Add password validation

handler/download/download.go

@@ -0,0 +1,62 @@
+package downloadHandler
+
+import (
+	"errors"
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/middleware"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/types/models"
+	"github.com/fossyy/filekeeper/utils"
+	downloadView "github.com/fossyy/filekeeper/view/download"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	cookie, err := r.Cookie("Session")
+	if err != nil {
+		if errors.Is(err, http.ErrNoCookie) {
+			http.Redirect(w, r, "/signin", http.StatusSeeOther)
+			return
+		}
+		log.Error(err.Error())
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	storeSession, err := session.Store.Get(cookie.Value)
+	if err != nil {
+		if errors.Is(err, &session.SessionNotFound{}) {
+			storeSession.Destroy(w)
+		}
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	userSession := middleware.GetUser(storeSession)
+
+	var files []models.File
+	db.DB.Table("files").Where("owner_id = ?", userSession.UserID).Find(&files)
+	var filesData []types.FileData
+	for i := 0; i < len(files); i++ {
+		filesData = append(filesData, types.FileData{
+			ID:         files[i].ID.String(),
+			Name:       files[i].Name,
+			Size:       utils.ConvertFileSize(files[i].Size),
+			Downloaded: files[i].Downloaded,
+		})
+	}
+
+	component := downloadView.Main("Download Page", filesData)
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}

handler/download/file/file.go

@@ -0,0 +1,56 @@
+package downloadFileHandler
+
+import (
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/types/models"
+	"net/http"
+	"os"
+	"path/filepath"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	fileID := r.PathValue("id")
+
+	var file models.File
+	err := db.DB.Table("files").Where("id = ?", fileID).First(&file).Error
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+	}
+
+	uploadDir := "uploads"
+
+	currentDir, _ := os.Getwd()
+	basePath := filepath.Join(currentDir, uploadDir)
+	saveFolder := filepath.Join(basePath, file.OwnerID.String(), file.ID.String())
+
+	if filepath.Dir(saveFolder) != filepath.Join(basePath, file.OwnerID.String()) {
+		log.Error("invalid path")
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	openFile, err := os.OpenFile(filepath.Join(saveFolder, file.Name), os.O_RDONLY, 0)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+	}
+	defer openFile.Close()
+
+	stat, err := openFile.Stat()
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+	}
+
+	w.Header().Set("Content-Disposition", "attachment; filename="+stat.Name())
+	http.ServeContent(w, r, stat.Name(), stat.ModTime(), openFile)
+	return
+}

handler/error/error.go

@@ -0,0 +1,23 @@
+package errorHandler
+
+import (
+	"github.com/fossyy/filekeeper/logger"
+	errorView "github.com/fossyy/filekeeper/view/error"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func ALL(w http.ResponseWriter, r *http.Request) {
+	component := errorView.Main("Not Found")
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}

