Split into separate files, add authentication

5 years ago · f7b775cb38
parent a2e3f7c845
commit f7b775cb38
4 changed files with 100 additions and 51 deletions
--- a/db.go
+++ b/db.go
@ -0,0 +1,48 @@
+package main
+
+import (
+    "database/sql"
+    "time"
+    _ "github.com/mattn/go-sqlite3"
+    "log"
+)
+
+
+var db *sql.DB
+
+func initializeDatabase() {
+    dbo, err := sql.Open("sqlite3", "content")
+    if err != nil {
+        log.Fatal("couldn’t open database. exiting...")
+        return
+    }
+    db = dbo
+}
+
+func writeToDB(post BlogPost) {
+    stmt, _ := db.Prepare("INSERT INTO blogposts(author, title, content, time) VALUES (?, ?, ?, ?)")
+    stmt.Exec(post.Author, post.Title, post.Content, time.Now().Unix())
+}
+
+func readBlogpostsFromDB() []BlogPost {
+    res, err := db.Query("SELECT content, author, title, time from blogposts")
+    if err != nil {
+        log.Println("Error reading blogposts")
+        return make([]BlogPost, 0)
+    } else {
+        return resultToBlogposts(res)
+    }
+}
+
+func resultToBlogposts(res *sql.Rows) []BlogPost {
+    defer res.Close()
+    entries := make([]BlogPost, 0)
+    for res.Next() {
+        var content, author, title string
+        var timeInt int64
+        res.Scan(&content, &author, &title, &timeInt)
+        post := BlogPost{Content:content, Author:author, Title:title, Time:time.Unix(timeInt, 0)}
+        entries = append(entries, post)
+    }
+    return entries
+}
--- a/main.go
+++ b/main.go
@ -1,69 +1,24 @@
 package main

 import (
-    "net/http"
-    //"fmt"
-    "encoding/json"
-    "database/sql"
    "time"
-    _ "github.com/mattn/go-sqlite3"
-    "log"
+    //"fmt"
 )

 var messages []*string
-var db *sql.DB

 func main() {
-    dbo, err := sql.Open("sqlite3", "content")
-    if err != nil {
-        log.Fatal("couldn’t open database. exiting...")
-        return
-    } else {
-        db = dbo
-    }
+    initializeDatabase()
+    startServer()
    //listener, err = net.Listen("socket", "/tmp/
-    http.HandleFunc("/", get)
-    http.HandleFunc("/add", post)
-    log.Fatal(http.ListenAndServe(":12345", nil))
-}
-
-func writeToDB(post BlogPost) {
-    stmt, _ := db.Prepare("INSERT INTO blogposts(author, title, content, date) VALUES (?, ?, ?, ?)")
-    stmt.Exec(post.Author, post.Title, post.Content, time.Now().Format("2006-01-02"))
 }

 type BlogPost struct {
+    Id int64 `"id"`
    Content string `"content"`
    Title string `"title"`
    Author string `"author"`
    Secret string `"secret"`
+    Time time.Time `"time"`
 }

-func get(w http.ResponseWriter, r *http.Request) {
-    w.WriteHeader(http.StatusOK)
-    w.Write([]byte("response:\n"))
-    //stmt, _ := db.Prepare("SELECT content from blogposts")
-    //res, _ := stmt.Exec()
-    res, _ := db.Query("SELECT content from blogposts")
-    for _, e := range(resultToStrings(res)) {
-        w.Write([]byte(e + "\n"))
-    }
-}
-
-func post(w http.ResponseWriter, r *http.Request) {
-    var post BlogPost
-    json.NewDecoder(r.Body).Decode(&post)
-    messages = append(messages, &post.Content)
-    writeToDB(post)
-}
-
-func resultToStrings(res *sql.Rows) []string {
-    defer res.Close()
-    entries := make([]string, 0)
-    for res.Next() {
-        var e string
-        res.Scan(&e)
-        entries = append(entries, e)
-    }
-    return entries
-}
--- a/server.go
+++ b/server.go
@ -0,0 +1,46 @@
+package main
+
+import (
+    "net/http"
+    "encoding/json"
+    "log"
+    "encoding/hex"
+    "crypto/sha512"
+    "io"
+)
+
+func startServer() {
+    http.HandleFunc("/", get)
+    http.HandleFunc("/add", post)
+    log.Fatal(http.ListenAndServe(":12345", nil))
+}
+
+func get(w http.ResponseWriter, r *http.Request) {
+    w.WriteHeader(http.StatusOK)
+    w.Write([]byte("response:\n"))
+    for _, post := range readBlogpostsFromDB() {
+        w.Write([]byte(post.Content))
+    }
+}
+
+func post(w http.ResponseWriter, r *http.Request) {
+    var post BlogPost
+    json.NewDecoder(r.Body).Decode(&post)
+    if verifyPassword(post.Secret) {
+        messages = append(messages, &post.Content)
+        writeToDB(post)
+        w.WriteHeader(http.StatusCreated)
+    } else {
+        w.WriteHeader(http.StatusForbidden)
+    }
+}
+
+func hash(pass string) string {
+    h := sha512.New()
+    io.WriteString(h, pass)
+    return hex.EncodeToString(h.Sum(nil))
+}
+
+func verifyPassword(pass string) bool {
+    return hash(pass) == "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429080fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1"
+}
--- a/test.sh
+++ b/test.sh
@ -5,5 +5,5 @@ else
    msg="$1"
 fi

-curl localhost:12345/add -d "{\"content\": \"$msg\", \"Title\": \"title\", \"Secret\": \"asdawdwd\", \"author\": \"me\"}" -H "Content-Type: application/json" -v
+curl localhost:12345/add -d "{\"content\": \"$msg\", \"Title\": \"title\", \"Secret\": \"asdf\", \"author\": \"me\"}" -H "Content-Type: application/json" -v