feat: Added chapter 8

chirp.go

@@ -167,3 +167,52 @@ func (cfg *apiConfig) getChirp(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(200)
 	w.Write(dat)
 }
+
+func (cfg *apiConfig) deleteChirp(w http.ResponseWriter, r *http.Request) {
+	token, err := auth.GetBearerToken(r.Header)
+	if err != nil {
+		log.Printf("Error extracting token: %s", err)
+		w.WriteHeader(401)
+		return
+	}
+	userId, err := auth.ValidateJWT(token, cfg.JWT)
+	if err != nil {
+		log.Printf("Invalid JWT: %s", err)
+		w.WriteHeader(401)
+		return
+	}
+	idFromQuery := r.PathValue("chirpID")
+
+	id, err := uuid.Parse(idFromQuery)
+	if err != nil {
+		log.Printf("Not a valid ID: %s", err)
+		w.WriteHeader(500)
+		return
+	}
+	chirp, err := cfg.DB.GetChirp(r.Context(), id)
+	if err != nil {
+		if errors.Is(err, sql.ErrNoRows) {
+			w.WriteHeader(http.StatusNotFound)
+			return
+		}
+		log.Printf("Error getting chirp: %s", err)
+		w.WriteHeader(500)
+		return
+	}
+	if chirp.UserID != userId {
+		log.Printf("User %s not allowed to delete chirp owned by %s", userId, chirp.UserID)
+		w.WriteHeader(403)
+		return
+	}
+
+	err = cfg.DB.DeleteChirp(r.Context(), database.DeleteChirpParams{
+		ID:     id,
+		UserID: userId,
+	})
+	if err != nil {
+		log.Printf("Error deleting chirp: %v", err)
+		w.WriteHeader(404)
+		return
+	}
+	w.WriteHeader(204)
+}

internal/auth/auth.go

@@ -81,3 +81,15 @@ func MakeRefreshToken() (string, error) {
 	hexData := hex.EncodeToString(buffer)
 	return hexData, nil
 }
+
+func GetAPIKey(headers http.Header) (string, error) {
+	authHeader := headers.Get("Authorization")
+	if authHeader == "" {
+		return "", errors.New("authorization header is not set")
+	}
+	if !strings.HasPrefix(authHeader, "ApiKey ") {
+		return "", errors.New("incorrect authorization type, must be of type ApiKey")
+	}
+	apiKey := strings.TrimPrefix(authHeader, "ApiKey ")
+	return strings.TrimSpace(apiKey), nil
+}

internal/database/chirps.sql.go

@@ -41,6 +41,22 @@ func (q *Queries) CreateChirp(ctx context.Context, arg CreateChirpParams) (Chirp
 	return i, err
 }
 
+const deleteChirp = `-- name: DeleteChirp :exec
+DELETE FROM chirps
+WHERE id = $1
+AND user_id = $2
+`
+
+type DeleteChirpParams struct {
+	ID     uuid.UUID
+	UserID uuid.UUID
+}
+
+func (q *Queries) DeleteChirp(ctx context.Context, arg DeleteChirpParams) error {
+	_, err := q.db.ExecContext(ctx, deleteChirp, arg.ID, arg.UserID)
+	return err
+}
+
 const getChirp = `-- name: GetChirp :one
 SELECT id, created_at, updated_at, body, user_id FROM chirps
 WHERE chirps.id = $1

internal/database/models.go

@@ -34,4 +34,5 @@ type User struct {
 	UpdatedAt      time.Time
 	Email          string
 	HashedPassword string
+	IsChirpyRed    bool
 }

