fix: refactor code to be testable #181

handler/auth.go

@@ -19,11 +19,11 @@ type HandlerAuth interface {
 
 type HandlerAuthImpl struct {
 	db             *sql.DB
-	service        service.ServiceAuth
+	service        service.AuthService
 	serverSettings *types.ServerSettings
 }
 
-func NewHandlerAuth(db *sql.DB, service service.ServiceAuth, serverSettings *types.ServerSettings) HandlerAuth {
+func NewHandlerAuth(db *sql.DB, service service.AuthService, serverSettings *types.ServerSettings) HandlerAuth {
 	return HandlerAuthImpl{
 		db:             db,
 		service:        service,
@@ -35,17 +35,17 @@ func (handler HandlerAuthImpl) handle(router *http.ServeMux) {
 	// Don't use auth middleware for these routes, as it makes redirecting very difficult, if the mail is not yet verified
 	router.Handle("/auth/signin", handler.handleSignInPage())
 	router.Handle("/auth/signup", handler.handleSignUpPage())
-	router.Handle("/auth/verify", service.HandleSignUpVerifyPage(handler.db, handler.serverSettings)) // Hint for the user to verify their email
-	router.Handle("/auth/delete-account", service.HandleDeleteAccountPage(handler.db, handler.serverSettings))
+	router.Handle("/auth/verify", handler.handleSignUpVerifyPage()) // Hint for the user to verify their email
+	router.Handle("/auth/delete-account", handler.handleDeleteAccountPage())
 	router.Handle("/auth/verify-email", service.HandleSignUpVerifyResponsePage(handler.db)) // The link contained in the email
-	router.Handle("/auth/change-password", service.HandleChangePasswordPage(handler.db, handler.serverSettings))
-	router.Handle("/auth/reset-password", service.HandleResetPasswordPage(handler.db, handler.serverSettings))
+	router.Handle("/auth/change-password", handler.handleChangePasswordPage())
+	router.Handle("/auth/reset-password", handler.handleResetPasswordPage())
 	router.Handle("/api/auth/signup", handler.handleSignUp())
 	router.Handle("/api/auth/signin", handler.handleSignIn())
-	router.Handle("/api/auth/signout", service.HandleSignOutComp(handler.db))
-	router.Handle("/api/auth/delete-account", service.HandleDeleteAccountComp(handler.db, handler.serverSettings))
-	router.Handle("/api/auth/verify-resend", service.HandleVerifyResendComp(handler.db, handler.serverSettings))
-	router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(handler.db))
+	router.Handle("/api/auth/signout", handler.handleSignOut())
+	router.Handle("/api/auth/delete-account", handler.HandleDeleteAccountComp())
+	router.Handle("/api/auth/verify-resend", handler.HandleVerifyResendComp())
+	router.Handle("/api/auth/change-password", handler.HandleChangePasswordComp())
 	router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(handler.db, handler.serverSettings))
 	router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(handler.db))
 }
@@ -56,9 +56,8 @@ var (
 
 func (handler HandlerAuthImpl) handleSignInPage() http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		user := utils.GetUserFromSession(handler.db, r)
-
-		if user == nil {
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
 			userComp := service.UserInfoComp(nil)
 			signIn := auth.SignInOrUpComp(true)
 			err := template.Layout(signIn, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
@@ -67,31 +66,40 @@ func (handler HandlerAuthImpl) handleSignInPage() http.HandlerFunc {
 				utils.LogError("Failed to render sign in page", err)
 				http.Error(w, "Internal Server Error", http.StatusInternalServerError)
 			}
+		}
 
-		} else if !user.EmailVerified {
+		if !user.EmailVerified {
 			utils.DoRedirect(w, r, "/auth/verify")
 		} else {
 			utils.DoRedirect(w, r, "/")
 		}
 	}
 }
+
 func (handler HandlerAuthImpl) handleSignIn() http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		user, err := utils.WaitMinimumTime(securityWaitDuration, func() (*service.User, error) {
 			var email = r.FormValue("email")
 			var password = r.FormValue("password")
 
-			user, err := handler.service.SignIn(email, password)
+			session, err := handler.service.SignIn(email, password)
 			if err != nil {
 				return nil, err
 			}
 
-			err = service.TryCreateSessionAndSetCookie(r, w, handler.db, user.Id)
-			if err != nil {
-				return nil, err
+			cookie := http.Cookie{
+				Name:     "id",
+				Value:    session.Id,
+				MaxAge:   60 * 60 * 8, // 8 hours
+				Secure:   true,
+				HttpOnly: true,
+				SameSite: http.SameSiteStrictMode,
+				Path:     "/",
 			}
 
