#73 change authorization
This commit is contained in:
@@ -1,8 +1,8 @@
|
||||
package service
|
||||
|
||||
import (
|
||||
"me-fit/templates"
|
||||
"me-fit/utils"
|
||||
"me-fit/template"
|
||||
"me-fit/template/workout"
|
||||
|
||||
"database/sql"
|
||||
"net/http"
|
||||
@@ -23,16 +23,26 @@ var (
|
||||
)
|
||||
)
|
||||
|
||||
func App(w http.ResponseWriter, r *http.Request) {
|
||||
comp := templates.App()
|
||||
layout := templates.Layout(comp)
|
||||
layout.Render(r.Context(), w)
|
||||
func HandleWorkoutPage(db *sql.DB) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
currentDate := time.Now().Format("2006-01-02")
|
||||
inner := workout.WorkoutComp(currentDate)
|
||||
user_comp := UserInfoComp(verifySessionAndReturnUser(db, r))
|
||||
layout := template.Layout(inner, user_comp)
|
||||
layout.Render(r.Context(), w)
|
||||
}
|
||||
}
|
||||
|
||||
func NewWorkout(db *sql.DB) http.HandlerFunc {
|
||||
func HandleNewWorkout(db *sql.DB) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
metrics.WithLabelValues("new").Inc()
|
||||
|
||||
user := verifySessionAndReturnUser(db, r)
|
||||
if user == nil {
|
||||
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
var dateStr = r.FormValue("date")
|
||||
var typeStr = r.FormValue("type")
|
||||
var setsStr = r.FormValue("sets")
|
||||
@@ -61,78 +71,84 @@ func NewWorkout(db *sql.DB) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
//TODO: Ensure auth
|
||||
// token := r.Context().Value(middleware.TOKEN_KEY).(*auth.Token)
|
||||
|
||||
_, err = db.Exec("INSERT INTO workout (user_id, date, type, sets, reps) VALUES (?, ?, ?, ?, ?)", "", date, typeStr, sets, reps)
|
||||
_, err = db.Exec("INSERT INTO workout (user_id, date, type, sets, reps) VALUES (?, ?, ?, ?, ?)", user.user_uuid, date, typeStr, sets, reps)
|
||||
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
wo := workout.Workout{
|
||||
Date: r.FormValue("date"),
|
||||
Type: r.FormValue("type"),
|
||||
Sets: r.FormValue("sets"),
|
||||
Reps: r.FormValue("reps"),
|
||||
}
|
||||
|
||||
workout.WorkoutItemComp(wo, true).Render(r.Context(), w)
|
||||
}
|
||||
}
|
||||
|
||||
func GetWorkouts(db *sql.DB) http.HandlerFunc {
|
||||
func HandleGetWorkouts(db *sql.DB) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
metrics.WithLabelValues("get").Inc()
|
||||
|
||||
// token := r.Context().Value(middleware.TOKEN_KEY).(*auth.Token)
|
||||
// var userId = token.UID
|
||||
var userId = ""
|
||||
user := verifySessionAndReturnUser(db, r)
|
||||
if user == nil {
|
||||
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
rows, err := db.Query("SELECT rowid, date, type, sets, reps FROM workout WHERE user_id = ?", userId)
|
||||
rows, err := db.Query("SELECT rowid, date, type, sets, reps FROM workout WHERE user_id = ?", user.user_uuid)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
var workouts = make([]map[string]interface{}, 0)
|
||||
var workouts = make([]workout.Workout, 0)
|
||||
for rows.Next() {
|
||||
var id int
|
||||
var date string
|
||||
var workoutType string
|
||||
var sets int
|
||||
var reps int
|
||||
var workout workout.Workout
|
||||
|
||||
err = rows.Scan(&id, &date, &workoutType, &sets, &reps)
|
||||
err = rows.Scan(&workout.Id, &workout.Date, &workout.Type, &workout.Sets, &workout.Reps)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
workout := map[string]interface{}{
|
||||
"id": id,
|
||||
"date": date,
|
||||
"type": workoutType,
|
||||
"sets": sets,
|
||||
"reps": reps,
|
||||
}
|
||||
workouts = append(workouts, workout)
|
||||
}
|
||||
|
||||
utils.WriteJSON(w, workouts)
|
||||
workout.WorkoutListComp(workouts).Render(r.Context(), w)
|
||||
}
|
||||
}
|
||||
|
||||
func DeleteWorkout(db *sql.DB) http.HandlerFunc {
|
||||
func HandleDeleteWorkout(db *sql.DB) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
metrics.WithLabelValues("delete").Inc()
|
||||
|
||||
// token := r.Context().Value(middleware.TOKEN_KEY).(*auth.Token)
|
||||
// var userId = token.UID
|
||||
var userId = ""
|
||||
user := verifySessionAndReturnUser(db, r)
|
||||
|
||||
rowId := r.FormValue("id")
|
||||
rowId := r.PathValue("id")
|
||||
if rowId == "" {
|
||||
http.Error(w, "Missing required fields", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
_, err := db.Exec("DELETE FROM workout WHERE user_id = ? AND rowid = ?", userId, rowId)
|
||||
res, err := db.Exec("DELETE FROM workout WHERE user_id = ? AND rowid = ?", user.user_uuid, rowId)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
rows, err := res.RowsAffected()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
if rows == 0 {
|
||||
http.Error(w, "Not found", http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user