Fix typo in pipeline

Reviewed-on: #6

.golangci.yml

@@ -0,0 +1,35 @@
+run:
+  tests: false
+linters:
+  enable:
+    - deadcode
+    - errcheck
+    - gosimple
+    - govet
+    - ineffassign
+    - staticcheck
+    - structcheck
+    - typecheck
+    - unused
+    - varcheck
+    - gosec
+    - asciicheck
+    - bidichk
+    - bodyclose
+    - gomnd
+    - ifshort
+    - misspell
+    - prealloc
+    - tagliatelle
+    - ireturn
+    - gocritic
+    - whitespace
+    - stylecheck
+    - exportloopref
+    - godot
+    - gofumpt
+
+linters-settings:
+  gomnd:
+    ignored-functions:
+      - "strconv.ParseUint"

.goreleaser.yaml

@@ -6,6 +6,7 @@ before:
     - go mod tidy
     # you may remove this if you don't need go generate
     - go generate ./...
+
 builds:
   - id: "gpaste-client"
     binary: "gpaste"
@@ -28,22 +29,42 @@ builds:
     goarch:
       - amd64
     main: ./cmd/server/server.go
+
 archives:
   - format_overrides:
       - goos: windows
         format: zip
+
 checksum:
   name_template: 'checksums.txt'
+
 snapshot:
   name_template: "{{ incpatch .Version }}-next"
+
 changelog:
   sort: asc
   filters:
     exclude:
       - '^docs:'
       - '^test:'
+
+scoop:
+  url_template: "https://git.t-juice.club/torjus/gpaste/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
+  bucket:
+    owner: torjus
+    name: scoop-tjuice
+    branch: master
+  folder: bucket
+  commit_author:
+    name: ci.t-juice.club
+    email: ci@t-juice.club
+  commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}"
+  homepage: "https://git.t-juice.club/torjus/gpaste"
+  description: "Simple pastebin-style thingie."
+
 gitea_urls:
   api: https://git.t-juice.club/api/v1/
   download: https://git.t-juice.club
+
 env_files:
   gitea_token: gitea_token

.woodpecker.yml

@@ -2,14 +2,22 @@ pipeline:
   test:
     image: golang:latest
     commands:
-      - go build ./cmd/client/client.go
+      - go build -o gpaste-client ./cmd/client/client.go
-      - go build ./cmd/server/server.go
+      - go build -o gpaste-server ./cmd/server/server.go
-      - go test -v ./...
+      - go test -cover -coverprofile="/tmp/cover.out" ./...
+      - go tool cover -func="/tmp/cover.out"
       - go vet ./...
     when:
       branch: master
       event: [push, pull_request, tag, deployment]
 
+  lint:
+    image: golangci/golangci-lint:v1.43.0
+    commands:
+      - golangci-lint run
+    when:
+      event: [push, pull_request]
+
   image-latest:
     image: plugins/docker
     settings:

Dockerfile

@@ -10,4 +10,5 @@ RUN go build -o gpaste-server ./cmd/server/server.go
 FROM alpine:latest
 COPY --from=builder /src/gpaste /bin/gpaste
 COPY --from=builder /src/gpaste-server /bin/gpaste-server
+EXPOSE 8080
 CMD ["/bin/gpaste-server"]

README.md

@@ -0,0 +1,35 @@
+![status-badge](https://ci.t-juice.club/api/badges/torjus/gpaste/status.svg)
+
+# gpaste
+
+Simple pastebin-style webapp.
+
+## Build
+
+### gpaste-server
+
+```text
+go build -o gpaste-server cmd/server/server.go
+```
+
+### gpaste-client
+
+```text
+go build -o gpaste cmd/client/client.go
+```
+
+## Run using docker
+
+### From registry
+
+```text
+docker pull registry.t-juice.club/gpaste:latest
+docker run --rm -it -p 8080:8080 registry.t-juice.club/gpaste:latest
+```
+
+### From Dockerfile
+
+```text
+docker build -t gpaste:latest .
+docker run --rm -it p 8080:8080 gpaste:latest
+```

api/http.go

@@ -4,7 +4,10 @@ import (
 	"encoding/json"
 	"io"
 	"net/http"
+	"path"
+	"strconv"
 	"strings"
+	"time"
 
 	"git.t-juice.club/torjus/gpaste"
 	"git.t-juice.club/torjus/gpaste/files"
@@ -15,6 +18,8 @@ import (
 	"go.uber.org/zap"
 )
 
+const multipartMaxMemory = 1024 * 1024 * 100
+
 type HTTPServer struct {
 	Files        files.FileStore
 	Users        users.UserStore
@@ -30,16 +35,11 @@ func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
 		config:       cfg,
 		Logger:       zap.NewNop().Sugar(),
 		AccessLogger: zap.NewNop().Sugar(),
+		Files:        files.NewMemoryFileStore(),
+		Users:        users.NewMemoryUserStore(),
 	}
-	srv.Files = files.NewMemoryFileStore()
+	signingSecret, _ := uuid.Must(uuid.NewRandom()).MarshalBinary()
-	srv.Users = users.NewMemoryUserStore()
+	srv.Auth = gpaste.NewAuthService(srv.Users, signingSecret)
-	srv.Auth = gpaste.NewAuthService(srv.Users, []byte(srv.config.SigningSecret))
-
-	// Create initial user
-	// TODO: Do properly
-	user := &users.User{Username: "admin"}
-	user.SetPassword("admin")
-	srv.Users.Store(user)
 
 	r := chi.NewRouter()
 	r.Use(middleware.RealIP)
@@ -49,6 +49,7 @@ func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
 	r.Get("/", srv.HandlerIndex)
 	r.Post("/api/file", srv.HandlerAPIFilePost)
 	r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
+	r.Delete("/api/file/{id}", srv.HandlerAPIFileDelete)
 	r.Post("/api/login", srv.HandlerAPILogin)
 	r.Post("/api/user", srv.HandlerAPIUserCreate)
 	srv.Handler = r
@@ -61,10 +62,6 @@ func (s *HTTPServer) HandlerIndex(w http.ResponseWriter, r *http.Request) {
 }
 
 func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request) {
-	f := &files.File{
-		ID:   uuid.Must(uuid.NewRandom()).String(),
-		Body: r.Body,
-	}
 	reqID := middleware.GetReqID(r.Context())
 
 	// Check if multipart form
@@ -73,23 +70,34 @@ func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request)
 		s.processMultiPartFormUpload(w, r)
 		return
 	}
+
+	f := fileFromParams(r)
+	f.ID = uuid.NewString()
+	f.Body = r.Body
+
 	err := s.Files.Store(f)
 	if err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
 		s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
+
 		return
 	}
+
 	s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "remote_addr", r.RemoteAddr)
-	var resp = struct {
+
-		Message string `json:"message"`
+	fileURL := path.Join(s.config.URL, "/api/file", f.ID)
-		ID      string `json:"id"`
+	resp := &ResponseAPIFilePost{
-		URL     string `json:"url"`
-	}{
 		Message: "OK",
-		ID:      f.ID,
+		Files: []ResponseAPIFilePostFiles{
-		URL:     "TODO",
+			{
+				ID:  f.ID,
+				URL: fileURL,
+			},
+		},
 	}
+
 	w.WriteHeader(http.StatusAccepted)
+
 	encoder := json.NewEncoder(w)
 	if err := encoder.Encode(&resp); err != nil {
 		s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
@@ -111,63 +119,81 @@ func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
 	}
 
 	w.WriteHeader(http.StatusOK)
+
 	if _, err := io.Copy(w, f.Body); err != nil {
 		reqID := middleware.GetReqID(r.Context())
 		s.Logger.Warnw("Error writing file to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
 	}
 }
 
+func (s *HTTPServer) HandlerAPIFileDelete(w http.ResponseWriter, r *http.Request) {
+	// TODO: Require auth
+	id := chi.URLParam(r, "id")
+	if id == "" {
+		w.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	if err := s.Files.Delete(id); err != nil {
+		w.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	reqID := middleware.GetReqID(r.Context())
+	s.Logger.Infow("Deleted file", "id", id, "req_id", reqID)
+}
+
 func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
 	reqID := middleware.GetReqID(r.Context())
-	type resp struct {
-		Message string `json:"message"`
-		ID      string `json:"id"`
-		URL     string `json:"url"`
-	}
 
-	var responses []resp
+	var resp ResponseAPIFilePost
 
-	if err := r.ParseMultipartForm(1024 * 1024 * 10); err != nil {
+	if err := r.ParseMultipartForm(multipartMaxMemory); err != nil {
 		s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
 	}
+
 	for k := range r.MultipartForm.File {
 		ff, fh, err := r.FormFile(k)
 		if err != nil {
 			s.Logger.Warnw("Error reading file from multipart form.", "req_id", reqID, "error", err)
 			return
 		}
-		f := &files.File{
+
-			ID:               uuid.Must(uuid.NewRandom()).String(),
+		f := fileFromParams(r)
-			OriginalFilename: fh.Filename,
+		f.ID = uuid.NewString()
-			Body:             ff,
+		f.OriginalFilename = fh.Filename
-		}
+		f.Body = ff
 
 		if err := s.Files.Store(f); err != nil {
 			w.WriteHeader(http.StatusInternalServerError)
 			s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
+
 			return
 		}
+
 		s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
 
-		responses = append(responses, resp{Message: "OK", ID: f.ID, URL: "TODO"})
+		fileURL := path.Join(s.config.URL, "/api/file", f.ID)
-
+		fileResponse := ResponseAPIFilePostFiles{ID: f.ID, URL: fileURL}
+		resp.Files = append(resp.Files, fileResponse)
 	}
 
 	w.WriteHeader(http.StatusAccepted)
 	encoder := json.NewEncoder(w)
-	if err := encoder.Encode(&responses); err != nil {
+
+	if err := encoder.Encode(&resp); err != nil {
 		s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
 	}
 }
 
 func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
 	reqID := middleware.GetReqID(r.Context())
-	expectedRequest := struct {
+
-		Username string `json:"username"`
+	var expectedRequest RequestAPILogin
-		Password string `json:"password"`
+
-	}{}
 	decoder := json.NewDecoder(r.Body)
 	defer r.Body.Close()
+
 	if err := decoder.Decode(&expectedRequest); err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		return
@@ -179,9 +205,7 @@ func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	response := struct {
+	response := ResponseAPILogin{
-		Token string `json:"token"`
-	}{
 		Token: token,
 	}
 
