Compare commits
16 Commits
1f54f60d46
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
91997686d1
|
|||
|
2f4e0bb8ce
|
|||
|
56cc1c50a7
|
|||
|
088d32984c
|
|||
|
e7da8c9443
|
|||
|
0afd5bfc3a
|
|||
|
ef7ef3cf74
|
|||
|
c75c405200
|
|||
|
c735261f0c
|
|||
|
188b238e7d
|
|||
|
87ae8cc0b9
|
|||
|
2a1da08216
|
|||
|
ddf06554f8
|
|||
|
54a8292234
|
|||
|
6a974cbbf1
|
|||
|
d5642ccadf
|
1
.gitignore
vendored
1
.gitignore
vendored
@@ -2,3 +2,4 @@ appdata
|
||||
.idea
|
||||
*.exe
|
||||
*.cmd
|
||||
.run
|
||||
@@ -1,24 +1,19 @@
|
||||
# Wir sagen Docker: Der Builder soll IMMER auf der Architektur deines PCs laufen (schnell!)
|
||||
FROM --platform=$BUILDPLATFORM golang:1.26-alpine AS builder
|
||||
|
||||
RUN apk add --no-cache git
|
||||
WORKDIR /app
|
||||
|
||||
# Cache für Module nutzen
|
||||
COPY go.mod go.sum ./
|
||||
RUN go mod download
|
||||
|
||||
COPY . .
|
||||
|
||||
# buildx übergibt diese Variablen automatisch
|
||||
ARG TARGETOS
|
||||
ARG TARGETARCH
|
||||
|
||||
# Hier passiert die Magie: Go kompiliert NATIV für das Ziel (Cross-Compilation)
|
||||
RUN CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH \
|
||||
go build -ldflags "-s -w" -o shap-planner-backend .
|
||||
|
||||
# Final Stage (bleibt gleich klein)
|
||||
FROM scratch
|
||||
COPY --from=builder /app/shap-planner-backend /shap-planner-backend
|
||||
ENTRYPOINT ["/shap-planner-backend"]
|
||||
@@ -61,9 +61,9 @@ go run main.go
|
||||
## Configuration
|
||||
### Environment Variables
|
||||
|
||||
| Variable | Description | Example |
|
||||
|----------------|-------------------------------------------------------|----------------|
|
||||
| `SHAP-JWT_SECRET` | Secret used to sign JWT tokens | `superrandomsecret123` |
|
||||
| Variable | Description | Example |
|
||||
|-------------------|-------------------------------------------------------|----------------|
|
||||
| `SHAP_JWT_SECRET` | Secret used to sign JWT tokens | `superrandomsecret123` |
|
||||
|
||||
---
|
||||
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
@@ -13,8 +12,6 @@ type Claims struct {
|
||||
jwt.RegisteredClaims
|
||||
}
|
||||
|
||||
var secret = os.Getenv("SHAP_JWT_SECRET")
|
||||
|
||||
func GenerateJWT(userID, role string, secret []byte) (string, error) {
|
||||
claims := Claims{
|
||||
UserID: userID,
|
||||
|
||||
@@ -9,9 +9,11 @@ import (
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
HouseholdName string `yaml:"household_name"`
|
||||
Port string `yaml:"port"`
|
||||
DatabasePath string `yaml:"database_path"`
|
||||
HouseholdName string `yaml:"household_name"`
|
||||
Port string `yaml:"port"`
|
||||
DatabasePath string `yaml:"database_path"`
|
||||
CertificatePath string `yaml:"certificate_path"`
|
||||
PrivateKeyPath string `yaml:"private_key_path"`
|
||||
}
|
||||
|
||||
const configPath = "./appdata/config.yaml"
|
||||
@@ -33,9 +35,11 @@ func CheckIfExists() error {
|
||||
}
|
||||
|
||||
defaultConfig := Config{
|
||||
Port: "8080",
|
||||
DatabasePath: "./appdata/database.db",
|
||||
HouseholdName: "Example-Household",
|
||||
Port: "8080",
|
||||
DatabasePath: "./appdata/database.db",
|
||||
HouseholdName: "Example-Household",
|
||||
CertificatePath: "./appdata/cert.pem",
|
||||
PrivateKeyPath: "./appdata/key.pem",
|
||||
}
|
||||
|
||||
data, err := yaml.Marshal(defaultConfig)
|
||||
|
||||
@@ -18,30 +18,35 @@ var cfg, _ = config.LoadConfig()
|
||||
func Register(w http.ResponseWriter, r *http.Request) {
|
||||
var user models.User
|
||||
if err := json.NewDecoder(r.Body).Decode(&user); err != nil {
|
||||
log.Println("POST [api/register] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request body", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
if user.Username == "" || user.Password == "" {
|
||||
log.Println("POST [api/register] " + r.RemoteAddr + ": Username or Password is empty")
|
||||
http.Error(w, "username and password required", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
hashed, err := auth.HashPassword(user.Password)
|
||||
if err != nil {
|
||||
