Add login with Spotify, current playlist support

auth.go

 	"crypto/sha1"
 	"encoding/base64"
 	"errors"
+	"github.com/zmb3/spotify"
 	"golang.org/x/crypto/pbkdf2"
 	"log"
 	"net/http"
 )
 
 type SessionData struct {
-	sid      string
-	username string
-	spotify  string
-	priority time.Time
-	index    int
+	sid           string
+	username      string
+	spotify       string
+	priority      time.Time
+	index         int
+	spotifyClient *spotify.Client
 }
 
 type SessionQueue []*SessionData
 	return pbkdf2.Key(password, salt, 4096, 32, sha1.New)
 }
 
+func spotifyOk(db *DB, spotifyID string) (string, error) {
+	username, err := db.FindUserBySpotifyID(spotifyID)
+	if err != nil {
+		if err.Error() == "sql: no rows in result set" {
+			return "", nil
+		} else {
+			return "", err
+		}
+	}
+	return username, nil
+}
+
 func userOk(db *DB, username, password string) (bool, error) {
 	hash, err := db.FindHashForUser(username)
 	if err != nil {
 	return ok, nil
 }
 
+func tryLoginWithSpotify(db *DB, spotifyID string) (http.Cookie, error) {
+	username, err := spotifyOk(db, spotifyID)
+	if username == "" {
+		if err != nil {
+			return http.Cookie{}, err
+		}
+		return http.Cookie{},
+			errors.New("This spotify account is not connected to any account")
+	}
+
+	return addSessionAndReturnMatchingCookie(username, spotifyID, true)
+}
+
 func tryLogin(db *DB, username, password string, longerTime bool) (http.Cookie, error) {
 	if exists, err := userOk(db, username, password); !exists {
 		if err != nil {
 			errors.New("The username or password you entered isn't correct.")
 	}
 
+	return addSessionAndReturnMatchingCookie(username, "", longerTime)
+}
+
+func addSessionAndReturnMatchingCookie(username, spotifyID string, longerTime bool) (http.Cookie, error) {
 	sid, err := randString(32)
 	if err != nil {
 		return http.Cookie{}, err
 	}
 
 	expiration := time.Now().Add(duration)
-	addSession(&SessionData{sid, username, "", expiration, 0})
+	addSession(&SessionData{sid, username, spotifyID, expiration, 0, nil})
 
 	return loginCookie, nil
+
 }
 
 func getSession(req *http.Request) (*SessionData, error) {
 	if err != nil {
 		return nil, err
 	}
+	return getSessionById(cookie.Value)
+}
 
-	session, exists := sessions[cookie.Value]
+func getSessionById(sid string) (*SessionData, error) {
+	session, exists := sessions[sid]
 	if !exists {
 		return nil, errors.New("Session expired from server")
 	}

bot.go

 		weekStr := numberReg.FindString(section.title)
 		if weekStr != "" {
 			weekNumber, _ := strconv.Atoi(weekStr)
-			if weekNumber < currentWeek-1 {
+			if weekNumber < currentWeek-4 {
 				continue
 			}
 			if weekNumber > currentWeek {
 						log.Println("Failed to find tracks from DB", err)
 					}
 					log.Println("Checking if playlist needs updating", currentTracks, tracks, err)
-					if len(tracks) > 0 && (err != nil || !tracksEqual(tracks, currentTracks)) {
-
-						if playlistID == "" {
-							log.Println("Creating new playlist")
-							info, err := app.spotify.client.CreatePlaylistForUser(app.credentials.SpotifyUser, title+" "+section.title, true)
-							if err != nil {
-								log.Println("Error creating playlist to Spotify")
-								return err
-							}
-							playlistID = info.ID
-							changedWikiText = appendPlaylist(changedWikiText, info)
-							message = message + fmt.Sprintf("Added link to Spotify playlist for week %d.", weekNumber)
-						}
-						log.Printf("Updating playlist %s for %s with tracks %s\n", playlistID, app.credentials.SpotifyUser, tracks)
-						err := app.spotify.client.ReplacePlaylistTracks(app.credentials.SpotifyUser, playlistID, tracks...)
+					if app.ShouldUpdate(tracks, currentTracks, err != nil) {
+						playlistID, changedWikiText, message, err = app.CreatePlaylist(title+" "+section.title, weekNumber, playlistID, changedWikiText, message)
 						if err != nil {
-							log.Println("Error updating playlist to Spotify")
 							return err
 						}
-
-						stringTracks := make([]string, len(tracks))
-						for i, t := range tracks {
-							stringTracks[i] = string(t)
-						}
-
-						_, err = app.db.UpdatePlaylistBySection(section.title, stringTracks)
+						err = app.UpdatePlaylist(section.title, playlistID, tracks, currentTracks)
 						if err != nil {
-							log.Println("Error updating playlist to DB")
 							return err
 						}
 					}
+					if weekNumber == currentWeek {
+						// This playlist is same for every week
+						// So people don't have to find the new ones from wiki
+						playlistID = "4piDy2DQ35Y43yUaInyWfN"
+						currentTracks, err = app.db.FindPlaylistBySection("current week")
+						if err != nil {
+							log.Println("Failed to find current week tracks from DB", err)
+						}
+						log.Println("Checking if playlist needs updating", currentTracks, tracks, err)
+						if app.ShouldUpdate(tracks, currentTracks, err != nil) {
+							err = app.UpdatePlaylist("current week", playlistID, tracks, currentTracks)
+							if err != nil {
+								return err
+							}
+						}
+					}
 				}
 			}
 