handler/forgotPassword/forgotPassword.go

@@ -0,0 +1,149 @@
+package forgotPasswordHandler
+
+import (
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/email"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/types/models"
+	"github.com/fossyy/filekeeper/utils"
+	emailView "github.com/fossyy/filekeeper/view/email"
+	forgotPasswordView "github.com/fossyy/filekeeper/view/forgotPassword"
+	"gorm.io/gorm"
+	"net/http"
+	"sync"
+	"time"
+)
+
+type ForgotPassword struct {
+	User       *models.User
+	Code       string
+	mu         sync.Mutex
+	CreateTime time.Time
+}
+
+var log *logger.AggregatedLogger
+var mailServer *email.SmtpServer
+var ListForgotPassword map[string]*ForgotPassword
+var UserForgotPassword = make(map[string]string)
+
+func init() {
+	log = logger.Logger()
+	ListForgotPassword = make(map[string]*ForgotPassword)
+	mailServer = email.NewSmtpServer("mail.fossy.my.id", 25, "test@fossy.my.id", "Test123456")
+	ticker := time.NewTicker(time.Minute)
+	go func() {
+		for {
+			<-ticker.C
+			currentTime := time.Now()
+			cacheClean := 0
+			log.Info(fmt.Sprintf("Cache cleanup initiated at %02d:%02d:%02d", currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
+
+			for _, data := range ListForgotPassword {
+				data.mu.Lock()
+				if currentTime.Sub(data.CreateTime) > time.Minute*1 {
+					delete(ListForgotPassword, data.User.Email)
+					delete(UserForgotPassword, data.Code)
+					cacheClean++
+				}
+				data.mu.Unlock()
+			}
+
+			log.Info(fmt.Sprintf("Cache cleanup completed: %d entries removed. Finished at %s", cacheClean, time.Since(currentTime)))
+		}
+	}()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := forgotPasswordView.Main("Forgot Password Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, "Error parsing form", http.StatusBadRequest)
+		log.Error(err.Error())
+		return
+	}
+
+	emailForm := r.Form.Get("email")
+
+	var user models.User
+	err = db.DB.Table("users").Where("email = ?", emailForm).First(&user).Error
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		component := forgotPasswordView.Main(fmt.Sprintf("Account with this email address %s is not found", emailForm), types.Message{
+			Code:    0,
+			Message: "",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			log.Error(err.Error())
+			return
+		}
+		return
+	}
+
+	err = verifyForgot(&user)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+
+	component := forgotPasswordView.EmailSend("Forgot Password Page")
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+	return
+}
+
+func verifyForgot(user *models.User) error {
+	var code string
+
+	var buffer bytes.Buffer
+	data, ok := ListForgotPassword[user.Email]
+
+	if !ok {
+		code = utils.GenerateRandomString(64)
+	} else {
+		code = data.Code
+	}
+
+	err := emailView.ForgotPassword(user.Username, fmt.Sprintf("https://%s/forgot-password/verify/%s", utils.Getenv("DOMAIN"), code)).Render(context.Background(), &buffer)
+	if err != nil {
+		return err
+	}
+
+	userData := &ForgotPassword{
+		User:       user,
+		Code:       code,
+		CreateTime: time.Now(),
+	}
+
+	UserForgotPassword[code] = user.Email
+	ListForgotPassword[user.Email] = userData
+
+	err = mailServer.Send(user.Email, "Password Change Request", buffer.String())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

handler/forgotPassword/verify/verify.go

@@ -0,0 +1,109 @@
+package forgotPasswordVerifyHandler
+
+import (
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/db/model/user"
+	forgotPasswordHandler "github.com/fossyy/filekeeper/handler/forgotPassword"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/utils"
+	forgotPasswordView "github.com/fossyy/filekeeper/view/forgotPassword"
+	signupView "github.com/fossyy/filekeeper/view/signup"
+
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	code := r.PathValue("code")
+
+	email := forgotPasswordHandler.UserForgotPassword[code]
+	_, ok := forgotPasswordHandler.ListForgotPassword[email]
+
+	if !ok {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	component := forgotPasswordView.NewPasswordForm("Forgot Password Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	code := r.PathValue("code")
+
+	email := forgotPasswordHandler.UserForgotPassword[code]
+	data, ok := forgotPasswordHandler.ListForgotPassword[email]
+
+	if !ok {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+
+	password := r.Form.Get("password")
+	isValid := utils.ValidatePassword(password)
+	if !isValid {
+		component := signupView.Main("Sign up Page", types.Message{
+			Code:    0,
+			Message: "Password is invalid",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			log.Error(err.Error())
+			return
+		}
+		return
+	}
+	hashedPassword, err := utils.HashPassword(password)
+
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+
+	err = db.DB.Table("users").Where("email = ?", data.User.Email).Update("password", hashedPassword).Error
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+
+	delete(forgotPasswordHandler.ListForgotPassword, data.User.Email)
+	delete(forgotPasswordHandler.UserForgotPassword, data.Code)
+
+	session.RemoveAllSession(data.User.Email)
+
+	user.DeleteCache(data.User.Email)
+
+	component := forgotPasswordView.ChangeSuccess("Forgot Password Page")
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+	return
+}

handler/index/index.go

@@ -0,0 +1,23 @@
+package indexHandler
+
+import (
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/view/index"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := indexView.Main("main page")
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}

handler/logout/logout.go

@@ -0,0 +1,44 @@
+package logoutHandler
+
+import (
+	"errors"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/utils"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	cookie, err := r.Cookie("Session")
+	if err != nil {
+		return
+	}
+
+	storeSession, err := session.Store.Get(cookie.Value)
+	if err != nil {
+		if errors.Is(err, &session.SessionNotFound{}) {
+			storeSession.Destroy(w)
+		}
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	session.Store.Delete(cookie.Value)
+	session.RemoveSession(storeSession.Values["user"].(types.User).Email, cookie.Value)
+
+	http.SetCookie(w, &http.Cookie{
+		Name:   utils.Getenv("SESSION_NAME"),
+		Value:  "",
+		MaxAge: -1,
+	})
+
+	http.Redirect(w, r, "/signin", http.StatusSeeOther)
+	return
+}