log.Println("POST [api/register] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "internal error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
user.Password = hashed
|
||||
user.ID = utils.GenerateUUID()
|
||||
user.Role = "user"
|
||||
user.Role = models.RoleUser
|
||||
|
||||
if err := storage.AddUser(user); err != nil {
|
||||
if err := storage.AddUser(&user); err != nil {
|
||||
log.Println("POST [api/register] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "user already exists", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
log.Println("POST [api/register] " + r.RemoteAddr + ": Successfully created user")
|
||||
}
|
||||
func Login(w http.ResponseWriter, r *http.Request) {
|
||||
var creds struct {
|
||||
@@ -49,36 +54,41 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
Password string `json:"password"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&creds); err != nil {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user, err := storage.GetUserByUsername(creds.Username)
|
||||
if err != nil {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
if !auth.CheckPasswordHash(creds.Password, user.Password) {
|
||||
println("invalid password")
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": Invalid credentials")
|
||||
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
secret := []byte(os.Getenv("SHAP_JWT_SECRET"))
|
||||
if len(secret) == 0 {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": Server misconfiguration")
|
||||
http.Error(w, "Server misconfiguration", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
accessToken, err := auth.GenerateJWT(user.ID, user.Role, secret)
|
||||
if err != nil {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Could not generate token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
refreshTokenPlain, err := utils.GenerateRefreshToken()
|
||||
if err != nil {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "could not generate refresh token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
@@ -88,7 +98,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
deviceInfo := r.Header.Get("User-Agent")
|
||||
|
||||
if err := storage.AddRefreshToken(models.RefreshToken{
|
||||
if err := storage.AddRefreshToken(&models.RefreshToken{
|
||||
ID: refreshID,
|
||||
UserID: user.ID,
|
||||
Token: refreshHash,
|
||||
@@ -97,6 +107,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
CreatedAt: time.Now().Unix(),
|
||||
Revoked: false,
|
||||
}); err != nil {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "could not save refresh token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
@@ -114,38 +125,45 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(resp)
|
||||
err = json.NewEncoder(w).Encode(resp)
|
||||
if err != nil {
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Something went wrong", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
log.Println("POST [api/login] " + r.RemoteAddr + ": Successfully logged in")
|
||||
}
|
||||
func Logout(w http.ResponseWriter, r *http.Request) {
|
||||
claims := r.Context().Value(auth.UserContextKey).(*auth.Claims)
|
||||
storage.RevokeAllRefreshTokensForUser(claims.UserID)
|
||||
err := storage.RevokeAllRefreshTokensForUser(claims.UserID)
|
||||
if err != nil {
|
||||
log.Println("GET [api/logout] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(204)
|
||||
}
|
||||
func TestHandler(w http.ResponseWriter, r *http.Request) {
|
||||
claimsRaw := r.Context().Value(auth.UserContextKey)
|
||||
if claimsRaw == nil {
|
||||
http.Error(w, "No claims in context", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
claims, ok := claimsRaw.(*auth.Claims)
|
||||
if !ok {
|
||||
http.Error(w, "Invalid claims", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
claims, _ := utils.IsLoggedIn(w, r)
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
err := json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"user_id": claims.UserID,
|
||||
"role": claims.Role,
|
||||
"msg": "access granted to protected endpoint",
|
||||
"msg": "Authentication successful",
