Made some small adjustments to e7da8c9443

Removed hardcoded string
- Roles are not hardcoded anymore (closes #4)
2026-03-03 16:29:26 +01:00 · 2026-03-03 15:55:39 +01:00 · 2026-03-03 15:45:53 +01:00 · 2026-03-03 15:41:07 +01:00 · 2026-03-01 13:49:17 +01:00
8 changed files with 108 additions and 26 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 appdata
 .idea
 *.exe
-*.cmd
+*.cmd
 .run
--- a/config/config.go
+++ b/config/config.go
@@ -9,9 +9,11 @@ import (
 )
 type Config struct {
-	HouseholdName string `yaml:"household_name"`
+	HouseholdName   string `yaml:"household_name"`
-	Port          string `yaml:"port"`
+	Port            string `yaml:"port"`
-	DatabasePath  string `yaml:"database_path"`
+	DatabasePath    string `yaml:"database_path"`
 	CertificatePath string `yaml:"certificate_path"`
 	PrivateKeyPath  string `yaml:"private_key_path"`
 }
 const configPath = "./appdata/config.yaml"
@@ -33,9 +35,11 @@ func CheckIfExists() error {
 	}
 	defaultConfig := Config{
-		Port:          "8080",
+		Port:            "8080",
-		DatabasePath:  "./appdata/database.db",
+		DatabasePath:    "./appdata/database.db",
-		HouseholdName: "Example-Household",
+		HouseholdName:   "Example-Household",
 		CertificatePath: "./appdata/cert.pem",
 		PrivateKeyPath:  "./appdata/key.pem",
 	}
 	data, err := yaml.Marshal(defaultConfig)
--- a/handlers/account.go
+++ b/handlers/account.go
@@ -37,7 +37,7 @@ func Register(w http.ResponseWriter, r *http.Request) {
 	}
 	user.Password = hashed
 	user.ID = utils.GenerateUUID()
-	user.Role = "user"
+	user.Role = models.RoleUser
 	if err := storage.AddUser(&user); err != nil {
 		log.Println("POST [api/register] " + r.RemoteAddr + ": " + err.Error())
@@ -200,7 +200,13 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
 		return
 	}
-	accessToken, _ := auth.GenerateJWT(tokenRow.UserID, "", []byte(os.Getenv("SHAP_JWT_SECRET")))
+	user, err := storage.GetUserById(tokenRow.UserID)
 	if err != nil {
 		log.Println("POST [api/refresh] " + r.RemoteAddr + ": " + err.Error())
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}
 	accessToken, _ := auth.GenerateJWT(tokenRow.UserID, user.Role, []byte(os.Getenv("SHAP_JWT_SECRET")))
 	if err = json.NewEncoder(w).Encode(map[string]string{
 		"access_token":  accessToken,
@@ -210,4 +216,31 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}
 	log.Println("POST [api/refresh] " + r.RemoteAddr + ": Successfully refreshed token")
 }
 func UserInfo(w http.ResponseWriter, r *http.Request) {
 	if r.Method != http.MethodGet {
 		log.Println("GET [api/userinfo] " + r.RemoteAddr + ": Method " + r.Method + " not allowed")
 		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
 		return
 	}
 	query := r.URL.Query()
 	idParam := query.Get("id")
 	user, err := storage.GetUserById(idParam)
 	if err != nil {
 		log.Println("GET [api/userinfo] " + r.RemoteAddr + ": User " + idParam + " not found")
 		http.Error(w, "User not found", http.StatusNotFound)
 		return
 	}
 	w.Header().Set("Content-Type", "application/json")
 	err = json.NewEncoder(w).Encode(map[string]interface{}{
 		"id":         user.ID,
 		"name":       user.Username,
 		"avatar_url": nil,
 	})
 	if err != nil {
 		log.Println("GET [api/userinfo] " + r.RemoteAddr + ": " + err.Error())
 		return
 	}
 	log.Println("GET [api/userinfo] " + r.RemoteAddr + ": Successfully retrieved user info")
 }
--- a/handlers/expenses.go
+++ b/handlers/expenses.go
@@ -15,6 +15,18 @@ func Expenses(w http.ResponseWriter, r *http.Request) {
 	switch r.Method {
 	case http.MethodGet: // -> Get Expenses
 		expenses, err := storage.GetAllExpenses()
 		if err != nil {
 			log.Println("GET [api/expense] " + r.RemoteAddr + ": " + err.Error())
 			http.Error(w, "Something went wrong", http.StatusInternalServerError)
 			return
 		}
 		err = json.NewEncoder(w).Encode(expenses)
 		if err != nil {
 			log.Println("GET [api/expense] " + r.RemoteAddr + ": " + err.Error())
 			return
