package httpRequest import ( json2 "encoding/json" "net/http" "time" "go-socket/packages/cache" "go-socket/packages/convertions" "go-socket/packages/passwords" "go-socket/packages/postgresql" "go-socket/packages/tokens" "go-socket/packages/types" "golang.org/x/crypto/bcrypt" ) func HandleUserNewToken(response http.ResponseWriter, request *http.Request) { if !postValidCheckWithResponseOnFail(&response, request, false) { return } username := request.FormValue("username") if len(username) < 4 { http.Error(response, "no or short username", http.StatusBadRequest) return } password := request.FormValue("password") if len(password) < 8 { http.Error(response, "no or short passwords", http.StatusBadRequest) return } var ( user *types.User err error ctx = request.Context() ) user, err = cache.CacheGetUserByName(username) if err != nil { user = &types.User{Name: username} if err = postgresql.UserGetStandardInfoByName(ctx, user); err != nil { http.Error(response, "bad login", http.StatusUnauthorized) return } if err = postgresql.GetWholeUser(ctx, user); err != nil { http.Error(response, err.Error(), http.StatusInternalServerError) return } } err = bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password)) if err != nil { http.Error(response, "bad login", http.StatusUnauthorized) return } token, err := tokens.TokenCreate(user.Id) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } json, err := json2.Marshal(types.LoginReturn{Token: token, UserId: user.Id}) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } response.WriteHeader(http.StatusCreated) response.Write(json) } func HandleUserNew(response http.ResponseWriter, request *http.Request) { if !postValidCheckWithResponseOnFail(&response, request, false) { return } username := request.FormValue("username") if len(username) < 4 { http.Error(response, "no or short username", http.StatusBadRequest) return } password := request.FormValue("password") if len(password) < 8 { http.Error(response, "no or short passwords", http.StatusBadRequest) return } hashedPassword, err := passwords.PasswordHash(password) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } newUser := &types.User{ Name: username, PasswordHash: hashedPassword, Color: types.Rgba{}.GetRandom(), CreatedAt: time.Now(), } ctx := request.Context() err = postgresql.UserSave(ctx, newUser) if err != nil { http.Error(response, "name taken", http.StatusUnauthorized) return } response.WriteHeader(http.StatusCreated) } func HandleUserDelete(response http.ResponseWriter, request *http.Request) { if !postValidCheckWithResponseOnFail(&response, request, false) { return } ctx := request.Context() userId, err := tokens.TokenValidateGetId(request.FormValue("token")) if err != nil { http.Error(response, "invalid token", http.StatusUnauthorized) return } err = postgresql.UserDelete(ctx, userId) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } cache.CacheDeleteUser(userId) response.WriteHeader(http.StatusAccepted) } // HandleUserModifyAppearance currently just color func HandleUserModifyAppearance(response http.ResponseWriter, request *http.Request) { if !postValidCheckWithResponseOnFail(&response, request, false) { return } ctx := request.Context() user, err := getUserByToken(ctx, request.FormValue("token")) if err != nil { http.Error(response, "invalid token", http.StatusUnauthorized) return } color, err := convertions.StringToRgba(request.FormValue("color")) if err != nil { http.Error(response, "invalid color", http.StatusBadRequest) return } user.Color = color err = postgresql.UserSetColor(ctx, user) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } response.WriteHeader(http.StatusAccepted) } // HandleUserModifyAbout currently just pronouns func HandleUserModifyAbout(response http.ResponseWriter, request *http.Request) { if !postValidCheckWithResponseOnFail(&response, request, false) { return } ctx := request.Context() user, err := getUserByToken(ctx, request.FormValue("token")) if err != nil { http.Error(response, "invalid token", http.StatusUnauthorized) return } pronouns := request.FormValue("pronouns") if len(pronouns) > 25 || len(pronouns) < 2 { http.Error(response, "invalid pronouns", http.StatusBadRequest) return } user.Pronouns = pronouns err = postgresql.UserSetPronouns(ctx, user) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } response.WriteHeader(http.StatusAccepted) }