Compare commits

...

18 Commits

Author SHA1 Message Date
c22b5d2372 fix: potential context leak 2024-10-03 23:41:39 +02:00
3d5212fb53 Add BE validator 2024-08-27 14:38:37 +02:00
082c75283d Sending invoice from the BE 2024-08-27 13:52:36 +02:00
9b31ff0bbb Sending invoice mails with attachement 2024-08-27 13:28:11 +02:00
491f482fc7 fix errors and test pdf 2024-08-26 23:06:29 +02:00
08fb20d7be Setting un invoice pdf microservice 2024-08-26 22:49:10 +02:00
6547b6ac85 use websockets to logout remote users 2024-08-26 21:26:07 +02:00
3f0ddf7138 delete users 2024-08-26 14:10:18 +02:00
bced6d7036 edit user 2024-08-26 13:37:05 +02:00
591525e97f Populating the user form 2024-08-23 21:26:06 +02:00
b183e7bf43 Create user 2024-08-23 21:07:13 +02:00
05db85eca1 all users front end 2024-08-23 14:26:12 +02:00
f39c000e5d add user be handlers 2024-08-23 14:13:06 +02:00
d16793c01c add user db functions 2024-08-23 14:10:44 +02:00
1971169e2f use sessionStorage & add user admin pages 2024-08-23 13:55:21 +02:00
0e7b9d8c20 improve pagination 2024-08-23 10:51:20 +02:00
0f0c896065 pagination all-subscriptions 2024-08-23 10:13:50 +02:00
c8b032236b pagination all-sales 2024-08-23 10:04:06 +02:00
35 changed files with 1543 additions and 62 deletions

1
.gitignore vendored
View File

@ -6,3 +6,4 @@ cred.txt
dist/
.air.toml
tmp/
invoices/

View File

@ -5,7 +5,7 @@ API_PORT=4001
DSN=vinchent:secret@tcp(localhost:3306)/widgets?parseTime=true&tls=false
## build: builds all binaries
build: clean build_front build_back
build: clean build_front build_back build_invoice
@printf "All binaries built!\n"
## clean: cleans all binaries and runs go clean
@ -15,6 +15,12 @@ clean:
@go clean
@echo "Cleaned!"
## build_invoice: builds the invoice microservice
build_invoice:
@echo "Building invoice microservice..."
@go build -o dist/invoice ./cmd/micro/invoice
@echo "Invoice microservice built!"
## build_front: builds the front end
build_front:
@echo "Building front end..."
@ -28,8 +34,14 @@ build_back:
@echo "Back end built!"
## start: starts front and back end
start: start_front start_back
start: start_front start_back start_invoice
## start_invoice: starts the invoice microservice
start_invoice: build_invoice
@echo "Starting the invoice microservice..."
@./dist/invoice &
@echo "invoice microservice running!"
## start_front: starts the front end
start_front: build_front
@echo "Starting the front end..."
@ -43,9 +55,15 @@ start_back: build_back
@echo "Back end running!"
## stop: stops the front and back end
stop: stop_front stop_back
stop: stop_front stop_back stop_invoice
@echo "All applications stopped"
## stop_invoice: stops the invoice microservice
stop_invoice:
@echo "Stopping the invoice microservice..."
@-pkill -SIGTERM -f "invoice"
@echo "Stopped invoice microservice"
## stop_front: stops the front end
stop_front:
@echo "Stopping the front end..."

