package main import ( json2 "encoding/json" "net/http" "time" "golang.org/x/crypto/bcrypt" ) func HttpHandleUserNewToken(response http.ResponseWriter, request *http.Request) { if !HttpMethodAllowed(&response, request) { return } username := request.FormValue("username") if len(username) < 4 { http.Error(response, "no or short username", http.StatusBadRequest) return } password := request.FormValue("password") if len(password) < 8 { http.Error(response, "no or short password", http.StatusBadRequest) return } var ( user *User err error ctx = request.Context() ) user, err = CacheGetUserByName(username) if err != nil { user = &User{Name: username} if err = DbUserGetStandardInfoByName(ctx, user); err != nil { http.Error(response, "bad login", http.StatusUnauthorized) return } if err = DbGetWholeUser(ctx, user); err != nil { http.Error(response, err.Error(), http.StatusInternalServerError) return } } err = bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password)) if err != nil { http.Error(response, "bad login", http.StatusUnauthorized) return } token, err := TokenCreate(user.Id) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } json, err := json2.Marshal(LoginReturn{Token: token, UserId: user.Id}) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } response.WriteHeader(http.StatusCreated) response.Write(json) } func HttpHandleUserNew(response http.ResponseWriter, request *http.Request) { if !HttpMethodAllowed(&response, request) { return } username := request.FormValue("username") if len(username) < 4 { http.Error(response, "no or short username", http.StatusBadRequest) return } password := request.FormValue("password") if len(password) < 8 { http.Error(response, "no or short password", http.StatusBadRequest) return } hashedPassword, err := PasswordHash(password) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } newUser := &User{ Name: username, PasswordHash: hashedPassword, Color: Rgba{}.GetRandom(), CreatedAt: time.Now(), } ctx := request.Context() err = DbUserSave(ctx, newUser) if err != nil { http.Error(response, "name taken", http.StatusUnauthorized) return } response.WriteHeader(http.StatusCreated) } func HttpHandleUserDelete(response http.ResponseWriter, request *http.Request) { if !HttpMethodAllowed(&response, request) { return } ctx := request.Context() userId, err := TokenValidateGetId(request.FormValue("token")) if err != nil { http.Error(response, "invalid token", http.StatusUnauthorized) return } err = DbUserDelete(ctx, userId) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } CacheDeleteUser(userId) response.WriteHeader(http.StatusAccepted) } // HttpHandleUserModifyAppearance currently just color func HttpHandleUserModifyAppearance(response http.ResponseWriter, request *http.Request) { if !HttpMethodAllowed(&response, request) { return } ctx := request.Context() user, err := GetUserByToken(ctx, request.FormValue("token")) if err != nil { http.Error(response, "invalid token", http.StatusUnauthorized) return } color, err := ConvertStringToRgba(request.FormValue("color")) if err != nil { http.Error(response, "invalid color", http.StatusBadRequest) return } user.Color = color err = DbUserSetColor(ctx, user) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } response.WriteHeader(http.StatusAccepted) } // HttpHandleUserModifyAbout currently just pronouns func HttpHandleUserModifyAbout(response http.ResponseWriter, request *http.Request) { if !HttpMethodAllowed(&response, request) { return } ctx := request.Context() user, err := GetUserByToken(ctx, request.FormValue("token")) if err != nil { http.Error(response, "invalid token", http.StatusUnauthorized) return } pronouns := request.FormValue("pronouns") if len(pronouns) > 25 || len(pronouns) < 2 { http.Error(response, "invalid pronouns", http.StatusBadRequest) return } user.Pronouns = pronouns err = DbUserSetPronouns(ctx, user) if err != nil { http.Error(response, "internal server error", http.StatusInternalServerError) return } response.WriteHeader(http.StatusAccepted) }