fix: status code related to api key (#37)

api/blogs.go

@@ -17,9 +17,14 @@ func (server *Server) getAllBlogs(w http.ResponseWriter, r *http.Request) {
 
 	key := r.FormValue("key")
 
-	if !server.isApiKeyValid(key) {
-		w.WriteHeader(http.StatusForbidden)
-		fmt.Fprint(w, ErrorJson("No valid api key"))
+	if err := server.isApiKeyValid(key); err != nil {
+		if err == sql.ErrNoRows {
+			w.WriteHeader(http.StatusUnauthorized)
+			fmt.Fprint(w, ErrorJson("No valid api key"))
+			return	
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprint(w, ErrorJson("Error while reading api key from DB"))
 		return
 	}
 

api/formations.go

@@ -15,11 +15,14 @@ func (server *Server) getAllFormations(w http.ResponseWriter, r *http.Request) {
 
 	key := r.FormValue("key")
 
-	if !server.isApiKeyValid(key) {
-		fmt.Printf("getAllFormations: access with invalid api key")
-		// return error message
-		w.WriteHeader(http.StatusForbidden)
-		fmt.Fprint(w, ErrorJson("No valid api key"))
+	if err := server.isApiKeyValid(key); err != nil {
+		if err == sql.ErrNoRows {
+			w.WriteHeader(http.StatusUnauthorized)
+			fmt.Fprint(w, ErrorJson("No valid api key"))
+			return	
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprint(w, ErrorJson("Error while reading api key from DB"))
 		return
 	}
 

api/members.go

@@ -25,10 +25,14 @@ func (server *Server) getAllMembers(w http.ResponseWriter, r *http.Request) {
 
 	key := r.FormValue("key")
 
-	if !server.isApiKeyValid(key) {
-		// return error message
-		w.WriteHeader(http.StatusUnauthorized)
-		fmt.Fprint(w, ErrorJson("No valid api key"))
+	if err := server.isApiKeyValid(key); err != nil {
+		if err == sql.ErrNoRows {
+			w.WriteHeader(http.StatusUnauthorized)
+			fmt.Fprint(w, ErrorJson("No valid api key"))
+			return
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprint(w, ErrorJson("Error while reading api key from DB"))
 		return
 	}
 

api/positions.go

@@ -1,6 +1,7 @@
 package api
 
 import (
+	"database/sql"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -15,10 +16,14 @@ func (server *Server) getPositions(w http.ResponseWriter, r *http.Request) {
 
 	key := r.FormValue("key")
 
-	if !server.isApiKeyValid(key) {
-		// return error message
-		w.WriteHeader(http.StatusForbidden)
-		fmt.Fprint(w, ErrorJson("No valid api key"))
+	if err := server.isApiKeyValid(key); err != nil {
+		if err == sql.ErrNoRows {
+			w.WriteHeader(http.StatusUnauthorized)
+			fmt.Fprint(w, ErrorJson("No valid api key"))
+			return
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprint(w, ErrorJson("Error while reading api key from DB"))
 		return
 	}
 

api/songs.go

@@ -14,11 +14,14 @@ func (server *Server) getAllSongs(w http.ResponseWriter, r *http.Request) {
 
 	key := r.FormValue("key")
 
-	if !server.isApiKeyValid(key) {
-		fmt.Printf("getAllSongs: access with invalid api key")
-		// return error message
-		w.WriteHeader(http.StatusForbidden)
-		fmt.Fprint(w, ErrorJson("No valid api key"))
+	if err := server.isApiKeyValid(key); err != nil {
+		if err == sql.ErrNoRows {
+			w.WriteHeader(http.StatusUnauthorized)
+			fmt.Fprint(w, ErrorJson("No valid api key"))
+			return	
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprint(w, ErrorJson("Error while reading api key from DB"))
 		return
 	}
 

api/validations.go

@@ -1,9 +1,13 @@
 package api
 
-func (server *Server) isApiKeyValid(key string) bool {
+import (
+	"errors"
+)
+
+func (server *Server) isApiKeyValid(key string) error {
 	if key == "" {
-		return false
+		return errors.New("API key is empty")
 	}
 	_, err := server.querier.FindApiKeyByName(key)
-	return err == nil
+	return err
 }