View File

@ -1,6 +1,7 @@
package main
import (
"bytes"
"encoding/json"
"errors"
"fmt"
@ -8,6 +9,7 @@ import (
"myapp/internal/cards/encryption"
"myapp/internal/models"
"myapp/internal/urlsigner"
"myapp/internal/validator"
"net/http"
"strconv"
"strings"
@ -33,7 +35,7 @@ type stripePayload struct {
LastName string `json:"last_name"`
}
type jsonResponse struct {
type JSONResponse struct {
OK bool `json:"ok"`
Message string `json:"message,omitempty"`
Content string `json:"content,omitempty"`
@ -63,7 +65,7 @@ func (app *application) GetPaymentIntent(w http.ResponseWriter, r *http.Request)
pi, msg, err := card.Charge(payload.Currency, amount)
if err != nil {
j := jsonResponse{
j := JSONResponse{
OK: false,
Message: msg,
Content: "",
@ -103,6 +105,17 @@ func (app *application) GetWidgetByID(w http.ResponseWriter, r *http.Request) {
w.Write(out)
}
type Invoice struct {
ID int `json:"id"`
Quantity int `json:"quantity"`
Amount int `json:"amount"`
Product string `json:"product"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
Email string `json:"email"`
CreatedAt time.Time `json:"created_at"`
}
func (app *application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter, r *http.Request) {
var data stripePayload
@ -112,6 +125,14 @@ func (app *application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter,
return
}
// validate data
v := validator.New()
v.Check(len(data.FirstName) > 1, "first_name", "must be at least 2 characters")
if !v.Valid() {
app.failedValidation(w, r, v.Errors)
return
}
app.infoLog.Println(data.Email, data.LastFour, data.PaymentMethod, data.Plan)
card := cards.Card{
@ -183,14 +204,30 @@ func (app *application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter,
Amount: amount,
}
_, err = app.SaveOrder(order)
orderID, err := app.SaveOrder(order)
if err != nil {
app.errorLog.Println(err)
return
}
inv := Invoice{
ID: orderID,
Quantity: order.Quantity,
Amount: order.Amount,
Product: "Bronze Plan",
FirstName: data.FirstName,
LastName: data.LastName,
Email: data.Email,
CreatedAt: time.Now(),
}
err = app.callInvoiceMicro(inv)
if err != nil {
app.errorLog.Println(err)
// Don't stop the program
}
}
resp := jsonResponse{
resp := JSONResponse{
OK: okay,
Message: txnMsg,
}
@ -205,6 +242,30 @@ func (app *application) CreateCustomerAndSubscribeToPlan(w http.ResponseWriter,
w.Write(out)
}
func (app *application) callInvoiceMicro(inv Invoice) error {
// TODO: Do not hard code this.
url := "http://localhost:5000/invoice/create-and-send"
out, err := json.MarshalIndent(inv, "", "\t")
if err != err {
return err
}
req, err := http.NewRequest("POST", url, bytes.NewBuffer(out))
if err != nil {
return nil
}
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
app.infoLog.Println(resp.Body)
return nil
}
func (app *application) SaveCustomer(firstName, lastName, email string) (int, error) {
customer := models.Customer{
FirstName: firstName,
@ -340,7 +401,7 @@ func (app *application) CheckAuthentication(w http.ResponseWriter, r *http.Reque
}
// valid user
var payload jsonResponse
var payload JSONResponse
payload.OK = true
payload.Message = fmt.Sprintf("authenticated user %s", user.Email)
app.writeJSON(w, http.StatusOK, payload)
@ -403,6 +464,7 @@ func (app *application) VirtualTerminalPaymentSucceeded(w http.ResponseWriter, r
_, err = app.SaveTransaction(txn)
if err != nil {
app.badRequest(w, r, err)
return
}
app.writeJSON(w, http.StatusOK, txn)
@ -422,7 +484,7 @@ func (app *application) SendPasswordResetEmail(w http.ResponseWriter, r *http.Re
// verify that email exists
_, err = app.DB.GetUserByEmail(payload.Email)
if err != nil {
resp := jsonResponse{
resp := JSONResponse{
OK: false,
Message: "No matching email found on our system",
}
@ -457,7 +519,7 @@ func (app *application) SendPasswordResetEmail(w http.ResponseWriter, r *http.Re
return
}
resp := jsonResponse{
resp := JSONResponse{
OK: true,
}
@ -508,7 +570,7 @@ func (app *application) ResetPassword(w http.ResponseWriter, r *http.Request) {
return
}
resp := jsonResponse{
resp := JSONResponse{
OK: true,
Message: "Password reset.",
}
@ -522,12 +584,20 @@ func (app *application) AllSales(w http.ResponseWriter, r *http.Request) {
}
err := app.readJSON(w, r, &payload)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
allSales, lastPage, totalRecords, err := app.DB.GetAllOrdersPaginated(false, 2, 1)
allSales, lastPage, totalRecords, err := app.DB.GetAllOrdersPaginated(
false,
payload.PageSize,
payload.CurrentPage,
)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
var resp struct {
@ -538,7 +608,7 @@ func (app *application) AllSales(w http.ResponseWriter, r *http.Request) {
Orders []*models.Order `json:"orders"`
}
resp.CurrentPage = 1
resp.CurrentPage = payload.CurrentPage
resp.PageSize = payload.PageSize
resp.LastPage = lastPage
resp.TotalRecords = totalRecords
@ -548,11 +618,43 @@ func (app *application) AllSales(w http.ResponseWriter, r *http.Request) {
}
func (app *application) AllSubscriptions(w http.ResponseWriter, r *http.Request) {
allSubscriptions, err := app.DB.GetAllOrders(true)
if err != nil {
app.badRequest(w, r, err)
var payload struct {
PageSize int `json:"page_size"`
CurrentPage int `json:"page"`
}
app.writeJSON(w, http.StatusOK, allSubscriptions)
err := app.readJSON(w, r, &payload)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
allSales, lastPage, totalRecords, err := app.DB.GetAllOrdersPaginated(
true,
payload.PageSize,
payload.CurrentPage,
)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
var resp struct {
CurrentPage int `json:"current_page"`
PageSize int `json:"page_size"`
LastPage int `json:"last_page"`
TotalRecords int `json:"total_records"`
Orders []*models.Order `json:"orders"`
}
resp.CurrentPage = payload.CurrentPage
resp.PageSize = payload.PageSize
resp.LastPage = lastPage
resp.TotalRecords = totalRecords
resp.Orders = allSales
app.writeJSON(w, http.StatusOK, resp)
}
func (app *application) GetSale(w http.ResponseWriter, r *http.Request) {
@ -562,6 +664,7 @@ func (app *application) GetSale(w http.ResponseWriter, r *http.Request) {
order, err := app.DB.GetOrderByID(orderID)
if err != nil {
app.badRequest(w, r, err)
return
}
app.writeJSON(w, http.StatusOK, order)
}
@ -607,7 +710,7 @@ func (app *application) RefundCharge(w http.ResponseWriter, r *http.Request) {
return
}
var resp jsonResponse
var resp JSONResponse
resp.OK = true
resp.Message = "Charge refunded"
@ -654,9 +757,100 @@ func (app *application) CancelSubscription(w http.ResponseWriter, r *http.Reques
return
}
var resp jsonResponse
var resp JSONResponse
resp.OK = true
resp.Message = "Subscription canceled"
app.writeJSON(w, http.StatusOK, resp)
}
func (app *application) AllUsers(w http.ResponseWriter, r *http.Request) {
allUsers, err := app.DB.GetAllUsers()
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
app.writeJSON(w, http.StatusOK, allUsers)
}
func (app *application) OneUser(w http.ResponseWriter, r *http.Request) {
id := chi.URLParam(r, "id")
userID, _ := strconv.Atoi(id)
user, err := app.DB.GetOneUser(userID)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
app.writeJSON(w, http.StatusOK, user)
}
func (app *application) EditUser(w http.ResponseWriter, r *http.Request) {
id := chi.URLParam(r, "id")
userID, _ := strconv.Atoi(id)
var user models.User
err := app.readJSON(w, r, &user)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
if userID > 0 {
err = app.DB.EditUser(user)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
if user.Password != "" {
newHash, err := bcrypt.GenerateFromPassword([]byte(user.Password), 12)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
err = app.DB.UpdatePasswordForUser(user, string(newHash))
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
}
} else {
newHash, err := bcrypt.GenerateFromPassword([]byte(user.Password), 12)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
err = app.DB.AddUser(user, string(newHash))
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
}
var resp JSONResponse
resp.OK = true
app.writeJSON(w, http.StatusOK, resp)
}
func (app *application) DeleteUser(w http.ResponseWriter, r *http.Request) {
id := chi.URLParam(r, "id")
userID, _ := strconv.Atoi(id)
err := app.DB.DeleteUser(userID)
if err != nil {
app.errorLog.Println(err)
app.badRequest(w, r, err)
return
}
var resp JSONResponse
resp.OK = true
app.writeJSON(w, http.StatusOK, resp)
}

View File

@ -53,7 +53,7 @@ func (app *application) writeJSON(
}
func (app *application) badRequest(w http.ResponseWriter, r *http.Request, err error) error {
var payload jsonResponse
var payload JSONResponse
payload.OK = false
payload.Message = err.Error()
@ -70,7 +70,7 @@ func (app *application) badRequest(w http.ResponseWriter, r *http.Request, err e
}
func (app *application) invalidCredentials(w http.ResponseWriter) error {
var payload jsonResponse
var payload JSONResponse
payload.OK = false
payload.Message = "invalid authentication credentials"
@ -95,3 +95,20 @@ func (app *application) passwordMatches(hash, password string) (bool, error) {
return true, nil
}
func (app *application) failedValidation(
w http.ResponseWriter,
r *http.Request,
errors map[string]string,
) {
var payload struct {
OK bool `json:"ok"`
Message string `json:"message"`
Errors map[string]string `json:"errors"`
}
payload.OK = false
payload.Message = "failed validation"
payload.Errors = errors
app.writeJSON(w, http.StatusUnprocessableEntity, payload)
}

View File

@ -37,6 +37,10 @@ func (app *application) routes() http.Handler {
mux.Post("/get-sale/{id}", app.GetSale)
mux.Post("/refund", app.RefundCharge)
mux.Post("/cancel-subscription", app.CancelSubscription)
mux.Post("/all-users", app.AllUsers)
mux.Post("/all-users/{id}", app.OneUser)
mux.Post("/all-users/edit/{id}", app.EditUser)
mux.Post("/all-users/delete/{id}", app.DeleteUser)
})
mux.Post("/api/forgot-password", app.SendPasswordResetEmail)
mux.Post("/api/reset-password", app.ResetPassword)

View File

@ -0,0 +1,18 @@
{{ define "body" }}
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hello:</p>
<p>Please find your invoice attached.</p>
<p>
--
<br>
Widget Co.
</p>
</body>
</html>
{{ end }}

View File

@ -0,0 +1,9 @@
{{ define "body" }}
Hello:
Please find your invoice attached.
--
Widget Co.
{{ end }}

