aclindsa/moneygo
1
0
Fork 0
mirror of https://github.com/aclindsa/moneygo.git synced 2025-11-03 18:13:27 -05:00
Code Issues Releases Wiki Activity

Stop using form elements for API

Browse Source 
Just send the JSON as the request body
This commit is contained in:
Aaron Lindsay
2017-11-13 20:48:19 -05:00
parent 9624f0c5bc
commit 5a6be5a07b
23 changed files with 87 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
internal/handlers/accounts.go
View File

@@ -383,14 +383,8 @@ func AccountHandler(r *http.Request, context *Context) ResponseWriterWriter {
return AccountImportHandler(context, r, user, accountid)
}
account_json := r.PostFormValue("account")
if account_json == "" {
return NewError(3 /*Invalid Request*/)
}
var account Account
err := account.Read(account_json)
if err != nil {
if err := ReadJSON(r, &account); err != nil {
return NewError(3 /*Invalid Request*/)
}
account.AccountId = -1
@@ -452,14 +446,8 @@ func AccountHandler(r *http.Request, context *Context) ResponseWriterWriter {
return NewError(3 /*Invalid Request*/)
}
if r.Method == "PUT" {
account_json := r.PostFormValue("account")
if account_json == "" {
return NewError(3 /*Invalid Request*/)
}
var account Account
err := account.Read(account_json)
if err != nil || account.AccountId != accountid {
if err := ReadJSON(r, &account); err != nil || account.AccountId != accountid {
return NewError(3 /*Invalid Request*/)
}
account.UserId = user.UserId

10
internal/handlers/accounts_test.go
View File

@@ -9,13 +9,13 @@ import (
func createAccount(client *http.Client, account *handlers.Account) (*handlers.Account, error) {
var a handlers.Account
err := create(client, account, &a, "/v1/accounts/", "account")
err := create(client, account, &a, "/v1/accounts/")
return &a, err
}
func getAccount(client *http.Client, accountid int64) (*handlers.Account, error) {
var a handlers.Account
err := read(client, &a, "/v1/accounts/"+strconv.FormatInt(accountid, 10), "account")
err := read(client, &a, "/v1/accounts/"+strconv.FormatInt(accountid, 10))
if err != nil {
return nil, err
}
@@ -24,7 +24,7 @@ func getAccount(client *http.Client, accountid int64) (*handlers.Account, error)
func getAccounts(client *http.Client) (*handlers.AccountList, error) {
var al handlers.AccountList
err := read(client, &al, "/v1/accounts/", "accounts")
err := read(client, &al, "/v1/accounts/")
if err != nil {
return nil, err
}
@@ -33,7 +33,7 @@ func getAccounts(client *http.Client) (*handlers.AccountList, error) {
func updateAccount(client *http.Client, account *handlers.Account) (*handlers.Account, error) {
var a handlers.Account
err := update(client, account, &a, "/v1/accounts/"+strconv.FormatInt(account.AccountId, 10), "account")
err := update(client, account, &a, "/v1/accounts/"+strconv.FormatInt(account.AccountId, 10))
if err != nil {
return nil, err
}
@@ -41,7 +41,7 @@ func updateAccount(client *http.Client, account *handlers.Account) (*handlers.Ac
}
func deleteAccount(client *http.Client, a *handlers.Account) error {
err := remove(client, "/v1/accounts/"+strconv.FormatInt(a.AccountId, 10), "account")
err := remove(client, "/v1/accounts/"+strconv.FormatInt(a.AccountId, 10))
if err != nil {
return err
}

