From 495f9bd2d542ec1f053231d859cae1274e6709da Mon Sep 17 00:00:00 2001 From: Chris Cromer Date: Fri, 27 Jan 2023 23:51:40 -0300 Subject: [PATCH] improve user controller http responses and error checking --- backend/controllers/user.go | 153 +++++++++++++++++++++--------------- 1 file changed, 90 insertions(+), 63 deletions(-) diff --git a/backend/controllers/user.go b/backend/controllers/user.go index 1939c27..3d68cfa 100644 --- a/backend/controllers/user.go +++ b/backend/controllers/user.go @@ -13,57 +13,40 @@ import ( "github.com/julienschmidt/httprouter" ) -func AuthenticateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { - type Message struct { - Status string `json:"status"` - } - - message := Message{Status: "authorized"} - - writer.Header().Set("Content-Type", "application/json") - writer.WriteHeader(http.StatusOK) - json.NewEncoder(writer).Encode(message) -} - -func CreateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { - gdb := database.Connect() - defer database.Close(gdb) - - user := models.User{ - Name: request.FormValue("name"), - Email: request.FormValue("email"), - } - user.HashPassword(request.FormValue("password")) - - gdb.Create(&user) -} - -func UpdateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { +func Login(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var user models.User - userID, _ := strconv.ParseUint(params.ByName("id"), 10, 64) + gdb.Model(models.User{}).Where(&models.User{Username: request.FormValue("username")}).Find(&user) - gdb.Model(models.User{}).Where(&models.User{ID: userID}).Find(&user) - - if request.FormValue("password") != "" { - var oldPassword = request.FormValue("old_password") - err := user.CheckPassword(oldPassword) - if err != nil { - utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect password").Error()) - return - - } else { - user.HashPassword(request.FormValue("password")) - } + err := user.CheckPassword(request.FormValue("password")) + if err != nil { + utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect password").Error()) + return } - user.Name = request.FormValue("name") - user.Email = request.FormValue("email") + type Token struct { + Token string `json:"token"` + } - gdb.Updates(&user) + tokenString, err := utils.GenerateJWT(user.Email, user.Username) + if err != nil { + utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) + return + } + + token := Token{Token: tokenString} + + writer.Header().Set("Content-Type", "application/json") + writer.WriteHeader(http.StatusOK) + json.NewEncoder(writer).Encode(token) +} + +func AuthenticateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { + writer.Header().Set("Content-Type", "application/json") + writer.WriteHeader(http.StatusNoContent) } func ListUsers(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { @@ -97,7 +80,7 @@ func GetUser(writer http.ResponseWriter, request *http.Request, params httproute utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else if result.RowsAffected == 0 { - utils.JSONErrorOutput(writer, http.StatusNotFound, "A user with the id "+params.ByName("id")+" doesn't exist!") + writer.WriteHeader(http.StatusNotFound) return } else { user.Password = "" @@ -107,33 +90,77 @@ func GetUser(writer http.ResponseWriter, request *http.Request, params httproute } } -func Login(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { +func CreateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { + gdb := database.Connect() + defer database.Close(gdb) + + user := models.User{ + Name: request.FormValue("name"), + Email: request.FormValue("email"), + } + user.HashPassword(request.FormValue("password")) + + result := gdb.Create(&user) + if result.Error != nil { + utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) + return + } else { + writer.WriteHeader(http.StatusNoContent) + } +} + +func UpdateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var user models.User - gdb.Model(models.User{}).Where(&models.User{Username: request.FormValue("username")}).Find(&user) + userID, _ := strconv.ParseUint(params.ByName("id"), 10, 64) - err := user.CheckPassword(request.FormValue("password")) - if err != nil { - utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect password").Error()) + gdb.Model(models.User{}).Where(&models.User{ID: userID}).Find(&user) + + if request.FormValue("password") != "" { + var oldPassword = request.FormValue("old_password") + err := user.CheckPassword(oldPassword) + if err != nil { + utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect password").Error()) + return + + } else { + user.HashPassword(request.FormValue("password")) + } + } + + user.Name = request.FormValue("name") + user.Email = request.FormValue("email") + + result := gdb.Updates(&user) + if result.Error != nil { + utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return - } - - type Token struct { - Token string `json:"token"` - } - - tokenString, err := utils.GenerateJWT(user.Email, user.Username) - if err != nil { - utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) + } else if result.RowsAffected == 0 { + writer.WriteHeader(http.StatusNotFound) return + } else { + writer.WriteHeader(http.StatusNoContent) + } +} + +func DeleteUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { + gdb := database.Connect() + defer database.Close(gdb) + + var user models.User + user.ID, _ = strconv.ParseUint(params.ByName("id"), 10, 64) + + result := gdb.Delete(&user) + if result.Error != nil { + utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) + return + } else if result.RowsAffected == 0 { + writer.WriteHeader(http.StatusNotFound) + return + } else { + writer.WriteHeader(http.StatusNoContent) } - - token := Token{Token: tokenString} - - writer.Header().Set("Content-Type", "application/json") - writer.WriteHeader(http.StatusOK) - json.NewEncoder(writer).Encode(token) }