n8r/rluv-zerver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added authentication and shared notes endpoints

Browse Source
This commit is contained in:
Nathan Anderson 2023-07-27 01:23:10 -06:00
parent 81863ae912
commit cdabcf61f3
10 changed files with 1014 additions and 269 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
src/db/db.zig
View File

@ -31,15 +31,51 @@ pub const Db = struct {
self: *Db,
comptime Type: type,
allocator: Allocator,
comptime whereClause: []const u8,
comptime where_clause: []const u8,
values: anytype,
comptime limit: ?u32,
comptime order_by_field: ?[]const u8,
comptime order: ?[]const u8,
comptime limit: ?bool,
limit_val: ?u32,
) !?[]Type {
_ = limit;
comptime {
if (order == null and order_by_field != null or order != null and order_by_field == null) {
@compileError("Must provide both order and order_by or neither, with select " ++ where_clause);
}
if (order != null) {
if (!(std.mem.eql(u8, order.?, "DESC") or std.mem.eql(u8, order.?, "ASC"))) {
@compileError("Must use ASC or DESC for order_by, used: " ++ order.?);
}
}
if (!std.mem.containsAtLeast(u8, where_clause, 1, "?")) {
@compileError("where_clause missing '?', no possible values to insert " ++ where_clause);
}
// Check that where_clause only contains fields in struct
var query_objs_iter = std.mem.split(u8, where_clause, "?");
inline for (@typeInfo(@TypeOf(values)).Struct.fields) |struct_field| {
const name = struct_field.name;
const query_obj = query_objs_iter.next();
if (query_obj == null) {
@compileError("Query does not have enough clauses for passed in data: " ++ where_clause);
}
if (std.mem.containsAtLeast(u8, query_obj.?, 1, name)) {
continue;
} else {
@compileError("Missing field or messed up order in select:\n" ++ where_clause ++ "\n" ++ query_obj.?);
}
}
const last = query_objs_iter.next();
if (last != null and !std.mem.eql(u8, last.?, "")) {
@compileError("Values is lacking, query contains more ? than data provided: " ++ where_clause ++ "\nLeft with: " ++ last.?);
}
}
if (limit == null and limit_val != null or limit != null and limit_val == null) {
std.log.err("Must provide both limit and limit_val or neither, with select: {s}", .{where_clause});
return null;
}
var res_array: std.ArrayList(Type) = std.ArrayList(Type).init(allocator);
const query = "SELECT * FROM " ++ models.getTypeTableName(Type) ++ " " ++ whereClause ++ ";";
if (order_by_field == null and limit == null) {
const query = "SELECT * FROM " ++ models.getTypeTableName(Type) ++ " " ++ where_clause ++ ";";
var stmt = try self._sql_db.prepare(query);
defer stmt.deinit();
@ -47,6 +83,34 @@ pub const Db = struct {
while (try iter.nextAlloc(allocator, .{})) |row| {
try res_array.append(row);
}
} else if (order_by_field == null and limit != null) {
const query = "SELECT * FROM " ++ models.getTypeTableName(Type) ++ " " ++ where_clause ++ " LIMIT ?;";
var stmt = try self._sql_db.prepare(query);
defer stmt.deinit();
var iter = try stmt.iteratorAlloc(Type, allocator, utils.structConcatFields(values, .{ .limit = limit_val.? }));
while (try iter.nextAlloc(allocator, .{})) |row| {
try res_array.append(row);
}
} else if (order_by_field != null and limit == null) {
const query = "SELECT * FROM " ++ models.getTypeTableName(Type) ++ " " ++ where_clause ++ " ORDER BY " ++ order_by_field.? ++ " " ++ order.? ++ ";";
var stmt = try self._sql_db.prepare(query);
defer stmt.deinit();
var iter = try stmt.iteratorAlloc(Type, allocator, values);
while (try iter.nextAlloc(allocator, .{})) |row| {
try res_array.append(row);
}
} else {
const query = "SELECT * FROM " ++ models.getTypeTableName(Type) ++ " " ++ where_clause ++ " ORDER BY " ++ order_by_field.? ++ " " ++ order.? ++ " LIMIT ?;";
var stmt = try self._sql_db.prepare(query);
defer stmt.deinit();
var iter = try stmt.iteratorAlloc(Type, allocator, utils.structConcatFields(values, .{ .limit = limit_val.? }));
while (try iter.nextAlloc(allocator, .{})) |row| {
try res_array.append(row);
}
}
return try res_array.toOwnedSlice();
}
@ -57,6 +121,21 @@ pub const Db = struct {
}
pub fn selectOne(self: *Db, comptime Type: type, allocator: Allocator, comptime query: []const u8, values: anytype) !?Type {
comptime {
var query_objs_iter = std.mem.split(u8, query, "=");
inline for (@typeInfo(@TypeOf(values)).Struct.fields) |struct_field| {
const name = struct_field.name;
const query_obj = query_objs_iter.next();
if (query_obj == null) {
@compileError("Query does not have enough clauses for passed in data:\n" ++ "Type: " ++ @typeName(Type) ++ "\n" ++ query ++ "\n");
}
if (std.mem.containsAtLeast(u8, query_obj.?, 1, name)) {
continue;
} else {
@compileError("Missing field or messed up order in select:\n" ++ query ++ "\n" ++ query_obj.?);
}
}
}
const row = try self._sql_db.oneAlloc(Type, allocator, query, .{}, values);
// std.debug.print("{any}", .{row});
return row;
@ -72,9 +151,25 @@ pub const Db = struct {
}
pub fn insert(self: *Db, comptime Type: type, values: anytype) !void {
// TODO check there is an ID field
comptime {
const query = models.createInsertQuery(Type);
// const InsertType = utils.removeStructFields(Type, &[_]u8{0});
var query_objs_iter = std.mem.split(u8, query, ",");
inline for (@typeInfo(@TypeOf(values)).Struct.fields) |struct_field| {
const name = struct_field.name;
const query_obj = query_objs_iter.next();
if (query_obj == null) {
@compileError("Query does not have enough clauses for passed in data:\n" ++ "Type: " ++ @typeName(Type) ++ "\n" ++ query ++ "\n");
}
if (std.mem.containsAtLeast(u8, query_obj.?, 1, name)) {
continue;
} else {
@compileError("Missing field or messed up order in insert:\n" ++ query ++ "\n" ++ query_obj.? ++ "\n");
}
}
}
self._sql_db.exec(models.createInsertQuery(Type), .{}, values) catch |err| {
std.debug.print("Encountered error while inserting data:\n{any}\n\tQuery:{s}\n{any}\n", .{ values, models.createInsertQuery(Type), err });
std.debug.print("Encountered error while inserting data:\n\t{any}\nQuery:\t{s}\n{any}\n", .{ values, models.createInsertQuery(Type), err });
return err;
};
}

