package user import ( "context" "encoding/json" "fmt" "net/http" "path/filepath" "strings" "time" "gitea.local/admin/hspguard/internal/repository" "gitea.local/admin/hspguard/internal/storage" "gitea.local/admin/hspguard/internal/util" "gitea.local/admin/hspguard/internal/web" "github.com/go-chi/chi/v5" "github.com/google/uuid" "github.com/jackc/pgx/v5/pgtype" "github.com/minio/minio-go/v7" ) type UserHandler struct { repo *repository.Queries minio *storage.FileStorage } func NewUserHandler(repo *repository.Queries, minio *storage.FileStorage) *UserHandler { return &UserHandler{ repo: repo, minio: minio, } } func (h *UserHandler) RegisterRoutes(api chi.Router) { api.Post("/register", h.register) api.Put("/avatar", h.uploadAvatar) } type RegisterParams struct { FullName string `json:"full_name"` Email string `json:"email"` PhoneNumber string `json:"phone"` Password string `json:"password"` } func (h *UserHandler) register(w http.ResponseWriter, r *http.Request) { var params RegisterParams decoder := json.NewDecoder(r.Body) if err := decoder.Decode(¶ms); err != nil { web.Error(w, "failed to parse request body", http.StatusBadRequest) return } if params.Email == "" || params.FullName == "" || params.Password == "" { web.Error(w, "missing required fields", http.StatusBadRequest) return } _, err := h.repo.FindUserEmail(context.Background(), params.Email) if err == nil { web.Error(w, "user with provided email already exists", http.StatusBadRequest) return } hash, err := util.HashPassword(params.Password) if err != nil { web.Error(w, "failed to create user account", http.StatusInternalServerError) return } id, err := h.repo.InsertUser(context.Background(), repository.InsertUserParams{ FullName: params.FullName, Email: params.Email, PasswordHash: hash, IsAdmin: false, }) if err != nil { web.Error(w, "failed to create new user", http.StatusInternalServerError) return } encoder := json.NewEncoder(w) type Response struct { Id string `json:"id"` } if err := encoder.Encode(Response{ Id: id.String(), }); err != nil { web.Error(w, "failed to encode response", http.StatusInternalServerError) } } func (h *UserHandler) uploadAvatar(w http.ResponseWriter, r *http.Request) { userId, ok := util.GetRequestUserId(r.Context()) if !ok { web.Error(w, "failed to get user id from auth session", http.StatusInternalServerError) return } user, err := h.repo.FindUserId(r.Context(), uuid.MustParse(userId)) if err != nil { web.Error(w, "user with provided id does not exist", http.StatusUnauthorized) return } err = r.ParseMultipartForm(10 << 20) if err != nil { web.Error(w, "invalid form data", http.StatusBadRequest) return } file, header, err := r.FormFile("image") if err != nil { web.Error(w, "missing image file", http.StatusBadRequest) return } defer file.Close() ext := strings.ToLower(filepath.Ext(header.Filename)) if ext != ".png" && ext != ".jpg" && ext != ".jpeg" && ext != ".webp" { web.Error(w, "unsupported image format", http.StatusBadRequest) return } objectName := fmt.Sprintf("profile_%s_%d%s", userId, time.Now().UnixNano(), ext) uploadInfo, err := h.minio.PutObject(r.Context(), "guard-storage", objectName, file, header.Size, minio.PutObjectOptions{ ContentType: header.Header.Get("Content-Type"), }) if err != nil { web.Error(w, "failed to upload image", http.StatusInternalServerError) return } imageURL := fmt.Sprintf("http://%s/%s/%s", h.minio.EndpointURL().Host, "guard-storage", uploadInfo.Key) if err := h.repo.UpdateProfilePicture(r.Context(), repository.UpdateProfilePictureParams{ ProfilePicture: pgtype.Text{ String: imageURL, Valid: true, }, ID: user.ID, }); err != nil { web.Error(w, "failed to update profile picture", http.StatusInternalServerError) return } type Response struct { URL string `json:"url"` } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) encoder := json.NewEncoder(w) if err := encoder.Encode(Response{URL: imageURL}); err != nil { web.Error(w, "failed to write response", http.StatusInternalServerError) } }