View File

@ -0,0 +1,86 @@
package main
import (
"encoding/json"
"errors"
"io"
"net/http"
"os"
)
type JSONResponse struct {
OK bool `json:"ok"`
Message string `json:"message,omitempty"`
}
func (app *application) readJSON(w http.ResponseWriter, r *http.Request, data interface{}) error {
maxBytes := 1048576
r.Body = http.MaxBytesReader(w, r.Body, int64(maxBytes))
dec := json.NewDecoder(r.Body)
err := dec.Decode(data)
if err != nil {
return err
}
// Make sure there is only one entry.
err = dec.Decode(&struct{}{})
if err != io.EOF {
return errors.New("body must only have a single JSON value")
}
return nil
}
// writeJSON writes arbitrary data out as JSON
func (app *application) writeJSON(
w http.ResponseWriter,
status int, data interface{},
headers ...http.Header,
) error {
out, err := json.MarshalIndent(data, "", "\t")
if err != nil {
return err
}
if len(headers) > 0 {
for k, v := range headers[0] {
w.Header()[k] = v
}
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(status)
w.Write(out)
return nil
}
func (app *application) badRequest(w http.ResponseWriter, r *http.Request, err error) error {
var payload JSONResponse
payload.OK = false
payload.Message = err.Error()
out, err := json.MarshalIndent(payload, "", "\t")
if err != nil {
return err
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusBadGateway)
w.Write(out)
return nil
}
func (app *application) CreateDirIfNotExist(path string) error {
const mode = 0755
if _, err := os.Stat(path); os.IsNotExist(err) {
err := os.Mkdir(path, mode)
if err != nil {
app.errorLog.Println(err)
return err
}
}
return nil
}

View File

@ -0,0 +1,159 @@
package main
import (
"fmt"
"net/http"
"time"
"github.com/phpdave11/gofpdf"
"github.com/phpdave11/gofpdf/contrib/gofpdi"
)
type Order struct {
ID int `json:"id"`
Quantity int `json:"quantity"`
Amount int `json:"amount"`
Product string `json:"product"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
Email string `json:"email"`
CreatedAt time.Time `json:"created_at"`
}
func (app *application) CreateAndSendInvoice(w http.ResponseWriter, r *http.Request) {
// receive json
var order Order
err := app.readJSON(w, r, &order)
if err != nil {
app.badRequest(w, r, err)
return
}
app.infoLog.Println(order)
// generate a pdf invoice
err = app.createInvoicePDF(order)
if err != nil {
app.badRequest(w, r, err)
return
}
// create mail attachment
attachments := []string{
fmt.Sprintf("./invoices/%d.pdf", order.ID),
}
// send mail with attachment
err = app.SendMail("info@widgets.com", order.Email, "Your invoice", "invoice", attachments, nil)
if err != nil {
app.badRequest(w, r, err)
return
}
// send response
var resp JSONResponse
resp.OK = true
resp.Message = fmt.Sprintf("Invoice %d.pdf created and sent to %s", order.ID, order.Email)
app.writeJSON(w, http.StatusCreated, resp)
}
func (app *application) createInvoicePDF(order Order) error {
pdf := gofpdf.New("P", "mm", "Letter", "")
pdf.SetMargins(10, 13, 10)
pdf.SetAutoPageBreak(true, 0)
importer := gofpdi.NewImporter()
t := importer.ImportPage(pdf, "./pdf-templates/invoice.pdf", 1, "/MediaBox")
pdf.AddPage()
importer.UseImportedTemplate(pdf, t, 0, 0, 215.9, 0)
pdf.SetY(20)
// write info
pdf.SetY(50)
pdf.SetX(10)
pdf.SetFont("Times", "", 11)
pdf.CellFormat(
97,
8,
fmt.Sprintf("Attention: %s %s", order.FirstName, order.LastName),
"",
0,
"L",
false,
0,
"",
)
pdf.Ln(5)
pdf.CellFormat(
97,
8,
order.Email,
"",
0,
"L",
false,
0,
"",
)
pdf.Ln(5)
pdf.CellFormat(
97,
8,
order.CreatedAt.Format("2006-01-02"),
"",
0,
"L",
false,
0,
"",
)
pdf.SetX(58)
pdf.SetY(93)
pdf.CellFormat(
155,
8,
order.Product,
"",
0,
"L",
false,
0,
"",
)
pdf.SetX(166)
pdf.CellFormat(
20,
8,
fmt.Sprintf("%d", order.Quantity),
"",
0,
"C",
false,
0,
"",
)
pdf.SetX(185)
pdf.CellFormat(
20,
8,
fmt.Sprintf("$%.2f", float32(order.Amount)/100.0),
"",
0,
"R",
false,
0,
"",
)
invoicePath := fmt.Sprintf("./invoices/%d.pdf", order.ID)
err := pdf.OutputFileAndClose(invoicePath)
if err != nil {
return err
}
return nil
}

View File

@ -0,0 +1,23 @@
package main
import (
"net/http"
"github.com/go-chi/chi/v5"
"github.com/go-chi/cors"
)
func (app *application) routes() http.Handler {
mux := chi.NewRouter()
mux.Use(cors.Handler(cors.Options{
AllowedOrigins: []string{"https://*", "http://*"},
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
AllowCredentials: false,
MaxAge: 300,
}))
mux.Post("/invoice/create-and-send", app.CreateAndSendInvoice)
return mux
}

View File

@ -0,0 +1,79 @@
package main
import (
"flag"
"fmt"
"log"
"net/http"
"os"
"time"
)
const (
version = "1.0.0"
)
type config struct {
port int
smtp struct {
host string
port int
username string
password string
}
frontend string
}
type application struct {
config config
infoLog *log.Logger
errorLog *log.Logger
version string
}
func (app *application) serve() error {
srv := &http.Server{
Addr: fmt.Sprintf(":%d", app.config.port),
Handler: app.routes(),
IdleTimeout: 30 * time.Second,
ReadTimeout: 10 * time.Second,
ReadHeaderTimeout: 5 * time.Second,
WriteTimeout: 5 * time.Second,
}
app.infoLog.Printf(
"Starting invoice microservice on port %d",
app.config.port,
)
return srv.ListenAndServe()
}
func main() {
var cfg config
flag.IntVar(&cfg.port, "port", 5000, "Server port to listen on")
flag.StringVar(&cfg.smtp.host, "smtphost", "0.0.0.0", "smtp host")
flag.IntVar(&cfg.smtp.port, "smtpport", 1025, "smtp host")
flag.StringVar(&cfg.smtp.username, "smtpuser", "user", "smtp user")
flag.StringVar(&cfg.smtp.password, "smtppwd", "password", "smtp password")
flag.StringVar(&cfg.frontend, "frontend", "http://localhost:4000", "frontend address")
flag.Parse()
infoLog := log.New(os.Stdout, "INFO\t", log.Ldate|log.Ltime)
errorLog := log.New(os.Stdout, "ERROR\t", log.Ldate|log.Ltime|log.Lshortfile)
app := &application{
version: version,
config: cfg,
infoLog: infoLog,
errorLog: errorLog,
}
app.CreateDirIfNotExist("./invoices")
err := app.serve()
if err != nil {
log.Fatal(err)
}
}

