terrible no good massive refactor commit (oh yeah and built generic sessions for admin panel)

2025-01-23 00:37:19 +00:00 · 2025-01-23 00:37:19 +00:00 · 45f33b8b46
commit 45f33b8b46
parent cee99a6932
34 changed files with 740 additions and 654 deletions
--- a/controller/account.go
+++ b/controller/account.go
@ -2,8 +2,6 @@ package controller

 import (
 	"arimelody-web/model"
-	"errors"
-	"fmt"
 	"net/http"
 	"strings"

@ -21,7 +19,21 @@ func GetAllAccounts(db *sqlx.DB) ([]model.Account, error) {
    return accounts, nil
 }

-func GetAccount(db *sqlx.DB, username string) (*model.Account, error) {
+func GetAccountByID(db *sqlx.DB, id string) (*model.Account, error) {
+    var account = model.Account{}
+
+    err := db.Get(&account, "SELECT * FROM account WHERE id=$1", id)
+    if err != nil {
+        if strings.Contains(err.Error(), "no rows") {
+            return nil, nil
+        }
+        return nil, err
+    }
+
+    return &account, nil
+}
+
+func GetAccountByUsername(db *sqlx.DB, username string) (*model.Account, error) {
    var account = model.Account{}

    err := db.Get(&account, "SELECT * FROM account WHERE username=$1", username)
@ -49,12 +61,12 @@ func GetAccountByEmail(db *sqlx.DB, email string) (*model.Account, error) {
    return &account, nil
 }

-func GetAccountByToken(db *sqlx.DB, token string) (*model.Account, error) {
-    if token == "" { return nil, nil }
+func GetAccountBySession(db *sqlx.DB, sessionToken string) (*model.Account, error) {
+    if sessionToken == "" { return nil, nil }

    account := model.Account{}

-    err := db.Get(&account, "SELECT account.* FROM account JOIN token ON id=account WHERE token=$1", token)
+    err := db.Get(&account, "SELECT account.* FROM account JOIN token ON id=account WHERE token=$1", sessionToken)
    if err != nil {
        if strings.Contains(err.Error(), "no rows") {
            return nil, nil
@ -65,7 +77,7 @@ func GetAccountByToken(db *sqlx.DB, token string) (*model.Account, error) {
    return &account, nil
 }

-func GetTokenFromRequest(db *sqlx.DB, r *http.Request) string {
+func GetSessionFromRequest(db *sqlx.DB, r *http.Request) string {
    tokenStr := strings.TrimPrefix(r.Header.Get("Authorization"), "Bearer ")
    if len(tokenStr) > 0 {
        return tokenStr
@ -78,29 +90,6 @@ func GetTokenFromRequest(db *sqlx.DB, r *http.Request) string {
    return cookie.Value
 }

-func GetAccountByRequest(db *sqlx.DB, r *http.Request) (*model.Account, error) {
-    tokenStr := GetTokenFromRequest(db, r)
-
-    token, err := GetToken(db, tokenStr)
-    if err != nil {
-        if strings.Contains(err.Error(), "no rows") {
-            return nil, nil
-        }
-        return nil, errors.New("GetToken: " + err.Error())
-    }
-
-    // does user-agent match the token?
-    if r.UserAgent() != token.UserAgent {
-        // invalidate the token
-        DeleteToken(db, tokenStr)
-        fmt.Printf("WARN: Attempted use of token by unauthorised User-Agent (Expected `%s`, got `%s`)\n", token.UserAgent, r.UserAgent())
-        // TODO: log unauthorised activity to the user
-        return nil, errors.New("User agent mismatch")
-    }
-
-    return GetAccountByToken(db, tokenStr)
-}
-
 func CreateAccount(db *sqlx.DB, account *model.Account) error {
    err := db.Get(
        &account.ID,