ai/routers/sessions.go

package routers

import (
	"encoding/json"
	"fmt"
	"io/ioutil"
	"main/configs"
	"main/models"
	"main/utils"
	"net/http"

	"github.com/google/uuid"
	"github.com/gorilla/mux"
)

// 獲取會話列表
func SessionsGet(w http.ResponseWriter, r *http.Request) {
	var listview models.ListView
	listview.Page = utils.ParamInt(r.URL.Query().Get("page"), 1)
	listview.PageSize = utils.ParamInt(r.URL.Query().Get("pageSize"), 10)
	var session_list []models.Session
	db := configs.ORMDB()
	db.Offset((listview.Page - 1) * listview.PageSize).Limit(listview.PageSize).Find(&session_list)
	for _, session := range session_list {
		listview.List = append(listview.List, session)
	}
	db.Model(&models.Session{}).Count(&listview.Total)
	listview.Next = listview.Page*listview.PageSize < int(listview.Total)
	listview.WriteJSON(w)
}

func GetForm(r *http.Request) (form []interface{}) {
	body, err := ioutil.ReadAll(r.Body)
	if err != nil {
		fmt.Println(err)
		return
	}
	defer r.Body.Close()
	if err = json.Unmarshal(body, &form); err != nil {
		fmt.Println(err)
		return
	}
	return
}

// 創建會話
func SessionsPost(w http.ResponseWriter, r *http.Request) {
	var form struct {
		Email    string `json:"email"`
		Password string `json:"password"`
	}
	body, err := ioutil.ReadAll(r.Body)
	if err != nil {
		fmt.Println(err)
		return
	}
	defer r.Body.Close()
	if err = json.Unmarshal(body, &form); err != nil {
		fmt.Println(err)
		return
	}

	// 使用Email獲取用戶
	var user models.User
	if err := configs.ORMDB().Where("email = ?", form.Email).First(&user).Error; err != nil {
		w.WriteHeader(http.StatusUnauthorized)
		w.Write([]byte("404 - User Not Found"))
		return
	}

	// 使用密碼驗證登錄
	if !user.CheckPassword(form.Password) {
		w.WriteHeader(http.StatusUnauthorized)
		w.Write([]byte("401 - Unauthorized"))
		return
	}

	// 創建會話(生成一個不重複的 uuid 作爲 sid)
	session := &models.Session{ID: uuid.New().String(), UserID: user.ID, UserAgent: r.UserAgent(), IP: r.RemoteAddr}
	if err := configs.ORMDB().Create(session).Error; err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		w.Write([]byte("500 - Internal Server Error"))
		return
	}

	// 寫入Cookie
	cookie := http.Cookie{Name: "session_id", Value: session.ID, Path: "/", HttpOnly: true}
	http.SetCookie(w, &cookie)

	// 返回信息
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.Write(utils.ToJSON(session))
}

// 獲取會話
func SessionsItemGet(w http.ResponseWriter, r *http.Request) {
	session := models.Session{ID: mux.Vars(r)["session_id"]}
	if err := configs.ORMDB().Find(&session).Error; err != nil {
		w.WriteHeader(http.StatusNotFound)
		w.Write([]byte("404 - Not Found"))
		return
	}
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.Write(utils.ToJSON(session))
}

// 更新會話
func SessionsItemPatch(w http.ResponseWriter, r *http.Request) {
	session := models.Session{ID: mux.Vars(r)["session_id"]}
	if err := configs.ORMDB().Model(&session).Updates(GetForm(r)).Error; err != nil {
		w.WriteHeader(http.StatusNotFound)
		w.Write([]byte("404 - Not Found"))
		return
	}
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.Write(utils.ToJSON(session))
}

// 刪除會話
func SessionsItemDelete(w http.ResponseWriter, r *http.Request) {
	// 需要先驗證身份才能執行刪除操作

	// 從Cookie中獲取session_id
	cookie, err := r.Cookie("session_id")
	if err != nil {
		w.WriteHeader(http.StatusUnauthorized)
		w.Write([]byte("401 - 未登錄"))
		return
	}

	// 獲取當前session
	session := models.Session{ID: cookie.Value}
	if err := configs.ORMDB().Find(&session).Error; err != nil {
		w.WriteHeader(http.StatusUnauthorized)
		w.Write([]byte("401 - 會話已過期"))
		return
	}

	// 獲取當前用戶
	user := models.User{ID: session.UserID}
	configs.ORMDB().Find(&user)

	sessionx := models.Session{ID: mux.Vars(r)["session_id"]}
	if err := configs.ORMDB().Find(&sessionx).Error; err != nil {
		w.WriteHeader(http.StatusNotFound)
		w.Write([]byte("404 - Not Found"))
		return
	}

	if user.ID != sessionx.UserID {
		w.WriteHeader(http.StatusUnauthorized)
		w.Write([]byte("401 - 沒有權限"))
		return
	}

	if err := configs.ORMDB().Delete(&sessionx).Error; err != nil {
		w.WriteHeader(http.StatusNotFound)
		w.Write([]byte("404 - Not Found"))
		return
	}
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.Write(utils.ToJSON(sessionx))
}