udemy-go-web-2/cmd/api/handlers-api.go

package main

import (
	"encoding/json"
	"errors"
	"fmt"
	"myapp/internal/cards"
	"myapp/internal/models"
	"myapp/internal/urlsigner"
	"net/http"
	"strconv"
	"strings"
	"time"

	"github.com/go-chi/chi/v5"
	"github.com/stripe/stripe-go/v79"
)

type stripePayload struct {
	Currency      string `json:"currency"`
	Amount        string `json:"amount"`
	PaymentMethod string `json:"payment_method"`
	Email         string `json:"email"`
	CardBrand     string `json:"card_brand"`
	ExpiryMonth   int    `json:"expiry_month"`
	ExpiryYear    int    `json:"expiry_year"`
	LastFour      string `json:"last_four"`
	Plan          string `json:"plan"`
	ProductID     string `json:"product_id"`
	FirstName     string `json:"first_name"`
	LastName      string `json:"last_name"`
}

type jsonResponse struct {
	OK      bool   `json:"ok"`
	Message string `json:"message,omitempty"`
	Content string `json:"content,omitempty"`
	ID      int    `json:"id,omitempty"`
}

func (app *application) GetPaymentIntent(w http.ResponseWriter, r *http.Request) {
	var payload stripePayload

	err := json.NewDecoder(r.Body).Decode(&payload)
	if err != nil {
		app.errorLog.Println(err)
		return // TODO: return a valid json
	}

	amount, err := strconv.Atoi(payload.Amount)
	if err != nil {
		app.errorLog.Println(err)
		return // TODO: return a valid json
	}

	card := cards.Card{
		Secret:   app.config.stripe.secret,
		Key:      app.config.stripe.key,
		Currency: payload.Currency,
	}

	pi, msg, err := card.Charge(payload.Currency, amount)
	if err != nil {
		j := jsonResponse{
			OK:      false,
			Message: msg,
			Content: "",
		}

		out, err := json.MarshalIndent(j, "", "    ")
		if err != nil {
			app.errorLog.Println(err)
		}
		w.Header().Set("Content-Type", "application/json")
		w.Write(out)
		return
	}

	out, err := json.MarshalIndent(pi, "", "    ")
	if err != nil {
		app.errorLog.Println(err)
		return // TODO: return a valid json
	}
	w.Header().Set("Content-Type", "application/json")
	w.Write(out)
}

func (app *application) GetWidgetByID(w http.ResponseWriter, r *http.Request) {
	id := chi.URLParam(r, "id")
	widgetID, _ := strconv.Atoi(id)

	widget, err := app.DB.GetWidget(widgetID)
	if err != nil {
		app.errorLog.Println(err)
	}
	out, err := json.MarshalIndent(widget, "", "    ")
	if err != nil {
		app.errorLog.Println(err)
	}
	w.Header().Set("Content-Type", "application/json")
	w.Write(out)
}

func (app *application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter, r *http.Request) {
	var data stripePayload

	err := json.NewDecoder(r.Body).Decode(&data)
	if err != nil {
		app.errorLog.Println(err)
		return
	}

	app.infoLog.Println(data.Email, data.LastFour, data.PaymentMethod, data.Plan)

	card := cards.Card{
		Secret:   app.config.stripe.secret,
		Key:      app.config.stripe.key,
		Currency: data.Currency,
	}

	okay := true
	var subscription *stripe.Subscription
	txnMsg := "Transaction successful"

	stripeCustomer, msg, err := card.CreateCustomer(data.PaymentMethod, data.Email)
	if err != nil {
		app.errorLog.Println(err)
		okay = false
		txnMsg = msg
	}

	if okay {
		subscription, err = card.SubscribeToPlan(
			stripeCustomer,
			data.Plan,
			data.Email,
			data.LastFour,
			"",
		)
		if err != nil {
			app.errorLog.Println(err)
			okay = false
			txnMsg = "Error subscribing customer"
		}
		app.infoLog.Println("subscription id is", subscription.ID)
	}

	if okay {
		productID, _ := strconv.Atoi(data.ProductID)
		customerID, err := app.SaveCustomer(data.FirstName, data.LastName, data.Email)
		if err != nil {
			app.errorLog.Println(err)
			return
		}