handler/misc/misc.go

@@ -0,0 +1,25 @@
+package miscHandler
+
+import (
+	"net/http"
+)
+
+func Robot(w http.ResponseWriter, r *http.Request) {
+	http.Redirect(w, r, "/public/robots.txt", http.StatusSeeOther)
+}
+
+func Favicon(w http.ResponseWriter, r *http.Request) {
+	//currentDir, _ := os.Getwd()
+	//fmt.Println(currentDir)
+	//logo := "../../../favicon.ico"
+	//basePath := filepath.Join(currentDir, "public")
+	//logoPath := filepath.Join(basePath, logo)
+	//fmt.Println(filepath.Dir(logoPath))
+	//if filepath.Dir(logoPath) != basePath {
+	//	log.Print("invalid logo path", logoPath)
+	//	w.WriteHeader(500)
+	//	return
+	//}
+	//http.ServeContent()
+	http.Redirect(w, r, "/public/favicon.ico", http.StatusSeeOther)
+}

handler/signin/signin.go

@@ -0,0 +1,92 @@
+package signinHandler
+
+import (
+	"errors"
+	"github.com/fossyy/filekeeper/db/model/user"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/utils"
+	signinView "github.com/fossyy/filekeeper/view/signin"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := signinView.Main("Sign in Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, "Error parsing form", http.StatusBadRequest)
+		log.Error(err.Error())
+		return
+	}
+	email := r.Form.Get("email")
+	password := r.Form.Get("password")
+	userData, err := user.Get(email)
+	if err != nil {
+		component := signinView.Main("Sign in Page", types.Message{
+			Code:    0,
+			Message: "Incorrect Username or Password",
+		})
+		log.Error(err.Error())
+		err = component.Render(r.Context(), w)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			log.Error(err.Error())
+			return
+		}
+		return
+	}
+
+	if email == userData.Email && utils.CheckPasswordHash(password, userData.Password) {
+		storeSession := session.Store.Create()
+		storeSession.Values["user"] = types.User{
+			UserID:        userData.UserID,
+			Email:         email,
+			Username:      userData.Username,
+			Authenticated: true,
+		}
+
+		storeSession.Save(w)
+		session.AppendSession(email, storeSession)
+
+		cookie, err := r.Cookie("redirect")
+		if errors.Is(err, http.ErrNoCookie) {
+			http.Redirect(w, r, "/", http.StatusSeeOther)
+			return
+		}
+		http.SetCookie(w, &http.Cookie{
+			Name:   "redirect",
+			MaxAge: -1,
+		})
+		http.Redirect(w, r, cookie.Value, http.StatusSeeOther)
+		return
+	}
+	component := signinView.Main("Sign in Page", types.Message{
+		Code:    0,
+		Message: "Incorrect Username or Password",
+	})
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}

