Finally Framework

2021-01-16 17:00:17 -05:00
parent fe932de37e
commit cd97b6262f
29 changed files with 297 additions and 360 deletions
--- a/internal/api/albums.go
+++ b/internal/api/albums.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+    "net/http"
+)
+
+func (api *API) albumsHandler(w http.ResponseWriter, r *http.Request) {
+
+}
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -0,0 +1,24 @@
+package api
+
+import (
+    "net/http"
+
+    "reichard.io/imagini/internal/db"
+    "reichard.io/imagini/internal/auth"
+)
+
+type API struct {
+    Router  *http.ServeMux
+    Auth    *auth.AuthManager
+    DB      *db.DBManager
+}
+
+func NewApi(db *db.DBManager, auth *auth.AuthManager) *API {
+    api := &API{
+        Router: http.NewServeMux(),
+        DB:     db,
+        Auth:   auth,
+    }
+    api.registerRoutes()
+    return api
+}
--- a/internal/api/auth.go
+++ b/internal/api/auth.go
@@ -0,0 +1,75 @@
+package api
+
+import (
+    "time"
+    "encoding/json"
+    "net/http"
+    "reichard.io/imagini/internal/models"
+    // "github.com/lestrrat-go/jwx/jwt"
+    // "github.com/lestrrat-go/jwx/jwa"
+    // log "github.com/sirupsen/logrus"
+)
+
+// https://www.calhoun.io/pitfalls-of-context-values-and-how-to-avoid-or-mitigate-them/
+// https://pace.dev/blog/2018/05/09/how-I-write-http-services-after-eight-years.html
+// https://medium.com/@benbjohnson/standard-package-layout-7cdbc8391fc1#333c
+// https://www.alexedwards.net/blog/organising-database-access <---- best
+//      - TLDR: Do what you're doing, but use closeures for the handlers
+func (api *API) loginHandler(w http.ResponseWriter, r *http.Request) {
+    if r.Method != http.MethodPost {
+        errorJSON(w, "Method is not supported.", http.StatusMethodNotAllowed)
+        return
+    }
+
+    // Decode into Struct
+    var creds models.APICredentials
+    err := json.NewDecoder(r.Body).Decode(&creds)
+    if err != nil {
+        errorJSON(w, "Invalid parameters.", http.StatusBadRequest)
+        return
+    }
+
+    // Validate
+    if creds.User == "" || creds.Password == "" {
+        errorJSON(w, "Invalid parameters.", http.StatusBadRequest)
+        return
+    }
+
+    // TODO: Is user already logged in? If so refresh token, if different user, kill session and log in new user?
+
+    // Do login
+    resp := api.Auth.AuthenticateUser(creds)
+    if resp == true {
+        // Return Success
+        cookie := http.Cookie{
+            Name:   "Token",
+            Value:  "testToken",
+        }
+        http.SetCookie(w, &cookie)
+        successJSON(w, "Login success.", http.StatusOK)
+    }else {
+        // Return Failure
+        errorJSON(w, "Invalid credentials.", http.StatusUnauthorized)
+    }
+}
+
+func (api *API) logoutHandler(w http.ResponseWriter, r *http.Request) {
+    if r.Method != http.MethodPost {
+        http.Error(w, "Method is not supported.", http.StatusMethodNotAllowed)
+        return
+    }
+
+    // Do logout
+
+    // TODO: Clear Session Server Side
+
+    // Tell Client to Expire Token
+    cookie := &http.Cookie{
+        Name:       "Token",
+        Value:      "",
+        Path:       "/",
+        Expires:    time.Unix(0, 0),
+        HttpOnly:   true,
+    }
+    http.SetCookie(w, cookie)
+}
--- a/internal/api/info.go
+++ b/internal/api/info.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+    "net/http"
+)
+
+func (api *API) infoHandler(w http.ResponseWriter, r *http.Request) {
+
+}
--- a/internal/api/media_items.go
+++ b/internal/api/media_items.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+    "net/http"
+)
+
+func (api *API) mediaItemsHandler(w http.ResponseWriter, r *http.Request) {
+
+}
--- a/internal/api/middlewares.go
+++ b/internal/api/middlewares.go
