Add delete

Reviewed-on: #6

.woodpecker.yml

@@ -2,8 +2,8 @@ pipeline:
   test:
     image: golang:latest
     commands:
-      - go build ./cmd/client/client.go
+      - go build -o gpaste-client ./cmd/client/client.go
-      - go build ./cmd/server/server.go
+      - go build -o gpaste-server ./cmd/server/server.go
       - go test -v ./...
       - go vet ./...
     when:

api/http.go

@@ -37,7 +37,7 @@ func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
 
 	// Create initial user
 	// TODO: Do properly
-	user := &users.User{Username: "admin"}
+	user := &users.User{Username: "admin", Role: users.RoleAdmin}
 	user.SetPassword("admin")
 	srv.Users.Store(user)
 
@@ -49,6 +49,7 @@ func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
 	r.Get("/", srv.HandlerIndex)
 	r.Post("/api/file", srv.HandlerAPIFilePost)
 	r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
+	r.Delete("/api/file/{id}", srv.HandlerAPIFileDelete)
 	r.Post("/api/login", srv.HandlerAPILogin)
 	r.Post("/api/user", srv.HandlerAPIUserCreate)
 	srv.Handler = r
@@ -117,15 +118,27 @@ func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
+func (s *HTTPServer) HandlerAPIFileDelete(w http.ResponseWriter, r *http.Request) {
-	reqID := middleware.GetReqID(r.Context())
+	// TODO: Require auth
-	type resp struct {
+	id := chi.URLParam(r, "id")
-		Message string `json:"message"`
+	if id == "" {
-		ID      string `json:"id"`
+		w.WriteHeader(http.StatusBadRequest)
-		URL     string `json:"url"`
+		return
 	}
 
-	var responses []resp
+	err := s.Files.Delete(id)
+	if err != nil {
+		w.WriteHeader(http.StatusBadRequest)
+		return
+	}
+	reqID := middleware.GetReqID(r.Context())
+	s.Logger.Infow("Deleted file", "id", id, "req_id", reqID)
+}
+
+func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
+	reqID := middleware.GetReqID(r.Context())
+
+	var responses []ResponseAPIFilePost
 
 	if err := r.ParseMultipartForm(1024 * 1024 * 10); err != nil {
 		s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
@@ -149,7 +162,7 @@ func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.R
 		}
 		s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
 
-		responses = append(responses, resp{Message: "OK", ID: f.ID, URL: "TODO"})
+		responses = append(responses, ResponseAPIFilePost{Message: "OK", ID: f.ID, URL: "TODO"})
 
 	}
 
@@ -162,10 +175,7 @@ func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.R
 
 func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
 	reqID := middleware.GetReqID(r.Context())
-	expectedRequest := struct {
+	var expectedRequest RequestAPILogin
-		Username string `json:"username"`
-		Password string `json:"password"`
-	}{}
 	decoder := json.NewDecoder(r.Body)
 	defer r.Body.Close()
 	if err := decoder.Decode(&expectedRequest); err != nil {
@@ -179,9 +189,7 @@ func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	response := struct {
+	response := ResponseAPILogin{
-		Token string `json:"token"`
-	}{
 		Token: token,
 	}
 
@@ -193,17 +201,12 @@ func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-type RequestAPIUserCreate struct {
-	Username string `json:"username"`
-	Password string `json:"password"`
-}
-
 func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request) {
 	reqID := middleware.GetReqID(r.Context())
 	defer r.Body.Close()
 
-	level, err := AuthLevelFromRequest(r)
+	role, err := RoleFromRequest(r)
-	if err != nil || level < gpaste.AuthLevelAdmin {
+	if err != nil || role != users.RoleAdmin {
 		w.WriteHeader(http.StatusUnauthorized)
 		return
 	}
@@ -229,5 +232,6 @@ func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}
+	w.WriteHeader(http.StatusAccepted)
 	s.Logger.Infow("Created user.", "req_id", reqID, "remote_addr", r.RemoteAddr, "username", req.Username)
 }

api/http_test.go

@@ -8,11 +8,15 @@ import (
 	"mime/multipart"
 	"net/http"
 	"net/http/httptest"
+	"strings"
 	"testing"
+	"time"
 
