Code Review For Go Beginner

cretzel · March 26, 2019, 9:24pm

Hi, I recently got started with go. I’m writing a little web application managing contacts. I’d appreciate if you could have a look at the following code and give me some tipps on how to improve the code. This is a mux router which provides some basic CRUD operations. One thing for example that annoys me is the repeated authentication checks.

package server

import (
	"log"
	"encoding/json"
	"errors"
	"net/http"
	"github.com/gorilla/mux"
	"github.com/cretzel/dopi-contacts/pkg"
)

type contactRouter struct {
	contactService root.ContactService
}

func NewContactRouter(contactService root.ContactService, router *mux.Router) *mux.Router {
	contactRouter := contactRouter{contactService}
	router.HandleFunc("/contacts", contactRouter.getContacts).Methods("GET")
	router.HandleFunc("/contacts", contactRouter.createContact).Methods("POST")
	router.HandleFunc("/contacts/{id}", contactRouter.updateContact).Methods("PUT")
	router.HandleFunc("/contacts/{id}", contactRouter.deleteContact).Methods("DELETE")
	return router
}

func (router *contactRouter) getContacts(response http.ResponseWriter, request *http.Request) {
	username, err := getCurrentUser(request)
	if err != nil {
		Error(response, http.StatusForbidden, err.Error())
		return
	}

	contacts, err := router.contactService.GetContacts(username)
	if err != nil {
		Error(response, http.StatusInternalServerError, err.Error())
		return
	}

	Json(response, http.StatusOK, contacts)
}

func (router *contactRouter) createContact(response http.ResponseWriter, request *http.Request) {
	username, err := getCurrentUser(request)
	if err != nil {
		Error(response, http.StatusForbidden, err.Error())
		return
	}

	contact, err := decodeContact(request)
	if err != nil {
		Error(response, http.StatusBadRequest, "Invalid request payload")
		return
	}

	responseContact, err := router.contactService.CreateContact(username, &contact)
	if err != nil {
		Error(response, http.StatusInternalServerError, err.Error())
		return
	}

	Json(response, http.StatusCreated, responseContact)
}

func (router *contactRouter) updateContact(response http.ResponseWriter, request *http.Request) {
	username, err := getCurrentUser(request)
	if err != nil {
		Error(response, http.StatusForbidden, err.Error())
		return
	}

	vars := mux.Vars(request)
	id := vars["id"]

	contact, err := decodeContact(request)
	if err != nil {
		Error(response, http.StatusBadRequest, "Invalid request payload")
		return
	}

	err = router.contactService.UpdateContact(username, id, &contact)
	if err != nil {
		Error(response, http.StatusInternalServerError, err.Error())
		return
	}

	Json(response, http.StatusOK, nil)
}

func (router *contactRouter) deleteContact(response http.ResponseWriter, request *http.Request) {
	username, err := getCurrentUser(request)
	if err != nil {
		Error(response, http.StatusForbidden, err.Error())
		return
	}

	vars := mux.Vars(request)
	id := vars["id"]

	err = router.contactService.DeleteContact(username, id)
	if err != nil {
		Error(response, http.StatusInternalServerError, err.Error())
		return
	}

	Json(response, http.StatusOK, "")
}

func decodeContact(request *http.Request) (root.Contact, error) {
	var contact root.Contact
	if request.Body == nil {
		return contact, errors.New("no request body")
	}
	decoder := json.NewDecoder(request.Body)
	err := decoder.Decode(&contact)
	return contact, err
}

func getCurrentUser(request *http.Request) (string, error) {
	username := request.Header.Get("X-User")
	log.Println("Username", username)
	if (username == "") {
		return username, errors.New("no username found")
	}
	return username, nil
}

gonzalo.chumillas · March 26, 2019, 10:03pm

Hi Cretzel,
You can use a middleware to deal with authentication. For example, you can use a middleware to verify that the user was correctly authenticated and then save it into a “context”:

github.com

gchumillas/photomanager/blob/master/handler/middlewares.go#L39


			httpError(w, unauthorizedError)
			return
		}


		u := &manager.User{AccessToken: token}
		if !u.ReadUserByToken(env.DB) {
			httpError(w, unauthorizedError)
			return
		}


		ctx := context.WithValue(r.Context(), contextAuthUser, u)
		next.ServeHTTP(w, r.WithContext(ctx))
	})
}

Later, you can retrieve that user from your handlers:

github.com

gchumillas/photomanager/blob/master/handler/category_handlers.go#L15


	"net/http"
	"strconv"
	"strings"


	"github.com/gchumillas/photomanager/manager"
	"github.com/gorilla/mux"
)


// GetCategories gets all the categories.
func (env *Env) GetCategories(w http.ResponseWriter, r *http.Request) {
	u := getAuthUser(r)


	params := mux.Vars(r)
	parentCatID := params["catID"]


	sortCols := strings.Split(getParam(r, "sort", "name"), ",")
	for _, col := range sortCols {
		pos := strings.IndexRune(col, '-')
		str := col
		if pos > -1 {
			str = col[pos+1:]

github.com

gchumillas/photomanager/blob/master/handler/handler.go#L41


	unauthorizedError   = httpStatus{401, "Not authorized."}
	docNotFoundError    = httpStatus{404, "Document not found."}
)


// Env contains common variables, such as the database access, etc.
type Env struct {
	DB              *mgo.Database
	MaxItemsPerPage int
}


func getAuthUser(r *http.Request) *manager.User {
	return r.Context().Value(contextAuthUser).(*manager.User)
}


func parsePayload(w http.ResponseWriter, r *http.Request, payload interface{}) {
	dec := json.NewDecoder(r.Body)


	if err := dec.Decode(payload); err != nil {
		httpError(w, payloadError)
		return
	}

I made the previous project to learn GO as well

system · June 24, 2019, 10:04pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.