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("GET [api/ping] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("GET [api/login] " + r.RemoteAddr + ": Successfully tested connection")
|
||||
}
|
||||
func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
var req struct {
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
log.Println("POST [api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
@@ -154,6 +172,7 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
tokenRow, err := storage.GetRefreshToken(hashed)
|
||||
if err != nil || tokenRow.Revoked || tokenRow.ExpiresAt < time.Now().Unix() {
|
||||
log.Println("POST [api/refresh] " + r.RemoteAddr + ": Invalid refresh token")
|
||||
http.Error(w, "Invalid refresh token", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
@@ -167,7 +186,7 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
newExpires := time.Now().Add(7 * 24 * time.Hour).Unix() //7 days
|
||||
newID := utils.GenerateUUID()
|
||||
deviceInfo := r.Header.Get("User-Agent")
|
||||
if err = storage.AddRefreshToken(models.RefreshToken{
|
||||
if err = storage.AddRefreshToken(&models.RefreshToken{
|
||||
ID: newID,
|
||||
UserID: tokenRow.UserID,
|
||||
Token: newHash,
|
||||
@@ -176,15 +195,52 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
Revoked: false,
|
||||
DeviceInfo: deviceInfo,
|
||||
}); err != nil {
|
||||
log.Println("POST [api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Could not generate new refresh token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
accessToken, _ := auth.GenerateJWT(tokenRow.UserID, "", []byte(os.Getenv("SHAP_JWT_SECRET")))
|
||||
user, err := storage.GetUserById(tokenRow.UserID)
|
||||
if err != nil {
|
||||
log.Println("POST [api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
accessToken, _ := auth.GenerateJWT(tokenRow.UserID, user.Role, []byte(os.Getenv("SHAP_JWT_SECRET")))
|
||||
|
||||
if err = json.NewEncoder(w).Encode(map[string]string{
|
||||
"access_token": accessToken,
|
||||
"refresh_token": newToken,
|
||||
}); err != nil {
|
||||
log.Println("POST [api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
log.Println("POST [api/refresh] " + r.RemoteAddr + ": Successfully refreshed token")
|
||||
}
|
||||
func UserInfo(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != http.MethodGet {
|
||||
log.Println("GET [api/userinfo] " + r.RemoteAddr + ": Method " + r.Method + " not allowed")
|
||||
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
|
||||
return
|
||||
}
|
||||
query := r.URL.Query()
|
||||
idParam := query.Get("id")
|
||||
user, err := storage.GetUserById(idParam)
|
||||
if err != nil {
|
||||
log.Println("GET [api/userinfo] " + r.RemoteAddr + ": User " + idParam + " not found")
|
||||
http.Error(w, "User not found", http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"id": user.ID,
|
||||
"name": user.Username,
|
||||
"avatar_url": "",
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("GET [api/userinfo] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("GET [api/userinfo] " + r.RemoteAddr + ": Successfully retrieved user info")
|
||||
}
|
||||
|
||||
32
handlers/balance.go
Normal file
32
handlers/balance.go
Normal file
@@ -0,0 +1,32 @@
|
||||
package handlers
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
"shap-planner-backend/storage"
|
||||
)
|
||||
|
||||
func GetBalance(w http.ResponseWriter, r *http.Request) {
|
||||
query := r.URL.Query()
|
||||
userParam := query.Get("user")
|
||||
|
||||
if userParam == "all" {
|
||||
// TODO: add later
|
||||
} else {
|
||||
balance, err := storage.ComputeBalance(userParam)
|
||||
if err != nil {
|
||||
log.Println("GET [api/balance] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request query", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"balance": balance,
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("GET [api/balance] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("GET [api/balance] " + r.RemoteAddr + ": Successfully retrieved balance")
|
||||
}
|
||||
}
|
||||
@@ -1,7 +1,160 @@
