Add update username method

2025-05-05 12:22:35 +02:00 · 2022-11-18 17:18:46 +01:00 · 2022-11-18 17:18:46 +01:00 · 7c2c993dc3
commit 7c2c993dc3
parent 626b7fa3e9
10 changed files with 82 additions and 9 deletions
--- a/service/api/api-context-wrapper.go
+++ b/service/api/api-context-wrapper.go
@ -28,7 +28,6 @@ func (rt *_router) wrap(fn httpRouterHandler) func(http.ResponseWriter, *http.Re

 		if err != nil {
 			rt.baseLogger.WithError(err).Info("User not authorized")
-			w.WriteHeader(http.StatusUnauthorized)
 			return
 		}

--- a/service/api/api-handler.go
+++ b/service/api/api-handler.go
@ -8,6 +8,9 @@ import (
 func (rt *_router) Handler() http.Handler {
 	// Register routes
 	rt.router.POST("/session", rt.wrap(rt.PostSession))
+
+	rt.router.PUT("/users/:user_id/username", rt.wrap(rt.UpdateUsername))
+
 	rt.router.GET("/", rt.getHelloWorld)
 	rt.router.GET("/context", rt.wrap(rt.getContextReply))

--- a/service/api/authorization/auth-bearer.go
+++ b/service/api/authorization/auth-bearer.go
@ -4,6 +4,7 @@ import (
 	"errors"
 	"strings"

+	"github.com/notherealmarco/WASAPhoto/service/api/reqcontext"
 	"github.com/notherealmarco/WASAPhoto/service/database"
 )

@ -42,9 +43,19 @@ func (b *BearerAuth) Authorized(db database.AppDatabase) (bool, error) {
 	return state, nil
 }

-func (b *BearerAuth) UserAuthorized(db database.AppDatabase, uid string) (bool, error) {
+func (b *BearerAuth) UserAuthorized(db database.AppDatabase, uid string) (reqcontext.AuthStatus, error) {
 	if b.token == uid {
-		return b.Authorized(db)
+		auth, err := b.Authorized(db)
+
+		if err != nil {
+			return -1, err
+		}
+
+		if auth {
+			return reqcontext.AUTHORIZED, nil
+		} else {
+			return reqcontext.UNAUTHORIZED, nil
+		}
 	}
-	return false, nil
+	return reqcontext.FORBIDDEN, nil
 }
--- a/service/api/authorization/auth-manager.go
+++ b/service/api/authorization/auth-manager.go
@ -2,8 +2,10 @@ package authorization

 import (
 	"errors"
+	"net/http"

 	"github.com/notherealmarco/WASAPhoto/service/api/reqcontext"
+	"github.com/notherealmarco/WASAPhoto/service/database"
 )

 func BuildAuth(header string) (reqcontext.Authorization, error) {
@ -16,3 +18,21 @@ func BuildAuth(header string) (reqcontext.Authorization, error) {
 	}
 	return auth, nil
 }
+
+func SendAuthorizationError(f func(db database.AppDatabase, uid string) (reqcontext.AuthStatus, error), uid string, db database.AppDatabase, w http.ResponseWriter) bool {
+	auth, err := f(db, uid)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		// todo: log error and write it to the response
+		return false
+	}
+	if auth == reqcontext.UNAUTHORIZED {
+		w.WriteHeader(http.StatusUnauthorized)
+		return false
+	}
+	if auth == reqcontext.FORBIDDEN {
+		w.WriteHeader(http.StatusForbidden)
+		return false
+	}
+	return true
+}
--- a/service/api/post-session.go
+++ b/service/api/post-session.go
@ -14,7 +14,7 @@ type _reqbody struct {
 }

 type _respbody struct {
-	UID string `json:"uid"`
+	UID string `json:"user_id"`
 }

 // getContextReply is an example of HTTP endpoint that returns "Hello World!" as a plain text. The signature of this
--- a/service/api/put-updateusername.go
+++ b/service/api/put-updateusername.go
@ -1,14 +1,35 @@
 package api

 import (
+	"encoding/json"
 	"net/http"

 	"github.com/julienschmidt/httprouter"
+	"github.com/notherealmarco/WASAPhoto/service/api/authorization"
 	"github.com/notherealmarco/WASAPhoto/service/api/reqcontext"
+	"github.com/notherealmarco/WASAPhoto/service/structures"
 )

 func (rt *_router) UpdateUsername(w http.ResponseWriter, r *http.Request, ps httprouter.Params, ctx reqcontext.RequestContext) {

-	auth, err := ctx.Auth.UserAuthorized(rt.db, r.URL.Path // todo: prendere il coso giusto dal path)
+	uid := ps.ByName("user_id")
+	if !authorization.SendAuthorizationError(ctx.Auth.UserAuthorized, uid, rt.db, w) {
+		return
+	}
+	var req structures.UserDetails
+	err := json.NewDecoder(r.Body).Decode(&req) //todo: capire se serve close

+	if err != nil {
+		w.WriteHeader(http.StatusBadRequest) // todo: move to DecodeOrBadRequest helper
+		return
+	}
+
+	err = rt.db.UpdateUsername(uid, req.Name)
+
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError) // todo: is not ok, maybe let's use a helper
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent) // todo: change to 204 also in API spec
 }
--- a/service/api/reqcontext/request-context.go
+++ b/service/api/reqcontext/request-context.go
@ -12,6 +12,14 @@ import (
 	"github.com/sirupsen/logrus"
 )

+type AuthStatus int
+
+const (
+	AUTHORIZED   = 0
+	UNAUTHORIZED = 1
+	FORBIDDEN    = 2
+)
+
 // RequestContext is the context of the request, for request-dependent parameters
 type RequestContext struct {
 	// ReqUUID is the request unique ID
@ -26,5 +34,5 @@ type RequestContext struct {
 type Authorization interface {
 	GetType() string
 	Authorized(db database.AppDatabase) (bool, error)
-	UserAuthorized(db database.AppDatabase, uid string) (bool, error)
+	UserAuthorized(db database.AppDatabase, uid string) (AuthStatus, error)
 }