 	"git.t-juice.club/torjus/gpaste"
 	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/files"
 	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/uuid"
 )
 
 func TestHandlers(t *testing.T) {
@@ -99,6 +103,42 @@ func TestHandlers(t *testing.T) {
 			}
 		})
 	})
+	t.Run("HandlerAPIFileDelete", func(t *testing.T) {
+		cfg := &gpaste.ServerConfig{
+			SigningSecret: "abc123",
+			Store: &gpaste.ServerStoreConfig{
+				Type: "memory",
+			},
+			URL: "http://localhost:8080",
+		}
+		hs := api.NewHTTPServer(cfg)
+		fileBody := io.NopCloser(strings.NewReader("roflcopter"))
+		file := &files.File{
+			ID:               uuid.NewString(),
+			OriginalFilename: "testpls.txt",
+			MaxViews:         9,
+			ExpiresOn:        time.Now().Add(10 * time.Hour),
+			Body:             fileBody,
+		}
+
+		if err := hs.Files.Store(file); err != nil {
+			t.Fatalf("Error storing file: %s", err)
+		}
+
+		rr := httptest.NewRecorder()
+		url := fmt.Sprintf("/api/file/%s", file.ID)
+		req := httptest.NewRequest(http.MethodDelete, url, nil)
+		hs.Handler.ServeHTTP(rr, req)
+
+		if rr.Result().StatusCode != http.StatusOK {
+			t.Fatalf("Delete returned wrong status: %s", rr.Result().Status)
+		}
+
+		if _, err := hs.Files.Get(file.ID); err == nil {
+			t.Errorf("Getting after delete returned no error")
+		}
+
+	})
 	t.Run("HandlerAPILogin", func(t *testing.T) {
 		// TODO: Add test
 		username := "admin"

api/json.go

@@ -0,0 +1,20 @@
+package api
+
+type RequestAPIUserCreate struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type RequestAPILogin struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type ResponseAPILogin struct {
+	Token string `json:"token"`
+}
+type ResponseAPIFilePost struct {
+	Message string `json:"message"`
+	ID      string `json:"id"`
+	URL     string `json:"url"`
+}

api/middleware.go

@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"git.t-juice.club/torjus/gpaste"
+	"git.t-juice.club/torjus/gpaste/users"
 	"github.com/go-chi/chi/v5/middleware"
 )
 
@@ -16,6 +17,7 @@ type authCtxKey int
 const (
 	authCtxUsername authCtxKey = iota
 	authCtxAuthLevel
+	authCtxClaims
 )
 
 func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
@@ -66,9 +68,10 @@ func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
 		}
 
 		ctx := context.WithValue(r.Context(), authCtxUsername, claims.Subject)
-		ctx = context.WithValue(ctx, authCtxAuthLevel, gpaste.AuthLevelUser)
+		ctx = context.WithValue(ctx, authCtxAuthLevel, claims.Role)
+		ctx = context.WithValue(ctx, authCtxClaims, claims)
 		withCtx := r.WithContext(ctx)
-		s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject)
+		s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject, "role", claims.Role)
 
 		next.ServeHTTP(w, withCtx)
 	}
@@ -79,7 +82,6 @@ func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
 func UsernameFromRequest(r *http.Request) (string, error) {
 	rawUsername := r.Context().Value(authCtxUsername)
 	if rawUsername == nil {
-
 		return "", fmt.Errorf("no username")
 	}
 	username, ok := rawUsername.(string)
@@ -89,14 +91,26 @@ func UsernameFromRequest(r *http.Request) (string, error) {
 	return username, nil
 }
 