 	return nil
 }
 
+func (app *App) ShouldUpdate(tracks []spotify.ID, currentTracks []string, isNew bool) bool {
+	return len(tracks) > 0 && (isNew || !tracksEqual(tracks, currentTracks))
+}
+
+func (app *App) CreatePlaylist(title string, weekNumber int, playlistID spotify.ID, changedWikiText, message string) (spotify.ID, string, string, error) {
+	if playlistID == "" {
+		log.Println("Creating new playlist")
+		info, err := app.spotify.client.CreatePlaylistForUser(app.credentials.SpotifyUser, title, true)
+		if err != nil {
+			log.Println("Error creating playlist to Spotify")
+			return "", "", "", err
+		}
+		playlistID = info.ID
+		changedWikiText = appendPlaylist(changedWikiText, info)
+		message = message + fmt.Sprintf("Added link to Spotify playlist for week %d.", weekNumber)
+	}
+	return playlistID, changedWikiText, message, nil
+}
+
+func (app *App) UpdatePlaylist(section string, playlistID spotify.ID, tracks []spotify.ID, currentTracks []string) error {
+	log.Printf("Updating playlist %s for %s with tracks %s\n", playlistID, app.credentials.SpotifyUser, tracks)
+	err := app.spotify.client.ReplacePlaylistTracks(app.credentials.SpotifyUser, playlistID, tracks...)
+	if err != nil {
+		log.Println("Error updating playlist to Spotify")
+		return err
+	}
+
+	stringTracks := make([]string, len(tracks))
+	for i, t := range tracks {
+		stringTracks[i] = string(t)
+	}
+
+	_, err = app.db.UpdatePlaylistBySection(section, stringTracks)
+	if err != nil {
+		log.Println("Error updating playlist to DB")
+		return err
+	}
+	return nil
+}
+
 func (app *App) AutomateSectionTask() {
 	panels, err := app.db.FindAllPanels()
 	if err != nil {

db.go

 	_ "github.com/lib/pq"
 	"log"
 	"os"
+	"time"
 )
 
 type DB struct {
 	return &DB{database}
 }
 
+func (db *DB) FindUserBySpotifyID(username string) (string, error) {
+	var user string
+	err := db.database.QueryRow("SELECT u.username FROM public.user u WHERE u.spotify_id = $1", username).Scan(&user)
+	return user, err
+}
+
 func (db *DB) FindHashForUser(username string) (string, error) {
 	var hash string
 	err := db.database.QueryRow("SELECT u.password FROM public.user u WHERE lower(u.username) = lower($1)", username).Scan(&hash)
 	JOIN public."user" u ON u.id = e.user_id
 	JOIN public.round r ON r.id = e.round_id
 	JOIN public.panel p ON p.id = r.panel_id
-	WHERE r.start < current_timestamp AND e.synced = false`
+	WHERE r.start < current_timestamp AND e.synced = false AND p.sync_enabled = true`
 	rows, err := db.database.Query(query)
 
 	if err != nil {
 	artist, title, spotifyURL, article, username, section string
 }
 