@@ -193,41 +217,86 @@ func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-type RequestAPIUserCreate struct {
-	Username string `json:"username"`
-	Password string `json:"password"`
-}
-
 func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request) {
 	reqID := middleware.GetReqID(r.Context())
 	defer r.Body.Close()
 
-	level, err := AuthLevelFromRequest(r)
+	role, err := RoleFromRequest(r)
-	if err != nil || level < gpaste.AuthLevelAdmin {
+	if err != nil || role != users.RoleAdmin {
 		w.WriteHeader(http.StatusUnauthorized)
 		return
 	}
 
 	var req RequestAPIUserCreate
+
 	decoder := json.NewDecoder(r.Body)
 	if err := decoder.Decode(&req); err != nil {
 		s.Logger.Debugw("Error parsing request.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
 		w.WriteHeader(http.StatusBadRequest)
+
 		return
 	}
 
 	// TODO: Ensure user does not already exist
-	user := &users.User{Username: req.Username}
+	user := &users.User{Username: req.Username, Role: users.RoleUser}
 	if err := user.SetPassword(req.Password); err != nil {
 		s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
 		w.WriteHeader(http.StatusBadRequest)
+
 		return
 	}
 
 	if err := s.Users.Store(user); err != nil {
 		s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
 		w.WriteHeader(http.StatusInternalServerError)
+
 		return
 	}
+
+	w.WriteHeader(http.StatusAccepted)
 	s.Logger.Infow("Created user.", "req_id", reqID, "remote_addr", r.RemoteAddr, "username", req.Username)
 }
+
+func (s *HTTPServer) HandlerAPIUserList(w http.ResponseWriter, r *http.Request) {
+	reqID := middleware.GetReqID(r.Context())
+
+	l, err := s.Users.List()
+	if err != nil {
+		s.Logger.Warnw("Error listing users.", "req_id", reqID, "error", err)
+		w.WriteHeader(http.StatusInternalServerError)
+
+		return
+	}
+
+	encoder := json.NewEncoder(w)
+	if err := encoder.Encode(l); err != nil {
+		s.Logger.Warnw("Error encoding response.", "req_id", "error", err)
+	}
+}
+
+func fileFromParams(r *http.Request) *files.File {
+	const (
+		keyMaxViews  = "max_views"
+		keyExpiresOn = "exp"
+	)
+
+	var f files.File
+
+	q := r.URL.Query()
+
+	if q.Has(keyMaxViews) {
+		views, err := strconv.ParseUint(q.Get(keyMaxViews), 10, 64) // nolint: gomnd
+		if err == nil {
+			f.MaxViews = uint(views)
+		}
+	}
+
+	if q.Has(keyExpiresOn) {
+		exp, err := time.Parse(time.RFC3339, q.Get(keyExpiresOn))
+		if err == nil {
+			f.ExpiresOn = exp
+		}
+	}
+
+	return &f
+}

api/http_test.go

@@ -8,24 +8,30 @@ import (
 	"mime/multipart"
 	"net/http"
 	"net/http/httptest"
+	"strings"
 	"testing"
+	"time"
 
 	"git.t-juice.club/torjus/gpaste"
 	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/files"
 	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/uuid"
 )
 
 func TestHandlers(t *testing.T) {
-	cfg := &gpaste.ServerConfig{
+	//cfg := &gpaste.ServerConfig{
-		SigningSecret: "abc123",
+	//	SigningSecret: "abc123",
-		Store: &gpaste.ServerStoreConfig{
+	//	Store: &gpaste.ServerStoreConfig{
-			Type: "memory",
+	//		Type: "memory",
-		},
+	//	},
-		URL: "http://localhost:8080",
+	//	URL: "http://localhost:8080",
-	}
+	//}
-	hs := api.NewHTTPServer(cfg)
+	//hs := api.NewHTTPServer(cfg)
 
-	t.Run("HandlerIndex", func(t *testing.T) {
+	t.Run("index", func(t *testing.T) {
+		hs := newServer()
 		rr := httptest.NewRecorder()
 		req := httptest.NewRequest(http.MethodGet, "/", nil)
 
@@ -40,107 +46,235 @@ func TestHandlers(t *testing.T) {
 			t.Errorf("Body does not match expected. Got %s want %s", body, expectedBody)
 		}
 	})
-	t.Run("HandlerAPIFilePost", func(t *testing.T) {
+	t.Run("api", func(t *testing.T) {
-		rr := httptest.NewRecorder()
+		t.Run("file", func(t *testing.T) {
-		buf := &bytes.Buffer{}
+			// POST /api/file
-		mw := multipart.NewWriter(buf)
+			t.Run("POST", func(t *testing.T) {
-		fw, err := mw.CreateFormFile("test", "test.txt")
+				hs := newServer()
-		if err != nil {
+				rr := httptest.NewRecorder()
-			t.Fatalf("Unable to create form file: %s", err)
+				buf := &bytes.Buffer{}
-		}
+				mw := multipart.NewWriter(buf)
-		expectedData := "Test OMEGALUL PLS."
+				fw, err := mw.CreateFormFile("test", "test.txt")
-		if _, err := io.WriteString(fw, expectedData); err != nil {
+				if err != nil {
-			t.Fatalf("Unable to write body to buffer: %s", err)
+					t.Fatalf("Unable to create form file: %s", err)
-		}
+				}
-		mw.Close()
+				expectedData := "Test OMEGALUL PLS."
+				if _, err := io.WriteString(fw, expectedData); err != nil {
+					t.Fatalf("Unable to write body to buffer: %s", err)
+				}
+				mw.Close()
 
-		req := httptest.NewRequest(http.MethodPost, "/api/file", buf)
+				req := httptest.NewRequest(http.MethodPost, "/api/file?max_views=99", buf)
-		req.Header.Add("Content-Type", mw.FormDataContentType())
+				req.Header.Add("Content-Type", mw.FormDataContentType())
 
-		hs.Handler.ServeHTTP(rr, req)
+				hs.Handler.ServeHTTP(rr, req)
 
-		if status := rr.Code; status != http.StatusAccepted {
+				if status := rr.Code; status != http.StatusAccepted {
-			t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
+					t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
-		}
+				}
 
-		var expectedResp []struct {
+				var expectedResp api.ResponseAPIFilePost
-			Message string `json:"message"`
-			ID      string `json:"id"`
-			URL     string `json:"url"`
-		}
 
-		decoder := json.NewDecoder(rr.Result().Body)
+				decoder := json.NewDecoder(rr.Result().Body)
-		if err := decoder.Decode(&expectedResp); err != nil {
+				if err := decoder.Decode(&expectedResp); err != nil {
-			t.Fatalf("error decoding response: %s", err)
+					t.Fatalf("error decoding response: %s", err)
-		}
+				}
 
-		if l := len(expectedResp); l != 1 {
+				if l := len(expectedResp.Files); l != 1 {
-			t.Errorf("Response has wrong length. Got %d want %d", l, 1)
+					t.Errorf("Response has wrong length. Got %d want %d", l, 1)
-		}
+				}
 
-		uploadID := expectedResp[0].ID
+				uploadID := expectedResp.Files[0].ID
-		if uploadID == "" {
+				if uploadID == "" {
-			t.Errorf("Response has empty id")
+					t.Errorf("Response has empty id")
-		}
+				}
+
+				retrieved, err := hs.Files.Get(uploadID)
+				if err != nil {
+					t.Errorf("Error retrieving file: %s", err)
+				}
+				defer retrieved.Body.Close()
+				retBuf := new(bytes.Buffer)
+				io.Copy(retBuf, retrieved.Body)
+				if diff := cmp.Diff(retBuf.String(), expectedData); diff != "" {
+					t.Errorf("Retrieved file mismatch: %s", diff)
+				}
+
+				if retrieved.MaxViews != 99 {
+					t.Errorf("Uploaded file has wrong max_views: %d", retrieved.MaxViews)
+				}
+			})
+			// GET /api/file/id
+			t.Run("GET", func(t *testing.T) {
+				hs := newServer()
+				fileData := "abc123456"
+				sr := io.NopCloser(strings.NewReader(fileData))
+				file := &files.File{
+					ID:               uuid.NewString(),
+					OriginalFilename: "test-file.txt",
+					MaxViews:         99,
+					ExpiresOn:        time.Now().Add(90 * time.Second),
+					Body:             sr,
+				}
+				hs.Files.Store(file)
+				rr := httptest.NewRecorder()
+				url := fmt.Sprintf("/api/file/%s", file.ID)
+				req := httptest.NewRequest(http.MethodGet, url, nil)
+
+				hs.Handler.ServeHTTP(rr, req)
+
+				if status := rr.Code; status != http.StatusOK {
+					t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
+					t.Logf(url)
+				}
+				if diff := cmp.Diff(rr.Body.String(), fileData); diff != "" {
+					t.Errorf("Returned body does not match expected: %s", diff)
+				}
+			})
+
+			// DELETE /api/file/id
+			t.Run("DELETE", func(t *testing.T) {
+				hs := newServer()
+				fileBody := io.NopCloser(strings.NewReader("roflcopter"))
+				file := &files.File{
+					ID:               uuid.NewString(),
+					OriginalFilename: "testpls.txt",
+					MaxViews:         9,
+					ExpiresOn:        time.Now().Add(10 * time.Hour),
+					Body:             fileBody,
+				}
+
+				if err := hs.Files.Store(file); err != nil {
+					t.Fatalf("Error storing file: %s", err)
+				}
+
+				rr := httptest.NewRecorder()
+				url := fmt.Sprintf("/api/file/%s", file.ID)
+				req := httptest.NewRequest(http.MethodDelete, url, nil)
+				hs.Handler.ServeHTTP(rr, req)
+
+				if rr.Result().StatusCode != http.StatusOK {
+					t.Fatalf("Delete returned wrong status: %s", rr.Result().Status)
+				}
+
+				if _, err := hs.Files.Get(file.ID); err == nil {
+					t.Errorf("Getting after delete returned no error")
+				}
+			})
+		})
+		// /api/user
+
+		t.Run("user", func(t *testing.T) {
+			t.Run("POST", func(t *testing.T) {
+				hs := newServer()
+				adminPw := "admin"
+				admin := &users.User{
+					Username: "admin",
+					Role:     users.RoleAdmin,
+				}
+				_ = admin.SetPassword(adminPw)
+				_ = hs.Users.Store(admin)
+
+				token, err := hs.Auth.Login(admin.Username, adminPw)
+				if err != nil {
+					t.Fatalf("error getting admin token: %s", err)
+				}
+
+				requestData := &api.RequestAPIUserCreate{
+					Username: "test",
+					Password: "test",
+				}
+				body := new(bytes.Buffer)
+				encoder := json.NewEncoder(body)
+				if err := encoder.Encode(requestData); err != nil {
+					t.Fatalf("Error encoding data: %s", err)
+				}
+
+				rr := httptest.NewRecorder()
+				req := httptest.NewRequest(http.MethodPost, "/api/user", body)
+				req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
+				hs.Handler.ServeHTTP(rr, req)
+
+				if rr.Result().StatusCode != http.StatusAccepted {
+					t.Fatalf("Create returned wrong status: %s", rr.Result().Status)
+				}
+
+				user, err := hs.Users.Get(requestData.Username)
+				if err != nil {
+					t.Fatalf("Unable to get user after create: %s", err)
+				}
+
+				expectedUser := &users.User{
+					Username: requestData.Username,
+					Role:     users.RoleUser,
+				}
+				ignorePW := cmp.FilterPath(func(p cmp.Path) bool {
+					return p.String() == "HashedPassword"
+				}, cmp.Ignore())
+
+				if diff := cmp.Diff(user, expectedUser, ignorePW); diff != "" {
+					t.Errorf("User does not match expected: %s", diff)
+				}
+			})
+		})
+
+		// /api/login
+		t.Run("Login", func(t *testing.T) {
+			hs := newServer()
+			// TODO: Add test
+			username := "admin"
+			password := "admin"
+			user := &users.User{Username: username}
+			if err := user.SetPassword(password); err != nil {
+				t.Fatalf("Error setting user password: %s", err)
+			}
+			if err := hs.Users.Store(user); err != nil {
+				t.Fatalf("Error storing user: %s", err)
+			}
+
+			requestData := struct {
+				Username string `json:"username"`
+				Password string `json:"password"`
+			}{
+				Username: username,
+				Password: password,
+			}
+
+			body := new(bytes.Buffer)
+			encoder := json.NewEncoder(body)
+			if err := encoder.Encode(&requestData); err != nil {
+				t.Fatalf("Error encoding request body: %s", err)
+			}
 
