kris/Go-Back-Skeleton
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Go-Back-Skeleton/api/app/account.go
dhax 93d8310491 initial commit
2017-09-25 20:19:57 +02:00

225 lines
5.4 KiB
Go
Raw Blame History

package app
import (
"context"
"net/http"
"strconv"
"strings"
"github.com/go-chi/chi"
"github.com/go-chi/render"
validation "github.com/go-ozzo/ozzo-validation"
"github.com/dhax/go-base/auth"
"github.com/dhax/go-base/logging"
"github.com/dhax/go-base/models"
)
type ctxKey int
const (
ctxAccount ctxKey = iota
)
// AccountStore defines database operations for account.
type AccountStore interface {
Get(id int) (*models.Account, error)
Update(*models.Account) error
Delete(*models.Account) error
UpdateToken(*models.Token) error
DeleteToken(*models.Token) error
UpdateProfile(*models.Profile) error
}
// AccountResource implements account managment handler.
type AccountResource struct {
Store AccountStore
}
// NewAccountResource creates and returns an account resource.
func NewAccountResource(store AccountStore) *AccountResource {
return &AccountResource{
Store: store,
}
}
func (rs *AccountResource) router() *chi.Mux {
r := chi.NewRouter()
r.Use(rs.accountCtx)
r.Get("/", rs.get)
r.Put("/", rs.update)
r.Delete("/", rs.delete)
r.Route("/token/{tokenID}", func(r chi.Router) {
r.Put("/", rs.updateToken)
r.Delete("/", rs.deleteToken)
})
r.Put("/profile", rs.updateProfile)
return r
}
func (rs *AccountResource) accountCtx(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
claims := auth.ClaimsFromCtx(r.Context())
logging.GetLogEntry(r).WithField("account_id", claims.ID)
account, err := rs.Store.Get(claims.ID)
if err != nil {
// account deleted while access token still valid
logging.GetLogEntry(r).WithField("account", claims.Sub).Warn(err)
render.Render(w, r, ErrNotFound)
return
}
ctx := context.WithValue(r.Context(), ctxAccount, account)
next.ServeHTTP(w, r.WithContext(ctx))
})
}
type accountRequest struct {
*models.Account
// not really neccessary here as we limit updated database columns in store
ProtectedID int `json:"id"`
ProtectedActive bool `json:"active"`
ProtectedRoles []string `json:"roles"`
}
func (d *accountRequest) Bind(r *http.Request) error {
// d.ProtectedActive = true
// d.ProtectedRoles = []string{}
return nil
}
type accountResponse struct {
*models.Account
}
func newAccountResponse(a *models.Account) *accountResponse {
resp := &accountResponse{Account: a}
return resp
}
func (rs *AccountResource) get(w http.ResponseWriter, r *http.Request) {
acc := r.Context().Value(ctxAccount).(*models.Account)
render.Respond(w, r, newAccountResponse(acc))
}
func (rs *AccountResource) update(w http.ResponseWriter, r *http.Request) {
acc := r.Context().Value(ctxAccount).(*models.Account)
data := &accountRequest{Account: acc}
if err := render.Bind(r, data); err != nil {
render.Render(w, r, ErrInvalidRequest(err))
return
}
acc = data.Account
if err := rs.Store.Update(acc); err != nil {
switch err.(type) {
case validation.Errors:
render.Render(w, r, ErrValidation(err))
return
}
render.Render(w, r, ErrRender(err))
return
}
render.Respond(w, r, newAccountResponse(acc))
}
func (rs *AccountResource) delete(w http.ResponseWriter, r *http.Request) {
acc := r.Context().Value(ctxAccount).(*models.Account)
if err := rs.Store.Delete(acc); err != nil {
render.Render(w, r, ErrRender(err))
return
}
render.Respond(w, r, http.NoBody)
}
type tokenRequest struct {
Identifier string
ProtectedID int `json:"id"`
}
func (d *tokenRequest) Bind(r *http.Request) error {
d.Identifier = strings.TrimSpace(d.Identifier)
return nil
}
func (rs *AccountResource) updateToken(w http.ResponseWriter, r *http.Request) {
id, err := strconv.Atoi(chi.URLParam(r, "tokenID"))
if err != nil {
render.Respond(w, r, ErrBadRequest)
return
}
data := &tokenRequest{}
if err := render.Bind(r, data); err != nil {
render.Respond(w, r, ErrInvalidRequest(err))
return
}
acc := r.Context().Value(ctxAccount).(*models.Account)
for _, t := range acc.Token {
if t.ID == id {
if err := rs.Store.UpdateToken(&models.Token{
ID: t.ID,
Identifier: data.Identifier,
}); err != nil {
render.Respond(w, r, ErrInvalidRequest(err))
return
}
}
}
render.Respond(w, r, http.NoBody)
}
func (rs *AccountResource) deleteToken(w http.ResponseWriter, r *http.Request) {
id, err := strconv.Atoi(chi.URLParam(r, "tokenID"))
if err != nil {
render.Respond(w, r, ErrBadRequest)
return
}
acc := r.Context().Value(ctxAccount).(*models.Account)
for _, t := range acc.Token {
if t.ID == id {
rs.Store.DeleteToken(&models.Token{ID: t.ID})
}
}
render.Respond(w, r, http.NoBody)
}
type profileRequest struct {
*models.Profile
ProtectedID int `json:"id"`
}
func (d *profileRequest) Bind(r *http.Request) error {
// d.ProtectedActive = true
// d.ProtectedRoles = []string{}
return nil
}
type profileResponse struct {
*models.Profile
}
func newProfileResponse(p *models.Profile) *profileResponse {
return &profileResponse{
Profile: p,
}
}
func (rs *AccountResource) updateProfile(w http.ResponseWriter, r *http.Request) {
acc := r.Context().Value(ctxAccount).(*models.Account)
data := &profileRequest{Profile: acc.Profile}
if err := render.Bind(r, data); err != nil {
render.Render(w, r, ErrInvalidRequest(err))
}
p := data.Profile
if err := rs.Store.UpdateProfile(p); err != nil {
switch err.(type) {
case validation.Errors:
render.Render(w, r, ErrValidation(err))
return
}
render.Render(w, r, ErrRender(err))
return
}
render.Respond(w, r, newProfileResponse(p))
}
Reference in a new issue View git blame Copy permalink