qowevisa/fin-check-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: qowevisa:afaf43dde17502b8041a4bfcb426a7a2fc054faa
Branches Tags
qowevisa:main
..
compare: qowevisa:29bf1427a0fc73e59eb5e40ffb5a15ecb9aedc02
Branches Tags
qowevisa:main

No commits in common. "afaf43dde17502b8041a4bfcb426a7a2fc054faa" and "29bf1427a0fc73e59eb5e40ffb5a15ecb9aedc02" have entirely different histories.
afaf43dde1 ... 29bf1427a0

10 changed files with 193 additions and 295 deletions
Show Stats Expand all files Collapse all files

10
cmd/http-server/main.go
View File

@ -137,14 +137,6 @@ func main() {
{ {
statisticRoute.GET("/type", handlers.StatisticsGetAllSpendingsForTypes) statisticRoute.GET("/type", handlers.StatisticsGetAllSpendingsForTypes)
} }
settingsGroup := api.Group("/settings", middleware.AuthMiddleware())
{
typeRoutes := settingsGroup.Group("/type")
{
typeRoutes.GET("/all", handlers.SettingsTypeFilterGetAll)
typeRoutes.PUT("/update", handlers.SettingsTypePutBatch)
}
}
} }
r.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler)) r.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
@ -155,6 +147,6 @@ func main() {
c.Redirect(301, "/swagger/index.html") c.Redirect(301, "/swagger/index.html")
}) })
tokens.Init() go tokens.StartTokens()
r.Run("127.0.0.1:3000") r.Run("127.0.0.1:3000")
} }

1
db/db.go
View File

@ -72,7 +72,6 @@ func Connect() *gorm.DB {
gormDB.AutoMigrate(&Metric{}) gormDB.AutoMigrate(&Metric{})
gormDB.AutoMigrate(&Currency{}) gormDB.AutoMigrate(&Currency{})
gormDB.AutoMigrate(&ExchangeRate{}) gormDB.AutoMigrate(&ExchangeRate{})
gormDB.AutoMigrate(&SettingsTypeFilter{})
return newUDB return newUDB
} }

36
db/settings_type_filter.go
View File

@ -1,36 +0,0 @@
package db
import (
"errors"
"gorm.io/gorm"
)
type SettingsTypeFilter struct {
gorm.Model
UserID uint
User *User
TypeID uint
Type *Type
}
// so `SETTINGS_TYPE` is the NAME of struct that has such error
// second `TYPE` means SettingsTypeFilter's Type fields are causing errors
var (
ERROR_SETTINGS_TYPE_TYPEID_ZERO = errors.New("SettingsTypeFilter's `TypeID` is zero")
ERROR_SETTINGS_TYPE_USERID_INVALID = errors.New("SettingsTypeFilter's `UserID` and Type's `UserID` are not equal")
)
func (st *SettingsTypeFilter) BeforeSave(tx *gorm.DB) error {
if st.TypeID == 0 {
return ERROR_SETTINGS_TYPE_TYPEID_ZERO
}
dbType := &Type{}
if err := tx.Find(dbType, st.TypeID).Error; err != nil {
return err
}
if dbType.UserID != st.UserID {
return ERROR_SETTINGS_TYPE_USERID_INVALID
}
return nil
}