119
src/db/models.zig
View File

@ -1,5 +1,31 @@
const std = @import("std");
const utils = @import("../utils.zig");
// fn UniqueSQLType(comptime ValType: type) type {
// comptime {
// _ = switch (@typeInfo(ValType)) {
// .Int, .Float, .Pointer => true,
// else => {
// @compileError("An invalid type passed to unique sql contraint type: " ++ @typeName(ValType));
// },
// };
// }
// comptime {
// const t = switch (@typeInfo(ValType)) {
// .Int => @Type(.{ .Int = .{ .signedness = @typeInfo(ValType).Int.signedness, .bits = @typeInfo(ValType).Int.bits } }),
// .Float => @Type(.{ .Float = .{ .bits = @typeInfo(ValType).Float.bits } }),
// .Pointer => {
// const pt = @typeInfo(ValType).Pointer;
// // _ = std.fmt.comptimePrint("Pointer type info: {any}", .{pt});
// return @Type(.{ .Pointer = .{ .size = pt.size, .is_const = pt.is_const, .is_volatile = pt.is_volatile, .alignment = pt.alignment, .address_space = pt.address_space, .child = pt.child, .is_allowzero = pt.is_allowzero, .sentinel = pt.sentinel } });
// },
// else => unreachable,
// };
// return t;
// }
// // @setEvalBranchQuota(additional_fields.len * fields.len * 10);
// }
// pub const UniqueType = union(enum) { string: []const u8, real: f64 };
pub const Transaction = struct {
id: u32,
@ -7,7 +33,7 @@ pub const Transaction = struct {
type: []const u8,
memo: ?[]const u8,
budget_id: u32,
added_by_user_id: u32,
created_by_user_id: u32,
budget_category_id: ?u32,
date: u64,
created_at: u64,
@ -28,6 +54,7 @@ pub const BudgetCategory = struct {
pub const Budget = struct {
id: u32,
family_id: u32,
name: []const u8,
created_at: u64,
updated_at: u64,
@ -37,6 +64,9 @@ pub const Budget = struct {
pub const User = struct {
id: u32,
name: []const u8,
username: ?[]const u8,
email: ?[]const u8,
pass_hash: u32,
family_id: u32,
budget_id: u32,
created_at: u64,
@ -47,13 +77,45 @@ pub const User = struct {
pub const Family = struct {
id: u32,
budget_id: u32,
hide: u8,
code: ?[]const u8,
created_at: u64,
updated_at: u64,
hide: u8,
};
pub const ModelTypes = [5]type{ Transaction, BudgetCategory, Budget, User, Family };
pub const SharedNote = struct {
id: u32,
family_id: u32,
created_by_user_id: u32,
content: []const u8,
title: []const u8,
color: ?[]const u8,
tag_ids: []const u8,
is_markdown: u2,
created_at: u64,
updated_at: u64,
hide: u8,
};
pub const Tag = struct {
id: u32,
family_id: u32,
created_by_user_id: u32,
name: []const u8,
type: []const u8,
created_at: u64,
updated_at: u64,
hide: u8,
};
pub const Token = struct {
user_id: u32,
family_id: u32,
generated_at: u64,
expires_at: u64,
};
pub const ModelTypes = [_]type{ Transaction, BudgetCategory, Budget, User, Family, SharedNote, Tag };
/// Functions for creating SQLite queries for any models above
pub inline fn createSelectOnIdQuery(comptime Type: type) []const u8 {
@ -67,7 +129,11 @@ pub inline fn createSelectOnFieldQuery(
comptime comparator: []const u8,
) ![]const u8 {
comptime {
try std.testing.expect(fieldName == null and structField != null or fieldName != null and structField == null);
if (fieldName == null and structField == null) {
@compileError("Must provide struct and fieldname");
} else if (fieldName != null and structField != null) {
@compileError("Cannot provide struct and fieldname");
}
var field: []const u8 = undefined;
if (structField != null) {
field = structField.?;
@ -79,6 +145,19 @@ pub inline fn createSelectOnFieldQuery(
}
}
pub inline fn createRawSelectQuery(comptime Type: type, comptime where_query: []const u8) ![]const u8 {
comptime {
if (!std.mem.containsAtLeast(u8, where_query, 1, "WHERE")) {
@compileError("Provided where query does not contain 'WHERE' string: " ++ where_query);
}
if (!std.mem.endsWith(u8, where_query, ";")) {
@compileError("Where query does not end with semicolon: " ++ where_query);
}
var query = "SELECT * FROM " ++ getTypeTableName(Type) ++ " " ++ where_query;
return query;
}
}
pub inline fn createDeleteOnIdQuery(comptime Type: type) []const u8 {
return "DELETE from " ++ getTypeTableName(Type) ++ " WHERE id = ?;";
}
@ -89,14 +168,15 @@ pub inline fn createInsertQuery(comptime Type: type) []const u8 {
var qs: []const u8 = "?";
inline for (@typeInfo(Type).Struct.fields, 0..) |field, i| {
// This is brittle, assumes 'id' struct field is first
if (std.mem.eql(u8, field.name, "id")) {
continue;
}
if (i > 1) {
query = query ++ ", ";
qs = qs ++ ", ?";
}
if (i != 0) {
query = query ++ field.name;
}
}
query = query ++ ") VALUES (" ++ qs ++ ");";
return query;
}
@ -139,6 +219,11 @@ pub inline fn createTableMigrationQuery(comptime Type: type) []const u8 {
inline fn getSQLiteColumnMigrateText(comptime struct_field: std.builtin.Type.StructField) []const u8 {
comptime {
if (std.mem.eql(u8, struct_field.name, "id")) return "INTEGER PRIMARY KEY AUTOINCREMENT";
if (std.mem.eql(u8, @typeName(struct_field.type), "UniqueSQLType")) {
@compileLog(struct_field.type);
}
// _ = std.fmt.comptimePrint("Got type {any}", .{@typeInfo(struct_field.type)});
const val = switch (@typeInfo(struct_field.type)) {
.Int => "INTEGER NOT NULL",
.Float => "REAL NOT NULL",
@ -151,7 +236,14 @@ inline fn getSQLiteColumnMigrateText(comptime struct_field: std.builtin.Type.Str
},
.Array => "TEXT NOT NULL",
.Pointer => "TEXT NOT NULL",
else => unreachable,
// .Struct => {
// if (std.mem.eql(u8, @typeName(struct_field.type), "UniqueSQLString") or std.mem.eql(u8, @typeName(struct_field.type), "UniqueSQLString"))
// return "THIS";
// },
else => {
@compileError("Passed in a type that has no sql migration defined: " ++ @typeName(struct_field.type));
},
};
return val;
}
@ -165,7 +257,14 @@ pub inline fn getTypeTableName(comptime Type: type) []const u8 {
Budget => "budgets",
BudgetCategory => "budget_categories",
Family => "families",
else => unreachable,
SharedNote => "shared_notes",
Tag => "tags",
// Tag => "tags",
else => {
@compileError("Missing a table name, check to make sure that each model in the models list has a table name provided here.\n" ++ @typeName(Type));
// _ = std.fmt.comptimePrint("Missing a table name, check to make sure that each model in the models list has a table name provided here.\n{any}", .{ModelTypes});
// unreachable;
},
};
}
}

