From f22e5011b826979288f73dd2c9823dd4b29df5a4 Mon Sep 17 00:00:00 2001 From: Christopher James Hayward Date: Sun, 16 Jul 2023 13:50:03 -0400 Subject: [PATCH] Cleanup JSON input --- gateway/gateway.go | 105 +++++++++++++++++++++++---------------------- 1 file changed, 53 insertions(+), 52 deletions(-) diff --git a/gateway/gateway.go b/gateway/gateway.go index e9588c8..73d558c 100644 --- a/gateway/gateway.go +++ b/gateway/gateway.go @@ -2,6 +2,7 @@ package gateway import ( "context" + "encoding/json" "fmt" "net/http" @@ -10,20 +11,17 @@ import ( func Register(client proto.UsersClient) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - password, passwordAgain := - r.URL.Query().Get("password"), - r.URL.Query().Get("password_again") - _, err := client.Register(r.Context(), &proto.RegisterRequest{ - Form: &proto.UserForm{ - Email: r.URL.Query().Get("email"), - Password: &password, - PasswordAgain: &passwordAgain, - }, - }) + var req proto.RegisterRequest + if err := json.NewDecoder(r.Body).Decode(&req); err != nil { + w.WriteHeader(http.StatusBadRequest) + w.Write([]byte(err.Error())) + return + } - if err != nil { + if _, err := client.Register(r.Context(), &req); err != nil { w.WriteHeader(http.StatusBadRequest) w.Write([]byte(err.Error())) + return } w.WriteHeader(http.StatusOK) @@ -32,36 +30,33 @@ func Register(client proto.UsersClient) http.HandlerFunc { func Login(client proto.UsersClient) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - password, passwordAgain := - r.URL.Query().Get("password"), - r.URL.Query().Get("password_again") - res, err := client.Login(r.Context(), &proto.LoginRequest{ - Form: &proto.UserForm{ - Email: r.URL.Query().Get("email"), - Password: &password, - PasswordAgain: &passwordAgain, - }, - }) + var req proto.LoginRequest + if err := json.NewDecoder(r.Body).Decode(&req); err != nil { + w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return + } + res, err := client.Login(r.Context(), &req) if err != nil { - w.WriteHeader(http.StatusBadRequest) w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return } - w.WriteHeader(http.StatusOK) w.Write([]byte(res.Token.Token)) + w.WriteHeader(http.StatusOK) }) } func Logout(client proto.UsersClient) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - _, err := client.Logout(r.Context(), &proto.LogoutRequest{ + if _, err := client.Logout(r.Context(), &proto.LogoutRequest{ Token: r.Context().Value("token").(*proto.UserToken), - }) - - if err != nil { - w.WriteHeader(http.StatusBadRequest) + }); err != nil { w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return } w.WriteHeader(http.StatusOK) @@ -70,22 +65,28 @@ func Logout(client proto.UsersClient) http.HandlerFunc { func Authorize(client proto.UsersClient, serverSecret *string, next http.HandlerFunc) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + var req proto.AuthorizeRequest + if err := json.NewDecoder(r.Body).Decode(&req); err != nil { + w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return + } + res, err := client.Authorize(r.Context(), &proto.AuthorizeRequest{ Secret: *serverSecret, - Token: &proto.UserToken{ - Token: r.URL.Query().Get("token"), - }, + Token: req.Token, }) if err != nil { - w.WriteHeader(http.StatusBadRequest) w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return } ctx := context.WithValue(r.Context(), "user", res.User) ctx = context.WithValue(ctx, "roles", res.Roles) ctx = context.WithValue(ctx, "token", &proto.UserToken{ - Token: r.URL.Query().Get("token"), + Token: req.Token.Token, }) next(w, r.WithContext(ctx)) @@ -94,40 +95,40 @@ func Authorize(client proto.UsersClient, serverSecret *string, next http.Handler func ResetPassword(client proto.UsersClient, endpoint string) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - res, err := client.ResetPassword(r.Context(), &proto.ResetPasswordRequest{ - Form: &proto.UserForm{ - Email: r.URL.Query().Get("email"), - }, - }) + var req proto.ResetPasswordRequest + if err := json.NewDecoder(r.Body).Decode(&req); err != nil { + w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return + } + res, err := client.ResetPassword(r.Context(), &req) if err != nil { - w.WriteHeader(http.StatusBadRequest) w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return } - w.WriteHeader(http.StatusOK) w.Write([]byte(fmt.Sprintf( "Please follow this link to update your password: %s/change_password?token=%s\n", endpoint, res.Token.Token))) + w.WriteHeader(http.StatusOK) }) } func ChangePassword(client proto.UsersClient) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - password, passwordAgain := - r.URL.Query().Get("password"), - r.URL.Query().Get("password_again") - _, err := client.ChangePassword(r.Context(), &proto.ChangePasswordRequest{ - Form: &proto.UserForm{ - Email: r.URL.Query().Get("email"), - Password: &password, - PasswordAgain: &passwordAgain, - }, - }) - - if err != nil { + var req proto.ChangePasswordRequest + if err := json.NewDecoder(r.Body).Decode(&req); err != nil { + w.Write([]byte(err.Error())) w.WriteHeader(http.StatusBadRequest) + return + } + + if _, err := client.ChangePassword(r.Context(), &req); err != nil { w.Write([]byte(err.Error())) + w.WriteHeader(http.StatusBadRequest) + return } w.WriteHeader(http.StatusOK)