refactor: move handlers into versioned dirs

2025-03-18 18:25:37 -04:00
parent be0981f7b7
commit d8de02f789
4 changed files with 9 additions and 6 deletions
--- a/server/internal/handlers/user/v1/auth.go
+++ b/server/internal/handlers/user/v1/auth.go
@ -0,0 +1,131 @@
+package user
+
+import (
+	"context"
+	"errors"
+	"net/http"
+	"strconv"
+	"time"
+
+	"connectrpc.com/connect"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/spotdemo4/trevstack/server/internal/interceptors"
+	"github.com/spotdemo4/trevstack/server/internal/models"
+	userv1 "github.com/spotdemo4/trevstack/server/internal/services/user/v1"
+	"github.com/spotdemo4/trevstack/server/internal/services/user/v1/userv1connect"
+	"golang.org/x/crypto/bcrypt"
+	"gorm.io/gorm"
+)
+
+type AuthHandler struct {
+	db  *gorm.DB
+	key []byte
+}
+
+func (h *AuthHandler) Login(ctx context.Context, req *connect.Request[userv1.LoginRequest]) (*connect.Response[userv1.LoginResponse], error) {
+	// Validate
+	user := models.User{}
+	if err := h.db.First(&user, "username = ?", req.Msg.Username).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return nil, connect.NewError(connect.CodePermissionDenied, errors.New("invalid username or password"))
+		}
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(req.Msg.Password)); err != nil {
+		return nil, connect.NewError(connect.CodePermissionDenied, errors.New("invalid username or password"))
+	}
+
+	// Generate JWT
+	t := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
+		Issuer:  "trevstack",
+		Subject: strconv.FormatUint(uint64(user.ID), 10),
+		IssuedAt: &jwt.NumericDate{
+			Time: time.Now(),
+		},
+		ExpiresAt: &jwt.NumericDate{
+			Time: time.Now().Add(time.Hour * 24),
+		},
+	})
+	ss, err := t.SignedString(h.key)
+	if err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Create cookie
+	cookie := http.Cookie{
+		Name:     "token",
+		Value:    ss,
+		Path:     "/",
+		MaxAge:   86400,
+		HttpOnly: true,
+		Secure:   true,
+		SameSite: http.SameSiteStrictMode,
+	}
+
+	res := connect.NewResponse(&userv1.LoginResponse{
+		Token: ss,
+	})
+	res.Header().Set("Set-Cookie", cookie.String())
+	return res, nil
+}
+
+func (h *AuthHandler) SignUp(ctx context.Context, req *connect.Request[userv1.SignUpRequest]) (*connect.Response[userv1.SignUpResponse], error) {
+	// Validate
+	if err := h.db.First(&models.User{}, "username = ?", req.Msg.Username).Error; err != nil {
+		if !errors.Is(err, gorm.ErrRecordNotFound) {
+			return nil, connect.NewError(connect.CodeInternal, err)
+		}
+	} else {
+		return nil, connect.NewError(connect.CodeAlreadyExists, errors.New("username already exists"))
+	}
+	if req.Msg.Password != req.Msg.ConfirmPassword {
+		return nil, connect.NewError(connect.CodeInvalidArgument, errors.New("passwords do not match"))
+	}
+
+	// Hash password
+	hash, err := bcrypt.GenerateFromPassword([]byte(req.Msg.Password), bcrypt.DefaultCost)
+	if err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Create user
+	user := models.User{
+		Username: req.Msg.Username,
+		Password: string(hash),
+	}
+	if err := h.db.Create(&user).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	res := connect.NewResponse(&userv1.SignUpResponse{})
+	return res, nil
+}
+
+func (h *AuthHandler) Logout(ctx context.Context, req *connect.Request[userv1.LogoutRequest]) (*connect.Response[userv1.LogoutResponse], error) {
+	// Clear cookie
+	cookie := http.Cookie{
+		Name:     "token",
+		Value:    "",
+		Path:     "/",
+		MaxAge:   -1,
+		HttpOnly: true,
+		Secure:   true,
+		SameSite: http.SameSiteStrictMode,
+	}
+
+	res := connect.NewResponse(&userv1.LogoutResponse{})
+	res.Header().Set("Set-Cookie", cookie.String())
+	return res, nil
+}
+
+func NewAuthHandler(db *gorm.DB, key string) (string, http.Handler) {
+	interceptors := connect.WithInterceptors(interceptors.NewRateLimitInterceptor(key))
+
+	return userv1connect.NewAuthServiceHandler(
+		&AuthHandler{
+			db:  db,
+			key: []byte(key),
+		},
+		interceptors,
+	)
+}
--- a/server/internal/handlers/user/v1/user.go
+++ b/server/internal/handlers/user/v1/user.go
@ -0,0 +1,182 @@
+package user
+
+import (
+	"context"
+	"errors"
+	"net/http"
+	"strconv"
+	"time"
+
+	"connectrpc.com/connect"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/spotdemo4/trevstack/server/internal/interceptors"
+	"github.com/spotdemo4/trevstack/server/internal/models"
+	userv1 "github.com/spotdemo4/trevstack/server/internal/services/user/v1"
+	"github.com/spotdemo4/trevstack/server/internal/services/user/v1/userv1connect"
+	"golang.org/x/crypto/bcrypt"
+	"gorm.io/gorm"
+)
+
+type UserHandler struct {
+	db  *gorm.DB
+	key []byte
+}
+
+func (h *UserHandler) GetUser(ctx context.Context, req *connect.Request[userv1.GetUserRequest]) (*connect.Response[userv1.GetUserResponse], error) {