28
src/http_handler.zig
View File

@ -6,9 +6,11 @@ const ztime = @import(".deps/time.zig");
const utils = @import("utils.zig");
const budget = @import("routes/budget.zig");
const auth = @import("routes/auth.zig");
const user = @import("routes/user.zig");
const trans = @import("routes/transactions.zig");
const dash = @import("routes/dashboard.zig");
const note = @import("routes/shared_note.zig");
const Db = @import("db/db.zig").Db;
@ -35,22 +37,28 @@ pub fn startHttpServer() !void {
var router = server.router();
router.get("/user/:id", user.getUser);
router.put("/user", user.putUser);
router.delete("/user/:id", user.deleteUser);
router.post("/auth/login", user.login);
router.post("/auth/signup", user.signup);
router.get("/budget/:id", budget.getBudget);
router.put("/budget", budget.putBudget);
router.post("/budget", budget.postBudget);
// router.get("/user/:id", user.getUser);
router.put("/user", user.putUser);
// router.delete("/user/:id", user.deleteUser);
router.get("/shared_notes/:limit", note.getSharedNotes);
router.put("/shared_notes", note.putSharedNote);
router.post("/shared_notes", note.postSharedNote);
// router.get("/budget/:id", budget.getBudget);
// router.put("/budget", budget.putBudget);
// router.post("/budget", budget.postBudget);
router.put("/budget_category", budget.putBudgetCategory);
router.post("/budget_category", budget.postBudgetCategory);
router.get("/transactions/:budget_id", trans.getTransactions);
router.post("/transactions", trans.postTransaction);
router.put("/transactions", trans.putTransaction);
router.get("/dashboard/:family_id", dash.getDashboard);
router.get("/dashboard", dash.getDashboard);
std.debug.print("Starting http server listening on port {}\n", .{8081});
// start the server in the current thread, blocking.
@ -75,8 +83,8 @@ fn errorHandler(req: *httpz.Request, res: *httpz.Response, err: anyerror) void {
pub fn returnError(message: ?[]const u8, comptime statusCode: u16, res: *httpz.Response) void {
comptime {
if (statusCode < 300 or statusCode > 500) {
@compileError("Failed responses must have status codes between 300 and 500");
if (statusCode > 500 or statusCode < 200) {
@compileError("Failed responses must have status codes between 200 and 500");
}
}
res.status = statusCode;

90
src/routes/auth.zig
View File

@ -0,0 +1,90 @@
const std = @import("std");
const jwt = @import("../.deps/jwt.zig");
const httpz = @import("../.deps/http.zig/src/httpz.zig");
const models = @import("../db/models.zig");
const ztime = @import("../.deps/time.zig");
const handler = @import("../http_handler.zig");
const utils = @import("../utils.zig");
//TODO move these to env variables
const key = "aGVyZUlzQUdpYmVyaXNoS2V5ISE=";
pub const HASH_SEED: u64 = 6065983110;
pub const VerifyAuthError = error{
Unauthorized,
NotAuthenticated,
BadToken,
Expired,
};
pub fn verifyRequest(req: *httpz.Request, res: *httpz.Response, user_id: ?u32, family_id: ?u32) !models.Token {
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const coded_token = req.headers.get("token");
const now =
@bitCast(u64, std.time.milliTimestamp());
const date = ztime.DateTime.now();
const formatted_now = date.formatAlloc(allocator, "DD.MM.YYYY HH:mm:ss") catch "N/A";
const method = @tagName(req.method);
if (coded_token == null) {
handler.returnError("Unauthorized/NoToken", 401, res);
std.log.info("{s} {s} Unauthorized/NotAuthenticated - @ {s}\n", .{ method, req.url.query, formatted_now });
return VerifyAuthError.NotAuthenticated;
}
const token = jwt.validate(models.Token, allocator, .HS256, coded_token.?, .{ .key = key }) catch {
handler.returnError("Unauthorized", 401, res);
std.log.info("{s} {s} Unauthorized/BadToken - Token: {s} @ {s}\n", .{ method, req.url.raw, coded_token.?, formatted_now });
return VerifyAuthError.BadToken;
};
if (user_id != null and user_id.? != token.user_id or family_id != null and family_id.? != token.family_id) {
handler.returnError("Unauthorized", 401, res);
std.log.info("{s} {s} Unauthorized - User: {} Family: {any} @ {s}\n", .{ method, req.url.raw, token.user_id, token.family_id, formatted_now });
return VerifyAuthError.Unauthorized;
}
if (token.expires_at < now) {
std.log.info("{s} {s} Unauthorized/Expired - User: {} Family: {any} @ {s}\n", .{ method, req.url.raw, token.user_id, token.family_id, formatted_now });
handler.returnError("Credentials Expired", 403, res);
return VerifyAuthError.Expired;
}
std.log.info("{s} {s} Authorized - User: {} Family: {any} @ {s}\n", .{ method, req.url.raw, token.user_id, token.family_id, formatted_now });
return token;
}
pub fn generateToken(user: models.User) ![]const u8 {
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const now = @bitCast(u64, std.time.milliTimestamp());
var seven_days = ztime.DateTime.now();
seven_days = seven_days.addDays(7);
const token: models.Token = .{ .user_id = user.id, .family_id = user.family_id, .generated_at = now, .expires_at = seven_days.toUnixMilli() };
const encoded_token = try jwt.encode(allocator, .HS256, token, .{ .key = key });
std.log.info("Generated token for User {} @ {}", .{ user.id, now });
return encoded_token;
}
test {
var gpa = std.testing.allocator_instance;
const allocator = gpa.allocator();
const user = models.User{ .id = 1, .family_id = 1, .budget_id = 1, .name = "Billy", .created_at = 1, .updated_at = 1, .last_activity_at = 1, .hide = 0 };
const user_token = try generateToken(user);
// std.debug.print("user_token: {s}\n", .{user_token});
// var key = try std.testing.allocator.alloc(u8, try base64url.Decoder.calcSizeForSlice(key_base64));
// defer std.testing.allocator.free(key);
// try base64url.Decoder.decode(key, key_base64);
// std.debug.print("key: {s}\n", .{key});
// const user_token: models.Token = .{ .user_id = 1, .family_id = 1, .generated_at = @bitCast(u64, std.time.milliTimestamp()), .expires_at = @bitCast(u64, std.time.milliTimestamp()) };
// const coded_message = try jwt.encode(allocator, .HS256, user_token, .{ .key = key });
const decoded_message = try jwt.validate(models.Token, allocator, .HS256, user_token, .{ .key = key });
std.debug.print("user: {any}\nuser_token: {s}\ndecoded: {any}\n", .{ user, user_token, decoded_message });
}

