Added Added view for getting keys of registered users.

author: Andrew <saintruler@gmail.com> 2021-04-28 14:37:37 +0400
committer: Andrew <saintruler@gmail.com> 2021-04-28 14:37:37 +0400
commit: 9c4348d402441dc8bac2cb3ecc41efc825307f0b (patch)
tree: b4635d914d49e7f59275c21afe338fc08d6534df /http-server
parent: 3f672bf327b949a8335fb53b4649bdeef90fdd98 (diff)
2 files changed, 104 insertions, 16 deletions
diff --git a/http-server/database.go b/http-server/database.go
index d13e8c1..e79b3e7 100644
--- a/http-server/database.go
+++ b/http-server/database.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"database/sql"
+	"errors"
 	_ "github.com/mattn/go-sqlite3"
 )
 
@@ -32,6 +33,22 @@ func (conn *SQLConnection) checkUserRegistered(username string) (bool, error) {
 	return false, nil
 }
 
+func (conn *SQLConnection) getUserKey(username string) (string, error) {
+	query := "SELECT key FROM users WHERE username = ?"
+	result, err := conn.db.Query(query, username)
+	if err != nil {
+		return "", err
+	}
+	if result.Next() {
+		var key string
+		_ = result.Scan(&key)
+		_ = result.Close()
+		return key, nil
+	} else {
+		return "", errors.New("user not found")
+	}
+}
+
 func (conn *SQLConnection) saveMessage(message Message) error {
 	var err error
 
diff --git a/http-server/main.go b/http-server/main.go
index af7d4be..55306e8 100644
--- a/http-server/main.go
+++ b/http-server/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -15,8 +16,9 @@ type Response struct {
 }
 
 type Request struct {
-	User string
-	Data string
+	User      string
+	Data      string
+	Signature string
 }
 
 type Message struct {
@@ -67,10 +69,6 @@ func serverError(w http.ResponseWriter) error {
 	})
 }
 
-func index(w http.ResponseWriter, r *http.Request) {
-	_, _ = fmt.Fprintf(w, "Hello there")
-}
-
 func register(w http.ResponseWriter, r *http.Request) {
 	if r.Method != http.MethodPost {
 		_ = methodNotAllowedResponse(w)
@@ -88,19 +86,19 @@ func register(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// TODO(andrew): Добавить проверку действительности ключа
-	if false {
+	if userRegistered {
 		w.WriteHeader(http.StatusBadRequest)
 		_ = jsonResponse(w, Response{
-			Message: "Указанный ключ не является действительным",
+			Message: "Пользователь с таким именем уже зарегистрирован",
 		})
 		return
 	}
 
-	if userRegistered {
+	// TODO(andrew): Добавить проверку действительности ключа
+	if false {
 		w.WriteHeader(http.StatusBadRequest)
 		_ = jsonResponse(w, Response{
-			Message: "Пользователь с таким именем уже зарегистрирован",
+			Message: "Указанный ключ не является действительным",
 		})
 		return
 	}
@@ -119,6 +117,27 @@ func register(w http.ResponseWriter, r *http.Request) {
 	})
 }
 
+func handleAuthentication(req Request) (error, error) {
+	userRegistered, dbError := db.checkUserRegistered(req.User)
+	if dbError != nil {
+		return nil, dbError
+	}
+
+	if !userRegistered {
+		return errors.New("такой пользователь не зарегистрирован"), nil
+	}
+
+	key, err := db.getUserKey(req.User)
+	if err != nil {
+		return nil, err
+	}
+
+	// TODO(andrew): Добавить проверку подписи req.Signature
+	fmt.Sprintf("%s", key)
+
+	return nil, nil
+}
+
 func sendMessage(w http.ResponseWriter, r *http.Request) {
 	if r.Method != http.MethodPost {
 		_ = methodNotAllowedResponse(w)
@@ -130,14 +149,18 @@ func sendMessage(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// TODO(andrew): Добавить аутентификацию
-	if false {
+	authErr, dbErr := handleAuthentication(req)
+	if authErr != nil {
 		w.WriteHeader(http.StatusForbidden)
 		_ = jsonResponse(w, Response{
 			Message: "Запрос не прошёл аутентификацию",
 		})
 		return
 	}
+	if dbErr != nil {
+		_ = serverError(w)
+		return
+	}
 
 	msg := Message{
 		User:      req.User,
@@ -170,14 +193,18 @@ func pollMessages(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// TODO(andrew): Добавить аутентификацию
-	if false {
+	authErr, dbErr := handleAuthentication(req)
+	if authErr != nil {
 		w.WriteHeader(http.StatusForbidden)
 		_ = jsonResponse(w, Response{
 			Message: "Запрос не прошёл аутентификацию",
 		})
 		return
 	}
+	if dbErr != nil {
+		_ = serverError(w)
+		return
+	}
 
 	timestamp, err := strconv.ParseInt(req.Data, 10, 64)
 	if err != nil {
@@ -200,6 +227,50 @@ func pollMessages(w http.ResponseWriter, r *http.Request) {
 	})
 }
 
+func getUserKey(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		_ = methodNotAllowedResponse(w)
+		return
+	}
+
+	req, err := parseRequest(w, r)
+	if err != nil {
+		return
+	}
+
+	authErr, dbErr := handleAuthentication(req)
+	if authErr != nil {
+		w.WriteHeader(http.StatusForbidden)
+		_ = jsonResponse(w, Response{
+			Message: "Запрос не прошёл аутентификацию",
+		})
+		return
+	}
+	if dbErr != nil {
+		_ = serverError(w)
+		return
+	}
+
+	userRegistered, err := db.checkUserRegistered(req.Data)
+	if !userRegistered {
+		w.WriteHeader(http.StatusBadRequest)
+		_ = jsonResponse(w, Response{
+			Message: "Пользователь с таким именем не зарегистрирован",
+		})
+		return
+	}
+
+	key, err := db.getUserKey(req.Data)
+	if err != nil {
+		_ = serverError(w)
+		return
+	}
+
+	_ = jsonResponse(w, Response{
+		Message: key,
+	})
+}
+
 var db SQLConnection
 
 func main() {
@@ -209,10 +280,10 @@ func main() {
 		os.Exit(1)
 	}
 
-	http.HandleFunc("/", index)
 	http.HandleFunc("/api/register", register)
 	http.HandleFunc("/api/sendMessage", sendMessage)
 	http.HandleFunc("/api/pollMessages", pollMessages)
+	http.HandleFunc("/api/getUserKey", getUserKey)
 	err = http.ListenAndServe("localhost:8080", nil)
 	if err != nil {
 		fmt.Println(err)
author	Andrew <saintruler@gmail.com>	2021-04-28 14:37:37 +0400
committer	Andrew <saintruler@gmail.com>	2021-04-28 14:37:37 +0400
commit	9c4348d402441dc8bac2cb3ecc41efc825307f0b (patch)
tree	b4635d914d49e7f59275c21afe338fc08d6534df /http-server
parent	3f672bf327b949a8335fb53b4649bdeef90fdd98 (diff)