wakapi/routes/settings.go

package routes

import (
	"fmt"
	"github.com/gorilla/schema"
	conf "github.com/muety/wakapi/config"
	"github.com/muety/wakapi/models"
	"github.com/muety/wakapi/services"
	"github.com/muety/wakapi/utils"
	"net/http"
	"net/url"
	"strconv"
)

type SettingsHandler struct {
	config         *conf.Config
	userSrvc       *services.UserService
	customRuleSrvc *services.CustomRuleService
}

var credentialsDecoder = schema.NewDecoder()

func NewSettingsHandler(userService *services.UserService, customRuleService *services.CustomRuleService) *SettingsHandler {
	return &SettingsHandler{
		config:         conf.Get(),
		customRuleSrvc: customRuleService,
		userSrvc:       userService,
	}
}

func (h *SettingsHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	user := r.Context().Value(models.UserKey).(*models.User)
	rules, _ := h.customRuleSrvc.GetCustomRuleForUser(user.ID)
	data := map[string]interface{}{
		"User":    user,
		"Rules":   rules,
		"Success": r.FormValue("success"),
		"Error":   r.FormValue("error"),
	}

	templates[conf.SettingsTemplate].Execute(w, data)
}

func (h *SettingsHandler) PostCredentials(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	user := r.Context().Value(models.UserKey).(*models.User)

	var credentials models.CredentialsReset
	if err := r.ParseForm(); err != nil {
		respondAlert(w, "missing parameters", "", conf.SettingsTemplate, http.StatusBadRequest)
		return
	}
	if err := credentialsDecoder.Decode(&credentials, r.PostForm); err != nil {
		respondAlert(w, "missing parameters", "", conf.SettingsTemplate, http.StatusBadRequest)
		return
	}

	if !utils.CompareBcrypt(user.Password, credentials.PasswordOld, h.config.Security.PasswordSalt) {
		respondAlert(w, "invalid credentials", "", conf.SettingsTemplate, http.StatusUnauthorized)
		return
	}

	if !credentials.IsValid() {
		respondAlert(w, "invalid parameters", "", conf.SettingsTemplate, http.StatusBadRequest)
		return
	}

	user.Password = credentials.PasswordNew
	if hash, err := utils.HashBcrypt(user.Password, h.config.Security.PasswordSalt); err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	} else {
		user.Password = hash
	}

	if _, err := h.userSrvc.Update(user); err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	login := &models.Login{
		Username: user.ID,
		Password: user.Password,
	}
	encoded, err := h.config.Security.SecureCookie.Encode(models.AuthCookieKey, login)
	if err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	cookie := &http.Cookie{
		Name:     models.AuthCookieKey,
		Value:    encoded,
		Path:     "/",
		Secure:   !h.config.Security.InsecureCookies,
		HttpOnly: true,
	}
	http.SetCookie(w, cookie)

	msg := url.QueryEscape("password was updated successfully")
	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
}

func (h *SettingsHandler) DeleteCustomRule(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	user := r.Context().Value(models.UserKey).(*models.User)
	ruleId, err := strconv.Atoi(r.PostFormValue("ruleid"))
	if err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	rule := &models.CustomRule{
		ID:     uint(ruleId),
		UserID: user.ID,
	}

	err = h.customRuleSrvc.Delete(rule)
	if err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	msg := url.QueryEscape("Custom rule deleted successfully.")

	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
}

func (h *SettingsHandler) PostCreateCustomRule(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}
	user := r.Context().Value(models.UserKey).(*models.User)
	extension := r.PostFormValue("extension")
	language := r.PostFormValue("language")

	if extension[0] == '.' {
		extension = extension[1:]
	}

	rule := &models.CustomRule{
		UserID:    user.ID,
		Extension: extension,
		Language:  language,
	}

	if _, err := h.customRuleSrvc.Create(rule); err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	msg := url.QueryEscape("Custom rule saved successfully.")