122
handlers/settings_type.go
View File

@ -1,122 +0,0 @@
package handlers
import (
"log"
"git.qowevisa.me/Qowevisa/fin-check-api/db"
"git.qowevisa.me/Qowevisa/fin-check-api/types"
"github.com/gin-gonic/gin"
)
var settingsTypeFilterTransform func(inp *db.SettingsTypeFilter) types.SettingsTypeFilter = func(inp *db.SettingsTypeFilter) types.SettingsTypeFilter {
return types.SettingsTypeFilter{
TypeID: inp.TypeID,
FilterThis: true,
}
}
// @Summary Get all settingstypefilters for user
// @Description Get all settingstypefilters for user
// @Tags type
// @Produce json
// @Param Authorization header string true "Bearer token"
// @Success 200 {object} []types.SettingsTypeFilter
// @Failure 401 {object} types.ErrorResponse
// @Failure 500 {object} types.ErrorResponse
// @Security ApiKeyAuth
// @Router /settings/type/all [get]
func SettingsTypeFilterGetAll(c *gin.Context) {
userID, err := GetUserID(c)
if err != nil {
c.JSON(500, types.ErrorResponse{Message: err.Error()})
return
}
dbc := db.Connect()
var entities []*db.SettingsTypeFilter
if err := dbc.Find(&entities, db.SettingsTypeFilter{UserID: userID}).Error; err != nil {
c.JSON(500, types.ErrorResponse{Message: err.Error()})
return
}
var ret []types.SettingsTypeFilter
for _, entity := range entities {
ret = append(ret, settingsTypeFilterTransform(entity))
}
c.JSON(200, ret)
}
// @Summary Get all settingstypefilters for user
// @Description Get all settingstypefilters for user
// @Tags type
// @Produce json
// @Param Authorization header string true "Bearer token"
// @Success 200 {object} []types.SettingsTypeFilter
// @Failure 401 {object} types.ErrorResponse
// @Failure 500 {object} types.ErrorResponse
// @Security ApiKeyAuth
// @Router /settings/type/update [put]
func SettingsTypePutBatch(c *gin.Context) {
userID, err := GetUserID(c)
if err != nil {
c.JSON(500, types.ErrorResponse{Message: err.Error()})
return
}
var updates []types.SettingsTypeFilter
if err := c.ShouldBindJSON(&updates); err != nil {
log.Printf("err is %v\n", err)
c.JSON(400, types.ErrorResponse{Message: "Invalid request"})
return
}
dbc := db.Connect()
var entities []*db.SettingsTypeFilter
if err := dbc.Find(&entities, db.SettingsTypeFilter{UserID: userID}).Error; err != nil {
c.JSON(500, types.ErrorResponse{Message: err.Error()})
return
}
var removeFilters []*db.SettingsTypeFilter
for _, typeFilter := range entities {
skipTypeFilter := false
for _, updateTypeFilter := range updates {
if typeFilter.TypeID == updateTypeFilter.TypeID {
if updateTypeFilter.FilterThis == false {
removeFilters = append(removeFilters, typeFilter)
}
skipTypeFilter = true
break
}
}
if skipTypeFilter {
continue
}
}
for _, potentiallyNewFilter := range updates {
wasItHandled := false
for _, handled := range removeFilters {
if handled.TypeID == potentiallyNewFilter.TypeID {
wasItHandled = true
break
}
}
if wasItHandled {
continue
}
newFilter := &db.SettingsTypeFilter{
TypeID: potentiallyNewFilter.TypeID,
UserID: userID,
}
if err := dbc.Create(newFilter).Error; err != nil {
log.Printf("dbc.Create error: %v\n", err)
continue
}
}
for _, settingsDelete := range removeFilters {
if err := dbc.Unscoped().Delete(settingsDelete).Error; err != nil {
log.Printf("dbc.Delete:ERROR: %v\n", err)
c.JSON(500, types.ErrorResponse{Message: err.Error()})
return
}
}
c.JSON(200, types.Message{Info: "It was successfull"})
}

