// Make a handler out of HandlerWithBodyFunc, just like regular MakeHandler function.
func MakeHandlerWithBody(app *App, fn HandlerWithBodyFunc, spec Spec) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if err := parseForm(r); err != nil {
ReplyInternalError(w, fmt.Sprintf("Failed to parse request form: %v", err))
return
}
body, err := ioutil.ReadAll(r.Body)
if err != nil {
ReplyInternalError(w, fmt.Sprintf("Failed to read request body: %v", err))
return
}
start := time.Now()
response, err := fn(w, r, mux.Vars(r), body)
elapsedTime := time.Since(start)
var status int
if err != nil {
response, status = responseAndStatusFor(err)
} else {
status = http.StatusOK
}
log.Infof("Request(Status=%v, Method=%v, Path=%v, Form=%v, Time=%v, Error=%v)",
status, r.Method, r.URL, r.Form, elapsedTime, err)
app.stats.TrackRequest(spec.MetricName, status, elapsedTime)
Reply(w, response, status)
}
}
// GetVarSafe is a helper function that returns the requested variable from URI with allowSet
// providing input sanitization. If an error occurs, returns either a `MissingFieldError`
// or an `UnsafeFieldError`.
func GetVarSafe(r *http.Request, variableName string, allowSet AllowSet) (string, error) {
vars := mux.Vars(r)
variableValue, ok := vars[variableName]
if !ok {
return "", MissingFieldError{variableName}
}
err := allowSet.IsSafe(variableValue)
if err != nil {
return "", UnsafeFieldError{variableName, err.Error()}
}
return variableValue, nil
}