aboutsummaryrefslogtreecommitdiff
path: root/api/main.go
diff options
context:
space:
mode:
Diffstat (limited to 'api/main.go')
-rw-r--r--api/main.go48
1 files changed, 30 insertions, 18 deletions
diff --git a/api/main.go b/api/main.go
index 292a5f9..91b7929 100644
--- a/api/main.go
+++ b/api/main.go
@@ -10,6 +10,7 @@ import (
10 10
11 "github.com/gin-gonic/gin" 11 "github.com/gin-gonic/gin"
12 _ "github.com/mattn/go-sqlite3" 12 _ "github.com/mattn/go-sqlite3"
13 "golang.org/x/crypto/bcrypt"
13 "water/api/lib" 14 "water/api/lib"
14) 15)
15 16
@@ -29,6 +30,7 @@ func CORSMiddleware() gin.HandlerFunc {
29 } 30 }
30} 31}
31 32
33// generatToken will g
32func generateToken() string { 34func generateToken() string {
33 token := make([]byte, 32) 35 token := make([]byte, 32)
34 rand.Read(token) 36 rand.Read(token)
@@ -43,6 +45,7 @@ func establishDBConnection() *sql.DB {
43 return db 45 return db
44} 46}
45 47
48
46func checkForTokenInContext(c *gin.Context) (string, error) { 49func checkForTokenInContext(c *gin.Context) (string, error) {
47 authorizationHeader := c.GetHeader("Authorization") 50 authorizationHeader := c.GetHeader("Authorization")
48 if authorizationHeader == "" { 51 if authorizationHeader == "" {
@@ -54,6 +57,7 @@ func checkForTokenInContext(c *gin.Context) (string, error) {
54 if len(parts) != 2 || parts[0] != "Bearer" { 57 if len(parts) != 2 || parts[0] != "Bearer" {
55 return "", errors.New("Invalid Authorization header format") 58 return "", errors.New("Invalid Authorization header format")
56 } 59 }
60
57 61
58 return parts[1], nil 62 return parts[1], nil
59} 63}
@@ -73,15 +77,6 @@ func TokenRequired() gin.HandlerFunc {
73 } 77 }
74} 78}
75 79
76type User struct {
77 Username string
78 Password string
79}
80
81var users = map[string]User{
82 "user1": {"user1", "password1"},
83}
84
85func setupRouter() *gin.Engine { 80func setupRouter() *gin.Engine {
86 // Disable Console Color 81 // Disable Console Color
87 // gin.DisableConsoleColor() 82 // gin.DisableConsoleColor()
@@ -100,16 +95,31 @@ func setupRouter() *gin.Engine {
100 return 95 return
101 } 96 }
102 97
103 user, exists := users[username] 98 db := establishDBConnection()
99 defer db.Close()
100
101 var user models.User
102 var preference models.Preference
103 var size models.Size
104
105 row := db.QueryRow("SELECT name, uuid, password, color, size, unit FROM Users u INNER JOIN Preferences p ON p.user_id = u.id INNER JOIN Sizes s ON p.size_id = s.id WHERE u.name = ?", username)
106 if err := row.Scan(&user.Name, &user.UUID, &user.Password, &preference.Color, &size.Size, &size.Unit); err != nil {
107 if err == sql.ErrNoRows {
108 c.AbortWithStatus(http.StatusUnauthorized)
109 return
110 }
111 }
112
113 if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
114 c.AbortWithStatus(http.StatusUnauthorized)
115 return
116 }
104 117
105 if !exists || user.Password != password { 118 preference.Size = size
106 c.AbortWithStatus(http.StatusUnauthorized)
107 return
108 }
109 119
110 // Generate a simple API token 120 // Generate a simple API token
111 apiToken := generateToken() 121 apiToken := generateToken()
112 c.JSON(http.StatusOK, gin.H{"token": apiToken}) 122 c.JSON(http.StatusOK, gin.H{"token": apiToken, "user": user, "preferences": preference})
113 }) 123 })
114 124
115 stats := api.Group("stats") 125 stats := api.Group("stats")
@@ -119,7 +129,7 @@ func setupRouter() *gin.Engine {
119 db := establishDBConnection() 129 db := establishDBConnection()
120 defer db.Close() 130 defer db.Close()
121 131
122 rows, err := db.Query("SELECT * FROM statistics"); 132 rows, err := db.Query("SELECT s.date, s.quantity, u.uuid, u.name FROM Statistics s INNER JOIN Users u ON u.id = s.user_id");
123 if err != nil { 133 if err != nil {
124 c.JSON(500, gin.H{"error": err.Error()}) 134 c.JSON(500, gin.H{"error": err.Error()})
125 return 135 return
@@ -129,10 +139,12 @@ func setupRouter() *gin.Engine {
129 var data []models.Statistic 139 var data []models.Statistic
130 for rows.Next() { 140 for rows.Next() {
131 var stat models.Statistic 141 var stat models.Statistic
132 if err := rows.Scan(&stat.ID, &stat.Date, &stat.UserID, &stat.Quantity); err != nil { 142 var user models.User
143 if err := rows.Scan(&stat.Date, &stat.Quantity, &user.UUID, &user.Name); err != nil {
133 c.JSON(500, gin.H{"error": err.Error()}) 144 c.JSON(500, gin.H{"error": err.Error()})
134 return 145 return
135 } 146 }
147 stat.User = user
136 data = append(data, stat) 148 data = append(data, stat)
137 } 149 }
138 150
@@ -150,7 +162,7 @@ func setupRouter() *gin.Engine {
150 db := establishDBConnection() 162 db := establishDBConnection()
151 defer db.Close() 163 defer db.Close()
152 164
153 result, err := db.Exec("INSERT INTO statistics (date, user_id, quantity) values (?, ?, ?)", stat.Date, stat.UserID, stat.Quantity) 165 result, err := db.Exec("INSERT INTO statistics (date, user_id, quantity) values (?, ?, ?)", stat.Date, 1, stat.Quantity)
154 166
155 if err != nil { 167 if err != nil {
156 c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) 168 c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})