|
||||
package handlers
|
||||
|
||||
import "net/http"
|
||||
import (
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
"shap-planner-backend/models"
|
||||
"shap-planner-backend/storage"
|
||||
"shap-planner-backend/utils"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
func GetExpenses(w http.ResponseWriter, r *http.Request) {}
|
||||
func Expenses(w http.ResponseWriter, r *http.Request) {
|
||||
claims, _ := utils.IsLoggedIn(w, r)
|
||||
|
||||
switch r.Method {
|
||||
case http.MethodGet: // -> Get Expenses
|
||||
expenses, err := storage.GetAllExpenses()
|
||||
if err != nil {
|
||||
log.Println("GET [api/expense] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Something went wrong", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"expenses": expenses,
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("GET [api/expense] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("GET [api/expense] " + r.RemoteAddr + ": Successfully retrieved expenses")
|
||||
break
|
||||
case http.MethodPost: // -> Create Expense
|
||||
var body struct {
|
||||
Expense models.Expense `json:"expense"`
|
||||
Shares []models.ExpenseShare `json:"shares"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request body", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if claims.UserID != body.Expense.PayerID { // You cannot create an expense in the name of another user
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": claims.UserID and expense.PayerID does not match")
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
// Set ExpenseID
|
||||
if body.Expense.ID != "" {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": Expense ID must be empty")
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
body.Expense.ID = utils.GenerateUUID()
|
||||
if body.Expense.CreatedAt == 0 {
|
||||
body.Expense.CreatedAt = time.Now().Unix()
|
||||
}
|
||||
if body.Expense.Amount <= 0 {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": Amount must be greater than zero")
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
// Set ShareIDs and save them
|
||||
for _, share := range body.Shares {
|
||||
if share.ID != "" {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": Share ID must be empty")
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if share.ExpenseID != "" {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": Expense ID of Share must be empty")
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
share.ExpenseID = body.Expense.ID
|
||||
share.ID = utils.GenerateUUID()
|
||||
err := storage.AddShare(&share)
|
||||
if err != nil {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Error adding expense", http.StatusBadRequest) // Should never happen
|
||||
return
|
||||
}
|
||||
}
|
||||
err := storage.AddExpense(&body.Expense)
|
||||
if err != nil {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Error adding expense", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"expense": body.Expense,
|
||||
"shares": body.Shares,
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("POST [api/expense] " + r.RemoteAddr + ": Successfully added expense and its shares")
|
||||
break
|
||||
case http.MethodPut: // -> Update Expense
|
||||
break
|
||||
case http.MethodDelete: // -> Delete Expense
|
||||
default:
|
||||
http.Error(w, "Invalid request method", http.StatusMethodNotAllowed)
|
||||
}
|
||||
}
|
||||
func ExpenseShares(w http.ResponseWriter, r *http.Request) {
|
||||
switch r.Method {
|
||||
case http.MethodGet:
|
||||
query := r.URL.Query()
|
||||
idParam := query.Get("id")
|
||||
idTypeParam := strings.ToLower(query.Get("idType"))
|
||||
if idTypeParam == models.IDTypeEXPENSE {
|
||||
println(idParam)
|
||||
shares, err := storage.GetSharesByExpenseId(idParam)
|
||||
if err != nil {
|
||||
log.Println("GET [api/shares] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Something went wrong", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"shares": shares,