-			return user, nil
+			http.SetCookie(w, &cookie)
+
+			return session.User, nil
 		})
 
 		if err != nil {
@@ -115,9 +123,8 @@ func (handler HandlerAuthImpl) handleSignIn() http.HandlerFunc {
 
 func (handler HandlerAuthImpl) handleSignUpPage() http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		user := utils.GetUserFromSession(handler.db, r)
-
-		if user == nil {
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
 			userComp := service.UserInfoComp(nil)
 			signUpComp := auth.SignInOrUpComp(false)
 			err := template.Layout(signUpComp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
@@ -126,14 +133,16 @@ func (handler HandlerAuthImpl) handleSignUpPage() http.HandlerFunc {
 				utils.LogError("Failed to render sign up page", err)
 				http.Error(w, "Internal Server Error", http.StatusInternalServerError)
 			}
+		}
 
-		} else if !user.EmailVerified {
+		if !user.EmailVerified {
 			utils.DoRedirect(w, r, "/auth/verify")
 		} else {
 			utils.DoRedirect(w, r, "/")
 		}
 	}
 }
+
 func (handler HandlerAuthImpl) handleSignUp() http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		var email = r.FormValue("email")
@@ -163,3 +172,186 @@ func (handler HandlerAuthImpl) handleSignUp() http.HandlerFunc {
 		utils.TriggerToast(w, r, "success", "A link to activate your account has been emailed to the address provided.")
 	}
 }
+
+func (handler HandlerAuthImpl) handleSignOut() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		err := handler.service.SignOut(utils.GetSessionID(r))
+		if err != nil {
+			utils.TriggerToast(w, r, "error", "Internal Server Error")
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		c := http.Cookie{
+			Name:     "id",
+			Value:    "",
+			MaxAge:   -1,
+			Secure:   true,
+			HttpOnly: true,
+			SameSite: http.SameSiteStrictMode,
+			Path:     "/",
+		}
+
+		http.SetCookie(w, &c)
+		utils.DoRedirect(w, r, "/")
+	}
+}
+
+func (handler HandlerAuthImpl) handleSignUpVerifyPage() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+		}
+
+		if user.EmailVerified {
+			utils.DoRedirect(w, r, "/")
+		} else {
+			userComp := service.UserInfoComp(user)
+			signIn := auth.VerifyComp()
+			err := template.Layout(signIn, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
+			if err != nil {
+				utils.LogError("Failed to render verify page", err)
+				http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+			}
+		}
+	}
+}
+
+func (handler HandlerAuthImpl) handleDeleteAccountPage() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// An unverified email should be able to delete their account
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+		}
+
+		userComp := service.UserInfoComp(user)
+		comp := auth.DeleteAccountComp()
+		err = template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
+		if err != nil {
+			utils.LogError("Failed to render delete account page", err)
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+		}
+	}
+}
+
+func (handler HandlerAuthImpl) handleChangePasswordPage() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		isPasswordReset := r.URL.Query().Has("token")
+
+		user, _ := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+
+		if user == nil && !isPasswordReset {
+			utils.DoRedirect(w, r, "/auth/signin")
+		} else {
+			userComp := service.UserInfoComp(user)
+			comp := auth.ChangePasswordComp(isPasswordReset)
+			err := template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
+			if err != nil {
+				utils.LogError("Failed to render change password page", err)
+				http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+			}
+		}
+	}
+}
+
+func (handler HandlerAuthImpl) handleResetPasswordPage() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+		}
+
+		userComp := service.UserInfoComp(user)
+		comp := auth.ResetPasswordComp()
+		err = template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
+		if err != nil {
+			utils.LogError("Failed to render change password page", err)
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+		}
+	}
+}
+
+func (handler HandlerAuthImpl) HandleResetPasswordPage() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		userComp := service.UserInfoComp(user)
+		comp := auth.ResetPasswordComp()
+		err = template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
+		if err != nil {
+			utils.LogError("Failed to render change password page", err)
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+		}
+	}
+}
+
+func (handler HandlerAuthImpl) HandleDeleteAccountComp() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		password := r.FormValue("password")
+
+		_, err = handler.service.SignIn(user.Email, password)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", "Password not correct")
+			return
+		}
+
+		err = handler.service.DeleteAccount(user)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", "Internal Server Error")
+			return
+		}
+
+		utils.DoRedirect(w, r, "/")
+	}
+}
+
+func (handler HandlerAuthImpl) HandleVerifyResendComp() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		go handler.service.SendVerificationMail(user.Id, user.Email)
+
+		w.Write([]byte("<p class=\"mt-8\">Verification email sent</p>"))
+	}
+}
+
+func (handler HandlerAuthImpl) HandleChangePasswordComp() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		currPass := r.FormValue("current-password")
+		newPass := r.FormValue("new-password")
+
+		err = handler.service.ChangePassword(user, currPass, newPass)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", "Password not correct")
+			return
+		}
+
+		utils.TriggerToast(w, r, "success", "Password changed")
+	}
+}