internal/database/update_users.sql.go

@@ -0,0 +1,49 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.27.0
+// source: update_users.sql
+
+package database
+
+import (
+	"context"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+const updateUserCredentials = `-- name: UpdateUserCredentials :one
+UPDATE users
+SET email = $2,
+hashed_password = $3,
+updated_at = NOW()
+WHERE users.id = $1
+RETURNING id, created_at, updated_at, email, is_chirpy_red
+`
+
+type UpdateUserCredentialsParams struct {
+	ID             uuid.UUID
+	Email          string
+	HashedPassword string
+}
+
+type UpdateUserCredentialsRow struct {
+	ID          uuid.UUID
+	CreatedAt   time.Time
+	UpdatedAt   time.Time
+	Email       string
+	IsChirpyRed bool
+}
+
+func (q *Queries) UpdateUserCredentials(ctx context.Context, arg UpdateUserCredentialsParams) (UpdateUserCredentialsRow, error) {
+	row := q.db.QueryRowContext(ctx, updateUserCredentials, arg.ID, arg.Email, arg.HashedPassword)
+	var i UpdateUserCredentialsRow
+	err := row.Scan(
+		&i.ID,
+		&i.CreatedAt,
+		&i.UpdatedAt,
+		&i.Email,
+		&i.IsChirpyRed,
+	)
+	return i, err
+}

internal/database/users.sql.go

@@ -7,6 +7,8 @@ package database
 
 import (
 	"context"
+
+	"github.com/google/uuid"
 )
 
 const createUser = `-- name: CreateUser :one
@@ -18,7 +20,7 @@ VALUES (
     $1,
     $2
 )
-RETURNING id, created_at, updated_at, email, hashed_password
+RETURNING id, created_at, updated_at, email, hashed_password, is_chirpy_red
 `
 
 type CreateUserParams struct {
@@ -35,13 +37,14 @@ func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (User, e
 		&i.UpdatedAt,
 		&i.Email,
 		&i.HashedPassword,
+		&i.IsChirpyRed,
 	)
 	return i, err
 }
 
 const deleteUser = `-- name: DeleteUser :one
 DELETE FROM users
-RETURNING id, created_at, updated_at, email, hashed_password
+RETURNING id, created_at, updated_at, email, hashed_password, is_chirpy_red
 `
 
 func (q *Queries) DeleteUser(ctx context.Context) (User, error) {
@@ -53,12 +56,13 @@ func (q *Queries) DeleteUser(ctx context.Context) (User, error) {
 		&i.UpdatedAt,
 		&i.Email,
 		&i.HashedPassword,
+		&i.IsChirpyRed,
 	)
 	return i, err
 }
 
 const getUserByEmail = `-- name: GetUserByEmail :one
-SELECT id, created_at, updated_at, email, hashed_password FROM users
+SELECT id, created_at, updated_at, email, hashed_password, is_chirpy_red FROM users
 WHERE users.email = $1
 `
 
@@ -71,6 +75,18 @@ func (q *Queries) GetUserByEmail(ctx context.Context, email string) (User, error
 		&i.UpdatedAt,
 		&i.Email,
 		&i.HashedPassword,
+		&i.IsChirpyRed,
 	)
 	return i, err
 }
+
+const upgradeUser = `-- name: UpgradeUser :exec
+UPDATE users
+SET is_chirpy_red = true
+WHERE id = $1
+`
+
+func (q *Queries) UpgradeUser(ctx context.Context, id uuid.UUID) error {
+	_, err := q.db.ExecContext(ctx, upgradeUser, id)
+	return err
+}

login.go

@@ -70,6 +70,7 @@ func (cfg *apiConfig) Login(w http.ResponseWriter, r *http.Request) {
 		Email        string    `json:"email"`
 		AccessToken  string    `json:"token"`
 		RefreshToken string    `json:"refresh_token"`
+		ChirpyRed    bool      `json:"is_chirpy_red"`
 	}
 
 	data, err := json.Marshal(loginResponse{
@@ -79,6 +80,7 @@ func (cfg *apiConfig) Login(w http.ResponseWriter, r *http.Request) {
 		Email:        loggedUser.Email,
 		AccessToken:  newJwt,
 		RefreshToken: newRefreshToken,
+		ChirpyRed:    loggedUser.IsChirpyRed,
 	})
 	if err != nil {
 		log.Printf("Error marshalling JSON: %s", err)

