Browse Source

feature complete!! (for the time spend I have for now)

master
AJ ONeal 6 years ago
parent
commit
d84d2e63e6
  1. 27
      README.md
  2. 267
      chatserver.go
  3. 12
      public/index.html

27
README.md

@ -6,16 +6,20 @@ Rudimentary go chat server as a fun project.
```bash ```bash
git clone https://git.coolaj86.com/coolaj86/chat.go.git git clone https://git.coolaj86.com/coolaj86/chat.go.git
go get gopkg.in/yaml.v2 go get gopkg.in/yaml.v2
go get github.com/emicklei/go-restful go get github.com/emicklei/go-restful
``` ```
Note: I also copied some code directly from
<https://github.com/polvi/sni/blob/master/sni.go>
# Usage # Usage
**Start the server** **Start the server**
```bash ```bash
go run chatserver.go -conf ./config.yml go run -race chatserver.go -conf ./config.yml
``` ```
See sample config file at `config.sample.yml`. See sample config file at `config.sample.yml`.
@ -27,3 +31,24 @@ You can connect multiple clients.
```bash ```bash
telnet localhost 4080 telnet localhost 4080
``` ```
You can also use HTTP. The API docs and examples can be seen at <http://localhost:4080>
```
curl http://localhost:4080
```
Implemented
-----
* [x] Awesome telnet server (would
* [x] HTTP API (no UI for the sake of time)
* [x] Multiplex the same port (because I wanted to learn)
* [x] E-mail "magic link" authentication (minus the link since it's localhost)
Not Implemented
----
* [ ] Write to log file (just `go run ./chatserver.go > /path/to/log`
* [ ] Rooms

267
chatserver.go

@ -1,6 +1,6 @@
package main package main
// TODO learn about chan chan's // TODO learn more about chan chan's
// http://marcio.io/2015/07/handling-1-million-requests-per-minute-with-golang/ // http://marcio.io/2015/07/handling-1-million-requests-per-minute-with-golang/
import ( import (
@ -28,7 +28,7 @@ import (
) )
// I'm not sure how to pass nested structs, so I de-nested this. // I'm not sure how to pass nested structs, so I de-nested this.
// TODO: Learn if passing nested structs is desirable? // TODO Learn if passing nested structs is desirable?
type Conf struct { type Conf struct {
Port uint `yaml:"port,omitempty"` Port uint `yaml:"port,omitempty"`
Mailer ConfMailer Mailer ConfMailer
@ -50,7 +50,7 @@ type tcpUser struct {
// https://stackoverflow.com/questions/51472020/how-to-get-the-size-of-available-tcp-data // https://stackoverflow.com/questions/51472020/how-to-get-the-size-of-available-tcp-data
type bufferedConn struct { type bufferedConn struct {
r *bufio.Reader r *bufio.Reader
rout io.Reader rout io.Reader // See https://github.com/polvi/sni/blob/master/sni.go#L135
net.Conn net.Conn
} }
@ -77,18 +77,20 @@ func (b bufferedConn) Read(p []byte) (int, error) {
// because... I can clean it up later // because... I can clean it up later
type myMsg struct { type myMsg struct {
sender net.Conn sender net.Conn
bytes []byte Message string `json:"message"`
receivedAt time.Time ReceivedAt time.Time `json:"received_at"`
channel string Channel string `json:"channel"`
email string User string `json:"user"`
}
type JsonMsg struct {
Messages []myMsg `json:"messages"`
} }
var firstMsgs chan myMsg //var firstMsgs chan myMsg
//var myRooms map[string](chan myMsg) //var myRooms map[string](chan myMsg)
var myMsgs chan myMsg var msgHistory []myMsg
var broadcastMsg chan myMsg
//var myUnsortedConns map[net.Conn]bool
var newConns chan net.Conn var newConns chan net.Conn
var newTcpChat chan bufferedConn var newTcpChat chan bufferedConn
var authTcpChat chan tcpUser var authTcpChat chan tcpUser
@ -209,7 +211,7 @@ func handleRaw(bufConn bufferedConn) {
panic(err) panic(err)
} }
// so I don't have to actually go check my email // so I don't have to actually go check my email