238
src/routes/budget.zig
View File

@ -3,122 +3,123 @@ const httpz = @import("../.deps/http.zig/src/httpz.zig");
const models = @import("../db/models.zig");
const ztime = @import("../.deps/time.zig");
const utils = @import("../utils.zig");
const auth = @import("auth.zig");
const handler = @import("../http_handler.zig");
pub fn getBudget(req: *httpz.Request, res: *httpz.Response) !void {
const db = handler.getDb();
// pub fn getBudget(req: *httpz.Request, res: *httpz.Response) !void {
// const db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const id_str = req.param("id");
if (id_str == null) {
res.status = 400;
res.body = "Bad Request: No Id";
return;
}
const id = std.fmt.parseInt(u32, id_str.?, 0) catch {
res.status = 401;
res.body = "Bad Request: Bad Id";
return;
};
// var gpa = std.heap.GeneralPurposeAllocator(.{}){};
// const allocator = gpa.allocator();
// const id_str = req.param("id");
// if (id_str == null) {
// res.status = 400;
// res.body = "Bad Request: No Id";
// return;
// }
// const id = std.fmt.parseInt(u32, id_str.?, 0) catch {
// res.status = 401;
// res.body = "Bad Request: Bad Id";
// return;
// };
const budget = try db.selectOneById(models.Budget, allocator, id);
// const budget = try db.selectOneById(models.Budget, allocator, id);
if (budget == null) {
res.status = 404;
res.body = "Budget not found";
return;
}
// if (budget == null) {
// res.status = 404;
// res.body = "Budget not found";
// return;
// }
try res.json(budget.?, .{});
}
// try res.json(budget.?, .{});
// }
const BudgetPostReq = struct {
id: ?u32,
name: []const u8,
created_at: ?u64,
updated_at: ?u64,
hide: u8,
};
// const BudgetPostReq = struct {
// id: ?u32,
// family_id: u32,
// name: []const u8,
// created_at: ?u64,
// updated_at: ?u64,
// hide: u8,
// };
pub fn putBudget(req: *httpz.Request, res: *httpz.Response) !void {
var db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
// pub fn putBudget(req: *httpz.Request, res: *httpz.Response) !void {
// var db = handler.getDb();
// var gpa = std.heap.GeneralPurposeAllocator(.{}){};
// const allocator = gpa.allocator();
const body_data = req.json(models.Budget) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad Request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad Request: No Data", 400, res);
return;
}
var body = body_data.?;
// const body_data = req.json(models.Budget) catch |err| {
// std.debug.print("Malformed body: {any}\n", .{err});
// handler.returnError("Bad Request: Malformed Body", 400, res);
// return;
// };
// if (body_data == null) {
// handler.returnError("Bad Request: No Data", 400, res);
// return;
// }
// var body = body_data.?;
// Add Budget
const now = @intCast(u64, std.time.milliTimestamp());
// Update existing Budget
body.updated_at = now;
try db.updateById(models.Budget, body);
// // Add Budget
// const now = @intCast(u64, std.time.milliTimestamp());
// // Update existing Budget
// body.updated_at = now;
// try db.updateById(models.Budget, body);
const query = models.createSelectOnIdQuery(models.Transaction);
const updated_budget = try db.selectOne(models.Budget, allocator, query, .{ .id = body.id });
if (updated_budget) |budget| {
try handler.returnData(budget, res);
} else {
handler.returnError("Internal Server Error", 500, res);
}
return;
}
// const query = models.createSelectOnIdQuery(models.Transaction);
// const updated_budget = try db.selectOne(models.Budget, allocator, query, .{ .id = body.id });
// if (updated_budget) |budget| {
// try handler.returnData(budget, res);
// } else {
// handler.returnError("Internal Server Error", 500, res);
// }
// return;
// }
pub fn postBudget(req: *httpz.Request, res: *httpz.Response) !void {
comptime {
const putReqLen = @typeInfo(BudgetPostReq).Struct.fields.len;
const budgetLen = @typeInfo(models.Budget).Struct.fields.len;
if (putReqLen != budgetLen) {
@compileError(std.fmt.comptimePrint("BudgetPutReq does not equal Budget model struct, fields inconsistent", .{}));
}
}
// pub fn postBudget(req: *httpz.Request, res: *httpz.Response) !void {
// comptime {
// const putReqLen = @typeInfo(BudgetPostReq).Struct.fields.len;
// const budgetLen = @typeInfo(models.Budget).Struct.fields.len;
// if (putReqLen != budgetLen) {
// @compileError(std.fmt.comptimePrint("BudgetPostReq does not equal Budget model struct, fields inconsistent", .{}));
// }
// }
var db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
// var db = handler.getDb();
// var gpa = std.heap.GeneralPurposeAllocator(.{}){};
// const allocator = gpa.allocator();
const body_data = req.json(BudgetPostReq) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad request: No Data", 400, res);
return;
}
var body = body_data.?;
// const body_data = req.json(BudgetPostReq) catch |err| {
// std.debug.print("Malformed body: {any}\n", .{err});
// handler.returnError("Bad request: Malformed Body", 400, res);
// return;
// };
// if (body_data == null) {
// handler.returnError("Bad request: No Data", 400, res);
// return;
// }
// var body = body_data.?;
if (body.id != null) {
handler.returnError("Bad Request: ID", 400, res);
}
// Add Budget
const now = @intCast(u64, std.time.milliTimestamp());
// Create Budget
body.created_at = now;
body.updated_at = now;
// if (body.id != null) {
// handler.returnError("Bad Request: ID", 400, res);
// }
// // Add Budget
// const now = @intCast(u64, std.time.milliTimestamp());
// // Create Budget
// body.created_at = now;
// body.updated_at = now;
try db.insert(models.Budget, utils.removeStructFields(body, &[_]u8{0}));
// try db.insert(models.Budget, utils.removeStructFields(body, &[_]u8{0}));
// Get Budget
const query = try models.createSelectOnFieldQuery(models.Budget, null, "created_at", "=");
const updated_budget = try db.selectOne(models.Budget, allocator, query, .{ .created_at = body.created_at });
if (updated_budget) |budget| {
try handler.returnData(budget, res);
} else {
handler.returnError("Internal Server Error", 500, res);
}
return;
}
// // Get Budget
// const query = try models.createSelectOnFieldQuery(models.Budget, null, "created_at", "=");
// const updated_budget = try db.selectOne(models.Budget, allocator, query, .{ .created_at = body.created_at });
// if (updated_budget) |budget| {
// try handler.returnData(budget, res);
// } else {
// handler.returnError("Internal Server Error", 500, res);
// }
// return;
// }
const BudgetCatPostReq = struct {
id: ?u32,
@ -160,6 +161,16 @@ pub fn postBudgetCategory(req: *httpz.Request, res: *httpz.Response) !void {
handler.returnError("Bad request: ID", 400, res);
return;
}
const budget = try db.selectOneById(models.Budget, allocator, body.budget_id);
if (budget == null) {
handler.returnError("No budget found", 404, res);
}
_ = auth.verifyRequest(req, res, null, budget.?.family_id) catch {
return;
};
// Add Budget
const now = @intCast(u64, std.time.milliTimestamp());
// Create Budget
@ -170,15 +181,15 @@ pub fn postBudgetCategory(req: *httpz.Request, res: *httpz.Response) !void {
// Get Budget
const query = try models.createSelectOnFieldQuery(models.BudgetCategory, null, "created_at", "=");
const updated_budget = try db.selectOne(models.BudgetCategory, allocator, query, .{ .created_at = body.created_at });
if (updated_budget) |budget| {
try handler.returnData(budget, res);
} else {
const updated_budget_cat = try db.selectOne(models.BudgetCategory, allocator, query, .{ .created_at = body.created_at });
if (updated_budget_cat == null) {
std.debug.print("Could not find inserted budget", .{});
handler.returnError("Internal Server Error", 500, res);
}
return;
}
try handler.returnData(updated_budget_cat.?, res);
}
pub fn putBudgetCategory(req: *httpz.Request, res: *httpz.Response) !void {
var db = handler.getDb();
@ -196,6 +207,15 @@ pub fn putBudgetCategory(req: *httpz.Request, res: *httpz.Response) !void {
}
var budget_category = body_data.?;
const budget = try db.selectOneById(models.Budget, allocator, budget_category.budget_id);
if (budget == null) {
handler.returnError("No budget found", 404, res);
}
_ = auth.verifyRequest(req, res, null, budget.?.family_id) catch {
return;
};
const now = @intCast(u64, std.time.milliTimestamp());
// Update existing Budget
@ -203,12 +223,12 @@ pub fn putBudgetCategory(req: *httpz.Request, res: *httpz.Response) !void {
try db.updateById(models.BudgetCategory, budget_category);
const query = models.createSelectOnIdQuery(models.BudgetCategory);
const updated_budget = try db.selectOne(models.BudgetCategory, allocator, query, .{ .id = budget_category.id });
if (updated_budget) |budget| {
try handler.returnData(budget, res);
} else {
const updated_budget_cat = try db.selectOne(models.BudgetCategory, allocator, query, .{ .id = budget_category.id });
if (updated_budget_cat == null) {
std.debug.print("Could not find inserted budget", .{});
handler.returnError("Internal Server Error", 500, res);
}
return;
}
try handler.returnData(updated_budget_cat.?, res);
return;
}

