diff options
| author | simponic <simponic@hatecomputers.club> | 2024-04-06 15:43:18 -0400 |
|---|---|---|
| committer | simponic <simponic@hatecomputers.club> | 2024-04-06 15:43:18 -0400 |
| commit | 83cc6267fd5ce2f61200314424c5f400f65ff2ba (patch) | |
| tree | eafb35310236a15572cbb6e16ff8d6f181bfe240 /api/keys | |
| parent | 569d2788ebfb90774faf361f62bfe7968e091465 (diff) | |
| parent | cad8e2c4ed5e3bab61ff243f8677f8a46eaeafb0 (diff) | |
| download | hatecomputers.club-83cc6267fd5ce2f61200314424c5f400f65ff2ba.tar.gz hatecomputers.club-83cc6267fd5ce2f61200314424c5f400f65ff2ba.zip | |
Merge pull request 'testing | dont be recursive for external domains | finalize oauth' (#5) from dont-be-authoritative into main
Reviewed-on: https://git.hatecomputers.club/hatecomputers/hatecomputers.club/pulls/5
Diffstat (limited to 'api/keys')
| -rw-r--r-- | api/keys/keys.go | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/api/keys/keys.go b/api/keys/keys.go new file mode 100644 index 0000000..cef3f3c --- /dev/null +++ b/api/keys/keys.go @@ -0,0 +1,87 @@ +package keys + +import ( + "log" + "net/http" + + "git.hatecomputers.club/hatecomputers/hatecomputers.club/api/types" + "git.hatecomputers.club/hatecomputers/hatecomputers.club/database" + "git.hatecomputers.club/hatecomputers/hatecomputers.club/utils" +) + +const MAX_USER_API_KEYS = 5 + +func ListAPIKeysContinuation(context *types.RequestContext, req *http.Request, resp http.ResponseWriter) types.ContinuationChain { + return func(success types.Continuation, failure types.Continuation) types.ContinuationChain { + typesKeys, err := database.ListUserAPIKeys(context.DBConn, context.User.ID) + if err != nil { + log.Println(err) + resp.WriteHeader(http.StatusInternalServerError) + return failure(context, req, resp) + } + + (*context.TemplateData)["APIKeys"] = typesKeys + return success(context, req, resp) + } +} + +func CreateAPIKeyContinuation(context *types.RequestContext, req *http.Request, resp http.ResponseWriter) types.ContinuationChain { + return func(success types.Continuation, failure types.Continuation) types.ContinuationChain { + formErrors := types.FormError{ + Errors: []string{}, + } + + numKeys, err := database.CountUserAPIKeys(context.DBConn, context.User.ID) + if err != nil { + log.Println(err) + resp.WriteHeader(http.StatusInternalServerError) + return failure(context, req, resp) + } + + if numKeys >= MAX_USER_API_KEYS { + formErrors.Errors = append(formErrors.Errors, "max types keys reached") + } + + if len(formErrors.Errors) > 0 { + (*context.TemplateData)["FormError"] = formErrors + return failure(context, req, resp) + } + + _, err = database.SaveAPIKey(context.DBConn, &database.UserApiKey{ + UserID: context.User.ID, + Key: utils.RandomId(), + }) + if err != nil { + log.Println(err) + resp.WriteHeader(http.StatusInternalServerError) + return failure(context, req, resp) + } + return success(context, req, resp) + } +} + +func DeleteAPIKeyContinuation(context *types.RequestContext, req *http.Request, resp http.ResponseWriter) types.ContinuationChain { + return func(success types.Continuation, failure types.Continuation) types.ContinuationChain { + apiKey := req.FormValue("key") + + key, err := database.GetAPIKey(context.DBConn, apiKey) + if err != nil { + log.Println(err) + resp.WriteHeader(http.StatusInternalServerError) + return failure(context, req, resp) + } + if (key == nil) || (key.UserID != context.User.ID) { + resp.WriteHeader(http.StatusUnauthorized) + return failure(context, req, resp) + } + + err = database.DeleteAPIKey(context.DBConn, apiKey) + if err != nil { + log.Println(err) + resp.WriteHeader(http.StatusInternalServerError) + return failure(context, req, resp) + } + + return success(context, req, resp) + } +} |