View File

@ -0,0 +1,88 @@
package main
import (
"bytes"
"embed"
"fmt"
"text/template"
"time"
mail "github.com/xhit/go-simple-mail/v2"
)
//go:embed email-templates
var emailTemplateFS embed.FS
func (app *application) SendMail(
from, to, subject, tmpl string,
attachments []string,
data interface{},
) error {
templateToRender := fmt.Sprintf("email-templates/%s.html.gohtml", tmpl)
t, err := template.New("email-html").ParseFS(emailTemplateFS, templateToRender)
if err != nil {
app.errorLog.Println(err)
return err
}
var tpl bytes.Buffer
if err = t.ExecuteTemplate(&tpl, "body", data); err != nil {
app.errorLog.Println(err)
return err
}
formattedMessage := tpl.String()
templateToRender = fmt.Sprintf("email-templates/%s.plain.gohtml", tmpl)
t, err = template.New("email-plain").ParseFS(emailTemplateFS, templateToRender)
if err != nil {
app.errorLog.Println(err)
return err
}
if err = t.ExecuteTemplate(&tpl, "body", data); err != nil {
app.errorLog.Println(err)
return err
}
plainMessage := tpl.String()
app.infoLog.Println(formattedMessage, plainMessage)
// send the mail
server := mail.NewSMTPClient()
server.Host = app.config.smtp.host
server.Port = app.config.smtp.port
// NOTE: not needed for MailHog
// server.Username = app.config.smtp.username
// server.Password = app.config.smtp.password
// server.Encryption = mail.EncryptionTLS
server.KeepAlive = false
server.ConnectTimeout = 10 * time.Second
server.SendTimeout = 10 * time.Second
smtpClient, err := server.Connect()
if err != nil {
return err
}
email := mail.NewMSG()
email.SetFrom(from).AddTo(to).SetSubject(subject)
email.SetBody(mail.TextHTML, formattedMessage)
email.AddAlternative(mail.TextPlain, plainMessage)
if len(attachments) > 0 {
for _, x := range attachments {
email.AddAttachment(x)
}
}
err = email.Send(smtpClient)
if err != nil {
app.errorLog.Println(err)
return err
}
app.infoLog.Println("send mail")
return nil
}

View File

@ -1,6 +1,8 @@
package main
import (
"bytes"
"encoding/json"
"fmt"
"myapp/internal/cards"
"myapp/internal/cards/encryption"
@ -8,6 +10,7 @@ import (
"myapp/internal/urlsigner"
"net/http"
"strconv"
"time"
"github.com/go-chi/chi/v5"
)
@ -95,6 +98,17 @@ func (app *application) GetTransactionData(r *http.Request) (TransactionData, er
return txnData, nil
}
type Invoice struct {
ID int `json:"id"`
Quantity int `json:"quantity"`
Amount int `json:"amount"`
Product string `json:"product"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
Email string `json:"email"`
CreatedAt time.Time `json:"created_at"`
}
func (app *application) PaymentSucceeded(w http.ResponseWriter, r *http.Request) {
// read posted data
err := r.ParseForm()
@ -150,6 +164,24 @@ func (app *application) PaymentSucceeded(w http.ResponseWriter, r *http.Request)
app.errorLog.Println(err)
return
}
// call microservice
inv := Invoice{
ID: orderID,
Quantity: order.Quantity,
Amount: order.Amount,
Product: "Widget",
FirstName: txnData.FirstName,
LastName: txnData.LastName,
Email: txnData.Email,
CreatedAt: time.Now(),
}
err = app.callInvoiceMicro(inv)
if err != nil {
app.errorLog.Println(err)
// Don't stop the program
}
app.infoLog.Printf("order id: %d", orderID)
app.Session.Put(r.Context(), "txn", txnData)
@ -157,6 +189,30 @@ func (app *application) PaymentSucceeded(w http.ResponseWriter, r *http.Request)
http.Redirect(w, r, "/receipt", http.StatusSeeOther)
}
func (app *application) callInvoiceMicro(inv Invoice) error {
// TODO: Do not hard code this.
url := "http://localhost:5000/invoice/create-and-send"
out, err := json.MarshalIndent(inv, "", "\t")
if err != err {
return err
}
req, err := http.NewRequest("POST", url, bytes.NewBuffer(out))
if err != nil {
return nil
}
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
app.infoLog.Println(resp.Body)
return nil
}
func (app *application) VirtualTerminalPaymentSucceeded(w http.ResponseWriter, r *http.Request) {
txnData, err := app.GetTransactionData(r)
if err != nil {
@ -389,7 +445,7 @@ func (app *application) ShowSale(w http.ResponseWriter, r *http.Request) {
stringMap["refund-badge"] = "Refunded"
intMap := make(map[string]int)
intMap["isRefund"] = 1
intMap["is-refund"] = 1
if err := app.renderTemplate(w, r, "sale", &templateData{
StringMap: stringMap,
@ -417,3 +473,15 @@ func (app *application) ShowSubscriptions(w http.ResponseWriter, r *http.Request
app.errorLog.Println(err)
}
}
func (app *application) AllUsers(w http.ResponseWriter, r *http.Request) {
if err := app.renderTemplate(w, r, "all-users", &templateData{}); err != nil {
app.errorLog.Println(err)
}
}
func (app *application) OneUser(w http.ResponseWriter, r *http.Request) {
if err := app.renderTemplate(w, r, "one-user", &templateData{}); err != nil {
app.errorLog.Println(err)
}
}

View File

@ -119,6 +119,8 @@ func main() {
Session: session,
}
go app.ListenToWsChannel()
app.infoLog.Println("Connected to MariaDB")
err = app.serve()

View File

@ -20,6 +20,7 @@ type templateData struct {
API string
CSSVersion string
IsAuthenticated int
UserID int
StripeSecretKey string
StripePubKey string
}
@ -43,6 +44,7 @@ func (app *application) addDefaultData(td *templateData, r *http.Request) *templ
if app.Session.Exists(r.Context(), "userID") {
td.IsAuthenticated = 1
td.UserID = app.Session.GetInt(r.Context(), "userID")
} else {
td.IsAuthenticated = 0
}

View File

@ -12,6 +12,8 @@ func (app *application) routes() http.Handler {
mux.Get("/", app.Home)
mux.Get("/ws", app.WsEndPoint)
mux.Route("/admin", func(mux chi.Router) {
mux.Use(app.Auth)
mux.Get("/virtual-terminal", app.VirtualTerminal)
@ -19,6 +21,8 @@ func (app *application) routes() http.Handler {
mux.Get("/all-subscriptions", app.AllSubscriptions)
mux.Get("/sales/{id}", app.ShowSale)
mux.Get("/subscriptions/{id}", app.ShowSubscriptions)
mux.Get("/all-users", app.AllUsers)
mux.Get("/all-users/{id}", app.OneUser)
})
// mux.Post("/virtual-terminal-payment-succeeded", app.VirtualTerminalPaymentSucceeded)

View File

@ -18,10 +18,21 @@ All Sales
<tbody>
</tbody>
</table>
<nav>
<ul id="paginator" class="pagination">
</ul>
</nav>
{{ end }}
{{ define "js" }}
<script type="module">
import {showTable} from "/static/js/all-sales.js"
showTable({{.API}});
import {pageSize} from "/static/js/common.js"
import {showTable, currentPage} from "/static/js/all-sales.js"
let curPage = currentPage;
if (sessionStorage.getItem("cur-page") !== null) {
curPage = sessionStorage.getItem("cur-page");
sessionStorage.removeItem("cur-page");
}
showTable({{.API}}, pageSize, curPage);
</script>
{{ end }}

