Compare commits
8 Commits
29bf1427a0
...
afaf43dde1
| Author | SHA1 | Date | |
|---|---|---|---|
| afaf43dde1 | |||
| 6d41a778b3 | |||
| 03fa9ff9bc | |||
| 4ed24ab555 | |||
| 39275473af | |||
| c118a238de | |||
| 8f592a0f2e | |||
| 21dc84a29c |
|
|
@ -137,6 +137,14 @@ func main() {
|
|||
{
|
||||
statisticRoute.GET("/type", handlers.StatisticsGetAllSpendingsForTypes)
|
||||
}
|
||||
settingsGroup := api.Group("/settings", middleware.AuthMiddleware())
|
||||
{
|
||||
typeRoutes := settingsGroup.Group("/type")
|
||||
{
|
||||
typeRoutes.GET("/all", handlers.SettingsTypeFilterGetAll)
|
||||
typeRoutes.PUT("/update", handlers.SettingsTypePutBatch)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
r.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
|
||||
|
|
@ -147,6 +155,6 @@ func main() {
|
|||
c.Redirect(301, "/swagger/index.html")
|
||||
})
|
||||
|
||||
go tokens.StartTokens()
|
||||
tokens.Init()
|
||||
r.Run("127.0.0.1:3000")
|
||||
}
|
||||
|
|
|
|||
1
db/db.go
1
db/db.go
|
|
@ -72,6 +72,7 @@ func Connect() *gorm.DB {
|
|||
gormDB.AutoMigrate(&Metric{})
|
||||
gormDB.AutoMigrate(&Currency{})
|
||||
gormDB.AutoMigrate(&ExchangeRate{})
|
||||
gormDB.AutoMigrate(&SettingsTypeFilter{})
|
||||
return newUDB
|
||||
}
|
||||
|
||||
|
|
|
|||
36
db/settings_type_filter.go
Normal file
36
db/settings_type_filter.go
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
package db
|
||||
|
||||
import (
|
||||
"errors"
|
||||
|
||||
"gorm.io/gorm"
|
||||
)
|
||||
|
||||
type SettingsTypeFilter struct {
|
||||
gorm.Model
|
||||
UserID uint
|
||||
User *User
|
||||
TypeID uint
|
||||
Type *Type
|
||||
}
|
||||
|
||||
// so `SETTINGS_TYPE` is the NAME of struct that has such error
|
||||
// second `TYPE` means SettingsTypeFilter's Type fields are causing errors
|
||||
var (
|
||||
ERROR_SETTINGS_TYPE_TYPEID_ZERO = errors.New("SettingsTypeFilter's `TypeID` is zero")
|
||||
ERROR_SETTINGS_TYPE_USERID_INVALID = errors.New("SettingsTypeFilter's `UserID` and Type's `UserID` are not equal")
|
||||
)
|
||||
|
||||
func (st *SettingsTypeFilter) BeforeSave(tx *gorm.DB) error {
|
||||
if st.TypeID == 0 {
|
||||
return ERROR_SETTINGS_TYPE_TYPEID_ZERO
|
||||
}
|
||||
dbType := &Type{}
|
||||
if err := tx.Find(dbType, st.TypeID).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
if dbType.UserID != st.UserID {
|
||||
return ERROR_SETTINGS_TYPE_USERID_INVALID
|
||||
}
|
||||
return nil
|
||||
}
|
||||
122
handlers/settings_type.go
Normal file
122
handlers/settings_type.go
Normal file
|
|
@ -0,0 +1,122 @@
|
|||
package handlers
|
||||
|
||||
import (
|
||||
"log"
|
||||
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/db"
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/types"
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
var settingsTypeFilterTransform func(inp *db.SettingsTypeFilter) types.SettingsTypeFilter = func(inp *db.SettingsTypeFilter) types.SettingsTypeFilter {
|
||||
return types.SettingsTypeFilter{
|
||||
TypeID: inp.TypeID,
|
||||
FilterThis: true,
|
||||
}
|
||||
}
|
||||
|
||||
// @Summary Get all settingstypefilters for user
|
||||
// @Description Get all settingstypefilters for user
|
||||
// @Tags type
|
||||
// @Produce json
|
||||
// @Param Authorization header string true "Bearer token"
|
||||
// @Success 200 {object} []types.SettingsTypeFilter
|
||||
// @Failure 401 {object} types.ErrorResponse
|
||||
// @Failure 500 {object} types.ErrorResponse
|
||||
// @Security ApiKeyAuth
|
||||
// @Router /settings/type/all [get]
|
||||
func SettingsTypeFilterGetAll(c *gin.Context) {
|
||||
