learn-go/snippetbox/cmd/web/handlers.go

package main

import (
	"errors"
	"fmt"
	"net/http"
	"strconv"

	"github.com/julienschmidt/httprouter"
	"snippetbox.chaosfem.tw/internal/models"
	"snippetbox.chaosfem.tw/internal/validator"
)

// ping ...
func ping(w http.ResponseWriter, r *http.Request) {
	w.Write([]byte("OK"))
}

// home ...
func (app *application) home(w http.ResponseWriter, r *http.Request) {
	snippets, err := app.snippets.Latest()
	if err != nil {
		app.serverError(w, r, err)
		return
	}

	data := app.newTemplateData(r)
	data.Snippets = snippets

	app.render(w, r, http.StatusOK, "home.tmpl", data)
}

// snippetView ...
func (app *application) snippetView(w http.ResponseWriter, r *http.Request) {
	params := httprouter.ParamsFromContext(r.Context())

	id, err := strconv.Atoi(params.ByName("id"))
	if err != nil || id < 1 {
		app.notFound(w)
		return
	}

	snippet, err := app.snippets.Get(id)
	if err != nil || id < 1 {
		if errors.Is(err, models.ErrNoRecord) {
			app.notFound(w)
		} else {
			app.serverError(w, r, err)
		}
		return
	}

	data := app.newTemplateData(r)
	data.Snippet = snippet

	app.render(w, r, http.StatusOK, "view.tmpl", data)
}

// (app *application) snippetCreate ...
func (app *application) snippetCreate(w http.ResponseWriter, r *http.Request) {
	data := app.newTemplateData(r)

	data.Form = snippetCreateForm{
		Expires: 365,
	}

	app.render(w, r, http.StatusOK, "create.tmpl", data)
}

type snippetCreateForm struct {
	Title               string `form:"title"`
	Content             string `form:"content"`
	Expires             int    `form:"expires"`
	validator.Validator `form:"-"`
}

// snippetCreatePost ...
func (app *application) snippetCreatePost(w http.ResponseWriter, r *http.Request) {
	var form snippetCreateForm

	err := app.decodePostForm(r, &form)
	if err != nil {
		app.clientError(w, http.StatusBadRequest)
		return
	}

	form.CheckField(validator.NotBlank(form.Title), "title", "This field cannot be blank")
	form.CheckField(validator.MaxChars(form.Title, 100), "title", "This field cannot be more than 100 characters long")
	form.CheckField(validator.NotBlank(form.Content), "content", "This field cannot be blank")
	form.CheckField(validator.PermittedValue(form.Expires, 1, 7, 365), "expires", "This field must equal 1, 7 or 365")

	if !form.Valid() {
		data := app.newTemplateData(r)
		data.Form = form
		app.render(w, r, http.StatusUnprocessableEntity, "create.tmpl", data)
		return
	}

	id, err := app.snippets.Insert(form.Title, form.Content, form.Expires)
	if err != nil {
		app.serverError(w, r, err)
		return
	}

	app.sessionManager.Put(r.Context(), "flash", "Snippet successfully created!")

	http.Redirect(w, r, fmt.Sprintf("/snippet/view/%d", id), http.StatusSeeOther)
}

type userSignupForm struct {
	Username            string `form:"username"`
	Email               string `form:"email"`
	Password            string `form:"password"`
	validator.Validator `form:"-"`
}

// userSignup ...
func (app *application) userSignup(w http.ResponseWriter, r *http.Request) {
	data := app.newTemplateData(r)

	data.Form = userSignupForm{}

	app.render(w, r, http.StatusOK, "signup.tmpl", data)
}

// userSignupPost ...
func (app *application) userSignupPost(w http.ResponseWriter, r *http.Request) {
	var form userSignupForm

	err := app.decodePostForm(r, &form)
	if err != nil {
		app.clientError(w, http.StatusBadRequest)
		return
	}

	form.CheckField(validator.NotBlank(form.Username), "username", "This field cannot be blank")
	form.CheckField(validator.NotBlank(form.Email), "email", "This field cannot be blank")
	form.CheckField(validator.Matches(form.Email, validator.EmailRX), "email", "This field must be a valid email address")
	form.CheckField(validator.NotBlank(form.Password), "password", "This field cannot be blank")
	form.CheckField(validator.MinChars(form.Password, 8), "password", "This field must be at least 8 characters long")

	if !form.Valid() {
		data := app.newTemplateData(r)
		data.Form = form
		app.render(w, r, http.StatusUnprocessableEntity, "signup.tmpl", data)
		return
	}