handler/signup/signup.go

@@ -0,0 +1,179 @@
+package signupHandler
+
+import (
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/email"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/types/models"
+	"github.com/fossyy/filekeeper/utils"
+	emailView "github.com/fossyy/filekeeper/view/email"
+	signupView "github.com/fossyy/filekeeper/view/signup"
+	"github.com/google/uuid"
+	"gorm.io/gorm"
+	"net/http"
+	"sync"
+	"time"
+)
+
+type UnverifiedUser struct {
+	User       *models.User
+	Code       string
+	mu         sync.Mutex
+	CreateTime time.Time
+}
+
+var log *logger.AggregatedLogger
+var mailServer *email.SmtpServer
+var VerifyUser map[string]*UnverifiedUser
+var VerifyEmail map[string]string
+
+func init() {
+	log = logger.Logger()
+	mailServer = email.NewSmtpServer("mail.fossy.my.id", 25, "test@fossy.my.id", "Test123456")
+	VerifyUser = make(map[string]*UnverifiedUser)
+	VerifyEmail = make(map[string]string)
+
+	ticker := time.NewTicker(time.Minute)
+	go func() {
+		for {
+			<-ticker.C
+			currentTime := time.Now()
+			cacheClean := 0
+			log.Info(fmt.Sprintf("Cache cleanup initiated at %02d:%02d:%02d", currentTime.Hour(), currentTime.Minute(), currentTime.Second()))
+
+			for _, data := range VerifyUser {
+				data.mu.Lock()
+				if currentTime.Sub(data.CreateTime) > time.Minute*1 {
+					delete(VerifyUser, data.Code)
+					delete(VerifyEmail, data.User.Email)
+					cacheClean++
+				}
+				data.mu.Unlock()
+			}
+
+			log.Info(fmt.Sprintf("Cache cleanup completed: %d entries removed. Finished at %s", cacheClean, time.Since(currentTime)))
+		}
+	}()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := signupView.Main("Sign up Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+	userEmail := r.Form.Get("email")
+	username := r.Form.Get("username")
+	password := r.Form.Get("password")
+	isValid := utils.ValidatePassword(password)
+	if !isValid {
+		component := signupView.Main("Sign up Page", types.Message{
+			Code:    0,
+			Message: "Password is invalid",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			log.Error(err.Error())
+			return
+		}
+		return
+	}
+	hashedPassword, err := utils.HashPassword(password)
+
+	newUser := models.User{
+		UserID:   uuid.New(),
+		Username: username,
+		Email:    userEmail,
+		Password: hashedPassword,
+	}
+
+	var data models.User
+	err = db.DB.Table("users").Where("email = ? OR username = ?", userEmail, username).First(&data).Error
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			err = verifyEmail(&newUser)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				log.Error(err.Error())
+				return
+			}
+
+			component := signupView.EmailSend("Sign up Page")
+			err = component.Render(r.Context(), w)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				log.Error(err.Error())
+				return
+			}
+			return
+		}
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+	component := signupView.Main("Sign up Page", types.Message{
+		Code:    0,
+		Message: "Email or Username has been registered",
+	})
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+	return
+}
+
+func verifyEmail(user *models.User) error {
+	var buffer bytes.Buffer
+	var code string
+
+	code = VerifyEmail[user.Email]
+	userData, ok := VerifyUser[code]
+
+	if !ok {
+		code = utils.GenerateRandomString(64)
+	} else {
+		code = userData.Code
+	}
+
+	err := emailView.RegistrationEmail(user.Username, fmt.Sprintf("https://%s/signup/verify/%s", utils.Getenv("DOMAIN"), code)).Render(context.Background(), &buffer)
+	if err != nil {
+		return err
+	}
+
+	unverifiedUser := UnverifiedUser{
+		User:       user,
+		Code:       code,
+		CreateTime: time.Now(),
+	}
+
+	VerifyUser[code] = &unverifiedUser
+	VerifyEmail[user.Email] = code
+
+	err = mailServer.Send(user.Email, "Account Registration Verification", buffer.String())
+	if err != nil {
+		return err
+	}
+	return nil
+}

handler/signup/verify/verify.go

@@ -0,0 +1,54 @@
+package signupVerifyHandler
+
+import (
+	"github.com/fossyy/filekeeper/db"
+	signupHandler "github.com/fossyy/filekeeper/handler/signup"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/types"
+	signupView "github.com/fossyy/filekeeper/view/signup"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	code := r.PathValue("code")
+	data, ok := signupHandler.VerifyUser[code]
+
+	if !ok {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	err := db.DB.Create(&data.User).Error
+
+	if err != nil {
+		component := signupView.Main("Sign up Page", types.Message{
+			Code:    0,
+			Message: "Email or Username has been registered",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			log.Error(err.Error())
+			return
+		}
+		return
+	}
+
+	delete(signupHandler.VerifyUser, code)
+	delete(signupHandler.VerifyEmail, data.User.Email)
+
+	component := signupView.VerifySuccess("Verify page")
+
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}

