2024-08-04 16:26:02 +02:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2024-08-27 13:52:36 +02:00
|
|
|
"bytes"
|
2024-08-04 16:26:02 +02:00
|
|
|
"encoding/json"
|
2024-08-19 22:22:40 +02:00
|
|
|
"errors"
|
2024-08-13 22:00:07 +02:00
|
|
|
"fmt"
|
2024-08-04 16:52:03 +02:00
|
|
|
"myapp/internal/cards"
|
2024-08-21 14:22:40 +02:00
|
|
|
"myapp/internal/cards/encryption"
|
2024-08-12 19:10:27 +02:00
|
|
|
"myapp/internal/models"
|
2024-08-21 11:44:38 +02:00
|
|
|
"myapp/internal/urlsigner"
|
2024-08-04 16:26:02 +02:00
|
|
|
"net/http"
|
2024-08-04 16:52:03 +02:00
|
|
|
"strconv"
|
2024-08-19 22:22:40 +02:00
|
|
|
"strings"
|
2024-08-13 22:00:07 +02:00
|
|
|
"time"
|
2024-08-06 21:35:28 +02:00
|
|
|
|
|
|
|
"github.com/go-chi/chi/v5"
|
2024-08-12 19:10:27 +02:00
|
|
|
"github.com/stripe/stripe-go/v79"
|
2024-08-21 12:54:25 +02:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
2024-08-04 16:26:02 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
type stripePayload struct {
|
2024-08-12 13:49:50 +02:00
|
|
|
Currency string `json:"currency"`
|
|
|
|
Amount string `json:"amount"`
|
|
|
|
PaymentMethod string `json:"payment_method"`
|
|
|
|
Email string `json:"email"`
|
2024-08-12 19:10:27 +02:00
|
|
|
CardBrand string `json:"card_brand"`
|
|
|
|
ExpiryMonth int `json:"expiry_month"`
|
|
|
|
ExpiryYear int `json:"expiry_year"`
|
2024-08-12 13:49:50 +02:00
|
|
|
LastFour string `json:"last_four"`
|
|
|
|
Plan string `json:"plan"`
|
2024-08-12 19:10:27 +02:00
|
|
|
ProductID string `json:"product_id"`
|
|
|
|
FirstName string `json:"first_name"`
|
|
|
|
LastName string `json:"last_name"`
|
2024-08-04 16:26:02 +02:00
|
|
|
}
|
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
type JSONResponse struct {
|
2024-08-04 16:26:02 +02:00
|
|
|
OK bool `json:"ok"`
|
2024-08-04 16:52:03 +02:00
|
|
|
Message string `json:"message,omitempty"`
|
|
|
|
Content string `json:"content,omitempty"`
|
|
|
|
ID int `json:"id,omitempty"`
|
2024-08-04 16:26:02 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func (app *application) GetPaymentIntent(w http.ResponseWriter, r *http.Request) {
|
2024-08-04 16:52:03 +02:00
|
|
|
var payload stripePayload
|
|
|
|
|
|
|
|
err := json.NewDecoder(r.Body).Decode(&payload)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return // TODO: return a valid json
|
2024-08-04 16:26:02 +02:00
|
|
|
}
|
|
|
|
|
2024-08-04 16:52:03 +02:00
|
|
|
amount, err := strconv.Atoi(payload.Amount)
|
2024-08-04 16:26:02 +02:00
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
2024-08-04 16:52:03 +02:00
|
|
|
return // TODO: return a valid json
|
|
|
|
}
|
|
|
|
|
|
|
|
card := cards.Card{
|
|
|
|
Secret: app.config.stripe.secret,
|
|
|
|
Key: app.config.stripe.key,
|
|
|
|
Currency: payload.Currency,
|
|
|
|
}
|
|
|
|
|
|
|
|
pi, msg, err := card.Charge(payload.Currency, amount)
|
|
|
|
if err != nil {
|
2024-08-26 22:49:10 +02:00
|
|
|
j := JSONResponse{
|
2024-08-04 16:52:03 +02:00
|
|
|
OK: false,
|
|
|
|
Message: msg,
|
|
|
|
Content: "",
|
|
|
|
}
|
|
|
|
|
|
|
|
out, err := json.MarshalIndent(j, "", " ")
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Write(out)
|
|
|
|
return
|
2024-08-04 16:26:02 +02:00
|
|
|
}
|
|
|
|
|
2024-08-04 16:52:03 +02:00
|
|
|
out, err := json.MarshalIndent(pi, "", " ")
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return // TODO: return a valid json
