player profile added

2026-03-06 19:51:27 +11:00
parent b57fbcd302
commit 788346d269
7 changed files with 341 additions and 4 deletions
--- a/internal/handlers/player_link_slapid.go
+++ b/internal/handlers/player_link_slapid.go
@@ -0,0 +1,104 @@
+package handlers
+
+import (
+	"context"
+	"net/http"
+	"strconv"
+
+	"git.haelnorr.com/h/golib/hws"
+	"git.haelnorr.com/h/oslstats/internal/db"
+	"git.haelnorr.com/h/oslstats/internal/notify"
+	"git.haelnorr.com/h/oslstats/internal/throw"
+	playersview "git.haelnorr.com/h/oslstats/internal/view/playersview"
+	"git.haelnorr.com/h/oslstats/pkg/slapshotapi"
+	"github.com/pkg/errors"
+	"github.com/uptrace/bun"
+)
+
+// LinkPlayerSlapID handles the HTMX POST request to link a player's Slapshot ID
+// via their Discord Steam connection. Only the player's owner can trigger this.
+func LinkPlayerSlapID(
+	s *hws.Server,
+	conn *db.DB,
+	slapAPI *slapshotapi.SlapAPI,
+) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		playerIDStr := r.PathValue("player_id")
+
+		playerID, err := strconv.Atoi(playerIDStr)
+		if err != nil {
+			throw.NotFound(s, w, r, r.URL.Path)
+			return
+		}
+
+		var player *db.Player
+
+		if ok := conn.WithNotifyTx(s, w, r, func(ctx context.Context, tx bun.Tx) (bool, error) {
+			user := db.CurrentUser(ctx)
+			if user == nil {
+				throw.Unauthorized(s, w, r, "You must be logged in", errors.New("user not authenticated"))
+				return false, nil
+			}
+
+			var err error
+			player, err = db.GetPlayer(ctx, tx, playerID)
+			if err != nil {
+				if db.IsBadRequest(err) {
+					throw.NotFound(s, w, r, r.URL.Path)
+					return false, nil
+				}
+				return false, errors.Wrap(err, "db.GetPlayer")
+			}
+
+			// Verify the current user owns this player
+			if player.UserID == nil || *player.UserID != user.ID {
+				throw.ForbiddenSecurity(s, w, r, "You can only link your own player", errors.New("user does not own player"))
+				return false, nil
+			}
+
+			// Player already has a SlapID
+			if player.SlapID != nil {
+				notify.Info(s, w, r, "Already Linked", "Your Slapshot ID is already linked", nil)
+				return false, nil
+			}
+
+			// Get the user's discord token to look up steam connection
+			discordToken, err := user.GetDiscordToken(ctx, tx)
+			if err != nil {
+				if db.IsBadRequest(err) {
+					notify.Warn(s, w, r, "Link Failed", "Discord token not found. Please log out and log back in.", nil)
+					return false, nil
+				}
+				return false, errors.Wrap(err, "user.GetDiscordToken")
+			}
+
+			audit := db.NewAudit(r.RemoteAddr, r.UserAgent(), user)
+			err = ConnectSlapID(ctx, tx, user, discordToken.Convert(), slapAPI, audit)
+			if err != nil {
+				return false, errors.Wrap(err, "ConnectSlapID")
+			}
+
+			// Re-fetch the player to check if SlapID was set
+			player, err = db.GetPlayer(ctx, tx, playerID)
+			if err != nil {
+				return false, errors.Wrap(err, "db.GetPlayer")
+			}
+
+			if player.SlapID == nil {
+				// ConnectSlapID returned nil (silent failure) - no steam or no slapID
+				notify.Warn(s, w, r, "Link Failed",
+					"Could not find your Slapshot ID. Make sure your Steam account is connected to Discord and you have played Slapshot: Rebound.",
+					nil)
+			} else {
+				notify.Success(s, w, r, "Success", "Your Slapshot ID has been linked!", nil)
+			}
+
+			return true, nil
+		}); !ok {
+			return
+		}
+
+		// Re-render the slap ID section with updated state
+		renderSafely(playersview.SlapIDSection(player, true), s, r, w)
+	})
+}
--- a/internal/handlers/player_view.go
+++ b/internal/handlers/player_view.go
@@ -0,0 +1,84 @@
+package handlers
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"strconv"
+
+	"git.haelnorr.com/h/golib/hws"
+	"git.haelnorr.com/h/oslstats/internal/db"
+	"git.haelnorr.com/h/oslstats/internal/throw"
+	playersview "git.haelnorr.com/h/oslstats/internal/view/playersview"
+	"github.com/pkg/errors"
+	"github.com/uptrace/bun"
+)
+
+// ProfileRedirect redirects the authenticated user to their own player page.