-		t.Run("HandlerAPIFileGet", func(t *testing.T) {
 			rr := httptest.NewRecorder()
-			url := fmt.Sprintf("/api/file/%s", uploadID)
+			req := httptest.NewRequest(http.MethodPost, "/api/login", body)
-			req := httptest.NewRequest(http.MethodGet, url, nil)
 
 			hs.Handler.ServeHTTP(rr, req)
 
-			if status := rr.Code; status != http.StatusOK {
+			responseData := struct {
-				t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
+				Token string `json:"token"`
-				t.Logf(url)
+			}{}
+
+			decoder := json.NewDecoder(rr.Body)
+			if err := decoder.Decode(&responseData); err != nil {
+				t.Fatalf("Error decoding response: %s", err)
 			}
-			if body := rr.Body.String(); body != expectedData {
+
-				t.Errorf("Returned body does not match expected.")
+			if _, err := hs.Auth.ValidateToken(responseData.Token); err != nil {
+				t.Fatalf("Unable to validate received token: %s", err)
 			}
 		})
 	})
-	t.Run("HandlerAPILogin", func(t *testing.T) {
-		// TODO: Add test
-		username := "admin"
-		password := "admin"
-		user := &users.User{Username: username}
-		if err := user.SetPassword(password); err != nil {
-			t.Fatalf("Error setting user password: %s", err)
-		}
-		if err := hs.Users.Store(user); err != nil {
-			t.Fatalf("Error storing user: %s", err)
-		}
 
-		requestData := struct {
+}
-			Username string `json:"username"`
+
-			Password string `json:"password"`
+func newServer() *api.HTTPServer {
-		}{
+	cfg := &gpaste.ServerConfig{
-			Username: username,
+		SigningSecret: "abc123",
-			Password: password,
+		Store: &gpaste.ServerStoreConfig{
-		}
+			Type: "memory",
-
+		},
-		body := new(bytes.Buffer)
+		URL: "http://localhost:8080",
-		encoder := json.NewEncoder(body)
+	}
-		if err := encoder.Encode(&requestData); err != nil {
+	return api.NewHTTPServer(cfg)
-			t.Fatalf("Error encoding request body: %s", err)
-		}
-
-		rr := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodPost, "/api/login", body)
-
-		hs.Handler.ServeHTTP(rr, req)
-
-		responseData := struct {
-			Token string `json:"token"`
-		}{}
-
-		decoder := json.NewDecoder(rr.Body)
-		if err := decoder.Decode(&responseData); err != nil {
-			t.Fatalf("Error decoding response: %s", err)
-		}
-
-		if _, err := hs.Auth.ValidateToken(responseData.Token); err != nil {
-			t.Fatalf("Unable to validate received token: %s", err)
-		}
-	})
 }

api/json.go

@@ -0,0 +1,29 @@
+package api
+
+type RequestAPIUserCreate struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type RequestAPILogin struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type ResponseAPILogin struct {
+	Token string `json:"token"`
+}
+
+type ResponseAPIFilePost struct {
+	Message string                     `json:"message"`
+	Files   []ResponseAPIFilePostFiles `json:"files"`
+}
+
+type ResponseAPIFilePostFiles struct {
+	ID  string `json:"id"`
+	URL string `json:"url"`
+}
+
+type ResponseAPIUserList struct {
+	Usernames []string `json:"usernames"`
+}

api/middleware.go

@@ -8,7 +8,9 @@ import (
 	"time"
 
 	"git.t-juice.club/torjus/gpaste"
+	"git.t-juice.club/torjus/gpaste/users"
 	"github.com/go-chi/chi/v5/middleware"
+	"go.uber.org/zap"
 )
 
 type authCtxKey int
@@ -16,6 +18,7 @@ type authCtxKey int
 const (
 	authCtxUsername authCtxKey = iota
 	authCtxAuthLevel
+	authCtxClaims
 )
 
 func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
@@ -25,50 +28,82 @@ func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
 
 		reqID := middleware.GetReqID(r.Context())
 
+		// TODO: Maybe desugar in HTTPServer to avoid doing for all requests
+		logger := s.AccessLogger.Desugar()
+
 		defer func() {
-			s.AccessLogger.Infow(r.Method,
+			// DEBUG level
-				"path", r.URL.Path,
+			if ce := logger.Check(zap.DebugLevel, r.Method); ce != nil {
-				"status", ww.Status(),
+				ct := r.Header.Get("Content-Type")
-				"written", ww.BytesWritten(),
+				ce.Write(
-				"remote_addr", r.RemoteAddr,
+					zap.String("req_id", reqID),
-				"processing_time_ms", time.Since(t1).Milliseconds(),
+					zap.String("path", r.URL.Path),
-				"req_id", reqID)
+					zap.Int("status", ww.Status()),
+					zap.String("remote_addr", r.RemoteAddr),
+					zap.Int("bytes_written", ww.BytesWritten()),
+					zap.Duration("processing_time", time.Since(t1)),
+					zap.String("content_type", ct),
+					zap.Any("headers", r.Header),
+				)
+			} else {
+				// INFO level
+				if ce := logger.Check(zap.InfoLevel, r.Method); ce != nil {
+					ce.Write(
+						zap.String("req_id", reqID),
+						zap.String("path", r.URL.Path),
+						zap.Int("status", ww.Status()),
+						zap.String("remote_addr", r.RemoteAddr),
+						zap.Int("bytes_written", ww.BytesWritten()),
+						zap.Duration("processing_time", time.Since(t1)),
+					)
+				}
+			}
+
+			_ = logger.Sync()
 		}()
 
 		next.ServeHTTP(ww, r)
 	}
+
 	return http.HandlerFunc(fn)
 }
 
 func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
 	fn := func(w http.ResponseWriter, r *http.Request) {
 		reqID := middleware.GetReqID(r.Context())
+
 		header := r.Header.Get("Authorization")
 		if header == "" {
 			s.Logger.Debugw("Request has no auth header.", "req_id", reqID)
 			next.ServeHTTP(w, r)
+
 			return
 		}
 
 		splitHeader := strings.Split(header, "Bearer ")
-		if len(splitHeader) != 2 {
+		if len(splitHeader) != 2 { // nolint: gomnd
 			s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
 			next.ServeHTTP(w, r)
+
 			return
 		}
+
 		token := splitHeader[1]
 
 		claims, err := s.Auth.ValidateToken(token)
 		if err != nil {
 			s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
 			next.ServeHTTP(w, r)
+
 			return
 		}
 
 		ctx := context.WithValue(r.Context(), authCtxUsername, claims.Subject)
-		ctx = context.WithValue(ctx, authCtxAuthLevel, gpaste.AuthLevelUser)
+		ctx = context.WithValue(ctx, authCtxAuthLevel, claims.Role)
+		ctx = context.WithValue(ctx, authCtxClaims, claims)
 		withCtx := r.WithContext(ctx)
-		s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject)
+
+		s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject, "role", claims.Role)
 
 		next.ServeHTTP(w, withCtx)
 	}
@@ -79,24 +114,41 @@ func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
 func UsernameFromRequest(r *http.Request) (string, error) {
 	rawUsername := r.Context().Value(authCtxUsername)
 	if rawUsername == nil {
-
 		return "", fmt.Errorf("no username")
 	}
+
 	username, ok := rawUsername.(string)
 	if !ok {
 		return "", fmt.Errorf("no username")
 	}
+
 	return username, nil
 }
 