	err = app.users.Insert(form.Username, form.Email, form.Password)
	if err != nil {
		if errors.Is(err, models.ErrDuplicateEmail) {
			form.AddFieldError("email", "Email address is already in use")

			data := app.newTemplateData(r)
			data.Form = form
			app.render(w, r, http.StatusUnprocessableEntity, "signup.tmpl", data)
		} else {
			app.serverError(w, r, err)
		}

		return
	}

	app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("Signup was successful (%s). Please log in.", form.Username))

	http.Redirect(w, r, "/", http.StatusSeeOther)
}

type userLoginForm struct {
	Email               string `form:"email"`
	Password            string `form:"password"`
	validator.Validator `form:"-"`
}

// userLogin ...
func (app *application) userLogin(w http.ResponseWriter, r *http.Request) {
	data := app.newTemplateData(r)

	data.Form = userLoginForm{}

	app.render(w, r, http.StatusOK, "login.tmpl", data)
}

// userLoginPost ...
func (app *application) userLoginPost(w http.ResponseWriter, r *http.Request) {
	var form userSignupForm

	err := app.decodePostForm(r, &form)
	if err != nil {
		app.clientError(w, http.StatusBadRequest)
		return
	}

	form.CheckField(validator.NotBlank(form.Email), "email", "This field cannot be blank")
	form.CheckField(validator.NotBlank(form.Password), "password", "This field cannot be blank")

	if !form.Valid() {
		data := app.newTemplateData(r)
		data.Form = form
		app.render(w, r, http.StatusUnprocessableEntity, "login.tmpl", data)
		return
	}

	userID, err := app.users.Authenticate(form.Email, form.Password)
	if err != nil {
		if errors.Is(err, models.ErrInvalidCredentials) {
			form.AddNonFieldError("Email or password is incorrect")

			data := app.newTemplateData(r)
			data.Form = form
			app.render(w, r, http.StatusUnprocessableEntity, "login.tmpl", data)
		} else {
			app.serverError(w, r, err)
		}
		return
	}
	err = app.sessionManager.RenewToken(r.Context())
	if err != nil {
		app.serverError(w, r, err)
		return
	}

	app.sessionManager.Put(r.Context(), "authenticatedUserID", userID)

	http.Redirect(w, r, "/", http.StatusSeeOther)
}

// userLoginPost ...
func (app *application) userLogoutPost(w http.ResponseWriter, r *http.Request) {
	err := app.sessionManager.RenewToken(r.Context())
	if err != nil {
		app.serverError(w, r, err)
		return
	}

	app.sessionManager.Remove(r.Context(), "authenticatedUserID")
	app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("You have been logged out."))

	http.Redirect(w, r, "/", http.StatusSeeOther)
}
lets-go:2.5 2024-01-22 21:25:34 +00:00			`package main`

			`import (`
lets-go:4-x 2024-01-25 20:41:08 +00:00			`"errors"`
lets-go:2.6 refactor app to go "Developing Modules" pattern https://go.dev/doc/modules/layout#server-project 2024-01-22 23:07:14 +00:00			`"fmt"`
lets-go:2.5 2024-01-22 21:25:34 +00:00			`"net/http"`
lets-go:2.6 refactor app to go "Developing Modules" pattern https://go.dev/doc/modules/layout#server-project 2024-01-22 23:07:14 +00:00			`"strconv"`
lets-go:4-x 2024-01-25 20:41:08 +00:00
lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`"github.com/julienschmidt/httprouter"`
lets-go:4-x 2024-01-25 20:41:08 +00:00			`"snippetbox.chaosfem.tw/internal/models"`
lets-go:8.5 validation helpers 2024-02-03 05:24:04 +00:00			`"snippetbox.chaosfem.tw/internal/validator"`
lets-go:2.5 2024-01-22 21:25:34 +00:00			`)`

lets-go:14.2 ping handler/test 2024-02-13 20:54:07 +00:00			`// ping ...`
			`func ping(w http.ResponseWriter, r *http.Request) {`
			`w.Write([]byte("OK"))`
			`}`

lets-go:2.5 2024-01-22 21:25:34 +00:00			`// home ...`
lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`func (app application) home(w http.ResponseWriter, r http.Request) {`
lets-go:4-x 2024-01-25 20:41:08 +00:00			`snippets, err := app.snippets.Latest()`
lets-go:2.7 nav 2024-01-23 19:19:53 +00:00			`if err != nil {`
lets-go:3.4 wrapping up chapter 3 with error and config refactors 2024-01-25 00:14:33 +00:00			`app.serverError(w, r, err)`
lets-go:2.7 nav 2024-01-23 19:19:53 +00:00			`return`
			`}`

lets-go:6.2 middleware 2024-01-25 23:43:07 +00:00			`data := app.newTemplateData(r)`
			`data.Snippets = snippets`
lets-go:5.2 home view 2024-01-25 22:08:58 +00:00
lets-go:5.4 2024-01-25 23:06:28 +00:00			`app.render(w, r, http.StatusOK, "home.tmpl", data)`
lets-go:2.5 2024-01-22 21:25:34 +00:00			`}`