|
|
|
|
}
|
2024-08-04 16:26:02 +02:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Write(out)
|
|
|
|
}
|
2024-08-06 21:35:28 +02:00
|
|
|
|
|
|
|
func (app *application) GetWidgetByID(w http.ResponseWriter, r *http.Request) {
|
|
|
|
id := chi.URLParam(r, "id")
|
|
|
|
widgetID, _ := strconv.Atoi(id)
|
|
|
|
|
|
|
|
widget, err := app.DB.GetWidget(widgetID)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
}
|
|
|
|
out, err := json.MarshalIndent(widget, "", " ")
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Write(out)
|
|
|
|
}
|
2024-08-12 13:49:50 +02:00
|
|
|
|
2024-08-27 13:52:36 +02:00
|
|
|
type Invoice struct {
|
|
|
|
ID int `json:"id"`
|
|
|
|
Quantity int `json:"quantity"`
|
|
|
|
Amount int `json:"amount"`
|
|
|
|
Product string `json:"product"`
|
|
|
|
FirstName string `json:"first_name"`
|
|
|
|
LastName string `json:"last_name"`
|
|
|
|
Email string `json:"email"`
|
|
|
|
CreatedAt time.Time `json:"created_at"`
|
|
|
|
}
|
|
|
|
|
2024-08-12 13:49:50 +02:00
|
|
|
func (app *application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var data stripePayload
|
|
|
|
|
|
|
|
err := json.NewDecoder(r.Body).Decode(&data)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
app.infoLog.Println(data.Email, data.LastFour, data.PaymentMethod, data.Plan)
|
|
|
|
|
2024-08-12 18:28:20 +02:00
|
|
|
card := cards.Card{
|
|
|
|
Secret: app.config.stripe.secret,
|
|
|
|
Key: app.config.stripe.key,
|
|
|
|
Currency: data.Currency,
|
|
|
|
}
|
2024-08-12 13:49:50 +02:00
|
|
|
|
2024-08-12 19:10:27 +02:00
|
|
|
okay := true
|
|
|
|
var subscription *stripe.Subscription
|
|
|
|
txnMsg := "Transaction successful"
|
|
|
|
|
2024-08-12 18:28:20 +02:00
|
|
|
stripeCustomer, msg, err := card.CreateCustomer(data.PaymentMethod, data.Email)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
2024-08-12 19:10:27 +02:00
|
|
|
okay = false
|
|
|
|
txnMsg = msg
|
2024-08-12 18:28:20 +02:00
|
|
|
}
|
|
|
|
|
2024-08-12 19:10:27 +02:00
|
|
|
if okay {
|
|
|
|
subscription, err = card.SubscribeToPlan(
|
|
|
|
stripeCustomer,
|
|
|
|
data.Plan,
|
|
|
|
data.Email,
|
|
|
|
data.LastFour,
|
|
|
|
"",
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
okay = false
|
|
|
|
txnMsg = "Error subscribing customer"
|
|
|
|
}
|
|
|
|
app.infoLog.Println("subscription id is", subscription.ID)
|
2024-08-12 18:28:20 +02:00
|
|
|
}
|
|
|
|
|
2024-08-12 19:10:27 +02:00
|
|
|
if okay {
|
|
|
|
productID, _ := strconv.Atoi(data.ProductID)
|
|
|
|
customerID, err := app.SaveCustomer(data.FirstName, data.LastName, data.Email)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// create a new txn
|
|
|
|
amount, _ := strconv.Atoi(data.Amount)
|
|
|
|
txn := models.Transaction{
|
|
|
|
Amount: amount,
|
|
|
|
Currency: "eur",
|
|
|
|
LastFour: data.LastFour,
|
|
|
|
ExpiryMonth: data.ExpiryMonth,
|
|
|
|
ExpiryYear: data.ExpiryYear,
|
|
|
|
TransactionStatusID: 2,
|
2024-08-22 21:34:58 +02:00
|
|
|
PaymentIntent: subscription.ID,
|
|
|
|
PaymentMethod: data.PaymentMethod,
|
2024-08-12 19:10:27 +02:00
|
|
|
}
|
|
|
|
txnID, err := app.SaveTransaction(txn)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// create order
|
|
|
|
order := models.Order{
|
|
|
|
WidgetID: productID,
|
|
|
|
TransactionID: txnID,
|
|
|
|
CustomerID: customerID,
|
|
|
|
StatusID: 1,
