initial commit

routes/api/v1/token_check.go

@@ -0,0 +1,18 @@
+package v1
+
+import (
+	"fmt"
+	"git.kolaente.de/konrad/list/models"
+	"github.com/dgrijalva/jwt-go"
+	"github.com/labstack/echo"
+)
+
+// CheckToken checks prints a message if the token is valid or not. Currently only used for testing pourposes.
+func CheckToken(c echo.Context) error {
+
+	user := c.Get("user").(*jwt.Token)
+
+	fmt.Println(user.Valid)
+
+	return c.JSON(418, models.Message{"🍵"})
+}

routes/api/v1/user_add_update.go

@@ -0,0 +1,101 @@
+package v1
+
+import (
+	"encoding/json"
+	"git.kolaente.de/konrad/list/models"
+	"github.com/labstack/echo"
+	"net/http"
+	"strconv"
+	"strings"
+)
+
+// UserAddOrUpdate is the handler to add a user
+func UserAddOrUpdate(c echo.Context) error {
+
+	// TODO: prevent everyone from updating users
+
+	// Check for Request Content
+	userFromString := c.FormValue("user")
+	var datUser *models.User
+
+	if userFromString == "" {
+		// b := new(models.User)
+		if err := c.Bind(&datUser); err != nil {
+			return c.JSON(http.StatusBadRequest, models.Message{"No user model provided."})
+		}
+	} else {
+		// Decode the JSON
+		dec := json.NewDecoder(strings.NewReader(userFromString))
+		err := dec.Decode(&datUser)
+
+		if err != nil {
+			return c.JSON(http.StatusBadRequest, models.Message{"Error decoding user: " + err.Error()})
+		}
+	}
+
+	// Check if we have an ID other than the one in the struct
+	id := c.Param("id")
+	if id != "" {
+		// Make int
+		userID, err := strconv.ParseInt(id, 10, 64)
+
+		if err != nil {
+			return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
+		}
+		datUser.ID = userID
+	}
+
+	// Check if the user exists
+	_, exists, err := models.GetUserByID(datUser.ID)
+	if err != nil {
+		return c.JSON(http.StatusInternalServerError, models.Message{"Could not check if the user exists."})
+	}
+
+	// Get the doer options
+	doer, err := models.GetCurrentUser(c)
+	if err != nil {
+		return err
+	}
+
+	// Insert or update the user
+	var newUser models.User
+	if exists {
+		newUser, err = models.UpdateUser(*datUser, &doer)
+	} else {
+		newUser, err = models.CreateUser(*datUser, &doer)
+	}
+
+	if err != nil {
+		// Check for user already exists
+		if models.IsErrUsernameExists(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"A user with this username already exists."})
+		}
+
+		// Check for user with that email already exists
+		if models.IsErrUserEmailExists(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"A user with this email address already exists."})
+		}
+
+		// Check for no username provided
+		if models.IsErrNoUsername(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"Please specify a username."})
+		}
+
+		// Check for no username or password provided
+		if models.IsErrNoUsernamePassword(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"Please specify a username and a password."})
+		}
+
+		// Check for user does not exist
+		if models.IsErrUserDoesNotExist(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"The user does not exist."})
+		}
+
+		return c.JSON(http.StatusInternalServerError, models.Message{"Error"})
+	}
+
+	// Obfuscate his password
+	newUser.Password = ""
+
+	return c.JSON(http.StatusOK, newUser)
+}

