package blog import ( "database/sql" "encoding/json" "fmt" "git.minhas.io/asara/sudoscientist-go-backend/packages/middleware" "github.com/go-chi/chi" "github.com/go-chi/jwtauth" "github.com/go-chi/render" "github.com/gosimple/slug" "net/http" "strings" "time" ) var ( DB *sql.DB TokenAuth *jwtauth.JWTAuth ) type BlogPost struct { ID int `json:"id",db:"id"` Title string `json:"title",db:"title"` Slug string `json:"slug",db:"slug"` Author string `json:"author",db:"author"` Content string `json:"content",db:"content"` TimePublished time.Time `json:"time_published", db:"time_published"` Modified bool `json:"modified", db:"modified"` TimeModified time.Time `json:"last_modified", db:"last_modified"` } type BlogPosts []BlogPost type Tag struct { TagList string `json:"tags"` } type NewBlogPost struct { Title string `json:"title",db:"title"` Content string `json:"content",db:"content"` Tags string `json:"tags"` Author string `json:"author",db:"author"` } type ReturnError struct { Message string `json:"error"` } type ReturnSuccess struct { Message string `json:"success"` ID int `json:"id"` Slug string `json:"slug",db:"slug"` } type ReferenceID struct { LastID int `json:"last_id"` } func Routes() *chi.Mux { r := chi.NewRouter() r.Group(func(r chi.Router) { r.Use(jwtauth.Verify(TokenAuth, auth_middleware.TokenFromSplitCookie)) r.Use(jwtauth.Authenticator) r.Post("/", createBlogPost) r.Patch("/by-id/{id}", updateBlogPostById) }) r.Get("/", getBlogPosts) r.Get("/by-id/{id}", getBlogPostById) r.Get("/by-tag/{tag}", getBlogPostsByTag) r.Get("/by-author/{author}", getBlogPostsByAuthor) r.Get("/by-slug/{slug}", getBlogPostBySlug) return r } func createBlogPost(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} newBlogPost := &NewBlogPost{} // basic checks _, claims, _ := jwtauth.FromContext(r.Context()) username := claims["username"].(string) err := json.NewDecoder(r.Body).Decode(newBlogPost) if err != nil { returnError.Message = "unknown error, try again later" w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnError) return } if newBlogPost.Title == "" { returnError.Message = "title is required" w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnError) return } if newBlogPost.Content == "" { returnError.Message = "content is required" w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnError) return } as := slug.Make(newBlogPost.Title) slugCheck := DB.QueryRow("SELECT id FROM posts WHERE slug=$1", as) // wow this is ugly. someone pls send help. // checking to ensure the same slug doesn't exist... scr := 0 err = slugCheck.Scan(&scr) if err == nil { returnError.Message = "slug already exists" w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnError) return } if err != nil { if err != sql.ErrNoRows { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } } s := `INSERT INTO posts (title, slug, author, content, time_published, modified, last_modified) VALUES ($1, $2, $3, $4, $5, $6, $7) RETURNING id` article_id := 0 // write the row and get back the id err = DB.QueryRow(s, newBlogPost.Title, as, username, newBlogPost.Content, time.Now().UTC(), false, time.Now().UTC()).Scan(&article_id) if err != nil { if err == sql.ErrNoRows { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } // if the article has tags if newBlogPost.Tags != "" { t := `INSERT INTO tags (tag, article_id) VALUES ($1, $2)` tags := strings.Split(newBlogPost.Tags, ",") for i := range tags { DB.Exec(t, tags[i], article_id) } } returnSuccess := ReturnSuccess{Message: "post created", ID: article_id, Slug: as} w.WriteHeader(http.StatusCreated) render.JSON(w, r, returnSuccess) return } func updateBlogPostById(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} // Get the actual post id := chi.URLParam(r, "id") result := DB.QueryRow("SELECT id, title, slug, author, content, time_published FROM posts WHERE id=$1", id) post := BlogPost{} err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished) if err != nil { if err == sql.ErrNoRows { returnError.Message = "blog post requested for update not found" w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } // Verify the post belongs to the requester _, claims, _ := jwtauth.FromContext(r.Context()) username := claims["username"].