		// create a new txn
		amount, _ := strconv.Atoi(data.Amount)
		txn := models.Transaction{
			Amount:              amount,
			Currency:            "eur",
			LastFour:            data.LastFour,
			ExpiryMonth:         data.ExpiryMonth,
			ExpiryYear:          data.ExpiryYear,
			TransactionStatusID: 2,
		}
		txnID, err := app.SaveTransaction(txn)
		if err != nil {
			app.errorLog.Println(err)
			return
		}

		// create order
		order := models.Order{
			WidgetID:      productID,
			TransactionID: txnID,
			CustomerID:    customerID,
			StatusID:      1,
			Quantity:      1,
			Amount:        amount,
		}

		_, err = app.SaveOrder(order)
		if err != nil {
			app.errorLog.Println(err)
			return
		}
	}

	resp := jsonResponse{
		OK:      okay,
		Message: txnMsg,
	}

	out, err := json.MarshalIndent(resp, "", "    ")
	if err != nil {
		app.errorLog.Println(err)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	w.Write(out)
}

func (app *application) SaveCustomer(firstName, lastName, email string) (int, error) {
	customer := models.Customer{
		FirstName: firstName,
		LastName:  lastName,
		Email:     email,
	}

	id, err := app.DB.InsertCustomer(customer)
	if err != nil {
		return 0, err
	}

	return id, nil
}

func (app *application) SaveTransaction(txn models.Transaction) (int, error) {
	txnID, err := app.DB.InsertTransaction(txn)
	if err != nil {
		app.errorLog.Println(err)
		return 0, err
	}

	return txnID, nil
}

func (app *application) SaveOrder(order models.Order) (int, error) {
	id, err := app.DB.InsertOrder(order)
	if err != nil {
		app.errorLog.Println(err)
		return 0, err
	}

	return id, nil
}

func (app *application) CreateAuthToken(w http.ResponseWriter, r *http.Request) {
	var userInput struct {
		Email    string `json:"email"`
		Password string `json:"password"`
	}

	err := app.readJSON(w, r, &userInput)
	if err != nil {
		app.errorLog.Println(err)
		app.badRequest(w, r, err)
		return
	}

	// get the user from the db by email, send error if invalid email
	user, err := app.DB.GetUserByEmail(userInput.Email)
	if err != nil {
		app.errorLog.Println(err)
		app.invalidCredentials(w)
		return
	}

	// validate the password, send error if invalid password
	validPassword, err := app.passwordMatches(user.Password, userInput.Password)
	if err != nil {
		app.errorLog.Println(err)
		app.invalidCredentials(w)
		return
	}

	if !validPassword {
		app.invalidCredentials(w)
		return
	}

	// generate the token
	token, err := models.GenerateToken(user.ID, 24*time.Hour, models.ScopeAuthentication)
	if err != nil {
		app.errorLog.Println(err)
		app.badRequest(w, r, err)
		return
	}

	// save to DB
	err = app.DB.InsertToken(token, user)
	if err != nil {
		app.errorLog.Println(err)
		app.badRequest(w, r, err)
		return
	}

	// send response

	var payload struct {
		Error   bool          `json:"error"`
		Message string        `json:"message"`
		Token   *models.Token `json:"authentication_token"`
	}

	payload.Error = false
	payload.Message = fmt.Sprintf("token for %s created", userInput.Email)
	payload.Token = token

	_ = app.writeJSON(w, http.StatusOK, payload)
}

func (app *application) authenticateToken(r *http.Request) (*models.User, error) {
	authorizationHeader := r.Header.Get("Authorization")
	if authorizationHeader == "" {
		return nil, errors.New("no authorization header received")
	}

	headerParts := strings.Split(authorizationHeader, " ")
	if len(headerParts) != 2 || headerParts[0] != "Bearer" {
		return nil, errors.New("no authorization header received")
	}

	token := headerParts[1]
	if len(token) != 26 {
		return nil, errors.New("authentication token wrong size")
	}

	// get the user from the tokens table
	user, err := app.DB.GetUserForToken(token)
	if err != nil {
		return nil, errors.New("no matching user found")
	}

	return user, nil
}

func (app *application) CheckAuthentication(w http.ResponseWriter, r *http.Request) {
	// validate the token, and get associated user
	user, err := app.authenticateToken(r)
	if err != nil {
		app.errorLog.Println(err)
		app.invalidCredentials(w)
		return
	}