 		}
 		log.Println("GET [api/expense] " + r.RemoteAddr + ": Successfully retrieved expenses")
 		break
 	case http.MethodPost: // -> Create Expense
 		var body struct {
--- a/main.go
+++ b/main.go
@@ -7,17 +7,13 @@ import (
 )
 func main() {
-	var SERVER = server.InitServer()
+	var _server = server.InitServer()
-	err := storage.InitDB(SERVER.DatabasePath)
+	err := storage.InitDB(_server.DatabasePath)
 	if err != nil {
 		log.Fatal(err)
 		return
 	}
-	SERVER.Run()
+	_server.Run()
 }
 func Setup() {
 	//TODO: first configuration
 }
--- a/models/dbmodels.go
+++ b/models/dbmodels.go
@@ -24,3 +24,8 @@ type ExpenseShare struct {
 	UserID     string `json:"user_id"`
 	ShareCents int64  `json:"share_cents"`
 }
 const (
 	RoleUser  = "user"
 	RoleAdmin = "admin"
 )
--- a/server/server.go
+++ b/server/server.go
@@ -10,13 +10,13 @@ import (
 )
 type Server struct {
-	Port         string
+	Port            string
-	JWTSecret    []byte
+	JWTSecret       []byte
-	DatabasePath string
+	DatabasePath    string
 	CertificatePath string
 	PrivateKeyPath  string
 }
 var cfg, _ = config.LoadConfig()
 func InitServer() *Server {
 	err := config.CheckIfExists()
@@ -42,9 +42,11 @@ func InitServer() *Server {
 	}
 	return &Server{
-		Port:         cfg.Port,
+		Port:            cfg.Port,
-		JWTSecret:    []byte(jwtSecret),
+		JWTSecret:       []byte(jwtSecret),
-		DatabasePath: cfg.DatabasePath,
+		DatabasePath:    cfg.DatabasePath,
 		CertificatePath: cfg.CertificatePath,
 		PrivateKeyPath:  cfg.PrivateKeyPath,
 	}
 }
@@ -62,10 +64,11 @@ func (server *Server) Run() {
 	mux.Handle("/api/expenses", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.Expenses)))
 	mux.Handle("/api/balance", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.GetBalance)))
 	mux.Handle("/api/ping", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.TestHandler)))
 	mux.Handle("/api/userinfo", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.UserInfo)))
 	// Admin-only
 	mux.Handle("/api/admin", auth.AuthMiddleware(server.JWTSecret)(auth.RequireRole("admin")(http.HandlerFunc(handlers.AdminPanel))))
 	log.Printf("Listening on port %s", server.Port)
-	log.Fatal(http.ListenAndServe(":"+server.Port, mux))
+	log.Fatal(http.ListenAndServeTLS(":"+server.Port, server.CertificatePath, server.PrivateKeyPath, mux))
 }
--- a/storage/storage.go
+++ b/storage/storage.go
@@ -120,7 +120,35 @@ func GetExpensesByUserId(userId string) ([]models.Expense, error) {
 	return nil, nil
 }
 func GetAllExpenses() ([]models.Expense, error) {
-	return nil, nil
+	query := "SELECT * FROM expenses"
 	rows, err := DB.Query(query)
 	if err != nil {
 		return nil, err
 	}
 	defer rows.Close()
 	var expenses []models.Expense
 	for rows.Next() {
 		var expense models.Expense
 		var attachmentsJSON []byte
 		err := rows.Scan(&expense.ID, &expense.PayerID, &expense.Amount, &expense.Title, &expense.Description, &attachmentsJSON, &expense.CreatedAt, &expense.LastUpdatedAt)
 		if err != nil {
 			return nil, err
 		}
 		if len(attachmentsJSON) > 0 {
 			err := json.Unmarshal(attachmentsJSON, &expense.Attachments)
 			if err != nil {
 				return nil, err
 			}
 		}
 		expenses = append(expenses, expense)
 	}
 	if err = rows.Err(); err != nil {
 		return nil, err
 	}
 	return expenses, nil
 }
 // Expense Shares
Author	SHA1	Message	Date
Maurice L.	088d32984c	Made some small adjustments to `e7da8c9443`	2026-03-03 16:29:26 +01:00
Maurice L.	e7da8c9443	Removed hardcoded string - Roles are not hardcoded anymore (closes #4)	2026-03-03 15:55:39 +01:00
Maurice L.	0afd5bfc3a	Bugfix - Role is now again listed in jwt when retrieving new access token (closes #3)	2026-03-03 15:45:53 +01:00
Maurice L.	ef7ef3cf74	New Endpoint and security enhancement - Userinfo endpoint is now available - HTTPS is now required (closes #2)	2026-03-03 15:41:07 +01:00
Maurice L.	c75c405200	Added .run dir to .gitignore	2026-03-01 13:49:17 +01:00
 appdata
 .idea
 *.exe
 *.cmd
+.run