fmt.Fprintf(os.Stdout, "\n== AUTHORIZATION ==\n[cheat code for %s]: %s\n", email, code) fmt.Fprintf(os.Stdout, "\n== TELNET AUTHORIZATION ==\n[cheat code for %s]: %s\n", email, code)
time.Sleep(150 * time.Millisecond) time.Sleep(150 * time.Millisecond)
fmt.Fprintf(bufConn, " done\n") fmt.Fprintf(bufConn, " done\n")
time.Sleep(150 * time.Millisecond) time.Sleep(150 * time.Millisecond)
@ -255,12 +257,12 @@ func handleRaw(bufConn bufferedConn) {
//fmt.Fprintf(os.Stdout, "Queing message...\n") //fmt.Fprintf(os.Stdout, "Queing message...\n")
//myRooms["general"] <- myMsg{ //myRooms["general"] <- myMsg{
myMsgs <- myMsg{ broadcastMsg <- myMsg{
receivedAt: time.Now(), ReceivedAt: time.Now(),
sender: bufConn, sender: bufConn,
bytes: buf[0:count], Message: string(buf[0:count]),
channel: "general", Channel: "general",
email: email, User: email,
} }
//fmt.Fprintf(bufConn, "> ") //fmt.Fprintf(bufConn, "> ")
} }
@ -326,10 +328,10 @@ func handleSorted(conn bufferedConn) {
/* /*
firstMsgs <- myMsg{ firstMsgs <- myMsg{
receivedAt: time.Now(), ReceivedAt: time.Now(),
sender: conn, sender: conn,
bytes: firstMsg, Message: firstMsg,
channel: "general", Channel: "general",
} }
// TODO // TODO
@ -356,11 +358,11 @@ func handleSorted(conn bufferedConn) {
continue continue
} }
//myRooms["general"] <- myMsg{ //myRooms["general"] <- myMsg{
myMsgs <- myMsg{ broadcastMsg <- myMsg{
receivedAt: time.Now(), ReceivedAt: time.Now(),
sender: conn, sender: conn,
bytes: buf[0:count], Message: string(buf[0:count]),
channel: "general", Channel: "general",
} }
} }
*/ */
@ -373,13 +375,7 @@ func handleConnection(netConn net.Conn) {
m := sync.Mutex{} m := sync.Mutex{}
virgin := true virgin := true
// Why don't these work?
//buf := make([]byte, 0, 1024)
//buf := []byte{}
// But this does
bufConn := newBufferedConn(netConn) bufConn := newBufferedConn(netConn)
//myUnsortedConns[bufConn] = true
go func() { go func() {
// Handle First Packet // Handle First Packet
_, err := bufConn.Peek(1) _, err := bufConn.Peek(1)
@ -407,7 +403,9 @@ func handleConnection(netConn net.Conn) {
virgin = false virgin = false
// don't block for this // don't block for this
// let it be handled after the unlock // let it be handled after the unlock
defer fmt.Fprintf(netConn, "\n\nWelcome to Sample Chat! You appear to be using Telnet.\nYou must authenticate via email to participate\n\nEmail: ") defer fmt.Fprintf(netConn,
"\n\nWelcome to Sample Chat! You appear to be using Telnet (http is also available on this port)."+
"\nYou must authenticate via email to participate\n\nEmail: ")
} }
m.Unlock() m.Unlock()
} }
@ -493,14 +491,15 @@ func serveHello(req *restful.Request, resp *restful.Response) {
fmt.Fprintf(resp, "{\"msg\":\"hello\"}") fmt.Fprintf(resp, "{\"msg\":\"hello\"}")
} }
// TODO I probably should just make the non-exportable properties private/lowercase
type authReq struct { type authReq struct {
Cid string `json:"cid"` Cid string `json:"cid"`
ChallengedAt time.Time `json:"-"` ChallengedAt time.Time `json:"-"`
Chan chan authReq `json:"-"` Chan chan authReq `json:"-"`
Code string `json:"code"` Otp string `json:"otp"`
CreatedAt time.Time `json:"-"` CreatedAt time.Time `json:"-"`
DidAuth bool `json:"-"` DidAuth bool `json:"-"`
Email string `json:"email"` Subject string `json:"sub"` // Subject as in 'sub' as per OIDC
VerifiedAt time.Time `json:"-"` VerifiedAt time.Time `json:"-"`
Tries int `json:"-"` Tries int `json:"-"`
} }
@ -508,54 +507,56 @@ type authReq struct {
func requestAuth(req *restful.Request, resp *restful.Response) { func requestAuth(req *restful.Request, resp *restful.Response) {
ar := authReq{ ar := authReq{
CreatedAt: time.Now(), CreatedAt: time.Now(),
DidAuth: false,
Tries: 0, Tries: 0,
} }
// Not sure why go restful finds it easier to do ReadEntity() than the "normal" way...