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("GET [api/shares] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("GET [api/shares] " + r.RemoteAddr + ": Successfully retrieved shares")
|
||||
} else if idTypeParam == models.IDTypeSHARE || idTypeParam == "" {
|
||||
share, err := storage.GetShareById(idParam)
|
||||
if err != nil {
|
||||
log.Println("GET [api/shares] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Something went wrong", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"id": share.ID,
|
||||
"expense_id": share.ExpenseID,
|
||||
"user_id": share.UserID,
|
||||
"share_cents": share.ShareCents,
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("GET [api/shares] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("GET [api/shares] " + r.RemoteAddr + ": Successfully retrieved shares")
|
||||
}
|
||||
break
|
||||
case http.MethodPut:
|
||||
break
|
||||
case http.MethodDelete:
|
||||
break
|
||||
default:
|
||||
http.Error(w, "Invalid request method", http.StatusMethodNotAllowed)
|
||||
}
|
||||
}
|
||||
func AdminPanel(w http.ResponseWriter, r *http.Request) {}
|
||||
|
||||
11
main.go
11
main.go
@@ -7,16 +7,13 @@ import (
|
||||
)
|
||||
|
||||
func main() {
|
||||
var SERVER = server.InitServer()
|
||||
var _server = server.InitServer()
|
||||
|
||||
err := storage.InitDB(SERVER.DatabasePath)
|
||||
err := storage.InitDB(_server.DatabasePath)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
return
|
||||
}
|
||||
|
||||
SERVER.Run()
|
||||
}
|
||||
|
||||
func Setup() {
|
||||
//TODO: first configuration
|
||||
_server.Run()
|
||||
}
|
||||
|
||||
14
models/constants.go
Normal file
14
models/constants.go
Normal file
@@ -0,0 +1,14 @@
|
||||
package models
|
||||
|
||||
// Roles
|
||||
const (
|
||||
RoleUser = "user"
|
||||
RoleAdmin = "admin"
|
||||
)
|
||||
|
||||
// ID-Types
|
||||
const (
|
||||
IDTypeSHARE = "share"
|
||||
IDTypeEXPENSE = "expense"
|
||||
IDTypeUSER = "user"
|
||||
)
|
||||
@@ -8,10 +8,19 @@ type User struct {
|
||||
}
|
||||
|
||||
type Expense struct {
|
||||
ID string `json:"id"`
|
||||
Amount int `json:"amt"`
|
||||
Description string `json:"desc"`
|
||||
|
||||
Payer User `json:"payer"`
|
||||
Debtors []User `json:"debtors"`
|
||||
ID string `json:"id"`
|
||||
PayerID string `json:"payer_id"`
|
||||
Amount int64 `json:"amount"`
|
||||
Title string `json:"title"`
|
||||
Description string `json:"description"`
|
||||
Attachments []string `json:"attachments"`
|
||||
CreatedAt int64 `json:"created_at"`
|
||||
LastUpdatedAt int64 `json:"last_updated_at"`
|
||||
}
|
||||
|
||||
type ExpenseShare struct {
|
||||
ID string `json:"id"`
|
||||
ExpenseID string `json:"expense_id"`
|
||||
UserID string `json:"user_id"`
|
||||
ShareCents int64 `json:"share_cents"`
|
||||
}
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
package models
|
||||
|
||||
type RefreshToken struct {
|
||||
ID string `json:id`
|
||||
UserID string `json:userid`
|
||||
Token string `json:token`
|
||||
ExpiresAt int64 `json:expiresat`
|
||||
CreatedAt int64 `json:createdat`
|
||||
Revoked bool `json:revoked`
|
||||
DeviceInfo string `json:deviceinfo`
|
||||
ID string `json:"id"`
|
||||
UserID string `json:"user_id"`
|
||||
Token string `json:"token"`
|
||||
ExpiresAt int64 `json:"expires_at"`
|
||||
CreatedAt int64 `json:"created_at"`
|
||||
Revoked bool `json:"revoked"`
|
||||
DeviceInfo string `json:"device_info"`
|
||||
}
|
||||
|
||||
@@ -10,41 +10,48 @@ import (
|
||||
)
|
||||
|
||||
type Server struct {
|
||||
Port string
|
||||
JWTSecret []byte
|
||||
DatabasePath string
|
||||
Port string
|
||||
JWTSecret []byte
|
||||
DatabasePath string
|
||||
CertificatePath string
|
||||
PrivateKeyPath string
|
||||
}
|
||||
|
||||
var cfg, _ = config.LoadConfig()
|
||||
|
||||
func InitServer() *Server {
|
||||
|
||||
err := config.CheckIfExists()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg, err := config.LoadConfig()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
return nil
|
||||
}
|
||||
|
||||
jwtSecret := os.Getenv("SHAP_JWT_SECRET")
|
||||
if jwtSecret == "" {
|
||||
log.Fatal("SHAP_JWT_SECRET environment variable not set.")