routes/api/v1/user_delete.go

@@ -0,0 +1,57 @@
+package v1
+
+import (
+	"git.kolaente.de/konrad/list/models"
+	"github.com/labstack/echo"
+	"net/http"
+	"strconv"
+)
+
+// UserDelete is the handler to delete a user
+func UserDelete(c echo.Context) error {
+
+	// TODO: only allow users to allow itself
+
+	id := c.Param("id")
+
+	// Make int
+	userID, err := strconv.ParseInt(id, 10, 64)
+
+	if err != nil {
+		return c.JSON(http.StatusBadRequest, models.Message{"User ID is invalid."})
+	}
+
+	// Check if the user exists
+	_, exists, err := models.GetUserByID(userID)
+
+	if err != nil {
+		return c.JSON(http.StatusInternalServerError, models.Message{"Could not get user."})
+	}
+
+	if !exists {
+		return c.JSON(http.StatusNotFound, models.Message{"The user does not exist."})
+	}
+
+	// Get the doer options
+	doer, err := models.GetCurrentUser(c)
+	if err != nil {
+		return err
+	}
+
+	// Delete it
+	err = models.DeleteUserByID(userID, &doer)
+
+	if err != nil {
+		if models.IsErrIDCannotBeZero(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"Id cannot be 0"})
+		}
+
+		if models.IsErrCannotDeleteLastUser(err) {
+			return c.JSON(http.StatusBadRequest, models.Message{"Cannot delete last user."})
+		}
+
+		return c.JSON(http.StatusInternalServerError, models.Message{"Could not delete user."})
+	}
+
+	return c.JSON(http.StatusOK, models.Message{"success"})
+}

routes/api/v1/user_show.go

@@ -0,0 +1,43 @@
+package v1
+
+import (
+	"git.kolaente.de/konrad/list/models"
+	"github.com/labstack/echo"
+	"net/http"
+	"strconv"
+)
+
+// UserShow gets all informations about a user
+func UserShow(c echo.Context) error {
+
+	// TODO: only allow users to show itself/with privacy options
+
+	user := c.Param("id")
+
+	if user == "" {
+		return c.JSON(http.StatusBadRequest, models.Message{"User ID cannot be empty."})
+	}
+
+	// Make int
+	userID, err := strconv.ParseInt(user, 10, 64)
+	if err != nil {
+		return c.JSON(http.StatusBadRequest, models.Message{"User ID is invalid."})
+	}
+
+	// Get User Infos
+	userInfos, exists, err := models.GetUserByID(userID)
+
+	if err != nil {
+		return c.JSON(http.StatusInternalServerError, models.Message{"Error getting user infos."})
+	}
+
+	// Check if it exists
+	if !exists {
+		return c.JSON(http.StatusNotFound, models.Message{"User not found."})
+	}
+
+	// Obfucate his password
+	userInfos.Password = ""
+
+	return c.JSON(http.StatusOK, userInfos)
+}

routes/api/v1/user_update_password.go

@@ -0,0 +1,76 @@
+package v1
+
+import (
+	"net/http"
+	"strconv"
+
+	"git.kolaente.de/konrad/list/models"
+	"github.com/labstack/echo"
+)
+
+type datPassword struct {
+	Password string `json:"password"`
+}
+
+// UserChangePassword is the handler to add a user
+func UserChangePassword(c echo.Context) error {
+
+	// Get the ID
+	user := c.Param("id")
+
+	if user == "" {
+		return c.JSON(http.StatusBadRequest, models.Message{"User ID cannot be empty."})
+	}
+
+	// Make int
+	userID, err := strconv.ParseInt(user, 10, 64)
+	if err != nil {
+		return c.JSON(http.StatusBadRequest, models.Message{"User ID is invalid."})
+	}
+
+	// Check if the user is itself
+	userJWTinfo, err := models.GetCurrentUser(c)
+
+	if userJWTinfo.ID != userID {
+		return echo.ErrUnauthorized
+	}
+
+	// Check for Request Content
+	pwFromString := c.FormValue("password")
+	var datPw datPassword
+
+	if pwFromString == "" {
+		if err := c.Bind(&datPw); err != nil {
+			return c.JSON(http.StatusBadRequest, models.Message{"No password provided."})
+		}
+	} else {
+		// Take the value directly from the input
+		datPw.Password = pwFromString
+	}
+
+	// Get User Infos
+	_, exists, err := models.GetUserByID(userID)
+
+	if err != nil {
+		return c.JSON(http.StatusInternalServerError, models.Message{"Error getting user infos."})
+	}
+
+	// Check if it exists
+	if !exists {
+		return c.JSON(http.StatusNotFound, models.Message{"User not found."})
+	}
+
+	// Get the doer options
+	doer, err := models.GetCurrentUser(c)
+	if err != nil {
+		return err
+	}
+
+	err = models.UpdateUserPassword(userID, datPw.Password, &doer)
+
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(http.StatusOK, models.Message{"The password was updated successfully"})
+}