package main import ( "database/sql" "encoding/base64" "encoding/json" "fmt" "github.com/elgs/gosqljson" _ "github.com/lib/pq" _ "github.com/mattn/go-sqlite3" "golang.org/x/crypto/bcrypt" "net/http" "strings" ) type registerStruct struct { Login string `json:"login"` Email string `json:"email"` Password string `json:"password"` } type loginStruct struct{ Login string `json:"login"` Password string `json:"password"` } type dataStruct struct{ TableName string `json:"tableName"` RowData string `json:"rowData"` } type itemCheckStruct struct{ TableName string `json:"tableName"` TableRow string `json:"productName"` IsCheck string `json:"isCheck"` } type tableNameStruct struct{ TableName string `json:"tableName"` } type editRowStruct struct { TableName string `json:"tableName"` TableRow string `json:"rowData"` NewTableRow string `json:"newRow"` } func checkPassword (username string, password string) bool{ database, _ := sql.Open("sqlite3", "./users.db") result := database.QueryRow("SELECT password FROM users WHERE login=?", username) dbLogin := &loginStruct{} err := result.Scan(&dbLogin.Password) if err != nil { panic(err) return false } if err = bcrypt.CompareHashAndPassword([]byte(dbLogin.Password), []byte(password)); err != nil{ return false } else{ return true } } func register (writer http.ResponseWriter, request *http.Request) { register := ®isterStruct{} database, _ := sql.Open("sqlite3", "./users.db") if request.Body == nil { writer.WriteHeader(http.StatusBadRequest) fmt.Println("Empty JSON") return } err := json.NewDecoder(request.Body).Decode(register) if err != nil { writer.WriteHeader(http.StatusBadRequest) fmt.Println("JSON Parse fail") return } fmt.Println(register) hashedPassword, err := bcrypt.GenerateFromPassword([]byte(register.Password), 8) if _, err = database.Exec("INSERT INTO users VALUES (?, ?, ?)",register.Login, register.Email, string(hashedPassword)); err != nil { writer.WriteHeader(http.StatusInternalServerError) return } _, _ = sql.Open("sqlite3", "./"+register.Login+".db") } func login (writer http.ResponseWriter, request *http.Request) { database, _ := sql.Open("sqlite3", "./users.db") login := &loginStruct{} err := json.NewDecoder(request.Body).Decode(login) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } result := database.QueryRow("SELECT password FROM users WHERE login=?", login.Login) dbLogin := &loginStruct{} err = result.Scan(&dbLogin.Password) if err != nil { if err == sql.ErrNoRows{ writer.WriteHeader(http.StatusUnauthorized) return } writer.WriteHeader(http.StatusInternalServerError) return } if err = bcrypt.CompareHashAndPassword([]byte(dbLogin.Password), []byte(login.Password)); err != nil { writer.WriteHeader(http.StatusUnauthorized) } else{ writer.WriteHeader(http.StatusOK) } } func main() { database, _ := sql.Open("sqlite3", "./users.db") statement, _ := database.Prepare("CREATE TABLE IF NOT EXISTS users (login TEXT PRIMARY KEY, email TEXT, password TEXT)") statement.Exec() http.HandleFunc("/login", login) http.HandleFunc("/register", register) http.HandleFunc("/addData", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &dataStruct{} err = json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } fmt.Println(data) _, err = database.Exec("CREATE TABLE IF NOT EXISTS " + data.TableName + " (product TEXT, isCheck TEXT)") if err != nil { panic(err) } _, err = database.Exec("INSERT INTO "+data.TableName+" VALUES (?,?)", data.RowData, "false") if err != nil { panic(err) } } else{ writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/deleteData", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &dataStruct{} err := json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } fmt.Println(data) _, err = database.Exec("DELETE FROM "+data.TableName+" WHERE product = ?", data.RowData) if err != nil { panic(err) } } else { writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/updateData", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &dataStruct{} err := json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } _, err = database.Exec("UPDATE "+data.TableName+" SET product = ? WHERE product = ?", data.RowData, data.RowData) if err != nil { panic(err) } } else{ writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/deleteTable", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &tableNameStruct{} err := json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } fmt.Println(data) _, err = database.Exec("DROP TABLE "+data.TableName) if err != nil{ panic(err) } } else{ writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/addTable", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &tableNameStruct{} err := json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } fmt.Println(data) _, err = database.Exec("CREATE TABLE IF NOT EXISTS " + data.TableName + " (product TEXT, isCheck TEXT)") if err != nil{ panic(err) } } else{ writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/getTableName", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] fmt.Println(username +":"+password) if checkPassword(username, password) { database, err = sql.Open("sqlite3", "./"+username+".db") if err != nil { writer.WriteHeader(http.StatusInternalServerError) return } m, _ := gosqljson.QueryDbToMapJSON(database, "lower", "SELECT name FROM sqlite_master WHERE type='table'") writer.Header().Set("Content-Type", "application/json") _, err = writer.Write([]byte(m)) if err != nil{ panic(err) } fmt.Println("Json send") fmt.Println(m) } else{ writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/getTableRows", func(writer http.ResponseWriter, request *http.Request) { urlTable := strings.Split(request.URL.RawQuery,":") url := urlTable[0] tableName := urlTable[1] token, err := base64.StdEncoding.DecodeString(url) decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] fmt.Println(username +":"+password) if checkPassword(username, password) { database, err = sql.Open("sqlite3", "./"+username+".db") if err != nil { writer.WriteHeader(http.StatusInternalServerError) return } m, _ := gosqljson.QueryDbToMapJSON(database, "lower", "SELECT * FROM "+tableName) writer.Header().Set("Content-Type", "application/json") _, err = writer.Write([]byte(m)) if err != nil{ panic(err) } fmt.Println("Json send") fmt.Println(m) } else{ writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/setItemCheck", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &itemCheckStruct{} err := json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } fmt.Println(data) _, err = database.Exec("UPDATE "+data.TableName+" SET isCheck = ? WHERE product = ?", data.IsCheck, data.TableRow) if err != nil { panic(err) } } else { writer.WriteHeader(http.StatusUnauthorized) } }) http.HandleFunc("/editData", func(writer http.ResponseWriter, request *http.Request) { token, err := base64.StdEncoding.DecodeString(request.URL.RawQuery) if err != nil{ panic(err) } decodeToken := strings.Split(string(token), ":") username := decodeToken[0] password := decodeToken[1] if checkPassword(username, password) { database, _ = sql.Open("sqlite3", "./"+username+".db") data := &editRowStruct{} err := json.NewDecoder(request.Body).Decode(data) if err != nil { writer.WriteHeader(http.StatusBadRequest) return } fmt.Println(data) _, err = database.Exec("UPDATE "+data.TableName+" SET product = ? WHERE product = ?", data.NewTableRow, data.TableRow) if err != nil { panic(err) } } else { writer.WriteHeader(http.StatusUnauthorized) } }) http.ListenAndServe(":8080", nil) }