Basic auth, delete posts via api, purge cache after post create / delete

2020-08-01 15:16:21 +02:00 · 2020-08-01 15:16:21 +02:00 · c69480a824
parent b2072fddd2
commit c69480a824
6 changed files with 97 additions and 17 deletions
--- a/api.go
+++ b/api.go
@ -23,3 +23,21 @@ func apiPostCreate(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Location", post.Path)
 	w.WriteHeader(http.StatusCreated)
 }
+
+func apiPostDelete(w http.ResponseWriter, r *http.Request) {
+	defer func() {
+		_ = r.Body.Close()
+	}()
+	post := &Post{}
+	err := json.NewDecoder(r.Body).Decode(post)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	err = deletePost(post)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
--- a/cache.go
+++ b/cache.go
@ -90,3 +90,14 @@ func saveCache(path string, now time.Time, header map[string][]string, body []by
 	_ = tx.Commit()
 	finishWritingToDb()
 }
+
+func purgeCache(path string) {
+	startWritingToDb()
+	tx, err := appDb.Begin()
+	if err != nil {
+		return
+	}
+	_, _ = tx.Exec("delete from cache where path=?", path)
+	_ = tx.Commit()
+	finishWritingToDb()
+}
--- a/config.go
+++ b/config.go
@ -2,7 +2,6 @@ package main

 import (
 	"github.com/spf13/viper"
-	"log"
 )

 type config struct {
@ -10,6 +9,7 @@ type config struct {
 	db     *configDb
 	cache  *configCache
 	blog   *configBlog
+	user   *configUser
 }

 type configServer struct {
@ -29,16 +29,23 @@ type configCache struct {
 // exposed to templates via function "blog"
 type configBlog struct {
 	// Language of the blog, e.g. "en" or "de"
-	Lang  string
+	Lang string
 	// Title of the blog, e.g. "My blog"
 	Title string
 }

+type configUser struct {
+	nick     string
+	name     string
+	password string
+}
+
 var appConfig = &config{
 	server: &configServer{},
 	db:     &configDb{},
 	cache:  &configCache{},
 	blog:   &configBlog{},
+	user:   &configUser{},
 }

 func initConfig() error {
@ -52,37 +59,36 @@ func initConfig() error {
 	serverLogging := "server.logging"
 	viper.SetDefault(serverLogging, false)
 	appConfig.server.logging = viper.GetBool(serverLogging)
-	logConfig(serverLogging, appConfig.server.logging)
 	serverPort := "server.port"
 	viper.SetDefault(serverPort, 8080)
 	appConfig.server.port = viper.GetInt(serverPort)
-	logConfig(serverPort, appConfig.server.port)
 	// Database
 	databaseFile := "database.file"
 	viper.SetDefault(databaseFile, "data/db.sqlite")
 	appConfig.db.file = viper.GetString(databaseFile)
-	logConfig(databaseFile, appConfig.db.file)
 	// Caching
 	cacheEnable := "cache.enable"
 	viper.SetDefault(cacheEnable, true)
 	appConfig.cache.enable = viper.GetBool(cacheEnable)
-	logConfig(cacheEnable, appConfig.cache.enable)
 	cacheExpiration := "cache.expiration"
 	viper.SetDefault(cacheExpiration, 600)
 	appConfig.cache.expiration = viper.GetInt64(cacheExpiration)
-	logConfig(cacheExpiration, appConfig.cache.expiration)
 	// Blog meta
 	blogLang := "blog.lang"
 	viper.SetDefault(blogLang, "en")
 	appConfig.blog.Lang = viper.GetString(blogLang)
-	logConfig(blogLang, appConfig.blog.Lang)
 	blogTitle := "blog.title"
 	viper.SetDefault(blogTitle, "My blog")
 	appConfig.blog.Title = viper.GetString(blogTitle)
-	logConfig(blogTitle, appConfig.blog.Title)
+	// User
+	userNick := "user.nick"
+	viper.SetDefault(userNick, "admin")
+	appConfig.user.nick = viper.GetString(userNick)
+	userName := "user.name"
+	viper.SetDefault(userName, "Admin")
+	appConfig.user.name = viper.GetString(userName)
+	userPassword := "user.password"
+	viper.SetDefault(userPassword, "secret")
+	appConfig.user.password = viper.GetString(userPassword)
 	return nil
 }
-
-func logConfig(key string, value interface{}) {
-	log.Println(key+":", value)
-}
--- a/example-config.yaml
+++ b/example-config.yaml
@ -8,4 +8,8 @@ cache:
  expiration: 600
 blog:
  lang: en
-  title: My blog
+  title: My blog
+user:
+  nick: admin
+  name: Admin
+  password: secret
--- a/http.go
+++ b/http.go
@ -72,8 +72,11 @@ func buildHandler() (http.Handler, error) {
 	r.Use(middleware.GetHead)

 	r.Route("/api", func(apiRouter chi.Router) {
-		// TODO: Auth
+		apiRouter.Use(middleware.BasicAuth("API", map[string]string{
+			appConfig.user.nick: appConfig.user.password,
+		}))
 		apiRouter.Post("/post", apiPostCreate)
+		apiRouter.Delete("/post", apiPostDelete)
 	})

 	allPostPaths, err := allPostPaths()
--- a/posts.go
+++ b/posts.go
@ -76,13 +76,21 @@ func allPostPaths() ([]string, error) {
 	return postPaths, nil
 }

-func createPost(post *Post) error {
+func checkPost(post *Post) error {
 	if post == nil {
-		return nil
+		return errors.New("no post")
 	}
 	if post.Path == "" || !strings.HasPrefix(post.Path, "/") {
 		return errors.New("wrong path")
 	}
+	return nil
+}
+
+func createPost(post *Post) error {
+	err := checkPost(post)
+	if err != nil {
+		return err
+	}
 	startWritingToDb()
 	tx, err := appDb.Begin()
 	if err != nil {
@ -105,5 +113,35 @@ func createPost(post *Post) error {
 		return err
 	}
 	finishWritingToDb()
+	go purgeCache(post.Path)
+	return reloadRouter()
+}
+
+func deletePost(post *Post) error {
+	err := checkPost(post)
+	if err != nil {
+		return err
+	}
+	startWritingToDb()
+	tx, err := appDb.Begin()
+	if err != nil {
+		return err
+	}
+	_, err = tx.Exec("delete from posts where path=?", post.Path)
+	if err != nil {
+		_ = tx.Rollback()
+		return err
+	}
+	_, err = tx.Exec("delete from post_parameters where path=?", post.Path)
+	if err != nil {
+		_ = tx.Rollback()
+		return err
+	}
+	err = tx.Commit()
+	if err != nil {
+		return err
+	}
+	finishWritingToDb()
+	go purgeCache(post.Path)
 	return reloadRouter()
 }