-func AuthLevelFromRequest(r *http.Request) (gpaste.AuthLevel, error) {
+func RoleFromRequest(r *http.Request) (users.Role, error) {
 	rawLevel := r.Context().Value(authCtxAuthLevel)
 	if rawLevel == nil {
-		return gpaste.AuthLevelUnset, fmt.Errorf("no username")
+		return users.RoleUnset, fmt.Errorf("no username")
 	}
-	level, ok := rawLevel.(gpaste.AuthLevel)
+	level, ok := rawLevel.(users.Role)
 	if !ok {
-		return gpaste.AuthLevelUnset, fmt.Errorf("no username")
+		return users.RoleUnset, fmt.Errorf("no username")
 	}
 	return level, nil
 }
+
+func ClaimsFromRequest(r *http.Request) *gpaste.Claims {
+	rawClaims := r.Context().Value(authCtxAuthLevel)
+	if rawClaims == nil {
+		return nil
+	}
+	claims, ok := rawClaims.(*gpaste.Claims)
+	if !ok {
+		return nil
+	}
+	return claims
+}

auth.go

@@ -9,19 +9,17 @@ import (
 	"github.com/google/uuid"
 )
 
-type AuthLevel int
-
-const (
-	AuthLevelUnset AuthLevel = iota
-	AuthLevelUser
-	AuthLevelAdmin
-)
-
 type AuthService struct {
 	users      users.UserStore
 	hmacSecret []byte
 }
 
+type Claims struct {
+	Role users.Role `json:"role,omitempty"`
+
+	jwt.StandardClaims
+}
+
 func NewAuthService(store users.UserStore, signingSecret []byte) *AuthService {
 	return &AuthService{users: store, hmacSecret: signingSecret}
 }
@@ -37,13 +35,13 @@ func (as *AuthService) Login(username, password string) (string, error) {
 	}
 
 	// TODO: Set iss and aud
-	claims := jwt.StandardClaims{
+	claims := new(Claims)
-		Subject:   user.Username,
+	claims.Subject = user.Username
-		ExpiresAt: time.Now().Add(7 * 24 * time.Hour).Unix(),
+	claims.ExpiresAt = time.Now().Add(7 * 24 * time.Hour).Unix()
-		NotBefore: time.Now().Unix(),
+	claims.NotBefore = time.Now().Unix()
-		IssuedAt:  time.Now().Unix(),
+	claims.IssuedAt = time.Now().Unix()
-		Id:        uuid.NewString(),
+	claims.Id = uuid.NewString()
-	}
+	claims.Role = user.Role
 
 	token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
 	signed, err := token.SignedString(as.hmacSecret)
@@ -54,8 +52,8 @@ func (as *AuthService) Login(username, password string) (string, error) {
 	return signed, nil
 }
 
-func (as *AuthService) ValidateToken(rawToken string) (*jwt.StandardClaims, error) {
+func (as *AuthService) ValidateToken(rawToken string) (*Claims, error) {
-	claims := &jwt.StandardClaims{}
+	claims := &Claims{}
 	token, err := jwt.ParseWithClaims(rawToken, claims, func(t *jwt.Token) (interface{}, error) {
 		return as.hmacSecret, nil
 	})

auth_test.go

@@ -6,6 +6,7 @@ import (
 
 	"git.t-juice.club/torjus/gpaste"
 	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/go-cmp/cmp"
 )
 
 func TestAuth(t *testing.T) {
@@ -17,7 +18,7 @@ func TestAuth(t *testing.T) {
 		username := randomString(8)
 		password := randomString(16)
 
-		user := &users.User{Username: username}
+		user := &users.User{Username: username, Role: users.RoleAdmin}
 		if err := user.SetPassword(password); err != nil {
 			t.Fatalf("error setting user password: %s", err)
 		}
@@ -30,9 +31,13 @@ func TestAuth(t *testing.T) {
 			t.Fatalf("Error creating token: %s", err)
 		}
 