			`// snippetView ...`
lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`func (app application) snippetView(w http.ResponseWriter, r http.Request) {`
			`params := httprouter.ParamsFromContext(r.Context())`

			`id, err := strconv.Atoi(params.ByName("id"))`
lets-go:2.6 refactor app to go "Developing Modules" pattern https://go.dev/doc/modules/layout#server-project 2024-01-22 23:07:14 +00:00			`if err != nil \|\| id < 1 {`
lets-go:3.4 wrapping up chapter 3 with error and config refactors 2024-01-25 00:14:33 +00:00			`app.notFound(w)`
lets-go:2.6 refactor app to go "Developing Modules" pattern https://go.dev/doc/modules/layout#server-project 2024-01-22 23:07:14 +00:00			`return`
			`}`

lets-go:4-x 2024-01-25 20:41:08 +00:00			`snippet, err := app.snippets.Get(id)`
			`if err != nil \|\| id < 1 {`
			`if errors.Is(err, models.ErrNoRecord) {`
			`app.notFound(w)`
			`} else {`
			`app.serverError(w, r, err)`
			`}`
			`return`
			`}`

lets-go:6.2 middleware 2024-01-25 23:43:07 +00:00			`data := app.newTemplateData(r)`
			`data.Snippet = snippet`
lets-go:5.1 templates 2024-01-25 21:41:06 +00:00
lets-go:5.4 2024-01-25 23:06:28 +00:00			`app.render(w, r, http.StatusOK, "view.tmpl", data)`
lets-go:2.5 2024-01-22 21:25:34 +00:00			`}`

lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`// (app *application) snippetCreate ...`
			`func (app application) snippetCreate(w http.ResponseWriter, r http.Request) {`
lets-go:8.2 create form 2024-01-26 06:31:27 +00:00			`data := app.newTemplateData(r)`

lets-go:8.4 form repopulation 2024-01-30 23:51:20 +00:00			`data.Form = snippetCreateForm{`
			`Expires: 365,`
			`}`

lets-go:8.2 create form 2024-01-26 06:31:27 +00:00			`app.render(w, r, http.StatusOK, "create.tmpl", data)`
lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`}`
lets-go:2.5 2024-01-22 21:25:34 +00:00
lets-go:8.4 form repopulation 2024-01-30 23:51:20 +00:00			`type snippetCreateForm struct {`
lets-go:11.4 login 2024-02-08 00:27:03 +00:00			Title string `form:"title"`
			Content string `form:"content"`
			Expires int `form:"expires"`
lets-go:8.6 form parsing 2024-02-07 00:46:46 +00:00			validator.Validator `form:"-"`
lets-go:8.4 form repopulation 2024-01-30 23:51:20 +00:00			`}`

lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`// snippetCreatePost ...`
			`func (app application) snippetCreatePost(w http.ResponseWriter, r http.Request) {`
lets-go:8.6 form parsing 2024-02-07 00:46:46 +00:00			`var form snippetCreateForm`
lets-go:8.2 create form 2024-01-26 06:31:27 +00:00
lets-go:8.6 form parsing 2024-02-07 00:46:46 +00:00			`err := app.decodePostForm(r, &form)`
lets-go:8.2 create form 2024-01-26 06:31:27 +00:00			`if err != nil {`
			`app.clientError(w, http.StatusBadRequest)`
			`return`
			`}`
lets-go:4-x 2024-01-25 20:41:08 +00:00
lets-go:8.5 validation helpers 2024-02-03 05:24:04 +00:00			`form.CheckField(validator.NotBlank(form.Title), "title", "This field cannot be blank")`
			`form.CheckField(validator.MaxChars(form.Title, 100), "title", "This field cannot be more than 100 characters long")`
			`form.CheckField(validator.NotBlank(form.Content), "content", "This field cannot be blank")`
			`form.CheckField(validator.PermittedValue(form.Expires, 1, 7, 365), "expires", "This field must equal 1, 7 or 365")`
lets-go:8.3 some validation 2024-01-26 06:57:49 +00:00
lets-go:8.5 validation helpers 2024-02-03 05:24:04 +00:00			`if !form.Valid() {`
lets-go:8.4 form repopulation 2024-01-30 23:51:20 +00:00			`data := app.newTemplateData(r)`
			`data.Form = form`
			`app.render(w, r, http.StatusUnprocessableEntity, "create.tmpl", data)`
lets-go:8.3 some validation 2024-01-26 06:57:49 +00:00			`return`
			`}`