|
|
|
|
Quantity: 1,
|
|
|
|
Amount: amount,
|
|
|
|
}
|
|
|
|
|
2024-08-27 13:52:36 +02:00
|
|
|
orderID, err := app.SaveOrder(order)
|
2024-08-12 19:10:27 +02:00
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return
|
|
|
|
}
|
2024-08-27 13:52:36 +02:00
|
|
|
|
|
|
|
inv := Invoice{
|
|
|
|
ID: orderID,
|
|
|
|
Quantity: order.Quantity,
|
|
|
|
Amount: order.Amount,
|
|
|
|
Product: "Bronze Plan",
|
|
|
|
FirstName: data.FirstName,
|
|
|
|
LastName: data.LastName,
|
|
|
|
Email: data.Email,
|
|
|
|
CreatedAt: time.Now(),
|
|
|
|
}
|
|
|
|
err = app.callInvoiceMicro(inv)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
// Don't stop the program
|
|
|
|
}
|
2024-08-12 19:10:27 +02:00
|
|
|
}
|
2024-08-12 18:28:20 +02:00
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
resp := JSONResponse{
|
2024-08-12 13:49:50 +02:00
|
|
|
OK: okay,
|
2024-08-12 19:10:27 +02:00
|
|
|
Message: txnMsg,
|
2024-08-12 13:49:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
out, err := json.MarshalIndent(resp, "", " ")
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Write(out)
|
|
|
|
}
|
2024-08-12 19:10:27 +02:00
|
|
|
|
2024-08-27 13:52:36 +02:00
|
|
|
func (app *application) callInvoiceMicro(inv Invoice) error {
|
|
|
|
// TODO: Do not hard code this.
|
|
|
|
url := "http://localhost:5000/invoice/create-and-send"
|
|
|
|
out, err := json.MarshalIndent(inv, "", "\t")
|
|
|
|
if err != err {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", url, bytes.NewBuffer(out))
|
|
|
|
if err != nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
client := &http.Client{}
|
|
|
|
resp, err := client.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer resp.Body.Close()
|
|
|
|
app.infoLog.Println(resp.Body)
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2024-08-12 19:10:27 +02:00
|
|
|
func (app *application) SaveCustomer(firstName, lastName, email string) (int, error) {
|
|
|
|
customer := models.Customer{
|
|
|
|
FirstName: firstName,
|
|
|
|
LastName: lastName,
|
|
|
|
Email: email,
|
|
|
|
}
|
|
|
|
|
|
|
|
id, err := app.DB.InsertCustomer(customer)
|
|
|
|
if err != nil {
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return id, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (app *application) SaveTransaction(txn models.Transaction) (int, error) {
|
|
|
|
txnID, err := app.DB.InsertTransaction(txn)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return txnID, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (app *application) SaveOrder(order models.Order) (int, error) {
|
|
|
|
id, err := app.DB.InsertOrder(order)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return id, nil
|
|
|
|
}
|
2024-08-13 13:26:38 +02:00
|
|
|
|
|
|
|
func (app *application) CreateAuthToken(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var userInput struct {
|
|
|
|
Email string `json:"email"`
|
|
|
|
Password string `json:"password"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := app.readJSON(w, r, &userInput)
|
|
|
|
if err != nil {
|
2024-08-13 14:12:40 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-13 13:26:38 +02:00
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-13 13:47:56 +02:00
|
|
|
// get the user from the db by email, send error if invalid email
|
|
|
|
user, err := app.DB.GetUserByEmail(userInput.Email)
|
|
|
|
if err != nil {