+func (db *DB) FindRoundInfo(roundNum int) (*RoundInfo, error) {
+	query := `
+		SELECT r.section, p.name, p.article, r.start, r.end
+		FROM public.round r
+                JOIN public.panel p ON p.id = r.panel_id
+		WHERE r.id = $1`
+	rows, err := db.database.Query(query, roundNum)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var (
+		section, panelName, panelArticle string
+		start, end                       *time.Time
+	)
+	if !rows.Next() {
+		return nil, nil
+	}
+	err = rows.Scan(&section, &panelName, &panelArticle, &start, &end)
+	if err != nil {
+		log.Println("Error while scanning row:", err)
+		return nil, err
+	}
+	return &RoundInfo{section, panelName, panelArticle, start, end}, nil
+}
+
+type RoundInfo struct {
+	Section, PanelName, PanelArticle string
+	Start, End                       *time.Time
+}
+
+func (db *DB) FindAllRoundEntries(round int) ([]*Song, error) {
+	query := `
+		SELECT r.id, r.section, e.artist, e.title, e.spotify_url, e.synced, u.username
+		FROM public.round r
+                JOIN public.panel p ON p.id = r.panel_id
+		JOIN public.entry e ON r.id = e.round_id
+		JOIN public."user" u ON u.id = e.user_id
+		WHERE r.id = $1`
+	rows, err := db.database.Query(query, round)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	return db.rowsToSong(rows)
+}
+
 func (db *DB) FindAllEntries(username string) ([]*Song, error) {
-	var songs []*Song
 	query := `
-		SELECT r.id, r.section, e.artist, e.title, e.spotify_url, e.synced
+		SELECT r.id, r.section, e.artist, e.title, e.spotify_url, e.synced, u.username
 		FROM public.round r
-		LEFT JOIN public.entry e ON r.id = e.round_id
-		LEFT JOIN public."user" u ON u.id = e.user_id AND lower(u.username) = lower($1)
+		LEFT JOIN public.entry e ON r.id = e.round_id AND e.user_id = 
+                  (SELECT u2.id FROM public."user" u2 WHERE lower(u2.username) = lower($1))
+		LEFT JOIN public."user" u ON r.id = e.round_id AND u.id = e.user_id
 		ORDER BY r.start ASC`
 	rows, err := db.database.Query(query, username)
 	if err != nil {
 		return nil, err
 	}
 	defer rows.Close()
+	return db.rowsToSong(rows)
+}
+
+func (db *DB) rowsToSong(rows *sql.Rows) ([]*Song, error) {
+	var songs []*Song
 	for i := 0; rows.Next(); i++ {
 		song := &Song{}
 		songs = append(songs, song)
 		var (
-			artist, title, url *string
-			sync               *bool
+			artist, title, url, username *string
+			sync                         *bool
 		)
-		err = rows.Scan(&songs[i].RoundID, &songs[i].RoundName, &artist, &title, &url, &sync)
+		err := rows.Scan(&songs[i].RoundID, &songs[i].RoundName, &artist, &title, &url, &sync, &username)
 		if err != nil {
 			return nil, err
 		}
 		if sync != nil {
 			song.Sync = *sync
 		}
+		if username != nil {
+			song.Submitter = *username
+		}
 	}
 	return songs, nil
 }
 	Artist    string
 	URL       string
 	Sync      bool
+	Submitter string
 }
 
 func (db *DB) UpdateEntry(username, round, artist, title, url string) (bool, error) {

web.go

 	"html/template"
 	"log"
 	"net/http"
+	"strconv"
 	"strings"
 	"time"
 )
 
 var (
-	cachedTemplates = template.Must(template.ParseFiles("web/index.html"))
+	cachedTemplates = template.Must(template.ParseFiles("web/index.html", "web/round.html"))
 )
 
+func (s *WebService) serveTemplate(w http.ResponseWriter, data interface{}, templateName string) {
+	var templates = cachedTemplates
+	if s.noCache {
+		templates = template.Must(template.ParseFiles("web/index.html", "web/round.html"))
+	}
+
+	err := templates.ExecuteTemplate(w, templateName, data)
+	if err != nil {
+		log.Println("Error while rendering template", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	}
+
+}
+
 func (s *WebService) IndexHandler(w http.ResponseWriter, r *http.Request) {
 	if r.URL.Path != "/" {
 		http.Error(w, "Not Found", http.StatusNotFound)
 		make([]*Song, 0),
 	}
 
-	session, err := getSession(r)
+	session, _ := getSession(r)
 	if session != nil {
+		log.Println("Find all songs for user", session.username)
 		songs, err := s.db.FindAllEntries(session.username)
 		if err != nil {
 			log.Println("Error while reading entries from database", err)
 		data.Songs = songs
 		data.Username = session.username
 		data.Spotify = session.spotify
-	}
 
