From 985a790da23e9b5a0b273c0d0787bf99fbd29103 Mon Sep 17 00:00:00 2001
From: Yege1893 <yannick.ege@web.de>
Date: Sat, 1 Jul 2023 13:12:11 +0200
Subject: [PATCH] token check in creatematch

---
 src/highlanderticketing/handler/match.go | 38 +++++++++++++-----------
 src/highlanderticketing/handler/utils.go | 18 +++++++++++
 src/highlanderticketing/main.go          |  5 ++--
 3 files changed, 41 insertions(+), 20 deletions(-)

diff --git a/src/highlanderticketing/handler/match.go b/src/highlanderticketing/handler/match.go
index 5be0140..7930ec7 100644
--- a/src/highlanderticketing/handler/match.go
+++ b/src/highlanderticketing/handler/match.go
@@ -12,11 +12,25 @@ import (
 
 func CreateMatch(w http.ResponseWriter, r *http.Request) {
 	var match *model.Match
-	match, err := getMatch(r)
+	token, err := getBearerToken(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
+	valid, err := service.ValidateGoogleAccessToken(token)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	if valid != true {
+		http.Error(w, err.Error(), http.StatusUnauthorized)
+		return
+	}
+	match, err1 := getMatch(r)
+	if err1 != nil {
+		http.Error(w, err1.Error(), http.StatusBadRequest)
+		return
+	}
 	if err := service.CreateMatch(match); err != nil {
 		log.Errorf("Error calling service CreateMatch: %v", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -25,7 +39,7 @@ func CreateMatch(w http.ResponseWriter, r *http.Request) {
 	sendJson(w, match)
 }
 
-// noch testen
+// noch testen schauen ob ich das brauche
 /*func CreateMatches(w http.ResponseWriter, r *http.Request) {
 	var match *model.Match
 	match, err := getMatch(r)
@@ -107,8 +121,8 @@ func DeleteMatch(w http.ResponseWriter, r *http.Request) {
 	sendJson(w, result{Success: "OK"})
 }
 
-// nur intern
-/*func DeleteAllMatches(w http.ResponseWriter, r *http.Request) {
+// nur intern mit admin
+func DeleteAllMatches(w http.ResponseWriter, r *http.Request) {
 	err := service.DeleteAllMatches()
 	if err != nil {
 		log.Errorf("Match could not be deleted %v", err)
@@ -118,7 +132,8 @@ func DeleteMatch(w http.ResponseWriter, r *http.Request) {
 		log.Infof("Matches deleted")
 	}
 	sendJson(w, result{Success: "OK"})
-}*/
+}
+
 func getMatch(r *http.Request) (*model.Match, error) {
 	var match *model.Match
 	err := json.NewDecoder(r.Body).Decode(&match)
@@ -131,16 +146,3 @@ func getMatch(r *http.Request) (*model.Match, error) {
 	}
 	return match, nil
 }
-
-/*func getMatches(r *http.Request) (*[]model.Match, error){
-	var match model.Match
-	err := json.NewDecoder(r.Body).Decode(&match)
-	if err != nil {
-		log.Errorf("Can't serialize request body to campaign struct: %v", err)
-		return nil, err
-	} else {
-		log.Infof("request body seralized to campaign struct")
-		log.Tracef("body seralized in struct campaign: %v", match)
-	}
-	return &matches, nil
-}*/
diff --git a/src/highlanderticketing/handler/utils.go b/src/highlanderticketing/handler/utils.go
index cca142c..d62e480 100644
--- a/src/highlanderticketing/handler/utils.go
+++ b/src/highlanderticketing/handler/utils.go
@@ -2,7 +2,9 @@ package handler
 
 import (
 	"encoding/json"
+	"fmt"
 	"net/http"
+	"strings"
 
 	"github.com/gorilla/mux"
 	log "github.com/sirupsen/logrus"
@@ -32,3 +34,19 @@ func getID(r *http.Request) (primitive.ObjectID, error) {
 
 	return objectID, nil
 }
+func getBearerToken(r *http.Request) (string, error) {
+	reqToken := r.Header.Get("Authorization")
+	if reqToken == "" {
+		log.Error("no Bearer Token in Request")
+		return "", fmt.Errorf("Please parse in Bearer Token")
+
+	}
+	splitToken := strings.Split(reqToken, "Bearer")
+	if len(splitToken) != 2 {
+		log.Error("Beaerer Token could not be extracted")
+		return "", fmt.Errorf("Can not extract Token")
+	}
+
+	reqToken = strings.TrimSpace(splitToken[1])
+	return reqToken, nil
+}
diff --git a/src/highlanderticketing/main.go b/src/highlanderticketing/main.go
index 12b4c02..ead3896 100644
--- a/src/highlanderticketing/main.go
+++ b/src/highlanderticketing/main.go
@@ -7,6 +7,7 @@ import (
 
 	"github.com/gorilla/mux"
 	log "github.com/sirupsen/logrus"
+	"gitlab.reutlingen-university.de/ege/highlander-ticketing-go-ss2023/src/highlanderticketing/api"
 	"gitlab.reutlingen-university.de/ege/highlander-ticketing-go-ss2023/src/highlanderticketing/db"
 	"gitlab.reutlingen-university.de/ege/highlander-ticketing-go-ss2023/src/highlanderticketing/handler"
 	"gitlab.reutlingen-university.de/ege/highlander-ticketing-go-ss2023/src/highlanderticketing/model"
@@ -18,8 +19,8 @@ func main() {
 	var userArray []model.User
 	userArray, _ = service.GetAllUsers()
 	fmt.Println(userArray)
-	//service.DeleteAllMatches()
-	//api.GetMatchesOfApiToDb("https://api.openligadb.de/getmatchesbyteamid/16/5/0")
+	service.DeleteAllMatches()
+	api.GetMatchesOfApiToDb("https://api.openligadb.de/getmatchesbyteamid/16/5/0")
 	//init db
 	_, err := db.GetMongoClient()
 	if err != nil {
-- 
GitLab