-		if _, err := as.ValidateToken(token); err != nil {
+		claims, err := as.ValidateToken(token)
+		if err != nil {
 			t.Fatalf("Error validating token: %s", err)
 		}
+		if claims.Role != user.Role {
+			t.Fatalf("Token role is not correct: %s", cmp.Diff(claims.Role, user.Role))
+		}
 		invalidToken := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDMyMjk3NjMsImp0aSI6ImUzNDk5NWI1LThiZmMtNDQyNy1iZDgxLWFmNmQ3OTRiYzM0YiIsImlhdCI6MTY0MjYyNDk2MywibmJmIjoxNjQyNjI0OTYzLCJzdWIiOiJYdE5Hemt5ZSJ9.VM6dkwSLaBv8cStkWRVVv9ADjdUrHGHrlB7GB7Ly7n8`
 		if _, err := as.ValidateToken(invalidToken); err == nil {
 			t.Fatalf("Invalid token passed validation")

client/client.go

@@ -0,0 +1,226 @@
+package client
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"mime/multipart"
+	"net/http"
+	"os"
+	"path/filepath"
+	"time"
+
+	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/files"
+	"github.com/google/uuid"
+	"github.com/kirsle/configdir"
+)
+
+type Client struct {
+	BaseURL   string `json:"base_url"`
+	AuthToken string `json:"auth_token"`
+
+	httpClient http.Client
+}
+
+func (c *Client) WriteConfigToWriter(w io.Writer) error {
+	encoder := json.NewEncoder(w)
+	return encoder.Encode(c)
+}
+func (c *Client) WriteConfig() error {
+	dir := configdir.LocalConfig("gpaste")
+	// Ensure dir exists
+	err := os.MkdirAll(dir, os.ModePerm)
+	if err != nil {
+		return err
+	}
+	path := filepath.Join(dir, "client.json")
+	f, err := os.Create(path)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return c.WriteConfigToWriter(f)
+}
+
+func (c *Client) LoadConfig() error {
+	dir := configdir.LocalCache("gpaste")
+	path := filepath.Join(dir, "client.json")
+	f, err := os.Open(path)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return c.LoadConfigFromReader(f)
+}
+
+func (c *Client) LoadConfigFromReader(r io.Reader) error {
+	decoder := json.NewDecoder(r)
+	return decoder.Decode(c)
+}
+
+func (c *Client) Login(ctx context.Context, username, password string) error {
+	url := fmt.Sprintf("%s/api/login", c.BaseURL)
+	// TODO: Change timeout
+	ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
+	defer cancel()
+
+	body := new(bytes.Buffer)
+	requestData := api.RequestAPILogin{
+		Username: username,
+		Password: password,
+	}
+	encoder := json.NewEncoder(body)
+	if err := encoder.Encode(&requestData); err != nil {
+		return fmt.Errorf("error encoding response: %w", err)
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
+	if err != nil {
+		return fmt.Errorf("error creating request: %w", err)
+	}
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("unable to perform request: %s", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	var responseData api.ResponseAPILogin
+
+	decoder := json.NewDecoder(resp.Body)
+	if err := decoder.Decode(&responseData); err != nil {
+		return fmt.Errorf("unable to parse response: %s", err)
+	}
+	c.AuthToken = responseData.Token
+
+	return nil
+}
+
+func (c *Client) UserCreate(ctx context.Context, username, password string) error {
+	url := fmt.Sprintf("%s/api/user", c.BaseURL)
+	body := new(bytes.Buffer)
+
+	requestData := &api.RequestAPIUserCreate{
+		Username: username,
+		Password: password,
+	}
+	encoder := json.NewEncoder(body)
+	if err := encoder.Encode(requestData); err != nil {
+		return fmt.Errorf("error encoding response: %w", err)
+	}
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
+	if err != nil {
+		return fmt.Errorf("error creating request: %w", err)
+	}
+
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("unable to perform request: %s", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusAccepted {
+		return fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	return nil
+}
+
+func (c *Client) Download(ctx context.Context, id string) (io.ReadCloser, error) {
+	url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
+	if err != nil {
+		return nil, fmt.Errorf("error creating request: %w", err)
+	}
+
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("unable to perform request: %s", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	return resp.Body, nil
+}
+
+func (c *Client) Upload(ctx context.Context, files ...*files.File) ([]api.ResponseAPIFilePost, error) {
+	url := fmt.Sprintf("%s/api/file", c.BaseURL)
+	client := &http.Client{}
+
+	// TODO: Change timeout
+	ctx, cancel := context.WithTimeout(ctx, 10*time.Minute)
+	defer cancel()
+
+	// TODO: Improve buffering
+	buf := &bytes.Buffer{}
+	mw := multipart.NewWriter(buf)
+
+	for _, file := range files {
+		fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), file.OriginalFilename)
+		if err != nil {
+			return nil, err
+		}
+		if _, err := io.Copy(fw, file.Body); err != nil {
+			return nil, err
+		}
+		file.Body.Close()
+	}
+	mw.Close()
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Add("Content-Type", mw.FormDataContentType())
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var expectedResp []api.ResponseAPIFilePost
+
+	decoder := json.NewDecoder(resp.Body)
+	if err := decoder.Decode(&expectedResp); err != nil {
+		return nil, fmt.Errorf("error decoding response: %w", err)
+	}
+
+	return expectedResp, nil
+}
+
+func (c *Client) Delete(ctx context.Context, id string) error {
+	url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodDelete, url, nil)
+	if err != nil {
+		return fmt.Errorf("error creating request: %w", err)
+	}
+
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("unable to perform request: %s", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	return nil
+}

