Merge pull request #52 from offen/clean-routes

Replace manual routing with gorilla/mux, increase test coverage in router package

shared/http/errors.go

@@ -16,6 +16,8 @@ func jsonError(err error, status int) []byte {
 	return b
 }
 
+// RespondWithJSONError writes the given error to the given response writer
+// while wrapping it into a JSON payload.
 func RespondWithJSONError(w http.ResponseWriter, err error, status int) {
 	w.WriteHeader(status)
 	w.Write(jsonError(err, status))

shared/http/middleware.go

@@ -1,8 +1,15 @@
 package http
 
-import "net/http"
+import (
+	"context"
+	"errors"
+	"net/http"
+)
 
-func CorsMiddleware(next http.Handler, origin string) http.Handler {
+// CorsMiddleware ensures the wrapped handler will respond with proper CORS
+// headers using the given origin.
+func CorsMiddleware(origin string) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.Header().Set("Access-Control-Allow-Credentials", "true")
 			w.Header().Set("Access-Control-Allow-Methods", "POST,GET")
@@ -10,20 +17,48 @@ func CorsMiddleware(next http.Handler, origin string) http.Handler {
 			next.ServeHTTP(w, r)
 		})
 	}
+}
 
-func ContentTypeMiddleware(next http.Handler, contentType string) http.Handler {
+// ContentTypeMiddleware ensuresthe wrapped handler will respond with a
+// content type header of the given value.
+func ContentTypeMiddleware(contentType string) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.Header().Add("Content-Type", contentType)
 			next.ServeHTTP(w, r)
 		})
 	}
+}
 
-func OptoutMiddleware(next http.Handler) http.Handler {
+// OptoutMiddleware drops all requests to the given handler that are sent with
+// a cookie of the given name,
+func OptoutMiddleware(cookieName string) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if _, err := r.Cookie("optout"); err == nil {
+			if _, err := r.Cookie(cookieName); err == nil {
 				w.WriteHeader(http.StatusNoContent)
 				return
 			}
 			next.ServeHTTP(w, r)
 		})
 	}
+}
+
+// UserCookieMiddleware ensures a cookie of the given name is present and
+// attaches its value to the request's context using the given key, before
+// passing it on to the wrapped handler.
+func UserCookieMiddleware(cookieKey string, contextKey interface{}) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			c, err := r.Cookie(cookieKey)
+			if err != nil {
+				RespondWithJSONError(w, errors.New("received no or blank user identifier"), http.StatusBadRequest)
+				return
+			}
+			r = r.WithContext(
+				context.WithValue(r.Context(), contextKey, c.Value),
+			)
+			next.ServeHTTP(w, r)
+		})
+	}
+}

shared/http/middleware_test.go

@@ -1,16 +1,18 @@
 package http
 
 import (
+	"fmt"
 	"net/http"
 	"net/http/httptest"
+	"strings"
 	"testing"
 )
 
 func TestCorsMiddleware(t *testing.T) {
 	t.Run("default", func(t *testing.T) {
-		wrapped := CorsMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		wrapped := CorsMiddleware("https://www.example.net")(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.Write([]byte("OK"))
-		}), "https://www.example.net")
+		}))
 		w := httptest.NewRecorder()
 		r := httptest.NewRequest(http.MethodGet, "/", nil)
 		wrapped.ServeHTTP(w, r)
@@ -22,9 +24,9 @@ func TestCorsMiddleware(t *testing.T) {
 
 func TestContentTypeMiddleware(t *testing.T) {
 	t.Run("default", func(t *testing.T) {
-		wrapped := ContentTypeMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		wrapped := ContentTypeMiddleware("application/json")(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.Write([]byte("OK"))
-		}), "application/json")
+		}))
 		w := httptest.NewRecorder()
 		r := httptest.NewRequest(http.MethodGet, "/", nil)
 		wrapped.ServeHTTP(w, r)
@@ -35,7 +37,7 @@ func TestContentTypeMiddleware(t *testing.T) {
 }
 
 func TestOptoutMiddleware(t *testing.T) {
-	wrapped := OptoutMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+	wrapped := OptoutMiddleware("optout")(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte("hey there"))
 	}))
 	t.Run("with header", func(t *testing.T) {
@@ -68,3 +70,53 @@ func TestOptoutMiddleware(t *testing.T) {
 		}
 	})
 }
+
+func TestUserCookieMiddleware(t *testing.T) {
+	wrapped := UserCookieMiddleware("user", 1)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		value := r.Context().Value(1)
+		fmt.Fprintf(w, "value is %v", value)
+	}))
+	t.Run("no cookie", func(t *testing.T) {
+		w := httptest.NewRecorder()
+		r := httptest.NewRequest(http.MethodGet, "/", nil)
+		wrapped.ServeHTTP(w, r)
+		if w.Code != http.StatusBadRequest {
+			t.Errorf("Unexpected status code %v", w.Code)
+		}
+		if !strings.Contains(w.Body.String(), "received no or blank user identifier") {
+			t.Errorf("Unexpected body %s", w.Body.String())
+		}
+	})
+
+	t.Run("no value", func(t *testing.T) {
+		w := httptest.NewRecorder()
+		r := httptest.NewRequest(http.MethodGet, "/", nil)
+		wrapped.ServeHTTP(w, r)
+		r.AddCookie(&http.Cookie{
+			Name:  "user",
+			Value: "",
+		})
+		if w.Code != http.StatusBadRequest {
+			t.Errorf("Unexpected status code %v", w.Code)
+		}
+		if !strings.Contains(w.Body.String(), "received no or blank user identifier") {
+			t.Errorf("Unexpected body %s", w.Body.String())
+		}
+	})
+
+	t.Run("ok", func(t *testing.T) {
+		w := httptest.NewRecorder()
+		r := httptest.NewRequest(http.MethodGet, "/", nil)
+		r.AddCookie(&http.Cookie{
+			Name:  "user",
+			Value: "token",
+		})
+		wrapped.ServeHTTP(w, r)
+		if w.Code != http.StatusOK {
+			t.Errorf("Unexpected status code %v", w.Code)
+		}
+		if w.Body.String() != "value is token" {
+			t.Errorf("Unexpected body %s", w.Body.String())
+		}
+	})
+}