	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
}

func (h *SettingsHandler) PostResetApiKey(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	user := r.Context().Value(models.UserKey).(*models.User)
	if _, err := h.userSrvc.ResetApiKey(user); err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	msg := url.QueryEscape(fmt.Sprintf("your new api key is: %s", user.ApiKey))
	http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
}

func (h *SettingsHandler) PostToggleBadges(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	user := r.Context().Value(models.UserKey).(*models.User)

	if _, err := h.userSrvc.ToggleBadges(user); err != nil {
		respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
		return
	}

	http.Redirect(w, r, fmt.Sprintf("%s/settings", h.config.Server.BasePath), http.StatusFound)
}
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`package routes`

			`import (`
			`"fmt"`
			`"github.com/gorilla/schema"`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`conf "github.com/muety/wakapi/config"`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`"github.com/muety/wakapi/models"`
			`"github.com/muety/wakapi/services"`
			`"github.com/muety/wakapi/utils"`
			`"net/http"`
feat: add ability to reset api key (resolve #29) 2020-06-07 20:58:06 +03:00			`"net/url"`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`"strconv"`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`)`

			`type SettingsHandler struct {`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`config *conf.Config`
			`userSrvc *services.UserService`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`customRuleSrvc *services.CustomRuleService`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`}`

			`var credentialsDecoder = schema.NewDecoder()`

MVP for custom rules support 2020-10-25 09:22:10 +03:00			`func NewSettingsHandler(userService services.UserService, customRuleService services.CustomRuleService) *SettingsHandler {`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return &SettingsHandler{`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`config: conf.Get(),`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`customRuleSrvc: customRuleService,`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`userSrvc: userService,`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`}`
			`}`

			`func (h SettingsHandler) GetIndex(w http.ResponseWriter, r http.Request) {`
			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

feat: implement badges endpoint and sharing functionality 2020-09-12 17:09:23 +03:00			`user := r.Context().Value(models.UserKey).(*models.User)`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`rules, _ := h.customRuleSrvc.GetCustomRuleForUser(user.ID)`
feat: implement badges endpoint and sharing functionality 2020-09-12 17:09:23 +03:00			`data := map[string]interface{}{`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`"User": user,`
			`"Rules": rules,`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`"Success": r.FormValue("success"),`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`"Error": r.FormValue("error"),`
feat: implement badges endpoint and sharing functionality 2020-09-12 17:09:23 +03:00			`}`

chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`templates[conf.SettingsTemplate].Execute(w, data)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`}`

			`func (h SettingsHandler) PostCredentials(w http.ResponseWriter, r http.Request) {`
			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

			`user := r.Context().Value(models.UserKey).(*models.User)`

			`var credentials models.CredentialsReset`
			`if err := r.ParseForm(); err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "missing parameters", "", conf.SettingsTemplate, http.StatusBadRequest)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
			`}`
			`if err := credentialsDecoder.Decode(&credentials, r.PostForm); err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "missing parameters", "", conf.SettingsTemplate, http.StatusBadRequest)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
			`}`

chore: minor code restyling 2020-10-16 17:11:14 +03:00			`if !utils.CompareBcrypt(user.Password, credentials.PasswordOld, h.config.Security.PasswordSalt) {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "invalid credentials", "", conf.SettingsTemplate, http.StatusUnauthorized)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
			`}`

			`if !credentials.IsValid() {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "invalid parameters", "", conf.SettingsTemplate, http.StatusBadRequest)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
			`}`

			`user.Password = credentials.PasswordNew`
chore: minor code restyling 2020-10-16 17:11:14 +03:00			`if hash, err := utils.HashBcrypt(user.Password, h.config.Security.PasswordSalt); err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
chore: minor code restyling 2020-10-16 17:11:14 +03:00			`} else {`
			`user.Password = hash`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`}`

			`if _, err := h.userSrvc.Update(user); err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
			`}`