-func AuthLevelFromRequest(r *http.Request) (gpaste.AuthLevel, error) {
+func RoleFromRequest(r *http.Request) (users.Role, error) {
 	rawLevel := r.Context().Value(authCtxAuthLevel)
 	if rawLevel == nil {
-		return gpaste.AuthLevelUnset, fmt.Errorf("no username")
+		return users.RoleUnset, fmt.Errorf("no username")
 	}
-	level, ok := rawLevel.(gpaste.AuthLevel)
+
+	level, ok := rawLevel.(users.Role)
 	if !ok {
-		return gpaste.AuthLevelUnset, fmt.Errorf("no username")
+		return users.RoleUnset, fmt.Errorf("no username")
 	}
+
 	return level, nil
 }
+
+func ClaimsFromRequest(r *http.Request) *gpaste.Claims {
+	rawClaims := r.Context().Value(authCtxAuthLevel)
+	if rawClaims == nil {
+		return nil
+	}
+
+	claims, ok := rawClaims.(*gpaste.Claims)
+	if !ok {
+		return nil
+	}
+
+	return claims
+}

auth.go

@@ -9,19 +9,17 @@ import (
 	"github.com/google/uuid"
 )
 
-type AuthLevel int
-
-const (
-	AuthLevelUnset AuthLevel = iota
-	AuthLevelUser
-	AuthLevelAdmin
-)
-
 type AuthService struct {
 	users      users.UserStore
 	hmacSecret []byte
 }
 
+type Claims struct {
+	Role users.Role `json:"role,omitempty"`
+
+	jwt.StandardClaims
+}
+
 func NewAuthService(store users.UserStore, signingSecret []byte) *AuthService {
 	return &AuthService{users: store, hmacSecret: signingSecret}
 }
@@ -37,15 +35,16 @@ func (as *AuthService) Login(username, password string) (string, error) {
 	}
 
 	// TODO: Set iss and aud
-	claims := jwt.StandardClaims{
+	claims := new(Claims)
-		Subject:   user.Username,
+	claims.Subject = user.Username
-		ExpiresAt: time.Now().Add(7 * 24 * time.Hour).Unix(),
+	claims.ExpiresAt = time.Now().Add(7 * 24 * time.Hour).Unix()
-		NotBefore: time.Now().Unix(),
+	claims.NotBefore = time.Now().Unix()
-		IssuedAt:  time.Now().Unix(),
+	claims.IssuedAt = time.Now().Unix()
-		Id:        uuid.NewString(),
+	claims.Id = uuid.NewString()
-	}
+	claims.Role = user.Role
 
 	token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
+
 	signed, err := token.SignedString(as.hmacSecret)
 	if err != nil {
 		return "", err
@@ -54,14 +53,15 @@ func (as *AuthService) Login(username, password string) (string, error) {
 	return signed, nil
 }
 
-func (as *AuthService) ValidateToken(rawToken string) (*jwt.StandardClaims, error) {
+func (as *AuthService) ValidateToken(rawToken string) (*Claims, error) {
-	claims := &jwt.StandardClaims{}
+	claims := &Claims{}
 	token, err := jwt.ParseWithClaims(rawToken, claims, func(t *jwt.Token) (interface{}, error) {
 		return as.hmacSecret, nil
 	})
 	if err != nil {
 		return nil, err
 	}
+
 	if !token.Valid {
 		return nil, fmt.Errorf("invalid token")
 	}

auth_test.go

@@ -6,6 +6,7 @@ import (
 
 	"git.t-juice.club/torjus/gpaste"
 	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/go-cmp/cmp"
 )
 
 func TestAuth(t *testing.T) {
@@ -17,7 +18,7 @@ func TestAuth(t *testing.T) {
 		username := randomString(8)
 		password := randomString(16)
 
-		user := &users.User{Username: username}
+		user := &users.User{Username: username, Role: users.RoleAdmin}
 		if err := user.SetPassword(password); err != nil {
 			t.Fatalf("error setting user password: %s", err)
 		}
@@ -30,9 +31,13 @@ func TestAuth(t *testing.T) {
 			t.Fatalf("Error creating token: %s", err)
 		}
 
-		if _, err := as.ValidateToken(token); err != nil {
+		claims, err := as.ValidateToken(token)
+		if err != nil {
 			t.Fatalf("Error validating token: %s", err)
 		}
+		if claims.Role != user.Role {
+			t.Fatalf("Token role is not correct: %s", cmp.Diff(claims.Role, user.Role))
+		}
 		invalidToken := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDMyMjk3NjMsImp0aSI6ImUzNDk5NWI1LThiZmMtNDQyNy1iZDgxLWFmNmQ3OTRiYzM0YiIsImlhdCI6MTY0MjYyNDk2MywibmJmIjoxNjQyNjI0OTYzLCJzdWIiOiJYdE5Hemt5ZSJ9.VM6dkwSLaBv8cStkWRVVv9ADjdUrHGHrlB7GB7Ly7n8`
 		if _, err := as.ValidateToken(invalidToken); err == nil {
 			t.Fatalf("Invalid token passed validation")

client/client.go

@@ -0,0 +1,240 @@
+package client
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"mime/multipart"
+	"net/http"
+	"os"
+	"path/filepath"
+	"time"
+
+	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/files"
+	"github.com/google/uuid"
+	"github.com/kirsle/configdir"
+)
+
+const defaultTimeout = 10 * time.Second
+
+type Client struct {
+	BaseURL   string `json:"baseUrl"`
+	AuthToken string `json:"authToken"`
+
+	httpClient http.Client
+}
+
+func (c *Client) WriteConfigToWriter(w io.Writer) error {
+	encoder := json.NewEncoder(w)
+	return encoder.Encode(c)
+}
+
+func (c *Client) WriteConfig() error {
+	dir := configdir.LocalConfig("gpaste")
+	// Ensure dir exists
+	err := os.MkdirAll(dir, os.ModePerm)
+	if err != nil {
+		return err
+	}
+
+	path := filepath.Join(dir, "client.json")
+
+	f, err := os.Create(path)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return c.WriteConfigToWriter(f)
+}
+
+func (c *Client) LoadConfig() error {
+	dir := configdir.LocalCache("gpaste")
+	path := filepath.Join(dir, "client.json")
+
+	f, err := os.Open(path)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return c.LoadConfigFromReader(f)
+}
+
+func (c *Client) LoadConfigFromReader(r io.Reader) error {
+	decoder := json.NewDecoder(r)
+	return decoder.Decode(c)
+}
+
+func (c *Client) Login(ctx context.Context, username, password string) error {
+	url := fmt.Sprintf("%s/api/login", c.BaseURL)
+	// TODO: Change timeout
+	ctx, cancel := context.WithTimeout(ctx, defaultTimeout)
+	defer cancel()
+
+	body := new(bytes.Buffer)
+	requestData := api.RequestAPILogin{
+		Username: username,
+		Password: password,
+	}
+
+	encoder := json.NewEncoder(body)
+	if err := encoder.Encode(&requestData); err != nil {
+		return fmt.Errorf("error encoding response: %w", err)
+	}
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
+	if err != nil {
+		return fmt.Errorf("error creating request: %w", err)
+	}
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("unable to perform request: %s", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	var responseData api.ResponseAPILogin
+
+	decoder := json.NewDecoder(resp.Body)
+	if err := decoder.Decode(&responseData); err != nil {
+		return fmt.Errorf("unable to parse response: %s", err)
+	}
+
+	c.AuthToken = responseData.Token
+
+	return nil
+}
+
+func (c *Client) UserCreate(ctx context.Context, username, password string) error {
+	url := fmt.Sprintf("%s/api/user", c.BaseURL)
+	body := new(bytes.Buffer)
+
+	requestData := &api.RequestAPIUserCreate{
+		Username: username,
+		Password: password,
+	}
+
+	encoder := json.NewEncoder(body)
+	if err := encoder.Encode(requestData); err != nil {
+		return fmt.Errorf("error encoding response: %w", err)
+	}
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
+	if err != nil {
+		return fmt.Errorf("error creating request: %w", err)
+	}
+
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("unable to perform request: %s", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusAccepted {
+		return fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	return nil
+}
+
+func (c *Client) Download(ctx context.Context, id string) (io.ReadCloser, error) {
+	url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
+	if err != nil {
+		return nil, fmt.Errorf("error creating request: %w", err)
+	}
+
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("unable to perform request: %s", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	return resp.Body, nil
+}
+
+func (c *Client) Upload(ctx context.Context, files ...*files.File) (*api.ResponseAPIFilePost, error) {
+	url := fmt.Sprintf("%s/api/file", c.BaseURL)
+	client := &http.Client{}
+
+	// TODO: Change timeout
+	// TODO: Improve buffering
+	buf := &bytes.Buffer{}
+	mw := multipart.NewWriter(buf)
+
+	for _, file := range files {
+		fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), file.OriginalFilename)
+		if err != nil {
+			return nil, err
+		}
+
+		if _, err := io.Copy(fw, file.Body); err != nil {
+			return nil, err
+		}
+
+		file.Body.Close()
+	}
+
+	mw.Close()
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Add("Content-Type", mw.FormDataContentType())
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var expectedResp *api.ResponseAPIFilePost
+
+	decoder := json.NewDecoder(resp.Body)
+	if err := decoder.Decode(&expectedResp); err != nil {
+		return nil, fmt.Errorf("error decoding response: %w", err)
+	}
+
+	return expectedResp, nil
+}
+
+func (c *Client) Delete(ctx context.Context, id string) error {
+	url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodDelete, url, nil)
+	if err != nil {
+		return fmt.Errorf("error creating request: %w", err)
+	}
+
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("unable to perform request: %s", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("got non-ok response from server: %s", resp.Status)
+	}
+
+	return nil
+}

