[remove] unused JSON API routes
This commit is contained in:
parent
df7f806834
commit
4caec5fbe0
13
API.md
13
API.md
@ -1,13 +0,0 @@
|
||||
# API
|
||||
|
||||
## Original Endpoints
|
||||
|
||||
POST /users/create
|
||||
GET /users/auth
|
||||
GET /syncs/progress/:document
|
||||
PUT /syncs/progress
|
||||
|
||||
## New Endpoints
|
||||
|
||||
GET /syncs/activity
|
||||
POST /syncs/activity
|
21
api/api.go
21
api/api.go
@ -65,7 +65,6 @@ func NewApi(db *database.DBManager, c *config.Config) *API {
|
||||
// Register API Routes
|
||||
apiGroup := api.Router.Group("/api")
|
||||
api.registerKOAPIRoutes(apiGroup)
|
||||
api.registerWebAPIRoutes(apiGroup)
|
||||
|
||||
return api
|
||||
}
|
||||
@ -110,8 +109,6 @@ func (api *API) registerWebAppRoutes() {
|
||||
func (api *API) registerKOAPIRoutes(apiGroup *gin.RouterGroup) {
|
||||
koGroup := apiGroup.Group("/ko")
|
||||
|
||||
koGroup.GET("/info", api.serverInfo)
|
||||
|
||||
koGroup.POST("/users/create", api.createUser)
|
||||
koGroup.GET("/users/auth", api.authAPIMiddleware, api.authorizeUser)
|
||||
|
||||
@ -127,24 +124,6 @@ func (api *API) registerKOAPIRoutes(apiGroup *gin.RouterGroup) {
|
||||
koGroup.POST("/syncs/activity", api.authAPIMiddleware, api.checkActivitySync)
|
||||
}
|
||||
|
||||
func (api *API) registerWebAPIRoutes(apiGroup *gin.RouterGroup) {
|
||||
v1Group := apiGroup.Group("/v1")
|
||||
|
||||
v1Group.GET("/info", api.serverInfo)
|
||||
|
||||
v1Group.POST("/users", api.createUser)
|
||||
v1Group.GET("/users", api.authAPIMiddleware, api.getUsers)
|
||||
|
||||
v1Group.POST("/documents", api.authAPIMiddleware, api.checkDocumentsSync)
|
||||
v1Group.GET("/documents", api.authAPIMiddleware, api.getDocuments)
|
||||
|
||||
v1Group.GET("/documents/:document/file", api.authAPIMiddleware, api.downloadDocumentFile)
|
||||
v1Group.PUT("/documents/:document/file", api.authAPIMiddleware, api.uploadDocumentFile)
|
||||
|
||||
v1Group.GET("/activity", api.authAPIMiddleware, api.getActivity)
|
||||
v1Group.GET("/devices", api.authAPIMiddleware, api.getDevices)
|
||||
}
|
||||
|
||||
func generateToken(n int) ([]byte, error) {
|
||||
b := make([]byte, n)
|
||||
_, err := rand.Read(b)
|
||||
|
@ -17,6 +17,12 @@ import (
|
||||
"reichard.io/bbank/metadata"
|
||||
)
|
||||
|
||||
type queryParams struct {
|
||||
Page *int64 `form:"page"`
|
||||
Limit *int64 `form:"limit"`
|
||||
Document *string `form:"document"`
|
||||
}
|
||||
|
||||
type requestDocumentEdit struct {
|
||||
Title *string `form:"title"`
|
||||
Author *string `form:"author"`
|
||||
@ -332,8 +338,6 @@ func (api *API) editDocument(c *gin.Context) {
|
||||
|
||||
coverFileName = &fileName
|
||||
} else if rDocEdit.CoverGBID != nil {
|
||||
// TODO
|
||||
|
||||
var coverDir string = filepath.Join(api.Config.DataPath, "covers")
|
||||
fileName, err := metadata.SaveCover(*rDocEdit.CoverGBID, coverDir, rDocID.DocumentID, true)
|
||||
if err == nil {
|
||||
@ -466,3 +470,23 @@ func (api *API) identifyDocument(c *gin.Context) {
|
||||
|
||||
c.HTML(http.StatusOK, "document", templateVars)
|
||||
}
|
||||
|
||||
func bindQueryParams(c *gin.Context) queryParams {
|
||||
var qParams queryParams