client/client_test.go

@@ -0,0 +1,194 @@
+package client_test
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"io"
+	"net"
+	"strings"
+	"testing"
+	"time"
+
+	"git.t-juice.club/torjus/gpaste"
+	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/client"
+	"git.t-juice.club/torjus/gpaste/files"
+	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/cmpopts"
+	"github.com/google/uuid"
+)
+
+func TestClient(t *testing.T) {
+	listener, err := net.Listen("tcp", ":0")
+	if err != nil {
+		panic(err)
+	}
+
+	port := listener.Addr().(*net.TCPAddr).Port
+	cfg := &gpaste.ServerConfig{
+		LogLevel:      "ERROR",
+		URL:           fmt.Sprintf("http://localhost:%d", port),
+		SigningSecret: "TEST",
+		Store:         &gpaste.ServerStoreConfig{Type: "memory"},
+	}
+
+	srv := api.NewHTTPServer(cfg)
+
+	go func() {
+		srv.Serve(listener)
+	}()
+
+	t.Cleanup(func() {
+		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+		defer cancel()
+		srv.Shutdown(ctx)
+		listener.Close()
+	})
+
+	// Add users
+	username := "admin"
+	password := "admin"
+	user := &users.User{
+		Username: username,
+		Role:     users.RoleAdmin,
+	}
+	if err := user.SetPassword(password); err != nil {
+		t.Fatalf("Error setting password: %s", err)
+	}
+	if err := srv.Users.Store(user); err != nil {
+		t.Fatalf("Error storing user: %s", err)
+	}
+
+	t.Run("Login", func(t *testing.T) {
+		client := client.Client{BaseURL: cfg.URL}
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		if err := client.Login(ctx, username, password); err != nil {
+			t.Fatalf("Error logging in: %s", err)
+		}
+
+		claims, err := srv.Auth.ValidateToken(client.AuthToken)
+		if err != nil {
+			t.Errorf("unable to get claims from token: %s", err)
+		}
+
+		if claims.Role != user.Role {
+			t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Role, user.Role))
+		}
+		if claims.Subject != username {
+			t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Subject, username))
+		}
+
+		t.Run("UserCreate", func(t *testing.T) {
+			ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+			defer cancel()
+			username := "user"
+			password := "user"
+
+			if err := client.UserCreate(ctx, username, password); err != nil {
+				t.Fatalf("Error creating user: %s", err)
+			}
+
+			user, err := srv.Users.Get(username)
+			if err != nil {
+				t.Fatalf("Error getting new user: %s", err)
+			}
+
+			if user.Username != username {
+				t.Errorf("Username does not match.")
+			}
+			if err := user.ValidatePassword(password); err != nil {
+				t.Errorf("Unable to validate password: %s", err)
+			}
+		})
+	})
+	t.Run("Upload", func(t *testing.T) {
+		client := client.Client{BaseURL: cfg.URL}
