forked from mycoralhealth/healthtip-demo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
web.go
106 lines (86 loc) · 3.16 KB
/
web.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package main
import (
"database/sql"
"encoding/json"
"log"
"net/http"
"os"
"time"
"strings"
"github.com/gorilla/mux"
"github.com/rs/cors"
)
func run(dbCon *sql.DB) error {
httpAddr := os.Getenv("ADDR")
mux := makeMuxRouter(dbCon)
log.Println("Listening on ", httpAddr)
corsSites := strings.Split(os.Getenv("CROSS_ORIGIN"), ",")
log.Println("Cross origin sites set to: ", corsSites)
c := cors.New(cors.Options{
Debug: true,
AllowedHeaders: []string{"*"},
AllowedOrigins: corsSites,
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE"}, // Allowing GET, POST, PUT
})
s := &http.Server{
Addr: ":" + httpAddr,
Handler: c.Handler(mux),
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
}
if err := s.ListenAndServe(); err != nil {
return err
}
return nil
}
func makeMuxRouter(dbCon *sql.DB) http.Handler {
wrap := func(f func(w http.ResponseWriter, r *http.Request, dbCon *sql.DB)) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
f(w, r, dbCon)
}
}
apiAuth := func(f func(w http.ResponseWriter, r *http.Request, dbCon *sql.DB)) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
apiToken, err := getBasicAPIAuth(r)
if err != nil {
handleError(w, r, http.StatusUnauthorized, err.Error())
return
}
if err := checkAPIAuth(dbCon, apiToken); err != nil {
handleError(w, r, http.StatusUnauthorized, "Unauthorized")
return
}
f(w, r, dbCon)
}
}
muxRouter := mux.NewRouter()
muxRouter.HandleFunc("/users", wrap(handleWriteUser)).Methods("POST")
muxRouter.HandleFunc("/users", wrap(handleUpdateUser)).Methods("PUT")
muxRouter.HandleFunc("/login", wrap(handleLogin)).Methods("POST")
muxRouter.HandleFunc("/api/logout", apiAuth(handleLogout)).Methods("POST")
muxRouter.HandleFunc("/api/records", apiAuth(handleRecords)).Methods("GET")
muxRouter.HandleFunc("/api/records", apiAuth(handleRecords)).Methods("POST")
muxRouter.HandleFunc("/api/records/{id:[0-9]+}", apiAuth(handleSingleRecord)).Methods("GET")
muxRouter.HandleFunc("/api/records/{id:[0-9]+}", apiAuth(handleSingleRecord)).Methods("PUT")
muxRouter.HandleFunc("/api/records/{id:[0-9]+}/tip", apiAuth(handleRecordTip)).Methods("POST")
muxRouter.HandleFunc("/api/records/{id:[0-9]+}", apiAuth(handleSingleRecord)).Methods("DELETE")
muxRouter.HandleFunc("/resetPassword", wrap(handleResetPassword)).Methods("POST")
muxRouter.HandleFunc("/claimToken", wrap(handleClaimToken)).Methods("POST")
muxRouter.HandleFunc("/changePassword", apiAuth(handleChangePassword)).Methods("POST")
return muxRouter
}
func handleError(w http.ResponseWriter, r *http.Request, code int, message string) {
http.Error(w, message, code)
log.Println(r.Method, r.URL, ": HTTP", code, ": ", message)
}
func respondWithJSON(w http.ResponseWriter, r *http.Request, code int, payload interface{}) {
response, err := json.MarshalIndent(payload, "", " ")
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("HTTP 500: Internal Server Error"))
return
}
w.WriteHeader(code)
w.Write(response)
}