26
internal/handlers/common_test.go
View File

@@ -1,18 +1,18 @@
package handlers_test
import (
"bytes"
"database/sql"
"encoding/json"
"github.com/aclindsa/moneygo/internal/config"
"github.com/aclindsa/moneygo/internal/db"
"github.com/aclindsa/moneygo/internal/handlers"
"io"
"io/ioutil"
"log"
"net/http"
"net/http/httptest"
"net/url"
"os"
"strings"
"testing"
)
@@ -26,12 +26,12 @@ func Delete(client *http.Client, url string) (*http.Response, error) {
return client.Do(request)
}
func PutForm(client *http.Client, url string, data url.Values) (*http.Response, error) {
request, err := http.NewRequest(http.MethodPut, url, strings.NewReader(data.Encode()))
func Put(client *http.Client, url string, contentType string, body io.Reader) (*http.Response, error) {
request, err := http.NewRequest(http.MethodPut, url, body)
if err != nil {
return nil, err
}
request.Header.Set("Content-Type", "application/x-www-form-urlencoded")
request.Header.Set("Content-Type", contentType)
return client.Do(request)
}
@@ -39,12 +39,12 @@ type TransactType interface {
Read(string) error
}
func create(client *http.Client, input, output TransactType, urlsuffix, key string) error {
bytes, err := json.Marshal(input)
func create(client *http.Client, input, output TransactType, urlsuffix string) error {
obj, err := json.MarshalIndent(input, "", " ")
if err != nil {
return err
}
response, err := client.PostForm(server.URL+urlsuffix, url.Values{key: {string(bytes)}})
response, err := client.Post(server.URL+urlsuffix, "application/json", bytes.NewReader(obj))
if err != nil {
return err
}
@@ -72,7 +72,7 @@ func create(client *http.Client, input, output TransactType, urlsuffix, key stri
return nil
}
func read(client *http.Client, output TransactType, urlsuffix, key string) error {
func read(client *http.Client, output TransactType, urlsuffix string) error {
response, err := client.Get(server.URL + urlsuffix)
if err != nil {
return err
@@ -101,12 +101,12 @@ func read(client *http.Client, output TransactType, urlsuffix, key string) error
return nil
}
func update(client *http.Client, input, output TransactType, urlsuffix, key string) error {
bytes, err := json.Marshal(input)
func update(client *http.Client, input, output TransactType, urlsuffix string) error {
obj, err := json.MarshalIndent(input, "", " ")
if err != nil {
return err
}
response, err := PutForm(client, server.URL+urlsuffix, url.Values{key: {string(bytes)}})
response, err := Put(client, server.URL+urlsuffix, "application/json", bytes.NewReader(obj))
if err != nil {
return err
}
@@ -134,7 +134,7 @@ func update(client *http.Client, input, output TransactType, urlsuffix, key stri
return nil
}
func remove(client *http.Client, urlsuffix, key string) error {
func remove(client *http.Client, urlsuffix string) error {
response, err := Delete(client, server.URL+urlsuffix)
if err != nil {
return err

8
internal/handlers/imports.go
View File

@@ -211,14 +211,8 @@ func ofxImportHelper(tx *Tx, r io.Reader, user *User, accountid int64) ResponseW
}
func OFXImportHandler(context *Context, r *http.Request, user *User, accountid int64) ResponseWriterWriter {
download_json := r.PostFormValue("ofxdownload")
if download_json == "" {
return NewError(3 /*Invalid Request*/)
}
var ofxdownload OFXDownload
err := ofxdownload.Read(download_json)
if err != nil {
if err := ReadJSON(r, &ofxdownload); err != nil {
return NewError(3 /*Invalid Request*/)
}

16
internal/handlers/prices.go
View File

@@ -136,14 +136,8 @@ func PriceHandler(r *http.Request, context *Context) ResponseWriterWriter {
}
if r.Method == "POST" {
price_json := r.PostFormValue("price")
if price_json == "" {
return NewError(3 /*Invalid Request*/)
}
var price Price
err := price.Read(price_json)
if err != nil {
if err := ReadJSON(r, &price); err != nil {
return NewError(3 /*Invalid Request*/)
}
price.PriceId = -1
@@ -196,14 +190,8 @@ func PriceHandler(r *http.Request, context *Context) ResponseWriterWriter {
return NewError(3 /*Invalid Request*/)
}
if r.Method == "PUT" {
price_json := r.PostFormValue("price")
if price_json == "" {
return NewError(3 /*Invalid Request*/)
}
var price Price
err := price.Read(price_json)
if err != nil || price.PriceId != priceid {
if err := ReadJSON(r, &price); err != nil || price.PriceId != priceid {
return NewError(3 /*Invalid Request*/)
}

