func (r *Resource) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
reader, err := req.MultipartReader()
if err != nil {
return ctx.BadRequest(rw, c.T("media.uploadresource.could_not_upload_file"))
}
var tempFile *os.File
for {
part, err := reader.NextPart()
if err == io.EOF {
break
}
tempFile, err = ioutil.TempFile(os.TempDir(), "spa")
if err != nil {
return ctx.InternalServerError(rw, c.T("media.uploadresource.could_not_create_temp_file"))
}
defer tempFile.Close()
_, err = io.Copy(tempFile, part)
if err != nil {
break
}
}
return ctx.Created(rw, tempFile.Name())
}
func (r *Resource) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
vars := mux.Vars(req)
id := vars["id"]
db := c.Vars["db"].(*pg.Session)
// decode request data
var form = &struct {
Name string `json:"name"`
}{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("mediatype.api.could_not_parse_request"))
}
// get media type from database
var entity pg.Entity
entity, err = db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query media type id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("mediatype.api.could_not_query_media_type"))
}
mediatype := entity.(*Model)
// update the media type
mediatype.Name = form.Name
err = db.Update(mediatype)
if err != nil {
log.Errorf("Could not edit media type %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("mediatype.api.could_not_edit_media_type"))
}
return ctx.OK(rw, mediatype)
}
func (lc *Collection) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form = &struct {
Name string `json:"name"`
StaticURL string `json:"staticURL"`
StaticPath string `json:"staticPath"`
}{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("location.api.could_not_parse_request_data"))
}
// create new location
loc := &Model{
Name: form.Name,
StaticURL: form.StaticURL,
StaticPath: form.StaticPath,
}
err = db.Create(loc)
if err != nil {
log.Errorf("Could not create location %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("location.api.could_not_create_location"))
}
return ctx.Created(rw, loc)
}
func (r *Begin) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form struct {
Email string `json:"email"`
}
err := json.NewDecoder(req.Body).Decode(&form)
if err != nil {
return ctx.BadRequest(rw, c.T("reset.begin.could_not_query"))
}
// validate email address
if ok := regexp.MustCompile(cfg.Email.Regex).MatchString(form.Email); !ok {
return ctx.BadRequest(rw, c.T("reset.begin.invalid_email_address"))
}
// get user from database
var u *user.Model
u, err = user.GetByEmail(db, form.Email)
if err != nil {
return ctx.BadRequest(rw, c.T("reset.begin.user_not_found"))
}
go sendEmail(c, u)
return ctx.OK(rw, c.T("reset.begin.email_sent"))
}
func (r *Resource) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
vars := mux.Vars(req)
id := vars["id"]
db := c.Vars["db"].(*pg.Session)
// decode request data
var form = &struct {
Name string `json:"name"`
}{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("group.api.could_not_parse_request_data"))
}
// get group from database
var grp pg.Entity
grp, err = db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query group id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("group.api.could_not_query_group"))
}
// update the group
grp.(*Model).Name = form.Name
err = db.Update(grp)
if err != nil {
log.Errorf("Could not edit group %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("group.api.could_not_edit_group"))
}
return ctx.OK(rw, grp)
}
func (r *Collection) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form = &struct {
Name string `json:"name"`
}{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("mediatype.api.could_not_parse_request"))
}
// create new mediatype
mediatype := &Model{
Name: form.Name,
}
err = db.Create(mediatype)
if err != nil {
log.Errorf("Could not create media type %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("mediatype.api.could_not_create_media_type"))
}
return ctx.Created(rw, mediatype)
}
func (r *Resource) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
vars := mux.Vars(req)
id := vars["id"]
// decode request data
var form = &MediaForm{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_parse_request_data"))
}
// get location from database
loc, err := location.GetById(db, form.LocationId)
if err != nil {
log.Errorf("Could not locate the requested location: %s", err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_locate_requested_location"))
}
// get media type from database
mediatype, err := mediatype.GetById(db, form.MediatypeId)
if err != nil {
log.Errorf("Could not locate the requested media type: %s", err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_locate_requested_media_type"))
}
// move the uploaded file to the right place
var dstPath string
dstPath, err = mediaupload.MoveFile(loc, mediatype, form.Path)
if err != nil {
log.Errorf("Could not process the uploaded file: %s", err)
return ctx.InternalServerError(rw, c.T("media.mediaitemresource.could_not_process_uploaded_file"))
}
// get media from database
entity, err := db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query media id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_query_media"))
}
media := entity.(*Model)
// update the media
media.Name = form.Name
media.LocationId = form.LocationId
media.MediatypeId = form.MediatypeId
media.Path = dstPath
media.EncodeData(loc, mediatype)