-	if s.spotify.client != nil {
-		token, err := s.spotify.client.Token()
-		if err == nil {
-			data.SpotifyExpiry = token.Expiry.Format(time.RFC822Z)
+		if session.spotifyClient != nil {
+			token, err := session.spotifyClient.Token()
+			if err == nil {
+				data.SpotifyExpiry = token.Expiry.Format(time.RFC822Z)
+			}
 		}
 	}
-
-	var templates = cachedTemplates
-	if s.noCache {
-		templates = template.Must(template.ParseFiles("web/index.html"))
-	}
-
-	err = templates.ExecuteTemplate(w, "index.html", data)
-	if err != nil {
-		log.Println("Error while rendering template", err)
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-	}
+	s.serveTemplate(w, data, "index.html")
 }
 
 func getTrackID(url string) string {
 	url := r.Form.Get("url")
 
 	if artist == "" && title == "" && url != "" {
-		if s.spotify.client == nil {
+		var client = s.spotify.client
+		if client == nil {
+			client = session.spotifyClient
+		}
+		if client == nil {
 			http.Error(w, "No Spotify token available", http.StatusInternalServerError)
 			return
 		}
-		token, err := s.spotify.client.Token()
+		token, err := client.Token()
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 
 		log.Println("Resolving Spotify URL")
 		trackID := getTrackID(url)
-		track, err := s.spotify.client.GetTrack(spotify.ID(trackID))
+		track, err := client.GetTrack(spotify.ID(trackID))
 
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 		http.Error(w, "Couldn't get token", http.StatusForbidden)
 		return
 	}
+	client := s.spotify.auth.NewClient(token)
+	profile, err := client.CurrentUser()
+	if err != nil {
+		http.Error(w, "Couldn't load profile from Spotify", http.StatusInternalServerError)
+		return
+	}
 	session, err := getSession(r)
+	if session == nil {
+		if err != nil {
+			log.Println("Error while trying to read current session", err)
+		}
+		log.Println("Trying to login with spotify ID", profile.ID)
+		cookie, err := tryLoginWithSpotify(s.db, profile.ID)
+		if err != nil {
+			http.Error(w, "Couldn't login with Spotify profile", http.StatusInternalServerError)
+			return
+		}
+		session, _ := getSessionById(cookie.Value)
+		session.spotifyClient = &client
+
+		log.Println("Logged in user spotify ID", profile.ID)
+		http.SetCookie(w, &cookie)
+		http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+		return
+	} else {
+		session.spotify = profile.ID
+		session.spotifyClient = &client
+		http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+		return
+	}
+	// TODO: when?
+	if profile.ID == "lamperi" {
+		s.spotify.client = &client
+	}
+}
+
+func (s *WebService) RoundHandler(w http.ResponseWriter, r *http.Request) {
+	data := struct {
+		Username        string
+		Spotify         string
+		SpotifyExpiry   string
+		Songs           []*Song
+		SubmitterPublic bool
+		RoundInfo       *RoundInfo
+	}{
+		"",
+		"",
+		"",
+		make([]*Song, 0),
+		false,
+		nil,
+	}
+
+	round := strings.TrimPrefix(r.URL.Path, "/round/")
+	roundNum, err := strconv.Atoi(round)
 	if err != nil {
-		http.Error(w, "Couldn't get session", http.StatusInternalServerError)
+		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
-	client := s.spotify.auth.NewClient(token)
-	s.spotify.client = &client
-	profile, err := s.spotify.client.CurrentUser()
+	roundInfo, err := s.db.FindRoundInfo(roundNum)
 	if err != nil {
-		http.Error(w, "Couldn't load profile from Spotify", http.StatusInternalServerError)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-	session.spotify = profile.ID
-	http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+	if roundInfo == nil {
+		http.Error(w, "No such panel", http.StatusNotFound)
+		return
+	}
+	data.RoundInfo = roundInfo
+	session, err := getSession(r)
+	if session != nil {
+		data.Username = session.username
+		data.Spotify = session.spotify
+	}
+	songs, err := s.db.FindAllRoundEntries(roundNum)
+	if err != nil {
+		log.Println("Error while reading entries from database", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	data.Songs = songs
+	data.SubmitterPublic = roundInfo.End.Before(time.Now())
+
+	if s.spotify.client != nil {
+		token, err := s.spotify.client.Token()
+		if err == nil {
+			data.SpotifyExpiry = token.Expiry.Format(time.RFC822Z)
+		}
+	}
+	s.serveTemplate(w, data, "round.html")
 }
 
