cromp/cmd/cromps/main.go

92 lines
2.3 KiB
Go

package main
import (
"context"
"database/sql"
"log"
"net/http"
"time"
"github.com/google/uuid"
_ "github.com/lib/pq"
"suah.dev/cromp/db"
)
var (
pd, err = sql.Open("postgres", "host=localhost dbname=qbit sslmode=disable password=''")
ctx, cancel = context.WithCancel(context.Background())
base = db.New(pd)
authedUsers = make(map[string]db.AuthUserRow)
)
func logger(f http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
log.Printf("%s\n", r.URL.Path)
f(w, r)
}
}
func checkAuth(f http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("X-Access-Token")
if token == "" {
log.Printf("checkAuth: %s received empty token\n", r.URL.Path)
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
if user, ok := authedUsers[token]; ok {
if time.Now().Before(user.TokenExpires) {
log.Printf("checkAuth: %s received valid token\n", r.URL.Path)
f(w, r)
} else {
delete(authedUsers, token)
log.Printf("checkAuth: %s received expired token\n", r.URL.Path)
http.Error(w, "Token Expired", http.StatusUnauthorized)
return
}
} else {
t, err := uuid.Parse(token)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
user, err := base.GetUserByToken(ctx, t)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
if time.Now().Before(user.TokenExpires) {
log.Printf("checkAuth: %s received valid token\n", r.URL.Path)
f(w, r)
} else {
delete(authedUsers, token)
log.Printf("checkAuth: %s received expired token\n", r.URL.Path)
http.Error(w, "Token Expired", http.StatusUnauthorized)
return
}
}
}
}
func main() {
defer cancel() // cancel when we are finished consuming integers
if err != nil {
panic(err)
}
defer pd.Close()
http.HandleFunc("/user/new", logger(NewUser))
http.HandleFunc("/user/auth", logger(Auth))
http.HandleFunc("/entries/add", checkAuth(logger(AddEntry)))
http.HandleFunc("/entries/delete", checkAuth(logger(Entries)))
http.HandleFunc("/entries/get", checkAuth(logger(Entries)))
http.HandleFunc("/entries/update", checkAuth(logger(Entries)))
http.HandleFunc("/entries/similar", checkAuth(logger(SimilarEntries)))
log.Fatalln(http.ListenAndServe(":8080", nil))
}