// err := json.NewDecoder(req.Body).Decode(&ar)
err := req.ReadEntity(&ar) err := req.ReadEntity(&ar)
// Looks like restful handles JSON automatically?
/*
err := json.NewDecoder(req.Body).Decode(&ar)
*/
if nil != err { if nil != err {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"bad json in request body\"} }") fmt.Fprintf(resp, "{ \"error\": { \"message\": \"bad json in request body\"} }")
return return
} }
email := strings.TrimSpace(ar.Email) email := strings.TrimSpace(ar.Subject)
emailParts := strings.Split(email, "@") emailParts := strings.Split(email, "@")
// TODO better pre-mailer validation (whitelist characters or use lib)
if 2 != len(emailParts) { if 2 != len(emailParts) {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"bad email address '"+email+"'\"} }") fmt.Fprintf(resp, "{ \"error\": { \"message\": \"bad email address '"+email+"'\"} }")
return return
} }
ar.Subject = email
var code string var otp string
if "" != config.Mailer.ApiKey { if "" != config.Mailer.ApiKey {
code, err = sendAuthCode(config.Mailer, email) otp, err = sendAuthCode(config.Mailer, ar.Subject)
if nil != err { if nil != err {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"error sending auth code via mailgun\" } }") fmt.Fprintf(resp, "{ \"error\": { \"message\": \"error sending auth code via mailgun\" } }")
return return
} }
} }
if "" == code { if "" == otp {
code, err = genAuthCode() otp, err = genAuthCode()
if nil != err { if nil != err {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"error generating random number (code)\"} }") fmt.Fprintf(resp, "{ \"error\": { \"message\": \"error generating random number (code)\"} }")
return return
} }
} }
ar.Otp = otp
fmt.Fprintf(os.Stdout, "\n== AUTHORIZATION ==\n[cheat code for %s]: %s\n", ar.Email, ar.Code) // Cheat code in case you didn't set up mailgun keys
fmt.Fprintf(os.Stdout, "\n== HTTP AUTHORIZATION ==\n[cheat code for %s]: %s\n", ar.Subject, ar.Otp)
cid, _ := genAuthCode() cid, _ := genAuthCode()
if "" == cid { if "" == cid {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"error generating random number (cid)\"} }") fmt.Fprintf(resp, "{ \"error\": { \"message\": \"error generating random number (cid)\"} }")
} }
ar.Cid = cid ar.Cid = cid
ar.DidAuth = false
ar.Email = email
ar.Code = code
newAuthReqs <- ar newAuthReqs <- ar
// Not sure why this works... technically there needs to be some sort of "end"
// maybe it just figures that if I've returned
fmt.Fprintf(resp, "{ \"success\": true, \"cid\": \""+ar.Cid+"\" }") fmt.Fprintf(resp, "{ \"success\": true, \"cid\": \""+ar.Cid+"\" }")
} }
@ -581,6 +582,11 @@ func issueToken(req *restful.Request, resp *restful.Response) {
av := <-ar.Chan av := <-ar.Chan
close(ar.Chan) close(ar.Chan)
ar.Chan = nil ar.Chan = nil
// TODO use a pointer instead?
