2021-12-08 23:43:14 +08:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
2021-12-10 15:14:20 +08:00
|
|
|
"bytes"
|
|
|
|
"database/sql"
|
2021-12-08 23:43:14 +08:00
|
|
|
"encoding/json"
|
2021-12-10 15:14:20 +08:00
|
|
|
"fmt"
|
|
|
|
"io/ioutil"
|
2021-12-09 22:02:57 +08:00
|
|
|
"memos/api/e"
|
2021-12-10 15:14:20 +08:00
|
|
|
"memos/config"
|
2021-12-08 23:43:14 +08:00
|
|
|
"memos/store"
|
2021-12-12 14:39:28 +08:00
|
|
|
"memos/utils"
|
2021-12-08 23:43:14 +08:00
|
|
|
"net/http"
|
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
)
|
|
|
|
|
|
|
|
type UserSignUp struct {
|
|
|
|
Username string `json:"username"`
|
|
|
|
Password string `json:"password"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleUserSignUp(w http.ResponseWriter, r *http.Request) {
|
2021-12-09 22:02:57 +08:00
|
|
|
userSignup := UserSignUp{}
|
2021-12-08 23:43:14 +08:00
|
|
|
err := json.NewDecoder(r.Body).Decode(&userSignup)
|
|
|
|
|
|
|
|
if err != nil {
|
2021-12-09 22:02:57 +08:00
|
|
|
e.ErrorHandler(w, "REQUEST_BODY_ERROR", "Bad request")
|
2021-12-08 23:43:14 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-12-12 14:00:25 +08:00
|
|
|
usernameUsable, _ := store.CheckUsernameUsable(userSignup.Username)
|
|
|
|
if !usernameUsable {
|
|
|
|
json.NewEncoder(w).Encode(Response{
|
|
|
|
Succeed: false,
|
|
|
|
Message: "Username is existed",
|
|
|
|
Data: nil,
|
|
|
|
})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-12-12 21:49:46 +08:00
|
|
|
user, err := store.CreateNewUser(userSignup.Username, userSignup.Password, "")
|
2021-12-08 23:43:14 +08:00
|
|
|
|
|
|
|
if err != nil {
|
2021-12-09 22:02:57 +08:00
|
|
|
e.ErrorHandler(w, "DATABASE_ERROR", err.Error())
|
2021-12-08 23:43:14 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-12-10 13:41:17 +08:00
|
|
|
session, _ := SessionStore.Get(r, "session")
|
|
|
|
|
|
|
|
session.Values["user_id"] = user.Id
|
|
|
|
session.Save(r, w)
|
2021-12-09 22:02:57 +08:00
|
|
|
|
|
|
|
json.NewEncoder(w).Encode(Response{
|
|
|
|
Succeed: true,
|
|
|
|
Message: "",
|
|
|
|
Data: user,
|
|
|
|
})
|
2021-12-08 23:43:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
type UserSignin struct {
|
|
|
|
Username string `json:"username"`
|
|
|
|
Password string `json:"password"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleUserSignIn(w http.ResponseWriter, r *http.Request) {
|
2021-12-09 22:02:57 +08:00
|
|
|
userSignin := UserSignin{}
|
2021-12-08 23:43:14 +08:00
|
|
|
err := json.NewDecoder(r.Body).Decode(&userSignin)
|
|
|
|
|
|
|
|
if err != nil {
|
2021-12-09 22:02:57 +08:00
|
|
|
e.ErrorHandler(w, "REQUEST_BODY_ERROR", "Bad request")
|
2021-12-08 23:43:14 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user, err := store.GetUserByUsernameAndPassword(userSignin.Username, userSignin.Password)
|
|
|
|
|
|
|
|
if err != nil {
|
2021-12-12 14:00:25 +08:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
json.NewEncoder(w).Encode(Response{
|
|
|
|
Succeed: false,
|
|
|
|
Message: "Username and password not allowed",
|
|
|
|
Data: nil,
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
e.ErrorHandler(w, "DATABASE_ERROR", err.Error())
|
|
|
|
}
|
|
|
|
|
2021-12-08 23:43:14 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-12-10 13:41:17 +08:00
|
|
|
session, _ := SessionStore.Get(r, "session")
|
|
|
|
|
|
|
|
session.Values["user_id"] = user.Id
|
|
|
|
session.Save(r, w)
|
2021-12-08 23:43:14 +08:00
|
|
|
|
2021-12-09 22:02:57 +08:00
|
|
|
json.NewEncoder(w).Encode(Response{
|
|
|
|
Succeed: true,
|
|
|
|
Message: "",
|
|
|
|
Data: user,
|
|
|
|
})
|
2021-12-08 23:43:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func handleUserSignOut(w http.ResponseWriter, r *http.Request) {
|
2021-12-10 13:41:17 +08:00
|
|
|
session, _ := SessionStore.Get(r, "session")
|
|
|
|
|
|
|
|
session.Values["user_id"] = ""
|
|
|
|
session.Save(r, w)
|
2021-12-09 22:02:57 +08:00
|
|
|
|
|
|
|
json.NewEncoder(w).Encode(Response{
|
|
|
|
Succeed: true,
|
|
|
|
Message: "",
|
|
|
|
Data: nil,
|
|
|
|
})
|
2021-12-08 23:43:14 +08:00
|
|
|
}
|
|
|
|
|
2021-12-10 15:14:20 +08:00
|
|
|
func handleGithubAuthCallback(w http.ResponseWriter, r *http.Request) {
|
|
|
|
code := r.URL.Query().Get("code")
|
|
|
|
|
|
|
|
requestBody := map[string]string{
|
|
|
|
"client_id": config.GITHUB_CLIENTID,
|
|
|
|
"client_secret": config.GITHUB_SECRET,
|
|
|
|
"code": code,
