IAmChrisAMA
/
rogueserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Clean up recent API changes

oauth2
maru 2024-04-21 16:52:26 -04:00
parent 6acbb6448a
commit 4a017b0f32
No known key found for this signature in database
GPG Key ID: 37689350E9CD0F0D
2 changed files with 50 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
api/common.go
View File

@ -15,29 +15,7 @@ func Init() {
daily.Init() daily.Init()
} }
func getUsernameFromRequest(r *http.Request) (string, error) { func getTokenFromRequest(r *http.Request) ([]byte, error) {
if r.Header.Get("Authorization") == "" {
return "", fmt.Errorf("missing token")
}
token, err := base64.StdEncoding.DecodeString(r.Header.Get("Authorization"))
if err != nil {
return "", fmt.Errorf("failed to decode token: %s", err)
}
if len(token) != account.TokenSize {
return "", fmt.Errorf("invalid token length: got %d, expected %d", len(token), account.TokenSize)
}
username, err := db.FetchUsernameFromToken(token)
if err != nil {
return "", fmt.Errorf("failed to validate token: %s", err)
}
return username, nil
}
func getUUIDFromRequest(r *http.Request) ([]byte, error) {
if r.Header.Get("Authorization") == "" { if r.Header.Get("Authorization") == "" {
return nil, fmt.Errorf("missing token") return nil, fmt.Errorf("missing token")
} }
@ -51,6 +29,29 @@ func getUUIDFromRequest(r *http.Request) ([]byte, error) {
return nil, fmt.Errorf("invalid token length: got %d, expected %d", len(token), account.TokenSize) return nil, fmt.Errorf("invalid token length: got %d, expected %d", len(token), account.TokenSize)
} }
return token, nil
}
func getUsernameFromRequest(r *http.Request) (string, error) {
token, err := getTokenFromRequest(r)
if err != nil {
return "", err
}
username, err := db.FetchUsernameFromToken(token)
if err != nil {
return "", fmt.Errorf("failed to validate token: %s", err)
}
return username, nil
}
func getUUIDFromRequest(r *http.Request) ([]byte, error) {
token, err := getTokenFromRequest(r)
if err != nil {
return nil, err
}
uuid, err := db.FetchUUIDFromToken(token) uuid, err := db.FetchUUIDFromToken(token)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to validate token: %s", err) return nil, fmt.Errorf("failed to validate token: %s", err)

89
api/endpoints.go
View File

@ -189,76 +189,55 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
} }
var token []byte var token []byte
token, err = base64.StdEncoding.DecodeString(r.Header.Get("Authorization")) token, err = getTokenFromRequest(r)
if err != nil { if err != nil {
httpError(w, r, fmt.Errorf("failed to decode token: %s", err), http.StatusBadRequest) httpError(w, r, err, http.StatusBadRequest)
return return
} }
var active bool
if r.URL.Path == "/savedata/get" {
err = db.UpdateActiveSession(uuid, token)
if err != nil {
httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusBadRequest)
return
}
} else {
active, err = db.IsActiveSession(token)
if err != nil {
httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusBadRequest)
return
}
// TODO: make this not suck
if !active && r.URL.Path != "/savedata/clear"{
httpError(w, r, fmt.Errorf("session out of date"), http.StatusBadRequest)
return
}
}
switch r.URL.Path { switch r.URL.Path {
case "/savedata/get": case "/savedata/get":
err = db.UpdateActiveSession(uuid, token)
if err != nil {
httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusInternalServerError)
return
}
save, err = savedata.Get(uuid, datatype, slot) save, err = savedata.Get(uuid, datatype, slot)
case "/savedata/update": case "/savedata/update":
var token []byte
token, err = base64.StdEncoding.DecodeString(r.Header.Get("Authorization"))
if err != nil {
httpError(w, r, fmt.Errorf("failed to decode token: %s", err), http.StatusBadRequest)
return
}
var active bool
active, err = db.IsActiveSession(token)
if err != nil {
httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError)
return
}
if !active {
httpError(w, r, fmt.Errorf("session out of date"), http.StatusBadRequest)
return
}
err = savedata.Update(uuid, slot, save) err = savedata.Update(uuid, slot, save)
case "/savedata/delete": case "/savedata/delete":
var active bool
active, err = db.IsActiveSession(token)
if err != nil {
httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError)
return
}
if !active {
httpError(w, r, fmt.Errorf("session out of date"), http.StatusBadRequest)
return
}
err = savedata.Delete(uuid, datatype, slot) err = savedata.Delete(uuid, datatype, slot)
case "/savedata/clear": case "/savedata/clear":
var active bool if !active {
active, err = db.IsActiveSession(token) // TODO: make this not suck
if err != nil { save = savedata.ClearResponse{Error: "session out of date"}
httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError) break
return
} }
if active { s, ok := save.(defs.SessionSaveData)
s, ok := save.(defs.SessionSaveData) if !ok {
if !ok { err = fmt.Errorf("save data is not type SessionSaveData")
httpError(w, r, fmt.Errorf("save data is not type SessionSaveData"), http.StatusBadRequest) break
return
}
// doesn't return a save, but it works
save, err = savedata.Clear(uuid, slot, daily.Seed(), s)
} else {
var response savedata.ClearResponse
response.Error = "session out of date"
save = response
} }
// doesn't return a save, but it works
save, err = savedata.Clear(uuid, slot, daily.Seed(), s)
} }
if err != nil { if err != nil {
httpError(w, r, err, http.StatusInternalServerError) httpError(w, r, err, http.StatusInternalServerError)