(string) if username != post.Author { returnError.Message = "unauthorized..." w.WriteHeader(http.StatusUnauthorized) render.JSON(w, r, returnError) return } // update the post struct err = json.NewDecoder(r.Body).Decode(&post) s := ` UPDATE posts SET title = $1, content = $2, modified = $3, last_modified = $4 WHERE id = $5` // write the row update _, err = DB.Exec(s, post.Title, post.Content, true, time.Now().UTC(), post.ID) if err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } returnSuccess := ReturnSuccess{Message: "post updated", ID: post.ID, Slug: post.Slug} w.WriteHeader(http.StatusOK) render.JSON(w, r, returnSuccess) return } // This will search by the last id seen, descending. func getBlogPosts(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} referenceID := &ReferenceID{} err := json.NewDecoder(r.Body).Decode(referenceID) // hardcode 9001 for cool kid points if err != nil { referenceID.LastID = 9001 } search_id := referenceID.LastID // if someone is lame and sends up a negative number... if search_id < 1 { search_id = 9001 } search := ` SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE id < $1 ORDER BY id DESC FETCH FIRST 10 ROWS ONLY ` rows, err := DB.Query(search, search_id) if err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } defer rows.Close() post := BlogPost{} posts := make(BlogPosts, 0) for rows.Next() { if err := rows.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified); err != nil { } posts = append(posts, post) } if err := rows.Err(); err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } w.WriteHeader(http.StatusOK) render.JSON(w, r, posts) return } func getBlogPostBySlug(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} slug := chi.URLParam(r, "slug") result := DB.QueryRow("SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE slug=$1", slug) post := BlogPost{} err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified) if err != nil { returnError.Message = "post not found" w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnError) return } w.WriteHeader(http.StatusOK) render.JSON(w, r, post) return } func getBlogPostById(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} id := chi.URLParam(r, "id") result := DB.QueryRow("SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE id=$1", id) post := BlogPost{} err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified) if err != nil { returnError.Message = "post not found" w.WriteHeader(http.StatusBadRequest) render.JSON(w, r, returnError) return } w.WriteHeader(http.StatusOK) render.JSON(w, r, post) return } func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} referenceID := &ReferenceID{} err := json.NewDecoder(r.Body).Decode(referenceID) // hardcode 9001 for cool kid points if err != nil { referenceID.LastID = 9001 } search_id := referenceID.LastID // if someone is lame and sends up a negative number... if search_id < 1 { search_id = 9001 } tag := chi.URLParam(r, "tag") search := ` SELECT posts.id, posts.title, posts.slug, posts.author, posts.content, posts.time_published, posts.modified, posts.last_modified FROM posts INNER JOIN tags on posts .id = tags.article_id WHERE posts.id < $1 AND tags.tag = $2 ORDER BY id DESC FETCH FIRST 10 ROWS ONLY ` rows, err := DB.Query(search, search_id, tag) if err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } defer rows.Close() post := BlogPost{} posts := make(BlogPosts, 0) for rows.Next() { if err := rows.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified); err != nil { } posts = append(posts, post) } if err := rows.Err(); err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } w.WriteHeader(http.StatusOK) render.JSON(w, r, posts) return } func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) { returnError := ReturnError{} referenceID := &ReferenceID{} err := json.NewDecoder(r.Body).Decode(referenceID) // hardcode 9001 for cool kid points if err != nil { referenceID.LastID = 9001 } search_id := referenceID.LastID // if someone is lame and sends up a negative number... if search_id < 1 { search_id = 9001 } author := chi.URLParam(r, "author") search := ` SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE id < $1 AND author = $2 ORDER BY id DESC FETCH FIRST 10 ROWS ONLY ` rows, err := DB.Query(search, search_id, author) if err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } defer rows.Close() post := BlogPost{} posts := make(BlogPosts, 0) for rows.Next() { if err := rows.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified); err != nil { } posts = append(posts, post) } if err := rows.Err(); err != nil { returnError.Message = "something is super broken..." w.WriteHeader(http.StatusInternalServerError) render.JSON(w, r, returnError) fmt.Println(err) return } w.WriteHeader(http.StatusOK) render.JSON(w, r, posts) return } func getRssFeed(w http.ResponseWriter, r *http.Request) { return }