main.go

@@ -17,6 +17,7 @@ type apiConfig struct {
 	DB             *database.Queries
 	Platform       string
 	JWT            string
+	PolkaKey       string
 }
 
 func main() {
@@ -33,6 +34,10 @@ func main() {
 	if jwtSecret == "" {
 		log.Fatalf("Empty JWT_SECRET env var!")
 	}
+	polkaKey := os.Getenv("POLKA_KEY")
+	if polkaKey == "" {
+		log.Fatalf("Empty POLKA_KEY env var!")
+	}
 	db, err := sql.Open("postgres", dbURL)
 	if err != nil {
 		log.Fatalf("Unable to connect to db: %s", err)
@@ -42,6 +47,7 @@ func main() {
 		DB:             database.New(db),
 		Platform:       platform,
 		JWT:            jwtSecret,
+		PolkaKey:       polkaKey,
 	}
 	mux := http.NewServeMux()
 	fsHandler := apiCfg.middlewareMetricsInc(http.StripPrefix("/app", http.FileServer(http.Dir("."))))
@@ -56,10 +62,13 @@ func main() {
 	mux.HandleFunc("GET /api/chirps", apiCfg.getChirps)
 	mux.HandleFunc("POST /api/chirps", apiCfg.chirpsCreate)
 	mux.HandleFunc("POST /api/users", apiCfg.createUsers)
+	mux.HandleFunc("PUT /api/users", apiCfg.updateUsers)
 	mux.HandleFunc("GET /api/chirps/{chirpID}", apiCfg.getChirp)
+	mux.HandleFunc("DELETE /api/chirps/{chirpID}", apiCfg.deleteChirp)
 	mux.HandleFunc("POST /api/login", apiCfg.Login)
 	mux.HandleFunc("POST /api/refresh", apiCfg.RefreshToken)
 	mux.HandleFunc("POST /api/revoke", apiCfg.RevokeToken)
+	mux.HandleFunc("POST /api/polka/webhooks", apiCfg.subscribeUser)
 
 	server := &http.Server{
 		Addr:    ":8080",

sql/queries/chirps.sql

@@ -15,4 +15,9 @@ ORDER BY created_at ASC;
 
 -- name: GetChirp :one
 SELECT * FROM chirps
-WHERE chirps.id = $1;
+WHERE chirps.id = $1;
+
+-- name: DeleteChirp :exec
+DELETE FROM chirps
+WHERE id = $1
+AND user_id = $2;

sql/queries/update_users.sql

@@ -0,0 +1,7 @@
+-- name: UpdateUserCredentials :one
+UPDATE users
+SET email = $2,
+hashed_password = $3,
+updated_at = NOW()
+WHERE users.id = $1
+RETURNING id, created_at, updated_at, email, is_chirpy_red;

sql/queries/users.sql

@@ -15,4 +15,9 @@ RETURNING *;
 
 -- name: GetUserByEmail :one
 SELECT * FROM users
-WHERE users.email = $1;
+WHERE users.email = $1;
+
+-- name: UpgradeUser :exec
+UPDATE users
+SET is_chirpy_red = true
+WHERE id = $1;

sql/schema/005_users_membership.sql

@@ -0,0 +1,7 @@
+-- +goose Up
+ALTER TABLE users
+ADD COLUMN is_chirpy_red BOOLEAN DEFAULT false NOT NULL;
+
+-- +goose Down
+ALTER TABLE users
+DROP COLUMN is_chirpy_red;

users.go

@@ -17,6 +17,7 @@ type User struct {
 	UpdatedAt      time.Time `json:"updated_at"`
 	Email          string    `json:"email"`
 	HashedPassword string    `json:"-"`
+	ChirpyRed      bool      `json:"is_chirpy_red"`
 }
 