|
2024-08-13 14:12:40 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-13 13:47:56 +02:00
|
|
|
app.invalidCredentials(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// validate the password, send error if invalid password
|
2024-08-13 13:58:33 +02:00
|
|
|
validPassword, err := app.passwordMatches(user.Password, userInput.Password)
|
|
|
|
if err != nil {
|
2024-08-13 14:12:40 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-13 13:58:33 +02:00
|
|
|
app.invalidCredentials(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if !validPassword {
|
|
|
|
app.invalidCredentials(w)
|
|
|
|
return
|
|
|
|
}
|
2024-08-13 13:47:56 +02:00
|
|
|
|
|
|
|
// generate the token
|
2024-08-13 22:00:07 +02:00
|
|
|
token, err := models.GenerateToken(user.ID, 24*time.Hour, models.ScopeAuthentication)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// save to DB
|
|
|
|
err = app.DB.InsertToken(token, user)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
2024-08-13 13:47:56 +02:00
|
|
|
|
|
|
|
// send response
|
|
|
|
|
2024-08-13 13:26:38 +02:00
|
|
|
var payload struct {
|
2024-08-22 13:38:51 +02:00
|
|
|
OK bool `json:"ok"`
|
2024-08-13 22:00:07 +02:00
|
|
|
Message string `json:"message"`
|
|
|
|
Token *models.Token `json:"authentication_token"`
|
2024-08-13 13:26:38 +02:00
|
|
|
}
|
|
|
|
|
2024-08-22 13:38:51 +02:00
|
|
|
payload.OK = true
|
2024-08-13 22:00:07 +02:00
|
|
|
payload.Message = fmt.Sprintf("token for %s created", userInput.Email)
|
|
|
|
payload.Token = token
|
2024-08-13 13:26:38 +02:00
|
|
|
|
2024-08-13 13:34:53 +02:00
|
|
|
_ = app.writeJSON(w, http.StatusOK, payload)
|
2024-08-13 13:26:38 +02:00
|
|
|
}
|
2024-08-19 21:39:36 +02:00
|
|
|
|
2024-08-19 22:22:40 +02:00
|
|
|
func (app *application) authenticateToken(r *http.Request) (*models.User, error) {
|
|
|
|
authorizationHeader := r.Header.Get("Authorization")
|
|
|
|
if authorizationHeader == "" {
|
|
|
|
return nil, errors.New("no authorization header received")
|
|
|
|
}
|
|
|
|
|
|
|
|
headerParts := strings.Split(authorizationHeader, " ")
|
|
|
|
if len(headerParts) != 2 || headerParts[0] != "Bearer" {
|
|
|
|
return nil, errors.New("no authorization header received")
|
|
|
|
}
|
|
|
|
|
|
|
|
token := headerParts[1]
|
|
|
|
if len(token) != 26 {
|
|
|
|
return nil, errors.New("authentication token wrong size")
|
|
|
|
}
|
|
|
|
|
|
|
|
// get the user from the tokens table
|
|
|
|
user, err := app.DB.GetUserForToken(token)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.New("no matching user found")
|
|
|
|
}
|
|
|
|
|
|
|
|
return user, nil
|
|
|
|
}
|
|
|
|
|
2024-08-19 21:39:36 +02:00
|
|
|
func (app *application) CheckAuthentication(w http.ResponseWriter, r *http.Request) {
|
2024-08-19 22:22:40 +02:00
|
|
|
// validate the token, and get associated user
|
|
|
|
user, err := app.authenticateToken(r)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.invalidCredentials(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// valid user
|
2024-08-26 22:49:10 +02:00
|
|
|
var payload JSONResponse
|
2024-08-22 13:38:51 +02:00
|
|
|
payload.OK = true
|
2024-08-19 22:22:40 +02:00
|
|
|
payload.Message = fmt.Sprintf("authenticated user %s", user.Email)
|
|
|
|
app.writeJSON(w, http.StatusOK, payload)
|
2024-08-19 21:39:36 +02:00
|
|
|
}
|
2024-08-20 13:32:50 +02:00
|
|
|
|
|
|