userID, err := GetUserID(c)
|
||||
if err != nil {
|
||||
c.JSON(500, types.ErrorResponse{Message: err.Error()})
|
||||
return
|
||||
}
|
||||
dbc := db.Connect()
|
||||
var entities []*db.SettingsTypeFilter
|
||||
if err := dbc.Find(&entities, db.SettingsTypeFilter{UserID: userID}).Error; err != nil {
|
||||
c.JSON(500, types.ErrorResponse{Message: err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
var ret []types.SettingsTypeFilter
|
||||
for _, entity := range entities {
|
||||
ret = append(ret, settingsTypeFilterTransform(entity))
|
||||
}
|
||||
c.JSON(200, ret)
|
||||
}
|
||||
|
||||
// @Summary Get all settingstypefilters for user
|
||||
// @Description Get all settingstypefilters for user
|
||||
// @Tags type
|
||||
// @Produce json
|
||||
// @Param Authorization header string true "Bearer token"
|
||||
// @Success 200 {object} []types.SettingsTypeFilter
|
||||
// @Failure 401 {object} types.ErrorResponse
|
||||
// @Failure 500 {object} types.ErrorResponse
|
||||
// @Security ApiKeyAuth
|
||||
// @Router /settings/type/update [put]
|
||||
func SettingsTypePutBatch(c *gin.Context) {
|
||||
userID, err := GetUserID(c)
|
||||
if err != nil {
|
||||
c.JSON(500, types.ErrorResponse{Message: err.Error()})
|
||||
return
|
||||
}
|
||||
var updates []types.SettingsTypeFilter
|
||||
if err := c.ShouldBindJSON(&updates); err != nil {
|
||||
log.Printf("err is %v\n", err)
|
||||
c.JSON(400, types.ErrorResponse{Message: "Invalid request"})
|
||||
return
|
||||
}
|
||||
|
||||
dbc := db.Connect()
|
||||
var entities []*db.SettingsTypeFilter
|
||||
if err := dbc.Find(&entities, db.SettingsTypeFilter{UserID: userID}).Error; err != nil {
|
||||
c.JSON(500, types.ErrorResponse{Message: err.Error()})
|
||||
return
|
||||
}
|
||||
var removeFilters []*db.SettingsTypeFilter
|
||||
for _, typeFilter := range entities {
|
||||
skipTypeFilter := false
|
||||
for _, updateTypeFilter := range updates {
|
||||
if typeFilter.TypeID == updateTypeFilter.TypeID {
|
||||
if updateTypeFilter.FilterThis == false {
|
||||
removeFilters = append(removeFilters, typeFilter)
|
||||
}
|
||||
skipTypeFilter = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if skipTypeFilter {
|
||||
continue
|
||||
}
|
||||
}
|
||||
for _, potentiallyNewFilter := range updates {
|
||||
wasItHandled := false
|
||||
for _, handled := range removeFilters {
|
||||
if handled.TypeID == potentiallyNewFilter.TypeID {
|
||||
wasItHandled = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if wasItHandled {
|
||||
continue
|
||||
}
|
||||
newFilter := &db.SettingsTypeFilter{
|
||||
TypeID: potentiallyNewFilter.TypeID,
|
||||
UserID: userID,
|
||||
}
|
||||
if err := dbc.Create(newFilter).Error; err != nil {
|
||||
log.Printf("dbc.Create error: %v\n", err)
|
||||
continue
|
||||
}
|
||||
}
|
||||
|
||||
for _, settingsDelete := range removeFilters {
|
||||
if err := dbc.Unscoped().Delete(settingsDelete).Error; err != nil {
|
||||
log.Printf("dbc.Delete:ERROR: %v\n", err)
|
||||
c.JSON(500, types.ErrorResponse{Message: err.Error()})
|
||||
return
|
||||
}
|
||||
}
|
||||
c.JSON(200, types.Message{Info: "It was successfull"})
|
||||
}
|
||||
|
|
@ -53,7 +53,7 @@ func UserRegister(c *gin.Context) {
|
|||
log.Printf("tokens.CreateSessionFromToken: %v\n", err)
|
||||
c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"})
|
||||
}
|
||||
c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true)
|
||||
c.SetCookie(consts.COOKIE_SESSION, token1.Val, tokens.SESSION_DURATION_IN_SECONDS, "/", "localhost", false, true)
|
||||
acc := types.Account{
|
||||