10
internal/handlers/prices_test.go
View File

@@ -10,13 +10,13 @@ import (
func createPrice(client *http.Client, price *handlers.Price) (*handlers.Price, error) {
var p handlers.Price
err := create(client, price, &p, "/v1/prices/", "price")
err := create(client, price, &p, "/v1/prices/")
return &p, err
}
func getPrice(client *http.Client, priceid int64) (*handlers.Price, error) {
var p handlers.Price
err := read(client, &p, "/v1/prices/"+strconv.FormatInt(priceid, 10), "price")
err := read(client, &p, "/v1/prices/"+strconv.FormatInt(priceid, 10))
if err != nil {
return nil, err
}
@@ -25,7 +25,7 @@ func getPrice(client *http.Client, priceid int64) (*handlers.Price, error) {
func getPrices(client *http.Client) (*handlers.PriceList, error) {
var pl handlers.PriceList
err := read(client, &pl, "/v1/prices/", "prices")
err := read(client, &pl, "/v1/prices/")
if err != nil {
return nil, err
}
@@ -34,7 +34,7 @@ func getPrices(client *http.Client) (*handlers.PriceList, error) {
func updatePrice(client *http.Client, price *handlers.Price) (*handlers.Price, error) {
var p handlers.Price
err := update(client, price, &p, "/v1/prices/"+strconv.FormatInt(price.PriceId, 10), "price")
err := update(client, price, &p, "/v1/prices/"+strconv.FormatInt(price.PriceId, 10))
if err != nil {
return nil, err
}
@@ -42,7 +42,7 @@ func updatePrice(client *http.Client, price *handlers.Price) (*handlers.Price, e
}
func deletePrice(client *http.Client, p *handlers.Price) error {
err := remove(client, "/v1/prices/"+strconv.FormatInt(p.PriceId, 10), "price")
err := remove(client, "/v1/prices/"+strconv.FormatInt(p.PriceId, 10))
if err != nil {
return err
}

16
internal/handlers/reports.go
View File

@@ -223,14 +223,8 @@ func ReportHandler(r *http.Request, context *Context) ResponseWriterWriter {
}
if r.Method == "POST" {
report_json := r.PostFormValue("report")
if report_json == "" {
return NewError(3 /*Invalid Request*/)
}
var report Report
err := report.Read(report_json)
if err != nil {
if err := ReadJSON(r, &report); err != nil {
return NewError(3 /*Invalid Request*/)
}
report.ReportId = -1
@@ -283,14 +277,8 @@ func ReportHandler(r *http.Request, context *Context) ResponseWriterWriter {
}
if r.Method == "PUT" {
report_json := r.PostFormValue("report")
if report_json == "" {
return NewError(3 /*Invalid Request*/)
}
var report Report
err := report.Read(report_json)
if err != nil || report.ReportId != reportid {
if err := ReadJSON(r, &report); err != nil || report.ReportId != reportid {
return NewError(3 /*Invalid Request*/)
}
report.UserId = user.UserId