lets-go:8.4 form repopulation 2024-01-30 23:51:20 +00:00			`id, err := app.snippets.Insert(form.Title, form.Content, form.Expires)`
lets-go:4-x 2024-01-25 20:41:08 +00:00			`if err != nil {`
			`app.serverError(w, r, err)`
			`return`
			`}`

lets-go:9.3 sessions 2024-02-07 05:37:06 +00:00			`app.sessionManager.Put(r.Context(), "flash", "Snippet successfully created!")`

lets-go:7.2 new route handler 2024-01-26 06:01:12 +00:00			`http.Redirect(w, r, fmt.Sprintf("/snippet/view/%d", id), http.StatusSeeOther)`
lets-go:2.5 2024-01-22 21:25:34 +00:00			`}`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00
			`type userSignupForm struct {`
lets-go:11.4 login 2024-02-08 00:27:03 +00:00			Username string `form:"username"`
			Email string `form:"email"`
			Password string `form:"password"`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00			validator.Validator `form:"-"`
			`}`

			`// userSignup ...`
			`func (app application) userSignup(w http.ResponseWriter, r http.Request) {`
			`data := app.newTemplateData(r)`

			`data.Form = userSignupForm{}`

			`app.render(w, r, http.StatusOK, "signup.tmpl", data)`
			`}`

lets-go:11.0 user login without peeking just the bones here, not authenticating at all yet. going ahead with the chapter now because i'm curious about the preferred way to authenticate; are we going to put this on `UserModel` or some other `internal` locale, or just in `helpers.go`? 2024-02-07 19:22:47 +00:00			`// userSignupPost ...`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00			`func (app application) userSignupPost(w http.ResponseWriter, r http.Request) {`
			`var form userSignupForm`

			`err := app.decodePostForm(r, &form)`
			`if err != nil {`
			`app.clientError(w, http.StatusBadRequest)`
			`return`
			`}`

			`form.CheckField(validator.NotBlank(form.Username), "username", "This field cannot be blank")`
lets-go:11.3 user signup 2024-02-07 23:15:54 +00:00			`form.CheckField(validator.NotBlank(form.Email), "email", "This field cannot be blank")`
			`form.CheckField(validator.Matches(form.Email, validator.EmailRX), "email", "This field must be a valid email address")`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00			`form.CheckField(validator.NotBlank(form.Password), "password", "This field cannot be blank")`
lets-go:11.3 user signup 2024-02-07 23:15:54 +00:00			`form.CheckField(validator.MinChars(form.Password, 8), "password", "This field must be at least 8 characters long")`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00
			`if !form.Valid() {`
			`data := app.newTemplateData(r)`
			`data.Form = form`
			`app.render(w, r, http.StatusUnprocessableEntity, "signup.tmpl", data)`
			`return`
			`}`

lets-go:11.3 signup with bcrypt 2024-02-07 23:54:12 +00:00			`err = app.users.Insert(form.Username, form.Email, form.Password)`
			`if err != nil {`
			`if errors.Is(err, models.ErrDuplicateEmail) {`
			`form.AddFieldError("email", "Email address is already in use")`

			`data := app.newTemplateData(r)`
			`data.Form = form`
			`app.render(w, r, http.StatusUnprocessableEntity, "signup.tmpl", data)`
			`} else {`
			`app.serverError(w, r, err)`
			`}`