ID: dbUser.ID,
|
||||
Token: token1.Val,
|
||||
|
|
@ -110,7 +110,7 @@ func UserLogin(c *gin.Context) {
|
|||
log.Printf("tokens.CreateSessionFromToken: %v\n", err)
|
||||
c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"})
|
||||
}
|
||||
c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true)
|
||||
c.SetCookie(consts.COOKIE_SESSION, token1.Val, tokens.SESSION_DURATION_IN_SECONDS, "/", "localhost", false, true)
|
||||
acc := types.Account{
|
||||
ID: foundUser.ID,
|
||||
Token: token1.Val,
|
||||
|
|
|
|||
|
|
@ -2,10 +2,10 @@ package middleware
|
|||
|
||||
import (
|
||||
"errors"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/consts"
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/db"
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/tokens"
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/types"
|
||||
"github.com/gin-gonic/gin"
|
||||
|
|
@ -20,17 +20,13 @@ func AuthMiddleware() gin.HandlerFunc {
|
|||
c.Abort()
|
||||
return
|
||||
}
|
||||
if !tokens.ValidateSessionToken(token) {
|
||||
var session *db.Session
|
||||
if validated, tmpSession := tokens.ValidateAndGetSessionToken(token); !validated {
|
||||
c.JSON(401, types.ErrorResponse{Message: "Invalid authorization cookie"})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
session, err := tokens.GetSession(token)
|
||||
if err != nil {
|
||||
log.Printf("ERROR: tokens.GetSession: %v\n", err)
|
||||
c.JSON(500, types.ErrorResponse{Message: "Server error"})
|
||||
c.Abort()
|
||||
return
|
||||
} else {
|
||||
session = tmpSession
|
||||
}
|
||||
c.Set("UserID", session.UserID)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,165 +0,0 @@
|
|||
package tokens
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"log"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
)
|
||||
|
||||
type Token struct {
|
||||
Id uint
|
||||
Val string
|
||||
LastActive time.Time
|
||||
}
|
||||
|
||||
var (
|
||||
ActiveDur = time.Duration(time.Hour)
|
||||
)
|
||||
|
||||
func (t Token) IsExpired() bool {
|
||||
return time.Now().Sub(t.LastActive) >= ActiveDur
|
||||
}
|
||||
|
||||
type TokensMapMu struct {
|
||||
Initialized bool
|
||||
Tokmap map[uint]*Token
|
||||
TokmapRev map[string]*Token
|
||||
Mu sync.RWMutex
|
||||
}
|
||||
|
||||
var toks TokensMapMu
|
||||
|
||||
// NOTE: should be launch with a goroutine
|
||||
// NOTE: it cannot die
|
||||
func StartTokens() {
|
||||
if toks.Initialized {
|
||||
return
|
||||
}
|
||||
toks.Tokmap = make(map[uint]*Token)
|
||||
toks.TokmapRev = make(map[string]*Token)
|
||||
toks.Initialized = true
|
||||
for {
|
||||
//
|
||||
toks.Mu.Lock()
|
||||
for id, token := range toks.Tokmap {
|
||||
if token == nil {
|
||||
log.Printf("DAFUQ: 001\n")
|
||||
delete(toks.Tokmap, id)
|
||||
continue
|
||||
}
|
||||
if token.IsExpired() {
|
||||
val := token.Val
|
||||
delete(toks.Tokmap, id)
|
||||
delete(toks.TokmapRev, val)
|
||||
}
|
||||
}
|
||||
toks.Mu.Unlock()
|
||||
//
|
||||
time.Sleep(time.Minute)
|
||||
}
|
||||
}
|
||||
|
||||
var (
|
||||
ERROR_DONT_HAVE_TOKEN = errors.New("Don't have token for this user")
|
||||
ERROR_ALREADY_HAVE_TOKEN = errors.New("Already have token")
|
||||
)
|
||||
|
||||
func GetToken(id uint) (*Token, error) {
|
||||
toks.Mu.Lock()
|
||||
defer toks.Mu.Unlock()
|
||||
val, exists := toks.Tokmap[id]
|
||||
if !exists {
|
||||
return nil, ERROR_DONT_HAVE_TOKEN
|
||||
}
|
||||
val.LastActive = time.Now()
|
||||
return val, nil
|
||||
}
|
||||
|
||||
func GetID(token string) (uint, error) {
|
||||
toks.Mu.RLock()
|
||||
val, exists := toks.TokmapRev[token]