76
src/routes/dashboard.zig
View File

@ -4,7 +4,9 @@ const models = @import("../db/models.zig");
const ztime = @import("../.deps/time.zig");
const utils = @import("../utils.zig");
const trans = @import("transactions.zig");
const note = @import("shared_note.zig");
const handler = @import("../http_handler.zig");
const auth = @import("auth.zig");
pub fn getDashboard(req: *httpz.Request, res: *httpz.Response) !void {
const db = handler.getDb();
@ -12,41 +14,62 @@ pub fn getDashboard(req: *httpz.Request, res: *httpz.Response) !void {
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const family_id_str = req.param("family_id");
if (family_id_str == null) {
res.status = 400;
res.body = "Bad Request: No FamilyId";
return;
}
const family_id = std.fmt.parseInt(u32, family_id_str.?, 0) catch {
res.status = 400;
res.body = "Bad Request: Bad FamilyId";
const token = auth.verifyRequest(req, res, null, null) catch {
return;
};
const family = db.selectOneById(models.Family, allocator, family_id) catch |err| {
if (err == error.SQLiteError) {
res.status = 404;
res.body = "Family Not Found";
return;
}
std.debug.print("Error while getting family: {}\n", .{err});
res.status = 500;
res.body = "Internal Server Error";
return;
// const family_id = std.fmt.parseInt(u32, family_id_str.?, 0) catch {
// res.status = 400;
// res.body = "Bad Request: Bad FamilyId";
// return;
// };
const family = db.selectOneById(models.Family, allocator, token.family_id) catch |err| {
std.log.err("Error getting family in dashboard: {any}", .{err});
return handler.returnError("Unexpected Server Error", 500, res);
};
if (family == null) {
res.status = 404;
res.body = "Family Not Found";
return;
std.log.err("Family not found, invalidating client token", .{});
return handler.returnError("Family does not exist or forbidden", 403, res);
}
const transactions = try trans.fetchTransFromDb(allocator, family.?.budget_id);
const user = db.selectOneById(models.User, allocator, token.user_id) catch |err| {
std.log.err("User not found, invalidating client token, Err: {any}", .{err});
return handler.returnError("Could not get user or forbidden", 403, res);
};
if (user == null) {
std.log.err("User not found, invalidating client token", .{});
return handler.returnError("User not found or forbidden", 403, res);
}
const transactions = trans.fetchTransFromDb(allocator, family.?.id) catch |err| {
std.log.err("Unexpected error while getting transactions: {any}", .{err});
handler.returnError("Internal Server Error", 500, res);
return;
};
const notes = note.fetchNotesFromDb(allocator, family.?.id) catch |err| {
std.log.err("Unexpected error while getting transactions: {any}", .{err});
handler.returnError("Internal Server Error", 500, res);
return;
};
const budget_query = try models.createSelectOnFieldQuery(models.Budget, null, "family_id", "=");
const budget = db.selectOne(models.Budget, allocator, budget_query, .{ .family_id = token.family_id }) catch |err| {
std.log.err("Unexpected error while getting budget: {any}", .{err});
handler.returnError("Internal Server Error", 500, res);
return;
};
const budget = try db.selectOneById(models.Budget, allocator, family.?.budget_id);
var budget_categories: ?[]models.BudgetCategory = null;
if (budget != null) {
budget_categories = try db.selectAllWhere(models.BudgetCategory, allocator, "WHERE budget_id = ? AND hide = ?", .{ .budget_id = budget.?.id, .hide = 0 }, null);
budget_categories = db.selectAllWhere(models.BudgetCategory, allocator, "WHERE budget_id = ? AND hide = ?", .{ .budget_id = budget.?.id, .hide = 0 }, null, null, null, null) catch |err| {
std.log.err("Unexpected error while getting budget categories: {any}", .{err});
handler.returnError("Internal Server Error", 500, res);
return;
};
}
if (budget_categories == null) {
@ -54,9 +77,12 @@ pub fn getDashboard(req: *httpz.Request, res: *httpz.Response) !void {
}
const response_body = .{
.family = family.?,
.user = user.?,
.budget = budget,
.budget_categories = budget_categories,
.transactions = transactions,
.shared_notes = notes,
.success = true,
};
try res.json(response_body, .{});
}