|
||||
return nil
|
||||
}
|
||||
if len(jwtSecret) < 32 {
|
||||
log.Fatal("SHAP_JWT_SECRET must be at least 32 characters long.")
|
||||
return nil
|
||||
}
|
||||
|
||||
return &Server{
|
||||
Port: cfg.Port,
|
||||
JWTSecret: []byte(jwtSecret),
|
||||
DatabasePath: cfg.DatabasePath,
|
||||
Port: cfg.Port,
|
||||
JWTSecret: []byte(jwtSecret),
|
||||
DatabasePath: cfg.DatabasePath,
|
||||
CertificatePath: cfg.CertificatePath,
|
||||
PrivateKeyPath: cfg.PrivateKeyPath,
|
||||
}
|
||||
}
|
||||
|
||||
func (server *Server) Run() {
|
||||
log.Println("Starting server...")
|
||||
mux := http.NewServeMux()
|
||||
|
||||
// Public
|
||||
@@ -54,12 +61,15 @@ func (server *Server) Run() {
|
||||
mux.HandleFunc("/api/logout", handlers.Logout)
|
||||
|
||||
// Login required
|
||||
mux.Handle("/api/expenses", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.GetExpenses)))
|
||||
mux.Handle("/api/expenses", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.Expenses)))
|
||||
mux.Handle("/api/shares", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.ExpenseShares)))
|
||||
mux.Handle("/api/balance", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.GetBalance)))
|
||||
mux.Handle("/api/ping", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.TestHandler)))
|
||||
mux.Handle("/api/userinfo", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.UserInfo)))
|
||||
|
||||
// Admin-only
|
||||
mux.Handle("/api/admin", auth.AuthMiddleware(server.JWTSecret)(auth.RequireRole("admin")(http.HandlerFunc(handlers.AdminPanel))))
|
||||
|
||||
log.Printf("Listening on port %s", server.Port)
|
||||
log.Fatal(http.ListenAndServe(":"+server.Port, mux))
|
||||
log.Fatal(http.ListenAndServeTLS(":"+server.Port, server.CertificatePath, server.PrivateKeyPath, mux))
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ package storage
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"shap-planner-backend/models"
|
||||
"strings"
|
||||
@@ -51,14 +52,195 @@ func InitDB(filepath string) error {
|
||||
|
||||
//Create Expenses-Table
|
||||
_, err = DB.Exec(`CREATE TABLE IF NOT EXISTS expenses(
|
||||
id TEXT PRIMARY KEY
|
||||
|
||||
id TEXT PRIMARY KEY,
|
||||
payer_id TEXT NOT NULL,
|
||||
amount_cents INTEGER NOT NULL,
|
||||
title TEXT NOT NULL,
|
||||
description TEXT,
|
||||
attachments TEXT,
|
||||
created_at INTEGER NOT NULL,
|
||||
last_updated_at INTEGER NOT NULL,
|
||||
FOREIGN KEY(payer_id) REFERENCES users(id)
|
||||
)`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = DB.Exec(`CREATE TABLE IF NOT EXISTS expense_shares(
|
||||
id TEXT PRIMARY KEY,
|
||||
expense_id TEXT NOT NULL,
|
||||
user_id TEXT NOT NULL,
|
||||
share_cents INTEGER NOT NULL,
|
||||
FOREIGN KEY(user_id) REFERENCES users(id)
|
||||
)`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = DB.Exec(`CREATE INDEX IF NOT EXISTS idx_shares_expense ON expense_shares(expense_id)`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = DB.Exec(`CREATE INDEX IF NOT EXISTS idx_shares_user ON expense_shares(user_id)`)