handler/default.go

@@ -13,25 +13,27 @@ import (
 func GetHandler(d *sql.DB, serverSettings *types.ServerSettings) http.Handler {
 	var router = http.NewServeMux()
 
-	router.HandleFunc("/", service.HandleIndexAnd404(d, serverSettings))
+	authDb := db.NewAuthDbSqlite(d)
+	workoutDb := db.NewWorkoutDbSqlite(d)
 
-	randomGenerator := service.NewRandomGeneratorImpl()
-	clock := service.NewClockImpl()
-	dbAuth := db.NewDbAuthSqlite(d)
+	randomService := service.NewRandomServiceImpl()
+	clockService := service.NewClockServiceImpl()
 	mailService := service.NewMailServiceImpl(serverSettings)
-	serviceAuth := service.NewServiceAuthImpl(dbAuth, randomGenerator, clock, mailService, serverSettings)
-	handlerAuth := NewHandlerAuth(d, serviceAuth, serverSettings)
+	authService := service.NewAuthServiceImpl(authDb, randomService, clockService, mailService, serverSettings)
+	workoutService := service.NewWorkoutServiceImpl(workoutDb, randomService, clockService, mailService, serverSettings)
+
+	indexHandler := NewIndexHandler(d, authService, serverSettings)
+	authHandler := NewHandlerAuth(d, authService, serverSettings)
+	workoutHandler := NewWorkoutHandler(d, workoutService, authService, serverSettings)
+
+	indexHandler.handle(router)
 
 	// Serve static files (CSS, JS and images)
 	router.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("./static/"))))
 
-	handleWorkout(d, router, serverSettings)
+	workoutHandler.handle(router)
 
-	handlerAuth.handle(router)
+	authHandler.handle(router)
 
 	return middleware.Logging(middleware.EnableCors(serverSettings, router))
 }
-
-func authMiddleware(db *sql.DB, h http.Handler) http.Handler {
-	return middleware.EnsureValidSession(db, h)
-}

handler/index_and_404.go

@@ -0,0 +1,57 @@
+package handler
+
+import (
+	"me-fit/service"
+	"me-fit/template"
+	"me-fit/types"
+	"me-fit/utils"
+
+	"database/sql"
+	"net/http"
+
+	"github.com/a-h/templ"
+)
+
+type IndexHandler interface {
+	handle(router *http.ServeMux)
+}
+
+type IndexHandlerImpl struct {
+	db             *sql.DB
+	service        service.AuthService
+	serverSettings *types.ServerSettings
+}
+
+func NewIndexHandler(db *sql.DB, service service.AuthService, serverSettings *types.ServerSettings) IndexHandler {
+	return IndexHandlerImpl{
+		db:             db,
+		service:        service,
+		serverSettings: serverSettings,
+	}
+}
+
+func (handler IndexHandlerImpl) handle(router *http.ServeMux) {
+	router.Handle("/", handler.handleIndexAnd404())
+}
+
+func (handler IndexHandlerImpl) handleIndexAnd404() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
+
+		var comp templ.Component = nil
+		userComp := service.UserInfoComp(user)
+
+		if r.URL.Path != "/" {
+			comp = template.Layout(template.NotFound(), userComp, handler.serverSettings.Environment)
+			w.WriteHeader(http.StatusNotFound)
+		} else {
+			comp = template.Layout(template.Index(), userComp, handler.serverSettings.Environment)
+		}
+
+		err = comp.Render(r.Context(), w)
+		if err != nil {
+			utils.LogError("Failed to render index", err)
+			http.Error(w, "Failed to render index", http.StatusInternalServerError)
+		}
+	}
+}

handler/workout.go

@@ -2,15 +2,147 @@ package handler
 
 import (
 	"me-fit/service"
+	"me-fit/template"
+	"me-fit/template/workout"
 	"me-fit/types"
+	"me-fit/utils"
 
 	"database/sql"
+	"log/slog"
 	"net/http"
+	"strconv"
+	"time"
 )
 