|
func (app *application) VirtualTerminalPaymentSucceeded(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var txnData struct {
|
|
|
|
PaymentAmount int `json:"amount"`
|
|
|
|
PaymentCurrency string `json:"currency"`
|
|
|
|
FirstName string `json:"first_name"`
|
|
|
|
LastName string `json:"last_name"`
|
|
|
|
Email string `json:"email"`
|
|
|
|
PaymentIntent string `json:"payment_intent"`
|
|
|
|
PaymentMethod string `json:"payment_method"`
|
|
|
|
BankReturnCode string `json:"bank_return_code"`
|
|
|
|
ExpiryMonth int `json:"expiry_month"`
|
|
|
|
ExpiryYear int `json:"expiry_year"`
|
|
|
|
LastFour string `json:"last_four"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := app.readJSON(w, r, &txnData)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
card := cards.Card{
|
|
|
|
Secret: app.config.stripe.secret,
|
|
|
|
Key: app.config.stripe.key,
|
|
|
|
}
|
|
|
|
|
|
|
|
pi, err := card.RetrievePaymentIntent(txnData.PaymentIntent)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
pm, err := card.GetPaymentMethod(txnData.PaymentMethod)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
txnData.LastFour = pm.Card.Last4
|
|
|
|
txnData.ExpiryMonth = int(pm.Card.ExpMonth)
|
|
|
|
txnData.ExpiryYear = int(pm.Card.ExpYear)
|
|
|
|
|
|
|
|
txn := models.Transaction{
|
|
|
|
Amount: txnData.PaymentAmount,
|
|
|
|
Currency: txnData.PaymentCurrency,
|
|
|
|
LastFour: txnData.LastFour,
|
|
|
|
ExpiryMonth: txnData.ExpiryMonth,
|
|
|
|
ExpiryYear: txnData.ExpiryYear,
|
|
|
|
BankReturnCode: pi.LatestCharge.ID,
|
2024-08-20 14:13:35 +02:00
|
|
|
PaymentIntent: txnData.PaymentIntent,
|
|
|
|
PaymentMethod: txnData.PaymentMethod,
|
2024-08-20 13:32:50 +02:00
|
|
|
TransactionStatusID: 2,
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err = app.SaveTransaction(txn)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
2024-08-23 10:51:20 +02:00
|
|
|
return
|
2024-08-20 13:32:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
app.writeJSON(w, http.StatusOK, txn)
|
|
|
|
}
|
2024-08-20 22:20:37 +02:00
|
|
|
|
|
|
|
func (app *application) SendPasswordResetEmail(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var payload struct {
|
|
|
|
Email string `json:"email"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := app.readJSON(w, r, &payload)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-21 11:44:38 +02:00
|
|
|
// verify that email exists
|
|
|
|
_, err = app.DB.GetUserByEmail(payload.Email)
|
|
|
|
if err != nil {
|
2024-08-26 22:49:10 +02:00
|
|
|
resp := JSONResponse{
|
2024-08-22 13:38:51 +02:00
|
|
|
OK: false,
|
|
|
|
Message: "No matching email found on our system",
|
2024-08-21 11:44:38 +02:00
|
|
|
}
|
|
|
|
app.writeJSON(w, http.StatusAccepted, resp)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
link := fmt.Sprintf("%s/reset-password?email=%s", app.config.frontend, payload.Email)
|
|
|
|
sign := urlsigner.Signer{
|
|
|
|
Secret: []byte(app.config.secretkey),
|
|
|
|
}
|
|
|
|
|
|
|
|
signedLink := sign.GenerateTokenFromString(link)
|
|
|
|
|
2024-08-20 22:20:37 +02:00
|
|
|
var data struct {
|
|
|
|
Link string
|
|
|
|
}
|
|
|
|
|
2024-08-21 11:44:38 +02:00
|
|
|
data.Link = signedLink
|
2024-08-20 22:20:37 +02:00
|
|
|
|
|
|
|
// send mail
|
2024-08-21 09:39:34 +02:00
|
|
|
err = app.SendMail(
|
|
|
|
"info@widgets.com",
|