client/client_test.go

@@ -0,0 +1,194 @@
+package client_test
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"io"
+	"net"
+	"strings"
+	"testing"
+	"time"
+
+	"git.t-juice.club/torjus/gpaste"
+	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/client"
+	"git.t-juice.club/torjus/gpaste/files"
+	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/cmpopts"
+	"github.com/google/uuid"
+)
+
+func TestClient(t *testing.T) {
+	listener, err := net.Listen("tcp", ":0")
+	if err != nil {
+		panic(err)
+	}
+
+	port := listener.Addr().(*net.TCPAddr).Port
+	cfg := &gpaste.ServerConfig{
+		LogLevel:      "ERROR",
+		URL:           fmt.Sprintf("http://localhost:%d", port),
+		SigningSecret: "TEST",
+		Store:         &gpaste.ServerStoreConfig{Type: "memory"},
+	}
+
+	srv := api.NewHTTPServer(cfg)
+
+	go func() {
+		srv.Serve(listener)
+	}()
+
+	t.Cleanup(func() {
+		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+		defer cancel()
+		srv.Shutdown(ctx)
+		listener.Close()
+	})
+
+	// Add users
+	username := "admin"
+	password := "admin"
+	user := &users.User{
+		Username: username,
+		Role:     users.RoleAdmin,
+	}
+	if err := user.SetPassword(password); err != nil {
+		t.Fatalf("Error setting password: %s", err)
+	}
+	if err := srv.Users.Store(user); err != nil {
+		t.Fatalf("Error storing user: %s", err)
+	}
+
+	t.Run("Login", func(t *testing.T) {
+		client := client.Client{BaseURL: cfg.URL}
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		if err := client.Login(ctx, username, password); err != nil {
+			t.Fatalf("Error logging in: %s", err)
+		}
+
+		claims, err := srv.Auth.ValidateToken(client.AuthToken)
+		if err != nil {
+			t.Errorf("unable to get claims from token: %s", err)
+		}
+
+		if claims.Role != user.Role {
+			t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Role, user.Role))
+		}
+		if claims.Subject != username {
+			t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Subject, username))
+		}
+
+		t.Run("UserCreate", func(t *testing.T) {
+			ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+			defer cancel()
+			username := "user"
+			password := "user"
+
+			if err := client.UserCreate(ctx, username, password); err != nil {
+				t.Fatalf("Error creating user: %s", err)
+			}
+
+			user, err := srv.Users.Get(username)
+			if err != nil {
+				t.Fatalf("Error getting new user: %s", err)
+			}
+
+			if user.Username != username {
+				t.Errorf("Username does not match.")
+			}
+			if err := user.ValidatePassword(password); err != nil {
+				t.Errorf("Unable to validate password: %s", err)
+			}
+		})
+	})
+	t.Run("Upload", func(t *testing.T) {
+		client := client.Client{BaseURL: cfg.URL}
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		fileContents := "this is the test file"
+		fileBody := io.NopCloser(strings.NewReader(fileContents))
+		file := &files.File{
+			OriginalFilename: "filename.txt",
+			Body:             fileBody,
+		}
+
+		resp, err := client.Upload(ctx, file)
+		if err != nil {
+			t.Fatalf("Error uploading: %s", err)
+		}
+
+		retrieved, err := srv.Files.Get(resp.Files[0].ID)
+		if err != nil {
+			t.Fatalf("Error getting uploaded file from store: %s", err)
+		}
+		defer retrieved.Body.Close()
+
+		buf := new(strings.Builder)
+		if _, err := io.Copy(buf, retrieved.Body); err != nil {
+			t.Fatalf("error reading body from store: %s", err)
+		}
+		if buf.String() != fileContents {
+			t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
+		}
+	})
+	t.Run("Download", func(t *testing.T) {
+		client := client.Client{BaseURL: cfg.URL}
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		fileContents := "this is the test file"
+		fileBody := io.NopCloser(strings.NewReader(fileContents))
+		file := &files.File{
+			ID:               uuid.NewString(),
+			OriginalFilename: "filename.txt",
+			Body:             fileBody,
+		}
+
+		if err := srv.Files.Store(file); err != nil {
+			t.Fatalf("Error putting file in store: %s", err)
+		}
+
+		body, err := client.Download(ctx, file.ID)
+		if err != nil {
+			t.Fatalf("Error uploading: %s", err)
+		}
+		defer body.Close()
+
+		buf := new(strings.Builder)
+		if _, err := io.Copy(buf, body); err != nil {
+			t.Fatalf("error reading body from store: %s", err)
+		}
+		if buf.String() != fileContents {
+			t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
+		}
+	})
+	t.Run("Save", func(t *testing.T) {
+		c := client.Client{BaseURL: "http://example.org/gpaste", AuthToken: "tokenpls"}
+		expectedConfig := "{\"baseUrl\":\"http://example.org/gpaste\",\"authToken\":\"tokenpls\"}\n"
+		buf := new(bytes.Buffer)
+		err := c.WriteConfigToWriter(buf)
+		if err != nil {
+			t.Fatalf("Error writing config: %s", err)
+		}
+
+		if diff := cmp.Diff(buf.String(), expectedConfig); diff != "" {
+			t.Errorf("Written config does not match expected: %s", diff)
+		}
+	})
+	t.Run("Load", func(t *testing.T) {
+		c := client.Client{}
+		config := "{\"baseUrl\":\"http://pasta.example.org\",\"authToken\":\"tokenpls\"}\n"
+		expectedClient := client.Client{BaseURL: "http://pasta.example.org", AuthToken: "tokenpls"}
+		sr := strings.NewReader(config)
+		if err := c.LoadConfigFromReader(sr); err != nil {
+			t.Fatalf("Error reading config: %s", err)
+		}
+
+		if diff := cmp.Diff(c, expectedClient, cmpopts.IgnoreUnexported(client.Client{})); diff != "" {
+			t.Errorf("Client does not match expected: %s", diff)
+		}
+
+	})
+}

cmd/client/actions/actions.go

@@ -1,33 +1,26 @@
 package actions
 
 import (
-	"bytes"
+	"bufio"
 	"context"
-	"encoding/json"
 	"fmt"
-	"io"
-	"mime/multipart"
-	"net/http"
 	"os"
 	"strings"
 	"syscall"
 	"time"
 
-	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/client"
-	"github.com/google/uuid"
+	"git.t-juice.club/torjus/gpaste/files"
 	"github.com/urfave/cli/v2"
 	"golang.org/x/term"
 )
 
-func ActionUpload(c *cli.Context) error {
+const defaultTimeout = 10 * time.Second
-	url := fmt.Sprintf("%s/api/file", c.String("url"))
-	client := &http.Client{}
-	// TODO: Change timeout
-	ctx, cancel := context.WithTimeout(c.Context, 10*time.Minute)
-	defer cancel()
 
-	buf := &bytes.Buffer{}
+func ActionUpload(c *cli.Context) error {
-	mw := multipart.NewWriter(buf)
+	clnt := client.Client{
+		BaseURL: c.String("url"),
+	}
 
 	for _, arg := range c.Args().Slice() {
 		f, err := os.Open(arg)
@@ -35,41 +28,41 @@ func ActionUpload(c *cli.Context) error {
 			return err
 		}
 		defer f.Close()
-		fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), arg)
+
+		file := &files.File{
+			OriginalFilename: arg,
+			Body:             f,
+		}
+
+		resp, err := clnt.Upload(c.Context, file)
 		if err != nil {
-			return err
+			errmsg := fmt.Sprintf("Error uploading file: %s", err)
+			return cli.Exit(errmsg, 1)
 		}
-		if _, err := io.Copy(fw, f); err != nil {
+
-			return err
+		fmt.Printf("Uploaded file %s - %s", file.OriginalFilename, resp.Files[0].URL)
+	}
+
+	return nil
+}
+
+func ActionDelete(c *cli.Context) error {
+	clnt := client.Client{
+		BaseURL: c.String("url"),
+	}
+
+	for _, arg := range c.Args().Slice() {
+		ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
+		defer cancel()
+
+		if err := clnt.Delete(ctx, arg); err != nil {
+			fmt.Printf("Error deleting file %s\n", arg)
+			fmt.Printf("%s\n", err)
 		}
-	}
-	mw.Close()
-	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
-	if err != nil {
-		return err
-	}
-	req.Header.Add("Content-Type", mw.FormDataContentType())
 
-	resp, err := client.Do(req)
+		fmt.Printf("Deleted %s\n", arg)
-	if err != nil {
-		return err
-	}
-	defer resp.Body.Close()
-
-	var expectedResp []struct {
-		Message string `json:"message"`
-		ID      string `json:"id"`
-		URL     string `json:"url"`
 	}
 
-	decoder := json.NewDecoder(resp.Body)
-	if err := decoder.Decode(&expectedResp); err != nil {
-		return fmt.Errorf("error decoding response: %w", err)
-	}
-
-	for _, r := range expectedResp {
-		fmt.Printf("Uploaded file %s\n", r.ID)
-	}
 	return nil
 }
 
@@ -78,97 +71,65 @@ func ActionLogin(c *cli.Context) error {
 	if username == "" {
 		return cli.Exit("USERNAME not supplied.", 1)
 	}
+
 	password, err := readPassword()
 	if err != nil {
 		return fmt.Errorf("error reading password: %w", err)
 	}
 
-	url := fmt.Sprintf("%s/api/login", c.String("url"))
+	clnt := client.Client{
-	client := &http.Client{}
+		BaseURL: c.String("url"),
-	// TODO: Change timeout
-	ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
-	defer cancel()
-
-	body := new(bytes.Buffer)
-	requestData := struct {
-		Username string `json:"username"`
-		Password string `json:"password"`
-	}{
-		Username: username,
-		Password: password,
 	}
-	encoder := json.NewEncoder(body)
+	if err := clnt.Login(c.Context, username, password); err != nil {
-	if err := encoder.Encode(&requestData); err != nil {
+		errmsg := fmt.Sprintf("Error logging in: %s", err)
-		return fmt.Errorf("error encoding response: %w", err)
+		return cli.Exit(errmsg, 1)
-	}
-	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
-	if err != nil {
-		return fmt.Errorf("error creating request: %w", err)
 	}
 
-	resp, err := client.Do(req)
+	if err := clnt.WriteConfig(); err != nil {
-	if err != nil {
+		errMsg := fmt.Sprintf("Failed to write config: %s", err)
-		return fmt.Errorf("unable to perform request: %s", err)
+		return cli.Exit(errMsg, 1)
 	}
-	defer resp.Body.Close()
+	// TODO: Store this somewhere, so we don't need to log in each time
-
+	fmt.Println("Successfully logged in.")
-	if resp.StatusCode != http.StatusOK {
-		return cli.Exit("got non-ok response from server", 0)
-	}
-
-	responseData := struct {
-		Token string `json:"token"`
-	}{}
-
-	decoder := json.NewDecoder(resp.Body)
-	if err := decoder.Decode(&responseData); err != nil {
-		return fmt.Errorf("unable to parse response: %s", err)
-	}
-
-	fmt.Printf("Token: %s", responseData.Token)
 
 	return nil
 }
 
 func ActionUserCreate(c *cli.Context) error {
 	// TODO: Needs to supply auth token to actually work
-	username := c.Args().First()
+	fmt.Println("Need to be logged in to create user")
-	if username == "" {
+
-		return cli.Exit("USERNAME not supplied.", 1)
+	username := readString("Enter username: ")
-	}
+
 	password, err := readPassword()
 	if err != nil {
 		return fmt.Errorf("error reading password: %w", err)
 	}
 