-func handleWorkout(db *sql.DB, router *http.ServeMux, serverSettings *types.ServerSettings) {
-	router.Handle("/workout", authMiddleware(db, service.HandleWorkoutPage(db, serverSettings)))
-	router.Handle("POST /api/workout", authMiddleware(db, service.HandleWorkoutNewComp(db)))
-	router.Handle("GET /api/workout", authMiddleware(db, service.HandleWorkoutGetComp(db)))
-	router.Handle("DELETE /api/workout/{id}", authMiddleware(db, service.HandleWorkoutDeleteComp(db)))
+type WorkoutHandler interface {
+	handle(router *http.ServeMux)
+}
+
+type WorkoutHandlerImpl struct {
+	db             *sql.DB
+	service        service.WorkoutService
+	auth           service.AuthService
+	serverSettings *types.ServerSettings
+}
+
+func NewWorkoutHandler(db *sql.DB, service service.WorkoutService, auth service.AuthService, serverSettings *types.ServerSettings) HandlerAuth {
+	return WorkoutHandlerImpl{
+		db:             db,
+		service:        service,
+		auth:           auth,
+		serverSettings: serverSettings,
+	}
+}
+
+func (handler WorkoutHandlerImpl) handle(router *http.ServeMux) {
+	router.Handle("/workout", handler.handleWorkoutPage())
+	router.Handle("POST /api/workout", handler.handleAddWorkout())
+	router.Handle("GET /api/workout", handler.handleGetWorkout())
+	router.Handle("DELETE /api/workout/{id}", handler.handleDeleteWorkout())
+}
+
+func (handler WorkoutHandlerImpl) handleWorkoutPage() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.auth.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		currentDate := time.Now().Format("2006-01-02")
+		inner := workout.WorkoutComp(currentDate)
+		userComp := service.UserInfoComp(user)
+		err = template.Layout(inner, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
+		if err != nil {
+			utils.LogError("Failed to render workout page", err)
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+		}
+	}
+}
+
+func (handler WorkoutHandlerImpl) handleAddWorkout() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.auth.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		var dateStr = r.FormValue("date")
+		var typeStr = r.FormValue("type")
+		var setsStr = r.FormValue("sets")
+		var repsStr = r.FormValue("reps")
+
+		wo := service.NewWorkoutDto("", dateStr, typeStr, setsStr, repsStr)
+		wo, err = handler.service.AddWorkout(user, wo)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", "Invalid input values")
+			http.Error(w, "Invalid input values", http.StatusBadRequest)
+			return
+		}
+		wor := workout.Workout{Id: wo.RowId, Date: wo.Date, Type: wo.Type, Sets: wo.Sets, Reps: wo.Reps}
+
+		err = workout.WorkoutItemComp(wor, true).Render(r.Context(), w)
+		if err != nil {
+			utils.LogError("Could not render workoutitem", err)
+			utils.TriggerToast(w, r, "error", "Internal Server Error")
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+		}
+	}
+}
+
+func (handler WorkoutHandlerImpl) handleGetWorkout() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.auth.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		workouts, err := handler.service.GetWorkouts(user)
+		if err != nil {
+			return
+		}
+
+		wos := make([]workout.Workout, 0)
+		for _, wo := range workouts {
+			wos = append(wos, workout.Workout{Id: wo.RowId, Date: wo.Date, Type: wo.Type, Sets: wo.Sets, Reps: wo.Reps})
+		}
+
+		workout.WorkoutListComp(wos).Render(r.Context(), w)
+	}
+}
+
+func (handler WorkoutHandlerImpl) handleDeleteWorkout() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user, err := handler.auth.GetUserFromSessionId(utils.GetSessionID(r))
+		if err != nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		rowId := r.PathValue("id")
+		if rowId == "" {
+			http.Error(w, "Missing required fields", http.StatusBadRequest)
+			slog.Warn("Missing required fields for workout delete")
+			utils.TriggerToast(w, r, "error", "Missing ID field")
+			return
+		}
+
+		rowIdInt, err := strconv.Atoi(rowId)
+		if err != nil {
+			http.Error(w, "Invalid ID", http.StatusBadRequest)
+			slog.Warn("Invalid ID for workout delete")
+			utils.TriggerToast(w, r, "error", "Invalid ID")
+			return
+		}
+
+		err = handler.service.DeleteWorkout(user, rowIdInt)
+		if err != nil {
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+			slog.Error("Could not delete workout: " + err.Error())
+			utils.TriggerToast(w, r, "error", "Internal Server Error")
+			return
+		}
+	}
 }