|
||||
toks.Mu.RUnlock()
|
||||
if !exists {
|
||||
return 0, ERROR_DONT_HAVE_TOKEN
|
||||
}
|
||||
return val.Id, nil
|
||||
}
|
||||
|
||||
func haveToken(id uint) bool {
|
||||
toks.Mu.RLock()
|
||||
_, exists := toks.Tokmap[id]
|
||||
toks.Mu.RUnlock()
|
||||
return exists
|
||||
}
|
||||
|
||||
func UpdateLastActive(id uint) error {
|
||||
if !haveToken(id) {
|
||||
return ERROR_DONT_HAVE_TOKEN
|
||||
}
|
||||
toks.Mu.Lock()
|
||||
val := toks.Tokmap[id]
|
||||
val.LastActive = time.Now()
|
||||
toks.Tokmap[id] = val
|
||||
toks.Mu.Unlock()
|
||||
return nil
|
||||
}
|
||||
|
||||
func haveTokenVal(val string) bool {
|
||||
toks.Mu.RLock()
|
||||
_, exists := toks.TokmapRev[val]
|
||||
toks.Mu.RUnlock()
|
||||
return exists
|
||||
}
|
||||
|
||||
func generateRandomString(length int) string {
|
||||
bytes := make([]byte, length)
|
||||
if _, err := rand.Read(bytes); err != nil {
|
||||
log.Printf("generateRandomString: %v", err)
|
||||
}
|
||||
return base64.URLEncoding.EncodeToString(bytes)
|
||||
}
|
||||
|
||||
func generateTokenVal() string {
|
||||
for {
|
||||
tok := generateRandomString(32)
|
||||
trimedToken := strings.Trim(tok, "=")
|
||||
if !haveTokenVal(trimedToken) {
|
||||
return trimedToken
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func AddToken(id uint) (*Token, error) {
|
||||
toks.Mu.RLock()
|
||||
_, exists := toks.Tokmap[id]
|
||||
toks.Mu.RUnlock()
|
||||
if exists {
|
||||
// return nil, ERROR_ALREADY_HAVE_TOKEN
|
||||
}
|
||||
val := generateTokenVal()
|
||||
token := &Token{
|
||||
Id: id,
|
||||
Val: val,
|
||||
LastActive: time.Now(),
|
||||
}
|
||||
toks.Mu.Lock()
|
||||
toks.Tokmap[id] = token
|
||||
toks.TokmapRev[val] = token
|
||||
toks.Mu.Unlock()
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func AmIAllowed(token string) bool {
|
||||
toks.Mu.Lock()
|
||||
defer toks.Mu.Unlock()
|
||||
val, exists := toks.TokmapRev[token]
|
||||
if !exists {
|
||||
return false
|
||||
}
|
||||
val.LastActive = time.Now()
|
||||
return true
|
||||
}
|
||||
91
tokens/session_cache.go
Normal file
91
tokens/session_cache.go
Normal file
|
|
@ -0,0 +1,91 @@
|
|||
package tokens
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"log"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/db"
|
||||
)
|
||||
|
||||
type Token struct {
|
||||
Id uint
|
||||
Val string
|
||||
LastActive time.Time
|
||||
}
|
||||
|
||||
type SessiomMapMu struct {
|
||||
Initialized bool
|
||||
SessionMap map[string]*db.Session
|
||||
Mu sync.RWMutex
|
||||
}
|
||||
|
||||
var sessionCache SessiomMapMu
|
||||
|
||||
// NOTE: should be launch with a goroutine
|
||||
// NOTE: it cannot die
|
||||
func Init() error {
|
||||
sessionCache.SessionMap = make(map[string]*db.Session)
|
||||
var dbSessions []*db.Session
|
||||
if err := db.Connect().Find(&dbSessions).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
for _, dbSession := range dbSessions {
|
||||
sessionCache.SessionMap[dbSession.ID] = dbSession
|
||||
}
|
||||
sessionCache.Initialized = true
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *SessiomMapMu) HaveSession(sessionID string) bool {
|
||||
s.Mu.RLock()
|
||||
_, exists := s.SessionMap[sessionID]
|
||||
s.Mu.RUnlock()
|
||||
return exists
|
||||
}
|
||||
|
||||
func (s *SessiomMapMu) AddSession(session *db.Session) {
|
||||
s.Mu.Lock()
|
||||
s.SessionMap[session.ID] = session
|
||||
s.Mu.Unlock()
|
||||
}
|
||||
|
||||
func (s *SessiomMapMu) GetSession(sessionID string) *db.Session {
|
||||
s.Mu.RLock()
|
||||
val, exists := s.SessionMap[sessionID]
|
||||
s.Mu.RUnlock()
|
