OTUS
/
HighLoad_HomeWork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Работа над ошибками

actency-mysql57-replication
Andrey Ivanov 2021-01-12 13:07:18 +03:00 committed by ya@tiburon.su
parent f067e68d3d
commit 5faee4e573
5 changed files with 42 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
go.mod
View File

@ -10,4 +10,5 @@ require (
github.com/gorilla/context v1.1.1 // indirect github.com/gorilla/context v1.1.1 // indirect
github.com/gorilla/sessions v1.2.1 // indirect github.com/gorilla/sessions v1.2.1 // indirect
github.com/tiburon-777/modules v0.0.0-20201210103219-a0362a8da783 github.com/tiburon-777/modules v0.0.0-20201210103219-a0362a8da783
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
) )

1
go.sum
View File

@ -39,6 +39,7 @@ go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/
go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=

68
internal/handlers/handlers.go
View File

@ -1,12 +1,13 @@
package handlers package handlers
import ( import (
"encoding/base64"
"fmt" "fmt"
"github.com/codegangsta/martini-contrib/render" "github.com/codegangsta/martini-contrib/render"
"github.com/codegangsta/martini-contrib/sessions" "github.com/codegangsta/martini-contrib/sessions"
_ "github.com/go-sql-driver/mysql"
"github.com/tiburon-777/OTUS_HighLoad/internal/application" "github.com/tiburon-777/OTUS_HighLoad/internal/application"
"github.com/tiburon-777/OTUS_HighLoad/internal/auth" "github.com/tiburon-777/OTUS_HighLoad/internal/auth"
"golang.org/x/crypto/bcrypt"
"log" "log"
"net/http" "net/http"
"strconv" "strconv"
@ -21,7 +22,7 @@ func GetHome(app application.App, r render.Render, user auth.User) {
var users []auth.UserModel var users []auth.UserModel
var tmp auth.UserModel var tmp auth.UserModel
var tmpTime string var tmpTime string
query := fmt.Sprintf(`SELECT var results, err = app.DB.Query(`SELECT
users.id as id, users.id as id,
users.name as name, users.name as name,
users.surname as surname, users.surname as surname,
@ -32,11 +33,9 @@ func GetHome(app application.App, r render.Render, user auth.User) {
users JOIN relations users JOIN relations
WHERE WHERE
relations.friendId=users.Id relations.friendId=users.Id
AND relations.userId="%s" AND relations.userId=?
GROUP BY users.Id`, GROUP BY users.Id`,
strconv.Itoa(int(user.(*auth.UserModel).Id)), user.(*auth.UserModel).Id)
)
var results, err = app.DB.Query(query)
if err != nil || results == nil { if err != nil || results == nil {
err500("can't get user list from DB: ", err, r) err500("can't get user list from DB: ", err, r)
} }
@ -60,6 +59,13 @@ func GetSignup(r render.Render) {
} }
func PostSignup(app application.App, postedUser auth.UserModel, r render.Render) { func PostSignup(app application.App, postedUser auth.UserModel, r render.Render) {
if len(postedUser.Username) < 3 || len(postedUser.Password) < 3 {
doc := map[string]interface{}{
"msg": "Login and password must be longer then 3 chars",
}
r.HTML(200, "signup", doc)
return
}
t, err := time.Parse("2006-1-2", postedUser.FormBirthDate) t, err := time.Parse("2006-1-2", postedUser.FormBirthDate)
if err != nil { if err != nil {
e := fmt.Errorf("can't parce date: %w", err) e := fmt.Errorf("can't parce date: %w", err)
@ -69,10 +75,14 @@ func PostSignup(app application.App, postedUser auth.UserModel, r render.Render)
} }
r.HTML(500, "500", doc) r.HTML(500, "500", doc)
} }
query := fmt.Sprintf(`INSERT INTO users (username, password, name, surname, birthdate, gender, city, interests) pHash, err := bcrypt.GenerateFromPassword([]byte(postedUser.Password), bcrypt.DefaultCost)
values ("%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")`, if err != nil {
err500("can't generate password hash: ", err, r)
}
_, err = app.DB.Exec(`INSERT INTO users (username, password, name, surname, birthdate, gender, city, interests)
values (?, ?, ?, ?, ?, ?, ?, ?)`,
postedUser.Username, postedUser.Username,
base64.StdEncoding.EncodeToString([]byte(postedUser.Username+":"+postedUser.Password)), pHash,
postedUser.Name, postedUser.Name,
postedUser.Surname, postedUser.Surname,
t.Format("2006-01-02 15:04:05"), t.Format("2006-01-02 15:04:05"),
@ -80,7 +90,6 @@ func PostSignup(app application.App, postedUser auth.UserModel, r render.Render)
postedUser.City, postedUser.City,
postedUser.Interests, postedUser.Interests,
) )
_, err = app.DB.Exec(query)
if err != nil { if err != nil {
err500("can't create account in DB: ", err, r) err500("can't create account in DB: ", err, r)
