.StatusConflict) http.Error(response, "bad login", http.StatusConflict)
} }
if len(username) < 2 {
respondBadLogin()
}
user, err := GetUserDataByName(ctx, username)
if err != nil {
respondBadLogin()
return
}
if len(password) > 0 { if len(password) > 0 {
if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) != nil { if len(username) < 2 {
http.Error(response, "no or too short nick", http.StatusBadRequest)
return
}
tmp, err := GetUserDataByName(ctx, username)
if err != nil {
respondBadLogin() respondBadLogin()
return return
} }
if bcrypt.CompareHashAndPassword([]byte(tmp.Password), []byte(password)) != nil {
respondBadLogin()
return
}
user = tmp
anyAuthDone = true anyAuthDone = true
} else if (len(token) > 0) { } else if token := request.FormValue("token"); len(token) > 0 {
user, err := GetUserFromToken(token) tmp, err := GetUserFromToken(token)
if err != nil { if err != nil {
respondBadLogin() respondBadLogin()
return
} }
user = tmp
anyAuthDone = true
} }
CreateChatGroupWithoutMembers(ctx, &ChatGroup{ if !anyAuthDone {
Name: http.Error(response, "no login or token", http.StatusBadRequest)
}) return
}
groupName := request.FormValue("name")
if len(groupName) < 2 {
http.Error(response, "no or too short group name", http.StatusBadRequest)
return
}
_, err := CreateChatGroupWithoutMembers(ctx, &ChatGroup{
Name: groupName,
CreatorId: user.Id,
OwnerId: user.Id,
CreatedAt: time.Now(),
})
if err != nil {
http.Error(response, "internal server error", http.StatusInternalServerError)
log.Fatal(err)
return
}
response.WriteHeader(http.StatusCreated)
} }
main.go
+1
View File
@@ -29,5 +29,6 @@ func main() {
log.Println("server listening on :8080") log.Println("server listening on :8080")
http.HandleFunc("POST /register", RegisterHandler) http.HandleFunc("POST /register", RegisterHandler)
http.HandleFunc("POST /login", LoginHandler) http.HandleFunc("POST /login", LoginHandler)
http.HandleFunc("POST /create/group", CreateGroupHandler)
log.Fatal(http.ListenAndServe(":8080", nil)) log.Fatal(http.ListenAndServe(":8080", nil))
} }