 func (cfg *apiConfig) createUsers(w http.ResponseWriter, r *http.Request) {
@@ -54,6 +55,7 @@ func (cfg *apiConfig) createUsers(w http.ResponseWriter, r *http.Request) {
 		CreatedAt: newDBUser.CreatedAt,
 		UpdatedAt: newDBUser.UpdatedAt,
 		Email:     newDBUser.Email,
+		ChirpyRed: newDBUser.IsChirpyRed,
 	}
 	dat, err := json.Marshal(newUser)
 	if err != nil {
@@ -65,3 +67,107 @@ func (cfg *apiConfig) createUsers(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(201)
 	w.Write(dat)
 }
+
+func (cfg *apiConfig) updateUsers(w http.ResponseWriter, r *http.Request) {
+	token, err := auth.GetBearerToken(r.Header)
+	if err != nil {
+		log.Printf("Error extracting token: %s", err)
+		w.WriteHeader(401)
+		return
+	}
+	userId, err := auth.ValidateJWT(token, cfg.JWT)
+	if err != nil {
+		log.Printf("Invalid JWT: %s", err)
+		w.WriteHeader(401)
+		return
+	}
+
+	type parameters struct {
+		Email    string `json:"email"`
+		Password string `json:"password"`
+	}
+
+	decoder := json.NewDecoder(r.Body)
+	params := parameters{}
+	err = decoder.Decode(&params)
+	if err != nil {
+		log.Printf("Error decoding parameters: %s", err)
+		w.WriteHeader(500)
+		return
+	}
+	defer r.Body.Close()
+
+	hashedPassword, err := auth.HashPassword(params.Password)
+	if err != nil {
+		log.Printf("Error hashing password: %s", err)
+		w.WriteHeader(500)
+		return
+	}
+	credentialsQueryParams := database.UpdateUserCredentialsParams{
+		ID:             userId,
+		Email:          params.Email,
+		HashedPassword: hashedPassword,
+	}
+	updatedCredentials, err := cfg.DB.UpdateUserCredentials(r.Context(), credentialsQueryParams)
+	if err != nil {
+		log.Printf("Error updating user credentials: %v", err)
+		w.WriteHeader(500)
+		return
+	}
+	data, err := json.Marshal(User{
+		ID:        userId,
+		CreatedAt: updatedCredentials.CreatedAt,
+		UpdatedAt: updatedCredentials.UpdatedAt,
+		Email:     updatedCredentials.Email,
+		ChirpyRed: updatedCredentials.IsChirpyRed,
+	})
+	if err != nil {
+		log.Printf("Error marshalling JSON: %s", err)
+		w.WriteHeader(500)
+		return
+	}
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(200)
+	w.Write(data)
+}
+
+func (cfg *apiConfig) subscribeUser(w http.ResponseWriter, r *http.Request) {
+	_, err := auth.GetAPIKey(r.Header)
+	if err != nil {
+		log.Printf("Error extracting apiKey: %s", err)
+		w.WriteHeader(401)
+		return
+	}
+	type parameters struct {
+		Event string            `json:"event"`
+		Data  map[string]string `json:"data"`
+	}
+	decoder := json.NewDecoder(r.Body)
+	params := parameters{}
+	err = decoder.Decode(&params)
+	if err != nil {
+		log.Printf("Error decoding parameters: %s", err)
+		w.WriteHeader(400)
+		return
+	}
+	defer r.Body.Close()
+
+	if params.Event != "user.upgraded" {
+		w.WriteHeader(204)
+		return
+	}
+	paramsUserIdString := params.Data["user_id"]
+	paramsUserId, err := uuid.Parse(paramsUserIdString)
+	if err != nil {
+		log.Printf("Specified user_id is not a valid UUID: %v", err)
+		w.WriteHeader(400)
+		return
+	}
+	err = cfg.DB.UpgradeUser(r.Context(), paramsUserId)
+	if err != nil {
+		log.Printf("No user matches user_id given: %v", err)
+		w.WriteHeader(404)
+		return
+	}
+	w.WriteHeader(204)
+}