-	url := fmt.Sprintf("%s/api/user", c.String("url"))
+	clnt := client.Client{
-	client := &http.Client{}
+		BaseURL: c.String("url"),
-	// TODO: Change timeout
+	}
-	ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
+
+	ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
 	defer cancel()
 
-	body := new(bytes.Buffer)
+	if err := clnt.Login(ctx, username, password); err != nil {
-	requestData := &api.RequestAPIUserCreate{
+		errmsg := fmt.Sprintf("Error logging in: %s", err)
-		Username: username,
+		return cli.Exit(errmsg, 1)
-		Password: password,
-	}
-	encoder := json.NewEncoder(body)
-	if err := encoder.Encode(requestData); err != nil {
-		return fmt.Errorf("error encoding response: %w", err)
-	}
-	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
-	if err != nil {
-		return fmt.Errorf("error creating request: %w", err)
 	}
 
-	resp, err := client.Do(req)
+	fmt.Println("User to create:")
-	if err != nil {
-		return fmt.Errorf("unable to perform request: %s", err)
-	}
-	defer resp.Body.Close()
 
-	if resp.StatusCode != http.StatusAccepted {
+	username = readString("Enter username: ")
-		return cli.Exit("got non-ok response from server", 0)
+
+	password, err = readPassword()
+	if err != nil {
+		return fmt.Errorf("error reading password: %w", err)
+	}
+
+	if err := clnt.UserCreate(ctx, username, password); err != nil {
+		errmsg := fmt.Sprintf("Error creating user: %s", err)
+		return cli.Exit(errmsg, 1)
 	}
 
 	fmt.Printf("Created user %s\n", username)
@@ -178,11 +139,24 @@ func ActionUserCreate(c *cli.Context) error {
 
 func readPassword() (string, error) {
 	fmt.Print("Enter Password: ")
+
 	bytePassword, err := term.ReadPassword(int(syscall.Stdin))
 	if err != nil {
 		return "", err
 	}
 
 	password := string(bytePassword)
+
 	return strings.TrimSpace(password), nil
 }
+
+func readString(prompt string) string {
+	fmt.Print(prompt)
+
+	scanner := bufio.NewScanner(os.Stdin)
+	for scanner.Scan() {
+		return scanner.Text()
+	}
+
+	return ""
+}

cmd/client/client.go

@@ -37,6 +37,12 @@ func main() {
 				ArgsUsage: "FILE [FILE]...",
 				Action:    actions.ActionUpload,
 			},
+			{
+				Name:      "delete",
+				Usage:     "Delete file(s)",
+				ArgsUsage: "FILE [FILE]...",
+				Action:    actions.ActionDelete,
+			},
 			{
 				Name:      "login",
 				Usage:     "Login to gpaste server",
@@ -58,5 +64,5 @@ func main() {
 		},
 	}
 
-	app.Run(os.Args)
+	_ = app.Run(os.Args)
 }

cmd/server/actions/actions.go

@@ -2,14 +2,19 @@ package actions
 
 import (
 	"context"
+	"io"
 	"net/http"
 	"os"
 	"os/signal"
+	"path/filepath"
 	"strings"
 	"time"
 
 	"git.t-juice.club/torjus/gpaste"
 	"git.t-juice.club/torjus/gpaste/api"
+	"git.t-juice.club/torjus/gpaste/files"
+	"git.t-juice.club/torjus/gpaste/users"
+	"github.com/google/uuid"
 	"github.com/urfave/cli/v2"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
@@ -21,14 +26,30 @@ func ActionServe(c *cli.Context) error {
 		configPath = c.String("config")
 	}
 
-	f, err := os.Open(configPath)
+	var (
+		cfg *gpaste.ServerConfig
+		r   io.ReadCloser
+	)
+
+	r, err := os.Open(configPath)
 	if err != nil {
-		return cli.Exit(err, 1)
+		cfg = &gpaste.ServerConfig{
-	}
+			LogLevel:      "INFO",
-	defer f.Close()
+			URL:           "localhost:8080",
-	cfg, err := gpaste.ServerConfigFromReader(f)
+			ListenAddr:    ":8080",
-	if err != nil {
+			SigningSecret: "TODO: CHANGE THIS LOL",
-		return cli.Exit(err, 1)
+			Store: &gpaste.ServerStoreConfig{
+				Type: "memory",
+			},
+		}
+	} else {
+		defer r.Close()
+		cfg, err = gpaste.ServerConfigFromReader(r)
+		if err != nil {
+			if err != nil {
+				return cli.Exit(err, 1)
+			}
+		}
 	}
 	// Setup loggers
 	rootLogger := getRootLogger(cfg.LogLevel)
@@ -38,28 +59,72 @@ func ActionServe(c *cli.Context) error {
 	// Setup contexts for clean shutdown
 	rootCtx, rootCancel := signal.NotifyContext(context.Background(), os.Interrupt)
 	defer rootCancel()
+
 	httpCtx, httpCancel := context.WithCancel(rootCtx)
 	defer httpCancel()
+
 	httpShutdownCtx, httpShutdownCancel := context.WithCancel(context.Background())
 	defer httpShutdownCancel()
 
+	// Setup stores
+	// Files
+	fileStore, fileClose, err := getFileStore(cfg)
+	if err != nil {
+		return err
+	}
+
+	defer fileClose() // nolint: errcheck
+
+	// Users
+	userStore, userClose, err := getUserStore(cfg)
+	if err != nil {
+		return err
+	}
+
+	defer userClose() // nolint: errcheck
+
+	if userList, err := userStore.List(); err != nil {
+		serverLogger.Panicw("Error checking userstore for users.", "error", err)
+	} else if len(userList) < 1 {
+		admin := users.User{
+			Username: "admin",
+			Role:     users.RoleAdmin,
+		}
+		password := uuid.NewString()
+		if err := admin.SetPassword(password); err != nil {
+			serverLogger.DPanic("Error setting admin-user password.", "error", err)
+		}
+
+		serverLogger.Warnw("Created admin-user.", "username", admin.Username, "password", password)
+	}
+
+	// Auth
+	auth := gpaste.NewAuthService(userStore, []byte(cfg.SigningSecret))
+
 	go func() {
 		srv := api.NewHTTPServer(cfg)
+		srv.Users = userStore
+		srv.Files = fileStore
 		srv.Addr = cfg.ListenAddr
 		srv.Logger = serverLogger
 		srv.AccessLogger = accessLogger
+		srv.Auth = auth
 
 		// Wait for cancel
 		go func() {
 			<-httpCtx.Done()
-			timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+
+			timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second) // nolint: gomnd
 			defer cancel()
-			srv.Shutdown(timeoutCtx)
+
+			_ = srv.Shutdown(timeoutCtx)
 		}()
 		serverLogger.Infow("Starting HTTP server.", "addr", cfg.ListenAddr)
+
 		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
 			serverLogger.Errorw("Error during shutdown.", "error", err)
 		}
+
 		serverLogger.Infow("HTTP server shutdown complete.", "addr", cfg.ListenAddr)
 		httpShutdownCancel()
 	}()
@@ -103,3 +168,48 @@ func getRootLogger(level string) *zap.SugaredLogger {
 
 	return rootLogger.Sugar()
 }
+
+// nolint: ireturn
+func getUserStore(cfg *gpaste.ServerConfig) (users.UserStore, func() error, error) {
+	closer := func() error { return nil }
+
+	switch cfg.Store.Type {
+	case "memory":
+		return users.NewMemoryUserStore(), closer, nil
+
+	case "fs":
+		path := filepath.Join(cfg.Store.FS.Dir, "gpaste-users.db")
+
+		bs, err := users.NewBoltUserStore(path)
+		if err != nil {
+			return nil, closer, cli.Exit("error setting up user store", 1)
+		}
+
+		return bs, bs.Close, nil
+
+	default:
+		return nil, closer, cli.Exit("no userstore configured", 1)
+	}
+}
+
+// nolint: ireturn
+func getFileStore(cfg *gpaste.ServerConfig) (files.FileStore, func() error, error) {
+	closer := func() error { return nil }
+
+	switch cfg.Store.Type {
+	case "memory":
+		return files.NewMemoryFileStore(), closer, nil
+
+	case "fs":
+		var err error
+
+		s, err := files.NewFSFileStore(cfg.Store.FS.Dir)
+		if err != nil {
+			return nil, closer, cli.Exit("error setting up filestore", 1)
+		}
+
+		return s, closer, nil
+	default:
+		return nil, closer, cli.Exit("No store configured", 1)
+	}
+}

cmd/server/server.go

@@ -29,5 +29,5 @@ func main() {
 		Action: actions.ActionServe,
 	}
 
-	app.Run(os.Args)
+	_ = app.Run(os.Args)
 }

config.go

@@ -33,6 +33,7 @@ func ServerConfigFromReader(r io.Reader) (*ServerConfig, error) {
 			FS: &ServerStoreFSStoreConfig{},
 		},
 	}
+
 	if err := decoder.Decode(&c); err != nil {
 		return nil, fmt.Errorf("error decoding server config: %w", err)
 	}

files/filestore.go

@@ -7,11 +7,13 @@ import (
 
 type File struct {
 	ID               string    `json:"id"`
-	OriginalFilename string    `json:"original_filename"`
+	OriginalFilename string    `json:"originalFilename"`
-	MaxViews         uint      `json:"max_views"`
+	MaxViews         uint      `json:"maxViews"`
-	ExpiresOn        time.Time `json:"expires_on"`
+	ExpiresOn        time.Time `json:"expiresOn"`
 
 	Body io.ReadCloser
+
+	FileSize int64 `json:"fileSize"`
 }
 
 type FileStore interface {

files/filestore_fs.go

@@ -23,6 +23,7 @@ func NewFSFileStore(dir string) (*FSFileStore, error) {
 
 	return s, err
 }
+
 func (s *FSFileStore) Store(f *File) error {
 	defer f.Body.Close()
 
