From 4a017b0f32ba174f230fb300a55bd25a38441d4e Mon Sep 17 00:00:00 2001
From: maru <maru@myyahoo.com>
Date: Sun, 21 Apr 2024 16:52:26 -0400
Subject: [PATCH] Clean up recent API changes

---
 api/common.go    | 31 ++++++++++----------
 api/endpoints.go | 73 +++++++++++++++++-------------------------------
 2 files changed, 42 insertions(+), 62 deletions(-)

diff --git a/api/common.go b/api/common.go
index afe494c..c93ab03 100644
--- a/api/common.go
+++ b/api/common.go
@@ -15,18 +15,27 @@ func Init() {
 	daily.Init()
 }
 
-func getUsernameFromRequest(r *http.Request) (string, error) {
+func getTokenFromRequest(r *http.Request) ([]byte, error) {
 	if r.Header.Get("Authorization") == "" {
-		return "", fmt.Errorf("missing token")
+		return nil, fmt.Errorf("missing token")
 	}
 
 	token, err := base64.StdEncoding.DecodeString(r.Header.Get("Authorization"))
 	if err != nil {
-		return "", fmt.Errorf("failed to decode token: %s", err)
+		return nil, fmt.Errorf("failed to decode token: %s", err)
 	}
-
+	
 	if len(token) != account.TokenSize {
-		return "", fmt.Errorf("invalid token length: got %d, expected %d", len(token), account.TokenSize)
+		return nil, fmt.Errorf("invalid token length: got %d, expected %d", len(token), account.TokenSize)
+	}
+
+	return token, nil
+}
+
+func getUsernameFromRequest(r *http.Request) (string, error) {
+	token, err := getTokenFromRequest(r)
+	if err != nil {
+		return "", err
 	}
 
 	username, err := db.FetchUsernameFromToken(token)
@@ -38,17 +47,9 @@ func getUsernameFromRequest(r *http.Request) (string, error) {
 }
 
 func getUUIDFromRequest(r *http.Request) ([]byte, error) {
-	if r.Header.Get("Authorization") == "" {
-		return nil, fmt.Errorf("missing token")
-	}
-
-	token, err := base64.StdEncoding.DecodeString(r.Header.Get("Authorization"))
+	token, err := getTokenFromRequest(r)
 	if err != nil {
-		return nil, fmt.Errorf("failed to decode token: %s", err)
-	}
-
-	if len(token) != account.TokenSize {
-		return nil, fmt.Errorf("invalid token length: got %d, expected %d", len(token), account.TokenSize)
+		return nil, err
 	}
 
 	uuid, err := db.FetchUUIDFromToken(token)
diff --git a/api/endpoints.go b/api/endpoints.go
index 82850da..7492f4d 100644
--- a/api/endpoints.go
+++ b/api/endpoints.go
@@ -189,76 +189,55 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 
 		var token []byte
-		token, err = base64.StdEncoding.DecodeString(r.Header.Get("Authorization"))
+		token, err = getTokenFromRequest(r)
 		if err != nil {
-			httpError(w, r, fmt.Errorf("failed to decode token: %s", err), http.StatusBadRequest)
+			httpError(w, r, err, http.StatusBadRequest)
 			return
 		}
 
-		switch r.URL.Path {
-		case "/savedata/get":
+		var active bool
+		if r.URL.Path == "/savedata/get" {
 			err = db.UpdateActiveSession(uuid, token)
 			if err != nil {
-				httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusInternalServerError)
-				return
-			}
-
-			save, err = savedata.Get(uuid, datatype, slot)
-		case "/savedata/update":
-			var token []byte
-			token, err = base64.StdEncoding.DecodeString(r.Header.Get("Authorization"))
-			if err != nil {
-				httpError(w, r, fmt.Errorf("failed to decode token: %s", err), http.StatusBadRequest)
+				httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusBadRequest)
 				return
 			}
-
-			var active bool
+		} else {
 			active, err = db.IsActiveSession(token)
 			if err != nil {
-				httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError)
+				httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusBadRequest)
 				return
 			}
-			if !active {
+
+			// TODO: make this not suck
+			if !active && r.URL.Path != "/savedata/clear"{
 				httpError(w, r, fmt.Errorf("session out of date"), http.StatusBadRequest)
 				return
 			}
+		}
 
+		switch r.URL.Path {
+		case "/savedata/get":
+			save, err = savedata.Get(uuid, datatype, slot)
+		case "/savedata/update":
 			err = savedata.Update(uuid, slot, save)
 		case "/savedata/delete":
-			var active bool
-			active, err = db.IsActiveSession(token)
-			if err != nil {
-				httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError)
-				return
-			}
-			if !active {
-				httpError(w, r, fmt.Errorf("session out of date"), http.StatusBadRequest)
-				return
-			}
-
 			err = savedata.Delete(uuid, datatype, slot)
 		case "/savedata/clear":
-			var active bool
-			active, err = db.IsActiveSession(token)
-			if err != nil {
-				httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError)
-				return
+			if !active {
+				// TODO: make this not suck
+				save = savedata.ClearResponse{Error: "session out of date"}
+				break
 			}
 
-			if active {
-				s, ok := save.(defs.SessionSaveData)
-				if !ok {
-					httpError(w, r, fmt.Errorf("save data is not type SessionSaveData"), http.StatusBadRequest)
-					return
-				}
-
-				// doesn't return a save, but it works
-				save, err = savedata.Clear(uuid, slot, daily.Seed(), s)
-			} else {
-				var response savedata.ClearResponse
-				response.Error = "session out of date"
-				save = response
+			s, ok := save.(defs.SessionSaveData)
+			if !ok {
+				err = fmt.Errorf("save data is not type SessionSaveData")
+				break
 			}
+
+			// doesn't return a save, but it works
+			save, err = savedata.Clear(uuid, slot, daily.Seed(), s)
 		}
 		if err != nil {
 			httpError(w, r, err, http.StatusInternalServerError)