2024-08-21 11:44:38 +02:00
|
|
|
payload.Email,
|
2024-08-21 09:39:34 +02:00
|
|
|
"Password Reset Request",
|
|
|
|
"password-reset",
|
|
|
|
data,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
resp := JSONResponse{
|
2024-08-22 13:38:51 +02:00
|
|
|
OK: true,
|
2024-08-21 09:39:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
app.writeJSON(w, http.StatusCreated, resp)
|
2024-08-20 22:20:37 +02:00
|
|
|
}
|
2024-08-21 12:54:25 +02:00
|
|
|
|
|
|
|
func (app *application) ResetPassword(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var payload struct {
|
|
|
|
Email string `json:"email"`
|
|
|
|
Password string `json:"password"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := app.readJSON(w, r, &payload)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-21 14:22:40 +02:00
|
|
|
encryptor := encryption.Encryption{
|
|
|
|
Key: []byte(app.config.secretkey),
|
|
|
|
}
|
|
|
|
|
|
|
|
realEmail, err := encryptor.Decrypt(payload.Email)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user, err := app.DB.GetUserByEmail(realEmail)
|
2024-08-21 12:54:25 +02:00
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
newHash, err := bcrypt.GenerateFromPassword([]byte(payload.Password), 12)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
err = app.DB.UpdatePasswordForUser(user, string(newHash))
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
resp := JSONResponse{
|
2024-08-22 13:38:51 +02:00
|
|
|
OK: true,
|
|
|
|
Message: "Password reset.",
|
2024-08-21 12:54:25 +02:00
|
|
|
}
|
|
|
|
app.writeJSON(w, http.StatusCreated, resp)
|
|
|
|
}
|
2024-08-21 23:18:51 +02:00
|
|
|
|
|
|
|
func (app *application) AllSales(w http.ResponseWriter, r *http.Request) {
|
2024-08-22 21:48:14 +02:00
|
|
|
var payload struct {
|
|
|
|
PageSize int `json:"page_size"`
|
|
|
|
CurrentPage int `json:"page"`
|
|
|
|
}
|
|
|
|
err := app.readJSON(w, r, &payload)
|
2024-08-21 23:18:51 +02:00
|
|
|
if err != nil {
|
2024-08-23 10:04:06 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-21 23:18:51 +02:00
|
|
|
app.badRequest(w, r, err)
|
2024-08-23 10:04:06 +02:00
|
|
|
return
|
2024-08-21 23:18:51 +02:00
|
|
|
}
|
2024-08-22 21:48:14 +02:00
|
|
|
|
2024-08-23 10:04:06 +02:00
|
|
|
allSales, lastPage, totalRecords, err := app.DB.GetAllOrdersPaginated(
|
|
|
|
false,
|
|
|
|
payload.PageSize,
|
|
|
|
payload.CurrentPage,
|
|
|
|
)
|
2024-08-22 21:48:14 +02:00
|
|
|
if err != nil {
|
2024-08-23 10:04:06 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-22 21:48:14 +02:00
|
|
|
app.badRequest(w, r, err)
|
2024-08-23 10:04:06 +02:00
|
|
|
return
|
2024-08-22 21:48:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
var resp struct {
|
|
|
|
CurrentPage int `json:"current_page"`
|
|
|
|
PageSize int `json:"page_size"`
|
|
|
|
LastPage int `json:"last_page"`
|
|
|
|
TotalRecords int `json:"total_records"`
|
|
|
|
Orders []*models.Order `json:"orders"`
|
|
|
|
}
|
|
|
|
|
2024-08-23 10:04:06 +02:00
|
|
|
resp.CurrentPage = payload.CurrentPage
|
2024-08-22 21:48:14 +02:00
|
|
|
resp.PageSize = payload.PageSize
|
|
|
|
resp.LastPage = lastPage
|
|
|
|
resp.TotalRecords = totalRecords
|
|
|
|
resp.Orders = allSales
|
|
|
|
|
|
|
|
app.writeJSON(w, http.StatusOK, resp)
|
2024-08-21 23:18:51 +02:00
|
|
|
}
|
2024-08-21 23:27:33 +02:00
|
|
|
|
|
|
|