			`return`
			`}`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00
lets-go:11.3 signup with bcrypt 2024-02-07 23:54:12 +00:00			`app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("Signup was successful (%s). Please log in.", form.Username))`
lets-go:11.0 user signup without peeking deliberately skipping salting and encrypting passwords at this point. intending to approach this in tandem with authenication. also starting to want db migrations, but trying not to get distracted. 2024-02-07 19:07:29 +00:00
			`http.Redirect(w, r, "/", http.StatusSeeOther)`
			`}`
lets-go:11.0 user login without peeking just the bones here, not authenticating at all yet. going ahead with the chapter now because i'm curious about the preferred way to authenticate; are we going to put this on `UserModel` or some other `internal` locale, or just in `helpers.go`? 2024-02-07 19:22:47 +00:00
			`type userLoginForm struct {`
lets-go:11.4 login 2024-02-08 00:27:03 +00:00			Email string `form:"email"`
			Password string `form:"password"`
lets-go:11.0 user login without peeking just the bones here, not authenticating at all yet. going ahead with the chapter now because i'm curious about the preferred way to authenticate; are we going to put this on `UserModel` or some other `internal` locale, or just in `helpers.go`? 2024-02-07 19:22:47 +00:00			validator.Validator `form:"-"`
			`}`

			`// userLogin ...`
			`func (app application) userLogin(w http.ResponseWriter, r http.Request) {`
			`data := app.newTemplateData(r)`

			`data.Form = userLoginForm{}`

			`app.render(w, r, http.StatusOK, "login.tmpl", data)`
			`}`

			`// userLoginPost ...`
			`func (app application) userLoginPost(w http.ResponseWriter, r http.Request) {`
			`var form userSignupForm`

			`err := app.decodePostForm(r, &form)`
			`if err != nil {`
			`app.clientError(w, http.StatusBadRequest)`
			`return`
			`}`

lets-go:11.4 login 2024-02-08 00:27:03 +00:00			`form.CheckField(validator.NotBlank(form.Email), "email", "This field cannot be blank")`
lets-go:11.0 user login without peeking just the bones here, not authenticating at all yet. going ahead with the chapter now because i'm curious about the preferred way to authenticate; are we going to put this on `UserModel` or some other `internal` locale, or just in `helpers.go`? 2024-02-07 19:22:47 +00:00			`form.CheckField(validator.NotBlank(form.Password), "password", "This field cannot be blank")`

			`if !form.Valid() {`
			`data := app.newTemplateData(r)`
			`data.Form = form`
			`app.render(w, r, http.StatusUnprocessableEntity, "login.tmpl", data)`
			`return`
			`}`

lets-go:11.4 login 2024-02-08 00:27:03 +00:00			`userID, err := app.users.Authenticate(form.Email, form.Password)`
			`if err != nil {`
			`if errors.Is(err, models.ErrInvalidCredentials) {`
			`form.AddNonFieldError("Email or password is incorrect")`
lets-go:11.1 nav and fake auth 2024-02-07 20:40:54 +00:00
lets-go:11.4 login 2024-02-08 00:27:03 +00:00			`data := app.newTemplateData(r)`
			`data.Form = form`
			`app.render(w, r, http.StatusUnprocessableEntity, "login.tmpl", data)`
			`} else {`
			`app.serverError(w, r, err)`
			`}`
			`return`
			`}`
			`err = app.sessionManager.RenewToken(r.Context())`
			`if err != nil {`
			`app.serverError(w, r, err)`
			`return`
			`}`
lets-go:11.1 nav and fake auth 2024-02-07 20:40:54 +00:00
lets-go:11.4 login 2024-02-08 00:27:03 +00:00			`app.sessionManager.Put(r.Context(), "authenticatedUserID", userID)`
lets-go:11.0 user login without peeking just the bones here, not authenticating at all yet. going ahead with the chapter now because i'm curious about the preferred way to authenticate; are we going to put this on `UserModel` or some other `internal` locale, or just in `helpers.go`? 2024-02-07 19:22:47 +00:00
			`http.Redirect(w, r, "/", http.StatusSeeOther)`
			`}`
lets-go:11.0 very minimal first pass at logout curious why `http.Redirect` does POST here? because i haven't handled any user input? 2024-02-07 20:33:53 +00:00
			`// userLoginPost ...`
			`func (app application) userLogoutPost(w http.ResponseWriter, r http.Request) {`
lets-go:11.5 logout 2024-02-08 00:29:09 +00:00			`err := app.sessionManager.RenewToken(r.Context())`
			`if err != nil {`
			`app.serverError(w, r, err)`
			`return`
			`}`

			`app.sessionManager.Remove(r.Context(), "authenticatedUserID")`
			`app.sessionManager.Put(r.Context(), "flash", fmt.Sprintf("You have been logged out."))`
lets-go:11.0 very minimal first pass at logout curious why `http.Redirect` does POST here? because i haven't handled any user input? 2024-02-07 20:33:53 +00:00
			`http.Redirect(w, r, "/", http.StatusSeeOther)`
			`}`