Skip to content

Commit

Permalink
actually not return data if token is missing or invalid
Browse files Browse the repository at this point in the history
  • Loading branch information
@rakazirut
rakazirut committed May 3, 2024
1 parent 0435219 commit b3a5a30
Show file tree
Hide file tree
Showing 5 changed files with 165 additions and 35 deletions.
6 changes: 5 additions & 1 deletion account/account.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,11 @@ func AccountLogin(c *gin.Context) {

func ValidateAccountToken(c *gin.Context) {
authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

c.JSON(http.StatusOK, gin.H{
"Message": "Token is valid.",
Expand Down
73 changes: 61 additions & 12 deletions comment/comment.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,11 @@ func CreateComment(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -109,7 +113,11 @@ func CreateCommentReply(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -182,7 +190,12 @@ func GetCommentsByContentUuid(c *gin.Context) {
var comment []Comment

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)

validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand All @@ -207,7 +220,11 @@ func GetCommentByUuid(c *gin.Context) {
var comment Comment

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand All @@ -230,7 +247,11 @@ func GetCommentByUuidWithReplies(c *gin.Context) {
var replies []Comment

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand Down Expand Up @@ -273,7 +294,11 @@ func DeleteCommentByUuid(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand Down Expand Up @@ -319,7 +344,11 @@ func UndeleteCommentByUuid(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand Down Expand Up @@ -364,7 +393,11 @@ func UpdateCommentByUuid(c *gin.Context) {
var updateComment Comment

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

if err := c.BindJSON(&updateComment); err != nil {
return
Expand Down Expand Up @@ -394,7 +427,11 @@ func AddCommentUpvoteByUuid(c *gin.Context) {
var commentVote CommentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -462,7 +499,11 @@ func RemoveCommentUpvoteByUuid(c *gin.Context) {
var commentVote CommentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -518,7 +559,11 @@ func AddCommentDownvoteByUuid(c *gin.Context) {
var commentVote CommentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -586,7 +631,11 @@ func RemoveCommentDownvoteByUuid(c *gin.Context) {
var commentVote CommentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down
72 changes: 60 additions & 12 deletions content/content.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,11 @@ func GetContent(c *gin.Context) {
var content []Content

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

if result := db.Db.Order("id asc").Find(&content); result.Error != nil {
c.JSON(http.StatusBadRequest, gin.H{
Expand All @@ -61,7 +65,11 @@ func GetContentById(c *gin.Context) {
var content Content

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

id := c.Param("id")
if result := db.Db.First(&content, id); result.Error != nil {
Expand All @@ -77,7 +85,11 @@ func GetContentByUuid(c *gin.Context) {
var content Content

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")
if result := db.Db.Where("uuid = ?", uuid).First(&content); result.Error != nil {
Expand All @@ -93,7 +105,11 @@ func GetContentByHiveUuid(c *gin.Context) {
var content []Content

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")
if result := db.Db.Where("hive_uuid = ?", uuid).Find(&content); result.Error != nil {
Expand All @@ -110,7 +126,11 @@ func CreateContent(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -159,7 +179,11 @@ func AddContentUpvoteByUuid(c *gin.Context) {
var contentVote ContentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -240,7 +264,11 @@ func RemoveContentUpvoteByUuid(c *gin.Context) {
var contentVote ContentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -307,7 +335,11 @@ func AddContentDownvoteByUuid(c *gin.Context) {
var contentVote ContentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -388,7 +420,11 @@ func RemoveContentDownvoteByUuid(c *gin.Context) {
var contentVote ContentVote

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}
claims, err := token.ParseToken(authToken)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
Expand Down Expand Up @@ -454,7 +490,11 @@ func DeleteContentByUuid(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand Down Expand Up @@ -490,7 +530,11 @@ func UndeleteContentByUuid(c *gin.Context) {
var hive hive.Hive

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

uuid := c.Param("uuid")

Expand Down Expand Up @@ -526,7 +570,11 @@ func UpdateContentByUuid(c *gin.Context) {
var updateContent Content

authToken := c.GetHeader("Authorization")
token.CheckToken(c, authToken)
validToken := token.CheckToken(c, authToken)

if !validToken {
return
}

if err := c.BindJSON(&updateContent); err != nil {
return
Expand Down
Loading

0 comments on commit b3a5a30

Please sign in to comment.