Biukop
/
SFM-loan-Rest-Api
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 Комити
1 Грана
973KB
Дрво: 46257e4b29
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from '46257e4b29'
${ noResults }
SFM-loan-Rest-Api/apiv1.go

170 lines
4.5KB
Датотека Blame Историја 

  1. package main

  2. 

  3. import (

  4. 	"biukop/sfm/loan"

  5. 	"database/sql"

  6. 	"encoding/json"

  7. 	"fmt"

  8. 	"github.com/brianvoe/gofakeit/v6"

  9. 	log "github.com/sirupsen/logrus"

  10. 	"net/http"

  11. 	"net/http/httputil"

  12. 	"strconv"

  13. 	"strings"

  14. 	"time"

  15. )

  16. 

  17. const apiV1Prefix = "/api/v1/"

  18. 

  19. type apiV1HandlerMap struct {

  20. 	Method  string

  21. 	Path    string //regex

  22. 	Handler func(http.ResponseWriter, *http.Request, *loan.Session)

  23. }

  24. 

  25. var apiV1Handler = []apiV1HandlerMap{

  26. 	{"POST", "login", apiV1Login},

  27. 	{"GET", "login", apiV1DumpRequest},

  28. }

  29. 

  30. //apiV1Main  version 1 main entry for all REST API

  31. //

  32. func apiV1Main(w http.ResponseWriter, r *http.Request) {

  33. 	logRequestDebug(httputil.DumpRequest(r, true))

  34. 	w.Header().Set("Content-Type", "application/json;charset=UTF-8")

  35. 

  36. 	//track browser, and take session from cookie

  37. 	session := loan.Session{}

  38. 	apiV1InitSessionByBrowserId(w, r, &session)

  39. 

  40. 	//try session login first, if not an empty session will be created

  41. 	e := apiV1InitSessionByHttpHeader(r, &session)

  42. 	if e != nil {

  43. 		log.Warnf("Fail to InitSession %+v", session)

  44. 		apiV1Client403Error(w, r)

  45. 		return

  46. 	}

  47. 	session.RenewIfExpireSoon()

  48. 	session.SetRemote(r) //make sure they are using latest remote

  49. 

  50. 	//we have a session now, either guest or valid user

  51. 	//search through handler

  52. 	path := r.URL.Path[len(apiV1Prefix):] //strip API prefix

  53. 	for _, node := range apiV1Handler {

  54. 		if r.Method == node.Method && path == node.Path {

  55. 			node.Handler(w, r, &session)

  56. 			e = session.Write() //finish this session to DB

  57. 			if e != nil {

  58. 				log.Warnf("Failed to Save Session %+v \n reason \n%s\n", session, e.Error())

  59. 			}

  60. 			return

  61. 		}

  62. 	}

  63. 

  64. 	//Catch for all

  65. 	e = session.Write() //finish this session to DB

  66. 	apiV1DumpRequest(w, r, &session)

  67. }

  68. 

  69. func apiV1InitSessionByBrowserId(w http.ResponseWriter, r *http.Request, session *loan.Session) {

  70. 	var mid string

  71. 	inCookie, e := r.Cookie("mid")

  72. 	if e == nil {

  73. 		mid = inCookie.Value

  74. 	} else {

  75. 		mid = strconv.Itoa(int(time.Now().Unix())) + "-" + gofakeit.UUID()

  76. 	}

  77. 

  78. 	var sid string

  79. 	inCookie, e = r.Cookie("session")

  80. 	if e == nil {

  81. 		sid = inCookie.Value

  82. 		if sid != "" {

  83. 			e = session.Read(sid)

  84. 			if e == nil {

  85. 				if mid != session.Get("mid") {

  86. 					session.MarkEmpty()

  87. 				}

  88. 			}

  89. 		} else { //create a new session

  90. 			session.InitGuest(time.Now().Add(loan.DefaultSessionDuration))

  91. 			session.Add("mid", mid)

  92. 		}

  93. 	}

  94. 

  95. 	//add tracking cookie

  96. 	expiration := time.Now().Add(365 * 24 * time.Hour)

  97. 	cookie := http.Cookie{Name: "session", Value: session.Id, Expires: expiration}

  98. 	http.SetCookie(w, &cookie)

  99. 

  100. 	cookie = http.Cookie{Name: "mid", Value: mid, Expires: expiration}

  101. 	http.SetCookie(w, &cookie)

  102. 

  103. }

  104. 

  105. func apiV1InitSessionByHttpHeader(r *http.Request, ss *loan.Session) (e error) {

  106. 	sid := r.Header.Get("Biukop-Session")

  107. 

  108. 	//make sure session id is given

  109. 	if sid != "" {

  110. 		//Try to retrieve a copy of DB session

  111. 		trial := loan.Session{}

  112. 		e = trial.Retrieve(r)

  113. 		if e == nil { //we got existing session from DB

  114. 			e = trial.ValidateRequest(r)

  115. 			if e != nil { // db session does not match request

  116. 				log.Warnf("failed session login %+v, %s", ss, time.Now().Format(time.RFC1123))

  117. 				ss.InitGuest(time.Now().Add(loan.DefaultSessionDuration))

  118. 				e = nil

  119. 			} else { //else, we have logged this user

  120. 				*ss = trial //overwrite the incoming session

  121. 			}

  122. 		} else if e == sql.ErrNoRows { //db does not have required session.

  123. 			log.Warn("DB has no corresponding session ", sid)

  124. 		} else { // retrieve has error

  125. 			log.Warnf("Retrieve Session %s encountered error %s", sid, e.Error())

  126. 		}

  127. 	}

  128. 

  129. 	//if there is not session incoming

  130. 	if ss.IsEmpty() { //cookie may have initialized a session

  131. 		ss.InitGuest(time.Now().Add(loan.DefaultSessionDuration))

  132. 		e = nil //we try to init an empty one

  133. 	}

  134. 

  135. 	return

  136. }

  137. 

  138. func apiV1ErrorCheck(e error) {

  139. 	if nil != e {

  140. 		panic(e.Error()) //TODO: detailed error check, truck all caller

  141. 	}

  142. }

  143. 

  144. func apiV1Server500Error(w http.ResponseWriter, r *http.Request) {

  145. 

  146. 	w.WriteHeader(500)

  147. 	fmt.Fprintf(w, "Server Internal Error  "+time.Now().Format(time.RFC1123))

  148. 

  149. 	//write log

  150. 	dump := logRequestDebug(httputil.DumpRequest(r, true))

  151. 	dump = strings.TrimSpace(dump)

  152. 	log.Warnf("Unhandled Protocol = %s path= %s", r.Method, r.URL.Path)

  153. }

  154. 

  155. func apiV1Client403Error(w http.ResponseWriter, r *http.Request) {

  156. 	w.WriteHeader(403)

  157. 	type struct403 struct {

  158. 		Error    int

  159. 		ErrorMsg string

  160. 	}

  161. 	e403 := struct403{Error: 403, ErrorMsg: "Not Authorized " + time.Now().Format(time.RFC1123)}

  162. 	msg403, _ := json.Marshal(e403)

  163. 	fmt.Fprintln(w, string(msg403))

  164. 

  165. 	//write log

  166. 	dump := logRequestDebug(httputil.DumpRequest(r, true))

  167. 	dump = strings.TrimSpace(dump)

  168. 	log.Warnf("Not authorized   http(%s) path= %s, %s", r.Method, r.URL.Path, dump)

  169. }