|
||||
return err
|
||||
}
|
||||
|
||||
// Expenses
|
||||
func AddExpense(expense *models.Expense) error {
|
||||
var attachmentsData interface{}
|
||||
if len(expense.Attachments) > 0 {
|
||||
jsonBytes, err := json.Marshal(expense.Attachments)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
attachmentsData = string(jsonBytes)
|
||||
} else {
|
||||
attachmentsData = nil
|
||||
}
|
||||
_, err := DB.Exec(`INSERT INTO expenses(id, payer_id, amount_cents, title, description, attachments, created_at, last_updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
|
||||
expense.ID,
|
||||
expense.PayerID,
|
||||
expense.Amount,
|
||||
expense.Title,
|
||||
expense.Description,
|
||||
attachmentsData,
|
||||
expense.CreatedAt,
|
||||
expense.LastUpdatedAt)
|
||||
return err
|
||||
}
|
||||
func UpdateExpense(expense *models.Expense) error {
|
||||
return nil
|
||||
}
|
||||
func DeleteExpense(expense *models.Expense) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// func GetExpenseById(id string) (models.Expense, error) {
|
||||
// return nil, nil
|
||||
// }
|
||||
func GetExpensesByUserId(userId string) ([]models.Expense, error) {
|
||||
return nil, nil
|
||||
}
|
||||
func GetAllExpenses() ([]models.Expense, error) {
|
||||
query := "SELECT * FROM expenses"
|
||||
rows, err := DB.Query(query)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
var expenses []models.Expense
|
||||
|
||||
for rows.Next() {
|
||||
var expense models.Expense
|
||||
var attachmentsJSON []byte
|
||||
|
||||
err := rows.Scan(&expense.ID, &expense.PayerID, &expense.Amount, &expense.Title, &expense.Description, &attachmentsJSON, &expense.CreatedAt, &expense.LastUpdatedAt)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if len(attachmentsJSON) > 0 {
|
||||
err := json.Unmarshal(attachmentsJSON, &expense.Attachments)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
expenses = append(expenses, expense)
|
||||
}
|
||||
if err = rows.Err(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return expenses, nil
|
||||
}
|
||||
|
||||
// Expense Shares
|
||||
func AddShare(share *models.ExpenseShare) error {
|
||||
_, err := DB.Exec("INSERT INTO expense_shares(id, expense_id, user_id, share_cents) VALUES (?, ?, ?, ?)",
|
||||
share.ID,
|
||||
share.ExpenseID,
|
||||
share.UserID,
|
||||
share.ShareCents)
|
||||
return err
|
||||
}
|
||||
func GetShareById(id string) (models.ExpenseShare, error) {
|
||||
row := DB.QueryRow("SELECT * FROM expense_shares WHERE id = ?", id)
|
||||
var share models.ExpenseShare
|
||||
err := row.Scan(&share.ID, &share.ExpenseID, &share.UserID, &share.ShareCents)
|
||||
return share, err
|
||||
}
|
||||
func GetSharesByExpenseId(id string) ([]models.ExpenseShare, error) {
|
||||
query := "SELECT * FROM expense_shares WHERE expense_id = ?"
