diff --git a/main.go b/main.go index ad3a8d9..2c0deda 100644 --- a/main.go +++ b/main.go @@ -54,7 +54,7 @@ func main() { func Routes() *chi.Mux { router := chi.NewRouter() cors := cors.New(cors.Options{ - AllowedOrigins: []string{os.Getenv("UI_PROTO") + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT"), os.Getenv("UI_PROTO") + "www." + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT")}, + AllowedOrigins: []string{os.Getenv("UI_PROTO") + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT"), os.Getenv("UI_PROTO") + "www." + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT")}, AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"}, AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"}, AllowCredentials: true, diff --git a/packages/auth/auth.go b/packages/auth/auth.go index b722d96..1734276 100644 --- a/packages/auth/auth.go +++ b/packages/auth/auth.go @@ -48,6 +48,7 @@ func Init() { type ReturnMessage struct { Message string `json:"msg"` + Error bool `json:"error"` } type SignUpCredentials struct { @@ -98,6 +99,7 @@ func Routes() *chi.Mux { func verify(w http.ResponseWriter, r *http.Request) { returnMessage := ReturnMessage{} + returnMessage.Error = false _, claims, _ := jwtauth.FromContext(r.Context()) sqlStatement := ` UPDATE users @@ -107,6 +109,7 @@ func verify(w http.ResponseWriter, r *http.Request) { if err != nil { w.WriteHeader(http.StatusInternalServerError) returnMessage.Message = "unexpected error verifying account. please contact the administrator" + returnMessage.Error = true render.JSON(w, r, returnMessage) return } @@ -118,29 +121,34 @@ func verify(w http.ResponseWriter, r *http.Request) { func register(w http.ResponseWriter, r *http.Request) { returnMessage := ReturnMessage{} + returnMessage.Error = false creds := &SignUpCredentials{} err := json.NewDecoder(r.Body).Decode(creds) if err != nil { fmt.Println(err) w.WriteHeader(http.StatusBadRequest) returnMessage.Message = "bad data provided" + returnMessage.Error = true render.JSON(w, r, returnMessage) return } if creds.Username == "" { returnMessage.Message = "username is required" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnMessage) return } if creds.Password == "" { returnMessage.Message = "password is required" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnMessage) return } if creds.Email == "" { returnMessage.Message = "email is required" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnMessage) return @@ -148,6 +156,7 @@ func register(w http.ResponseWriter, r *http.Request) { err = checkmail.ValidateFormat(creds.Email) if err != nil { returnMessage.Message = "email not valid" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnMessage) return @@ -159,6 +168,7 @@ func register(w http.ResponseWriter, r *http.Request) { if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false, false); err != nil { fmt.Println(err) returnMessage.Message = "unexpected error. please contact the administrator" + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnMessage) return @@ -195,11 +205,13 @@ func register(w http.ResponseWriter, r *http.Request) { func signin(w http.ResponseWriter, r *http.Request) { returnMessage := ReturnMessage{} + returnMessage.Error = false creds := &UserCredentials{} err := json.NewDecoder(r.Body).Decode(creds) if err != nil { w.WriteHeader(http.StatusBadRequest) returnMessage.Message = "bad data provided" + returnMessage.Error = true render.JSON(w, r, returnMessage) return } @@ -207,6 +219,7 @@ func signin(w http.ResponseWriter, r *http.Request) { if !ok { w.WriteHeader(http.StatusBadRequest) returnMessage.Message = verify_pw + returnMessage.Error = true render.JSON(w, r, returnMessage) return } @@ -230,6 +243,7 @@ func signin(w http.ResponseWriter, r *http.Request) { func refresh(w http.ResponseWriter, r *http.Request) { returnMessage := ReturnMessage{} + returnMessage.Error = false _, claims, _ := jwtauth.FromContext(r.Context()) w.WriteHeader(http.StatusOK) expirationTime := time.Now().Add(24 * time.Hour) @@ -240,6 +254,7 @@ func refresh(w http.ResponseWriter, r *http.Request) { fmt.Println(err) w.WriteHeader(http.StatusInternalServerError) returnMessage.Message = "unexpected error refreshing your token, please try again later" + returnMessage.Error = true render.JSON(w, r, returnMessage) return } diff --git a/packages/blog/blog.go b/packages/blog/blog.go index 151a277..2c6d2bc 100644 --- a/packages/blog/blog.go +++ b/packages/blog/blog.go @@ -43,8 +43,9 @@ type NewBlogPost struct { Author string `json:"author",db:"author"` } -type ReturnError struct { - Message string `json:"error"` +type ReturnMessage struct { + Message string `json:"msg"` + Error bool `json:"error"` } type ReturnSuccess struct { @@ -74,36 +75,41 @@ func Routes() *chi.Mux { } func createBlogPost(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false newBlogPost := &NewBlogPost{} // basic checks _, claims, _ := jwtauth.FromContext(r.Context()) is_admin := claims["admin"].(bool) if !is_admin { - returnError.Message = "sorry only admins are allowed to create blog posts" + returnMessage.Message = "sorry only admins are allowed to create blog posts" + returnMessage.Error = true w.WriteHeader(http.StatusUnauthorized) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } username := claims["username"].