handler/upload/initialisation/initialisation.go

@@ -0,0 +1,174 @@
+package initialisation
+
+import (
+	"encoding/json"
+	"errors"
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/middleware"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/types/models"
+	"github.com/google/uuid"
+	"gorm.io/gorm"
+	"io"
+	"net/http"
+	"os"
+	"path/filepath"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	cookie, err := r.Cookie("Session")
+	if err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+
+	storeSession, err := session.Store.Get(cookie.Value)
+	if err != nil {
+		if errors.Is(err, &session.SessionNotFound{}) {
+			storeSession.Destroy(w)
+		}
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	userSession := middleware.GetUser(storeSession)
+
+	body, err := io.ReadAll(r.Body)
+	if err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+
+	var fileInfo types.FileInfo
+	if err := json.Unmarshal(body, &fileInfo); err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+
+	fileData, err := getFile(fileInfo.Name, userSession.UserID)
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			upload, err := handleNewUpload(userSession, fileInfo)
+			if err != nil {
+				handleError(w, err, http.StatusInternalServerError)
+				return
+			}
+			respondJSON(w, upload)
+			return
+		}
+		respondErrorJSON(w, err, http.StatusInternalServerError)
+		return
+	}
+
+	info, err := GetUploadInfo(fileData.ID.String())
+	if err != nil {
+		log.Error(err.Error())
+		return
+	}
+
+	if info.Done {
+		respondJSON(w, map[string]bool{"Done": true})
+		return
+	}
+	respondJSON(w, info)
+}
+
+func getFile(name string, ownerID uuid.UUID) (models.File, error) {
+	var data models.File
+	err := db.DB.Table("files").Where("name = ? AND owner_id = ?", name, ownerID).First(&data).Error
+	if err != nil {
+		return data, err
+	}
+	return data, nil
+}
+
+func handleNewUpload(user types.User, file types.FileInfo) (models.FilesUploaded, error) {
+	uploadDir := "uploads"
+	if _, err := os.Stat(uploadDir); os.IsNotExist(err) {
+		log.Error(err.Error())
+		err := os.Mkdir(uploadDir, os.ModePerm)
+		if err != nil {
+			log.Error(err.Error())
+			return models.FilesUploaded{}, err
+		}
+	}
+
+	fileID := uuid.New()
+	ownerID := user.UserID
+
+	currentDir, _ := os.Getwd()
+	basePath := filepath.Join(currentDir, uploadDir)
+	saveFolder := filepath.Join(basePath, ownerID.String(), fileID.String())
+	if filepath.Dir(saveFolder) != filepath.Join(basePath, ownerID.String()) {
+		return models.FilesUploaded{}, errors.New("invalid path")
+	}
+
+	err := os.MkdirAll(saveFolder, os.ModePerm)
+	if err != nil {
+		log.Error(err.Error())
+		return models.FilesUploaded{}, err
+	}
+
+	newFile := models.File{
+		ID:         fileID,
+		OwnerID:    ownerID,
+		Name:       file.Name,
+		Size:       file.Size,
+		Downloaded: 0,
+	}
+	err = db.DB.Create(&newFile).Error
+	if err != nil {
+		log.Error(err.Error())
+		return models.FilesUploaded{}, err
+	}
+
+	filesUploaded := models.FilesUploaded{
+		UploadID: uuid.New(),
+		FileID:   fileID,
+		OwnerID:  ownerID,
+		Name:     file.Name,
+		Size:     file.Size,
+		Uploaded: -1,
+		Done:     false,
+	}
+
+	err = db.DB.Create(&filesUploaded).Error
+	if err != nil {
+		log.Error(err.Error())
+		return models.FilesUploaded{}, err
+	}
+	return filesUploaded, nil
+}
+
+func GetUploadInfo(fileID string) (*models.FilesUploaded, error) {
+	var data *models.FilesUploaded
+	err := db.DB.Table("files_uploadeds").Where("file_id = ?", fileID).First(&data).Error
+	if err != nil {
+		return data, err
+	}
+	return data, nil
+}
+
+func respondJSON(w http.ResponseWriter, data interface{}) {
+	w.Header().Set("Content-Type", "application/json")
+	if err := json.NewEncoder(w).Encode(data); err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+	}
+}
+
+func respondErrorJSON(w http.ResponseWriter, err error, statusCode int) {
+	w.WriteHeader(statusCode)
+	respondJSON(w, map[string]string{"error": err.Error()})
+}
+
+func handleError(w http.ResponseWriter, err error, statusCode int) {
+	http.Error(w, err.Error(), statusCode)
+	log.Error(err.Error())
+}

