feat: Added chapter 8
This commit is contained in:
parent
61beecd4a0
commit
8b7fdf59b5
49
chirp.go
49
chirp.go
|
@ -167,3 +167,52 @@ func (cfg *apiConfig) getChirp(w http.ResponseWriter, r *http.Request) {
|
|||
w.WriteHeader(200)
|
||||
w.Write(dat)
|
||||
}
|
||||
|
||||
func (cfg *apiConfig) deleteChirp(w http.ResponseWriter, r *http.Request) {
|
||||
token, err := auth.GetBearerToken(r.Header)
|
||||
if err != nil {
|
||||
log.Printf("Error extracting token: %s", err)
|
||||
w.WriteHeader(401)
|
||||
return
|
||||
}
|
||||
userId, err := auth.ValidateJWT(token, cfg.JWT)
|
||||
if err != nil {
|
||||
log.Printf("Invalid JWT: %s", err)
|
||||
w.WriteHeader(401)
|
||||
return
|
||||
}
|
||||
idFromQuery := r.PathValue("chirpID")
|
||||
|
||||
id, err := uuid.Parse(idFromQuery)
|
||||
if err != nil {
|
||||
log.Printf("Not a valid ID: %s", err)
|
||||
w.WriteHeader(500)
|
||||
return
|
||||
}
|
||||
chirp, err := cfg.DB.GetChirp(r.Context(), id)
|
||||
if err != nil {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
w.WriteHeader(http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
log.Printf("Error getting chirp: %s", err)
|
||||
w.WriteHeader(500)
|
||||
return
|
||||
}
|
||||
if chirp.UserID != userId {
|
||||
log.Printf("User %s not allowed to delete chirp owned by %s", userId, chirp.UserID)
|
||||
w.WriteHeader(403)
|
||||
return
|
||||
}
|
||||
|
||||
err = cfg.DB.DeleteChirp(r.Context(), database.DeleteChirpParams{
|
||||
ID: id,
|
||||
UserID: userId,
|
||||
})
|
||||
if err != nil {
|
||||
log.Printf("Error deleting chirp: %v", err)
|
||||
w.WriteHeader(404)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(204)
|
||||
}
|
||||
|
|
|
@ -81,3 +81,15 @@ func MakeRefreshToken() (string, error) {
|
|||
hexData := hex.EncodeToString(buffer)
|
||||
return hexData, nil
|
||||
}
|
||||
|
||||
func GetAPIKey(headers http.Header) (string, error) {
|
||||
authHeader := headers.Get("Authorization")
|
||||
if authHeader == "" {
|
||||
return "", errors.New("authorization header is not set")
|
||||
}
|
||||
if !strings.HasPrefix(authHeader, "ApiKey ") {
|
||||
return "", errors.New("incorrect authorization type, must be of type ApiKey")
|
||||
}
|
||||
apiKey := strings.TrimPrefix(authHeader, "ApiKey ")
|
||||
return strings.TrimSpace(apiKey), nil
|
||||
}
|
||||
|
|
|
@ -41,6 +41,22 @@ func (q *Queries) CreateChirp(ctx context.Context, arg CreateChirpParams) (Chirp
|
|||
return i, err
|
||||
}
|
||||
|
||||
const deleteChirp = `-- name: DeleteChirp :exec
|
||||
DELETE FROM chirps
|
||||
WHERE id = $1
|
||||
AND user_id = $2
|
||||
`
|
||||
|
||||
type DeleteChirpParams struct {
|
||||
ID uuid.UUID
|
||||
UserID uuid.UUID
|
||||
}
|
||||
|
||||
func (q *Queries) DeleteChirp(ctx context.Context, arg DeleteChirpParams) error {
|
||||
_, err := q.db.ExecContext(ctx, deleteChirp, arg.ID, arg.UserID)
|
||||
return err
|
||||
}
|
||||
|
||||
const getChirp = `-- name: GetChirp :one
|
||||
SELECT id, created_at, updated_at, body, user_id FROM chirps
|
||||
WHERE chirps.id = $1
|
||||
|
|
|
@ -34,4 +34,5 @@ type User struct {
|
|||
UpdatedAt time.Time
|
||||
Email string
|
||||
HashedPassword string
|
||||
IsChirpyRed bool
|
||||
}
|
||||
|
|
49
internal/database/update_users.sql.go
Normal file
49
internal/database/update_users.sql.go
Normal file
|
@ -0,0 +1,49 @@
|
|||
// Code generated by sqlc. DO NOT EDIT.