func (app *application) AllSubscriptions(w http.ResponseWriter, r *http.Request) {
|
2024-08-23 10:13:50 +02:00
|
|
|
var payload struct {
|
|
|
|
PageSize int `json:"page_size"`
|
|
|
|
CurrentPage int `json:"page"`
|
|
|
|
}
|
|
|
|
err := app.readJSON(w, r, &payload)
|
2024-08-21 23:27:33 +02:00
|
|
|
if err != nil {
|
2024-08-23 10:13:50 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-21 23:27:33 +02:00
|
|
|
app.badRequest(w, r, err)
|
2024-08-23 10:13:50 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
allSales, lastPage, totalRecords, err := app.DB.GetAllOrdersPaginated(
|
|
|
|
true,
|
|
|
|
payload.PageSize,
|
|
|
|
payload.CurrentPage,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
2024-08-21 23:27:33 +02:00
|
|
|
}
|
2024-08-23 10:13:50 +02:00
|
|
|
|
|
|
|
var resp struct {
|
|
|
|
CurrentPage int `json:"current_page"`
|
|
|
|
PageSize int `json:"page_size"`
|
|
|
|
LastPage int `json:"last_page"`
|
|
|
|
TotalRecords int `json:"total_records"`
|
|
|
|
Orders []*models.Order `json:"orders"`
|
|
|
|
}
|
|
|
|
|
|
|
|
resp.CurrentPage = payload.CurrentPage
|
|
|
|
resp.PageSize = payload.PageSize
|
|
|
|
resp.LastPage = lastPage
|
|
|
|
resp.TotalRecords = totalRecords
|
|
|
|
resp.Orders = allSales
|
|
|
|
|
|
|
|
app.writeJSON(w, http.StatusOK, resp)
|
2024-08-21 23:27:33 +02:00
|
|
|
}
|
2024-08-21 23:43:16 +02:00
|
|
|
|
|
|
|
func (app *application) GetSale(w http.ResponseWriter, r *http.Request) {
|
|
|
|
id := chi.URLParam(r, "id")
|
|
|
|
orderID, _ := strconv.Atoi(id)
|
|
|
|
|
|
|
|
order, err := app.DB.GetOrderByID(orderID)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(w, r, err)
|
2024-08-23 10:51:20 +02:00
|
|
|
return
|
2024-08-21 23:43:16 +02:00
|
|
|
}
|
|
|
|
app.writeJSON(w, http.StatusOK, order)
|
|
|
|
}
|
2024-08-22 13:38:51 +02:00
|
|
|
|
|
|
|
func (app *application) RefundCharge(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var chargeToRefund struct {
|
|
|
|
ID int `json:"id"`
|
|
|
|
PaymentIntent string `json:"pi"`
|
|
|
|
Amount int `json:"amount"`
|
|
|
|
Currency string `json:"currency"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := app.readJSON(w, r, &chargeToRefund)
|
|
|
|
if err != nil {
|
2024-08-22 14:05:46 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-22 13:38:51 +02:00
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// validate
|
|
|
|
|
|
|
|
card := cards.Card{
|
|
|
|
Secret: app.config.stripe.secret,
|
|
|
|
Key: app.config.stripe.key,
|
|
|
|
Currency: chargeToRefund.Currency,
|
|
|
|
}
|
|
|
|
|
|
|
|
err = card.Refund(chargeToRefund.PaymentIntent, chargeToRefund.Amount)
|
|
|
|
if err != nil {
|
2024-08-22 14:05:46 +02:00
|
|
|
app.errorLog.Println(err)
|
2024-08-22 13:38:51 +02:00
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-22 14:33:36 +02:00
|
|
|
// update status in DB
|
|
|
|
err = app.DB.UpdateOrderStatus(chargeToRefund.ID, 2)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(
|
|
|
|
w,
|
|
|
|
r,
|
|
|
|
errors.New("the charge was refunded, but the database could not be updated"),
|
|
|
|
)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
var resp JSONResponse
|
2024-08-22 13:38:51 +02:00
|
|
|
resp.OK = true
|
|
|
|
resp.Message = "Charge refunded"
|
|
|
|
|
|
|
|
app.writeJSON(w, http.StatusOK, resp)
|
|
|
|
}
|
2024-08-22 21:34:58 +02:00
|
|
|
|
|
|
|