			`login := &models.Login{`
			`Username: user.ID,`
			`Password: user.Password,`
			`}`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`encoded, err := h.config.Security.SecureCookie.Encode(models.AuthCookieKey, login)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`if err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`return`
			`}`

			`cookie := &http.Cookie{`
			`Name: models.AuthCookieKey,`
			`Value: encoded,`
			`Path: "/",`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`Secure: !h.config.Security.InsecureCookies,`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`HttpOnly: true,`
			`}`
			`http.SetCookie(w, cookie)`
feat: add ability to reset api key (resolve #29) 2020-06-07 20:58:06 +03:00
			`msg := url.QueryEscape("password was updated successfully")`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`}`

			`func (h SettingsHandler) DeleteCustomRule(w http.ResponseWriter, r http.Request) {`
			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

			`user := r.Context().Value(models.UserKey).(*models.User)`
			`ruleId, err := strconv.Atoi(r.PostFormValue("ruleid"))`
			`if err != nil {`
General cleanup and fixed PR comments 2020-10-26 05:00:24 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`return`
			`}`

			`rule := &models.CustomRule{`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`ID: uint(ruleId),`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`UserID: user.ID,`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`}`
refactor: introduce repositories as an additional layer of abstraction to allow for better testability 2020-11-01 18:56:36 +03:00
			`err = h.customRuleSrvc.Delete(rule)`
			`if err != nil {`
			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
			`return`
			`}`

Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`msg := url.QueryEscape("Custom rule deleted successfully.")`
MVP for custom rules support 2020-10-25 09:22:10 +03:00
			`http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)`
			`}`

			`func (h SettingsHandler) PostCreateCustomRule(w http.ResponseWriter, r http.Request) {`
			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`
			`user := r.Context().Value(models.UserKey).(*models.User)`
			`extension := r.PostFormValue("extension")`
			`language := r.PostFormValue("language")`

			`if extension[0] == '.' {`
			`extension = extension[1:]`
			`}`

			`rule := &models.CustomRule{`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`UserID: user.ID,`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`Extension: extension,`
Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`Language: language,`
			`}`
MVP for custom rules support 2020-10-25 09:22:10 +03:00
			`if _, err := h.customRuleSrvc.Create(rule); err != nil {`
General cleanup and fixed PR comments 2020-10-26 05:00:24 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
MVP for custom rules support 2020-10-25 09:22:10 +03:00			`return`
			`}`

Merge branch 'notarock/62' 2020-10-27 00:34:50 +03:00			`msg := url.QueryEscape("Custom rule saved successfully.")`
MVP for custom rules support 2020-10-25 09:22:10 +03:00
			`http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`}`

			`func (h SettingsHandler) PostResetApiKey(w http.ResponseWriter, r http.Request) {`
			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`
feat: add ability to reset api key (resolve #29) 2020-06-07 20:58:06 +03:00
			`user := r.Context().Value(models.UserKey).(*models.User)`
			`if _, err := h.userSrvc.ResetApiKey(user); err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
feat: add ability to reset api key (resolve #29) 2020-06-07 20:58:06 +03:00			`return`
			`}`

			`msg := url.QueryEscape(fmt.Sprintf("your new api key is: %s", user.ApiKey))`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)`
feat: add ability to change passwords (resolve #30) 2020-06-07 20:28:32 +03:00			`}`
feat: implement badges endpoint and sharing functionality 2020-09-12 17:09:23 +03:00
			`func (h SettingsHandler) PostToggleBadges(w http.ResponseWriter, r http.Request) {`
			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

			`user := r.Context().Value(models.UserKey).(*models.User)`

			`if _, err := h.userSrvc.ToggleBadges(user); err != nil {`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)`
feat: implement badges endpoint and sharing functionality 2020-09-12 17:09:23 +03:00			`return`
			`}`

refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/settings", h.config.Server.BasePath), http.StatusFound)`
feat: implement badges endpoint and sharing functionality 2020-09-12 17:09:23 +03:00			`}`