|
||||
// versions:
|
||||
// sqlc v1.27.0
|
||||
// source: update_users.sql
|
||||
|
||||
package database
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
const updateUserCredentials = `-- name: UpdateUserCredentials :one
|
||||
UPDATE users
|
||||
SET email = $2,
|
||||
hashed_password = $3,
|
||||
updated_at = NOW()
|
||||
WHERE users.id = $1
|
||||
RETURNING id, created_at, updated_at, email, is_chirpy_red
|
||||
`
|
||||
|
||||
type UpdateUserCredentialsParams struct {
|
||||
ID uuid.UUID
|
||||
Email string
|
||||
HashedPassword string
|
||||
}
|
||||
|
||||
type UpdateUserCredentialsRow struct {
|
||||
ID uuid.UUID
|
||||
CreatedAt time.Time
|
||||
UpdatedAt time.Time
|
||||
Email string
|
||||
IsChirpyRed bool
|
||||
}
|
||||
|
||||
func (q *Queries) UpdateUserCredentials(ctx context.Context, arg UpdateUserCredentialsParams) (UpdateUserCredentialsRow, error) {
|
||||
row := q.db.QueryRowContext(ctx, updateUserCredentials, arg.ID, arg.Email, arg.HashedPassword)
|
||||
var i UpdateUserCredentialsRow
|
||||
err := row.Scan(
|
||||
&i.ID,
|
||||
&i.CreatedAt,
|
||||
&i.UpdatedAt,
|
||||
&i.Email,
|
||||
&i.IsChirpyRed,
|
||||
)
|
||||
return i, err
|
||||
}
|
|
@ -7,6 +7,8 @@ package database
|
|||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
const createUser = `-- name: CreateUser :one
|
||||
|
@ -18,7 +20,7 @@ VALUES (
|
|||
$1,
|
||||
$2
|
||||
)
|
||||
RETURNING id, created_at, updated_at, email, hashed_password
|
||||
RETURNING id, created_at, updated_at, email, hashed_password, is_chirpy_red
|
||||
`
|
||||
|
||||
type CreateUserParams struct {
|
||||
|
@ -35,13 +37,14 @@ func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (User, e
|
|||
&i.UpdatedAt,
|
||||
&i.Email,
|
||||
&i.HashedPassword,
|
||||
&i.IsChirpyRed,
|
||||
)
|
||||
return i, err
|
||||
}
|
||||
|
||||
const deleteUser = `-- name: DeleteUser :one
|
||||
DELETE FROM users
|
||||
RETURNING id, created_at, updated_at, email, hashed_password
|
||||
RETURNING id, created_at, updated_at, email, hashed_password, is_chirpy_red
|
||||
`
|
||||
|
||||
func (q *Queries) DeleteUser(ctx context.Context) (User, error) {
|
||||
|
@ -53,12 +56,13 @@ func (q *Queries) DeleteUser(ctx context.Context) (User, error) {
|
|||
&i.UpdatedAt,
|
||||
&i.Email,
|
||||
&i.HashedPassword,
|
||||
&i.IsChirpyRed,
|
||||
)
|
||||
return i, err
|
||||
}
|
||||
|
||||
const getUserByEmail = `-- name: GetUserByEmail :one
|
||||
SELECT id, created_at, updated_at, email, hashed_password FROM users
|
||||
SELECT id, created_at, updated_at, email, hashed_password, is_chirpy_red FROM users
|
||||
WHERE users.email = $1
|
||||
`
|
||||
|
||||
|
@ -71,6 +75,18 @@ func (q *Queries) GetUserByEmail(ctx context.Context, email string) (User, error
|
|||
&i.UpdatedAt,
|
||||
&i.Email,
|
||||
&i.HashedPassword,
|
||||
&i.IsChirpyRed,
|
||||
)
|
||||
return i, err
|
||||
}
|
||||
|
||||
const upgradeUser = `-- name: UpgradeUser :exec
|
||||
UPDATE users
|
||||
SET is_chirpy_red = true
|
||||
WHERE id = $1
|
||||
`
|
||||
|
||||
func (q *Queries) UpgradeUser(ctx context.Context, id uuid.UUID) error {
|
||||
_, err := q.db.ExecContext(ctx, upgradeUser, id)
|
||||
return err
|
||||
}
|
||||
|
|
2
login.go
2
login.go
|
@ -70,6 +70,7 @@ func (cfg *apiConfig) Login(w http.ResponseWriter, r *http.Request) {
|
|||
Email string `json:"email"`
|
||||
AccessToken string `json:"token"`
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
ChirpyRed bool `json:"is_chirpy_red"`
|
||||
}
|
||||
|
||||
data, err := json.Marshal(loginResponse{
|
||||
|
@ -79,6 +80,7 @@ func (cfg *apiConfig) Login(w http.ResponseWriter, r *http.Request) {
|
|||
Email: loggedUser.Email,
|
||||
AccessToken: newJwt,
|
||||
RefreshToken: newRefreshToken,
|
||||
ChirpyRed: loggedUser.IsChirpyRed,
|
||||
})
|
||||
if err != nil {
|
||||
log.Printf("Error marshalling JSON: %s", err)
|
||||
|
|
9
main.go
9
main.go
|
@ -17,6 +17,7 @@ type apiConfig struct {
|
|||
DB *database.Queries
|
||||
Platform string
|
||||
JWT string
|
||||
PolkaKey string
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
@ -33,6 +34,10 @@ func main() {
|
|||
if jwtSecret == "" {
|
||||
log.Fatalf("Empty JWT_SECRET env var!")