155
src/routes/shared_note.zig Normal file
View File

@ -0,0 +1,155 @@
const std = @import("std");
const httpz = @import("../.deps/http.zig/src/httpz.zig");
const models = @import("../db/models.zig");
// const ztime = @import("../.deps/time.zig");
const utils = @import("../utils.zig");
const auth = @import("auth.zig");
const handler = @import("../http_handler.zig");
pub fn fetchNotesFromDb(allocator: std.mem.Allocator, family_id: u32) !?[]models.SharedNote {
var db = handler.getDb();
const notes = db.selectAllWhere(
models.SharedNote,
allocator,
"WHERE family_id = ? and hide = ?",
.{ .family_id = family_id, .hide = 0 },
"updated_at",
"DESC",
true,
10,
) catch |err| {
std.debug.print("Error while getting shared notes: {any}", .{err});
return err;
};
return notes;
}
pub fn getSharedNotes(req: *httpz.Request, res: *httpz.Response) !void {
var db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
var str_limit: ?[]const u8 = req.param("limit");
if (str_limit == null) {
str_limit = "10";
}
const limit = std.fmt.parseInt(u32, str_limit.?, 0) catch {
handler.returnError("Bad Request: Bad Limit", 401, res);
return;
};
const token = auth.verifyRequest(req, res, null, null) catch {
return;
};
const notes = db.selectAllWhere(
models.SharedNote,
allocator,
"WHERE family_id = ? and hide = ?",
.{ .family_id = token.family_id, .hide = 0 },
"updated_at",
"DESC",
true,
limit,
) catch |err| {
std.debug.print("Error while getting shared notes: {any}", .{err});
return err;
};
try res.json(.{ .notes = notes }, .{});
return;
}
pub fn putSharedNote(req: *httpz.Request, res: *httpz.Response) !void {
var db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const body_data = req.json(models.SharedNote) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad request: No Data", 400, res);
return;
}
var shared_note = body_data.?;
_ = auth.verifyRequest(req, res, shared_note.created_by_user_id, shared_note.family_id) catch {
return;
};
const now = @intCast(u64, std.time.milliTimestamp());
shared_note.updated_at = now;
try db.updateById(models.SharedNote, shared_note);
const updated_note = try db.selectOneById(models.SharedNote, allocator, shared_note.id);
if (updated_note) |note| {
try handler.returnData(note, res);
} else {
handler.returnError("Internal Server Error", 500, res);
}
return;
}
const NotePostReq = struct {
id: ?u32,
family_id: u32,
created_by_user_id: u32,
content: []const u8,
title: []const u8,
color: ?[]const u8,
tag_ids: []const u8,
is_markdown: u2,
created_at: ?u64,
updated_at: ?u64,
hide: u8,
};
pub fn postSharedNote(req: *httpz.Request, res: *httpz.Response) !void {
comptime {
const postReqLen = @typeInfo(NotePostReq).Struct.fields.len;
const noteLen = @typeInfo(models.SharedNote).Struct.fields.len;
if (postReqLen != noteLen) {
@compileError(std.fmt.comptimePrint("SharedNotePutReq does not equal SharedNote model struct, fields inconsistent", .{}));
}
}
var db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const body_data = req.json(NotePostReq) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad request: No Data", 400, res);
return;
}
var body = body_data.?;
_ = auth.verifyRequest(req, res, body.created_by_user_id, body.family_id) catch {
return;
};
const now = @intCast(u64, std.time.milliTimestamp());
body.created_at = now;
body.updated_at = now;
// remove the null id field for insertion
try db.insert(models.SharedNote, utils.removeStructFields(body, &[_]u8{0}));
// Get new SharedNote
const query = try models.createSelectOnFieldQuery(models.SharedNote, null, "created_at", "=");
const updated_note = try db.selectOne(models.SharedNote, allocator, query, .{ .created_at = body.created_at });
if (updated_note) |note| {
try handler.returnData(note, res);
} else {
handler.returnError("Internal Server Error", 500, res);
}
return;
}

104
src/routes/transactions.zig
View File

@ -4,9 +4,10 @@ const models = @import("../db/models.zig");
const ztime = @import("../.deps/time.zig");
const utils = @import("../utils.zig");
const auth = @import("auth.zig");
const handler = @import("../http_handler.zig");
pub fn fetchTransFromDb(allocator: std.mem.Allocator, budget_id: u32) !?[]models.Transaction {
pub fn fetchTransFromDb(allocator: std.mem.Allocator, family_id: u32) !?[]models.Transaction {
var db = handler.getDb();
const now = ztime.DateTime.now();
const beginningOfMonth = ztime.DateTime.init(now.years, now.months, 0, 0, 0, 0);
@ -16,43 +17,61 @@ pub fn fetchTransFromDb(allocator: std.mem.Allocator, budget_id: u32) !?[]models
return error{TransactionModelError};
}
}
const transactions = try db.selectAllWhere(
const budget_query = models.createSelectOnFieldQuery(models.Budget, null, "family_id", "=") catch |err| {
std.debug.print("Error while creating budget query: {any}", .{err});
return err;
};
const budget = db.selectOne(models.Budget, allocator, budget_query, .{ .family_id = family_id }) catch |err| {
std.debug.print("Error while getting budget: {any}", .{err});
return err;
};
if (budget == null) {
return null;
}
const transactions = db.selectAllWhere(
models.Transaction,
allocator,
"WHERE budget_id = ? AND date > ? AND hide = ?",
.{ .budget_id = budget_id, .date = beginningOfMonth.toUnixMilli(), .hide = 0 },
.{ .budget_id = budget.?.id, .date = beginningOfMonth.toUnixMilli(), .hide = 0 },
null,
);
null,
null,
null,
) catch |err| {
std.debug.print("Error while getting transactions query: {any}", .{err});
return err;
};
return transactions;
}
pub fn getTransactions(req: *httpz.Request, res: *httpz.Response) !void {
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
// pub fn getTransactions(req: *httpz.Request, res: *httpz.Response) !void {
// auth.verifyRequest();
// var gpa = std.heap.GeneralPurposeAllocator(.{}){};
// const allocator = gpa.allocator();
const budget_id_str = req.param("budget_id");
if (budget_id_str == null) {
handler.returnError("Bad request", 400, res);
return;
}
const budget_id = std.fmt.parseInt(u32, budget_id_str.?, 0) catch {
handler.returnError("Bad request", 400, res);
return;
};
const transactions = try fetchTransFromDb(allocator, budget_id);
if (transactions == null) {
res.status = 200;
res.body = "";
return;
}
// std.debug.print("Transactions got:\n", .{});
// for (transactions.?) |transaction| {
// std.debug.print("\t{any}\n", .{transaction});
// const budget_id_str = req.param("budget_id");
// if (budget_id_str == null) {
// handler.returnError("Bad request", 400, res);
// return;
// }
// const budget_id = std.fmt.parseInt(u32, budget_id_str.?, 0) catch {
// handler.returnError("Bad request", 400, res);
// return;
// };
// const transactions = try fetchTransFromDb(allocator, budget_id);
// if (transactions == null) {
// res.status = 200;
// res.body = "";
// return;
// }
// // std.debug.print("Transactions got:\n", .{});
// // for (transactions.?) |transaction| {
// // std.debug.print("\t{any}\n", .{transaction});
// // }
// try handler.returnData(.{ .transactions = transactions.? }, res);
// }
try handler.returnData(.{ .transactions = transactions.? }, res);
}
pub fn putTransaction(req: *httpz.Request, res: *httpz.Response) !void {
var db = handler.getDb();
@ -70,9 +89,16 @@ pub fn putTransaction(req: *httpz.Request, res: *httpz.Response) !void {
}
var transaction = body_data.?;
// Add Transaction
const budget = try db.selectOneById(models.Budget, allocator, transaction.budget_id);
if (budget == null) {
return handler.returnError("Budget for transaction not found or forbidden", 403, res);
}
_ = auth.verifyRequest(req, res, transaction.created_by_user_id, budget.?.family_id) catch {
return;
};
const now = @intCast(u64, std.time.milliTimestamp());
// Update existing Transaction
transaction.updated_at = now;
try db.updateById(models.Transaction, transaction);
@ -92,7 +118,7 @@ const TransPostReq = struct {
type: []const u8,
memo: ?[]const u8,
budget_id: u32,
added_by_user_id: u32,
created_by_user_id: u32,
budget_category_id: ?u32,
date: u64,
created_at: ?u64,
@ -102,9 +128,9 @@ const TransPostReq = struct {
pub fn postTransaction(req: *httpz.Request, res: *httpz.Response) !void {
comptime {
const putReqLen = @typeInfo(TransPostReq).Struct.fields.len;
const postReqLen = @typeInfo(TransPostReq).Struct.fields.len;
const transLen = @typeInfo(models.Transaction).Struct.fields.len;
if (putReqLen != transLen) {
if (postReqLen != transLen) {
@compileError(std.fmt.comptimePrint("TransactionPutReq does not equal Transaction model struct, fields inconsistent", .{}));
}
}
@ -123,15 +149,19 @@ pub fn postTransaction(req: *httpz.Request, res: *httpz.Response) !void {
}
var body = body_data.?;
if (body.id != null) {
handler.returnError("Bad request: ID", 400, res);
return;
const budget = try db.selectOneById(models.Budget, allocator, body.budget_id);
if (budget == null) {
return handler.returnError("Budget for transaction not foud or forbidden", 403, res);
}
_ = auth.verifyRequest(req, res, body.created_by_user_id, budget.?.family_id) catch {
return;
};
const now = @intCast(u64, std.time.milliTimestamp());
body.created_at = now;
body.updated_at = now;
// remove the null id field for insertion
try db.insert(models.Transaction, utils.removeStructFields(body, &[_]u8{0}));
// Get new Transaction

