package API;use strict;use warnings;use Exporter;use JSON;use Try::T

1. package API;
2.  
3. use strict;
4. use warnings;
5. use Exporter;
6. use JSON;
7. use Try::Tiny;
8. use URI::QueryParam;
9. use HTTP::Request;
10. use HTTP::Response;
11. use Path::Resolve;
12. use CGI::Cookie;
13. use Digest::MD5;
14.  
15.  
16. use Database;
17.  
18. our @ISA = qw( Exporter );
19. our @EXPORT = qw( login register posts post comments comment logout );
20.  
21. my $SESSION_DIR = "./sessions";
22. my $json = JSON->new->allow_nonref;
23.  
24. sub get_session_file {
25. my $session_id = shift;
26. my $p = Path::Resolve->new;
27. return $p->join($SESSION_DIR, "${session_id}.sess");
28. }
29.  
30. sub get_user_id_from_request {
31. my $req = shift;
32. my %cookie = CGI::Cookie->parse($req->header("Cookie"));
33. if (exists $cookie{'SESSION_ID'}) {
34. my $session_id = $cookie{'SESSION_ID'}->value;
35. try {
36. open(my $f, get_session_file($session_id));
37. my $session_data = $json->decode(<$f>);
38. return %$session_data{"user_id"};
39. } catch {
40. warn $_;
41. return -1;
42. }
43. } else {
44. return -1;
45. }
46. }
47.  
48. sub get_session_id {
49. my $req = shift;
50. my %cookie = CGI::Cookie->parse($req->header("Cookie"));
51. $cookie{'SESSION_ID'}->value;
52. }
53.  
54. sub set_response {
55. my ($res, $code, %msg) = @_;
56. if (%msg) {
57. $res->add_content($json->encode(\%msg));
58. }
59. $res->header('Content-type', 'application/json');
60. $res->code($code);
61. 1;
62. }
63.  
64. sub set_cookie {
65. my ($user_id, $res) = @_;
66. my $session_id = Digest::MD5::md5_hex(rand);
67. my $cookie = CGI::Cookie->new(-name=>'SESSION_ID',-value=>$session_id);
68. $res->header("Set-Cookie", $cookie->as_string);
69. open(my $f, ">", get_session_file($session_id));
70. my %session_data = ( user_id=>$user_id);
71. print $f $json->encode(\%session_data);
72. }
73.  
74. sub login {
75. my ($req, $res) = @_;
76. if ($req->method ne "POST"){
77. return set_response($res, 400);
78. };
79. my $db = Database->new;
80. try {
81. my $json_data = $json->decode($req->content);
82. my $username = %$json_data{"username"};
83. my $password = %$json_data{"password"};
84. try {
85. my $user_id = $db->get_user_id($username, $password);
86. $db->close;
87. if ($user_id != -1){
88. my %msg = ( "status" => "true" );
89. set_cookie($user_id, $res);
90. return set_response($res, 200, %msg);
91. }
92. return set_response($res, 401);
93. } catch {
94. $db->close;
95. warn $_;
96. return set_response($res, 500);
97. };
98. } catch {
99. warn $_;
100. return set_response($res, 401)
101. }
102. }
103.  
104. sub user_info {
105. my ($req, $res) = @_;
106. my $user_id = get_user_id_from_request($req);
107. if ($user_id == -1){
108. return set_response($res, 401);
109. } else {
110. my $db = Database->new;
111. my %msg = $db->get_user_info($user_id);
112. $db->close;
113. return set_response($res, 200, %msg);
114. }
115. }
116.  
117. sub register {
118. my ($req, $res) = @_;
119. if ($req->method ne "POST"){
120. return set_response($res, 400);
121. };
122. my $db = Database->new;
123. try {
124. my $json_data = $json->decode($req->content);
125. my $username = %$json_data{"username"};
126. my $password = %$json_data{"password"};
127. if ($db->register_user($username, $password)){
128. my %msg = ( "status" => "true" );
129. $db->close;
130. return set_response($res, 200, %msg);
131. } else {
132. $db->close;
133. return set_response($res, 400);
134. }
135. } catch {
136. $db->close;
137. warn $_;
138. return set_response($res, 400);
139. };
140. }
141.  
142. sub post {
143. my ($req, $res) = @_;
144. my $post_id = int $req->uri->query_param('post_id');
145. my $db = Database->new;
146. my %post_data = $db->get_post($post_id);
147. $db->close;
148. if (%post_data) {
149. return set_response($res, 200, %post_data);
150. } else {
151. return set_response($res, 404);
152. }
153. }
154.  
155. sub posts {
156. my ($req, $res) = @_;
157. my $page = int $req->uri->query_param('page');
158. if ($page < 0) {
159. $page = 0;
160. }
161. my $db = Database->new;
162. my @posts = $db->get_posts($page);
163. $db->close;
164. my %msg = ("posts" => @posts);
165. return set_response($res, 200, %msg);
166. }
167.  
168. sub comments {
169. my ($req, $res) = @_;
170. my $page = int $req->uri->query_param('page');
171. my $post_id = int $req->uri->query_param('post_id');
172. if ($page < 0) {
173. $page = 0;
174. }
175. my $db = Database->new;
176. my @comments = $db->get_comments($post_id, $page);
177. $db->close;
178. my %msg = ("comments" => @comments);
179. return set_response($res, 200, %msg);
180. }
181.  
182. sub comment {
183. my ($req, $res) = @_;
184. if ($req->method ne "POST"){
185. return set_response($res, 400);
186. };
187. my $user_id = get_user_id_from_request($req);
188. if ($user_id == -1) {
189. return set_response($res, 401);
190. } else {
191. my $db = Database->new;
192. try {
193. my $json_data = $json->decode($req->content);
194. my $post_id = %$json_data{"post_id"};
195. my $content = %$json_data{"content"};
196. if ($db->save_comment($user_id, $post_id, $content)){
197. my %msg = ( "status" => "true" );
198. $db->close;
199. return set_response($res, 200, %msg);
200. } else {
201. $db->close;
202. return set_response($res, 400);
203. }
204. } catch {
205. $db->close;
206. warn $_;
207. return set_response($res, 400);
208. };
209. }
210. }
211.  
212. sub logout {
213. my ($req, $res) = @_;
214. my $session_id = get_session_id($req);
215. if ($session_id){
216. unlink(get_session_file($session_id));
217. }
218. return set_response($res, 200);
219. }
220.  
221. 1;