	// valid user
	var payload struct {
		Error   bool   `json:"error"`
		Message string `json:"message"`
	}
	payload.Error = false
	payload.Message = fmt.Sprintf("authenticated user %s", user.Email)
	app.writeJSON(w, http.StatusOK, payload)
}

func (app *application) VirtualTerminalPaymentSucceeded(w http.ResponseWriter, r *http.Request) {
	var txnData struct {
		PaymentAmount   int    `json:"amount"`
		PaymentCurrency string `json:"currency"`
		FirstName       string `json:"first_name"`
		LastName        string `json:"last_name"`
		Email           string `json:"email"`
		PaymentIntent   string `json:"payment_intent"`
		PaymentMethod   string `json:"payment_method"`
		BankReturnCode  string `json:"bank_return_code"`
		ExpiryMonth     int    `json:"expiry_month"`
		ExpiryYear      int    `json:"expiry_year"`
		LastFour        string `json:"last_four"`
	}

	err := app.readJSON(w, r, &txnData)
	if err != nil {
		app.badRequest(w, r, err)
		return
	}

	card := cards.Card{
		Secret: app.config.stripe.secret,
		Key:    app.config.stripe.key,
	}

	pi, err := card.RetrievePaymentIntent(txnData.PaymentIntent)
	if err != nil {
		app.badRequest(w, r, err)
		return
	}

	pm, err := card.GetPaymentMethod(txnData.PaymentMethod)
	if err != nil {
		app.badRequest(w, r, err)
		return
	}

	txnData.LastFour = pm.Card.Last4
	txnData.ExpiryMonth = int(pm.Card.ExpMonth)
	txnData.ExpiryYear = int(pm.Card.ExpYear)

	txn := models.Transaction{
		Amount:              txnData.PaymentAmount,
		Currency:            txnData.PaymentCurrency,
		LastFour:            txnData.LastFour,
		ExpiryMonth:         txnData.ExpiryMonth,
		ExpiryYear:          txnData.ExpiryYear,
		BankReturnCode:      pi.LatestCharge.ID,
		PaymentIntent:       txnData.PaymentIntent,
		PaymentMethod:       txnData.PaymentMethod,
		TransactionStatusID: 2,
	}

	_, err = app.SaveTransaction(txn)
	if err != nil {
		app.badRequest(w, r, err)
	}

	app.writeJSON(w, http.StatusOK, txn)
}

func (app *application) SendPasswordResetEmail(w http.ResponseWriter, r *http.Request) {
	var payload struct {
		Email string `json:"email"`
	}

	err := app.readJSON(w, r, &payload)
	if err != nil {
		app.badRequest(w, r, err)
		return
	}

	// verify that email exists
	_, err = app.DB.GetUserByEmail(payload.Email)
	if err != nil {
		var resp struct {
			Error   bool   `json:"error"`
			Message string `json:"message"`
		}
		resp.Error = true
		resp.Message = "No matching email found on our system"
		app.writeJSON(w, http.StatusAccepted, resp)
		return
	}

	link := fmt.Sprintf("%s/reset-password?email=%s", app.config.frontend, payload.Email)
	sign := urlsigner.Signer{
		Secret: []byte(app.config.secretkey),
	}

	signedLink := sign.GenerateTokenFromString(link)

	var data struct {
		Link string
	}

	data.Link = signedLink

	// send mail
	err = app.SendMail(
		"info@widgets.com",
		payload.Email,
		"Password Reset Request",
		"password-reset",
		data,
	)
	if err != nil {
		app.errorLog.Println(err)
		app.badRequest(w, r, err)
		return
	}

	var resp struct {
		Error   bool   `json:"error"`
		Message string `json:"message"`
	}

	app.writeJSON(w, http.StatusCreated, resp)
}
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`package main`

