406 lines
10 KiB
Go
406 lines
10 KiB
Go
|
package main
|
||
|
|
||
|
import (
|
||
|
"database/sql"
|
||
|
"encoding/base64"
|
||
|
"encoding/json"
|
||
|
"fmt"
|
||
|
"github.com/elgs/gosqljson"
|
||
|
_ "github.com/lib/pq"
|
||
|
_ "github.com/mattn/go-sqlite3"
|
||
|
"golang.org/x/crypto/bcrypt"
|
||
|
"net/http"
|
||
|
"strings"
|
||
|
)
|
||
|
|
||
|
type registerStruct struct {
|
||
|
Login string `json:"login"`
|
||
|
Email string `json:"email"`
|
||
|
Password string `json:"password"`
|
||
|
|
||
|
}
|
||
|
|
||
|
type loginStruct struct{
|
||
|
Login string `json:"login"`
|
||
|
Password string `json:"password"`
|
||
|
}
|
||
|
type dataStruct struct{
|
||
|
TableName string `json:"tableName"`
|
||
|
RowData string `json:"rowData"`
|
||
|
}
|
||
|
type itemCheckStruct struct{
|
||
|
TableName string `json:"tableName"`
|
||
|
TableRow string `json:"productName"`
|
||
|
IsCheck string `json:"isCheck"`
|
||
|
}
|
||
|
type tableNameStruct struct{
|
||
|
TableName string `json:"tableName"`
|
||
|
}
|
||
|
type editRowStruct struct {
|
||
|
TableName string `json:"tableName"`
|
||
|
TableRow string `json:"rowData"`
|
||
|
NewTableRow string `json:"newRow"`
|
||
|
}
|
||
|
|
||
|
func checkPassword (username string, password string) bool{
|
||
|
|
||
|
database, _ := sql.Open("sqlite3", "./users.db")
|
||
|
result := database.QueryRow("SELECT password FROM users WHERE login=?", username)
|
||
|
dbLogin := &loginStruct{}
|
||
|
err := result.Scan(&dbLogin.Password)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
if err = bcrypt.CompareHashAndPassword([]byte(dbLogin.Password), []byte(password)); err != nil{
|
||
|
return false
|
||
|
} else{
|
||
|
return true
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func register (writer http.ResponseWriter, request *http.Request) {
|
||
|
register := ®isterStruct{}
|
||
|
database, _ := sql.Open("sqlite3", "./users.db")
|
||
|
if request.Body == nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
fmt.Println("Empty JSON")
|
||
|
return
|
||
|
}
|
||
|
err := json.NewDecoder(request.Body).Decode(register)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
fmt.Println("JSON Parse fail")
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(register)
|
||
|
|
||
|
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(register.Password), 8)
|
||
|
if _, err = database.Exec("INSERT INTO users VALUES (?, ?, ?)",register.Login, register.Email, string(hashedPassword)); err != nil {
|
||
|
writer.WriteHeader(http.StatusInternalServerError)
|
||
|
return
|
||
|
}
|
||
|
_, _ = sql.Open("sqlite3", "./"+register.Login+".db")
|
||
|
|
||
|
}
|
||
|
|
||
|
func login (writer http.ResponseWriter, request *http.Request) {
|
||
|
database, _ := sql.Open("sqlite3", "./users.db")
|
||
|
login := &loginStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(login)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
result := database.QueryRow("SELECT password FROM users WHERE login=?", login.Login)
|
||
|
dbLogin := &loginStruct{}
|
||
|
err = result.Scan(&dbLogin.Password)
|
||
|
if err != nil {
|
||
|
if err == sql.ErrNoRows{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
return
|
||
|
}
|
||
|
writer.WriteHeader(http.StatusInternalServerError)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
if err = bcrypt.CompareHashAndPassword([]byte(dbLogin.Password), []byte(login.Password)); err != nil {
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusOK)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func main() {
|
||
|
|
||
|
database, _ := sql.Open("sqlite3", "./users.db")
|
||
|
statement, _ := database.Prepare("CREATE TABLE IF NOT EXISTS users (login TEXT PRIMARY KEY, email TEXT, password TEXT)")
|
||
|
statement.Exec()
|
||
|
http.HandleFunc("/login", login)
|
||
|
http.HandleFunc("/register", register)
|
||
|
|
||
|
http.HandleFunc("/addData", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &dataStruct{}
|
||
|
err = json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(data)
|
||
|
_, err = database.Exec("CREATE TABLE IF NOT EXISTS " + data.TableName + " (product TEXT, isCheck TEXT)")
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
_, err = database.Exec("INSERT INTO "+data.TableName+" VALUES (?,?)", data.RowData, "false")
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
|
||
|
})
|
||
|
|
||
|
http.HandleFunc("/deleteData", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &dataStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(data)