4
handlers/user.go
View File

@ -53,7 +53,7 @@ func UserRegister(c *gin.Context) {
log.Printf("tokens.CreateSessionFromToken: %v\n", err) log.Printf("tokens.CreateSessionFromToken: %v\n", err)
c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"}) c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"})
} }
c.SetCookie(consts.COOKIE_SESSION, token1.Val, tokens.SESSION_DURATION_IN_SECONDS, "/", "localhost", false, true) c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true)
acc := types.Account{ acc := types.Account{
ID: dbUser.ID, ID: dbUser.ID,
Token: token1.Val, Token: token1.Val,
@ -110,7 +110,7 @@ func UserLogin(c *gin.Context) {
log.Printf("tokens.CreateSessionFromToken: %v\n", err) log.Printf("tokens.CreateSessionFromToken: %v\n", err)
c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"}) c.JSON(500, types.ErrorResponse{Message: "ERROR: 1000"})
} }
c.SetCookie(consts.COOKIE_SESSION, token1.Val, tokens.SESSION_DURATION_IN_SECONDS, "/", "localhost", false, true) c.SetCookie(consts.COOKIE_SESSION, token1.Val, 3600, "/", "localhost", false, true)
acc := types.Account{ acc := types.Account{
ID: foundUser.ID, ID: foundUser.ID,
Token: token1.Val, Token: token1.Val,

14
middleware/auth.go
View File

@ -2,10 +2,10 @@ package middleware
import ( import (
"errors" "errors"
"log"
"net/http" "net/http"
"git.qowevisa.me/Qowevisa/fin-check-api/consts" "git.qowevisa.me/Qowevisa/fin-check-api/consts"
"git.qowevisa.me/Qowevisa/fin-check-api/db"
"git.qowevisa.me/Qowevisa/fin-check-api/tokens" "git.qowevisa.me/Qowevisa/fin-check-api/tokens"
"git.qowevisa.me/Qowevisa/fin-check-api/types" "git.qowevisa.me/Qowevisa/fin-check-api/types"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
@ -20,13 +20,17 @@ func AuthMiddleware() gin.HandlerFunc {
c.Abort() c.Abort()
return return
} }
var session *db.Session if !tokens.ValidateSessionToken(token) {
if validated, tmpSession := tokens.ValidateAndGetSessionToken(token); !validated {
c.JSON(401, types.ErrorResponse{Message: "Invalid authorization cookie"}) c.JSON(401, types.ErrorResponse{Message: "Invalid authorization cookie"})
c.Abort() c.Abort()
return return
} else { }
session = tmpSession session, err := tokens.GetSession(token)
if err != nil {
log.Printf("ERROR: tokens.GetSession: %v\n", err)
c.JSON(500, types.ErrorResponse{Message: "Server error"})
c.Abort()
return
} }
c.Set("UserID", session.UserID) c.Set("UserID", session.UserID)