			`import (`
			`"encoding/json"`
Validating the token on the back end 2024-08-19 20:22:40 +00:00			`"errors"`
Saving token to DB 2024-08-13 20:00:07 +00:00			`"fmt"`
Getting the paymentIntent 2024-08-04 14:52:03 +00:00			`"myapp/internal/cards"`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`"myapp/internal/models"`
Using urlsigner package 2024-08-21 09:44:38 +00:00			`"myapp/internal/urlsigner"`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`"net/http"`
Getting the paymentIntent 2024-08-04 14:52:03 +00:00			`"strconv"`
Validating the token on the back end 2024-08-19 20:22:40 +00:00			`"strings"`
Saving token to DB 2024-08-13 20:00:07 +00:00			`"time"`
Creating a database table for items for sale 2024-08-06 19:35:28 +00:00
			`"github.com/go-chi/chi/v5"`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`"github.com/stripe/stripe-go/v79"`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`)`

			`type stripePayload struct {`
Create a handler for the POST request after a user is subscribed 2024-08-12 11:49:50 +00:00			Currency string `json:"currency"`
			Amount string `json:"amount"`
			PaymentMethod string `json:"payment_method"`
			Email string `json:"email"`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			CardBrand string `json:"card_brand"`
			ExpiryMonth int `json:"expiry_month"`
			ExpiryYear int `json:"expiry_year"`
Create a handler for the POST request after a user is subscribed 2024-08-12 11:49:50 +00:00			LastFour string `json:"last_four"`
			Plan string `json:"plan"`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			ProductID string `json:"product_id"`
			FirstName string `json:"first_name"`
			LastName string `json:"last_name"`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`}`

			`type jsonResponse struct {`
			OK bool `json:"ok"`
Getting the paymentIntent 2024-08-04 14:52:03 +00:00			Message string `json:"message,omitempty"`
			Content string `json:"content,omitempty"`
			ID int `json:"id,omitempty"`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`}`

			`func (app application) GetPaymentIntent(w http.ResponseWriter, r http.Request) {`
Getting the paymentIntent 2024-08-04 14:52:03 +00:00			`var payload stripePayload`

			`err := json.NewDecoder(r.Body).Decode(&payload)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return // TODO: return a valid json`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`}`

Getting the paymentIntent 2024-08-04 14:52:03 +00:00			`amount, err := strconv.Atoi(payload.Amount)`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`if err != nil {`
			`app.errorLog.Println(err)`
Getting the paymentIntent 2024-08-04 14:52:03 +00:00			`return // TODO: return a valid json`
			`}`

			`card := cards.Card{`
			`Secret: app.config.stripe.secret,`
			`Key: app.config.stripe.key,`
			`Currency: payload.Currency,`
			`}`

			`pi, msg, err := card.Charge(payload.Currency, amount)`
			`if err != nil {`
			`j := jsonResponse{`
			`OK: false,`
			`Message: msg,`
			`Content: "",`
			`}`

			`out, err := json.MarshalIndent(j, "", " ")`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`}`
			`w.Header().Set("Content-Type", "application/json")`
			`w.Write(out)`
			`return`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`}`

Getting the paymentIntent 2024-08-04 14:52:03 +00:00			`out, err := json.MarshalIndent(pi, "", " ")`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return // TODO: return a valid json`
			`}`
Getting the paymentIntent set up route and handler in API 2024-08-04 14:26:02 +00:00			`w.Header().Set("Content-Type", "application/json")`
			`w.Write(out)`
			`}`
Creating a database table for items for sale 2024-08-06 19:35:28 +00:00
			`func (app application) GetWidgetByID(w http.ResponseWriter, r http.Request) {`
			`id := chi.URLParam(r, "id")`
			`widgetID, _ := strconv.Atoi(id)`

			`widget, err := app.DB.GetWidget(widgetID)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`}`
			`out, err := json.MarshalIndent(widget, "", " ")`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`}`
			`w.Header().Set("Content-Type", "application/json")`
			`w.Write(out)`
			`}`
Create a handler for the POST request after a user is subscribed 2024-08-12 11:49:50 +00:00
			`func (app application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter, r http.Request) {`
			`var data stripePayload`

			`err := json.NewDecoder(r.Body).Decode(&data)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return`
			`}`

			`app.infoLog.Println(data.Email, data.LastFour, data.PaymentMethod, data.Plan)`

Updating handler to complete a subscription 2024-08-12 16:28:20 +00:00			`card := cards.Card{`
			`Secret: app.config.stripe.secret,`
			`Key: app.config.stripe.key,`
			`Currency: data.Currency,`
			`}`
Create a handler for the POST request after a user is subscribed 2024-08-12 11:49:50 +00:00
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`okay := true`
			`var subscription *stripe.Subscription`
			`txnMsg := "Transaction successful"`