333
src/routes/user.zig
View File

@ -2,9 +2,202 @@ const std = @import("std");
const httpz = @import("../.deps/http.zig/src/httpz.zig");
const models = @import("../db/models.zig");
const utils = @import("../utils.zig");
const auth = @import("auth.zig");
const handler = @import("../http_handler.zig");
const LoginReq = struct {
username: ?[]const u8,
email: ?[]const u8,
password: []const u8,
};
// POST endpoint for user login requests
pub fn login(req: *httpz.Request, res: *httpz.Response) !void {
const db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const body_data = req.json(LoginReq) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad Request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad Request: No Data", 400, res);
return;
}
var body = body_data.?;
if (body.username == null and body.email == null) {
handler.returnError("Bad Request: Missing username / email", 400, res);
return;
} else if (body.username != null and body.email != null) {
handler.returnError("Bad Request: Provided Username and Email", 400, res);
return;
}
var user: ?models.User = null;
const password_hash = @truncate(u32, std.hash.Wyhash.hash(auth.HASH_SEED, body.password));
if (body.username != null) {
const query =
"WHERE pass_hash = ? and username = ?;";
user = try db.selectOne(models.User, allocator, try models.createRawSelectQuery(
models.User,
query,
), .{ .pass_hash = password_hash, .username = body.username.? });
} else {
const query =
"WHERE pass_hash = ? and email = ?;";
user = try db.selectOne(models.User, allocator, try models.createRawSelectQuery(
models.User,
query,
), .{ .pass_hash = password_hash, .email = body.email.? });
}
if (user == null) {
handler.returnError("User not found or incorrect password", 200, res);
return;
} else if (user.?.hide == 1) {
handler.returnError("Account has been closed", 200, res);
return;
}
const token = try auth.generateToken(user.?);
try handler.returnData(.{ .token = token }, res);
}
const SignupReq = struct {
name: []const u8,
username: []const u8,
email: ?[]const u8,
password: []const u8,
family_code: ?[]const u8,
budget_name: []const u8,
};
// POST endpoint for user signups
pub fn signup(req: *httpz.Request, res: *httpz.Response) !void {
const db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
const body_data = req.json(SignupReq) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad Request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad Request: No Data", 400, res);
return;
}
var body = body_data.?;
// if (body.username == null and body.email == null) {
// handler.returnError("Bad Request: Missing username / email", 400, res);
// return;
// }
const password_hash = @truncate(u32, std.hash.Wyhash.hash(auth.HASH_SEED, body.password));
const now = @bitCast(u64, std.time.milliTimestamp());
const uname_query =
"WHERE username = ?;";
var temp_user = try db.selectOne(models.User, allocator, try models.createRawSelectQuery(
models.User,
uname_query,
), .{ .username = body.username });
if (temp_user != null) {
handler.returnError("Username is unavailable", 200, res);
return;
}
if (body.email != null) {
const email_query =
"WHERE email = ?;";
temp_user = try db.selectOne(models.User, allocator, try models.createRawSelectQuery(
models.User,
email_query,
), .{ .email = body.email.? });
if (temp_user != null) {
handler.returnError("Email is unavailable", 200, res);
return;
}
}
var family: ?models.Family = null;
var budget: ?models.Budget = null;
var user: ?models.User = null;
if (body.family_code == null) {
const new_family = .{
.code = utils.generateRandomString(allocator) catch null,
.created_at = now,
.updated_at = now,
.hide = 0,
};
try db.insert(models.Family, new_family);
const family_query = try models.createSelectOnFieldQuery(models.Family, null, "code", "=");
family = try db.selectOne(models.Family, allocator, family_query, .{ .code = new_family.code });
if (family == null) {
handler.returnError("Unable to create family", 500, res);
return;
}
const new_budget = .{
.family_id = family.?.id,
.name = body.budget_name,
.created_at = now,
.updated_at = now,
.hide = 0,
};
try db.insert(models.Budget, new_budget);
const budget_query = try models.createSelectOnFieldQuery(models.Budget, null, "created_at", "=");
budget = try db.selectOne(models.Budget, allocator, budget_query, .{ .created_at = now });
if (budget == null) {
handler.returnError("Unable to create budget", 500, res);
return;
}
} else {
const family_query = try models.createSelectOnFieldQuery(models.Family, null, "code", "=");
family = try db.selectOne(models.Family, allocator, family_query, .{ .code = body.family_code.? });
if (family == null) {
return handler.returnError("Invalid Family Code", 404, res);
}
const budget_query = try models.createSelectOnFieldQuery(models.Budget, null, "family_id", "=");
budget = try db.selectOne(models.Budget, allocator, budget_query, .{ .family_id = family.?.id });
if (budget == null) {
return handler.returnError("Could not find Family Budget", 404, res);
}
}
const new_user = .{ .name = body.name, .username = body.username, .email = body.email, .pass_hash = password_hash, .family_id = family.?.id, .budget_id = budget.?.id, .created_at = now, .updated_at = now, .last_activity_at = now, .hide = 0 };
try db.insert(models.User, new_user);
const query = try models.createSelectOnFieldQuery(models.User, null, "pass_hash", "=");
user = try db.selectOne(models.User, allocator, query, .{ .pass_hash = password_hash });
if (user == null) {
handler.returnError("Unable to create new user", 500, res);
return;
}
std.log.info("User created: {any}\nFamily created: {any}\n", .{ user.?, family.? });
const token = try auth.generateToken(user.?);
try handler.returnData(.{ .user = user, .token = token }, res);
}
pub fn getUser(req: *httpz.Request, res: *httpz.Response) !void {
const db = handler.getDb();
@ -23,7 +216,10 @@ pub fn getUser(req: *httpz.Request, res: *httpz.Response) !void {
const user = try db.selectOneById(models.User, allocator, id);
if (user == null) {