12
internal/handlers/reports_test.go
View File

@@ -9,13 +9,13 @@ import (
func createReport(client *http.Client, report *handlers.Report) (*handlers.Report, error) {
var r handlers.Report
err := create(client, report, &r, "/v1/reports/", "report")
err := create(client, report, &r, "/v1/reports/")
return &r, err
}
func getReport(client *http.Client, reportid int64) (*handlers.Report, error) {
var r handlers.Report
err := read(client, &r, "/v1/reports/"+strconv.FormatInt(reportid, 10), "report")
err := read(client, &r, "/v1/reports/"+strconv.FormatInt(reportid, 10))
if err != nil {
return nil, err
}
@@ -24,7 +24,7 @@ func getReport(client *http.Client, reportid int64) (*handlers.Report, error) {
func getReports(client *http.Client) (*handlers.ReportList, error) {
var rl handlers.ReportList
err := read(client, &rl, "/v1/reports/", "reports")
err := read(client, &rl, "/v1/reports/")
if err != nil {
return nil, err
}
@@ -33,7 +33,7 @@ func getReports(client *http.Client) (*handlers.ReportList, error) {
func updateReport(client *http.Client, report *handlers.Report) (*handlers.Report, error) {
var r handlers.Report
err := update(client, report, &r, "/v1/reports/"+strconv.FormatInt(report.ReportId, 10), "report")
err := update(client, report, &r, "/v1/reports/"+strconv.FormatInt(report.ReportId, 10))
if err != nil {
return nil, err
}
@@ -41,7 +41,7 @@ func updateReport(client *http.Client, report *handlers.Report) (*handlers.Repor
}
func deleteReport(client *http.Client, r *handlers.Report) error {
err := remove(client, "/v1/reports/"+strconv.FormatInt(r.ReportId, 10), "report")
err := remove(client, "/v1/reports/"+strconv.FormatInt(r.ReportId, 10))
if err != nil {
return err
}
@@ -50,7 +50,7 @@ func deleteReport(client *http.Client, r *handlers.Report) error {
func tabulateReport(client *http.Client, reportid int64) (*handlers.Tabulation, error) {
var t handlers.Tabulation
err := read(client, &t, "/v1/reports/"+strconv.FormatInt(reportid, 10)+"/tabulations", "tabulation")
err := read(client, &t, "/v1/reports/"+strconv.FormatInt(reportid, 10)+"/tabulations")
if err != nil {
return nil, err
}

16
internal/handlers/securities.go
View File

@@ -253,14 +253,8 @@ func SecurityHandler(r *http.Request, context *Context) ResponseWriterWriter {
}
if r.Method == "POST" {
security_json := r.PostFormValue("security")
if security_json == "" {
return NewError(3 /*Invalid Request*/)
}
var security Security
err := security.Read(security_json)
if err != nil {
if err := ReadJSON(r, &security); err != nil {
return NewError(3 /*Invalid Request*/)
}
security.SecurityId = -1
@@ -304,14 +298,8 @@ func SecurityHandler(r *http.Request, context *Context) ResponseWriterWriter {
return NewError(3 /*Invalid Request*/)
}
if r.Method == "PUT" {
security_json := r.PostFormValue("security")
if security_json == "" {
return NewError(3 /*Invalid Request*/)
}
var security Security
err := security.Read(security_json)
if err != nil || security.SecurityId != securityid {
if err := ReadJSON(r, &security); err != nil || security.SecurityId != securityid {
return NewError(3 /*Invalid Request*/)
}
security.UserId = user.UserId

10
internal/handlers/securities_test.go
View File

@@ -9,13 +9,13 @@ import (
func createSecurity(client *http.Client, security *handlers.Security) (*handlers.Security, error) {
var s handlers.Security
err := create(client, security, &s, "/v1/securities/", "security")
err := create(client, security, &s, "/v1/securities/")
return &s, err
}
func getSecurity(client *http.Client, securityid int64) (*handlers.Security, error) {
var s handlers.Security
err := read(client, &s, "/v1/securities/"+strconv.FormatInt(securityid, 10), "security")
err := read(client, &s, "/v1/securities/"+strconv.FormatInt(securityid, 10))
if err != nil {
return nil, err
}
@@ -24,7 +24,7 @@ func getSecurity(client *http.Client, securityid int64) (*handlers.Security, err
func getSecurities(client *http.Client) (*handlers.SecurityList, error) {
var sl handlers.SecurityList
err := read(client, &sl, "/v1/securities/", "securities")
err := read(client, &sl, "/v1/securities/")
if err != nil {
return nil, err
}
@@ -33,7 +33,7 @@ func getSecurities(client *http.Client) (*handlers.SecurityList, error) {
func updateSecurity(client *http.Client, security *handlers.Security) (*handlers.Security, error) {
var s handlers.Security
err := update(client, security, &s, "/v1/securities/"+strconv.FormatInt(security.SecurityId, 10), "security")
err := update(client, security, &s, "/v1/securities/"+strconv.FormatInt(security.SecurityId, 10))
if err != nil {
return nil, err
}
@@ -41,7 +41,7 @@ func updateSecurity(client *http.Client, security *handlers.Security) (*handlers
}
func deleteSecurity(client *http.Client, s *handlers.Security) error {
err := remove(client, "/v1/securities/"+strconv.FormatInt(s.SecurityId, 10), "security")
err := remove(client, "/v1/securities/"+strconv.FormatInt(s.SecurityId, 10))
if err != nil {
return err
}

