decor-by-hannahs/website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5d7f0a8eb3e322e7be33847e43a2dd8bdfb7e14b
website/internal/handlers/booking.go
tumillanino 5d7f0a8eb3 fixed some login and booking bugs
2025-10-28 13:36:05 +11:00

146 lines
4.0 KiB
Go
Raw Blame History

package handlers
import (
"database/sql"
"encoding/json"
"html/template"
"net/http"
"regexp"
"strings"
"time"
ory "github.com/ory/client-go"
"decor-by-hannahs/internal/db"
)
func validateAustralianAddress(address string) (bool, string) {
if len(strings.TrimSpace(address)) < 10 {
return false, "Address is too short. Please provide a complete address."
}
australianStates := []string{"NSW", "VIC", "QLD", "SA", "WA", "TAS", "NT", "ACT"}
hasState := false
upperAddress := strings.ToUpper(address)
for _, state := range australianStates {
if strings.Contains(upperAddress, state) {
hasState = true
break
}
}
postcodePattern := regexp.MustCompile(`\b\d{4}\b`)
hasPostcode := postcodePattern.MatchString(address)
if !hasState && !hasPostcode {
return false, "Please include an Australian state (NSW, VIC, QLD, etc.) and postcode in your address."
}
if !hasState {
return false, "Please include an Australian state (NSW, VIC, QLD, SA, WA, TAS, NT, or ACT) in your address."
}
if !hasPostcode {
return false, "Please include a 4-digit postcode in your address."
}
return true, ""
}
func BookingPageHandler(q *db.Queries, tmpl *template.Template, oryClient *ory.APIClient) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
type data struct {
Title string
ActivePage string
Authenticated bool
OryLoginURL string
}
if err := tmpl.ExecuteTemplate(w, "booking.tmpl", data{
Title: "Book a Service",
ActivePage: "booking",
Authenticated: isAuthenticated(r, oryClient),
OryLoginURL: "/login",
}); err != nil {
http.Error(w, "Failed to render page", http.StatusInternalServerError)
return
}
}
}
func BookingAPIHandler(q *db.Queries, tmpl *template.Template, oryClient *ory.APIClient) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method is not allowed", http.StatusMethodNotAllowed)
return
}
cookies := r.Header.Get("Cookie")
session, _, err := oryClient.FrontendAPI.ToSession(r.Context()).Cookie(cookies).Execute()
if err != nil || session == nil || session.Active == nil || !*session.Active {
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
email := getEmailFromSession(session)
if email == "" {
http.Error(w, "No email in session", http.StatusBadRequest)
return
}
oryID := sql.NullString{String: session.Identity.Id, Valid: true}
user, err := q.GetUserByOryID(r.Context(), oryID)
if err != nil {
user, err = q.CreateUser(r.Context(), db.CreateUserParams{
Email: email,
OryIdentityID: oryID,
})
if err != nil {
http.Error(w, "Failed to get or create user", http.StatusInternalServerError)
return
}
}
var in struct {
ServiceOption string `json:"service_option"`
EventType string `json:"event_type"`
EventDate string `json:"event_date"`
Address string `json:"address"`
Notes string `json:"notes"`
}
if err := json.NewDecoder(r.Body).Decode(&in); err != nil {
http.Error(w, "Bad request", http.StatusBadRequest)
return
}
if valid, msg := validateAustralianAddress(in.Address); !valid {
http.Error(w, msg, http.StatusBadRequest)
return
}
eventTime, err := time.Parse(time.RFC3339, in.EventDate)
if err != nil {
http.Error(w, "Invalid date", http.StatusBadRequest)
return
}
userID := sql.NullInt64{Int64: user.ID, Valid: true}
booking, err := q.CreateBooking(r.Context(), db.CreateBookingParams{
UserID: userID,
ServiceID: sql.NullInt64{},
EventDate: eventTime,
Address: sqlNullString(in.Address),
Notes: sqlNullString(in.Notes),
Status: sql.NullString{String: "pending", Valid: true},
ServiceOption: sqlNullString(in.ServiceOption),
EventType: sqlNullString(in.EventType),
})
if err != nil {
http.Error(w, "Failed to create booking", http.StatusInternalServerError)
return
}
writeJSON(w, booking)
}
}
Reference in New Issue View Git Blame Copy Permalink