diff --git a/database.go b/database.go index d99131d..4e3a433 100644 --- a/database.go +++ b/database.go @@ -27,8 +27,8 @@ func InitDatabase(ctx context.Context) { CREATE TABLE IF NOT EXISTS chat_groups ( id SERIAL PRIMARY KEY, name VARCHAR(48) NOT NULL, - createor INTEGER NOT NULL REFERANCE users(id) ON DELETE SET NULL, - owner INTEGER NOT NULL REFERANCE user(id) ON DELETE SET NULL + creator_id INTEGER NOT NULL REFERENCES users(id) ON DELETE SET NULL, + owner_id INTEGER NOT NULL REFERENCES users(id) ON DELETE SET NULL, enable_user_colors BOOLEAN NOT NULL DEFAULT true, group_color VARCHAR(3), created_at TIMESTAMP NOT NULL DEFAULT NOW() @@ -46,7 +46,7 @@ func InitDatabase(ctx context.Context) { dbConnection = conn } -func AddNewUser(ctx context.Context, user User) (uint32, error) { +func AddNewUser(ctx context.Context, user *User) (uint32, error) { var id uint32 var err error @@ -107,6 +107,48 @@ func GetUserDataByName(ctx context.Context, name string) (*User, error) { return &user, nil } -func CreateGroup() { +func CreateChatGroupWithoutMembers(ctx context.Context, group *ChatGroup) (uint32, error) { + if len(group.Name) < 1 { + return 0, errors.New("group name too short") + } + if len(group.Name) > 48 { + return 0, errors.New("group name too long") + } + + var id uint32 + err := dbConnection.QueryRow(ctx, `INSERT INTO chat_groups (name, creator_id, owner_id, created_at ) + VALUES ($1, $2, $3, $4) + RETURNING id + `, group.Name, group.CreatorId, group.OwnerId, group.CreatedAt).Scan(&id) + return id, err +} + +func GetChatGroupWithoutMembers(ctx context.Context, id uint32) (ChatGroup, error) { + var group ChatGroup + err := dbConnection.QueryRow(ctx, `SELECT name, creator_id, owner_id, enable_user_colors, group_color, created_at FROM chat_groups WHERE id = $1`, + id).Scan(&group.Name, &group.CreatorId, &group.OwnerId, &group.EnableUserColors, &group.Color, &group.CreatedAt) + return group, err +} + +func GetChatGroupMembers(ctx context.Context, groupId uint32) ([]User, error) { + rows, err := dbConnection.Query(ctx, ` + SELECT usr.id, usr.name, usr.color FROM users usr + JOIN chat_group_members members ON usr.id = members.user_id + WHERE members.group_id = $1 + `, groupId) + if err != nil { + return nil, err + } + defer rows.Close() + + var members []User + for rows.Next() { + var user User + if err := rows.Scan(&user.Id, &user.Name, &user.Color); err != nil { + return nil, err + } + members = append(members, user) + } + return members, rows.Err() } diff --git a/http.go b/http.go index 2f10170..1081ca9 100644 --- a/http.go +++ b/http.go @@ -7,9 +7,16 @@ import ( "golang.org/x/crypto/bcrypt" ) -func RegisterHandler(response http.ResponseWriter, request *http.Request) { +func isMethodAllowed(response *http.ResponseWriter, request *http.Request) bool { if request.Method != http.MethodPost { - http.Error(response, "POST only", http.StatusMethodNotAllowed) + http.Error(*response, "POST only", http.StatusMethodNotAllowed) + return false + } + return true +} + +func RegisterHandler(response http.ResponseWriter, request *http.Request) { + if !isMethodAllowed(&response, request) { return } ctx := request.Context() @@ -20,18 +27,21 @@ func RegisterHandler(response http.ResponseWriter, request *http.Request) { http.Error(response, "short username", http.StatusBadRequest) return } + if username == "server" { + http.Error(response, "only server can use such name", http.StatusBadRequest) + } if len(password) < 8 { http.Error(response, "short password", http.StatusBadRequest) return } if _, err := GetUserDataByName(ctx, username); err == nil { - http.Error(response, "User already exists", http.StatusBadRequest) + http.Error(response, "user already exists", http.StatusBadRequest) return } - if _, err := AddNewUser(ctx, User{0, username, password, "xxx", false}); err != nil { - http.Error(response, "Internal server error", http.StatusInternalServerError) + if _, err := AddNewUser(ctx, &User{username, password, "xxx", 0, false}); err != nil { + http.Error(response, "internal server error", http.StatusInternalServerError) log.Fatal(err) return } @@ -39,39 +49,89 @@ func RegisterHandler(response http.ResponseWriter, request *http.Request) { response.WriteHeader(http.StatusCreated) _, err := response.Write([]byte("registered")) if err != nil { - http.Error(response, "Internal server error", http.StatusInternalServerError) + http.Error(response, "internal server error", http.StatusInternalServerError) return } } func LoginHandler(response http.ResponseWriter, request *http.Request) { - if request.Method != http.MethodPost { - http.Error(response, "POST only", http.StatusMethodNotAllowed) + if !isMethodAllowed(&response, request) { + return } ctx := request.Context() username := request.FormValue("username") password := request.FormValue("password") + respondBadLogin := func() { + http.Error(response, "bad login", http.StatusConflict) + } + if len(username) < 2 { - http.Error(response, "short username", http.StatusBadRequest) + respondBadLogin() return } user, err := GetUserDataByName(ctx, username) if err != nil { - http.Error(response, "Bad login", http.StatusBadRequest) + respondBadLogin() return } if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) == nil { token, err := GetToken(user) if err != nil { - http.Error(response, "Internal server error", http.StatusInternalServerError) + respondBadLogin() return } if _, err = response.Write([]byte(token)); err != nil { return } + return } + respondBadLogin() } + +func CreateGroupHandler(response http.ResponseWriter, request *http.Request) { + if !isMethodAllowed(&response, request) { + return + } + var anyAuthDone bool = false + var user User + ctx := request.Context() + username := request.FormValue("username") + password := request.FormValue("password") + token := request.FormValue("token") + + + respondBadLogin := func() { + http.Error(response, "bad login", http.StatusConflict) + } + + if len(username) < 2 { + respondBadLogin() + } + + user, err := GetUserDataByName(ctx, username) + if err != nil { + respondBadLogin() + return + } + + if len(password) > 0 { + if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) != nil { + respondBadLogin() + return + } + anyAuthDone = true + } else if (len(token) > 0) { + user, err := GetUserFromToken(token) + if err != nil { + respondBadLogin() + } + } + + CreateChatGroupWithoutMembers(ctx, &ChatGroup{ + Name: + }) +} \ No newline at end of file diff --git a/structures.go b/structures.go index c38751e..9a80eb6 100644 --- a/structures.go +++ b/structures.go @@ -1,12 +1,16 @@ package main -import "github.com/coder/websocket" +import ( + "time" + + "github.com/coder/websocket" +) type User struct { - Id uint32 Name string Password string Color string + Id uint32 IsPasswordHashed bool } type Client struct { @@ -15,4 +19,12 @@ type Client struct { } type ChatGroup struct { + Members []User + CreatedAt time.Time + Name string + Id uint32 + CreatorId uint32 + OwnerId uint32 + Color [3]byte + EnableUserColors bool }