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		fileContents := "this is the test file"
+		fileBody := io.NopCloser(strings.NewReader(fileContents))
+		file := &files.File{
+			OriginalFilename: "filename.txt",
+			Body:             fileBody,
+		}
+
+		resp, err := client.Upload(ctx, file)
+		if err != nil {
+			t.Fatalf("Error uploading: %s", err)
+		}
+
+		retrieved, err := srv.Files.Get(resp[0].ID)
+		if err != nil {
+			t.Fatalf("Error getting uploaded file from store: %s", err)
+		}
+		defer retrieved.Body.Close()
+
+		buf := new(strings.Builder)
+		if _, err := io.Copy(buf, retrieved.Body); err != nil {
+			t.Fatalf("error reading body from store: %s", err)
+		}
+		if buf.String() != fileContents {
+			t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
+		}
+	})
+	t.Run("Download", func(t *testing.T) {
+		client := client.Client{BaseURL: cfg.URL}
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		fileContents := "this is the test file"
+		fileBody := io.NopCloser(strings.NewReader(fileContents))
+		file := &files.File{
+			ID:               uuid.NewString(),
+			OriginalFilename: "filename.txt",
+			Body:             fileBody,
+		}
+
+		if err := srv.Files.Store(file); err != nil {
+			t.Fatalf("Error putting file in store: %s", err)
+		}
+
+		body, err := client.Download(ctx, file.ID)
+		if err != nil {
+			t.Fatalf("Error uploading: %s", err)
+		}
+		defer body.Close()
+
+		buf := new(strings.Builder)
+		if _, err := io.Copy(buf, body); err != nil {
+			t.Fatalf("error reading body from store: %s", err)
+		}
+		if buf.String() != fileContents {
+			t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
+		}
+	})
+	t.Run("Save", func(t *testing.T) {
+		c := client.Client{BaseURL: "http://example.org/gpaste", AuthToken: "tokenpls"}
+		expectedConfig := "{\"base_url\":\"http://example.org/gpaste\",\"auth_token\":\"tokenpls\"}\n"
+		buf := new(bytes.Buffer)
+		err := c.WriteConfigToWriter(buf)
+		if err != nil {
+			t.Fatalf("Error writing config: %s", err)
+		}
+
+		if diff := cmp.Diff(buf.String(), expectedConfig); diff != "" {
+			t.Errorf("Written config does not match expected: %s", diff)
+		}
+	})
+	t.Run("Load", func(t *testing.T) {
+		c := client.Client{}
+		config := "{\"base_url\":\"http://pasta.example.org\",\"auth_token\":\"tokenpls\"}\n"
+		expectedClient := client.Client{BaseURL: "http://pasta.example.org", AuthToken: "tokenpls"}
+		sr := strings.NewReader(config)
+		if err := c.LoadConfigFromReader(sr); err != nil {
+			t.Fatalf("Error reading config: %s", err)
+		}
+
+		if diff := cmp.Diff(c, expectedClient, cmpopts.IgnoreUnexported(client.Client{})); diff != "" {
+			t.Errorf("Client does not match expected: %s", diff)
+		}
+
+	})
+}