|
||
|
|
||
|
_, err = database.Exec("DELETE FROM "+data.TableName+" WHERE product = ?", data.RowData)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
} else {
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
})
|
||
|
|
||
|
http.HandleFunc("/updateData", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &dataStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
_, err = database.Exec("UPDATE "+data.TableName+" SET product = ? WHERE product = ?", data.RowData, data.RowData)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
})
|
||
|
http.HandleFunc("/deleteTable", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &tableNameStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(data)
|
||
|
_, err = database.Exec("DROP TABLE "+data.TableName)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
})
|
||
|
http.HandleFunc("/addTable", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &tableNameStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(data)
|
||
|
|
||
|
|
||
|
_, err = database.Exec("CREATE TABLE IF NOT EXISTS " + data.TableName + " (product TEXT, isCheck TEXT)")
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
|
||
|
})
|
||
|
|
||
|
http.HandleFunc("/getTableName", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
|
||
|
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
fmt.Println(username +":"+password)
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, err = sql.Open("sqlite3", "./"+username+".db")
|
||
|
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusInternalServerError)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
m, _ := gosqljson.QueryDbToMapJSON(database, "lower", "SELECT name FROM sqlite_master WHERE type='table'")
|
||
|
writer.Header().Set("Content-Type", "application/json")
|
||
|
_, err = writer.Write([]byte(m))
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
fmt.Println("Json send")
|
||
|
fmt.Println(m)
|
||
|
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
})
|
||
|
|
||
|
http.HandleFunc("/getTableRows", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
|
||
|
urlTable := strings.Split(request.URL.RawQuery,":")
|
||
|
url := urlTable[0]
|
||
|
tableName := urlTable[1]
|
||
|
token, err := base64.StdEncoding.DecodeString(url)
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
fmt.Println(username +":"+password)
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, err = sql.Open("sqlite3", "./"+username+".db")
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusInternalServerError)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
m, _ := gosqljson.QueryDbToMapJSON(database, "lower", "SELECT * FROM "+tableName)
|
||
|
writer.Header().Set("Content-Type", "application/json")
|
||
|
_, err = writer.Write([]byte(m))
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
fmt.Println("Json send")
|
||
|
fmt.Println(m)
|
||
|
|
||
|
} else{
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
})
|
||
|
|
||
|
http.HandleFunc("/setItemCheck", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &itemCheckStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(data)
|
||
|
|
||
|
_, err = database.Exec("UPDATE "+data.TableName+" SET isCheck = ? WHERE product = ?", data.IsCheck, data.TableRow)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
} else {
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
})
|
||
|
|
||
|
http.HandleFunc("/editData", func(writer http.ResponseWriter, request *http.Request) {
|
||
|
token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery)
|
||
|
if err != nil{
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
decodeToken := strings.Split(string(token), ":")
|
||
|
username := decodeToken[0]
|
||
|
password := decodeToken[1]
|
||
|
|
||
|
if checkPassword(username, password) {
|
||
|
database, _ = sql.Open("sqlite3", "./"+username+".db")
|
||
|
data := &editRowStruct{}
|
||
|
err := json.NewDecoder(request.Body).Decode(data)
|
||
|
if err != nil {
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
return
|
||
|
}
|
||
|
fmt.Println(data)
|
||
|
|
||
|
_, err = database.Exec("UPDATE "+data.TableName+" SET product = ? WHERE product = ?", data.NewTableRow, data.TableRow)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
} else {
|
||
|
writer.WriteHeader(http.StatusUnauthorized)
|
||
|
}
|
||
|
|
||
|
})
|
||
|
|
||
|
|
||
|
http.ListenAndServe(":8080", nil)
|
||
|
|
||
|
}
|