err = db.Update(media)
if err != nil {
log.Errorf("Could not edit media %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_edit_media"))
}
return ctx.OK(rw, media)
}
func (r *Complete) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form struct {
Password string `json:"password"`
PasswordAgain string `json:"passwordAgain"`
ValidKey ValidKey `json:"validKey"`
}
err := json.NewDecoder(req.Body).Decode(&form)
if err != nil {
return ctx.BadRequest(rw, c.T("reset.complete.unable_to_change"))
}
// validate the passwords
if form.Password != form.PasswordAgain {
return ctx.BadRequest(rw, c.T("reset.complete.mismatch"))
}
// validate the key again
resetToken, err := getToken(db, form.ValidKey.Key)
if err != nil || !resetToken.Valid() {
return ctx.BadRequest(rw, c.T("reset.token.invalid_key"))
}
// get user from db
u, err := user.GetById(db, resetToken.UserId)
if err != nil {
return ctx.InternalServerError(rw, c.T("reset.complete.user_not_found"))
}
// encode user password
err = u.Password.Encode(form.Password)
if err != nil {
return ctx.InternalServerError(rw, c.T("reset.complete.could_not_change_password"))
}
// change user data in database
err = user.Update(db, u)
if err != nil {
return ctx.InternalServerError(rw, c.T("reset.complete.could_not_change_password"))
}
// invalidate token
err = updateToken(db, resetToken)
if err != nil {
log.Errorf("Unable to invalidate token: %s", err)
}
return ctx.OK(rw, u)
}
func (r *SignUp) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form struct {
FirstName string `json:"firstName"`
LastName string `json:"lastName"`
Email string `json:"email"`
Password string `json:"password"`
PasswordAgain string `json:"passwordAgain"`
}
err := json.NewDecoder(req.Body).Decode(&form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("user.signup.could_not_parse_request_data"))
}
// check whether the email address is already taken
_, err = user.GetByEmail(db, form.Email)
if err == nil {
return ctx.BadRequest(rw, c.T("user.signup.email_taken"))
} else if err != pg.ERecordNotFound {
log.Errorf("Could not query user: %s", err)
return ctx.InternalServerError(rw, c.T("user.signup.could_not_query_user"))
}
// password validation
if form.Password != form.PasswordAgain {
return ctx.BadRequest(rw, c.T("user.signup.passwords_mismatch"))
}
// create new user
u, err := user.Create(
db,
form.Email,
form.Password,
&user.UserJsonData{
FirstName: form.FirstName,
LastName: form.LastName,
},
)
if err != nil {
return ctx.InternalServerError(rw, c.T("user.signup.could_not_create_user"))
}
// return created user data
return ctx.Created(rw, u)
}
func (r *Collection) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form = &MediaForm{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_parse_request_data"))
}
// get location from database
loc, err := location.GetById(db, form.LocationId)
if err != nil {
log.Errorf("Could not locate the requested location: %s", err)
return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_locate_the_requested_location"))
}
// get media type from database
mt, err := mediatype.GetById(db, form.MediatypeId)
if err != nil {
log.Errorf("Could not locate the requested media type: %s", err)
return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_locate_the_requested_media_type"))
}
// move the uploaded file to the right place
var dstPath string
dstPath, err = mediaupload.MoveFile(loc, mt, form.Path)
if err != nil {
log.Errorf("Could not process the uploaded file: %s", err)
return ctx.InternalServerError(rw, c.T("media.mediaresource.could_not_process_uploaded_file"))
}
// create new media
media := &Model{
Name: form.Name,
MediatypeId: form.MediatypeId,
LocationId: form.LocationId,
Path: dstPath,
}
err = db.Create(media)
if err != nil {
log.Errorf("Could not create media %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_create_media"))
}
return ctx.Created(rw, media)
}
func (r *Collection) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
mediatypes, err := db.FindAll(&Model{}, "")
if err != nil {
log.Errorf("Query error: %v", err)
return ctx.BadRequest(rw, c.T("mediatype.api.could_not_query_media_type"))
}
return ctx.OK(rw, mediatypes)
}
func (lc *Collection) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
locations, err := db.FindAll(&Model{}, "")
if err != nil {
log.Errorf("Could not query locations: %v", err)
return ctx.BadRequest(rw, c.T("location.api.could_not_query_locations"))
}
return ctx.OK(rw, locations)
}
func (r *Collection) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
medias, err := db.FindAll(&Model{}, "")
if err != nil {
log.Errorf("Query error: %v", err)
return ctx.BadRequest(rw, c.T("media.mediaresource.query_error"))
}
return ctx.OK(rw, medias)
}
func (r *ValidateKey) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form struct {
Key string `json:"key"`
}
err := json.NewDecoder(req.Body).Decode(&form)
if err != nil {
return ctx.BadRequest(rw, c.T("reset.validate.unable_to_validate_key"))
}
resetToken, err := getToken(db, form.Key)
if err != nil || !resetToken.Valid() {
return ctx.BadRequest(rw, c.T("reset.validate.invalid_key"))
}
return ctx.OK(rw, ValidKey{resetToken.UserId, form.Key})
}
func (r *Resource) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
vars := mux.Vars(req)
id := vars["id"]
media, err := db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query media id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_query_media"))