@@ -0,0 +1,40 @@
+package api
+
+import (
+    "net/http"
+    "log"
+    "os"
+)
+
+type Middleware func(http.Handler) http.Handler
+
+func MultipleMiddleware(h http.Handler, m ...Middleware) http.Handler {
+   if len(m) < 1 {
+      return h
+   }
+   wrapped := h
+   for i := len(m) - 1; i >= 0; i-- {
+      wrapped = m[i](wrapped)
+   }
+   return wrapped
+}
+
+// func authMiddleware(h http.Handler) http.Handler {
+//     return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+//       _, ok := ValidateUserToken(r)
+// 
+//       if ok {
+//           next.ServeHTTP(w, r)
+//       } else {
+//           w.WriteHeader(http.StatusUnauthorized)
+//       }
+//    })
+// }
+
+func logMiddleware(h http.Handler) http.Handler {
+    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+        log.SetOutput(os.Stdout)
+        log.Println(r.Method, r.URL)
+        h.ServeHTTP(w, r)
+   })
+}
--- a/internal/api/routes.go
+++ b/internal/api/routes.go
@@ -0,0 +1,33 @@
+package api
+
+import (
+    "encoding/json"
+    "net/http"
+)
+
+func (api *API) registerRoutes() {
+    api.Router.HandleFunc("/MediaItems", api.mediaItemsHandler)
+    api.Router.HandleFunc("/Upload",     api.uploadHandler)
+    api.Router.HandleFunc("/Albums",     api.albumsHandler)
+    api.Router.HandleFunc("/Logout",     api.logoutHandler)
+    api.Router.HandleFunc("/Login",      api.loginHandler)
+    api.Router.HandleFunc("/Users",      api.usersHandler)
+    api.Router.HandleFunc("/Tags",       api.tagsHandler)
+    api.Router.HandleFunc("/Info",       api.infoHandler)
+    api.Router.HandleFunc("/Me",         api.meHandler)
+}
+
+// https://stackoverflow.com/a/59764037
+func errorJSON(w http.ResponseWriter, err string, code int) {
+    w.Header().Set("Content-Type", "application/json; charset=utf-8")
+    w.Header().Set("X-Content-Type-Options", "nosniff")
+    w.WriteHeader(code)
+    json.NewEncoder(w).Encode(map[string]interface{}{"error": err})
+}
+
+func successJSON(w http.ResponseWriter, msg string, code int) {
+    w.Header().Set("Content-Type", "application/json; charset=utf-8")
+    w.Header().Set("X-Content-Type-Options", "nosniff")
+    w.WriteHeader(code)
+    json.NewEncoder(w).Encode(map[string]interface{}{"success": msg})
+}
--- a/internal/api/tags.go
+++ b/internal/api/tags.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+    "net/http"
+)
+
+func (api *API) tagsHandler(w http.ResponseWriter, r *http.Request) {
+
+}
--- a/internal/api/upload.go
+++ b/internal/api/upload.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+    "net/http"
+)
+
+func (api *API) uploadHandler(w http.ResponseWriter, r *http.Request) {
+
+}
--- a/internal/api/users.go
+++ b/internal/api/users.go
@@ -0,0 +1,39 @@
+package api
+
+import (
+    "net/http"
+    log "github.com/sirupsen/logrus"
+)
+
+func (api *API) usersHandler(w http.ResponseWriter, r *http.Request) {
+    if r.Method == http.MethodPost {
+        // CREATE
+    } else if r.Method == http.MethodPut {
+        // UPDATE / REPLACE
+    } else if r.Method == http.MethodPatch {
+        // UPDATE / MODIFY
+    } else if r.Method == http.MethodDelete {
+        // DELETE
+    } else if r.Method == http.MethodGet {
+        // GET
+    } else {
+        errorJSON(w, "Method is not supported.", http.StatusMethodNotAllowed)
+        return
+    }
+}
+
+func (api *API) meHandler(w http.ResponseWriter, r *http.Request) {
+    if r.Method != http.MethodGet {
+        errorJSON(w, "Method is not supported.", http.StatusMethodNotAllowed)
+        return
+    }
+
+    // Get Authenticated User & Return Object
+    authCookie, err := r.Cookie("Token")
+    if err != nil {
+        log.Error("[routes] ", err)
+        return
+    }
+
+    log.Info("[routes] INFO: ", authCookie)
+}