View File

@ -20,11 +20,22 @@ All Subscriptions
<tbody>
</tbody>
</table>
<nav>
<ul id="paginator" class="pagination">
</ul>
</nav>
{{end}}
{{define "js"}}
<script type="module">
import {showTable} from "/static/js/all-subscriptions.js"
showTable({{.API}});
import {pageSize} from "/static/js/common.js"
import {showTable, currentPage} from "/static/js/all-subscriptions.js"
let curPage = currentPage;
if (sessionStorage.getItem("cur-page") !== null) {
curPage = sessionStorage.getItem("cur-page");
sessionStorage.removeItem("cur-page");
}
showTable({{.API}}, pageSize, curPage);
</script>
{{end}}

View File

@ -0,0 +1,28 @@
{{ template "base". }}
{{ define "title" }}
All Users
{{ end }}
{{ define "content" }}
<h2 class="mt-5">All Admin users</h2>
<hr>
<div class="float-end">
<a class="btn btn-outline-secondary" href="/admin/all-users/0">Add User</a>
</div>
<div class="clearfix"></div>
<table id="user-table" class="table table-striped">
<thead>
<tr>
<th>User</th>
<th>Email</th>
</tr>
</thead>
<tbody>
</tbody>
</table>
{{ end }}
{{ define "js" }}
<script type="module">
import {showUsers} from "/static/js/users.js"
showUsers({{.API}});
</script>
{{ end }}

View File

@ -70,6 +70,12 @@
<li>
<hr class="dropdown-divider">
</li>
<li>
<a class="dropdown-item" href="/admin/all-users">All Users</a>
</li>
<li>
<hr class="dropdown-divider">
</li>
<li>
<a class="dropdown-item" href="/logout">Logout</a>
</li>
@ -99,7 +105,12 @@
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"
integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz"
crossorigin="anonymous"></script>
<script src="/static/js/base.js"></script>
<script type="module">
import {wsConn, socket} from "/static/js/base.js"
document.addEventListener("DOMContentLoaded", function() {
wsConn({{.IsAuthenticated}}, {{.UserID}});
});
</script>
{{ block "js" . }}
{{ end }}
</body>

View File

@ -14,18 +14,22 @@ Bronze Plan
class="d-blick needs-validation charge-form"
autocomplete="off"
novalidate="">
<input type="hidden" id="product_id" name="product_id" value="{{$widget.ID}}">
<input type="hidden"
id="product_id"
name="product_id"
value="{{$widget.ID}}">
<input type="hidden" id="amount" name="amount" value="{{$widget.Price}}">
<p class="mt-2 mb-3 text-center">{{$widget.Description}}</p>
<hr>
<div class="mb-3">
<label for="first-name" class="form-label">First Name</label>
<label for="first_name" class="form-label">First Name</label>
<input type="text"
id="first-name"
id="first_name"
name="first_name"
autocomplete="first-name-new"
autocomplete="first_name-new"
required=""
class="form-control">
<div id="first_name-help" class="d-none"></div>
</div>
<div class="mb-3">
<label for="last-name" class="form-label">Last Name</label>

View File

@ -0,0 +1,81 @@
{{ template "base". }}
{{ define "title" }}
Admin User
{{ end }}
{{ define "content" }}
<h2 class="mt-5">Admin user</h2>
<hr>
<form method="post"
action=""
name="user_form"
id="user_form"
class="needs-validation"
autocomplete="off"
novalidate>
<div class="mb-3">
<label for="first_name" class="form-label">First Name</label>
<input type="text"
name="first_name"
id="first_name"
class="form-control"
required=""
autocomplete="first_name-new">
</div>
<div class="mb-3">
<label for="last_name" class="form-label">Last Name</label>
<input type="text"
name="last_name"
id="last_name"
class="form-control"
required=""
autocomplete="last_name-new">
</div>
<div class="mb-3">
<label for="email" class="form-label">Email</label>
<input type="text"
name="email"
id="email"
class="form-control"
required=""
autocomplete="email-new">
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password"
name="password"
id="password"
class="form-control"
autocomplete="password-new">
</div>
<div class="mb-3">
<label for="verify_password" class="form-label">Verify Password</label>
<input type="password"
name="verify_password"
id="verify_password"
class="form-control"
autocomplete="veryfy_password-new">
</div>
<hr>
<div class="float-start">
<a href="javascript:void(0)" class="btn btn-primary" id="saveBtn">Save Changes</a>
<a href="/admin/all-users" class="btn btn-warning" id="cancelBtn">Cancel</a>
</div>
<div class="float-end">
<a href="javascript:void(0)" class="btn btn-danger d-none" id="deleteBtn">Delete</a>
</div>
<div class="clearfix"></div>
</form>
{{ end }}
{{ define "js" }}
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script type="module">
import {showUser, saveUser, deleteUser} from "/static/js/users.js"
showUser({{.API}}, {{.UserID}});
document.getElementById("saveBtn").addEventListener("click", (evt) => {
saveUser({{.API}}, evt);
});
document.getElementById("deleteBtn").addEventListener("click", () => {
deleteUser({{.API}});
});
</script>
{{ end }}

109
cmd/web/ws-handlers.go Normal file
View File

@ -0,0 +1,109 @@
package main
import (
"fmt"
"net/http"
"github.com/gorilla/websocket"
)
type WebSocketConnection struct {
*websocket.Conn
}
type WsPayload struct {
Action string `json:"action"`
Message string `json:"message"`
UserName string `json:"user_name"`
MessageType string `json:"message_type"`
UserID int `json:"user_id"`
Conn WebSocketConnection `json:"-"`
}
type WsJSONResponse struct {
Action string `json:"action"`
Message string `json:"message"`
UserID int `json:"user_id"`
}
var upgradeConnection = websocket.Upgrader{
ReadBufferSize: 1024,
WriteBufferSize: 1024,
// since we don't expect any communication from the client side
CheckOrigin: func(r *http.Request) bool { return true },
}
var clients = make(map[WebSocketConnection]string)
var wsChan = make(chan WsPayload)
func (app *application) WsEndPoint(w http.ResponseWriter, r *http.Request) {
ws, err := upgradeConnection.Upgrade(w, r, nil)
if err != nil {
app.errorLog.Println(err)
return
}
app.infoLog.Printf("Client connected from %s\n", r.RemoteAddr)
var response WsJSONResponse
response.Message = "Connected to server"
err = ws.WriteJSON(response)
if err != nil {
app.errorLog.Println(err)
return
}
conn := WebSocketConnection{Conn: ws}
clients[conn] = ""
go app.ListenForWS(&conn)
}
func (app *application) ListenForWS(conn *WebSocketConnection) {
defer func() {
if r := recover(); r != nil {
app.errorLog.Println("ERROR:", fmt.Sprintf("%v", r))
}
}()
var payload WsPayload
for {
err := conn.ReadJSON(&payload)
if err != nil {
// do nothing
app.errorLog.Println(err)
break
}
payload.Conn = *conn
wsChan <- payload
}
}
func (app *application) ListenToWsChannel() {
var response WsJSONResponse
for {
e := <-wsChan
switch e.Action {
case "deleteUser":
response.Action = "logout"
response.Message = "Your account has ben deleted"
response.UserID = e.UserID
app.broadcastToAll(response)
default:
}
}
}
func (app *application) broadcastToAll(response WsJSONResponse) {
for client := range clients {
// broadcast to every connected client
err := client.WriteJSON(response)
if err != nil {
app.errorLog.Printf("Websocket err on %s: %s", response.Action, err)
_ = client.Close()
delete(clients, client)
}
}
}