|
||||
c.BindQuery(&qParams)
|
||||
|
||||
if qParams.Limit == nil {
|
||||
var defaultValue int64 = 50
|
||||
qParams.Limit = &defaultValue
|
||||
} else if *qParams.Limit < 0 {
|
||||
var zeroValue int64 = 0
|
||||
qParams.Limit = &zeroValue
|
||||
}
|
||||
|
||||
if qParams.Page == nil || *qParams.Page < 1 {
|
||||
var oneValue int64 = 0
|
||||
qParams.Page = &oneValue
|
||||
}
|
||||
|
||||
return qParams
|
||||
}
|
||||
|
17
api/auth.go
17
api/auth.go
@ -12,6 +12,7 @@ import (
|
||||
"reichard.io/bbank/database"
|
||||
)
|
||||
|
||||
// KOSync API Auth Headers
|
||||
type authHeader struct {
|
||||
AuthUser string `header:"x-auth-user"`
|
||||
AuthKey string `header:"x-auth-key"`
|
||||
@ -90,6 +91,8 @@ func (api *API) authFormLogin(c *gin.Context) {
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
// MD5 - KOSync Compatiblity
|
||||
password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))
|
||||
|
||||
if authorized := api.authorizeCredentials(username, password); authorized != true {
|
||||
@ -109,13 +112,6 @@ func (api *API) authFormLogin(c *gin.Context) {
|
||||
c.Redirect(http.StatusFound, "/")
|
||||
}
|
||||
|
||||
func (api *API) authLogout(c *gin.Context) {
|
||||
session := sessions.Default(c)
|
||||
session.Clear()
|
||||
session.Save()
|
||||
c.Redirect(http.StatusFound, "/login")
|
||||
}
|
||||
|
||||
func (api *API) authFormRegister(c *gin.Context) {
|
||||
if !api.Config.RegistrationEnabled {
|
||||
c.AbortWithStatus(http.StatusConflict)
|
||||
@ -173,3 +169,10 @@ func (api *API) authFormRegister(c *gin.Context) {
|
||||
|
||||
c.Redirect(http.StatusFound, "/")
|
||||
}
|
||||
|
||||
func (api *API) authLogout(c *gin.Context) {
|
||||
session := sessions.Default(c)
|
||||
session.Clear()
|
||||
session.Save()
|
||||
c.Redirect(http.StatusFound, "/login")
|
||||
}
|
||||
|
@ -1,163 +0,0 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
argon2 "github.com/alexedwards/argon2id"
|
||||
"github.com/gin-gonic/gin"
|
||||
"reichard.io/bbank/database"
|
||||
)
|
||||
|
||||
type infoResponse struct {
|
||||
Authorized bool `json:"authorized"`
|
||||
Version string `json:"version"`
|
||||
}
|
||||
|
||||
type queryParams struct {
|
||||
Page *int64 `form:"page"`
|
||||
Limit *int64 `form:"limit"`
|
||||
Document *string `form:"document"`
|
||||
}
|
||||
|
||||
func bindQueryParams(c *gin.Context) queryParams {
|
||||
var qParams queryParams
|
||||
c.BindQuery(&qParams)
|
||||
|
||||
if qParams.Limit == nil {
|
||||
var defaultValue int64 = 50
|
||||
qParams.Limit = &defaultValue
|
||||
} else if *qParams.Limit < 0 {
|
||||
var zeroValue int64 = 0
|
||||
qParams.Limit = &zeroValue
|
||||
}
|
||||
|
||||
if qParams.Page == nil || *qParams.Page < 1 {
|
||||
var oneValue int64 = 0
|
||||
qParams.Page = &oneValue
|
||||
}
|
||||
|
||||
return qParams
|
||||
}
|
||||
|
||||
func (api *API) serverInfo(c *gin.Context) {
|
||||
respData := infoResponse{
|
||||
Authorized: false,
|
||||
Version: api.Config.Version,
|
||||
}
|
||||
|
||||
var rHeader authHeader
|
||||
if err := c.ShouldBindHeader(&rHeader); err != nil {
|
||||
c.JSON(200, respData)
|
||||
return
|