cmd/client/actions/actions.go

@@ -1,74 +1,56 @@
 package actions
 
 import (
-	"bytes"
+	"bufio"
 	"context"
-	"encoding/json"
 	"fmt"
-	"io"
-	"mime/multipart"
-	"net/http"
 	"os"
 	"strings"
 	"syscall"
 	"time"
 
-	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/client"
-	"github.com/google/uuid"
+	"git.t-juice.club/torjus/gpaste/files"
 	"github.com/urfave/cli/v2"
 	"golang.org/x/term"
 )
 
 func ActionUpload(c *cli.Context) error {
-	url := fmt.Sprintf("%s/api/file", c.String("url"))
+	clnt := client.Client{
-	client := &http.Client{}
+		BaseURL: c.String("url"),
-	// TODO: Change timeout
+	}
-	ctx, cancel := context.WithTimeout(c.Context, 10*time.Minute)
-	defer cancel()
-
-	buf := &bytes.Buffer{}
-	mw := multipart.NewWriter(buf)
-
 	for _, arg := range c.Args().Slice() {
 		f, err := os.Open(arg)
 		if err != nil {
 			return err
 		}
 		defer f.Close()
-		fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), arg)
+		file := &files.File{
+			OriginalFilename: arg,
+			Body:             f,
+		}
+		resp, err := clnt.Upload(c.Context, file)
 		if err != nil {
-			return err
+			errmsg := fmt.Sprintf("Error uploading file: %s", err)
+			return cli.Exit(errmsg, 1)
 		}
-		if _, err := io.Copy(fw, f); err != nil {
+		fmt.Printf("Uploaded file %s - %s", file.OriginalFilename, resp[0].URL)
-			return err
 	}
-	}
+	return nil
-	mw.Close()
-	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
-	if err != nil {
-		return err
-	}
-	req.Header.Add("Content-Type", mw.FormDataContentType())
-
-	resp, err := client.Do(req)
-	if err != nil {
-		return err
-	}
-	defer resp.Body.Close()
-
-	var expectedResp []struct {
-		Message string `json:"message"`
-		ID      string `json:"id"`
-		URL     string `json:"url"`
 }
 
-	decoder := json.NewDecoder(resp.Body)
+func ActionDelete(c *cli.Context) error {
-	if err := decoder.Decode(&expectedResp); err != nil {
+	clnt := client.Client{
-		return fmt.Errorf("error decoding response: %w", err)
+		BaseURL: c.String("url"),
 	}
-
+	for _, arg := range c.Args().Slice() {
-	for _, r := range expectedResp {
+		ctx, cancel := context.WithTimeout(c.Context, 5*time.Second)
-		fmt.Printf("Uploaded file %s\n", r.ID)
+		defer cancel()
+		if err := clnt.Delete(ctx, arg); err != nil {
+			fmt.Printf("Error deleting file %s\n", arg)
+			fmt.Printf("%s\n", err)
+		}
+		fmt.Printf("Deleted %s\n", arg)
 	}
 	return nil
 }
@@ -83,92 +65,53 @@ func ActionLogin(c *cli.Context) error {
 		return fmt.Errorf("error reading password: %w", err)
 	}
 
-	url := fmt.Sprintf("%s/api/login", c.String("url"))
+	clnt := client.Client{
-	client := &http.Client{}
+		BaseURL: c.String("url"),
-	// TODO: Change timeout
-	ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
-	defer cancel()
-
-	body := new(bytes.Buffer)
-	requestData := struct {
-		Username string `json:"username"`
-		Password string `json:"password"`
-	}{
-		Username: username,
-		Password: password,
 	}
-	encoder := json.NewEncoder(body)
+	if err := clnt.Login(c.Context, username, password); err != nil {
-	if err := encoder.Encode(&requestData); err != nil {
+		errmsg := fmt.Sprintf("Error logging in: %s", err)
-		return fmt.Errorf("error encoding response: %w", err)
+		return cli.Exit(errmsg, 1)
 	}
-	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
+	if err := clnt.WriteConfig(); err != nil {
-	if err != nil {
+		errMsg := fmt.Sprintf("Failed to write config: %s", err)
-		return fmt.Errorf("error creating request: %w", err)
+		return cli.Exit(errMsg, 1)
 	}
-
+	// TODO: Store this somewhere, so we don't need to log in each time
-	resp, err := client.Do(req)
+	fmt.Println("Successfully logged in.")
-	if err != nil {
-		return fmt.Errorf("unable to perform request: %s", err)
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusOK {
-		return cli.Exit("got non-ok response from server", 0)
-	}
-
-	responseData := struct {
-		Token string `json:"token"`
-	}{}
-
-	decoder := json.NewDecoder(resp.Body)
-	if err := decoder.Decode(&responseData); err != nil {
-		return fmt.Errorf("unable to parse response: %s", err)
-	}
-
-	fmt.Printf("Token: %s", responseData.Token)
 
 	return nil
 }
 
 func ActionUserCreate(c *cli.Context) error {
 	// TODO: Needs to supply auth token to actually work
-	username := c.Args().First()
+	fmt.Println("Need to be logged in to create user")
-	if username == "" {
+	username := readString("Enter username: ")
-		return cli.Exit("USERNAME not supplied.", 1)
-	}
 	password, err := readPassword()
 	if err != nil {
 		return fmt.Errorf("error reading password: %w", err)
 	}
 