 type WebService struct {
 	mux.Handle("/js/", fs)
 	mux.Handle("/favicon.ico", fs)
 	mux.HandleFunc("/", service.IndexHandler)
+	mux.HandleFunc("/round/", service.RoundHandler)
 	mux.HandleFunc("/update", service.UpdateHandler)
 	mux.HandleFunc("/login", service.LoginHandler)
 	mux.HandleFunc("/spotify", service.SpotifyHandler)

web/index.html

         {{end}}
         {{range .Songs }}
         <div class="row">
-            <small style="width: 70px">{{ .RoundName }}</small>
+            <small style="width: 70px"><a href="/round/{{ .RoundID }}">{{ .RoundName }}</a></small>
             <form class="form-inline" method="post" action="/update">
                 <label class="sr-only" for="artist">Artist</label>
                 <input class="form-control mb-2 mr-sm-2" name="artist" placeholder="Enter Artist"  value="{{ .Artist }}">
                 <input class="form-control mb-2 mr-sm-2" name="title" placeholder="Enter Track title"  value="{{ .Title }}">
                 
                 <label class="sr-only" for="url">Track URL</label>
-                <input class="form-control mb-2 mr-sm-2" name="url" placeholder="Enter Track title" value="{{ .URL }}">
+                <input class="form-control mb-2 mr-sm-2" name="url" placeholder="Enter Track URL" value="{{ .URL }}">
                 
                 <div class="form-check mb-2 mr-sm-2">
                     <input class="form-check-input" style="width: 100px" type="checkbox" name="synced" {{ if .Sync }} checked {{ else }} disabled {{ end }}>
             </div>
             <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
         </form>
+        <hr/>
+        <a href="/spotify"><button class="btn btn-lg btn-primary btn-block" style="margin-bottom: 1em">Sign in with Spotify</button></a>
     {{end}}
 
       <hr>
 
       <footer>
-        <p>&copy; Lamperi 2018</p>
+        <p>&copy; Lamperi 2018-2019</p>
       </footer>
     </div> <!-- /container -->
 

web/round.html

+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="icon" href="favicon.ico">
+
+    <title>LevyraatiBot</title>
+
+    <base href="..">
+    <!-- Bootstrap core CSS -->
+    <link href="css/bootstrap.min.css" rel="stylesheet">
+
+    <!-- Custom styles for this template -->
+    <link href="css/jumbotron.css" rel="stylesheet">
+  </head>
+
+  <body>
+
+    <!-- Main jumbotron for a primary marketing message or call to action -->
+    <div class="jumbotron">
+      <div class="container">
+        {{if .RoundInfo}}
+        <h1 class="display-3">{{ .RoundInfo.PanelName }} {{ .RoundInfo.Section }}</h1>
+        {{if or (gt (len .Songs) 3) .SubmitterPublic }}
+        <p>Tässä viikon kattaus, olkaa hyvä</p>
+        {{else}}
+        <p>Odotetaan vielä muutamaa laulua.</p>
+        {{end}}
+        {{else}}
+        <h1 class="display-3">Please log in</h1>
+        <p>Login now.</p>
+        {{end}}
+      </div>
+    </div>
+
+    <div class="container">
+        {{if or (gt (len .Songs) 3) .SubmitterPublic }}
+	{{ $submitterPublic := .SubmitterPublic }}
+        {{range .Songs }}
+        <div class="row">
+                <span>{{ .Artist }} / {{ .Title }} / <a href="{{ .URL }}">Kuuntele</a>
+    		{{ if $submitterPublic }}({{ .Submitter }}){{ end }}
+        </div>
+        {{end}}
+        {{else}}
+	<p>Vasta {{ len .Songs }} laulu{{if ne (len .Songs) 1}}a{{end}} lisätty.</p>
+        {{end}}
+      <hr>
+
+      <footer>
+        <p>&copy; Lamperi 2018-2019</p>
+      </footer>
+    </div> <!-- /container -->
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    <script src="https://code.jquery.com/jquery-3.1.1.slim.min.js" integrity="sha384-A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n" crossorigin="anonymous"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js" integrity="sha384-DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb" crossorigin="anonymous"></script>
+    <script src="js/vendor/bootstrap.min.js"></script>
+  </body>
+</html>