+	userid, ok := interceptors.GetUserContext(ctx)
+	if !ok {
+		return nil, connect.NewError(connect.CodeUnauthenticated, errors.New("unauthenticated"))
+	}
+
+	// Get user
+	user := models.User{}
+	if err := h.db.Preload("ProfilePicture").First(&user, "id = ?", userid).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	res := connect.NewResponse(&userv1.GetUserResponse{
+		User: user.ToConnectV1(),
+	})
+	return res, nil
+}
+
+func (h *UserHandler) UpdatePassword(ctx context.Context, req *connect.Request[userv1.UpdatePasswordRequest]) (*connect.Response[userv1.UpdatePasswordResponse], error) {
+	userid, ok := interceptors.GetUserContext(ctx)
+	if !ok {
+		return nil, connect.NewError(connect.CodeUnauthenticated, errors.New("unauthenticated"))
+	}
+
+	// Get user
+	user := models.User{}
+	if err := h.db.First(&user, "id = ?", userid).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Validate
+	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(req.Msg.OldPassword)); err != nil {
+		return nil, connect.NewError(connect.CodePermissionDenied, errors.New("invalid password"))
+	}
+	if req.Msg.NewPassword != req.Msg.ConfirmPassword {
+		return nil, connect.NewError(connect.CodeInvalidArgument, errors.New("passwords do not match"))
+	}
+
+	// Hash password
+	hash, err := bcrypt.GenerateFromPassword([]byte(req.Msg.NewPassword), bcrypt.DefaultCost)
+	if err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Update password
+	if err := h.db.Model(&user).Update("password", string(hash)).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	res := connect.NewResponse(&userv1.UpdatePasswordResponse{})
+	return res, nil
+}
+
+func (h *UserHandler) GetAPIKey(ctx context.Context, req *connect.Request[userv1.GetAPIKeyRequest]) (*connect.Response[userv1.GetAPIKeyResponse], error) {
+	userid, ok := interceptors.GetUserContext(ctx)
+	if !ok {
+		return nil, connect.NewError(connect.CodeUnauthenticated, errors.New("unauthenticated"))
+	}
+
+	// Get user
+	user := models.User{}
+	if err := h.db.First(&user, "id = ?", userid).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Validate
+	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(req.Msg.Password)); err != nil {
+		return nil, connect.NewError(connect.CodePermissionDenied, errors.New("invalid username or password"))
+	}
+	if req.Msg.Password != req.Msg.ConfirmPassword {
+		return nil, connect.NewError(connect.CodeInvalidArgument, errors.New("passwords do not match"))
+	}
+
+	// Generate JWT
+	t := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
+		Issuer:  "trevstack",
+		Subject: strconv.FormatUint(uint64(user.ID), 10),
+		IssuedAt: &jwt.NumericDate{
+			Time: time.Now(),
+		},
+	})
+	ss, err := t.SignedString(h.key)
+	if err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	res := connect.NewResponse(&userv1.GetAPIKeyResponse{
+		Key: ss,
+	})
+	return res, nil
+}
+
+func (h *UserHandler) UpdateProfilePicture(ctx context.Context, req *connect.Request[userv1.UpdateProfilePictureRequest]) (*connect.Response[userv1.UpdateProfilePictureResponse], error) {
+	userid, ok := interceptors.GetUserContext(ctx)
+	if !ok {
+		return nil, connect.NewError(connect.CodeUnauthenticated, errors.New("unauthenticated"))
+	}
+
+	// Validate file
+	fileType := http.DetectContentType(req.Msg.Data)
+	if fileType != "image/jpeg" && fileType != "image/png" {
+		return nil, connect.NewError(connect.CodeInvalidArgument, errors.New("invalid file type"))
+	}
+
+	// Save bytes into file
+	file := models.File{
+		Name:   req.Msg.FileName,
+		Data:   req.Msg.Data,
+		UserID: uint(userid),
+	}
+	if err := h.db.Create(&file).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Get user info
+	user := models.User{}
+	if err := h.db.First(&user, "id = ?", userid).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Get old profile picture ID
+	var ppid *uint32
+	if user.ProfilePicture != nil {
+		ppid = &user.ProfilePicture.ID
+	}
+
+	// Update user profile picture
+	fid := uint(file.ID)
+	user.ProfilePictureID = &fid
+	user.ProfilePicture = &file
+	if err := h.db.Save(&user).Error; err != nil {
+		return nil, connect.NewError(connect.CodeInternal, err)
+	}
+
+	// Delete old profile picture if exists
+	if ppid != nil {
+		if err := h.db.Delete(models.File{}, "id = ?", *ppid).Error; err != nil {
+			return nil, connect.NewError(connect.CodeInternal, err)
+		}
+	}
+
+	res := connect.NewResponse(&userv1.UpdateProfilePictureResponse{
+		User: user.ToConnectV1(),
+	})
+	return res, nil
+}
+
+func NewUserHandler(db *gorm.DB, key string) (string, http.Handler) {
+	interceptors := connect.WithInterceptors(interceptors.NewAuthInterceptor(key))
+
+	return userv1connect.NewUserServiceHandler(
+		&UserHandler{
+			db:  db,
+			key: []byte(key),
+		},
+		interceptors,
+	)
+}