4
go.mod
View File

@ -9,6 +9,8 @@ require (
github.com/go-chi/chi/v5 v5.1.0
github.com/go-chi/cors v1.2.1
github.com/go-sql-driver/mysql v1.8.1
github.com/gorilla/websocket v1.5.3
github.com/phpdave11/gofpdf v1.4.2
github.com/stripe/stripe-go/v79 v79.6.0
github.com/xhit/go-simple-mail/v2 v2.16.0
golang.org/x/crypto v0.26.0
@ -17,6 +19,8 @@ require (
require (
filippo.io/edwards25519 v1.1.0 // indirect
github.com/go-test/deep v1.1.1 // indirect
github.com/phpdave11/gofpdi v1.0.12 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208 // indirect
golang.org/x/sys v0.23.0 // indirect
)

15
go.sum
View File

@ -4,6 +4,7 @@ github.com/alexedwards/scs/mysqlstore v0.0.0-20240316134038-7e11d57e8885 h1:C7QA
github.com/alexedwards/scs/mysqlstore v0.0.0-20240316134038-7e11d57e8885/go.mod h1:p8jK3D80sw1PFrCSdlcJF1O75bp55HqbgDyyCLM0FrE=
github.com/alexedwards/scs/v2 v2.8.0 h1:h31yUYoycPuL0zt14c0gd+oqxfRwIj6SOjHdKRZxhEw=
github.com/alexedwards/scs/v2 v2.8.0/go.mod h1:ToaROZxyKukJKT/xLcVQAChi5k6+Pn1Gvmdl7h3RRj8=
github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
github.com/bwmarrin/go-alone v0.0.0-20190806015146-742bb55d1631 h1:Xb5rra6jJt5Z1JsZhIMby+IP5T8aU+Uc2RC9RzSxs9g=
github.com/bwmarrin/go-alone v0.0.0-20190806015146-742bb55d1631/go.mod h1:P86Dksd9km5HGX5UMIocXvX87sEp2xUARle3by+9JZ4=
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
@ -17,9 +18,21 @@ github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpv
github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U=
github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
github.com/phpdave11/gofpdf v1.4.2 h1:KPKiIbfwbvC/wOncwhrpRdXVj2CZTCFlw4wnoyjtHfQ=
github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY=
github.com/phpdave11/gofpdi v1.0.12 h1:RZb9NG62cw/RW0rHAduVRo+98R8o/G1krcg2ns7DakQ=
github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stripe/stripe-go/v79 v79.6.0 h1:qSBV2f2rpLEEZTdTlVLzdmQJZNmfoo2E3hUEkFT8GBc=
@ -30,6 +43,7 @@ github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICL
github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
@ -38,6 +52,7 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=

View File

@ -19,7 +19,8 @@ func OpenDB(dsn string) (*sql.DB, error) {
db.SetMaxOpenConns(10)
db.SetMaxIdleConns(10)
ctx, _ := context.WithTimeout(context.Background(), 3*time.Second)
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
err = db.PingContext(ctx)
if err != nil {
fmt.Println(err)

View File

@ -150,7 +150,7 @@ func (m *DBModel) InsertTransaction(txn Transaction) (int, error) {
(amount, currency, last_four, expiry_month, expiry_year,
payment_intent, payment_method, bank_return_code,
transaction_status_id, created_at, updated_at)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);`
result, err := m.DB.ExecContext(ctx, stmt,
txn.Amount,
@ -183,7 +183,7 @@ func (m *DBModel) InsertOrder(order Order) (int, error) {
stmt := `INSERT INTO orders
(widget_id, transaction_id, customer_id, status_id, quantity,
amount, created_at, updated_at)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)`
VALUES (?, ?, ?, ?, ?, ?, ?, ?);`
result, err := m.DB.ExecContext(ctx, stmt,
order.WidgetID,
@ -212,7 +212,7 @@ func (m *DBModel) InsertCustomer(customer Customer) (int, error) {
stmt := `INSERT INTO customers
(first_name, last_name, email, created_at, updated_at)
VALUES (?, ?, ?, ?, ?)`
VALUES (?, ?, ?, ?, ?);`
result, err := m.DB.ExecContext(ctx, stmt,
customer.FirstName,
@ -241,7 +241,7 @@ func (m *DBModel) GetUserByEmail(email string) (User, error) {
query := `SELECT id, first_name, last_name, email, password, created_at, updated_at
FROM users
WHERE email = ?`
WHERE email = ?;`
row := m.DB.QueryRowContext(ctx, query, email)
@ -268,7 +268,7 @@ func (m *DBModel) Authenticate(email, password string) (int, error) {
var id int
var hashedPassword string
row := m.DB.QueryRowContext(ctx, "SELECT id, password from users WHERE email = ?", email)
row := m.DB.QueryRowContext(ctx, "SELECT id, password from users WHERE email = ?;", email)
err := row.Scan(&id, &hashedPassword)
if err != nil {
return 0, err
@ -288,7 +288,7 @@ func (m *DBModel) UpdatePasswordForUser(u User, hash string) error {
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
stmt := `UPDATE users SET password = ? where id = ?`
stmt := `UPDATE users SET password = ? where id = ?;`
_, err := m.DB.ExecContext(ctx, stmt, hash, u.ID)
if err != nil {
@ -317,7 +317,7 @@ func (m *DBModel) GetAllOrders(isRecurring bool) ([]*Order, error) {
WHERE
w.is_recurring = ?
ORDER BY
o.created_at DESC
o.created_at DESC;
`
rows, err := m.DB.QueryContext(ctx, query, isRecurring)
@ -387,7 +387,7 @@ func (m *DBModel) GetAllOrdersPaginated(
w.is_recurring = ?
ORDER BY
o.created_at DESC
LIMIT ? OFFSET ?
LIMIT ? OFFSET ?;
`
rows, err := m.DB.QueryContext(ctx, query, isRecurring, pageSize, offset)
@ -433,7 +433,7 @@ func (m *DBModel) GetAllOrdersPaginated(
SELECT COUNT(o.id)
FROM orders o
LEFT JOIN widgets w on (o.widget_id = w.id)
WHERE w.is_recurring = ?
WHERE w.is_recurring = ?;
`
var totalRecords int
@ -444,6 +444,9 @@ func (m *DBModel) GetAllOrdersPaginated(
}
lastPage := totalRecords / pageSize
if totalRecords%pageSize != 0 {
lastPage++
}
return orders, lastPage, totalRecords, nil
}
@ -464,7 +467,7 @@ func (m *DBModel) GetOrderByID(ID int) (Order, error) {
LEFT JOIN transactions t on (o.transaction_id = t.id)
LEFT JOIN customers c on (o.customer_id = c.id)
WHERE
o.id = ?
o.id = ?;
`
var o Order
@ -513,3 +516,128 @@ func (m *DBModel) UpdateOrderStatus(id, statusID int) error {
}
return nil
}
func (m *DBModel) GetAllUsers() ([]*User, error) {
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
var users []*User
query := `
SELECT id, last_name, first_name, email, created_at, updated_at
FROM users
ORDER BY last_name, first_name;
`
rows, err := m.DB.QueryContext(ctx, query)
if err != nil {
return nil, err
}
defer rows.Close()
for rows.Next() {
var u User
err = rows.Scan(
&u.ID,
&u.LastName,
&u.FirstName,
&u.Email,
&u.CreatedAt,
&u.UpdatedAt,
)
if err != nil {
return nil, err
}
users = append(users, &u)
}
return users, nil
}
func (m *DBModel) GetOneUser(id int) (User, error) {
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
var u User
query := `
SELECT id, last_name, first_name, email, created_at, updated_at
FROM users
WHERE id = ?;
`
row := m.DB.QueryRowContext(ctx, query, id)
err := row.Scan(
&u.ID,
&u.LastName,
&u.FirstName,
&u.Email,
&u.CreatedAt,
&u.UpdatedAt,
)
if err != nil {
return u, err
}
return u, nil
}
func (m *DBModel) EditUser(u User) error {
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
stmt := `
UPDATE users
SET last_name = ?, first_name = ?, email = ?, updated_at = ?
WHERE id = ?;
`
_, err := m.DB.ExecContext(ctx, stmt, u.LastName, u.FirstName, u.Email, time.Now(), u.ID)
if err != nil {
return err
}
return nil
}
func (m *DBModel) AddUser(u User, hash string) error {
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
stmt := `
INSERT INTO users
(last_name, first_name, email, password, created_at, updated_at)
VALUES (?, ?, ?, ?, ?, ?);
`
_, err := m.DB.ExecContext(ctx, stmt,
u.LastName, u.FirstName, u.Email, hash, time.Now(), time.Now())
if err != nil {
return err
}
return nil
}
func (m *DBModel) DeleteUser(id int) error {
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
stmt := `
DELETE FROM users
WHERE id = ?;
`
_, err := m.DB.ExecContext(ctx, stmt, id)
if err != nil {
return err
}
stmt = `
DELETE FROM tokens
WHERE id = ?;
`
_, err = m.DB.ExecContext(ctx, stmt, id)
if err != nil {
return err
}
return nil
}