|
||||
rows, err := DB.Query(query, id)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer rows.Close()
|
||||
|
||||
var shares []models.ExpenseShare
|
||||
|
||||
for rows.Next() {
|
||||
var share models.ExpenseShare
|
||||
|
||||
err := rows.Scan(&share.ID, &share.ExpenseID, &share.UserID, &share.ShareCents)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
shares = append(shares, share)
|
||||
}
|
||||
if err = rows.Err(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return shares, nil
|
||||
}
|
||||
|
||||
// Balances
|
||||
func ComputeBalance(userId string) (float64, error) {
|
||||
var balance float64
|
||||
query := `
|
||||
SELECT
|
||||
COALESCE(p.paid, 0) - COALESCE(s.shared, 0) AS balance
|
||||
FROM (SELECT ? AS id) u
|
||||
LEFT JOIN (
|
||||
SELECT payer_id, SUM(amount_cents) AS paid
|
||||
FROM expenses
|
||||
WHERE payer_id = ?
|
||||
GROUP BY payer_id
|
||||
) p ON u.id = p.payer_id
|
||||
LEFT JOIN (
|
||||
SELECT user_id, SUM(share_cents) AS shared
|
||||
FROM expense_shares
|
||||
WHERE user_id = ?
|
||||
GROUP BY user_id
|
||||
) s ON u.id = s.user_id`
|
||||
err := DB.QueryRow(query, userId, userId, userId).Scan(&balance)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return balance, nil
|
||||
}
|
||||
func ComputeWGBalance() (float64, error) {
|
||||
var balance float64
|
||||
query := `SELECT u.id AS user_id,
|
||||
COALESCE(p.paid_cents,0) - COALESCE(s.share_cents,0) AS balance_cents
|
||||
FROM users u
|
||||
LEFT JOIN (
|
||||
SELECT payer_id, SUM(amount_cents) AS paid_cents
|
||||
FROM expenses
|
||||
GROUP BY payer_id
|
||||
) p ON u.id = p.payer_id
|
||||
LEFT JOIN (
|
||||
SELECT es.user_id, SUM(es.share_cents) AS share_cents
|
||||
FROM expense_shares es
|
||||
JOIN expenses e ON es.expense_id = e.id
|
||||
GROUP BY es.user_id
|
||||
) s ON u.id = s.user_id)`
|
||||
err := DB.QueryRow(query).Scan(&balance)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return balance, nil
|
||||
}
|
||||
|
||||
// Users
|
||||
func AddUser(user models.User) error {
|
||||
func AddUser(user *models.User) error {
|
||||
_, err := DB.Exec("INSERT INTO users(id, username, password, role) VALUES (?, ?, ?, ?)", user.ID, strings.ToLower(user.Username), user.Password, user.Role)
|
||||
return err
|
||||
}
|
||||
@@ -76,7 +258,7 @@ func GetUserById(id string) (models.User, error) {
|
||||
}
|
||||
|
||||
// Refresh Tokens
|
||||
func AddRefreshToken(token models.RefreshToken) error {
|
||||
func AddRefreshToken(token *models.RefreshToken) error {
|
||||
_, err := DB.Exec("INSERT INTO refresh_tokens(id, user_id, token_hash, expires_at, created_at, revoked, device_info) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
||||
token.ID, token.UserID, token.Token, token.ExpiresAt, token.CreatedAt, token.Revoked, token.DeviceInfo)
|
||||
return err
|
||||
|
||||
@@ -5,6 +5,8 @@ import (
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"encoding/hex"
|
||||
"net/http"
|
||||
"shap-planner-backend/auth"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
@@ -31,3 +33,17 @@ func HashToken(token string) string {
|
||||
hash := sha256.Sum256([]byte(token))
|
||||
return hex.EncodeToString(hash[:])
|
||||
}
|
||||
func IsLoggedIn(w http.ResponseWriter, r *http.Request) (*auth.Claims, bool) {
|
||||
claimsRaw := r.Context().Value(auth.UserContextKey)
|
||||
if claimsRaw == nil {
|
||||
http.Error(w, "No claims in context", http.StatusUnauthorized)
|
||||
return nil, false
|
||||
}
|
||||
|
||||
claims, ok := claimsRaw.(*auth.Claims)
|
||||
if !ok {
|
||||
http.Error(w, "Invalid claims", http.StatusUnauthorized)
|
||||
return nil, false
|
||||
}
|
||||
return claims, true
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user