@@ -34,20 +35,26 @@ func (s *FSFileStore) Store(f *File) error {
 	}
 
 	path := filepath.Join(s.dir, f.ID)
+
 	dst, err := os.Create(path)
 	if err != nil {
 		return err
 	}
 	defer dst.Close()
 
-	if _, err := io.Copy(dst, f.Body); err != nil {
+	n, err := io.Copy(dst, f.Body)
+	if err != nil {
 		return err
 	}
+
 	s.metadata[f.ID] = metadata
+	s.metadata[f.ID].FileSize = n
+
 	if err := s.writeMetadata(); err != nil {
 		delete(s.metadata, f.ID)
 		return err
 	}
+
 	return nil
 }
 
@@ -58,11 +65,14 @@ func (s *FSFileStore) Get(id string) (*File, error) {
 	}
 
 	path := filepath.Join(s.dir, id)
+
 	f, err := os.Open(path)
 	if err != nil {
 		return nil, err
 	}
+
 	metadata.Body = f
+
 	return metadata, nil
 }
 
@@ -71,20 +81,24 @@ func (s *FSFileStore) Delete(id string) error {
 	if err := os.Remove(path); err != nil {
 		return err
 	}
+
 	delete(s.metadata, id)
+
 	return nil
 }
 
 func (s *FSFileStore) List() ([]string, error) {
-	var results []string
+	results := make([]string, 0, len(s.metadata))
 	for k := range s.metadata {
 		results = append(results, k)
 	}
+
 	return results, nil
 }
 
 func (s *FSFileStore) writeMetadata() error {
 	path := filepath.Join(s.dir, "metadata.json")
+
 	f, err := os.Create(path)
 	if err != nil {
 		return err
@@ -95,11 +109,13 @@ func (s *FSFileStore) writeMetadata() error {
 	if err := encoder.Encode(s.metadata); err != nil {
 		return err
 	}
+
 	return nil
 }
 
 func (s *FSFileStore) readMetadata() error {
 	path := filepath.Join(s.dir, "metadata.json")
+
 	f, err := os.Open(path)
 	if err != nil {
 		// TODO: Handle errors better
@@ -111,5 +127,6 @@ func (s *FSFileStore) readMetadata() error {
 	if err := decoder.Decode(&s.metadata); err != nil {
 		return err
 	}
+
 	return nil
 }

files/filestore_fs_test.go

@@ -7,20 +7,23 @@ import (
 )
 
 func TestFSFileStore(t *testing.T) {
-	dir := t.TempDir()
+	newFunc := func() files.FileStore {
-	s, err := files.NewFSFileStore(dir)
+		dir := t.TempDir()
-	if err != nil {
+		s, err := files.NewFSFileStore(dir)
-		t.Fatalf("Error creating store: %s", err)
+		if err != nil {
+			t.Fatalf("Error creating store: %s", err)
+		}
+		return s
 	}
 
-	RunFilestoreTest(s, t)
+	RunFilestoreTest(newFunc, t)
 	persistentDir := t.TempDir()
-	newFunc := func() files.FileStore {
+	persistentFunc := func() files.FileStore {
 		s, err := files.NewFSFileStore(persistentDir)
 		if err != nil {
 			t.Fatalf("Error creating store: %s", err)
 		}
 		return s
 	}
-	RunPersistentFilestoreTest(newFunc, t)
+	RunPersistentFilestoreTest(persistentFunc, t)
 }

files/filestore_memory.go

@@ -14,6 +14,7 @@ type fileData struct {
 
 	MaxViews  uint
 	ExpiresOn time.Time
+	FileSize  int64
 }
 
 type MemoryFileStore struct {
@@ -28,20 +29,22 @@ func NewMemoryFileStore() *MemoryFileStore {
 }
 
 func (s *MemoryFileStore) Store(f *File) error {
-
 	data := &fileData{
 		ID:        f.ID,
 		MaxViews:  f.MaxViews,
 		ExpiresOn: f.ExpiresOn,
 	}
 
-	_, err := io.Copy(&data.Body, f.Body)
+	n, err := io.Copy(&data.Body, f.Body)
 	_ = f.Body.Close()
 
+	data.FileSize = n
+
 	s.lock.Lock()
 	defer s.lock.Unlock()
 
 	s.data[f.ID] = data
+
 	return err
 }
 
@@ -53,11 +56,18 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
 	if !ok {
 		return nil, fmt.Errorf("no such item")
 	}
+
+	body := new(bytes.Buffer)
+	if _, err := body.Write(fd.Body.Bytes()); err != nil {
+		return nil, err
+	}
+
 	f := &File{
 		ID:        fd.ID,
 		MaxViews:  fd.MaxViews,
 		ExpiresOn: fd.ExpiresOn,
-		Body:      io.NopCloser(&fd.Body),
+		Body:      io.NopCloser(body),
+		FileSize:  fd.FileSize,
 	}
 
 	return f, nil
@@ -66,17 +76,21 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
 func (s *MemoryFileStore) Delete(id string) error {
 	s.lock.Lock()
 	defer s.lock.Unlock()
+
 	delete(s.data, id)
+
 	return nil
 }
 
 func (s *MemoryFileStore) List() ([]string, error) {
-	var ids []string
+	ids := make([]string, 0, len(s.data))
 
 	s.lock.RLock()
 	defer s.lock.RUnlock()
+
 	for id := range s.data {
 		ids = append(ids, id)
 	}
+
 	return ids, nil
 }

files/filestore_memory_test.go

@@ -7,7 +7,9 @@ import (
 )
 
 func TestMemoryFileStore(t *testing.T) {
-	s := files.NewMemoryFileStore()
+	newFunc := func() files.FileStore {
+		return files.NewMemoryFileStore()
+	}
 
-	RunFilestoreTest(s, t)
+	RunFilestoreTest(newFunc, t)
 }

files/filestore_test.go

@@ -12,8 +12,11 @@ import (
 	"github.com/google/uuid"
 )
 
-func RunFilestoreTest(s files.FileStore, t *testing.T) {
+var ignoreBody = cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
+
+func RunFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
 	t.Run("Basic", func(t *testing.T) {
+		s := newStoreFunc()
 		// Create
 		dataString := "TEST_LOL_OMG"
 		id := uuid.Must(uuid.NewRandom()).String()
@@ -21,9 +24,10 @@ func RunFilestoreTest(s files.FileStore, t *testing.T) {
 		bodyBuf.Write([]byte(dataString))
 		body := io.NopCloser(bodyBuf)
 		f := &files.File{
-			ID:       id,
+			ID:        id,
-			MaxViews: 0,
+			MaxViews:  99,
-			Body:     body,
+			Body:      body,
+			ExpiresOn: time.Now().Add(99 * time.Second),
 		}
 
 		err := s.Store(f)
@@ -50,6 +54,16 @@ func RunFilestoreTest(s files.FileStore, t *testing.T) {
 		if retrievedBuf.String() != dataString {
 			t.Fatalf("Data from retrieved body mismatch. Got %s want %s", retrievedBuf.String(), dataString)
 		}
+		expected := &files.File{
+			ID:        f.ID,
+			MaxViews:  f.MaxViews,
+			ExpiresOn: f.ExpiresOn,
+			FileSize:  int64(len(dataString)),
+		}
+
+		if diff := cmp.Diff(retrieved, expected, ignoreBody); diff != "" {
+			t.Errorf("File comparison failed: %s", diff)
+		}
 
 		// List
 		ids, err := s.List()
@@ -76,82 +90,128 @@ func RunFilestoreTest(s files.FileStore, t *testing.T) {
 			t.Fatalf("List after delete has wrong length: %d", len(ids))
 		}
 	})
+	t.Run("MultipleGet", func(t *testing.T) {
+		s := newStoreFunc()
+
+		fileContents := "multiple get test !"
+		body := io.NopCloser(strings.NewReader(fileContents))
+		file := &files.File{
+			ID:               uuid.NewString(),
+			OriginalFilename: "multiple.txt",
+			MaxViews:         999,
+			ExpiresOn:        time.Now().Add(1 * time.Hour),
+			Body:             body,
+			FileSize:         int64(len(fileContents)),
+		}
+
+		if err := s.Store(file); err != nil {
+			t.Fatalf("Error storing file: %s", err)
+		}
+
+		first, err := s.Get(file.ID)
+		if err != nil {
+			t.Errorf("Error retrieving first file: %s", err)
+		}
+
+		firstBody := new(bytes.Buffer)
+		io.Copy(firstBody, first.Body)
+		first.Body.Close()
+
+		if diff := cmp.Diff(firstBody.String(), fileContents); diff != "" {
+			t.Fatalf("File contents mismatch: %s", diff)
+		}
+
+		second, err := s.Get(file.ID)
+		if err != nil {
+			t.Errorf("Error retrieving first file: %s", err)
+		}
+
+		secondBody := new(bytes.Buffer)
+		io.Copy(secondBody, second.Body)
+		first.Body.Close()
+
+		if diff := cmp.Diff(secondBody.String(), fileContents); diff != "" {
+			t.Fatalf("File contents mismatch: %s", diff)
+		}
+	})
 }
 
 func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
-	s := newStoreFunc()
+	t.Run("Basics", func(t *testing.T) {
+		s := newStoreFunc()
 
-	files := []struct {
+		files := []struct {
-		File         *files.File
+			File         *files.File
-		ExpectedData string
+			ExpectedData string
-	}{
+		}{
-		{
+			{
-			File: &files.File{
+				File: &files.File{
-				ID:               uuid.NewString(),
+					ID:               uuid.NewString(),
-				OriginalFilename: "testfile.txt",
+					OriginalFilename: "testfile.txt",
-				MaxViews:         5,
+					MaxViews:         5,
-				ExpiresOn:        time.Now().Add(10 * time.Minute),
+					ExpiresOn:        time.Now().Add(10 * time.Minute),
-				Body:             io.NopCloser(strings.NewReader("cocks!")),
+					Body:             io.NopCloser(strings.NewReader("cocks!")),
+					FileSize:         6,
+				},
+				ExpectedData: "cocks!",
 			},
-			ExpectedData: "cocks!",
+			{
-		},
+				File: &files.File{
-		{
+					ID:               uuid.NewString(),
-			File: &files.File{
+					OriginalFilename: "testfile2.txt",
-				ID:               uuid.NewString(),
+					MaxViews:         5,
-				OriginalFilename: "testfile2.txt",
+					ExpiresOn:        time.Now().Add(10 * time.Minute),
-				MaxViews:         5,
+					Body:             io.NopCloser(strings.NewReader("derps!")),
-				ExpiresOn:        time.Now().Add(10 * time.Minute),
+					FileSize:         6,
-				Body:             io.NopCloser(strings.NewReader("derps!")),
+				},
+				ExpectedData: "derps!",
 			},
-			ExpectedData: "derps!",
-		},
-	}
-
-	for _, f := range files {
-		err := s.Store(f.File)
-		if err != nil {
-			t.Fatalf("Error storing file: %s", err)
-		}
-	}
-	for _, f := range files {
-		retrieved, err := s.Get(f.File.ID)
-		if err != nil {
-			t.Fatalf("Unable to retrieve file: %s", err)
 		}
 