Updating handler to complete a subscription 2024-08-12 16:28:20 +00:00			`stripeCustomer, msg, err := card.CreateCustomer(data.PaymentMethod, data.Email)`
			`if err != nil {`
			`app.errorLog.Println(err)`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`okay = false`
			`txnMsg = msg`
Updating handler to complete a subscription 2024-08-12 16:28:20 +00:00			`}`

Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`if okay {`
			`subscription, err = card.SubscribeToPlan(`
			`stripeCustomer,`
			`data.Plan,`
			`data.Email,`
			`data.LastFour,`
			`"",`
			`)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`okay = false`
			`txnMsg = "Error subscribing customer"`
			`}`
			`app.infoLog.Println("subscription id is", subscription.ID)`
Updating handler to complete a subscription 2024-08-12 16:28:20 +00:00			`}`

Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`if okay {`
			`productID, _ := strconv.Atoi(data.ProductID)`
			`customerID, err := app.SaveCustomer(data.FirstName, data.LastName, data.Email)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return`
			`}`

			`// create a new txn`
			`amount, _ := strconv.Atoi(data.Amount)`
			`txn := models.Transaction{`
			`Amount: amount,`
			`Currency: "eur",`
			`LastFour: data.LastFour,`
			`ExpiryMonth: data.ExpiryMonth,`
			`ExpiryYear: data.ExpiryYear,`
			`TransactionStatusID: 2,`
			`}`
			`txnID, err := app.SaveTransaction(txn)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return`
			`}`

			`// create order`
			`order := models.Order{`
			`WidgetID: productID,`
			`TransactionID: txnID,`
			`CustomerID: customerID,`
			`StatusID: 1,`
			`Quantity: 1,`
			`Amount: amount,`
			`}`

			`_, err = app.SaveOrder(order)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return`
			`}`
			`}`
Updating handler to complete a subscription 2024-08-12 16:28:20 +00:00
Create a handler for the POST request after a user is subscribed 2024-08-12 11:49:50 +00:00			`resp := jsonResponse{`
			`OK: okay,`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00			`Message: txnMsg,`
Create a handler for the POST request after a user is subscribed 2024-08-12 11:49:50 +00:00			`}`

			`out, err := json.MarshalIndent(resp, "", " ")`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return`
			`}`

			`w.Header().Set("Content-Type", "application/json")`
			`w.Write(out)`
			`}`
Saving transaction & customer info 2024-08-12 17:10:27 +00:00
			`func (app *application) SaveCustomer(firstName, lastName, email string) (int, error) {`
			`customer := models.Customer{`
			`FirstName: firstName,`
			`LastName: lastName,`
			`Email: email,`
			`}`

			`id, err := app.DB.InsertCustomer(customer)`
			`if err != nil {`
			`return 0, err`
			`}`

			`return id, nil`
			`}`

			`func (app *application) SaveTransaction(txn models.Transaction) (int, error) {`
			`txnID, err := app.DB.InsertTransaction(txn)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return 0, err`
			`}`

			`return txnID, nil`
			`}`

			`func (app *application) SaveOrder(order models.Order) (int, error) {`
			`id, err := app.DB.InsertOrder(order)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`return 0, err`
			`}`

			`return id, nil`
			`}`
Create route and handler for authentication 2024-08-13 11:26:38 +00:00
			`func (app application) CreateAuthToken(w http.ResponseWriter, r http.Request) {`
			`var userInput struct {`
			Email string `json:"email"`
			Password string `json:"password"`
			`}`

			`err := app.readJSON(w, r, &userInput)`
			`if err != nil {`
Fix some errors 2024-08-13 12:12:40 +00:00			`app.errorLog.Println(err)`
Create route and handler for authentication 2024-08-13 11:26:38 +00:00			`app.badRequest(w, r, err)`
			`return`
			`}`

Auth 2024-08-13 11:47:56 +00:00			`// get the user from the db by email, send error if invalid email`
			`user, err := app.DB.GetUserByEmail(userInput.Email)`
			`if err != nil {`
Fix some errors 2024-08-13 12:12:40 +00:00			`app.errorLog.Println(err)`
Auth 2024-08-13 11:47:56 +00:00			`app.invalidCredentials(w)`
			`return`
			`}`