(string) err := json.NewDecoder(r.Body).Decode(newBlogPost) if err != nil { - returnError.Message = "unknown error, try again later" + returnMessage.Message = "unknown error, try again later" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } if newBlogPost.Title == "" { - returnError.Message = "title is required" + returnMessage.Message = "title is required" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } if newBlogPost.Content == "" { - returnError.Message = "content is required" + returnMessage.Message = "content is required" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } as := slug.Make(newBlogPost.Title) @@ -113,16 +119,18 @@ func createBlogPost(w http.ResponseWriter, r *http.Request) { scr := 0 err = slugCheck.Scan(&scr) if err == nil { - returnError.Message = "slug already exists" + returnMessage.Message = "slug already exists" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } if err != nil { if err != sql.ErrNoRows { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -135,15 +143,17 @@ func createBlogPost(w http.ResponseWriter, r *http.Request) { err = DB.QueryRow(s, newBlogPost.Title, as, username, newBlogPost.Content, time.Now().UTC(), false, time.Now().UTC()).Scan(&article_id) if err != nil { if err == sql.ErrNoRows { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -164,7 +174,8 @@ func createBlogPost(w http.ResponseWriter, r *http.Request) { } func updateBlogPostById(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false // Get the actual post id := chi.URLParam(r, "id") result := DB.QueryRow("SELECT id, title, slug, author, content, time_published FROM posts WHERE id=$1", id) @@ -172,15 +183,17 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) { err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished) if err != nil { if err == sql.ErrNoRows { - returnError.Message = "blog post requested for update not found" + returnMessage.Message = "blog post requested for update not found" + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -189,9 +202,10 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) { _, claims, _ := jwtauth.FromContext(r.Context()) username := claims["username"].(string) if username != post.Author { - returnError.Message = "unauthorized..." + returnMessage.Message = "unauthorized..." + returnMessage.Error = true w.WriteHeader(http.StatusUnauthorized) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } // update the post struct @@ -206,9 +220,10 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) { // write the row update _, err = DB.Exec(s, post.Title, post.Content, true, time.Now().UTC(), post.ID) if err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -220,7 +235,8 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) { // This will search by the last id seen, descending. func getBlogPosts(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false referenceID := &ReferenceID{} err := json.NewDecoder(r.Body).Decode(referenceID) // hardcode 9001 for cool kid points @@ -241,9 +257,10 @@ func getBlogPosts(w http.ResponseWriter, r *http.Request) { ` rows, err := DB.Query(search, search_id) if err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -256,9 +273,10 @@ func getBlogPosts(w http.ResponseWriter, r *http.Request) { posts = append(posts, post) } if err := rows.Err(); err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -268,15 +286,17 @@ func getBlogPosts(w http.ResponseWriter, r *http.Request) { } func getBlogPostBySlug(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false slug := chi.URLParam(r, "slug") result := DB.QueryRow("SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE slug=$1", slug) post := BlogPost{} err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified) if err != nil { - returnError.Message = "post not found" + returnMessage.Message = "post not found" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } w.WriteHeader(http.StatusOK) @@ -285,15 +305,17 @@ func getBlogPostBySlug(w http.ResponseWriter, r *http.Request) { } func getBlogPostById(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false id := chi.URLParam(r, "id") result := DB.QueryRow("SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE id=$1", id) post := BlogPost{} err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified) if err != nil { - returnError.Message = "post not found" + returnMessage.Message = "post not found" + returnMessage.Error = true w.WriteHeader(http.StatusBadRequest) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) return } w.WriteHeader(http.StatusOK) @@ -302,7 +324,8 @@ func getBlogPostById(w http.ResponseWriter, r *http.Request) { } func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false referenceID := &ReferenceID{} err := json.NewDecoder(r.Body).Decode(referenceID) // hardcode 9001 for cool kid points @@ -326,9 +349,10 @@ func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) { ` rows, err := DB.Query(search, search_id, tag) if err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -341,9 +365,10 @@ func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) { posts = append(posts, post) } if err := rows.Err(); err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -353,7 +378,8 @@ func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) { } func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) { - returnError := ReturnError{} + returnMessage := ReturnMessage{} + returnMessage.Error = false referenceID := &ReferenceID{} err := json.NewDecoder(r.Body).Decode(referenceID) // hardcode 9001 for cool kid points @@ -376,9 +402,10 @@ func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) { ` rows, err := DB.Query(search, search_id, author) if err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return } @@ -391,9 +418,10 @@ func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) { posts = append(posts, post) } if err := rows.Err(); err != nil { - returnError.Message = "something is super broken..." + returnMessage.Message = "something is super broken..." + returnMessage.Error = true w.WriteHeader(http.StatusInternalServerError) - render.JSON(w, r, returnError) + render.JSON(w, r, returnMessage) fmt.Println(err) return }