package controllers import ( "encoding/json" "errors" "math" "net/http" "strconv" "git.cromer.cl/Proyecto-Titulo/alai-server/backend/database" "git.cromer.cl/Proyecto-Titulo/alai-server/backend/models" "git.cromer.cl/Proyecto-Titulo/alai-server/backend/utils" "github.com/julienschmidt/httprouter" ) func Login(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var receivedUser models.User var user models.User decoder := json.NewDecoder(request.Body) err := decoder.Decode(&receivedUser) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } result := gdb.Model(models.User{}).Where(&models.User{Username: receivedUser.Username}).Find(&user) if result.Error != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else if result.RowsAffected == 0 { utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect user or password").Error()) return } err = user.CheckPassword(receivedUser.Password) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect user or password").Error()) return } type Token struct { Token string `json:"token"` } tokenString, err := utils.GenerateJWT(user.Email, user.Username) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } token := Token{Token: tokenString} writer.Header().Set("Content-Type", "application/json") writer.WriteHeader(http.StatusOK) json.NewEncoder(writer).Encode(token) } func AuthenticateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { writer.Header().Set("Content-Type", "application/json") writer.WriteHeader(http.StatusNoContent) } func ListUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var users []models.User queryParams := request.URL.Query() limit := 50 if queryParams.Get("limit") != "" { var err error limit, err = strconv.Atoi(queryParams.Get("limit")) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } limit = int(math.Min(float64(500), float64(limit))) limit = int(math.Max(float64(1), float64(limit))) } offset := 0 if queryParams.Get("offset") != "" { var err error offset, err = strconv.Atoi(queryParams.Get("offset")) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } offset = int(math.Min(float64(9223372036854775807), float64(offset))) offset = int(math.Max(float64(0), float64(offset))) } result := gdb.Model(&models.User{}).Order("ID asc").Limit(limit).Offset(offset).Find(&users) if result.Error != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else { for i := range users { users[i].Password = "" } writer.Header().Set("Content-Type", "application/json") writer.WriteHeader(http.StatusOK) json.NewEncoder(writer).Encode(users) } } func GetUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var user models.User result := gdb.Model(&models.User{}).Find(&user, params.ByName("id")) if result.Error != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else if result.RowsAffected == 0 { writer.WriteHeader(http.StatusNotFound) return } else { user.Password = "" writer.Header().Set("Content-Type", "application/json") writer.WriteHeader(http.StatusOK) json.NewEncoder(writer).Encode(user) } } func CreateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var user models.User decoder := json.NewDecoder(request.Body) err := decoder.Decode(&user) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } user.HashPassword(user.Password) result := gdb.Create(&user) if result.Error != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else { writer.WriteHeader(http.StatusNoContent) } } func UpdateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var user models.User decoder := json.NewDecoder(request.Body) err := decoder.Decode(&user) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } user.ID, err = strconv.ParseUint(params.ByName("id"), 10, 64) if err != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error()) return } if user.Password != "" { user.HashPassword(user.Password) } result := gdb.Updates(&user) if result.Error != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else if result.RowsAffected == 0 { writer.WriteHeader(http.StatusNotFound) return } else { writer.WriteHeader(http.StatusNoContent) } } func DeleteUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) { gdb := database.Connect() defer database.Close(gdb) var user models.User user.ID, _ = strconv.ParseUint(params.ByName("id"), 10, 64) result := gdb.Delete(&user) if result.Error != nil { utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error()) return } else if result.RowsAffected == 0 { writer.WriteHeader(http.StatusNotFound) return } else { writer.WriteHeader(http.StatusNoContent) } }