code refactoring

views/addViews.go

@@ -22,7 +22,10 @@ import (
 
 // UploadedFileHandler is used to handle the uploaded file related requests
 func UploadedFileHandler(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
 	token := r.URL.Path[len("/files/"):]
 
 	//file, err := db.GetFileName(token)
@@ -30,12 +33,15 @@ func UploadedFileHandler(w http.ResponseWriter, r *http.Request) {
 	log.Println("serving file ./files/" + token)
 	http.ServeFile(w, r, "./files/"+token)
 	//}
-	}
 }
 
 //AddTaskFunc is used to handle the addition of new task, "/add" URL
 func AddTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" { // Will work only for POST requests, will redirect to home
+	if r.Method != "POST" { // Will work only for POST requests, will redirect to home
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	var filelink string // will store the html when we have files to be uploaded, appened to the note content
 	r.ParseForm()
 	file, handler, err := r.FormFile("uploadfile")
@@ -126,12 +132,15 @@ func AddTaskFunc(w http.ResponseWriter, r *http.Request) {
 		http.Redirect(w, r, "/", http.StatusInternalServerError)
 	}
 
-	}
-
 }
 
 //AddCategoryFunc used to add new categories to the database
 func AddCategoryFunc(w http.ResponseWriter, r *http.Request) {
+	if r.Method != "POST" { // We respond only to POST requests, redirect to home for others
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	r.ParseForm()
 	category := r.Form.Get("category")
 	if strings.Trim(category, " ") != "" {
@@ -160,7 +169,7 @@ func EditTaskFunc(w http.ResponseWriter, r *http.Request) {
 		log.Println(err)
 		http.Redirect(w, r, "/", http.StatusBadRequest)
 		return
-	} else {
+	}
 	redirectURL := utils.GetRedirectUrl(r.Referer())
 	username := sessions.GetCurrentUserName(r)
 	task, err := db.GetTaskByID(username, id)
@@ -172,7 +181,7 @@ func EditTaskFunc(w http.ResponseWriter, r *http.Request) {
 		task.Message = "Error fetching Tasks"
 	}
 	editTemplate.Execute(w, task)
-	}
+
 }
 
 //AddCommentFunc will be used

views/deleteViews.go

@@ -19,7 +19,12 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 	//for best UX we want the user to be returned to the page making
 	//the delete transaction, we use the r.Referer() function to get the link
 	redirectURL := utils.GetRedirectUrl(r.Referer())
-	if r.Method == "GET" {
+
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	id, err := strconv.Atoi(r.URL.Path[len("/trash/"):])
 	if err != nil {
 		log.Println("TrashTaskFunc", err)
@@ -34,13 +39,17 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 			message = "Task trashed"
 		}
 		http.Redirect(w, r, redirectURL, http.StatusFound)
-		}
+
 	}
 }
 
 //RestoreTaskFunc is used to restore task from trash, handles "/restore/" URL
 func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	id, err := strconv.Atoi(r.URL.Path[len("/restore/"):])
 	if err != nil {
 		log.Println(err)
@@ -55,13 +64,17 @@ func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) {
 		}
 		http.Redirect(w, r, "/deleted/", http.StatusFound)
 	}
-	}
+
 }
 
 //DeleteTaskFunc is used to delete a task, trash = move to recycle bin, delete = permanent delete
 func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 	username := sessions.GetCurrentUserName(r)
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	id := r.URL.Path[len("/delete/"):]
 	if id == "all" {
 		err := db.DeleteAll(username)
@@ -85,12 +98,16 @@ func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 			http.Redirect(w, r, "/deleted", http.StatusFound)
 		}
 	}
-	}
+
 }
 
 //RestoreFromCompleteFunc restores the task from complete to pending
 func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	id, err := strconv.Atoi(r.URL.Path[len("/incomplete/"):])
 	if err != nil {
 		log.Println(err)
@@ -105,12 +122,16 @@ func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) {
 		}
 		http.Redirect(w, r, "/completed", http.StatusFound)
 	}
-	}
+
 }
 
 //DeleteCategoryFunc will delete any category
 func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	categoryName := r.URL.Path[len("/del-category/"):]
 	username := sessions.GetCurrentUserName(r)
 	err := db.DeleteCategoryByName(username, categoryName)
@@ -121,12 +142,16 @@ func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) {
 	}
 
 	http.Redirect(w, r, "/", http.StatusFound)
-	}
+
 }
 
 //DeleteCommentFunc will delete any category
 func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	id := r.URL.Path[len("/del-comment/"):]
 	commentID, err := strconv.Atoi(id)
 	if err != nil {
@@ -144,5 +169,4 @@ func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) {
 	}
 
 	http.Redirect(w, r, "/", http.StatusFound)
-	}
 }

views/otherViews.go

@@ -56,7 +56,11 @@ func PopulateTemplates() {
 
 //CompleteTaskFunc is used to show the complete tasks, handles "/completed/" url
 func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" {
+	if r.Method != "GET" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	redirectURL := utils.GetRedirectUrl(r.Referer())
 	id, err := strconv.Atoi(r.URL.Path[len("/complete/"):])
 	if err != nil {
@@ -71,12 +75,15 @@ func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 		}
 		http.Redirect(w, r, redirectURL, http.StatusFound)
 	}
-	}
+
 }
 
 //SearchTaskFunc is used to handle the /search/ url, handles the search function
 func SearchTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" {
+	if r.Method != "POST" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
 	r.ParseForm()
 	query := r.Form.Get("query")
 
@@ -90,12 +97,16 @@ func SearchTaskFunc(w http.ResponseWriter, r *http.Request) {
 	context.Categories = categories
 
 	searchTemplate.Execute(w, context)
-	}
+
 }
 
 //UpdateTaskFunc is used to update a task, handes "/update/" URL
 func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" {
+	if r.Method != "POST" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
+
 	r.ParseForm()
 	id, err := strconv.Atoi(r.Form.Get("id"))
 	if err != nil {
@@ -126,12 +137,14 @@ func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) {
 		log.Println(message)
 	}
 	http.Redirect(w, r, "/", http.StatusFound)
-	}
 }
 
 //UpdateCategoryFunc is used to update a task, handes "/upd-category/" URL
 func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" {
+	if r.Method != "POST" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
 	var redirectURL string
 	r.ParseForm()
 	oldName := r.URL.Path[len("/upd-category/"):]
@@ -148,12 +161,15 @@ func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) {
 	}
 	log.Println("redirecting to " + redirectURL)
 	http.Redirect(w, r, redirectURL, http.StatusFound)
-	}
+
 }
 
 //SignUpFunc will enable new users to sign up to our service
 func SignUpFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" {
+	if r.Method != "POST" {
+		http.Redirect(w, r, "/", http.StatusBadRequest)
+		return
+	}
 	r.ParseForm()
 
 	username := r.Form.Get("username")
@@ -168,5 +184,4 @@ func SignUpFunc(w http.ResponseWriter, r *http.Request) {
 	} else {
 		http.Redirect(w, r, "/login/", 302)
 	}
-	}
 }

views/sessionViews.go

@@ -60,5 +60,7 @@ func LoginFunc(w http.ResponseWriter, r *http.Request) {
 		}
 		log.Print("Invalid user " + username)
 		loginTemplate.Execute(w, nil)
+	default:
+		http.Redirect(w, r, "/login/", http.StatusUnauthorized)
 	}
 }