-		ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
+		for _, f := range files {
-		if !cmp.Equal(retrieved, f.File, ignoreBody) {
+			err := s.Store(f.File)
-			t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
+			if err != nil {
+				t.Fatalf("Error storing file: %s", err)
+			}
 		}
-		buf := new(strings.Builder)
+		for _, f := range files {
-		if _, err := io.Copy(buf, retrieved.Body); err != nil {
+			retrieved, err := s.Get(f.File.ID)
-			t.Fatalf("Error reading from body: %s", err)
+			if err != nil {
-		}
+				t.Fatalf("Unable to retrieve file: %s", err)
-		retrieved.Body.Close()
+			}
-		if buf.String() != f.ExpectedData {
-			t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
-		}
-	}
 
-	// Reopen store, and fetch again
+			if !cmp.Equal(retrieved, f.File, ignoreBody) {
-	s = newStoreFunc()
+				t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
-	for _, f := range files {
+			}
-		retrieved, err := s.Get(f.File.ID)
+			buf := new(strings.Builder)
-		if err != nil {
+			if _, err := io.Copy(buf, retrieved.Body); err != nil {
-			t.Fatalf("Unable to retrieve file: %s", err)
+				t.Fatalf("Error reading from body: %s", err)
+			}
+			retrieved.Body.Close()
+			if buf.String() != f.ExpectedData {
+				t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
+			}
 		}
 
-		ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
+		// Reopen store, and fetch again
-		if !cmp.Equal(retrieved, f.File, ignoreBody) {
+		s = newStoreFunc()
-			t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
+		for _, f := range files {
+			retrieved, err := s.Get(f.File.ID)
+			if err != nil {
+				t.Fatalf("Unable to retrieve file: %s", err)
+			}
+
+			if !cmp.Equal(retrieved, f.File, ignoreBody) {
+				t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
+			}
+			buf := new(strings.Builder)
+			if _, err := io.Copy(buf, retrieved.Body); err != nil {
+				t.Fatalf("Error reading from body: %s", err)
+			}
+			retrieved.Body.Close()
+			if buf.String() != f.ExpectedData {
+				t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
+			}
 		}
-		buf := new(strings.Builder)
+	})
-		if _, err := io.Copy(buf, retrieved.Body); err != nil {
-			t.Fatalf("Error reading from body: %s", err)
-		}
-		retrieved.Body.Close()
-		if buf.String() != f.ExpectedData {
-			t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
-		}
-	}
 }

go.mod

@@ -2,18 +2,17 @@ module git.t-juice.club/torjus/gpaste
 
 go 1.17
 
-require github.com/google/uuid v1.3.0
-
-require github.com/go-chi/chi/v5 v5.0.7
-
 require (
+	github.com/go-chi/chi/v5 v5.0.7
 	github.com/golang-jwt/jwt v3.2.2+incompatible
-	github.com/google/go-cmp v0.5.6
+	github.com/google/go-cmp v0.5.7
+	github.com/google/uuid v1.3.0
+	github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
 	github.com/pelletier/go-toml v1.9.4
 	github.com/urfave/cli/v2 v2.3.0
 	go.etcd.io/bbolt v1.3.6
 	go.uber.org/zap v1.20.0
-	golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce
+	golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
 )
 
@@ -23,4 +22,5 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.7.0 // indirect
 	golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 )

go.sum

@@ -11,10 +11,12 @@ github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8=
 github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
+github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
-github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f h1:dKccXx7xA56UNqOcFIbuqFjAWPVtP688j5QMgmo6OHU=
+github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f/go.mod h1:4rEELDSfUAlBSyUjPG0JnaNGjf13JySHFeRdD/3dLP0=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@@ -49,8 +51,8 @@ go.uber.org/zap v1.20.0 h1:N4oPlghZwYG55MlU6LXk/Zp00FVNE9X9wrYO8CEs4lc=
 go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce h1:Roh6XWxHFKrPgC/EQhVubSAGQ6Ozk6IdxHSzt1mR0EI=
+golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8 h1:kACShD3qhmr/3rLmg1yXyt+N4HcwutKyPRB93s54TIU=
-golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=

users/user.go

@@ -1,6 +1,10 @@
 package users
 
-import "golang.org/x/crypto/bcrypt"
+import (
+	"fmt"
+
+	"golang.org/x/crypto/bcrypt"
+)
 
 type Role string
 
@@ -12,14 +16,17 @@ const (
 
 type User struct {
 	Username       string `json:"username"`
-	HashedPassword []byte `json:"hashed_password"`
+	HashedPassword []byte `json:"hashedPassword"`
-	Roles          []Role `json:"roles"`
+	Role           Role   `json:"role"`
 }
 
+var ErrNoSuchUser = fmt.Errorf("no such user")
+
 type UserStore interface {
 	Get(username string) (*User, error)
 	Store(user *User) error
 	Delete(username string) error
+	List() ([]string, error)
 }
 
 func (u *User) ValidatePassword(password string) error {
@@ -31,6 +38,8 @@ func (u *User) SetPassword(password string) error {
 	if err != nil {
 		return err
 	}
+
 	u.HashedPassword = hashed
+
 	return nil
 }

users/userstore_bolt.go

@@ -6,6 +6,8 @@ import (
 	"go.etcd.io/bbolt"
 )
 
+var _ UserStore = &BoltUserStore{}
+
 var keyUsers = []byte("users")
 
 type BoltUserStore struct {
@@ -13,7 +15,7 @@ type BoltUserStore struct {
 }
 
 func NewBoltUserStore(path string) (*BoltUserStore, error) {
-	db, err := bbolt.Open(path, 0666, nil)
+	db, err := bbolt.Open(path, 0o666, nil) // nolint: gomnd
 	if err != nil {
 		return nil, err
 	}
@@ -34,6 +36,7 @@ func (s *BoltUserStore) Close() error {
 
 func (s *BoltUserStore) Get(username string) (*User, error) {
 	var user User
+
 	err := s.db.View(func(tx *bbolt.Tx) error {
 		bkt := tx.Bucket(keyUsers)
 		rawUser := bkt.Get([]byte(username))
@@ -45,6 +48,7 @@ func (s *BoltUserStore) Get(username string) (*User, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	return &user, nil
 }
 
@@ -67,3 +71,24 @@ func (s *BoltUserStore) Delete(username string) error {
 		return bkt.Delete([]byte(username))
 	})
 }
+
+func (s *BoltUserStore) List() ([]string, error) {
+	var ids []string
+
+	err := s.db.View(func(tx *bbolt.Tx) error {
+		bkt := tx.Bucket(keyUsers)
+
+		c := bkt.Cursor()
+
+		for k, _ := c.First(); k != nil; k, _ = c.Next() {
+			ids = append(ids, string(k))
+		}
+
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return ids, nil
+}

users/userstore_memory.go

@@ -5,6 +5,8 @@ import (
 	"sync"
 )
 
+var _ UserStore = &MemoryUserStore{}
+
 type MemoryUserStore struct {
 	users map[string]*User
 	lock  sync.Mutex
@@ -13,10 +15,13 @@ type MemoryUserStore struct {
 func NewMemoryUserStore() *MemoryUserStore {
 	return &MemoryUserStore{users: make(map[string]*User)}
 }
+
 func (s *MemoryUserStore) Get(username string) (*User, error) {
 	s.lock.Lock()
 	defer s.lock.Unlock()
+
 	user, ok := s.users[username]
+
 	if !ok {
 		return nil, fmt.Errorf("no such user: %s", username)
 	}
@@ -27,13 +32,29 @@ func (s *MemoryUserStore) Get(username string) (*User, error) {
 func (s *MemoryUserStore) Store(user *User) error {
 	s.lock.Lock()
 	defer s.lock.Unlock()
+
 	s.users[user.Username] = user
+
 	return nil
 }
 
 func (s *MemoryUserStore) Delete(username string) error {
 	s.lock.Lock()
 	defer s.lock.Unlock()
+
 	delete(s.users, username)
+
 	return nil
 }
+
+func (s *MemoryUserStore) List() ([]string, error) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	ids := make([]string, 0, len(s.users))
+	for k := range s.users {
+		ids = append(ids, k)
+	}
+
+	return ids, nil
+}

users/userstore_test.go

@@ -20,7 +20,7 @@ func RunUserStoreTest(newFunc func() (func(), users.UserStore), t *testing.T) {
 			passwordMap[username] = password
 			user := &users.User{
 				Username: username,
-				Roles:    []users.Role{users.RoleAdmin},
+				Role:     users.RoleAdmin,
 			}
 			if err := user.SetPassword(password); err != nil {
 				t.Fatalf("Error setting password: %s", err)
@@ -47,5 +47,27 @@ func RunUserStoreTest(newFunc func() (func(), users.UserStore), t *testing.T) {
 				t.Errorf("User mismatch: %s", cmp.Diff(user, userMap[k]))
 			}
 		}
+
+		l, err := s.List()
+		if err != nil {
+			t.Fatalf("Error listing users: %s", err)
+		}
+		if len(l) != len(userMap) {
+			t.Errorf("List wrong amount of users.")
+		}
+
+		for _, username := range l {
+			if err := s.Delete(username); err != nil {
+				t.Fatalf("Error deleting user: %s", err)
+			}
+		}
+
+		l, err = s.List()
+		if err != nil {
+			t.Fatalf("Error listing after delete: %s", err)
+		}
+		if len(l) != 0 {
+			t.Fatalf("List is not empty after deleting all")
+		}
 	})
 }