}
return ctx.OK(rw, media)
}
func (r *Resource) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
vars := mux.Vars(req)
id := vars["id"]
db := c.Vars["db"].(*pg.Session)
grp, err := db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query group id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("group.api.could_not_query_group"))
}
return ctx.OK(rw, grp)
}
func (lr *Resource) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
vars := mux.Vars(req)
id := vars["id"]
db := c.Vars["db"].(*pg.Session)
// decode request data
var form = &struct {
Name string `json:"name"`
StaticURL string `json:"staticURL"`
StaticPath string `json:"staticPath"`
}{}
err := json.NewDecoder(req.Body).Decode(form)
if err != nil {
log.Errorf("Could not parse request data: %s", err)
return ctx.BadRequest(rw, c.T("location.api.could_not_parse_request_data"))
}
// get location from database
var entity pg.Entity
entity, err = db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query location id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("location.api.could_not_query_location"))
}
location := entity.(*Model)
// update the location
location.Name = form.Name
location.StaticURL = form.StaticURL
location.StaticPath = form.StaticPath
err = db.Update(location)
if err != nil {
log.Errorf("Could not edit location %s: %v", form.Name, err)
return ctx.BadRequest(rw, c.T("location.api.could_not_edit_location"))
}
return ctx.OK(rw, location)
}
func (r *SignIn) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form struct {
Email string `json:"email"`
Password string `json:"password"`
}
err := json.NewDecoder(req.Body).Decode(&form)
if err != nil {
return ctx.BadRequest(rw, c.T("user.signin.could_not_query"))
}
// validate email address
if ok := regexp.MustCompile(cfg.Email.Regex).MatchString(form.Email); !ok {
return ctx.BadRequest(rw, c.T("user.signin.invalid_email_address"))
}
// validate password length
if len(form.Password) == 0 {
return ctx.BadRequest(rw, c.T("user.signin.password_cannot_be_empty"))
}
// check user in database
var u *user.Model
u, err = user.GetByEmail(db, form.Email)
if err != nil {
return ctx.BadRequest(rw, c.T("user.signin.invalid_email_or_password"))
}
// check user password
if !u.Password.Valid(form.Password) {
return ctx.BadRequest(rw, c.T("user.signin.invalid_email_or_password"))
}
// generate new token
return token.Response(c, rw, token.New(u))
}
func (r *Profile) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// decode request data
var form struct {
Id null.Int `json:"id"`
Email string `json:"email"`
JsonData UserJsonData `json:"jsonData,omitempty"`
}
err := json.NewDecoder(req.Body).Decode(&form)
if err != nil {
return ctx.BadRequest(rw, c.T("user.me.could_not_decode_profile_data"))
}
// query user data
u, err := GetById(db, form.Id.Int64)
if err != nil {
log.Errorf("Could not query user: %v", err)
return ctx.InternalServerError(rw, c.T("user.me.could_not_query"))
}
// get the json data from user
jsonData, err := u.DecodeJsonData()
if err != nil {
return ctx.BadRequest(rw, c.T("user.me.could_not_decode_json_data"))
}
// update the user
u.Email = form.Email
jsonData.FirstName = form.JsonData.FirstName
jsonData.LastName = form.JsonData.LastName
u.JsonData.Encode(jsonData)
Update(db, u)
// return user data
return ctx.OK(rw, u)
}
func (r *Resource) DELETE(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
vars := mux.Vars(req)
id := vars["id"]
media, err := db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query media id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_query_media"))
}
err = db.Delete(media)
if err != nil {
log.Errorf("Could not delete media %s: %v", id, err)
return ctx.InternalServerError(rw, c.T("media.mediaitemresource.could_not_delete_media"))
}
return ctx.NoContent(rw)
}
func (r *Resource) DELETE(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
vars := mux.Vars(req)
id := vars["id"]
db := c.Vars["db"].(*pg.Session)
grp, err := db.FindOne(&Model{}, "id = $1", id)
if err != nil {
log.Errorf("Could not query group id %s: %v", id, err)
return ctx.BadRequest(rw, c.T("group.api.could_not_query_group"))
}
err = db.Delete(grp)
if err != nil {
log.Errorf("Could not delete group %s: %v", id, err)
return ctx.InternalServerError(rw, c.T("group.api.could_not_delete_group"))
}
return ctx.NoContent(rw)
}
func (r *Profile) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// get user id from current token
userId, found := c.Token.Claims["uid"]
if !found {
return ctx.BadRequest(rw, c.T("user.me.could_not_extract"))
}
// query user data
user, err := GetById(db, int64(userId.(float64)))
if err != nil {
log.Errorf("Could not query user: %v", err)
return ctx.InternalServerError(rw, c.T("user.me.could_not_query"))
}
// return user data
return ctx.OK(rw, user)
}
func (r *Renew) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
db := c.Vars["db"].(*pg.Session)
// get user id from the current token
userId, found := c.Token.Claims["uid"]
if !found {
return ctx.BadRequest(rw, c.T("user.token.could_not_extract"))
}
// check if user is still valid
user, err := user.GetById(db, int64(userId.(float64)))
if err != nil {
log.Errorf("Could not query user: %v", err)
return ctx.InternalServerError(rw, c.T("user.token.could_not_query"))
}
// generate new token
return Response(c, rw, New(user))
}
