tbs

2024-09-17 22:47:54 +02:00
parent 6f22e066ab
commit f184e261ee
5 changed files with 93 additions and 10 deletions
--- a/handler/auth.go
+++ b/handler/auth.go
@@ -1,14 +1,17 @@
 package handler
 import (
 	"log/slog"
 	"me-fit/service"
 	"database/sql"
 	"net/http"
 )
-func handleAuth(db *sql.DB, router *http.ServeMux) {
+func authUi(db *sql.DB) http.Handler {
-	// Don't use auth middleware for these routes, as it makes redirecting very difficult, if the mail is not yet verified
+
 	router := http.NewServeMux()
 	router.Handle("/auth/signin", service.HandleSignInPage(db))
 	router.Handle("/auth/signup", service.HandleSignUpPage(db))
 	router.Handle("/auth/verify", service.HandleSignUpVerifyPage(db)) // Hint for the user to verify their email
@@ -16,6 +19,19 @@ func handleAuth(db *sql.DB, router *http.ServeMux) {
 	router.Handle("/auth/verify-email", service.HandleSignUpVerifyResponsePage(db)) // The link contained in the email
 	router.Handle("/auth/change-password", service.HandleChangePasswordPage(db))
 	router.Handle("/auth/reset-password", service.HandleResetPasswordPage(db))
 	router.Handle("/", service.HandleIndexAnd404(db))
 	// return router
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		slog.Warn(r.URL.Path)
 		router.ServeHTTP(w, r)
 	})
 }
 func authApi(db *sql.DB) http.Handler {
 	router := http.NewServeMux()
 	router.Handle("/api/auth/signup", service.HandleSignUpComp(db))
 	router.Handle("/api/auth/signin", service.HandleSignInComp(db))
 	router.Handle("/api/auth/signout", service.HandleSignOutComp(db))
@@ -24,4 +40,6 @@ func handleAuth(db *sql.DB, router *http.ServeMux) {
 	router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(db))
 	router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(db))
 	router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(db))
 	return router
 }
--- a/handler/default.go
+++ b/handler/default.go
@@ -16,11 +16,16 @@ func GetHandler(db *sql.DB) http.Handler {
 	// Serve static files (CSS, JS and images)
 	router.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("./static/"))))
-	handleWorkout(db, router)
+	router.Handle("/auth/", authUi(db))
 	router.Handle("/api/auth/", authApi(db))
-	handleAuth(db, router)
+	router.Handle("/workout", auth(db, workoutUi(db)))
 	router.Handle("/api/workout", auth(db, workoutApi(db)))
 	router.Handle("/api/workout/", auth(db, workoutApi(db)))
-	return middleware.Logging(middleware.EnableCors(router))
+	return middleware.Logging(
 		middleware.EnableCors(
 			router))
 }
 func auth(db *sql.DB, h http.Handler) http.Handler {
--- a/handler/workout.go
+++ b/handler/workout.go
@@ -1,15 +1,34 @@
 package handler
 import (
 	"log/slog"
 	"me-fit/service"
 	"database/sql"
 	"net/http"
 )
-func handleWorkout(db *sql.DB, router *http.ServeMux) {
+func workoutUi(db *sql.DB) http.Handler {
-	router.Handle("/workout", auth(db, service.HandleWorkoutPage(db)))
+
-	router.Handle("POST /api/workout", auth(db, service.HandleWorkoutNewComp(db)))
+	router := http.NewServeMux()
-	router.Handle("GET /api/workout", auth(db, service.HandleWorkoutGetComp(db)))
+
-	router.Handle("DELETE /api/workout/{id}", auth(db, service.HandleWorkoutDeleteComp(db)))
+	router.Handle("/workout", service.HandleWorkoutPage(db))
 	router.Handle("/", service.HandleIndexAnd404(db))
 	return router
 }
 func workoutApi(db *sql.DB) http.Handler {
 	router := http.NewServeMux()
 	// root = "/api/workout/"
 	router.Handle("POST /api/workout", service.HandleWorkoutNewComp(db))
 	router.Handle("GET /api/workout", service.HandleWorkoutGetComp(db))
 	router.Handle("DELETE /api/workout/{id}", service.HandleWorkoutDeleteComp(db))
 	// return router
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		slog.Warn(r.URL.Path)
 		router.ServeHTTP(w, r)
 	})
 }
--- a/service/auth.go
+++ b/service/auth.go
@@ -585,6 +585,7 @@ func HandleResetPasswordComp(db *sql.DB) http.HandlerFunc {
 		utils.TriggerToast(w, r, "info", "If the email exists, an email has been sent")
 	}
 }
 func sendVerificationEmail(db *sql.DB, userId string, email string) {
 	var token string
--- a/service/auth_test.go
+++ b/service/auth_test.go
@@ -0,0 +1,40 @@
 package service
 import (
 	"testing"
 )
 func TestValidPasswords(t *testing.T) {
 	passwords := []string{
 		"aB!'2d2y", //normal
 		"v-#:j`fQurudEEUk#xA)uzI-B+'eZW3`F*5Eaf+{YID#PWuD.TbyH'f<MC)Ck$!]K[K6~dIN&R'mRaKO,qpDpP'*A!/}73=ilK_COqM/Q%!(hyS8V75e2@J2k223T`tv", // 128 characters
 		`aB!"'2d2y`, // include " in password
 	}
 	for _, password := range passwords {
 		err := checkPassword(password)
 		if err != nil {
 			t.Errorf("Expected nil, got error")
 		}
 	}
 }
 func TestInvalidPasswords(t *testing.T) {
 	passwords := []string{
 		"aB!'2d2",   // too short
 		"",          // empty
 		"ab123SSa",  // no special character
 		"passwor1!", // no uppercase
 		"PASSWOR1!", // no lowercase
 		"Password!", // no number
 		"Password1", // no special character
 	}
 	for _, password := range passwords {
 		err := checkPassword(password)
 		if err == nil {
 			t.Errorf("Expected error, got nil")
 		}
 	}
 }