10
internal/handlers/sessions.go
View File

@@ -103,14 +103,8 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
func SessionHandler(r *http.Request, context *Context) ResponseWriterWriter {
if r.Method == "POST" || r.Method == "PUT" {
user_json := r.PostFormValue("user")
if user_json == "" {
return NewError(3 /*Invalid Request*/)
}
user := User{}
err := user.Read(user_json)
if err != nil {
var user User
if err := ReadJSON(r, &user); err != nil {
return NewError(3 /*Invalid Request*/)
}

6
internal/handlers/sessions_test.go
View File

@@ -21,19 +21,19 @@ func newSession(user *User) (*http.Client, error) {
client = *server.Client()
client.Jar = jar
create(&client, user, &u, "/v1/sessions/", "user")
create(&client, user, &u, "/v1/sessions/")
return &client, nil
}
func getSession(client *http.Client) (*handlers.Session, error) {
var s handlers.Session
err := read(client, &s, "/v1/sessions/", "session")
err := read(client, &s, "/v1/sessions/")
return &s, err
}
func deleteSession(client *http.Client) error {
return remove(client, "/v1/sessions/", "session")
return remove(client, "/v1/sessions/")
}
func sessionExistsOrError(c *http.Client) error {

16
internal/handlers/transactions.go
View File

@@ -407,14 +407,8 @@ func TransactionHandler(r *http.Request, context *Context) ResponseWriterWriter
}
if r.Method == "POST" {
transaction_json := r.PostFormValue("transaction")
if transaction_json == "" {
return NewError(3 /*Invalid Request*/)
}
var transaction Transaction
err := transaction.Read(transaction_json)
if err != nil {
if err := ReadJSON(r, &transaction); err != nil {
return NewError(3 /*Invalid Request*/)
}
transaction.TransactionId = -1
@@ -480,14 +474,8 @@ func TransactionHandler(r *http.Request, context *Context) ResponseWriterWriter
return NewError(3 /*Invalid Request*/)
}
if r.Method == "PUT" {
transaction_json := r.PostFormValue("transaction")
if transaction_json == "" {
return NewError(3 /*Invalid Request*/)
}
var transaction Transaction
err := transaction.Read(transaction_json)
if err != nil || transaction.TransactionId != transactionid {
if err := ReadJSON(r, &transaction); err != nil || transaction.TransactionId != transactionid {
return NewError(3 /*Invalid Request*/)
}
transaction.UserId = user.UserId

12
internal/handlers/transactions_test.go
View File

@@ -12,13 +12,13 @@ import (
func createTransaction(client *http.Client, transaction *handlers.Transaction) (*handlers.Transaction, error) {
var s handlers.Transaction
err := create(client, transaction, &s, "/v1/transactions/", "transaction")
err := create(client, transaction, &s, "/v1/transactions/")
return &s, err
}
func getTransaction(client *http.Client, transactionid int64) (*handlers.Transaction, error) {
var s handlers.Transaction
err := read(client, &s, "/v1/transactions/"+strconv.FormatInt(transactionid, 10), "transaction")
err := read(client, &s, "/v1/transactions/"+strconv.FormatInt(transactionid, 10))
if err != nil {
return nil, err
}
@@ -27,7 +27,7 @@ func getTransaction(client *http.Client, transactionid int64) (*handlers.Transac
func getTransactions(client *http.Client) (*handlers.TransactionList, error) {
var tl handlers.TransactionList
err := read(client, &tl, "/v1/transactions/", "transactions")
err := read(client, &tl, "/v1/transactions/")
if err != nil {
return nil, err
}
@@ -50,7 +50,7 @@ func getAccountTransactions(client *http.Client, accountid, page, limit int64, s
query += "?" + params.Encode()
}
err := read(client, &atl, query, "accounttransactions")
err := read(client, &atl, query)
if err != nil {
return nil, err
}
@@ -59,7 +59,7 @@ func getAccountTransactions(client *http.Client, accountid, page, limit int64, s
func updateTransaction(client *http.Client, transaction *handlers.Transaction) (*handlers.Transaction, error) {
var s handlers.Transaction
err := update(client, transaction, &s, "/v1/transactions/"+strconv.FormatInt(transaction.TransactionId, 10), "transaction")
err := update(client, transaction, &s, "/v1/transactions/"+strconv.FormatInt(transaction.TransactionId, 10))
if err != nil {
return nil, err
}
@@ -67,7 +67,7 @@ func updateTransaction(client *http.Client, transaction *handlers.Transaction) (
}
func deleteTransaction(client *http.Client, s *handlers.Transaction) error {
err := remove(client, "/v1/transactions/"+strconv.FormatInt(s.TransactionId, 10), "transaction")
err := remove(client, "/v1/transactions/"+strconv.FormatInt(s.TransactionId, 10))
if err != nil {
return err
}