|
|
|
|
}
|
|
|
|
|
|
|
|
requestJSON, _ := json.Marshal(requestBody)
|
|
|
|
|
|
|
|
// POST request to get access_token
|
|
|
|
req, err := http.NewRequest(
|
|
|
|
"POST",
|
|
|
|
"https://github.com/login/oauth/access_token",
|
|
|
|
bytes.NewBuffer(requestJSON),
|
|
|
|
)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
e.ErrorHandler(w, "REQUEST_BODY_ERROR", "Error in request github api")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
req.Header.Set("Accept", "application/json")
|
|
|
|
|
|
|
|
resp, err := http.DefaultClient.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
e.ErrorHandler(w, "REQUEST_BODY_ERROR", "Error in request github api")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Response body converted to stringified JSON
|
|
|
|
respBody, _ := ioutil.ReadAll(resp.Body)
|
|
|
|
|
|
|
|
// Represents the response received from Github
|
|
|
|
type GithubAccessTokenResponse struct {
|
|
|
|
AccessToken string `json:"access_token"`
|
|
|
|
TokenType string `json:"token_type"`
|
|
|
|
Scope string `json:"scope"`
|
|
|
|
}
|
|
|
|
|
|
|
|
ghResp := GithubAccessTokenResponse{}
|
|
|
|
json.Unmarshal(respBody, &ghResp)
|
|
|
|
|
|
|
|
githubAccessToken := ghResp.AccessToken
|
|
|
|
|
|
|
|
// Get request to a set URL
|
|
|
|
req, err = http.NewRequest(
|
|
|
|
"GET",
|
|
|
|
"https://api.github.com/user",
|
|
|
|
nil,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
e.ErrorHandler(w, "REQUEST_BODY_ERROR", "Error in request github api")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
authorizationHeaderValue := fmt.Sprintf("token %s", githubAccessToken)
|
|
|
|
req.Header.Set("Authorization", authorizationHeaderValue)
|
|
|
|
|
|
|
|
resp, err = http.DefaultClient.Do(req)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
e.ErrorHandler(w, "REQUEST_BODY_ERROR", "Error in request github api")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
respBody, _ = ioutil.ReadAll(resp.Body)
|
|
|
|
|
|
|
|
githubData := string(respBody)
|
|
|
|
|
|
|
|
type GithubUser struct {
|
|
|
|
Login string `json:"login"`
|
|
|
|
Name string `json:"name"`
|
|
|
|
}
|
|
|
|
|
|
|
|
githubUser := GithubUser{}
|
|
|
|
json.Unmarshal([]byte(githubData), &githubUser)
|
|
|
|
|
|
|
|
session, _ := SessionStore.Get(r, "session")
|
|
|
|
userId := fmt.Sprintf("%v", session.Values["user_id"])
|
|
|
|
|
|
|
|
if userId != "" {
|
|
|
|
githubNameUsable, err := store.CheckGithubNameUsable(githubUser.Login)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
e.ErrorHandler(w, "DATABASE_ERROR", "Error in CheckGithubNameUsable")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if !githubNameUsable {
|
|
|
|
e.ErrorHandler(w, "DATABASE_ERROR", "Error in CheckGithubNameUsable")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
userPatch := store.UserPatch{
|
|
|
|
GithubName: &githubUser.Login,
|
|
|
|
}
|
|
|
|
|
|
|
|
store.UpdateUser(userId, &userPatch)
|
|
|
|
}
|
|
|
|
|
|
|
|
user, err := store.GetUserByGithubName(githubUser.Login)
|
|
|
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
username := githubUser.Name
|
|
|
|
usernameUsable, _ := store.CheckUsernameUsable(username)
|
2021-12-12 14:00:25 +08:00
|
|
|
for !usernameUsable {
|
2021-12-12 14:39:28 +08:00
|
|
|
username = githubUser.Name + utils.GenUUID()
|
2021-12-12 14:00:25 +08:00
|
|
|
usernameUsable, _ = store.CheckUsernameUsable(username)
|
2021-12-10 15:14:20 +08:00
|
|
|
}
|
2021-12-12 21:49:46 +08:00
|
|
|
user, _ = store.CreateNewUser(username, username, githubUser.Login)
|
2021-12-10 15:14:20 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
session.Values["user_id"] = user.Id
|
|
|
|
session.Save(r, w)
|
|
|
|
|
|
|
|
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
|
|
|
|
}
|
|
|
|
|
2021-12-08 23:43:14 +08:00
|
|
|
func RegisterAuthRoutes(r *mux.Router) {
|
|
|
|
authRouter := r.PathPrefix("/api/auth").Subrouter()
|
|
|
|
|
2021-12-12 21:49:46 +08:00
|
|
|
authRouter.Use(JSONResponseMiddleWare)
|
|
|
|
|
2021-12-08 23:43:14 +08:00
|
|
|
authRouter.HandleFunc("/signup", handleUserSignUp).Methods("POST")
|
|
|
|
authRouter.HandleFunc("/signin", handleUserSignIn).Methods("POST")
|
|
|
|
authRouter.HandleFunc("/signout", handleUserSignOut).Methods("POST")
|
2021-12-10 15:14:20 +08:00
|
|
|
authRouter.HandleFunc("/github", handleGithubAuthCallback).Methods("GET")
|
2021-12-08 23:43:14 +08:00
|
|
|
}
|