||||
}
|
||||
if rHeader.AuthUser == "" || rHeader.AuthKey == "" {
|
||||
c.JSON(200, respData)
|
||||
return
|
||||
}
|
||||
|
||||
user, err := api.DB.Queries.GetUser(api.DB.Ctx, rHeader.AuthUser)
|
||||
if err != nil {
|
||||
c.JSON(200, respData)
|
||||
return
|
||||
}
|
||||
|
||||
match, err := argon2.ComparePasswordAndHash(rHeader.AuthKey, user.Pass)
|
||||
if err != nil || match != true {
|
||||
c.JSON(200, respData)
|
||||
return
|
||||
}
|
||||
|
||||
respData.Authorized = true
|
||||
c.JSON(200, respData)
|
||||
}
|
||||
|
||||
func (api *API) getDocuments(c *gin.Context) {
|
||||
qParams := bindQueryParams(c)
|
||||
|
||||
documents, err := api.DB.Queries.GetDocuments(api.DB.Ctx, database.GetDocumentsParams{
|
||||
Offset: (*qParams.Page - 1) * *qParams.Limit,
|
||||
Limit: *qParams.Limit,
|
||||
})
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Invalid Request"})
|
||||
return
|
||||
}
|
||||
|
||||
if documents == nil {
|
||||
documents = []database.Document{}
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, documents)
|
||||
}
|
||||
|
||||
func (api *API) getUsers(c *gin.Context) {
|
||||
rUser, _ := c.Get("AuthorizedUser")
|
||||
qParams := bindQueryParams(c)
|
||||
|
||||
users, err := api.DB.Queries.GetUsers(api.DB.Ctx, database.GetUsersParams{
|
||||
User: rUser.(string),
|
||||
Offset: (*qParams.Page - 1) * *qParams.Limit,
|
||||
Limit: *qParams.Limit,
|
||||
})
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Invalid Request"})
|
||||
return
|
||||
}
|
||||
|
||||
if users == nil {
|
||||
users = []database.User{}
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, users)
|
||||
}
|
||||
|
||||
func (api *API) getActivity(c *gin.Context) {
|
||||
rUser, _ := c.Get("AuthorizedUser")
|
||||
qParams := bindQueryParams(c)
|
||||
|
||||
dbActivityParams := database.GetActivityParams{
|
||||
UserID: rUser.(string),
|
||||
DocFilter: false,
|
||||
DocumentID: "",
|
||||
Offset: (*qParams.Page - 1) * *qParams.Limit,
|
||||
Limit: *qParams.Limit,
|
||||
}
|
||||
|
||||
if qParams.Document != nil {
|
||||
dbActivityParams.DocFilter = true
|
||||
dbActivityParams.DocumentID = *qParams.Document
|
||||
}
|
||||
|
||||
activity, err := api.DB.Queries.GetActivity(api.DB.Ctx, dbActivityParams)
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Invalid Request"})
|
||||
return
|
||||
}
|
||||
|
||||
if activity == nil {
|
||||
activity = []database.GetActivityRow{}
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, activity)
|
||||
}
|
||||
|
||||
func (api *API) getDevices(c *gin.Context) {
|
||||
rUser, _ := c.Get("AuthorizedUser")
|
||||
qParams := bindQueryParams(c)
|
||||
|
||||
devices, err := api.DB.Queries.GetDevices(api.DB.Ctx, database.GetDevicesParams{
|
||||
UserID: rUser.(string),
|
||||
Offset: (*qParams.Page - 1) * *qParams.Limit,
|
||||
Limit: *qParams.Limit,
|
||||
})
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Invalid Request"})
|
||||
return
|
||||
}
|
||||
|
||||
if devices == nil {
|
||||
devices = []database.Device{}
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, devices)
|
||||
}
|
Loading…
Reference in New Issue
Block a user