From 9c4348d402441dc8bac2cb3ecc41efc825307f0b Mon Sep 17 00:00:00 2001 From: Andrew Date: Wed, 28 Apr 2021 14:37:37 +0400 Subject: Added Added view for getting keys of registered users. --- http-server/database.go | 17 ++++++++ http-server/main.go | 103 ++++++++++++++++++++++++++++++++++++++++-------- 2 files changed, 104 insertions(+), 16 deletions(-) (limited to 'http-server') diff --git a/http-server/database.go b/http-server/database.go index d13e8c1..e79b3e7 100644 --- a/http-server/database.go +++ b/http-server/database.go @@ -2,6 +2,7 @@ package main import ( "database/sql" + "errors" _ "github.com/mattn/go-sqlite3" ) @@ -32,6 +33,22 @@ func (conn *SQLConnection) checkUserRegistered(username string) (bool, error) { return false, nil } +func (conn *SQLConnection) getUserKey(username string) (string, error) { + query := "SELECT key FROM users WHERE username = ?" + result, err := conn.db.Query(query, username) + if err != nil { + return "", err + } + if result.Next() { + var key string + _ = result.Scan(&key) + _ = result.Close() + return key, nil + } else { + return "", errors.New("user not found") + } +} + func (conn *SQLConnection) saveMessage(message Message) error { var err error diff --git a/http-server/main.go b/http-server/main.go index af7d4be..55306e8 100644 --- a/http-server/main.go +++ b/http-server/main.go @@ -2,6 +2,7 @@ package main import ( "encoding/json" + "errors" "fmt" "io" "net/http" @@ -15,8 +16,9 @@ type Response struct { } type Request struct { - User string - Data string + User string + Data string + Signature string } type Message struct { @@ -67,10 +69,6 @@ func serverError(w http.ResponseWriter) error { }) } -func index(w http.ResponseWriter, r *http.Request) { - _, _ = fmt.Fprintf(w, "Hello there") -} - func register(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { _ = methodNotAllowedResponse(w) @@ -88,19 +86,19 @@ func register(w http.ResponseWriter, r *http.Request) { return } - // TODO(andrew): Добавить проверку действительности ключа - if false { + if userRegistered { w.WriteHeader(http.StatusBadRequest) _ = jsonResponse(w, Response{ - Message: "Указанный ключ не является действительным", + Message: "Пользователь с таким именем уже зарегистрирован", }) return } - if userRegistered { + // TODO(andrew): Добавить проверку действительности ключа + if false { w.WriteHeader(http.StatusBadRequest) _ = jsonResponse(w, Response{ - Message: "Пользователь с таким именем уже зарегистрирован", + Message: "Указанный ключ не является действительным", }) return } @@ -119,6 +117,27 @@ func register(w http.ResponseWriter, r *http.Request) { }) } +func handleAuthentication(req Request) (error, error) { + userRegistered, dbError := db.checkUserRegistered(req.User) + if dbError != nil { + return nil, dbError + } + + if !userRegistered { + return errors.New("такой пользователь не зарегистрирован"), nil + } + + key, err := db.getUserKey(req.User) + if err != nil { + return nil, err + } + + // TODO(andrew): Добавить проверку подписи req.Signature + fmt.Sprintf("%s", key) + + return nil, nil +} + func sendMessage(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { _ = methodNotAllowedResponse(w) @@ -130,14 +149,18 @@ func sendMessage(w http.ResponseWriter, r *http.Request) { return } - // TODO(andrew): Добавить аутентификацию - if false { + authErr, dbErr := handleAuthentication(req) + if authErr != nil { w.WriteHeader(http.StatusForbidden) _ = jsonResponse(w, Response{ Message: "Запрос не прошёл аутентификацию", }) return } + if dbErr != nil { + _ = serverError(w) + return + } msg := Message{ User: req.User, @@ -170,14 +193,18 @@ func pollMessages(w http.ResponseWriter, r *http.Request) { return } - // TODO(andrew): Добавить аутентификацию - if false { + authErr, dbErr := handleAuthentication(req) + if authErr != nil { w.WriteHeader(http.StatusForbidden) _ = jsonResponse(w, Response{ Message: "Запрос не прошёл аутентификацию", }) return } + if dbErr != nil { + _ = serverError(w) + return + } timestamp, err := strconv.ParseInt(req.Data, 10, 64) if err != nil { @@ -200,6 +227,50 @@ func pollMessages(w http.ResponseWriter, r *http.Request) { }) } +func getUserKey(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + _ = methodNotAllowedResponse(w) + return + } + + req, err := parseRequest(w, r) + if err != nil { + return + } + + authErr, dbErr := handleAuthentication(req) + if authErr != nil { + w.WriteHeader(http.StatusForbidden) + _ = jsonResponse(w, Response{ + Message: "Запрос не прошёл аутентификацию", + }) + return + } + if dbErr != nil { + _ = serverError(w) + return + } + + userRegistered, err := db.checkUserRegistered(req.Data) + if !userRegistered { + w.WriteHeader(http.StatusBadRequest) + _ = jsonResponse(w, Response{ + Message: "Пользователь с таким именем не зарегистрирован", + }) + return + } + + key, err := db.getUserKey(req.Data) + if err != nil { + _ = serverError(w) + return + } + + _ = jsonResponse(w, Response{ + Message: key, + }) +} + var db SQLConnection func main() { @@ -209,10 +280,10 @@ func main() { os.Exit(1) } - http.HandleFunc("/", index) http.HandleFunc("/api/register", register) http.HandleFunc("/api/sendMessage", sendMessage) http.HandleFunc("/api/pollMessages", pollMessages) + http.HandleFunc("/api/getUserKey", getUserKey) err = http.ListenAndServe("localhost:8080", nil) if err != nil { fmt.Println(err) -- cgit v1.2.3