||||
if !exists {
|
||||
return nil
|
||||
}
|
||||
return val
|
||||
}
|
||||
|
||||
func generateRandomString(length int) string {
|
||||
bytes := make([]byte, length)
|
||||
if _, err := rand.Read(bytes); err != nil {
|
||||
log.Printf("generateRandomString ERROR: %v", err)
|
||||
}
|
||||
return base64.URLEncoding.EncodeToString(bytes)
|
||||
}
|
||||
|
||||
func generateTokenVal() string {
|
||||
for {
|
||||
tok := generateRandomString(32)
|
||||
trimedToken := strings.Trim(tok, "=")
|
||||
// TODO: do some thing so it can check if user will have the same token
|
||||
return trimedToken
|
||||
}
|
||||
}
|
||||
|
||||
func AddToken(id uint) (*Token, error) {
|
||||
val := generateTokenVal()
|
||||
token := &Token{
|
||||
Id: id,
|
||||
Val: val,
|
||||
LastActive: time.Now(),
|
||||
}
|
||||
return token, nil
|
||||
}
|
||||
|
|
@ -3,50 +3,55 @@ package tokens
|
|||
import (
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"log"
|
||||
"time"
|
||||
|
||||
"git.qowevisa.me/Qowevisa/fin-check-api/db"
|
||||
)
|
||||
|
||||
const SESSION_DURATION_IN_SECONDS = 3600
|
||||
const SESSION_DURATION = (SESSION_DURATION_IN_SECONDS * time.Second)
|
||||
|
||||
func CreateSessionFromToken(token string, userID uint) error {
|
||||
sessionID := getSessionIDFromToken(token)
|
||||
dbc := db.Connect()
|
||||
session := &db.Session{
|
||||
ID: string(sessionID),
|
||||
UserID: userID,
|
||||
ExpireAt: time.Now().Add(time.Hour),
|
||||
ExpireAt: time.Now().Add(SESSION_DURATION),
|
||||
}
|
||||
sessionCache.AddSession(session)
|
||||
if err := dbc.Create(session).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func ValidateSessionToken(token string) bool {
|
||||
func ValidateAndGetSessionToken(token string) (bool, *db.Session) {
|
||||
sessionID := getSessionIDFromToken(token)
|
||||
dbc := db.Connect()
|
||||
session := &db.Session{}
|
||||
if err := dbc.Find(session, db.Session{ID: sessionID}).Error; err != nil {
|
||||
log.Printf("DBERROR: %v\n", err)
|
||||
return false
|
||||
}
|
||||
if session.ID == "" {
|
||||
return false
|
||||
session := sessionCache.GetSession(sessionID)
|
||||
if session == nil || session.ID == "" {
|
||||
log.Printf("Internal error TOKENS.SESSIONS.ValidateSessionToken.1\n")
|
||||
return false, nil
|
||||
}
|
||||
if session.ExpireAt.Unix() < time.Now().Unix() {
|
||||
dbc.Delete(session)
|
||||
return false
|
||||
dbc.Unscoped().Delete(session)
|
||||
return false, nil
|
||||
}
|
||||
return session.ID != ""
|
||||
return session.ID != "", session
|
||||
}
|
||||
|
||||
var (
|
||||
ERROR_SESSION_NOT_FOUND = errors.New("Can't find session with this token")
|
||||
)
|
||||
|
||||
func GetSession(token string) (*db.Session, error) {
|
||||
sessionID := getSessionIDFromToken(token)
|
||||
dbc := db.Connect()
|
||||
session := &db.Session{}
|
||||
if err := dbc.Find(session, db.Session{ID: sessionID}).Error; err != nil {
|
||||
return nil, err
|
||||
session := sessionCache.GetSession(sessionID)
|
||||
if session == nil {
|
||||
return nil, ERROR_SESSION_NOT_FOUND
|
||||
}
|
||||
return session, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -197,3 +197,11 @@ type StatsTypeCurrencyChart struct {
|
|||
CurrencyLabel string `json:"label" example:"$ (USD)"`
|
||||
Elements []StatsType `json:"elements"`
|
||||
}
|
||||
|
||||
// {{{ Settings section
|
||||
type SettingsTypeFilter struct {
|
||||
TypeID uint `json:"type_id" example:"1"`
|
||||
FilterThis bool `json:"filter_this" example:"true"`
|
||||
}
|
||||
|
||||
// }}}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user