if "" == av.Otp {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"invalid request: empty authorization challenge\"} }")
return
}
av.Tries += 1 av.Tries += 1
av.ChallengedAt = time.Now() av.ChallengedAt = time.Now()
@ -590,13 +596,13 @@ func issueToken(req *restful.Request, resp *restful.Response) {
// * CreatedAt is not more than 15 minutes old // * CreatedAt is not more than 15 minutes old
// Probably also need to make sure than not more than n emails are sent per y minutes // Probably also need to make sure than not more than n emails are sent per y minutes
// Not that this would even matter with the above, just a habit // Not that this would even matter if the above were implemented, just a habit
if 1 != subtle.ConstantTimeCompare([]byte(av.Code), []byte(ar.Code)) { if 1 != subtle.ConstantTimeCompare([]byte(av.Otp), []byte(ar.Otp)) {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"invalid authorization code\"} }") fmt.Fprintf(resp, "{ \"error\": { \"message\": \"invalid authorization code\"} }")
// I'm not sure if this is necessary, but I think it is // I'm not sure if this is necessary, but I think it is
// to overwrite the original with the updated // to overwrite the original with the updated
// (these are copies, not pointers, IIRC) // (these are copies, not pointers, IIRC)
// of course, should use a DB anyway... // and it seems like this is how I might write to a DB anyway
newAuthReqs <- av newAuthReqs <- av
return return
} }
@ -604,19 +610,85 @@ func issueToken(req *restful.Request, resp *restful.Response) {
ar.VerifiedAt = time.Now() ar.VerifiedAt = time.Now()
newAuthReqs <- av newAuthReqs <- av
// TODO I would use a JWT, but I need to wrap up this project
fmt.Fprintf(resp, "{ \"success\": true, \"token\": \""+ar.Cid+"\" }") fmt.Fprintf(resp, "{ \"success\": true, \"token\": \""+ar.Cid+"\" }")
} }
func requireToken(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) { func requireToken(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) {
//req.SetAttribute("go", "there") ar := authReq{}
//req.Attribute("go") // "there"
auth := req.HeaderParameter("Authorization")
if "" == auth {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"missing Authorization header\"} }")
return
}
authParts := strings.Split(auth, " ")
if "bearer" != strings.ToLower(authParts[0]) || "" == authParts[1] {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"expected 'Authorization: Bearer <Token>'\"} }")
return
}
ar.Cid = authParts[1]
ar.Chan = make(chan authReq)
valAuthReqs <- ar
av := <-ar.Chan
close(ar.Chan)
ar.Chan = nil
// TODO use a pointer instead?
if "" == av.Cid {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"invalid token: no session found\"} }")
return
}
// I prefer testing for "if not good" to "if bad"
// (much safer in the dynamic world I come from)
if true != av.DidAuth {
fmt.Fprintf(resp, "{ \"error\": { \"message\": \"bad session'\"} }")
return
}
req.SetAttribute("user", av.Subject)
chain.ProcessFilter(req, resp) chain.ProcessFilter(req, resp)
} }
func listMsgs(req *restful.Request, resp *restful.Response) { func listMsgs(req *restful.Request, resp *restful.Response) {
fmt.Fprintf(resp, "{ \"error\": { \"code\": \"E_NO_IMPL\", \"message\": \"invalid authorization code\"} }") // TODO support ?since=<ISO_TS>
// Also, data race? the list could be added to while this is iterating?
// For now we'll just let the client sort the list
resp.WriteEntity(&JsonMsg{
Messages: msgHistory,
})
} }
func postMsg(req *restful.Request, resp *restful.Response) { func postMsg(req *restful.Request, resp *restful.Response) {
fmt.Fprintf(resp, "{ \"error\": { \"code\": \"E_NO_IMPL\", \"message\": \"invalid authorization code\"} }") user, ok := req.Attribute("user").(string)
if !ok {
fmt.Fprintf(resp, "{ \"error\": { \"code\": \"E_SANITY\", \"message\": \"SANITY FAIL user was not set, nor session error sent\"} }")
return
}
if "" == user {
fmt.Fprintf(resp, "{ \"error\": { \"code\": \"E_SESSION\", \"message\": \"invalid session\"} }")
return
}
msg := myMsg{}
err := req.ReadEntity(&msg)
if nil != err {
fmt.Fprintf(resp, "{ \"error\": { \"code\": \"E_FORMAT\", \"message\": \"invalid json POST\"} }")
return
}
msg.sender = nil
msg.ReceivedAt = time.Now()
msg.User = user
if "" == msg.Channel {
msg.Channel = "general"
}
if "" == msg.Message {
fmt.Fprintf(resp, "{ \"error\": { \"code\": \"E_FORMAT\", \"message\": \"please specify a 'message'\"} }")
return
}
broadcastMsg <- msg
fmt.Fprintf(resp, "{ \"success\": true }")
} }
func main() { func main() {
@ -640,24 +712,35 @@ func main() {
config.RootPath = "./public" config.RootPath = "./public"
} }
myRawConns := make(map[bufferedConn]bool) // The magical sorting hat
myAuthReqs := make(map[string]authReq)
firstMsgs = make(chan myMsg, 128)
//myRooms = make(map[string](chan myMsg))
newConns = make(chan net.Conn, 128) newConns = make(chan net.Conn, 128)
// TCP & Authentication
myRawConns := make(map[bufferedConn]bool)
newTcpChat = make(chan bufferedConn, 128)
authTcpChat = make(chan tcpUser, 128) authTcpChat = make(chan tcpUser, 128)
// HTTP & Authentication
myAuthReqs := make(map[string]authReq)
newAuthReqs = make(chan authReq, 128) newAuthReqs = make(chan authReq, 128)
valAuthReqs = make(chan authReq, 128) valAuthReqs = make(chan authReq, 128)
delAuthReqs = make(chan authReq, 128) delAuthReqs = make(chan authReq, 128)
newTcpChat = make(chan bufferedConn, 128)
newHttpChat = make(chan bufferedConn, 128) newHttpChat = make(chan bufferedConn, 128)
newHttpClient = make(chan bufferedConn, 128) newHttpClient = make(chan bufferedConn, 128)
//myUnsortedConns = make(map[net.Conn]bool)
// TODO dynamically select on channels? // cruft to delete
// https://stackoverflow.com/questions/19992334/how-to-listen-to-n-channels-dynamic-select-statement //myRooms = make(map[string](chan myMsg))
//firstMsgs = make(chan myMsg, 128)
//myRooms["general"] = make(chan myMsg, 128) //myRooms["general"] = make(chan myMsg, 128)
myMsgs = make(chan myMsg, 128) // Note: I had considered dynamically select on channels for rooms.
