CHANGE: added Frontend + auth

2025-02-19 21:16:58 +01:00
parent f2e9eaf092
commit 35778e58b3
25 changed files with 2160 additions and 22 deletions
--- a/Backend/endpoints/time.go
+++ b/Backend/endpoints/time.go
@@ -3,10 +3,12 @@ package endpoints
 import (
 	"arbeitszeitmessung/helper"
 	"arbeitszeitmessung/models"
+	"arbeitszeitmessung/templates"
 	"encoding/json"
 	"log"
 	"net/http"
 	"strconv"
+	"time"
 )

 // Frontend relevant backend functionality -> not used by the arduino devices
@@ -15,7 +17,7 @@ func TimeHandler(w http.ResponseWriter, r *http.Request) {
 	switch r.Method {
 	case "GET":
 		getBookings(w, r)
-	case "UPDATE":
+	case "POST":
 		updateBooking(w, r)
 	case "OPTIONS":
 		// just support options header for non GET Requests from SWAGGER
@@ -25,22 +27,53 @@ func TimeHandler(w http.ResponseWriter, r *http.Request) {
 	}
 }

+func parseTimestamp(r *http.Request , get_key string, fallback string) (time.Time, error) {
+	_timestamp_get := r.URL.Query().Get(get_key)
+	if(_timestamp_get == "") {
+		_timestamp_get = fallback
+	}
+	timestamp_get, err := time.Parse("2006-01-02", _timestamp_get)
+	if(err != nil){
+		return time.Now(), err
+	}
+	return timestamp_get, nil
+}
+

 // Returns bookings from DB with similar card uid -> checks for card uid in http query params
 func getBookings(w http.ResponseWriter, r *http.Request) {
 	card_uid := r.URL.Query().Get("card_uid")
+	if card_uid == "" && Session.Exists(r.Context(), "card_uid"){
+		card_uid = Session.GetString(r.Context(), "user")
+	}
 	if card_uid == "" {
-		http.Error(w, "Missing cardID query parameter", http.StatusBadRequest)
+		http.Error(w, "Missing card_uid query parameter", http.StatusBadRequest)
 		return
 	}
-	bookings, err := (*models.Booking).GetBookingsByCardID(nil, card_uid)
+
+	tsFrom, err := parseTimestamp(r, "time_from", "2000-01-01")
+	if(err != nil ){
+		log.Println("Error parsing 'from' time", err)
+		http.Error(w, "Timestamp 'from' cannot be parsed!", http.StatusBadRequest)
+		return
+	}
+	tsTo, err := parseTimestamp(r, "time_to", time.Now().Format("2006-01-02"))
+	if(err != nil ){
+		log.Println("Error parsing 'to' time", err)
+		http.Error(w, "Timestamp 'to' cannot be parsed!", http.StatusBadRequest)
+		return
+	}
+	tsTo = tsTo.AddDate(0,0,1) // so that today is inside
+
+	bookings, err := (*models.Booking).GetBookingsGrouped(nil, card_uid, tsFrom, tsTo)
 	if err != nil {
 		log.Println("Error getting bookings: ", err)
 		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
 		return
 	}
-	w.Header().Set("Content-Type", "application/json")
-	json.NewEncoder(w).Encode(bookings)
+	templates.OverviewPage(bookings).Render(r.Context(), w)
+	// w.Header().Set("Content-Type", "application/json")
+	// json.NewEncoder(w).Encode(bookings)
 }

 // Updates a booking form the given json body
@@ -55,7 +88,7 @@ func updateBooking(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "Invalid bookingID query parameter", http.StatusBadRequest)
 		return
 	}
-	_booking, err := (*models.Booking).GetBookingById(nil, booking_id)
+	bookingDB, err := (*models.Booking).GetBookingById(nil, booking_id)
 	if err != nil {
 		log.Println("Error getting booking: ", err)
 		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
@@ -70,13 +103,13 @@ func updateBooking(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
 		return
 	}
-	if booking.CounterId != 0 && booking.CounterId != _booking.CounterId {
+	if booking.CounterId != 0 && booking.CounterId != bookingDB.CounterId {
 		log.Println("Booking Ids do not match")
 		http.Error(w, "Booking Ids do not match", http.StatusBadRequest)
 		return
 	}
-	_booking.Update(booking)
-	_booking.Save()
+	bookingDB.Update(booking)
+	bookingDB.Save()
 	w.Header().Set("Content-Type", "application/json")
-	json.NewEncoder(w).Encode(_booking)
+	json.NewEncoder(w).Encode(bookingDB)
 }
--- a/Backend/endpoints/user.go
+++ b/Backend/endpoints/user.go
@@ -0,0 +1,62 @@
+package endpoints
+
+import (
+	"arbeitszeitmessung/models"
+	"arbeitszeitmessung/templates"
+	"log"
+	"net/http"
+	"time"
+
+	"github.com/alexedwards/scs/v2"
+)
+
+var Session *scs.SessionManager
+
+func CreateSessionManager(lifetime time.Duration) *scs.SessionManager {
+	Session = scs.New()
+	Session.Lifetime = lifetime
+	return Session
+}
+
+func LoginHandler(w http.ResponseWriter, r *http.Request){
+	switch r.Method{
+		case http.MethodGet: showForm(w, r)
+		break
+		case http.MethodPost: loginUser(w, r)
+		break
+		default:
+		showForm(w, r)
+		break
+	}
+}
+
+func showForm(w http.ResponseWriter, r *http.Request){
+	templates.LoginForm().Render(r.Context(), w)
+}
+
+func loginUser(w http.ResponseWriter, r *http.Request){
+	err := r.ParseForm()
+	if err != nil {
+		log.Println("Error parsing form!", err)
+		http.Error(w, "Internal error", http.StatusBadRequest)
+	}
+	card_uid := r.FormValue("card_uid")
+	if(card_uid == ""){
+		log.Println("No card_uid provided!")
+		http.Error(w, "No card_uid provided", http.StatusBadRequest)
+	}
+	user, err := (*models.User).GetById(nil, card_uid)
+	if(err != nil){
+		log.Println("No user found under this card_uid!")
+		http.Error(w, "No user found!", http.StatusNotFound)
+	}
+
+	password := r.FormValue("password")
+	if(user.Login(password)){
+		log.Printf("New succesfull user login from %s %s!\n", user.Vorname, user.Name)
+		Session.Put(r.Context(), "user", user.CardUID)
+		http.Redirect(w, r, "/time", http.StatusSeeOther) //with this browser always uses GET
+	}
+
+showForm(w, r)
+}