View File

@ -0,0 +1,25 @@
package validator
type Validator struct {
Errors map[string]string
}
func New() *Validator {
return &Validator{Errors: make(map[string]string)}
}
func (v *Validator) Valid() bool {
return len(v.Errors) == 0
}
func (v *Validator) AddError(key, message string) {
if _, exists := v.Errors[key]; !exists {
v.Errors[key] = message
}
}
func (v *Validator) Check(ok bool, key, message string) {
if !ok {
v.AddError(key, message)
}
}

BIN
pdf-templates/invoice.pdf Normal file

Binary file not shown.

View File

@ -1,8 +1,20 @@
import { formatCurrency } from "./common.js"
import { formatCurrency, paginator } from "./common.js"
export function showTable(api) {
let token = localStorage.getItem("token");
let tbody = document.getElementById("sales-table").getElementsByTagName("tbody")[0];
//TODO: This should be put into the localStorage if we click into a sale and
//get back, we may want to stay at the same page before.
export let currentPage = 1;
export function showTable(api, ps, cp) {
const token = localStorage.getItem("token");
const tbody = document.getElementById("sales-table").getElementsByTagName("tbody")[0];
// reset tbody
tbody.innerHTML = ``
const body = {
page_size: parseInt(ps, 10),
page: parseInt(cp, 10),
};
const requestOptions = {
method: 'post',
@ -11,17 +23,25 @@ export function showTable(api) {
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + token,
},
body: JSON.stringify(body),
};
fetch(api + "/api/admin/all-sales", requestOptions)
.then(response => response.json())
.then(function (data) {
if (data) {
data.forEach(function (i) {
if (data.orders) {
data.orders.forEach(function (i) {
let newRow = tbody.insertRow();
let newCell = newRow.insertCell();
newCell.innerHTML = `<a href="/admin/sales/${i.id}">Order ${i.id}</a>`;
newCell.innerHTML = `<a href="#!">Order ${i.id}</a>`;
newCell.addEventListener("click", function (evt) {
// put the current_page into sessionStorage
sessionStorage.setItem("cur-page", data.current_page);
// redirect
location.href = `/admin/sales/${i.id}`;
});
newCell = newRow.insertCell();
let item = document.createTextNode(i.customer.last_name + ", " + i.customer.first_name);
@ -42,12 +62,14 @@ export function showTable(api) {
} else {
newCell.innerHTML = `<span class="badge bg-success">Charged</span>`
}
paginator(api, data.last_page, data.current_page, showTable)
});
} else {
let newRow = tbody.insertRow();
let newCell = newRow.insertCell();
newCell.setAttribute("colspan", "4");
newCell.setAttribute("colspan", "5");
newCell.innerHTML = "No data available";
}
});
}

View File

@ -1,9 +1,19 @@
import { formatCurrency } from "./common.js"
import { formatCurrency, paginator } from "./common.js"
export function showTable(api) {
export let currentPage = 1;
export function showTable(api, ps, cp) {
let token = localStorage.getItem("token");
let tbody = document.getElementById("subscriptions-table").getElementsByTagName("tbody")[0];
// reset tbody
tbody.innerHTML = ``
const body = {
page_size: parseInt(ps, 10),
page: parseInt(cp, 10),
};
const requestOptions = {
method: 'post',
headers: {
@ -11,17 +21,25 @@ export function showTable(api) {
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + token,
},
body: JSON.stringify(body),
};
fetch(api + "/api/admin/all-subscriptions", requestOptions)
.then(response => response.json())
.then(function (data) {
if (data) {
data.forEach(function (i) {
if (data.orders) {
data.orders.forEach(function (i) {
let newRow = tbody.insertRow();
let newCell = newRow.insertCell();
newCell.innerHTML = `<a href="/admin/subscriptions/${i.id}">Order ${i.id}</a>`;
newCell.innerHTML = `<a href="#!">Order ${i.id}</a>`;
newCell.addEventListener("click", function (evt) {
// put the current_page into sessionStorage
sessionStorage.setItem("cur-page", data.current_page);
// redirect
location.href = `/admin/subscriptions/${i.id}`;
});
newCell = newRow.insertCell();
let item = document.createTextNode(i.customer.last_name + ", " + i.customer.first_name);
@ -42,6 +60,7 @@ export function showTable(api) {
} else {
newCell.innerHTML = `<span class="badge bg-success">Charged</span>`
}
paginator(api, data.last_page, data.current_page, showTable)
});
} else {
let newRow = tbody.insertRow();

