Added logs

2026-03-01 13:25:27 +01:00
parent 2a1da08216
commit 87ae8cc0b9
2 changed files with 49 additions and 27 deletions
--- a/handlers/expenses.go
+++ b/handlers/expenses.go
@@ -2,10 +2,12 @@ package handlers

 import (
 	"encoding/json"
+	"log"
 	"net/http"
 	"shap-planner-backend/models"
 	"shap-planner-backend/storage"
 	"shap-planner-backend/utils"
+	"time"
 )

 func Expenses(w http.ResponseWriter, r *http.Request) {
@@ -20,37 +22,54 @@ func Expenses(w http.ResponseWriter, r *http.Request) {
 			Shares  []models.ExpenseShare `json:"shares"`
 		}
 		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+			log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
 			http.Error(w, "Invalid request body", http.StatusBadRequest)
 			return
 		}
 		if claims.UserID != body.Expense.PayerID { // You cannot create an expense in the name of another user
-			http.Error(w, "Invalid request", http.StatusUnauthorized)
+			log.Println("POST [api/expense] " + r.RemoteAddr + ": claims.UserID and expense.PayerID does not match")
+			http.Error(w, "Invalid request", http.StatusBadRequest)
 			return
 		}
+		// Set ExpenseID
 		if body.Expense.ID != "" {
-			http.Error(w, "Invalid request", http.StatusUnauthorized)
+			log.Println("POST [api/expense] " + r.RemoteAddr + ": Expense ID must be empty")
+			http.Error(w, "Invalid request", http.StatusBadRequest)
 			return
 		}
 		body.Expense.ID = utils.GenerateUUID()
+		if body.Expense.CreatedAt == 0 {
+			body.Expense.CreatedAt = time.Now().Unix()
+		}
+		if body.Expense.Amount <= 0 {
+			log.Println("POST [api/expense] " + r.RemoteAddr + ": Amount must be greater than zero")
+			http.Error(w, "Invalid request", http.StatusBadRequest)
+			return
+		}
+		// Set ShareIDs and save them
 		for _, share := range body.Shares {
 			if share.ID != "" {
-				http.Error(w, "Invalid request", http.StatusUnauthorized)
+				log.Println("POST [api/expense] " + r.RemoteAddr + ": Share ID must be empty")
+				http.Error(w, "Invalid request", http.StatusBadRequest)
 				return
 			}
 			if share.ExpenseID != "" {
-				http.Error(w, "Invalid request", http.StatusUnauthorized)
+				log.Println("POST [api/expense] " + r.RemoteAddr + ": Expense ID of Share must be empty")
+				http.Error(w, "Invalid request", http.StatusBadRequest)
 				return
 			}
 			share.ExpenseID = body.Expense.ID
 			share.ID = utils.GenerateUUID()
 			err := storage.AddShare(&share)
 			if err != nil {
+				log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
 				http.Error(w, "Error adding expense", http.StatusBadRequest) // Should never happen
 				return
 			}
 		}
 		err := storage.AddExpense(&body.Expense)
 		if err != nil {
+			log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
 			http.Error(w, "Error adding expense", http.StatusBadRequest)
 			return
 		}
@@ -59,13 +78,16 @@ func Expenses(w http.ResponseWriter, r *http.Request) {
 			"shares":  body.Shares,
 		})
 		if err != nil {
-			println(err.Error())
+			log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
 			return
 		}
+		log.Println("POST [api/expense] " + r.RemoteAddr + ": Successfully added expense and its shares")
 		break
 	case http.MethodPut: // -> Update Expense
 		break
 	case http.MethodDelete: // -> Delete Expense
+	default:
+		http.Error(w, "Invalid request method", http.StatusMethodNotAllowed)
 	}
 }
 func AdminPanel(w http.ResponseWriter, r *http.Request) {}