} }
@ -93,7 +102,7 @@ func GetUserList(app application.App, user auth.User, r render.Render) {
var users []auth.UserModel var users []auth.UserModel
var tmp auth.UserModel var tmp auth.UserModel
var tmpTime string var tmpTime string
query := fmt.Sprintf(`SELECT var results, err = app.DB.Query(`SELECT
users.id as id, users.id as id,
users.name as name, users.name as name,
users.surname as surname, users.surname as surname,
@ -103,16 +112,17 @@ func GetUserList(app application.App, user auth.User, r render.Render) {
FROM FROM
users users
WHERE WHERE
NOT users.id=%d NOT users.id=?
AND users.id NOT IN ( AND users.id NOT IN (
SELECT SELECT
relations.friendId relations.friendId
FROM FROM
relations relations
WHERE WHERE
relations.userId=%d)`, int(user.(*auth.UserModel).Id), int(user.(*auth.UserModel).Id)) relations.userId=?)`,
user.(*auth.UserModel).Id,
var results, err = app.DB.Query(query) user.(*auth.UserModel).Id,
)
if err != nil || results == nil { if err != nil || results == nil {
err500("can't get user list from DB: ", err, r) err500("can't get user list from DB: ", err, r)
} }
@ -131,12 +141,14 @@ func GetUserList(app application.App, user auth.User, r render.Render) {
} }
func PostLogin(app application.App, session sessions.Session, postedUser auth.UserModel, r render.Render, req *http.Request) { func PostLogin(app application.App, session sessions.Session, postedUser auth.UserModel, r render.Render, req *http.Request) {
hash := base64.StdEncoding.EncodeToString([]byte(postedUser.Username + ":" + postedUser.Password))
user := auth.UserModel{} user := auth.UserModel{}
query := fmt.Sprintf("SELECT id FROM users WHERE username=\"%s\" and password =\"%s\"", postedUser.Username, hash) err1 := app.DB.QueryRow("SELECT id, password FROM users WHERE username=?", postedUser.Username).Scan(&user.Id, &user.Password)
err := app.DB.QueryRow(query).Scan(&user.Id) err2 := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(postedUser.Password))
if err1 != nil || err2 != nil {
if err != nil || user.Id == 0 { doc := map[string]interface{}{
"msg": "Wrong user or password. You may sign in.",
}
r.HTML(200, "login", doc)
r.Redirect(auth.RedirectUrl) r.Redirect(auth.RedirectUrl)
return return
} else { } else {
@ -160,11 +172,11 @@ func GetSubscribe(app application.App, r render.Render, user auth.User, req *htt
if err != nil { if err != nil {
err500("can't convert URL query value: ", err, r) err500("can't convert URL query value: ", err, r)
} }
query := fmt.Sprintf(`REPLACE INTO relations (userId, friendId) values ("%d", "%d")`, _, err = app.DB.Exec(`REPLACE INTO relations (userId, friendId) values (?, ?)`, user.(*auth.UserModel).Id, did)
user.(*auth.UserModel).Id, if err != nil {
did, err500("can't create relation in DB: ", err, r)
) }
_, err = app.DB.Exec(query) _, err = app.DB.Exec(`REPLACE INTO relations (userId, friendId) values (?, ?)`, did, user.(*auth.UserModel).Id)
if err != nil { if err != nil {
err500("can't create relation in DB: ", err, r) err500("can't create relation in DB: ", err, r)
} }
@ -180,11 +192,7 @@ func GetUnSubscribe(app application.App, r render.Render, user auth.User, req *h
if err != nil { if err != nil {
err500("can't convert URL query value: ", err, r) err500("can't convert URL query value: ", err, r)
} }
query := fmt.Sprintf(`DELETE FROM relations WHERE userId="%d" AND friendId="%d"`, _, err = app.DB.Exec(`DELETE FROM relations WHERE (userId,friendId) IN ((?, ?),(?, ?))`, user.(*auth.UserModel).Id, did, did, user.(*auth.UserModel).Id)
user.(*auth.UserModel).Id,
did,
)
_, err = app.DB.Exec(query)
if err != nil { if err != nil {
err500("can't remove relation from DB: ", err, r) err500("can't remove relation from DB: ", err, r)
} }

1
templates/login.tmpl
View File

@ -2,6 +2,7 @@
<html> <html>
<body> <body>
<h2>You must login!</h2> <h2>You must login!</h2>
<p style="color: red;"><b>{{ .msg }}</b></p>
<form method="POST"> <form method="POST">
<input type="text" placeholder="Username" name="username" /><br /> <input type="text" placeholder="Username" name="username" /><br />
<input type="password" placeholder="Password" name="password" /><br /> <input type="password" placeholder="Password" name="password" /><br />

1
templates/signup.tmpl
View File

@ -5,6 +5,7 @@
</head> </head>
<body> <body>
<h2>Create account</h2> <h2>Create account</h2>
<p style="color: red;"><b>{{ .msg }}</b></p>
<form method="POST"> <form method="POST">
<table> <table>
<tr> <tr>