-	url := fmt.Sprintf("%s/api/user", c.String("url"))
+	clnt := client.Client{
-	client := &http.Client{}
+		BaseURL: c.String("url"),
-	// TODO: Change timeout
+	}
 	ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
 	defer cancel()
 
-	body := new(bytes.Buffer)
+	if err := clnt.Login(ctx, username, password); err != nil {
-	requestData := &api.RequestAPIUserCreate{
+		errmsg := fmt.Sprintf("Error logging in: %s", err)
-		Username: username,
+		return cli.Exit(errmsg, 1)
-		Password: password,
-	}
-	encoder := json.NewEncoder(body)
-	if err := encoder.Encode(requestData); err != nil {
-		return fmt.Errorf("error encoding response: %w", err)
-	}
-	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
-	if err != nil {
-		return fmt.Errorf("error creating request: %w", err)
 	}
 
-	resp, err := client.Do(req)
+	fmt.Println("User to create:")
+	username = readString("Enter username: ")
+	password, err = readPassword()
 	if err != nil {
-		return fmt.Errorf("unable to perform request: %s", err)
+		return fmt.Errorf("error reading password: %w", err)
 	}
-	defer resp.Body.Close()
 
-	if resp.StatusCode != http.StatusAccepted {
+	if err := clnt.UserCreate(ctx, username, password); err != nil {
-		return cli.Exit("got non-ok response from server", 0)
+		errmsg := fmt.Sprintf("Error creating user: %s", err)
+		return cli.Exit(errmsg, 1)
 	}
 
 	fmt.Printf("Created user %s\n", username)
@@ -186,3 +129,12 @@ func readPassword() (string, error) {
 	password := string(bytePassword)
 	return strings.TrimSpace(password), nil
 }
+
+func readString(prompt string) string {
+	fmt.Print(prompt)
+	scanner := bufio.NewScanner(os.Stdin)
+	for scanner.Scan() {
+		return scanner.Text()
+	}
+	return ""
+}

cmd/client/client.go

@@ -37,6 +37,12 @@ func main() {
 				ArgsUsage: "FILE [FILE]...",
 				Action:    actions.ActionUpload,
 			},
+			{
+				Name:      "delete",
+				Usage:     "Delete file(s)",
+				ArgsUsage: "FILE [FILE]...",
+				Action:    actions.ActionDelete,
+			},
 			{
 				Name:      "login",
 				Usage:     "Login to gpaste server",

go.mod

@@ -9,6 +9,7 @@ require github.com/go-chi/chi/v5 v5.0.7
 require (
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/google/go-cmp v0.5.6
+	github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
 	github.com/pelletier/go-toml v1.9.4
 	github.com/urfave/cli/v2 v2.3.0
 	go.etcd.io/bbolt v1.3.6
@@ -23,4 +24,5 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.7.0 // indirect
 	golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 )

go.sum

@@ -15,6 +15,8 @@ github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
 github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f h1:dKccXx7xA56UNqOcFIbuqFjAWPVtP688j5QMgmo6OHU=
+github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f/go.mod h1:4rEELDSfUAlBSyUjPG0JnaNGjf13JySHFeRdD/3dLP0=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=

users/user.go

@@ -13,7 +13,7 @@ const (
 type User struct {
 	Username       string `json:"username"`
 	HashedPassword []byte `json:"hashed_password"`
-	Roles          []Role `json:"roles"`
+	Role           Role   `json:"role"`
 }
 
 type UserStore interface {

users/userstore_test.go

@@ -20,7 +20,7 @@ func RunUserStoreTest(newFunc func() (func(), users.UserStore), t *testing.T) {
 			passwordMap[username] = password
 			user := &users.User{
 				Username: username,
-				Roles:    []users.Role{users.RoleAdmin},
+				Role:     users.RoleAdmin,
 			}
 			if err := user.SetPassword(password); err != nil {
 				t.Fatalf("Error setting password: %s", err)