func (app *application) CancelSubscription(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var subToCancel struct {
|
|
|
|
ID int `json:"id"`
|
|
|
|
PaymentIntent string `json:"pi"`
|
|
|
|
Currency string `json:"currency"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := app.readJSON(w, r, &subToCancel)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// validate
|
|
|
|
|
|
|
|
card := cards.Card{
|
|
|
|
Secret: app.config.stripe.secret,
|
|
|
|
Key: app.config.stripe.key,
|
|
|
|
Currency: subToCancel.Currency,
|
|
|
|
}
|
|
|
|
|
|
|
|
err = card.CancelSubscription(subToCancel.PaymentIntent)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// update status in DB
|
|
|
|
err = app.DB.UpdateOrderStatus(subToCancel.ID, 3)
|
|
|
|
if err != nil {
|
|
|
|
app.badRequest(
|
|
|
|
w,
|
|
|
|
r,
|
|
|
|
errors.New("the subscription was refunded, but the database could not be updated"),
|
|
|
|
)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
var resp JSONResponse
|
2024-08-22 21:34:58 +02:00
|
|
|
resp.OK = true
|
|
|
|
resp.Message = "Subscription canceled"
|
|
|
|
|
|
|
|
app.writeJSON(w, http.StatusOK, resp)
|
|
|
|
}
|
2024-08-23 14:13:06 +02:00
|
|
|
|
|
|
|
func (app *application) AllUsers(w http.ResponseWriter, r *http.Request) {
|
|
|
|
allUsers, err := app.DB.GetAllUsers()
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
app.writeJSON(w, http.StatusOK, allUsers)
|
|
|
|
}
|
2024-08-23 21:07:13 +02:00
|
|
|
|
|
|
|
func (app *application) OneUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
id := chi.URLParam(r, "id")
|
|
|
|
userID, _ := strconv.Atoi(id)
|
|
|
|
user, err := app.DB.GetOneUser(userID)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
app.writeJSON(w, http.StatusOK, user)
|
|
|
|
}
|
2024-08-26 13:37:05 +02:00
|
|
|
|
|
|
|
func (app *application) EditUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
id := chi.URLParam(r, "id")
|
|
|
|
userID, _ := strconv.Atoi(id)
|
|
|
|
|
|
|
|
var user models.User
|
|
|
|
err := app.readJSON(w, r, &user)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if userID > 0 {
|
|
|
|
err = app.DB.EditUser(user)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if user.Password != "" {
|
|
|
|
newHash, err := bcrypt.GenerateFromPassword([]byte(user.Password), 12)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
err = app.DB.UpdatePasswordForUser(user, string(newHash))
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
newHash, err := bcrypt.GenerateFromPassword([]byte(user.Password), 12)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
err = app.DB.AddUser(user, string(newHash))
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-08-26 22:49:10 +02:00
|
|
|
var resp JSONResponse
|
2024-08-26 13:37:05 +02:00
|
|
|
resp.OK = true
|
|
|
|
app.writeJSON(w, http.StatusOK, resp)
|
|
|
|
}
|
2024-08-26 14:10:18 +02:00
|
|
|
|
|
|
|
func (app *application) DeleteUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
id := chi.URLParam(r, "id")
|
|
|
|
userID, _ := strconv.Atoi(id)
|
|
|
|
err := app.DB.DeleteUser(userID)
|
|
|
|
if err != nil {
|
|
|
|
app.errorLog.Println(err)
|
|
|
|
app.badRequest(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
2024-08-26 22:49:10 +02:00
|
|
|
var resp JSONResponse
|
2024-08-26 14:10:18 +02:00
|
|
|
resp.OK = true
|
|
|
|
app.writeJSON(w, http.StatusOK, resp)
|
|
|
|
}
|