diff options
| author | wikiapiserver | 2026-06-27 04:58:51 +0200 |
|---|---|---|
| committer | wikiapiserver | 2026-06-27 04:58:51 +0200 |
| commit | 90c6b60bcba568e237fe28314aa03884945a53d9 (patch) | |
| tree | 4055450e522c27dc312d249a1c518a9d82f68f1e /api | |
| parent | 6e18208bbf18dd2a06280f550bffd18cc93ff3b1 (diff) | |
| download | wikiapiserver-90c6b60bcba568e237fe28314aa03884945a53d9.tar.gz | |
- EnsureValidToken checks access_token_created age before each request.
If token is >24h old, refreshes via WikimediaTokenRefresh (or falls
back to full re-auth via WikimediaLogin).
- Register now upserts: updates tokens for existing users instead of
failing with 'username already exists'.
- Both /article and /token call EnsureValidToken before responding.
Diffstat (limited to 'api')
| -rw-r--r-- | api/handlers.go | 29 |
1 files changed, 8 insertions, 21 deletions
diff --git a/api/handlers.go b/api/handlers.go index 4299b74..ba32a94 100644 --- a/api/handlers.go +++ b/api/handlers.go @@ -2,11 +2,9 @@ package api import ( "context" - "io" "bytes" - "database/sql" - "errors" "encoding/json" + "io" "log" "net/http" "net/url" @@ -86,12 +84,8 @@ func (h *Handler) Register(w http.ResponseWriter, r *http.Request) { acct, err := h.db.Register(ctx, req.Username, req.Password) if err != nil { - if err.Error() == "username already exists" { - badRequest(w, "username already exists") - return - } log.Printf("register error: %v", err) - serverError(w, "could not create account") + serverError(w, "could not register account") return } @@ -190,13 +184,10 @@ func (h *Handler) GetToken(w http.ResponseWriter, r *http.Request) { return } - acct, err := h.db.GetAccount(ctx, username) + acct, err := h.db.EnsureValidToken(ctx, username) if err != nil { - if errors.Is(err, sql.ErrNoRows) { - unauthorized(w) - return - } - serverError(w, "could not retrieve token") + log.Printf("ensure token failed for %s: %v", username, err) + serverError(w, "could not get valid token") return } @@ -218,16 +209,12 @@ func (h *Handler) GetArticle(w http.ResponseWriter, r *http.Request) { return } - acct, err := h.db.GetAccount(ctx, username) + acct, err := h.db.EnsureValidToken(ctx, username) if err != nil { - if errors.Is(err, sql.ErrNoRows) { - unauthorized(w) - return - } - serverError(w, "could not retrieve token") + log.Printf("ensure token failed for %s: %v", username, err) + serverError(w, "could not get valid token") return } - baseURL := "https://api.enterprise.wikimedia.com/v2/structured-contents/" + url.QueryEscape(article) body, err := json.Marshal(map[string]any{ |