package api import ( "encoding/json" "fmt" "log" "net/http" authdiscord "example.com/auth/discord" configserver "example.com/config/server" databasecommands "example.com/database/commands" create "example.com/database/commands/create" get "example.com/database/commands/get" update "example.com/database/commands/update" function "example.com/database/function" functiontag "example.com/database/functiontag" group "example.com/database/group" databasemodels "example.com/database/models" "github.com/gin-gonic/gin" "github.com/xyproto/randomstring" "golang.org/x/oauth2" "gorm.io/gorm" ) var GlobalDatabase *gorm.DB var GlobalConfig configserver.AppConfig var GlobalOAuth *oauth2.Config // Private Functions // Authentication Workflow func AuthCallback(context *gin.Context) { oauthState := randomstring.CookieFriendlyString(32) context.Set("state", oauthState) var err error oauthToken, err := GlobalOAuth.Exchange(context.Request.Context(), context.Query("code")) if err != nil { context.Redirect(http.StatusInternalServerError, GlobalConfig.GetFrontendRootDomain()) } oauthTokenJSON, _ := json.Marshal(oauthToken) context.SetCookie("discord-oauthtoken", string(oauthTokenJSON), 0, "", GlobalConfig.API.Domain, false, false) context.Set("discord-oauthtoken", string(oauthTokenJSON)) CreateOrUpdateUser(context) context.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%sdashboard", GlobalConfig.GetFrontendRootDomain())) } func AuthLoginRedirect(context *gin.Context) { log.Println(GlobalOAuth.AuthCodeURL(context.GetString("state"))) context.Redirect(302, GlobalOAuth.AuthCodeURL(context.GetString("state"))) } func AuthLogoutRedirect(context *gin.Context) { oauthTokenJSON, err := context.Cookie("discord-oauthtoken") if err == nil { databasecommands.LogoutDatabaseUser(GlobalDatabase, oauthTokenJSON) context.SetCookie("discord-oauthtoken", "", -1, "", GlobalConfig.API.Domain, false, true) } else { log.Println(err) } context.Redirect(http.StatusTemporaryRedirect, GlobalConfig.GetFrontendRootDomain()) } // Create & Update Endpoints (post/, put/, patch) func CreateOrUpdateUser(context *gin.Context) { oauthTokenJSON := context.GetString("discord-oauthtoken") err := error(nil) if oauthTokenJSON == "" { oauthTokenJSON, err = context.Cookie("discord-oauthtoken") if err != nil { log.Printf("This really shouldn't happen. %s", err) context.AbortWithStatus(http.StatusInternalServerError) } } var oauthToken *oauth2.Token err = json.Unmarshal([]byte(oauthTokenJSON), &oauthToken) if err != nil { log.Println(err) context.AbortWithStatus(http.StatusBadRequest) } var currentDiscordUser authdiscord.DiscordUser currentDiscordUser.GetDiscordUser(context, oauthToken, GlobalConfig, GlobalOAuth) updatedDatabaseUser := databasemodels.User{ DisplayName: currentDiscordUser.Global_Name, Username: currentDiscordUser.Username, Id: currentDiscordUser.Id, Avatar: currentDiscordUser.Avatar, AvatarDecoration: currentDiscordUser.Avatar_Decoration_Data.Asset, LoginToken: string(oauthTokenJSON), LoggedIn: true, ApiKey: nil, } if get.GetDatabaseUserExists(GlobalDatabase, currentDiscordUser.Id) { dbOAuthToken := get.GetDatabaseUserToken(GlobalDatabase, currentDiscordUser.Id) if get.GetDatabaseUserLoggedInFromDiscordId(GlobalDatabase, currentDiscordUser.Id) { context.SetCookie("discord-oauthtoken", dbOAuthToken, 0, "", GlobalConfig.API.Domain, false, false) updatedDatabaseUser.LoginToken = string(dbOAuthToken) } else { context.SetCookie("discord-oauthtoken", string(oauthTokenJSON), 0, "", GlobalConfig.API.Domain, false, false) } err := update.UpdateDatabaseUser(GlobalDatabase, updatedDatabaseUser) if err != nil { log.Println(err) context.AbortWithStatus(http.StatusInternalServerError) } } else { err := create.CreateDatabaseUser(GlobalDatabase, updatedDatabaseUser) if err != nil { log.Println(err) context.Copy().AbortWithStatus(http.StatusInternalServerError) } } } func CreateDatabaseGroup(context *gin.Context) { GetIsUserAuthorized(context) isAuthorized := context.GetBool("is-authorized") if isAuthorized { name := context.Query("name") if name != "" { group.Group{Name: name}.Create(GlobalDatabase) context.Status(http.StatusOK) } else { context.AbortWithStatus(http.StatusBadRequest) } } else { context.AbortWithStatus(http.StatusUnauthorized) } } func