|
||||
}
|
||||
polkaKey := os.Getenv("POLKA_KEY")
|
||||
if polkaKey == "" {
|
||||
log.Fatalf("Empty POLKA_KEY env var!")
|
||||
}
|
||||
db, err := sql.Open("postgres", dbURL)
|
||||
if err != nil {
|
||||
log.Fatalf("Unable to connect to db: %s", err)
|
||||
|
@ -42,6 +47,7 @@ func main() {
|
|||
DB: database.New(db),
|
||||
Platform: platform,
|
||||
JWT: jwtSecret,
|
||||
PolkaKey: polkaKey,
|
||||
}
|
||||
mux := http.NewServeMux()
|
||||
fsHandler := apiCfg.middlewareMetricsInc(http.StripPrefix("/app", http.FileServer(http.Dir("."))))
|
||||
|
@ -56,10 +62,13 @@ func main() {
|
|||
mux.HandleFunc("GET /api/chirps", apiCfg.getChirps)
|
||||
mux.HandleFunc("POST /api/chirps", apiCfg.chirpsCreate)
|
||||
mux.HandleFunc("POST /api/users", apiCfg.createUsers)
|
||||
mux.HandleFunc("PUT /api/users", apiCfg.updateUsers)
|
||||
mux.HandleFunc("GET /api/chirps/{chirpID}", apiCfg.getChirp)
|
||||
mux.HandleFunc("DELETE /api/chirps/{chirpID}", apiCfg.deleteChirp)
|
||||
mux.HandleFunc("POST /api/login", apiCfg.Login)
|
||||
mux.HandleFunc("POST /api/refresh", apiCfg.RefreshToken)
|
||||
mux.HandleFunc("POST /api/revoke", apiCfg.RevokeToken)
|
||||
mux.HandleFunc("POST /api/polka/webhooks", apiCfg.subscribeUser)
|
||||
|
||||
server := &http.Server{
|
||||
Addr: ":8080",
|
||||
|
|
|
@ -16,3 +16,8 @@ ORDER BY created_at ASC;
|
|||
-- name: GetChirp :one
|
||||
SELECT * FROM chirps
|
||||
WHERE chirps.id = $1;
|
||||
|
||||
-- name: DeleteChirp :exec
|
||||
DELETE FROM chirps
|
||||
WHERE id = $1
|
||||
AND user_id = $2;
|
7
sql/queries/update_users.sql
Normal file
7
sql/queries/update_users.sql
Normal file
|
@ -0,0 +1,7 @@
|
|||
-- name: UpdateUserCredentials :one
|
||||
UPDATE users
|
||||
SET email = $2,
|
||||
hashed_password = $3,
|
||||
updated_at = NOW()
|
||||
WHERE users.id = $1
|
||||
RETURNING id, created_at, updated_at, email, is_chirpy_red;
|
|
@ -16,3 +16,8 @@ RETURNING *;
|
|||
-- name: GetUserByEmail :one
|
||||
SELECT * FROM users
|
||||
WHERE users.email = $1;
|
||||
|
||||
-- name: UpgradeUser :exec
|
||||
UPDATE users
|
||||
SET is_chirpy_red = true
|
||||
WHERE id = $1;
|
7
sql/schema/005_users_membership.sql
Normal file
7
sql/schema/005_users_membership.sql
Normal file
|
@ -0,0 +1,7 @@
|
|||
-- +goose Up
|
||||
ALTER TABLE users
|
||||
ADD COLUMN is_chirpy_red BOOLEAN DEFAULT false NOT NULL;
|
||||
|
||||
-- +goose Down
|
||||
ALTER TABLE users
|
||||
DROP COLUMN is_chirpy_red;
|
106
users.go
106
users.go
|
@ -17,6 +17,7 @@ type User struct {
|
|||
UpdatedAt time.Time `json:"updated_at"`
|
||||
Email string `json:"email"`
|
||||
HashedPassword string `json:"-"`
|
||||
ChirpyRed bool `json:"is_chirpy_red"`
|
||||
}
|
||||
|
||||
func (cfg *apiConfig) createUsers(w http.ResponseWriter, r *http.Request) {
|
||||
|
@ -54,6 +55,7 @@ func (cfg *apiConfig) createUsers(w http.ResponseWriter, r *http.Request) {
|
|||
CreatedAt: newDBUser.CreatedAt,
|
||||
UpdatedAt: newDBUser.UpdatedAt,
|
||||
Email: newDBUser.Email,
|
||||
ChirpyRed: newDBUser.IsChirpyRed,
|
||||
}
|
||||
dat, err := json.Marshal(newUser)
|
||||
if err != nil {
|
||||
|
@ -65,3 +67,107 @@ func (cfg *apiConfig) createUsers(w http.ResponseWriter, r *http.Request) {