+func ProfileRedirect(
+	s *hws.Server,
+) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		user := db.CurrentUser(r.Context())
+		if user == nil {
+			throw.Unauthorized(s, w, r, "You must be logged in to view your profile", errors.New("user not authenticated"))
+			return
+		}
+		if user.Player == nil {
+			throw.InternalServiceError(s, w, r, "Player profile not found", errors.New("user has no linked player"))
+			return
+		}
+		http.Redirect(w, r, fmt.Sprintf("/players/%d", user.Player.ID), http.StatusSeeOther)
+	})
+}
+
+// PlayerView renders the player profile page.
+// If the player has no SlapID and the viewer is the player's owner, show the link prompt.
+// If the player has no SlapID and the viewer is not the owner, show 404.
+func PlayerView(
+	s *hws.Server,
+	conn *db.DB,
+) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		playerIDStr := r.PathValue("player_id")
+
+		playerID, err := strconv.Atoi(playerIDStr)
+		if err != nil {
+			throw.NotFound(s, w, r, r.URL.Path)
+			return
+		}
+
+		var player *db.Player
+		var isOwner bool
+
+		if ok := conn.WithReadTx(s, w, r, func(ctx context.Context, tx bun.Tx) (bool, error) {
+			var err error
+			player, err = db.GetPlayer(ctx, tx, playerID)
+			if err != nil {
+				if db.IsBadRequest(err) {
+					throw.NotFound(s, w, r, r.URL.Path)
+					return false, nil
+				}
+				return false, errors.Wrap(err, "db.GetPlayer")
+			}
+
+			// Check if the current user owns this player
+			user := db.CurrentUser(ctx)
+			if user != nil && player.UserID != nil && *player.UserID == user.ID {
+				isOwner = true
+			}
+
+			return true, nil
+		}); !ok {
+			return
+		}
+
+		// If player has no SlapID and viewer is not the owner, show 404
+		if player.SlapID == nil && !isOwner {
+			throw.NotFound(s, w, r, r.URL.Path)
+			return
+		}
+
+		renderSafely(playersview.PlayerPage(player, isOwner), s, r, w)
+	})
+}
--- a/internal/handlers/register.go
+++ b/internal/handlers/register.go
@@ -73,7 +73,7 @@ func Register(
 				if err != nil {
 					return false, errors.Wrap(err, "registerUser")
 				}
-				err = connectSlapID(ctx, tx, user, details.Token, slapAPI, audit)
+				err = ConnectSlapID(ctx, tx, user, details.Token, slapAPI, audit)
 				if err != nil {
 					return false, errors.Wrap(err, "connectSlapID")
 				}
@@ -123,11 +123,11 @@ func registerUser(ctx context.Context, tx bun.Tx,
 	return user, nil
 }

-func connectSlapID(ctx context.Context, tx bun.Tx, user *db.User,
+// ConnectSlapID attempts to link a player's Slapshot ID via their Discord Steam connection.
+// If fails due to no steam connection or no slapID, fails silently and returns nil.
+func ConnectSlapID(ctx context.Context, tx bun.Tx, user *db.User,
 	token *discord.Token, slapAPI *slapshotapi.SlapAPI, audit *db.AuditMeta,
 ) error {
-	// Attempt to setup their player/slapID from steam connection
-	// If fails due to no steam connection or no slapID, fail silently and proceed with registration
 	session, err := discord.NewOAuthSession(token)
 	if err != nil {
 		return errors.Wrap(err, "discord.NewOAuthSession")