CreateDatabaseFunction(context *gin.Context) { GetIsUserAuthorized(context) isAuthorized := context.GetBool("is-authorized") if isAuthorized { name, nameOk := context.GetQuery("name") tags, tagsOk := context.GetQueryArray("tags") requirements, requirementsOk := context.GetQueryArray("requirements") if nameOk { var newTags *[]functiontag.FunctionTag var newRequirements *[]function.Function if tagsOk { newTags = functiontag.Get(GlobalDatabase, tags) } if requirementsOk { newRequirements = function.Get(GlobalDatabase, requirements) } log.Printf("OKAY\nName: %s\nTags: %v\nRequirements: %v", name, *newTags, *newRequirements) function.Function{ Name: name, Tags: *newTags, Requirements: *newRequirements, }.Create(GlobalDatabase) context.Status(http.StatusOK) } else { context.AbortWithStatus(http.StatusBadRequest) } } else { context.AbortWithStatus(http.StatusUnauthorized) } } func CreateDatabaseFunctionTag(context *gin.Context) { GetIsUserAuthorized(context) isAuthorized := context.GetBool("is-authorized") log.Println(isAuthorized) if isAuthorized { name := context.Query("name") if name != "" { functiontag.FunctionTag{ Name: name, }.Create(GlobalDatabase) context.Status(http.StatusOK) } else { context.AbortWithStatus(http.StatusBadRequest) } } else { context.AbortWithStatus(http.StatusUnauthorized) } } // Read Endpoints (get/) func GetUserInfo(context *gin.Context) { oauthTokenJSON, err := context.Cookie("discord-oauthtoken") if err == nil { var oauthToken *oauth2.Token err := json.Unmarshal([]byte(oauthTokenJSON), &oauthToken) if err == nil { if oauthToken.Valid() { var user authdiscord.DiscordUser user.GetDiscordUser(context, oauthToken, GlobalConfig, GlobalOAuth) if get.GetDatabaseUserLoggedInFromDiscordId(GlobalDatabase, user.Id) { context.JSON(http.StatusOK, user) } else { context.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%slogout", GlobalConfig.GetAPIRootDomain())) } return } else { log.Println(err) context.AbortWithStatus(http.StatusBadRequest) } } else { log.Println(err) context.AbortWithStatus(http.StatusBadRequest) } } else { log.Println(err) context.AbortWithStatus(http.StatusBadRequest) } context.Redirect(http.StatusTemporaryRedirect, GlobalConfig.GetFrontendRootDomain()) } func GetIsUserAuthorized(context *gin.Context) { oauthTokenJSON, err := context.Cookie("discord-oauthtoken") if err == nil { var oauthToken *oauth2.Token err := json.Unmarshal([]byte(oauthTokenJSON), &oauthToken) if err == nil { if oauthToken.Valid() { if get.GetDatabaseUserLoggedIn(GlobalDatabase, oauthTokenJSON) { context.JSON(http.StatusOK, gin.H{ "message": true, }) context.Set("is-authorized", true) return } } } } context.JSON(http.StatusUnauthorized, gin.H{ "message": false, }) context.Set("is-authorized", false) } func GetDatabaseGroups(context *gin.Context) { groupNames, ok := context.GetQueryArray("groups") if ok { groups := group.Get(GlobalDatabase, groupNames) context.JSON(http.StatusOK, gin.H{ "groups": groups, }) } else { context.JSON(http.StatusOK, gin.H{ "groups": []group.Group{}, }) } } func GetAllDatabaseGroups(context *gin.Context) { groups := group.GetAll(GlobalDatabase) context.JSON(http.StatusOK, gin.H{ "groups": groups, }) } func GetDatabaseFunctions(context *gin.Context) { functionNames, ok := context.GetQueryArray("functions") if ok { functions := function.Get(GlobalDatabase, functionNames) context.JSON(http.StatusOK, gin.H{ "functions": functions, }) } else { context.JSON(http.StatusOK, gin.H{ "functions": function.Function{}, }) } } func GetAllDatabaseFunctions(context *gin.Context) { functions := function.GetAll(GlobalDatabase) context.JSON(http.StatusOK, gin.H{ "functions": functions, }) } func GetDatabaseFunctionTags(context *gin.Context) { functionTagNames, ok := context.GetQueryArray("functiontags") if ok { functionTags := functiontag.Get(GlobalDatabase, functionTagNames) context.JSON(http.StatusOK, gin.H{ "function_tags": functionTags, }) } else { context.JSON(http.StatusOK, gin.H{ "function_tags": []functiontag.FunctionTag{}, }) } } func GetAllDatabaseFunctionTags(context *gin.Context) { functionTags := functiontag.GetAll(GlobalDatabase) context.JSON(http.StatusOK, gin.H{ "function_tags": functionTags, }) } // Delete Endpoints (delete/)