			`// validate the password, send error if invalid password`
Creating passwordMatches help 2024-08-13 11:58:33 +00:00			`validPassword, err := app.passwordMatches(user.Password, userInput.Password)`
			`if err != nil {`
Fix some errors 2024-08-13 12:12:40 +00:00			`app.errorLog.Println(err)`
Creating passwordMatches help 2024-08-13 11:58:33 +00:00			`app.invalidCredentials(w)`
			`return`
			`}`

			`if !validPassword {`
			`app.invalidCredentials(w)`
			`return`
			`}`
Auth 2024-08-13 11:47:56 +00:00
			`// generate the token`
Saving token to DB 2024-08-13 20:00:07 +00:00			`token, err := models.GenerateToken(user.ID, 24*time.Hour, models.ScopeAuthentication)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`app.badRequest(w, r, err)`
			`return`
			`}`

			`// save to DB`
			`err = app.DB.InsertToken(token, user)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`app.badRequest(w, r, err)`
			`return`
			`}`
Auth 2024-08-13 11:47:56 +00:00
			`// send response`

Create route and handler for authentication 2024-08-13 11:26:38 +00:00			`var payload struct {`
Saving token to DB 2024-08-13 20:00:07 +00:00			Error bool `json:"error"`
			Message string `json:"message"`
			Token *models.Token `json:"authentication_token"`
Create route and handler for authentication 2024-08-13 11:26:38 +00:00			`}`

			`payload.Error = false`
Saving token to DB 2024-08-13 20:00:07 +00:00			`payload.Message = fmt.Sprintf("token for %s created", userInput.Email)`
			`payload.Token = token`
Create route and handler for authentication 2024-08-13 11:26:38 +00:00
Create a writeJSON helper 2024-08-13 11:34:53 +00:00			`_ = app.writeJSON(w, http.StatusOK, payload)`
Create route and handler for authentication 2024-08-13 11:26:38 +00:00			`}`
Checking authentication on the backend 2024-08-19 19:39:36 +00:00
Validating the token on the back end 2024-08-19 20:22:40 +00:00			`func (app application) authenticateToken(r http.Request) (*models.User, error) {`
			`authorizationHeader := r.Header.Get("Authorization")`
			`if authorizationHeader == "" {`
			`return nil, errors.New("no authorization header received")`
			`}`

			`headerParts := strings.Split(authorizationHeader, " ")`
			`if len(headerParts) != 2 \|\| headerParts[0] != "Bearer" {`
			`return nil, errors.New("no authorization header received")`
			`}`

			`token := headerParts[1]`
			`if len(token) != 26 {`
			`return nil, errors.New("authentication token wrong size")`
			`}`

			`// get the user from the tokens table`
			`user, err := app.DB.GetUserForToken(token)`
			`if err != nil {`
			`return nil, errors.New("no matching user found")`
			`}`

			`return user, nil`
			`}`

Checking authentication on the backend 2024-08-19 19:39:36 +00:00			`func (app application) CheckAuthentication(w http.ResponseWriter, r http.Request) {`
Validating the token on the back end 2024-08-19 20:22:40 +00:00			`// validate the token, and get associated user`
			`user, err := app.authenticateToken(r)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`app.invalidCredentials(w)`
			`return`
			`}`

			`// valid user`
			`var payload struct {`
			Error bool `json:"error"`
			Message string `json:"message"`
			`}`
			`payload.Error = false`
			`payload.Message = fmt.Sprintf("authenticated user %s", user.Email)`
			`app.writeJSON(w, http.StatusOK, payload)`
Checking authentication on the backend 2024-08-19 19:39:36 +00:00			`}`
Converting the vt post to use the back end 2024-08-20 11:32:50 +00:00
			`func (app application) VirtualTerminalPaymentSucceeded(w http.ResponseWriter, r http.Request) {`
			`var txnData struct {`
			PaymentAmount int `json:"amount"`
			PaymentCurrency string `json:"currency"`
			FirstName string `json:"first_name"`
			LastName string `json:"last_name"`
			Email string `json:"email"`
			PaymentIntent string `json:"payment_intent"`
			PaymentMethod string `json:"payment_method"`
			BankReturnCode string `json:"bank_return_code"`
			ExpiryMonth int `json:"expiry_month"`
			ExpiryYear int `json:"expiry_year"`
			LastFour string `json:"last_four"`
			`}`