View File

@ -1,3 +1,32 @@
export let socket;
export function wsConn(is_authenticated, user_id) {
if (is_authenticated !== 1) {
return;
}
socket = new WebSocket("ws://localhost:4000/ws")
socket.onopen = () => {
console.log("Successfully connected to websockets")
}
socket.onclose = event => {};
socket.onerror = error => {};
socket.onmessage = msg => {
let data = JSON.parse(msg.data);
switch (data.action) {
case "logout":
if (data.user_id === user_id) {
logout()
}
break;
default:
}
}
}
// let loginLink = document.getElementById("login-link");
// let vtLink = document.getElementById("vt-link");
//
@ -11,9 +40,9 @@
// loginLink.classList.remove('d-none')
// });
// function logout() {
// localStorage.removeItem("token");
// localStorage.removeItem("token_expiry");
// location.href = "/logout";
// }
function logout() {
localStorage.removeItem("token");
localStorage.removeItem("token_expiry");
location.href = "/logout";
}

View File

@ -3,6 +3,8 @@ export let stripe;
const payButton = document.getElementById("pay-button");
export const processing = document.getElementById("processing-payment");
export let pageSize = 2;
export function hidePayButton() {
payButton.classList.add("d-none");
processing.classList.remove("d-none");
@ -98,3 +100,38 @@ export function formatCurrency(amount) {
currency: "EUR",
});
}
export function paginator(api, pages, curPage, showTable) {
// Check the border case
if (curPage >= pages) {
curPage = pages
}
const p = document.getElementById("paginator")
let html = `<li class="page-item"><a href="#!" class="page-link pager" data-page="${curPage - 1}">&lt;</a></li>`;
for (var i = 0; i < pages; i++) {
if (i + 1 == curPage) {
html += `<li class="page-item"><a href="#!" class="page-link pager active" data-page="${i + 1}">${i + 1}</a></li>`;
} else {
html += `<li class="page-item"><a href="#!" class="page-link pager" data-page="${i + 1}">${i + 1}</a></li>`;
}
}
html += `<li class="page-item"><a href="#!" class="page-link pager" data-page="${curPage + 1}">&gt;</a></li>`;
p.innerHTML = html;
let pageBtns = document.getElementsByClassName("pager");
for (var j = 0; j < pageBtns.length; j++) {
pageBtns[j].addEventListener("click", function (evt) {
let desiredPage = evt.target.getAttribute("data-page");
if ((desiredPage > 0) && (desiredPage <= pages)) {
console.log("would go to page", desiredPage);
showTable(api, pageSize, desiredPage);
}
})
}
}

View File

@ -47,7 +47,7 @@ function stripePaymentMethodHandler(result, plan_id, api) {
card_brand: result.paymentMethod.card.brand,
expiry_month: result.paymentMethod.card.exp_month,
expiry_year: result.paymentMethod.card.exp_year,
first_name: document.getElementById("first-name").value,
first_name: document.getElementById("first_name").value,
last_name: document.getElementById("last-name").value,
amount: document.getElementById("amount").value,
};
@ -65,9 +65,22 @@ function stripePaymentMethodHandler(result, plan_id, api) {
.then(response => response.json())
.then(function (data) {
console.log(data);
if (data.ok === false) {
document.getElementById("charge_form").classList.remove("was-validated")
Object.entries(data.errors).forEach((i) => {
const [key, value] = i
document.getElementById(key).classList.add("is-invalid");
document.getElementById(key + "-help").classList.remove("valid-feedback");
document.getElementById(key + "-help").classList.remove("d-none");
document.getElementById(key + "-help").classList.add("invalid-feedback");
document.getElementById(key + "-help").innerText = value;
});
showPayButton();
return
}
processing.classList.add("d-none");
showSuccess("card-messages", "Transaction successful!");
sessionStorage.first_name = document.getElementById("first-name").value;
sessionStorage.first_name = document.getElementById("first_name").value;
sessionStorage.last_name = document.getElementById("last-name").value;
sessionStorage.amount = document.getElementById("amount").value;
sessionStorage.last_four = result.paymentMethod.card.last4;

161
static/js/users.js Normal file
View File

@ -0,0 +1,161 @@
import {socket} from "./base.js"
export function showUsers(api) {
const tbody = document.getElementById("user-table").getElementsByTagName("tbody")[0];
const token = localStorage.getItem("token");
const requestOptions = {
method: 'post',
headers: {
'Accept': `application/json`,
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + token,
},
};
fetch(api + "/api/admin/all-users", requestOptions)
.then(response => response.json())
.then(function (data) {
console.log(data)
if (data) {
data.forEach(i => {
let newRow = tbody.insertRow();
let newCell = newRow.insertCell();
newCell.innerHTML = `<a href="/admin/all-users/${i.id}">${i.last_name}, ${i.first_name}</a>`;
newCell = newRow.insertCell();
let item = document.createTextNode(i.email);
newCell.appendChild(item);
});
} else {
let newRow = tbody.insertRow();
let newCell = newRow.insertCell();
newCell.setAttribute("colspan", "2");
newCell.innerHTML = "no data available";
}
});
}
export function showUser(api, userID) {
const token = localStorage.getItem("token");
let id = window.location.pathname.split("/").pop();
let delBtn = document.getElementById("deleteBtn");
if (id === "0") {
return
}
if (userID !== parseInt(id, 10)) {
delBtn.classList.remove("d-none")
}
const requestOptions = {
method: 'post',
headers: {
'Accept': `application/json`,
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + token,
},
};
fetch(api + `/api/admin/all-users/${id}`, requestOptions)
.then(response => response.json())
.then(function (data) {
console.log(data);
document.getElementById("first_name").value = data.first_name;
document.getElementById("last_name").value = data.last_name;
document.getElementById("email").value = data.email;
});
}
export function saveUser(api, event) {
const token = localStorage.getItem("token");
let form = document.getElementById("user_form");
let id = window.location.pathname.split("/").pop();
if (form.checkValidity() === false) {
event.preventDefault();
event.stopPropagation();
form.classList.add("was-validated");
return;
}
form.classList.add("was-validated");
if (document.getElementById("password").value !== document.getElementById("verify_password").value) {
Swal.fire("Password do not match!");
return
}
let payload = {
id: parseInt(id),
first_name: document.getElementById("first_name").value,
last_name: document.getElementById("last_name").value,
email: document.getElementById("email").value,
password: document.getElementById("password").value,
}
const requestOptions = {
method: 'post',
headers: {
'Accept': `application/json`,
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + token,
},
body: JSON.stringify(payload)
}
fetch(api + `/api/admin/all-users/edit/${id}`, requestOptions)
.then(response => response.json())
.then(function (data) {
console.log(data);
if (!data.ok) {
Swal.fire("Error" + data.message)
} else {
location.href = "/admin/all-users"
}
});
}
export function deleteUser(api) {
const token = localStorage.getItem("token");
let id = window.location.pathname.split("/").pop();
Swal.fire({
title: "Are you sure?",
text: "You won't be able to undo this!",
icon: "warning",
showCancelButton: true,
confirmButtonColor: "#3085d6",
cancelButtonColor: "#d33",
confirmButtonText: "Delete user"
}).then((result) => {
if (result.isConfirmed) {
const requestOptions = {
method: 'post',
headers: {
'Accept': `application/json`,
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + token,
},
};
fetch(api + `/api/admin/all-users/delete/${id}`, requestOptions)
.then(response => response.json())
.then(function (data) {
console.log(data);
if (!data.ok) {
Swal.fire("Error" + data.message)
} else {
let jsonData = {
action: "deleteUser",
user_id: parseInt(id),
};
socket.send(JSON.stringify(jsonData));
location.href = "/admin/all-users"
}
});
}
});
}