handler/upload/upload.go

@@ -0,0 +1,142 @@
+package uploadHandler
+
+import (
+	"errors"
+	"github.com/fossyy/filekeeper/db"
+	"github.com/fossyy/filekeeper/handler/upload/initialisation"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/middleware"
+	"github.com/fossyy/filekeeper/session"
+	filesView "github.com/fossyy/filekeeper/view/upload"
+	"io"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strconv"
+	"sync"
+)
+
+var log *logger.AggregatedLogger
+var mu sync.Mutex
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := filesView.Main("upload page")
+	if err := component.Render(r.Context(), w); err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	fileID := r.PathValue("id")
+	if err := r.ParseMultipartForm(32 << 20); err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+
+	cookie, err := r.Cookie("Session")
+	if err != nil {
+		handleCookieError(w, r, err)
+		return
+	}
+
+	storeSession, err := session.Store.Get(cookie.Value)
+	if err != nil {
+		if errors.Is(err, &session.SessionNotFound{}) {
+			storeSession.Destroy(w)
+		}
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	userSession := middleware.GetUser(storeSession)
+
+	if r.FormValue("done") == "true" {
+		finalizeFileUpload(fileID)
+		return
+	}
+
+	uploadDir := "uploads"
+	if err := createUploadDirectory(uploadDir); err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+
+	file, err := initialisation.GetUploadInfo(fileID)
+	if err != nil {
+		log.Error("error getting upload info: " + err.Error())
+		return
+	}
+
+	currentDir, _ := os.Getwd()
+	basePath := filepath.Join(currentDir, uploadDir)
+	saveFolder := filepath.Join(basePath, userSession.UserID.String(), file.FileID.String())
+
+	if filepath.Dir(saveFolder) != filepath.Join(basePath, userSession.UserID.String()) {
+		log.Error("invalid path")
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	fileByte, _, err := r.FormFile("chunk")
+	if err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+	defer fileByte.Close()
+
+	dst, err := os.OpenFile(filepath.Join(saveFolder, file.Name), os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0666)
+	if err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+	defer dst.Close()
+	if _, err := io.Copy(dst, fileByte); err != nil {
+		handleError(w, err, http.StatusInternalServerError)
+		return
+	}
+	rawIndex := r.FormValue("index")
+	index, err := strconv.Atoi(rawIndex)
+	if err != nil {
+		return
+	}
+	updateIndex(index, fileID)
+}
+
+func finalizeFileUpload(fileID string) {
+	db.DB.Table("files_uploadeds").Where("file_id = ?", fileID).Updates(map[string]interface{}{
+		"Done": true,
+	})
+}
+
+func createUploadDirectory(uploadDir string) error {
+	if _, err := os.Stat(uploadDir); os.IsNotExist(err) {
+		if err := os.Mkdir(uploadDir, os.ModePerm); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func updateIndex(index int, fileID string) {
+	db.DB.Table("files_uploadeds").Where("file_id = ?", fileID).Updates(map[string]interface{}{
+		"Uploaded": index,
+	})
+}
+
+func handleCookieError(w http.ResponseWriter, r *http.Request, err error) {
+	if errors.Is(err, http.ErrNoCookie) {
+		http.Redirect(w, r, "/signin", http.StatusSeeOther)
+		return
+	}
+	handleError(w, err, http.StatusInternalServerError)
+}
+
+func handleError(w http.ResponseWriter, err error, status int) {
+	http.Error(w, err.Error(), status)
+	log.Error(err.Error())
+}

handler/user/user.go

@@ -0,0 +1,44 @@
+package userHandler
+
+import (
+	"errors"
+	"github.com/fossyy/filekeeper/logger"
+	"github.com/fossyy/filekeeper/middleware"
+	"github.com/fossyy/filekeeper/session"
+	userView "github.com/fossyy/filekeeper/view/user"
+	"net/http"
+)
+
+var log *logger.AggregatedLogger
+
+func init() {
+	log = logger.Logger()
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	cookie, err := r.Cookie("Session")
+	if err != nil {
+		return
+	}
+	storeSession, err := session.Store.Get(cookie.Value)
+	if err != nil {
+		if errors.Is(err, &session.SessionNotFound{}) {
+			storeSession.Destroy(w)
+		}
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	userSession := middleware.GetUser(storeSession)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+	component := userView.Main("User Page", userSession.Email, userSession.Username)
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		log.Error(err.Error())
+		return
+	}
+}