handler.returnError("Error: User Not Found", 404, res);
_ = auth.verifyRequest(req, res, id, user.family_id) catch {
return;
};
handler.returnError("Error: User Not Found of Forbidden", 403, res);
return;
}
@ -31,7 +227,6 @@ pub fn getUser(req: *httpz.Request, res: *httpz.Response) !void {
}
const UserPostReq = struct {
id: ?u32,
name: []const u8,
family_id: u32,
budget_id: u32,
@ -57,6 +252,10 @@ pub fn putUser(req: *httpz.Request, res: *httpz.Response) !void {
}
var body = body_data.?;
_ = auth.verifyRequest(req, res, body.id, body.family_id) catch {
return;
};
// Add User
const now = @intCast(u64, std.time.milliTimestamp());
// Update existing User
@ -76,74 +275,74 @@ pub fn putUser(req: *httpz.Request, res: *httpz.Response) !void {
// try res.json(user, .{});
}
pub fn postUser(req: *httpz.Request, res: *httpz.Response) !void {
comptime {
const putReqLen = @typeInfo(UserPostReq).Struct.fields.len;
const userLen = @typeInfo(models.User).Struct.fields.len;
if (putReqLen != userLen) {
@compileError(std.fmt.comptimePrint("UserPutReq does not equal User model struct, fields inconsistent", .{}));
}
}
// pub fn postUser(req: *httpz.Request, res: *httpz.Response) !void {
// comptime {
// const putReqLen = @typeInfo(UserPostReq).Struct.fields.len;
// const userLen = @typeInfo(models.User).Struct.fields.len;
// if (putReqLen != userLen) {
// @compileError(std.fmt.comptimePrint("UserPutReq does not equal User model struct, fields inconsistent", .{}));
// }
// }
const db = handler.getDb();
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = gpa.allocator();
// const db = handler.getDb();
// var gpa = std.heap.GeneralPurposeAllocator(.{}){};
// const allocator = gpa.allocator();
const body_data = req.json(UserPostReq) catch |err| {
std.debug.print("Malformed body: {any}\n", .{err});
handler.returnError("Bad request: Malformed Body", 400, res);
return;
};
if (body_data == null) {
handler.returnError("Bad request: No Data", 400, res);
return;
}
var body = body_data.?;
// const body_data = req.json(UserPostReq) catch |err| {
// std.debug.print("Malformed body: {any}\n", .{err});
// handler.returnError("Bad request: Malformed Body", 400, res);
// return;
// };
// if (body_data == null) {
// handler.returnError("Bad request: No Data", 400, res);
// return;
// }
// var body = body_data.?;
if (body.id != null) {
handler.returnError("Bad request: ID", 400, res);
return;
}
// Add User
const now = @intCast(u64, std.time.milliTimestamp());
// Create User
body.created_at = now;
body.last_activity_at = now;
body.updated_at = now;
// if (body.id != null) {
// handler.returnError("Bad request: ID", 400, res);
// return;
// }
// // Add User
// const now = @intCast(u64, std.time.milliTimestamp());
// // Create User
// body.created_at = now;
// body.last_activity_at = now;
// body.updated_at = now;
try db.insert(models.User, utils.removeStructFields(body, &[_]u8{0}));
// try db.insert(models.User, utils.removeStructFields(body, &[_]u8{0}));
// Get new User
const query = try models.createSelectOnFieldQuery(models.User, null, "created_at", "=");
const updated_user = try db.selectOne(models.User, allocator, query, .{ .created_at = body.created_at });
if (updated_user) |user| {
try handler.returnData(user, res);
} else {
handler.returnError("Internal Server Error", 500, res);
}
return;
}
// // Get new User
// const query = try models.createSelectOnFieldQuery(models.User, null, "created_at", "=");
// const updated_user = try db.selectOne(models.User, allocator, query, .{ .created_at = body.created_at });
// if (updated_user) |user| {
// try handler.returnData(user, res);
// } else {
// handler.returnError("Internal Server Error", 500, res);
// }
// return;
// }
pub fn deleteUser(req: *httpz.Request, res: *httpz.Response) !void {
const db = handler.getDb();
// pub fn deleteUser(req: *httpz.Request, res: *httpz.Response) !void {
// const db = handler.getDb();
const user_id = req.param("id");
if (res.body) |_| {
handler.returnError("Bad Request", 400, res);
return;
}
if (user_id) |id_str| {
const id = std.fmt.parseInt(u32, id_str, 0) catch {
handler.returnError("Bad Request: Invalid Id", 400, res);
return;
};
db.deleteById(models.User, id) catch |err| {
std.debug.print("Error while deleting user: {}\n", .{err});
handler.returnError("Internal Server Error", 500, res);
return;
};
} else {
handler.returnError("Bad Request: Missing ID", 400, res);
}
return;
}
// const user_id = req.param("id");
// if (res.body) |_| {
// handler.returnError("Bad Request", 400, res);
// return;
// }
// if (user_id) |id_str| {
// const id = std.fmt.parseInt(u32, id_str, 0) catch {
// handler.returnError("Bad Request: Invalid Id", 400, res);
// return;
// };
// db.deleteById(models.User, id) catch |err| {
// std.debug.print("Error while deleting user: {}\n", .{err});
// handler.returnError("Internal Server Error", 500, res);
// return;
// };
// } else {
// handler.returnError("Bad Request: Missing ID", 400, res);
// }
// return;
// }

23
src/utils.zig
View File

@ -95,6 +95,23 @@ pub fn removeStructFields(
return result;
}
pub fn generateRandomString(allocator: std.mem.Allocator) ![]const u8 {
const chars: []const u8 = "ABCDEFGHIJKJMNOPQRSTUVWXYZ1234567890";
var xoshiro = std.rand.DefaultPrng.init(@bitCast(u64, std.time.milliTimestamp()));
const rng = xoshiro.random();
var code: []u8 = try allocator.alloc(u8, 5);
for (0..code.len) |i| {
const char_index = rng.uintLessThan(u8, chars.len + 1) % chars.len;
code[i] = chars[char_index];
}
std.log.info("Generated family code: {s}", .{code});
return code;
}
test {
// const vote = .{ .id = 0, .createdAt = "DATE" };
// const data = structConcatFields(vote, .{ .id2 = vote.id });
@ -103,4 +120,10 @@ test {
const user = .{ .id = 0, .createdAt = 2, .other = 3, .key = 4 };
const date = removeStructFields(user, &[_]u8{4});
std.debug.print("\n{any}\n", .{date});
var gpa = std.testing.allocator_instance;
var allocator = gpa.allocator();
const code = try generateRandomString(allocator);
std.debug.print("\nGot {s}\n", .{code});
}