|
|||
w.WriteHeader(201)
|
||||
w.Write(dat)
|
||||
}
|
||||
|
||||
func (cfg *apiConfig) updateUsers(w http.ResponseWriter, r *http.Request) {
|
||||
token, err := auth.GetBearerToken(r.Header)
|
||||
if err != nil {
|
||||
log.Printf("Error extracting token: %s", err)
|
||||
w.WriteHeader(401)
|
||||
return
|
||||
}
|
||||
userId, err := auth.ValidateJWT(token, cfg.JWT)
|
||||
if err != nil {
|
||||
log.Printf("Invalid JWT: %s", err)
|
||||
w.WriteHeader(401)
|
||||
return
|
||||
}
|
||||
|
||||
type parameters struct {
|
||||
Email string `json:"email"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
params := parameters{}
|
||||
err = decoder.Decode(¶ms)
|
||||
if err != nil {
|
||||
log.Printf("Error decoding parameters: %s", err)
|
||||
w.WriteHeader(500)
|
||||
return
|
||||
}
|
||||
defer r.Body.Close()
|
||||
|
||||
hashedPassword, err := auth.HashPassword(params.Password)
|
||||
if err != nil {
|
||||
log.Printf("Error hashing password: %s", err)
|
||||
w.WriteHeader(500)
|
||||
return
|
||||
}
|
||||
credentialsQueryParams := database.UpdateUserCredentialsParams{
|
||||
ID: userId,
|
||||
Email: params.Email,
|
||||
HashedPassword: hashedPassword,
|
||||
}
|
||||
updatedCredentials, err := cfg.DB.UpdateUserCredentials(r.Context(), credentialsQueryParams)
|
||||
if err != nil {
|
||||
log.Printf("Error updating user credentials: %v", err)
|
||||
w.WriteHeader(500)
|
||||
return
|
||||
}
|
||||
data, err := json.Marshal(User{
|
||||
ID: userId,
|
||||
CreatedAt: updatedCredentials.CreatedAt,
|
||||
UpdatedAt: updatedCredentials.UpdatedAt,
|
||||
Email: updatedCredentials.Email,
|
||||
ChirpyRed: updatedCredentials.IsChirpyRed,
|
||||
})
|
||||
if err != nil {
|
||||
log.Printf("Error marshalling JSON: %s", err)
|
||||
w.WriteHeader(500)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(200)
|
||||
w.Write(data)
|
||||
}
|
||||
|
||||
func (cfg *apiConfig) subscribeUser(w http.ResponseWriter, r *http.Request) {
|
||||
_, err := auth.GetAPIKey(r.Header)
|
||||
if err != nil {
|
||||
log.Printf("Error extracting apiKey: %s", err)
|
||||
w.WriteHeader(401)
|
||||
return
|
||||
}
|
||||
type parameters struct {
|
||||
Event string `json:"event"`
|
||||
Data map[string]string `json:"data"`
|
||||
}
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
params := parameters{}
|
||||
err = decoder.Decode(¶ms)
|
||||
if err != nil {
|
||||
log.Printf("Error decoding parameters: %s", err)
|
||||
w.WriteHeader(400)
|
||||
return
|
||||
}
|
||||
defer r.Body.Close()
|
||||
|
||||
if params.Event != "user.upgraded" {
|
||||
w.WriteHeader(204)
|
||||
return
|
||||
}
|
||||
paramsUserIdString := params.Data["user_id"]
|
||||
paramsUserId, err := uuid.Parse(paramsUserIdString)
|
||||
if err != nil {
|
||||
log.Printf("Specified user_id is not a valid UUID: %v", err)
|
||||
w.WriteHeader(400)
|
||||
return
|
||||
}
|
||||
err = cfg.DB.UpgradeUser(r.Context(), paramsUserId)
|
||||
if err != nil {
|
||||
log.Printf("No user matches user_id given: %v", err)
|
||||
w.WriteHeader(404)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(204)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user