Initial commit

1 year ago · f5e12d2cae
commit f5e12d2cae
2 changed files with 115 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,35 @@
+# API to check for Maths students
+
+## Server Prerequisites
+
+- Having `go` installed
+- An environment variable `AUTHPDS_TOKEN` containing the authentication token for the external API.
+- An environment variable named `SECRET` containing the secret token for authorization.
+
+## Server Setup
+
+- Clone the repository:
+  ```
+  git clone https://git.phc.dm.unipi.it/phc/go-maths-api
+  ```
+- Change directory and build the project:
+  ```
+  cd go-maths-api
+  go build
+  ```
+- Run with `./go-maths-api`
+
+## Client Usage
+
+An example request (with `SECRET` defined in your environment):
+```
+curl -X GET "http://localhost:8080/check-maths-user?SANITIZED_USER=f.minnocci" -H "Authorization: Bearer $SECRET"
+```
+
+Successful JSON response:
+
+```
+{
+    "result": true
+}
+```
--- a/main.go
+++ b/main.go
@ -0,0 +1,80 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"os"
+	"strings"
+)
+
+func main() {
+	http.HandleFunc("/check-maths-user", CheckMathsUserHandler)
+	port := ":8080"
+
+	fmt.Printf("Listening on port %s...\n", port)
+	http.ListenAndServe(port, nil)
+}
+
+func CheckMathsUserHandler(w http.ResponseWriter, r *http.Request) {
+	// Get the SANITIZED_USER from the query parameters
+	sanitizedUser := r.URL.Query().Get("SANITIZED_USER")
+
+	// Get the AUTHORIZATION header value, which should include the secret token
+	authHeader := r.Header.Get("Authorization")
+	expectedAuthHeader := "Bearer " + os.Getenv("SECRET")
+
+	// Check if the provided authorization header matches the expected secret token
+	if authHeader != expectedAuthHeader {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	// Get the AUTHPDS_TOKEN from an environment variable
+	authPdsToken := os.Getenv("AUTHPDS_TOKEN")
+
+	// Make a GET request to the external API
+	apiURL := fmt.Sprintf("https://api.unipi.it/authPds/api/Carriera/studente/uid/%s/", sanitizedUser)
+	req, err := http.NewRequest("GET", apiURL, nil)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	req.Header.Add("accept", "*/*")
+	req.Header.Add("Authorization", "Bearer "+authPdsToken)
+
+	// Execute the request
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	defer resp.Body.Close()
+
+	// Check if the response contains the desired keywords
+	body := make([]byte, 0)
+	_, err = resp.Body.Read(body)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	containsKeywords := false
+	keywords := []string{"MATEMATICA", "Mobilit", "Transizione"}
+	for _, keyword := range keywords {
+		if strings.Contains(string(body), keyword) {
+			containsKeywords = true
+			break
+		}
+	}
+
+	// Create a JSON response
+	response := map[string]bool{
+		"result": containsKeywords,
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(response)
+}