// https://stackoverflow.com/questions/19992334/how-to-listen-to-n-channels-dynamic-select-statement
// I don't think that's actually the best approach, but I just wanted to save the link
broadcastMsg = make(chan myMsg, 128)
// Poor-Man's container/ring (circular buffer)
msgHistory = make([]myMsg, 128)
msgIndex := 0
var addr string var addr string
if 0 != int(*port) { if 0 != int(*port) {
@ -730,20 +813,26 @@ func main() {
myRawConns[u.bufConn] = true myRawConns[u.bufConn] = true
// is chan chan the right way to handle this? // is chan chan the right way to handle this?
u.userCount <- len(myRawConns) u.userCount <- len(myRawConns)
myMsgs <- myMsg{ broadcastMsg <- myMsg{
sender: nil, sender: nil,
// TODO fmt.Fprintf()? template? // TODO fmt.Fprintf()? template?
bytes: []byte("<" + u.email + "> joined #general\n"), Message: "<" + u.email + "> joined #general\n",
receivedAt: time.Now(), ReceivedAt: time.Now(),
channel: "general", Channel: "general",
email: "system", User: "system",
} }
case ar := <-newAuthReqs: case ar := <-newAuthReqs:
myAuthReqs[ar.Cid] = ar myAuthReqs[ar.Cid] = ar
case av := <-valAuthReqs: case ar := <-valAuthReqs:
// TODO In this case it's probably more conventional (and efficient) to // TODO In this case it's probably more conventional (and efficient) to
// use struct with a mutex and the authReqs map than a chan chan // use struct with a mutex and the authReqs map than a chan chan
av.Chan <- myAuthReqs[av.Cid] av, ok := myAuthReqs[ar.Cid]
//ar.Chan <- nil // TODO
if ok {
ar.Chan <- av
} else {
ar.Chan <- authReq{}
}
case ar := <-delAuthReqs: case ar := <-delAuthReqs:
delete(myAuthReqs, ar.Cid) delete(myAuthReqs, ar.Cid)
case bufConn := <-newTcpChat: case bufConn := <-newTcpChat:
@ -758,9 +847,15 @@ func main() {
//delete(myRooms["general"], bufConn) //delete(myRooms["general"], bufConn)
case bufConn := <-newHttpClient: case bufConn := <-newHttpClient:
// this will be Accept()ed immediately by restful // this will be Accept()ed immediately by restful
// NOTE: we don't store these HTTP connections for broadcast
// as we manage the session by HTTP Auth Bearer rather than TCP
myHttpServer.chans <- bufConn myHttpServer.chans <- bufConn
case msg := <-myMsgs: case msg := <-broadcastMsg:
t := msg.receivedAt msgHistory[msgIndex] = msg
msgIndex += 1
msgIndex %= len(msgHistory)
t := msg.ReceivedAt
tf := "%d-%02d-%02d %02d:%02d:%02d (%s)" tf := "%d-%02d-%02d %02d:%02d:%02d (%s)"
var sender string var sender string
if nil != msg.sender { if nil != msg.sender {
@ -768,16 +863,18 @@ func main() {
} else { } else {
sender = "system" sender = "system"
} }
// Tangential thought:
// I wonder if we could use IP detection to get the client's tz // I wonder if we could use IP detection to get the client's tz
// ... could probably make time for this in the authentication loop // ... could probably make time for this in the authentication loop
zone, _ := msg.receivedAt.Zone() zone, _ := msg.ReceivedAt.Zone()
//ts, err := msg.receivedAt.MarshalJSON() // TODO put logging here
//ts, err := msg.ReceivedAt.MarshalJSON()
fmt.Fprintf(os.Stdout, tf+" [%s] (%s):\n\t%s", fmt.Fprintf(os.Stdout, tf+" [%s] (%s):\n\t%s",