165
tokens/dispatcher.go Normal file
View File

@ -0,0 +1,165 @@
package tokens
import (
"crypto/rand"
"encoding/base64"
"errors"
"log"
"strings"
"sync"
"time"
)
type Token struct {
Id uint
Val string
LastActive time.Time
}
var (
ActiveDur = time.Duration(time.Hour)
)
func (t Token) IsExpired() bool {
return time.Now().Sub(t.LastActive) >= ActiveDur
}
type TokensMapMu struct {
Initialized bool
Tokmap map[uint]*Token
TokmapRev map[string]*Token
Mu sync.RWMutex
}
var toks TokensMapMu
// NOTE: should be launch with a goroutine
// NOTE: it cannot die
func StartTokens() {
if toks.Initialized {
return
}
toks.Tokmap = make(map[uint]*Token)
toks.TokmapRev = make(map[string]*Token)
toks.Initialized = true
for {
//
toks.Mu.Lock()
for id, token := range toks.Tokmap {
if token == nil {
log.Printf("DAFUQ: 001\n")
delete(toks.Tokmap, id)
continue
}
if token.IsExpired() {
val := token.Val
delete(toks.Tokmap, id)
delete(toks.TokmapRev, val)
}
}
toks.Mu.Unlock()
//
time.Sleep(time.Minute)
}
}
var (
ERROR_DONT_HAVE_TOKEN = errors.New("Don't have token for this user")
ERROR_ALREADY_HAVE_TOKEN = errors.New("Already have token")
)
func GetToken(id uint) (*Token, error) {
toks.Mu.Lock()
defer toks.Mu.Unlock()
val, exists := toks.Tokmap[id]
if !exists {
return nil, ERROR_DONT_HAVE_TOKEN
}
val.LastActive = time.Now()
return val, nil
}
func GetID(token string) (uint, error) {
toks.Mu.RLock()
val, exists := toks.TokmapRev[token]
toks.Mu.RUnlock()
if !exists {
return 0, ERROR_DONT_HAVE_TOKEN
}
return val.Id, nil
}
func haveToken(id uint) bool {
toks.Mu.RLock()
_, exists := toks.Tokmap[id]
toks.Mu.RUnlock()
return exists
}
func UpdateLastActive(id uint) error {
if !haveToken(id) {
return ERROR_DONT_HAVE_TOKEN
}
toks.Mu.Lock()
val := toks.Tokmap[id]
val.LastActive = time.Now()
toks.Tokmap[id] = val
toks.Mu.Unlock()
return nil
}
func haveTokenVal(val string) bool {
toks.Mu.RLock()
_, exists := toks.TokmapRev[val]
toks.Mu.RUnlock()
return exists
}
func generateRandomString(length int) string {
bytes := make([]byte, length)
if _, err := rand.Read(bytes); err != nil {
log.Printf("generateRandomString: %v", err)
}
return base64.URLEncoding.EncodeToString(bytes)
}
func generateTokenVal() string {
for {
tok := generateRandomString(32)
trimedToken := strings.Trim(tok, "=")
if !haveTokenVal(trimedToken) {
return trimedToken
}
}
}
func AddToken(id uint) (*Token, error) {
toks.Mu.RLock()
_, exists := toks.Tokmap[id]
toks.Mu.RUnlock()
if exists {
// return nil, ERROR_ALREADY_HAVE_TOKEN
}
val := generateTokenVal()
token := &Token{
Id: id,
Val: val,
LastActive: time.Now(),
}
toks.Mu.Lock()
toks.Tokmap[id] = token
toks.TokmapRev[val] = token
toks.Mu.Unlock()
return token, nil
}
func AmIAllowed(token string) bool {
toks.Mu.Lock()
defer toks.Mu.Unlock()
val, exists := toks.TokmapRev[token]
if !exists {
return false
}
val.LastActive = time.Now()
return true
}

91
tokens/session_cache.go
View File

@ -1,91 +0,0 @@
package tokens
import (
"crypto/rand"
"encoding/base64"
"log"
"strings"
"sync"
"time"
"git.qowevisa.me/Qowevisa/fin-check-api/db"
)
type Token struct {
Id uint
Val string
LastActive time.Time
}
type SessiomMapMu struct {
Initialized bool
SessionMap map[string]*db.Session
Mu sync.RWMutex
}
var sessionCache SessiomMapMu
// NOTE: should be launch with a goroutine
// NOTE: it cannot die
func Init() error {
sessionCache.SessionMap = make(map[string]*db.Session)
var dbSessions []*db.Session
if err := db.Connect().Find(&dbSessions).Error; err != nil {
return err
}
for _, dbSession := range dbSessions {
sessionCache.SessionMap[dbSession.ID] = dbSession
}
sessionCache.Initialized = true
return nil
}
func (s *SessiomMapMu) HaveSession(sessionID string) bool {
s.Mu.RLock()
_, exists := s.SessionMap[sessionID]
s.Mu.RUnlock()
return exists
}
func (s *SessiomMapMu) AddSession(session *db.Session) {
s.Mu.Lock()
s.SessionMap[session.ID] = session
s.Mu.Unlock()
}
func (s *SessiomMapMu) GetSession(sessionID string) *db.Session {
s.Mu.RLock()
val, exists := s.SessionMap[sessionID]
s.Mu.RUnlock()
if !exists {
return nil
}
return val
}
func generateRandomString(length int) string {
bytes := make([]byte, length)
if _, err := rand.Read(bytes); err != nil {
log.Printf("generateRandomString ERROR: %v", err)
}
return base64.URLEncoding.EncodeToString(bytes)
}
func generateTokenVal() string {
for {
tok := generateRandomString(32)
trimedToken := strings.Trim(tok, "=")
// TODO: do some thing so it can check if user will have the same token
return trimedToken
}
}
func AddToken(id uint) (*Token, error) {
val := generateTokenVal()
token := &Token{
Id: id,
Val: val,
LastActive: time.Now(),
}
return token, nil
}

