gitGnome
235 lines
5.3 KiB
Go
235 lines
5.3 KiB
Go
package main
|
|
|
|
import (
|
|
"encoding/binary"
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
)
|
|
|
|
func isMethodAllowed(response *http.ResponseWriter, request *http.Request) bool {
|
|
if request.Method != http.MethodPost {
|
|
http.Error(*response, "POST only", http.StatusMethodNotAllowed)
|
|
return false
|
|
}
|
|
return true
|
|
}
|
|
|
|
func parseRgb(str string) ([3]uint8, error) {
|
|
parts := strings.SplitN(str, ",", 4)
|
|
if len(parts) != 3 {
|
|
return [3]uint8{}, fmt.Errorf("invalid rgb")
|
|
}
|
|
var rgb [3]uint8
|
|
for i, p := range parts {
|
|
n, err := strconv.ParseUint(strings.TrimSpace(p), 10, 8)
|
|
if err != nil {
|
|
return [3]uint8{}, fmt.Errorf("invalid component %d: %w", i, err)
|
|
}
|
|
rgb[i] = uint8(n)
|
|
}
|
|
return rgb, nil
|
|
}
|
|
|
|
func HttpHandleNewUser(response http.ResponseWriter, request *http.Request) {
|
|
if !isMethodAllowed(&response, request) {
|
|
return
|
|
}
|
|
|
|
username := request.FormValue("username")
|
|
if len(username) < 4 {
|
|
http.Error(response, "no or short username", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
password := request.FormValue("password")
|
|
if len(password) < 8 {
|
|
http.Error(response, "no or short password", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
color, err := parseRgb(request.FormValue("color"))
|
|
if err != nil {
|
|
http.Error(response, "bad color", http.StatusBadRequest)
|
|
}
|
|
|
|
hashedPassword, err := PasswordHash(password)
|
|
if err != nil {
|
|
http.Error(response, "internal server error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
newClient := &Client{
|
|
Name: username,
|
|
PasswordHash: hashedPassword,
|
|
Color: color,
|
|
CreatedAt: time.Now(),
|
|
}
|
|
|
|
ctx := request.Context()
|
|
|
|
err = DbSaveClientWithoutGroups(ctx, newClient)
|
|
if err != nil {
|
|
http.Error(response, "name taken", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
}
|
|
|
|
func HttpHandleLogin(response http.ResponseWriter, request *http.Request) {
|
|
if !isMethodAllowed(&response, request) {
|
|
return
|
|
}
|
|
|
|
username := request.FormValue("username")
|
|
if len(username) < 4 {
|
|
http.Error(response, "no or short username", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
var client = Client{Name: username}
|
|
if len(client.Name) < 8 {
|
|
http.Error(response, "no or short password", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
ctx := request.Context()
|
|
|
|
err := DbSetClientByName(ctx, &client)
|
|
if err != nil {
|
|
http.Error(response, "bad login", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
_, err = CacheGetClientById(client.Id)
|
|
if err == nil {
|
|
otherLoggedIn, err := CacheGetClientById(client.Id)
|
|
if err == nil {
|
|
otherLoggedIn.WsConn.CloseNow()
|
|
}
|
|
}
|
|
|
|
token, err := TokenCreate(client.Id)
|
|
if err != nil {
|
|
http.Error(response, "internal server error", http.StatusInternalServerError)
|
|
}
|
|
response.Write([]byte(token))
|
|
}
|
|
|
|
func HttpHandleGroupCreate(response http.ResponseWriter, request *http.Request) {
|
|
if !isMethodAllowed(&response, request) {
|
|
return
|
|
}
|
|
|
|
token := request.FormValue("token")
|
|
clientId, err := TokenValidateGetId(token)
|
|
if err != nil {
|
|
http.Error(response, "invalid token", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
name := request.FormValue("name")
|
|
if name == "" {
|
|
name = "Best group ever"
|
|
}
|
|
|
|
colorString := request.FormValue("color")
|
|
color, err := parseRgb(colorString)
|
|
if err != nil {
|
|
var ok bool
|
|
color, ok = Colors[colorString]
|
|
if !ok {
|
|
color = Colors["default"]
|
|
}
|
|
}
|
|
|
|
ctx := request.Context()
|
|
|
|
client := Client{Id: clientId}
|
|
cacheClient, err := CacheGetClientById(clientId)
|
|
if err == nil {
|
|
client = *cacheClient
|
|
} else {
|
|
err = DbSetClientById(ctx, &client)
|
|
if err != nil {
|
|
http.Error(response, "internal server error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
}
|
|
|
|
group := Group{
|
|
Name: name,
|
|
CreatedAt: time.Now(),
|
|
OwnerId: clientId,
|
|
CreatorId: clientId,
|
|
Color: color,
|
|
}
|
|
|
|
enableClientColors := request.FormValue("enableClientColors")
|
|
if enableClientColors == "1" {
|
|
group.EnableClientColors = true
|
|
}
|
|
|
|
err = DbSaveGroupWithoutClients(ctx, &group)
|
|
if err != nil {
|
|
http.Error(response, "internal server error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
groupIdBytes := make([]byte, 4)
|
|
binary.BigEndian.PutUint32(groupIdBytes, group.Id)
|
|
response.Write(groupIdBytes)
|
|
}
|
|
|
|
func HttpHandleGroupAddClient(response http.ResponseWriter, request *http.Request) {
|
|
if !isMethodAllowed(&response, request) {
|
|
return
|
|
}
|
|
|
|
token := request.FormValue("token")
|
|
clientId, err := TokenValidateGetId(token)
|
|
if err != nil {
|
|
http.Error(response, "invalid token", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
affectedGroupId, err := ConvertStringUint32(request.FormValue("groupid"))
|
|
if err != nil {
|
|
http.Error(response, "no such group", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
ctx := request.Context()
|
|
|
|
var group Group
|
|
groupPtr, err := CacheGetGroup(affectedGroupId)
|
|
if err == nil {
|
|
group = *groupPtr
|
|
} else {
|
|
err = DbSetGroupById(ctx, &group)
|
|
if err != nil {
|
|
http.Error(response, "no such group", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
}
|
|
|
|
if group.OwnerId != clientId {
|
|
http.Error(response, "no such group", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
usersToAddString := request.FormValue("users")
|
|
var remainingUsersCount = int(MaxClientsInGroup) - len(group.Clients)
|
|
if remainingUsersCount < 1 {
|
|
http.Error(response, "max users", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
usersToAdd := strings.SplitN(usersToAddString, ",", remainingUsersCount+1)
|
|
if len(usersToAdd) == 0 {
|
|
http.Error(response, "no users to add", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
}
|