diff --git a/internal/http/api_handlers.go b/internal/http/api_handlers.go new file mode 100644 index 0000000..9f7a50e --- /dev/null +++ b/internal/http/api_handlers.go @@ -0,0 +1,221 @@ +package http + +import ( + "fmt" + "image/jpeg" + "net/http" + "strconv" + "strings" + "time" + + "git.arav.su/Arav/justcaptcha/pkg/captcha" + "git.arav.su/Arav/justcaptcha/pkg/captcha/inmemdb" + "git.arav.su/Arav/justcaptcha/pkg/dwcaptcha" + gbsqlite "git.arav.su/Arav/justguestbook/database/sqlite" + "git.arav.su/Arav/justguestbook/guestbook" +) + +// Guestbook API /////////////////////////////////////////////////////////////// + +type GuestbookApiHandlers struct { + Owner string + PageSize int64 + db guestbook.Guestbook +} + +func NewGuestbookApiHandlers(dbPath, owner string, pageSz int64) *GuestbookApiHandlers { + db, err := gbsqlite.New(dbPath) + if err != nil { + panic(err) + } + + return &GuestbookApiHandlers{Owner: owner, PageSize: pageSz, db: db} +} + +func (h *GuestbookApiHandlers) New(w http.ResponseWriter, r *http.Request) { + var entry *guestbook.Entry + var err error + + if r.Header.Get("Content-Type") == "application/x-www-form-urlencoded" { + r.ParseForm() + + if !inmemdb.Solve(captcha.ID(r.FormValue("captcha_id")), captcha.Answer(r.FormValue("captcha_answer"))) { + ForbiddenError("Wrong answer given.", "Here's your message:"+r.FormValue("message"), w) + return + } + + if r.FormValue("name") == "" { + r.Form.Set("name", "Anonymous") + } + + message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n") + message = strings.ReplaceAll(message, "\n\r", "\n") + message = strings.ReplaceAll(message, "\r", "\n") + + entry, err = guestbook.NewEntry(r.FormValue("name"), message, + r.FormValue("website"), r.FormValue("hide_website") != "") + if err != nil { + InternalError(err.Error(), "Here's your message:"+r.FormValue("message"), w) + return + } + } + + if err = h.db.NewEntry(entry); err != nil { + InternalError(err.Error(), "Here's your message:"+r.FormValue("message"), w) + return + } + + http.Redirect(w, r, "/guestbook", http.StatusMovedPermanently) +} + +func (h *GuestbookApiHandlers) Edit(w http.ResponseWriter, r *http.Request) { + var entry *guestbook.Entry + var err error + + if r.Header.Get("Content-Type") == "application/x-www-form-urlencoded" { + r.ParseForm() + + if r.FormValue("name") == "" { + r.Form.Set("name", "Anonymous") + } + + message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n") + message = strings.ReplaceAll(message, "\n\r", "\n") + message = strings.ReplaceAll(message, "\r", "\n") + + entry, err = guestbook.NewEntry(r.FormValue("name"), message, + r.FormValue("website"), r.FormValue("hide_website") != "") + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + entry.ID, _ = strconv.ParseInt(GetURLParam(r, "id"), 10, 64) + } + + if err = h.db.EditEntry(entry); err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + +} + +func (h *GuestbookApiHandlers) Delete(w http.ResponseWriter, r *http.Request) { + id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) + if err := h.db.DeleteEntry(id); err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } +} + +func (h *GuestbookApiHandlers) Reply(w http.ResponseWriter, r *http.Request) { + var reply *guestbook.Reply + var err error + + if r.Header.Get("Content-Type") == "application/x-www-form-urlencoded" { + r.ParseForm() + id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) + reply, err = guestbook.NewReply(id, r.FormValue("message")) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + } + + if err := h.db.NewReply(reply); err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } +} + +func (h *GuestbookApiHandlers) EditReply(w http.ResponseWriter, r *http.Request) { + var reply *guestbook.Reply + var err error + + if r.Header.Get("Content-Type") == "application/x-www-form-urlencoded" { + r.ParseForm() + id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) + reply, err = guestbook.NewReply(id, r.FormValue("message")) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + } + + if err := h.db.EditReply(reply); err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + } +} + +func (h *GuestbookApiHandlers) DeleteReply(w http.ResponseWriter, r *http.Request) { + id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) + if err := h.db.DeleteReply(id); err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + } +} + +// CAPTCHA API ///////////////////////////////////////////////////////////////// + +type CaptchaApiHandlers struct { + Expiry time.Duration +} + +func NewCaptchaApiHandlers(expiry time.Duration) *CaptchaApiHandlers { + inmemdb.SetExpiry(expiry) + return &CaptchaApiHandlers{Expiry: expiry} +} + +func (h *CaptchaApiHandlers) New(w http.ResponseWriter, r *http.Request) { + dwc := dwcaptcha.NewDwellingCaptcha(h.Expiry) + _, id := inmemdb.New(r.RemoteAddr, dwc) + w.WriteHeader(http.StatusCreated) + fmt.Fprint(w, id) +} + +func (h *CaptchaApiHandlers) Solve(w http.ResponseWriter, r *http.Request) { + captchaID := captcha.ID(GetURLParam(r, "id")) + + if r.URL.Query().Has("remove") { + inmemdb.Remove(captchaID) + w.WriteHeader(http.StatusNoContent) + return + } + + if solved := inmemdb.IsSolved(captchaID); !solved { + http.Error(w, "wrong answer", http.StatusForbidden) + return + } + + w.WriteHeader(http.StatusNoContent) +} + +func (h *CaptchaApiHandlers) Image(w http.ResponseWriter, r *http.Request) { + id := captcha.ID(GetURLParam(r, "id")) + + image := inmemdb.Image(id, r.URL.Query().Get("style")) + if image == nil { + http.Error(w, "image not found", http.StatusNotFound) + return + } + + w.Header().Add("Content-Disposition", "inline; filename=\""+string(id)+"\"") + + jpeg.Encode(w, *image, &jpeg.Options{Quality: 20}) +} + +// Mindflow API //////////////////////////////////////////////////////////////// + +type MindflowApiHandlers struct{} + +func NewMindflowApiHandlers() *MindflowApiHandlers { + return &MindflowApiHandlers{} +} + +func (h *MindflowApiHandlers) New(w http.ResponseWriter, r *http.Request) { +} + +func (h *MindflowApiHandlers) Edit(w http.ResponseWriter, r *http.Request) { +} + +func (h *MindflowApiHandlers) Delete(w http.ResponseWriter, r *http.Request) { +}