37
tokens/sessions.go
View File

@ -3,55 +3,50 @@ package tokens
import ( import (
"crypto/sha256" "crypto/sha256"
"encoding/base64" "encoding/base64"
"errors"
"log" "log"
"time" "time"
"git.qowevisa.me/Qowevisa/fin-check-api/db" "git.qowevisa.me/Qowevisa/fin-check-api/db"
) )
const SESSION_DURATION_IN_SECONDS = 3600
const SESSION_DURATION = (SESSION_DURATION_IN_SECONDS * time.Second)
func CreateSessionFromToken(token string, userID uint) error { func CreateSessionFromToken(token string, userID uint) error {
sessionID := getSessionIDFromToken(token) sessionID := getSessionIDFromToken(token)
dbc := db.Connect() dbc := db.Connect()
session := &db.Session{ session := &db.Session{
ID: string(sessionID), ID: string(sessionID),
UserID: userID, UserID: userID,
ExpireAt: time.Now().Add(SESSION_DURATION), ExpireAt: time.Now().Add(time.Hour),
} }
sessionCache.AddSession(session)
if err := dbc.Create(session).Error; err != nil { if err := dbc.Create(session).Error; err != nil {
return err return err
} }
return nil return nil
} }
func ValidateAndGetSessionToken(token string) (bool, *db.Session) { func ValidateSessionToken(token string) bool {
sessionID := getSessionIDFromToken(token) sessionID := getSessionIDFromToken(token)
dbc := db.Connect() dbc := db.Connect()
session := sessionCache.GetSession(sessionID) session := &db.Session{}
if session == nil || session.ID == "" { if err := dbc.Find(session, db.Session{ID: sessionID}).Error; err != nil {
log.Printf("Internal error TOKENS.SESSIONS.ValidateSessionToken.1\n") log.Printf("DBERROR: %v\n", err)
return false, nil return false
}
if session.ID == "" {
return false
} }
if session.ExpireAt.Unix() < time.Now().Unix() { if session.ExpireAt.Unix() < time.Now().Unix() {
dbc.Unscoped().Delete(session) dbc.Delete(session)
return false, nil return false
} }
return session.ID != "", session return session.ID != ""
} }
var (
ERROR_SESSION_NOT_FOUND = errors.New("Can't find session with this token")
)
func GetSession(token string) (*db.Session, error) { func GetSession(token string) (*db.Session, error) {
sessionID := getSessionIDFromToken(token) sessionID := getSessionIDFromToken(token)
session := sessionCache.GetSession(sessionID) dbc := db.Connect()
if session == nil { session := &db.Session{}
return nil, ERROR_SESSION_NOT_FOUND if err := dbc.Find(session, db.Session{ID: sessionID}).Error; err != nil {
return nil, err
} }
return session, nil return session, nil
} }

8
types/types.go
View File

@ -197,11 +197,3 @@ type StatsTypeCurrencyChart struct {
CurrencyLabel string `json:"label" example:"$ (USD)"` CurrencyLabel string `json:"label" example:"$ (USD)"`
Elements []StatsType `json:"elements"` Elements []StatsType `json:"elements"`
} }
// {{{ Settings section
type SettingsTypeFilter struct {
TypeID uint `json:"type_id" example:"1"`
FilterThis bool `json:"filter_this" example:"true"`
}
// }}}