t.Year(), t.Month(), t.Day(), t.Year(), t.Month(), t.Day(),
t.Hour(), t.Minute(), t.Second(), zone, t.Hour(), t.Minute(), t.Second(), zone,
sender, sender,
msg.email, msg.bytes) msg.User, msg.Message)
for conn, _ := range myRawConns { for conn, _ := range myRawConns {
// Don't echo back to the original client // Don't echo back to the original client
@ -796,21 +893,23 @@ func main() {
_, err := fmt.Fprintf(conn, tf+" [%s]: %s", _, err := fmt.Fprintf(conn, tf+" [%s]: %s",
t.Year(), t.Month(), t.Day(), t.Year(), t.Month(), t.Day(),
t.Hour(), t.Minute(), t.Second(), zone, t.Hour(), t.Minute(), t.Second(), zone,
msg.email, msg.bytes) msg.User, msg.Message)
if nil != err { if nil != err {
delTcpChat <- conn delTcpChat <- conn
} }
}(conn) }(conn)
} }
case msg := <-firstMsgs: /*
fmt.Fprintf(os.Stdout, "f [First Message]\n") case msg := <-firstMsgs:
ts, err := msg.receivedAt.MarshalJSON() fmt.Fprintf(os.Stdout, "f [First Message]\n")
if nil != err { ts, err := msg.ReceivedAt.MarshalJSON()
fmt.Fprintf(os.Stderr, "f [Error] %s\n", err) if nil != err {
} fmt.Fprintf(os.Stderr, "f [Error] %s\n", err)
fmt.Fprintf(os.Stdout, "f [Timestamp] %s\n", ts) }
fmt.Fprintf(os.Stdout, "f [Remote] %s\n", msg.sender.RemoteAddr().String()) fmt.Fprintf(os.Stdout, "f [Timestamp] %s\n", ts)
fmt.Fprintf(os.Stdout, "f [Message] %s\n", msg.bytes) fmt.Fprintf(os.Stdout, "f [Remote] %s\n", msg.sender.RemoteAddr().String())
fmt.Fprintf(os.Stdout, "f [Message] %s\n", msg.Message)
*/
} }
} }
} }

12
public/index.html

@ -3,23 +3,23 @@
<head><title>Sample Chat</title></head> <head><title>Sample Chat</title></head>
<body> <body>
<pre><code># Ask for an auth code (swap sub) <pre><code># Ask for an auth code (swap sub)
curl -X POST https://localhost:4080/api/session \ curl -X POST http://localhost:4080/api/sessions \
-H 'Content-Type: application/json; charset=utf-8' \ -H 'Content-Type: application/json; charset=utf-8' \
-d '{"sub":"jon@example.com"}' -d '{"sub":"jon@example.com"}'
# Validate auth code (swap session id, sub, and otp) # Validate auth code (swap session id, sub, and otp)
curl -X POST https://localhost:4080/api/session/xyz \ curl -X POST http://localhost:4080/api/sessions/xyz \
-H 'Content-Type: application/json; charset=utf-8' \ -H 'Content-Type: application/json; charset=utf-8' \
-d '{"sub":"jon@example.com","otp":"secret123"}' -d '{"otp":"secret123"}'
# Post a message (swap api-token) # Post a message (swap api-token)
curl -X POST https://localhost:4080/api/rooms/general \ curl -X POST http://localhost:4080/api/rooms/general \
-H 'Authorization: Bearer api-token' \ -H 'Authorization: Bearer api-token' \
-H 'Content-Type: application/json; charset=utf-8' \ -H 'Content-Type: application/json; charset=utf-8' \
-d '{"msg":"hello"}' -d '{"message":"hello"}'
# Get a room's messages (swap api-token, since unix-epoch) # Get a room's messages (swap api-token, since unix-epoch)
curl https://localhost:4080/api/rooms/general?since=0 \ curl http://localhost:4080/api/rooms/general?since=0 \
-H 'Authorization: Bearer api-token' -H 'Authorization: Bearer api-token'
</code></pre> </code></pre>
</body> </body>

Loading…
Cancel
Save