admin/go-socket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c85c66e43a703921f91cf3d17e593b4789099727
go-socket/packages/httpRequest/user.go
T
gitGnome c85c66e43a add dynamic profile update, connection helper, file download metadata 
- replace UserSetColor/UserSetPronouns with single UserUpdateProfile that dynamically builds one UPDATE query from UserProfileUpdateList
- add getConnectionWithResponseOnFail helper to deduplicate connection ID parsing and validation across handlers
- rename file.go to attachmentFile.go and update handler names
- GetDownloadUrlAndMetadata now fetches object metadata via StatObject and returns it alongside the presigned URL
- file download endpoint returns JSON with url and originalName
- add description field to user and DB schema
- remove unused ConnectionState variants (GroupFellow, GroupFriend)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-17 13:28:27 +02:00

235 lines
5.9 KiB
Go
Raw Blame History

package httpRequest
import (
json2 "encoding/json"
"go-socket/packages/convertions"
"go-socket/packages/globals"
"go-socket/packages/minio"
"net/http"
"time"
"go-socket/packages/cache"
"go-socket/packages/passwords"
"go-socket/packages/postgresql"
"go-socket/packages/tokens"
"go-socket/packages/types"
"golang.org/x/crypto/bcrypt"
)
func HandleUserNewToken(response http.ResponseWriter, request *http.Request) {
if !postValidCheckWithResponseOnFail(&response, request, false) {
return
}
username := request.FormValue("username")
if len(username) < 4 {
http.Error(response, "no or short username", http.StatusBadRequest)
return
}
password := request.FormValue("password")
if len(password) < 8 {
http.Error(response, "no or short passwords", http.StatusBadRequest)
return
}
var (
user *types.User
err error
ctx = request.Context()
)
user, err = cache.CacheGetUserByName(username)
if err != nil {
user = &types.User{Name: username}
if err = postgresql.UserGetStandardInfoByName(ctx, user); err != nil {
http.Error(response, "bad login", http.StatusUnauthorized)
return
}
if err = postgresql.GetWholeUser(ctx, user); err != nil {
http.Error(response, err.Error(), http.StatusInternalServerError)
return
}
}
err = bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password))
if err != nil {
http.Error(response, "bad login", http.StatusUnauthorized)
return
}
token, err := tokens.TokenCreate(user.Id)
if err != nil {
http.Error(response, "internal server error", http.StatusInternalServerError)
return
}
json, err := json2.Marshal(types.LoginReturn{Token: token, UserId: user.Id})
if err != nil {
http.Error(response, "internal server error", http.StatusInternalServerError)
return
}
response.WriteHeader(http.StatusCreated)
response.Write(json)
}
func HandleUserNew(response http.ResponseWriter, request *http.Request) {
if !postValidCheckWithResponseOnFail(&response, request, false) {
return
}
username := request.FormValue("username")
if len(username) < 4 {
http.Error(response, "no or short username", http.StatusBadRequest)
return
}
password := request.FormValue("password")
if len(password) < 8 {
http.Error(response, "no or short passwords", http.StatusBadRequest)
return
}
hashedPassword, err := passwords.PasswordHash(password)
if err != nil {
http.Error(response, "internal server error", http.StatusInternalServerError)
return
}
newUser := &types.User{
Name: username,
PasswordHash: hashedPassword,
Color: types.Rgba{}.GetRandom(),
CreatedAt: time.Now(),
}
ctx := request.Context()
err = postgresql.UserSave(ctx, newUser)
if err != nil {
http.Error(response, "name taken", http.StatusUnauthorized)
return
}
response.WriteHeader(http.StatusCreated)
}
func HandleUserDelete(response http.ResponseWriter, request *http.Request) {
if !postValidCheckWithResponseOnFail(&response, request, false) {
return
}
ctx := request.Context()
userId, err := tokens.TokenValidateGetId(request.FormValue("token"))
if err != nil {
http.Error(response, "invalid token", http.StatusUnauthorized)
return
}
err = postgresql.UserDelete(ctx, userId)
if err != nil {
http.Error(response, "internal server error", http.StatusInternalServerError)
return
}
cache.CacheDeleteUser(userId)
response.WriteHeader(http.StatusAccepted)
}
func HandleUserModProfile(response http.ResponseWriter, request *http.Request) {
if !postValidCheckWithResponseOnFail(&response, request, false) {
return
}
ctx := request.Context()
user, err := getUserByToken(ctx, request.FormValue("token"))
if err != nil {
http.Error(response, "invalid token", http.StatusUnauthorized)
return
}
var updateList types.UserProfileUpdateList
if pronouns := request.FormValue("pronouns"); pronouns != "" {
if len(pronouns) > 32 {
http.Error(response, "pronouns too long", http.StatusBadRequest)
return
}
user.Pronouns = pronouns
updateList.Pronouns = true
}
if description := request.FormValue("description"); description != "" {
if len(description) > 256 {
http.Error(response, "description too long", http.StatusBadRequest)
return
}
user.Description = description
updateList.Description = true
}
if colorStr := request.FormValue("color"); colorStr != "" {
color, err := convertions.StringToRgba(colorStr)
if err != nil {
http.Error(response, "invalid color", http.StatusBadRequest)
return
}
user.Color = color
updateList.Color = true
}
err = postgresql.UserUpdateProfile(ctx, user, updateList)
if err != nil {
http.Error(response, "internal server error", http.StatusInternalServerError)
return
}
response.WriteHeader(http.StatusAccepted)
}
func HandleUserModAvatar(response http.ResponseWriter, request *http.Request) {
if !postValidCheckWithResponseOnFail(&response, request, true) {
return
}
ctx := request.Context()
user, err := getUserByToken(ctx, request.Header.Get("token"))
if err != nil {
http.Error(response, "invalid token", http.StatusUnauthorized)
return
}
request.Body = http.MaxBytesReader(response, request.Body, int64(globals.MaxPostWithFileBytes))
if err = request.ParseMultipartForm(int64(globals.MaxPostBytes)); err != nil {
http.Error(response, "invalid multipart form", http.StatusBadRequest)
return
}
conn, ok := getConnectionWithResponseOnFail(&response, request, user)
if !ok {
return
}
file, header, err := request.FormFile("file")
if err != nil {
http.Error(response, "missing file", http.StatusBadRequest)
return
}
defer file.Close()
contentType := header.Header.Get("Content-Type")
key := minio.GetKey(conn.Id, contentType, minio.File)
if err = minio.Upload(ctx, key, file, header.Size, contentType, map[string]string{
"originalName": header.Filename,
"uploaderId": user.Id.String(),
}); err != nil {
http.Error(response, "upload failed", http.StatusInternalServerError)
return
}
}
Reference in New Issue View Git Blame Copy Permalink