budgeteer/http/http.go

package http

import (
	"io/fs"
	"net/http"
	"time"

	"git.javil.eu/jacob1123/budgeteer"
	"git.javil.eu/jacob1123/budgeteer/bcrypt"
	"git.javil.eu/jacob1123/budgeteer/postgres"
	"git.javil.eu/jacob1123/budgeteer/web"

	"github.com/gin-gonic/gin"
	"github.com/google/uuid"
)

// Handler handles incoming requests
type Handler struct {
	Service             *postgres.Repository
	TokenVerifier       budgeteer.TokenVerifier
	CredentialsVerifier *bcrypt.Verifier
}

const (
	expiration = 72
	authCookie = "authentication"
)

// Serve starts the HTTP Server
func (h *Handler) Serve() {
	router := gin.Default()

	templates, err := NewTemplates(router.FuncMap)
	if err != nil {
		panic(err)
	}

	router.HTMLRender = templates

	static, err := fs.Sub(web.Static, "static")
	if err != nil {
		panic("couldn't open static files")
	}
	router.StaticFS("/static", http.FS(static))

	router.GET("/", func(c *gin.Context) { c.HTML(http.StatusOK, "index.html", nil) })
	router.GET("/login", h.login)
	router.GET("/register", h.register)
	withBudget := router.Group("")
	{
		withBudget.Use(h.verifyLoginWithRedirect)
		withBudget.Use(h.getImportantData)
		withBudget.GET("/dashboard", h.dashboard)
		withBudget.GET("/budget/:budgetid", h.budget)
		withBudget.GET("/budget/:budgetid/accounts", h.accounts)
		withBudget.GET("/account/:accountid", h.account)
		withBudget.GET("/admin", h.admin)
		withBudget.GET("/admin/clear-database", h.clearDatabase)
	}
	api := router.Group("/api/v1")
	{
		user := api.Group("/user")
		{
			unauthenticated := user.Group("")
			{
				unauthenticated.GET("/login", func(c *gin.Context) { c.Redirect(http.StatusPermanentRedirect, "/login") })
				unauthenticated.POST("/login", h.loginPost)
				unauthenticated.POST("/register", h.registerPost)
			}
			authenticated := user.Group("")
			{
				authenticated.Use(h.verifyLoginWithRedirect)
				authenticated.GET("/logout", logout)
			}
		}
		budget := api.Group("/budget")
		{
			budget.Use(h.verifyLoginWithRedirect)
			budget.POST("/new", h.newBudget)
		}
		transaction := api.Group("/transaction")
		{
			transaction.Use(h.verifyLoginWithRedirect)
			transaction.POST("/new", h.newTransaction)
			transaction.POST("/import/ynab", h.importYNAB)
		}
	}

	router.Run(":1323")
}

func (h *Handler) importYNAB(c *gin.Context) {
	transactionsFile, err := c.FormFile("transactions")
	if err != nil {
		c.AbortWithError(http.StatusInternalServerError, err)
		return
	}

	transactions, err := transactionsFile.Open()
	if err != nil {
		c.AbortWithError(http.StatusInternalServerError, err)
		return
	}

	budgetID, succ := c.GetPostForm("budget_id")
	if !succ {
		c.AbortWithError(http.StatusBadRequest, err)
		return
	}

	budgetUUID, err := uuid.Parse(budgetID)
	if !succ {
		c.AbortWithError(http.StatusBadRequest, err)
		return
	}

	ynab, err := NewYNABImport(h.Service.DB, budgetUUID)
	if err != nil {
		c.AbortWithError(http.StatusInternalServerError, err)
		return
	}

	err = ynab.Import(transactions)
	if err != nil {
		c.AbortWithError(http.StatusInternalServerError, err)
		return
	}
}

func (h *Handler) newTransaction(c *gin.Context) {
	transactionMemo, succ := c.GetPostForm("memo")
	if !succ {
		c.AbortWithStatus(http.StatusNotAcceptable)
		return
	}

	transactionAccount, succ := c.GetPostForm("account_id")
	if !succ {
		c.AbortWithStatus(http.StatusNotAcceptable)
		return
	}

	transactionAccountID, err := uuid.Parse(transactionAccount)
	if !succ {
		c.AbortWithStatus(http.StatusNotAcceptable)
		return
	}

	transactionDate, succ := c.GetPostForm("date")
	if !succ {
		c.AbortWithStatus(http.StatusNotAcceptable)
		return
	}

	transactionDateValue, err := time.Parse("2006-01-02", transactionDate)
	if err != nil {
		c.AbortWithStatus(http.StatusNotAcceptable)
		return
	}

	new := postgres.CreateTransactionParams{
		Memo:      transactionMemo,
		Date:      transactionDateValue,
		Amount:    postgres.Numeric{},
		AccountID: transactionAccountID,
	}
	_, err = h.Service.DB.CreateTransaction(c.Request.Context(), new)
	if err != nil {
		c.AbortWithError(http.StatusInternalServerError, err)
		return
	}
}

func (h *Handler) newBudget(c *gin.Context) {
	budgetName, succ := c.GetPostForm("name")
	if !succ {
		c.AbortWithStatus(http.StatusNotAcceptable)
		return
	}

	userID := c.MustGet("token").(budgeteer.Token).GetID()
	_, err := h.Service.NewBudget(budgetName, userID)
	if err != nil {
		c.AbortWithError(http.StatusInternalServerError, err)
		return
	}
}