package handlers import ( "context" "encoding/json" "io" "log/slog" "net/http" "regexp" "github.com/andyleap/hnh-map/internal/app" "github.com/andyleap/hnh-map/internal/app/services" ) // maxClientBodySize is the maximum size for position and marker update request bodies. const maxClientBodySize = 2 * 1024 * 1024 // 2 MB var clientPath = regexp.MustCompile(`client/([^/]+)/(.*)`) // ClientRouter handles /client/* requests with token-based auth. func (h *Handlers) ClientRouter(rw http.ResponseWriter, req *http.Request) { matches := clientPath.FindStringSubmatch(req.URL.Path) if matches == nil { JSONError(rw, http.StatusBadRequest, "Client token not found", "BAD_REQUEST") return } ctx := req.Context() username, err := h.Auth.ValidateClientToken(ctx, matches[1]) if err != nil { HandleServiceError(rw, err) return } ctx = context.WithValue(ctx, app.ClientUsernameKey, username) req = req.WithContext(ctx) switch matches[2] { case "locate": h.clientLocate(rw, req) case "gridUpdate": h.clientGridUpdate(rw, req) case "gridUpload": h.clientGridUpload(rw, req) case "positionUpdate": h.clientPositionUpdate(rw, req) case "markerUpdate": h.clientMarkerUpdate(rw, req) case "": http.Redirect(rw, req, "/", http.StatusFound) case "checkVersion": if req.FormValue("version") == app.ClientVersion { rw.WriteHeader(http.StatusOK) } else { JSONError(rw, http.StatusBadRequest, "version mismatch", "BAD_REQUEST") } default: JSONError(rw, http.StatusNotFound, "not found", "NOT_FOUND") } } func (h *Handlers) clientLocate(rw http.ResponseWriter, req *http.Request) { gridID := req.FormValue("gridID") result, err := h.Client.Locate(req.Context(), gridID) if err != nil { HandleServiceError(rw, err) return } rw.Header().Set("Content-Type", "text/plain") rw.WriteHeader(http.StatusOK) _, _ = rw.Write([]byte(result)) } func (h *Handlers) clientGridUpdate(rw http.ResponseWriter, req *http.Request) { defer req.Body.Close() var grup services.GridUpdate if err := json.NewDecoder(req.Body).Decode(&grup); err != nil { slog.Error("error decoding grid request", "error", err) JSONError(rw, http.StatusBadRequest, "error decoding request", "BAD_REQUEST") return } result, err := h.Client.ProcessGridUpdate(req.Context(), grup) if err != nil { slog.Error("grid update failed", "error", err) HandleServiceError(rw, err) return } rw.Header().Set("Content-Type", "application/json") rw.WriteHeader(http.StatusOK) _ = json.NewEncoder(rw).Encode(result.Response) } func (h *Handlers) clientGridUpload(rw http.ResponseWriter, req *http.Request) { ct := req.Header.Get("Content-Type") if fixed := services.FixMultipartContentType(ct); fixed != ct { req.Header.Set("Content-Type", fixed) } if err := req.ParseMultipartForm(app.MultipartMaxMemory); err != nil { slog.Error("multipart parse error", "error", err) JSONError(rw, http.StatusBadRequest, "invalid multipart", "BAD_REQUEST") return } id := req.FormValue("id") extraData := req.FormValue("extraData") file, _, err := req.FormFile("file") if err != nil { slog.Error("form file error", "error", err) JSONError(rw, http.StatusBadRequest, "missing file", "BAD_REQUEST") return } defer file.Close() if err := h.Client.ProcessGridUpload(req.Context(), id, extraData, file); err != nil { slog.Error("grid upload failed", "error", err) HandleServiceError(rw, err) } } func (h *Handlers) clientPositionUpdate(rw http.ResponseWriter, req *http.Request) { defer req.Body.Close() buf, err := io.ReadAll(io.LimitReader(req.Body, maxClientBodySize+1)) if err != nil { slog.Error("error reading position update", "error", err) JSONError(rw, http.StatusBadRequest, "failed to read body", "BAD_REQUEST") return } if len(buf) > maxClientBodySize { JSONError(rw, http.StatusRequestEntityTooLarge, "request body too large", "PAYLOAD_TOO_LARGE") return } if err := h.Client.UpdatePositions(req.Context(), buf); err != nil { slog.Error("position update failed", "error", err) HandleServiceError(rw, err) } } func (h *Handlers) clientMarkerUpdate(rw http.ResponseWriter, req *http.Request) { defer req.Body.Close() buf, err := io.ReadAll(io.LimitReader(req.Body, maxClientBodySize+1)) if err != nil { slog.Error("error reading marker update", "error", err) JSONError(rw, http.StatusBadRequest, "failed to read body", "BAD_REQUEST") return } if len(buf) > maxClientBodySize { JSONError(rw, http.StatusRequestEntityTooLarge, "request body too large", "PAYLOAD_TOO_LARGE") return } if err := h.Client.UploadMarkers(req.Context(), buf); err != nil { slog.Error("marker update failed", "error", err) HandleServiceError(rw, err) } }