package restutility import ( "net/http" "encoding/json" ) var _apiVersion = "" var _authEndPoint = "" func SetApiVersion(ver string) string { _apiVersion = ver return _apiVersion } func SetAuthEndpoint(ep string) { _authEndPoint = ep } //// //// ERROR UTILITY //// const templateHttpErr500_EN = "An internal server error has occurred." const templateHttpErr500_RS = "Došlo je do greške na serveru." const templateHttpErr400_EN = "Bad request: invalid request body." const templateHttpErr400_RS = "Neispravan zahtev." type HttpError struct { Error []HttpErrorDesc `json:"error"` Request string `json:"request"` } type HttpErrorDesc struct { Lang string `json:"lang"` Desc string `json:"description"` } func RespondWithHttpError(w http.ResponseWriter, req *http.Request, code int, httpErr []HttpErrorDesc) { err := HttpError{ Error: httpErr, Request: req.Method + " " + req.URL.Path, } w.WriteHeader(code) json.NewEncoder(w).Encode(err) } func RespondWithHttpError400(w http.ResponseWriter, req *http.Request) { RespondWithHttpError(w, req, http.StatusBadRequest, []HttpErrorDesc{ {Lang: "en", Desc: templateHttpErr400_EN}, {Lang: "rs", Desc: templateHttpErr400_RS}, }) } func RespondWithHttpError500(w http.ResponseWriter, req *http.Request) { RespondWithHttpError(w, req, http.StatusInternalServerError, []HttpErrorDesc{ {Lang: "en", Desc: templateHttpErr500_EN}, {Lang: "rs", Desc: templateHttpErr500_RS}, }) } //// //// HANDLER FUNC WRAPPER //// //TODO: Add parameters to enable/disable token and roles authorization checks // Sets common headers and checks for token validity. func ProcessHeaders(fn http.HandlerFunc, authEnabled bool) http.HandlerFunc { return func(w http.ResponseWriter, req *http.Request) { // @TODO: check Content-type header (must be application/json) // ctype := w.Header.Get("Content-Type") // if req.Method != "GET" && ctype != "application/json" { // replyWithHttpError(w, req, http.StatusBadRequest, // "Not a supported content type: " + ctype) // } w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Methods", `POST, GET, PUT, DELETE, OPTIONS`) w.Header().Set("Access-Control-Allow-Headers", `Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization`) w.Header().Set("Content-Type", "application/json; charset=utf-8") if req.Method == "OPTIONS" { return } if authEnabled { if req.URL.Path != _apiVersion + _authEndPoint { token := req.Header.Get("Authorization") if _, err := ParseAPIToken(token); err != nil { RespondWithHttpError(w, req, http.StatusUnauthorized, []HttpErrorDesc{ {Lang: "en", Desc: "Unauthorized request."}, {Lang: "rs", Desc: "Neautorizovani zahtev."}, }) return } } } err := req.ParseForm() if err != nil { RespondWithHttpError(w, req, http.StatusBadRequest, []HttpErrorDesc{ {Lang: "en", Desc: templateHttpErr400_EN}, {Lang: "rs", Desc: templateHttpErr400_RS}, }) return } // execute HandlerFunc fn(w, req) } } //// //// NOT FOUND HANDLER //// func NotFoundHandler(w http.ResponseWriter, req *http.Request) { RespondWithHttpError(w, req, http.StatusNotFound, []HttpErrorDesc{ {Lang: "en", Desc: "Not found."}, {Lang: "rs", Desc: "Traženi resurs ne postoji."}, }) }