18
internal/handlers/users.go
View File

@@ -177,20 +177,14 @@ func DeleteUser(tx *Tx, u *User) error {
func UserHandler(r *http.Request, context *Context) ResponseWriterWriter {
if r.Method == "POST" {
user_json := r.PostFormValue("user")
if user_json == "" {
return NewError(3 /*Invalid Request*/)
}
var user User
err := user.Read(user_json)
if err != nil {
if err := ReadJSON(r, &user); err != nil {
return NewError(3 /*Invalid Request*/)
}
user.UserId = -1
user.HashPassword()
err = InsertUser(context.Tx, &user)
err := InsertUser(context.Tx, &user)
if err != nil {
if _, ok := err.(UserExistsError); ok {
return NewError(4 /*User Exists*/)
@@ -219,16 +213,10 @@ func UserHandler(r *http.Request, context *Context) ResponseWriterWriter {
if r.Method == "GET" {
return user
} else if r.Method == "PUT" {
user_json := r.PostFormValue("user")
if user_json == "" {
return NewError(3 /*Invalid Request*/)
}
// Save old PWHash in case the new password is bogus
old_pwhash := user.PasswordHash
err = user.Read(user_json)
if err != nil || user.UserId != userid {
if err := ReadJSON(r, &user); err != nil || user.UserId != userid {
return NewError(3 /*Invalid Request*/)
}

8
internal/handlers/users_test.go
View File

@@ -9,13 +9,13 @@ import (
func createUser(user *User) (*User, error) {
var u User
err := create(server.Client(), user, &u, "/v1/users/", "user")
err := create(server.Client(), user, &u, "/v1/users/")
return &u, err
}
func getUser(client *http.Client, userid int64) (*User, error) {
var u User
err := read(client, &u, "/v1/users/"+strconv.FormatInt(userid, 10), "user")
err := read(client, &u, "/v1/users/"+strconv.FormatInt(userid, 10))
if err != nil {
return nil, err
}
@@ -24,7 +24,7 @@ func getUser(client *http.Client, userid int64) (*User, error) {
func updateUser(client *http.Client, user *User) (*User, error) {
var u User
err := update(client, user, &u, "/v1/users/"+strconv.FormatInt(user.UserId, 10), "user")
err := update(client, user, &u, "/v1/users/"+strconv.FormatInt(user.UserId, 10))
if err != nil {
return nil, err
}
@@ -32,7 +32,7 @@ func updateUser(client *http.Client, user *User) (*User, error) {
}
func deleteUser(client *http.Client, u *User) error {
err := remove(client, "/v1/users/"+strconv.FormatInt(u.UserId, 10), "user")
err := remove(client, "/v1/users/"+strconv.FormatInt(u.UserId, 10))
if err != nil {
return err
}

12
internal/handlers/util.go
View File

@@ -1,10 +1,22 @@
package handlers
import (
"encoding/json"
"fmt"
"io"
"io/ioutil"
"net/http"
)
func ReadJSON(r *http.Request, v interface{}) error {
jsonstring, err := ioutil.ReadAll(io.LimitReader(r.Body, 10*1024*1024 /*10Mb*/))
if err != nil {
return err
}
return json.Unmarshal(jsonstring, v)
}
type ResponseWrapper struct {
Code int
Writer ResponseWriterWriter