package main import ( "encoding/json" "errors" "fmt" "io" "maps" "net/http" "strconv" "strings" "github.com/julienschmidt/httprouter" ) // Define an envelope type. type envelope map[string]any // Retrieve the "id" URL parameter from the current request context, then convert it to // an integer and return it. If the operation isn't successful, return 0 and an error. func (app *application) readIDParam(r *http.Request) (int64, error) { params := httprouter.ParamsFromContext(r.Context()) id, err := strconv.ParseInt(params.ByName("id"), 10, 64) if err != nil || id < 1 { return 0, errors.New("invalid id parameter") } return id, nil } // Change the data parameter to have the type envelope instead of interface{}. func (app *application) writeJSON(w http.ResponseWriter, status int, data envelope, headers http.Header) error { js, err := json.MarshalIndent(data, "", "\t") if err != nil { return err } js = append(js, '\n') maps.Copy(w.Header(), headers) w.Header().Set("Content-Type", "application/json") w.WriteHeader(status) w.Write(js) return nil } func (app *application) readJSON(w http.ResponseWriter, r *http.Request, dst any) error { // Use http.MaxBytesReader() to limit the size of the request body to 1MB. maxBytes := 1_048_576 r.Body = http.MaxBytesReader(w, r.Body, int64(maxBytes)) // Initialize the json.Decoder, and call the DisallowUnknownFields() method on it // before decoding. This means that if the JSON from the client now includes any // field which cannot be mapped to the target destination, the decoder will return // an error instead of just ignoring the field. dec := json.NewDecoder(r.Body) dec.DisallowUnknownFields() // Decode the request body to the destination. err := dec.Decode(dst) if err != nil { var syntaxError *json.SyntaxError var unmarshalTypeError *json.UnmarshalTypeError var invalidUnmarshalError *json.InvalidUnmarshalError switch { case errors.As(err, &syntaxError): return fmt.Errorf("body contains badly-formed JSON (at character %d)", syntaxError.Offset) case errors.Is(err, io.ErrUnexpectedEOF): return errors.New("body contains badly-formed JSON") case errors.As(err, &unmarshalTypeError): if unmarshalTypeError.Field != "" { return fmt.Errorf("body contains incorrect JSON type for field %q", unmarshalTypeError.Field) } return fmt.Errorf("body contains incorrect JSON type (at character %d)", unmarshalTypeError.Offset) case errors.Is(err, io.EOF): return errors.New("body must not be empty") // If the JSON contains a field which cannot be mapped to the target destination // then Decode() will now return an error message in the format "json: unknown // field """. We check for this, extract the field name from the error, // and interpolate it into our custom error message. Note that there's an open // issue at https://github.com/golang/go/issues/29035 regarding turning this // into a distinct error type in the future. case strings.HasPrefix(err.Error(), "json: unknown field "): fieldName := strings.TrimPrefix(err.Error(), "json: unknown field ") return fmt.Errorf("body contains unknown key %s", fieldName) // If the request body exceeds 1MB in size the decode will now fail with the // error "http: request body too large". There is an open issue about turning // this into a distinct error type at https://github.com/golang/go/issues/30715. case err.Error() == "http: request body too large": return fmt.Errorf("body must not be larger than %d bytes", maxBytes) case errors.As(err, &invalidUnmarshalError): panic(err) default: return err } } // Call Decode() again, using a pointer to an empty anonymous struct as the // destination. If the request body only contained a single JSON value this will // return an io.EOF error. So if we get anything else, we know that there is // additional data in the request body and we return our own custom error message. err = dec.Decode(&struct{}{}) if err != io.EOF { return errors.New("body must only contain a single JSON value") } return nil }