From f72b251afa9d3ca18c0ae940d2c731b2cd870f81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Pawlaczyk?= Date: Sun, 20 Jan 2019 09:49:00 +0000 Subject: [PATCH] =?UTF-8?q?Poprawki=20b=C5=82=C4=99d=C3=B3w?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main.go | 405 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 405 insertions(+) create mode 100644 main.go diff --git a/main.go b/main.go new file mode 100644 index 0000000..68d21bd --- /dev/null +++ b/main.go @@ -0,0 +1,405 @@ +package main + +import ( + "database/sql" + "encoding/base64" + "encoding/json" + "fmt" + "github.com/elgs/gosqljson" + _ "github.com/lib/pq" + _ "github.com/mattn/go-sqlite3" + "golang.org/x/crypto/bcrypt" + "net/http" + "strings" +) + +type registerStruct struct { + Login string `json:"login"` + Email string `json:"email"` + Password string `json:"password"` + +} + +type loginStruct struct{ + Login string `json:"login"` + Password string `json:"password"` +} + type dataStruct struct{ + TableName string `json:"tableName"` + RowData string `json:"rowData"` + } +type itemCheckStruct struct{ + TableName string `json:"tableName"` + TableRow string `json:"productName"` + IsCheck string `json:"isCheck"` +} +type tableNameStruct struct{ + TableName string `json:"tableName"` +} +type editRowStruct struct { + TableName string `json:"tableName"` + TableRow string `json:"rowData"` + NewTableRow string `json:"newRow"` +} + +func checkPassword (username string, password string) bool{ + + database, _ := sql.Open("sqlite3", "./users.db") + result := database.QueryRow("SELECT password FROM users WHERE login=?", username) + dbLogin := &loginStruct{} + err := result.Scan(&dbLogin.Password) + if err != nil { + panic(err) + return false + } + + if err = bcrypt.CompareHashAndPassword([]byte(dbLogin.Password), []byte(password)); err != nil{ + return false + } else{ + return true + } +} + +func register (writer http.ResponseWriter, request *http.Request) { + register := ®isterStruct{} + database, _ := sql.Open("sqlite3", "./users.db") + if request.Body == nil { + writer.WriteHeader(http.StatusBadRequest) + fmt.Println("Empty JSON") + return + } + err := json.NewDecoder(request.Body).Decode(register) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + fmt.Println("JSON Parse fail") + return + } + fmt.Println(register) + + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(register.Password), 8) + if _, err = database.Exec("INSERT INTO users VALUES (?, ?, ?)",register.Login, register.Email, string(hashedPassword)); err != nil { + writer.WriteHeader(http.StatusInternalServerError) + return + } + _, _ = sql.Open("sqlite3", "./"+register.Login+".db") + +} + +func login (writer http.ResponseWriter, request *http.Request) { + database, _ := sql.Open("sqlite3", "./users.db") + login := &loginStruct{} + err := json.NewDecoder(request.Body).Decode(login) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + + result := database.QueryRow("SELECT password FROM users WHERE login=?", login.Login) + dbLogin := &loginStruct{} + err = result.Scan(&dbLogin.Password) + if err != nil { + if err == sql.ErrNoRows{ + writer.WriteHeader(http.StatusUnauthorized) + return + } + writer.WriteHeader(http.StatusInternalServerError) + return + } + + if err = bcrypt.CompareHashAndPassword([]byte(dbLogin.Password), []byte(login.Password)); err != nil { + writer.WriteHeader(http.StatusUnauthorized) + } else{ + writer.WriteHeader(http.StatusOK) + } +} + +func main() { + + database, _ := sql.Open("sqlite3", "./users.db") + statement, _ := database.Prepare("CREATE TABLE IF NOT EXISTS users (login TEXT PRIMARY KEY, email TEXT, password TEXT)") + statement.Exec() + http.HandleFunc("/login", login) + http.HandleFunc("/register", register) + + http.HandleFunc("/addData", func(writer http.ResponseWriter, request *http.Request) { + + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &dataStruct{} + err = json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + fmt.Println(data) + _, err = database.Exec("CREATE TABLE IF NOT EXISTS " + data.TableName + " (product TEXT, isCheck TEXT)") + if err != nil { + panic(err) + } + _, err = database.Exec("INSERT INTO "+data.TableName+" VALUES (?,?)", data.RowData, "false") + if err != nil { + panic(err) + } + } else{ + writer.WriteHeader(http.StatusUnauthorized) + } + + + }) + + http.HandleFunc("/deleteData", func(writer http.ResponseWriter, request *http.Request) { + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &dataStruct{} + err := json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + fmt.Println(data) + + _, err = database.Exec("DELETE FROM "+data.TableName+" WHERE product = ?", data.RowData) + if err != nil { + panic(err) + } + } else { + writer.WriteHeader(http.StatusUnauthorized) + } + + }) + + http.HandleFunc("/updateData", func(writer http.ResponseWriter, request *http.Request) { + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &dataStruct{} + err := json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + + _, err = database.Exec("UPDATE "+data.TableName+" SET product = ? WHERE product = ?", data.RowData, data.RowData) + if err != nil { + panic(err) + } + } else{ + writer.WriteHeader(http.StatusUnauthorized) + } + + }) + http.HandleFunc("/deleteTable", func(writer http.ResponseWriter, request *http.Request) { + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &tableNameStruct{} + err := json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + fmt.Println(data) + _, err = database.Exec("DROP TABLE "+data.TableName) + if err != nil{ + panic(err) + } + } else{ + writer.WriteHeader(http.StatusUnauthorized) + } + + }) + http.HandleFunc("/addTable", func(writer http.ResponseWriter, request *http.Request) { + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &tableNameStruct{} + err := json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + fmt.Println(data) + + + _, err = database.Exec("CREATE TABLE IF NOT EXISTS " + data.TableName + " (product TEXT, isCheck TEXT)") + if err != nil{ + panic(err) + } + } else{ + writer.WriteHeader(http.StatusUnauthorized) + } + + + }) + + http.HandleFunc("/getTableName", func(writer http.ResponseWriter, request *http.Request) { + + + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + fmt.Println(username +":"+password) + + if checkPassword(username, password) { + database, err = sql.Open("sqlite3", "./"+username+".db") + + if err != nil { + writer.WriteHeader(http.StatusInternalServerError) + return + } + + m, _ := gosqljson.QueryDbToMapJSON(database, "lower", "SELECT name FROM sqlite_master WHERE type='table'") + writer.Header().Set("Content-Type", "application/json") + _, err = writer.Write([]byte(m)) + if err != nil{ + panic(err) + } + fmt.Println("Json send") + fmt.Println(m) + + } else{ + writer.WriteHeader(http.StatusUnauthorized) + } + }) + + http.HandleFunc("/getTableRows", func(writer http.ResponseWriter, request *http.Request) { + + urlTable := strings.Split(request.URL.RawQuery,":") + url := urlTable[0] + tableName := urlTable[1] + token, err := base64.StdEncoding.DecodeString(url) + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + fmt.Println(username +":"+password) + + if checkPassword(username, password) { + database, err = sql.Open("sqlite3", "./"+username+".db") + if err != nil { + writer.WriteHeader(http.StatusInternalServerError) + return + } + + m, _ := gosqljson.QueryDbToMapJSON(database, "lower", "SELECT * FROM "+tableName) + writer.Header().Set("Content-Type", "application/json") + _, err = writer.Write([]byte(m)) + if err != nil{ + panic(err) + } + fmt.Println("Json send") + fmt.Println(m) + + } else{ + writer.WriteHeader(http.StatusUnauthorized) + } + }) + + http.HandleFunc("/setItemCheck", func(writer http.ResponseWriter, request *http.Request) { + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &itemCheckStruct{} + err := json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + fmt.Println(data) + + _, err = database.Exec("UPDATE "+data.TableName+" SET isCheck = ? WHERE product = ?", data.IsCheck, data.TableRow) + if err != nil { + panic(err) + } + } else { + writer.WriteHeader(http.StatusUnauthorized) + } + + }) + + http.HandleFunc("/editData", func(writer http.ResponseWriter, request *http.Request) { + token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) + if err != nil{ + panic(err) + } + + decodeToken := strings.Split(string(token), ":") + username := decodeToken[0] + password := decodeToken[1] + + if checkPassword(username, password) { + database, _ = sql.Open("sqlite3", "./"+username+".db") + data := &editRowStruct{} + err := json.NewDecoder(request.Body).Decode(data) + if err != nil { + writer.WriteHeader(http.StatusBadRequest) + return + } + fmt.Println(data) + + _, err = database.Exec("UPDATE "+data.TableName+" SET product = ? WHERE product = ?", data.NewTableRow, data.TableRow) + if err != nil { + panic(err) + } + } else { + writer.WriteHeader(http.StatusUnauthorized) + } + + }) + + + http.ListenAndServe(":8080", nil) + +}