			`err := app.readJSON(w, r, &txnData)`
			`if err != nil {`
			`app.badRequest(w, r, err)`
			`return`
			`}`

			`card := cards.Card{`
			`Secret: app.config.stripe.secret,`
			`Key: app.config.stripe.key,`
			`}`

			`pi, err := card.RetrievePaymentIntent(txnData.PaymentIntent)`
			`if err != nil {`
			`app.badRequest(w, r, err)`
			`return`
			`}`

			`pm, err := card.GetPaymentMethod(txnData.PaymentMethod)`
			`if err != nil {`
			`app.badRequest(w, r, err)`
			`return`
			`}`

			`txnData.LastFour = pm.Card.Last4`
			`txnData.ExpiryMonth = int(pm.Card.ExpMonth)`
			`txnData.ExpiryYear = int(pm.Card.ExpYear)`

			`txn := models.Transaction{`
			`Amount: txnData.PaymentAmount,`
			`Currency: txnData.PaymentCurrency,`
			`LastFour: txnData.LastFour,`
			`ExpiryMonth: txnData.ExpiryMonth,`
			`ExpiryYear: txnData.ExpiryYear,`
			`BankReturnCode: pi.LatestCharge.ID,`
Changing the vt to use fetch 2024-08-20 12:13:35 +00:00			`PaymentIntent: txnData.PaymentIntent,`
			`PaymentMethod: txnData.PaymentMethod,`
Converting the vt post to use the back end 2024-08-20 11:32:50 +00:00			`TransactionStatusID: 2,`
			`}`

			`_, err = app.SaveTransaction(txn)`
			`if err != nil {`
			`app.badRequest(w, r, err)`
			`}`

			`app.writeJSON(w, http.StatusOK, txn)`
			`}`
Password resets and sending mail 2024-08-20 20:20:37 +00:00
			`func (app application) SendPasswordResetEmail(w http.ResponseWriter, r http.Request) {`
			`var payload struct {`
			Email string `json:"email"`
			`}`

			`err := app.readJSON(w, r, &payload)`
			`if err != nil {`
			`app.badRequest(w, r, err)`
			`return`
			`}`

Using urlsigner package 2024-08-21 09:44:38 +00:00			`// verify that email exists`
			`_, err = app.DB.GetUserByEmail(payload.Email)`
			`if err != nil {`
			`var resp struct {`
			Error bool `json:"error"`
			Message string `json:"message"`
			`}`
			`resp.Error = true`
			`resp.Message = "No matching email found on our system"`
			`app.writeJSON(w, http.StatusAccepted, resp)`
			`return`
			`}`

			`link := fmt.Sprintf("%s/reset-password?email=%s", app.config.frontend, payload.Email)`
			`sign := urlsigner.Signer{`
			`Secret: []byte(app.config.secretkey),`
			`}`

			`signedLink := sign.GenerateTokenFromString(link)`

Password resets and sending mail 2024-08-20 20:20:37 +00:00			`var data struct {`
			`Link string`
			`}`

Using urlsigner package 2024-08-21 09:44:38 +00:00			`data.Link = signedLink`
Password resets and sending mail 2024-08-20 20:20:37 +00:00
			`// send mail`
test sending emain 2024-08-21 07:39:34 +00:00			`err = app.SendMail(`
			`"info@widgets.com",`
Using urlsigner package 2024-08-21 09:44:38 +00:00			`payload.Email,`
test sending emain 2024-08-21 07:39:34 +00:00			`"Password Reset Request",`
			`"password-reset",`
			`data,`
			`)`
			`if err != nil {`
			`app.errorLog.Println(err)`
			`app.badRequest(w, r, err)`
			`return`
			`}`

			`var resp struct {`
			Error bool `json:"error"`
			Message string `json:"message"`
			`}`

			`app.writeJSON(w, http.StatusCreated, resp)`
Password resets and sending mail 2024-08-20 20:20:37 +00:00			`}`