init

2026-02-15 17:16:22 +03:00
commit 14815e521b
7 changed files with 257 additions and 0 deletions
--- a/main.go
+++ b/main.go
@@ -0,0 +1,143 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"game-wishlist/auth"
+	"game-wishlist/model"
+	"log"
+	"net/http"
+	"os"
+	"time"
+
+	"golang.org/x/crypto/bcrypt"
+	"gorm.io/driver/sqlite"
+	"gorm.io/gorm"
+)
+
+func sendError(w http.ResponseWriter, msg string, err error, status int) {
+	m := msg
+	if err != nil {
+		m = fmt.Sprintf("%s: %v", msg, err)
+	}
+	http.Error(w, m, status)
+}
+
+func sendJSON(w http.ResponseWriter, data any, status int) {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(status)
+	if err := json.NewEncoder(w).Encode(data); err != nil {
+		http.Error(w, err.Error(), 500)
+	}
+}
+
+func main() {
+	dbPath := os.Getenv("DB_PATH")
+	if dbPath == "" {
+		dbPath = "./sqlite.db"
+	}
+
+	db, err := gorm.Open(sqlite.Open(dbPath))
+	if err != nil {
+		log.Fatalf("failed to connect to db: %v\n", err)
+	}
+
+	if err := db.AutoMigrate(model.User{}); err != nil {
+		log.Fatalf("failed to automigrate db: %v\n", err)
+	}
+
+	mux := http.NewServeMux()
+
+	mux.HandleFunc("POST /api/auth/register", func(w http.ResponseWriter, r *http.Request) {
+		var body struct {
+			Login    string `json:"login"`
+			Password string `json:"password"`
+		}
+		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+			sendError(w, "invalid request body", err, 400)
+			return
+		}
+
+		if body.Login == "" || body.Password == "" {
+			sendError(w, "invalid request, login and password required", nil, 400)
+			return
+		}
+
+		hash, err := bcrypt.GenerateFromPassword([]byte(body.Password), 10)
+		if err != nil {
+			sendError(w, "failed to hash password", err, 500)
+			return
+		}
+
+		user := &model.User{
+			Login:    body.Login,
+			Password: string(hash),
+		}
+		if tx := db.Create(user); tx.Error != nil {
+			sendError(w, "failed to create user", tx.Error, 400)
+			return
+		}
+
+		expiryTime := time.Now().Add(time.Hour * 24 * 7) // 1 week lifetime
+		token, err := auth.GenerateUserToken(int64(user.ID), expiryTime)
+		if err != nil {
+			sendError(w, "failed to generate user token", err, 500)
+			return
+		}
+
+		auth.SetUserCookie(w, token, expiryTime)
+
+		sendJSON(w, user, 201)
+	})
+
+	mux.HandleFunc("POST /api/auth/login", func(w http.ResponseWriter, r *http.Request) {
+		var body struct {
+			Login    string `json:"login"`
+			Password string `json:"password"`
+		}
+
+		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+			sendError(w, "invalid request body", err, 400)
+			return
+		}
+
+		if body.Login == "" || body.Password == "" {
+			sendError(w, "invalid request, login and password required", nil, 400)
+			return
+		}
+
+		user := &model.User{}
+		if tx := db.First(user, "login = ?", body.Login); tx.Error != nil {
+			sendError(w, "login not found", tx.Error, 400)
+			return
+		}
+
+		if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(body.Password)); err != nil {
+			sendError(w, "invalid password", err, 400)
+			return
+		}
+
+		expiryTime := time.Now().Add(time.Hour * 24 * 7) // 1 week lifetime
+		token, err := auth.GenerateUserToken(int64(user.ID), expiryTime)
+		if err != nil {
+			sendError(w, "failed to generate user token", err, 500)
+			return
+		}
+
+		auth.SetUserCookie(w, token, expiryTime)
+
+		sendJSON(w, user, 200)
+	})
+
+	mux.HandleFunc("POST /api/auth/logout", func(w http.ResponseWriter, r *http.Request) {
+		auth.RemoveUserCookie(w)
+		sendJSON(w, struct {
+			Ok bool `json:"ok"`
+		}{true}, 200)
+	})
+
+	log.Print("starting http server on http://localhost:5000")
+	if err := http.ListenAndServe(":5000", mux); err != nil {
+		log.Fatalf("failed to start http server: %v\n", err)
+	}
+}