refactoring of error handling

src/sales_backend/http/product.cr

@@ -58,9 +58,23 @@ get "/products" do |context|
     ret.to_json
 end
 
+get "/products/:id" do |context|
+    begin
+        ret = Product.from_json File.read Statics.data_path+"products/"+context.params.url["id"]
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
+    ret.to_json
+end
+
 
 post "/products" do |context|
-    user = authenticate_admin!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    user : User
+    begin
+        user = authenticate_admin!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
     product = Product.from_json(context.request.body.not_nil!).not_nil!
     File.write Statics.data_path+"products/"+product.id.to_s,product.to_json
     "OK".to_json

src/sales_backend/http/user.cr

@@ -32,11 +32,17 @@ def authenticate_admin!(user : String, token : UUID) : User
 end
 
 post "/login" do |context|
-    user = User.from_json context.request.body.not_nil!
-    user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
+    user : User
+    user_file : User
+    begin
+        user = User.from_json context.request.body.not_nil!
+        user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
     if Crypto::Bcrypt::Password.new(user_file.password_hash.not_nil!) == user.password_hash.not_nil!
     else
-        raise Exception.new("Invalid password")
+        ">halt context, status_code: 403, response: "Invalid password"
     end
     token = UUID.random()
     if user_file.tokens.nil?
@@ -63,7 +69,12 @@ post "/logout" do |context|
 end
 
 post "/logout-all" do |context|
-    user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    user : User
+    begin
+        user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
     user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
     user_file.tokens=Array(UUID).new
     File.write(Statics.data_path+"user/"+user_file.email,user_file.to_json)
@@ -90,19 +101,34 @@ post "/user" do |context|
 end
 
 get "/user/tokens" do |context|
-    user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    user : User
+    begin
+        user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
     context.response.content_type = "application/json"
     user.tokens.to_json
 end
 
 get "/user/address" do |context|
-    user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    user : User
+    begin
+        user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
     context.response.content_type = "application/json"
     user.addresses.to_json
 end
 
 post "/user/address" do |context|
-    user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    user : User
+    begin
+        user = authenticate!(context.request.headers["user"],UUID.new(context.request.headers["api_token"]))
+    rescue ex
+        halt context, status_code: 403, response: ex.to_s
+    end
     addresses = Array(Address).from_json(context.request.body.not_nil!).not_nil!
     user_file = User.from_json File.read(Statics.data_path+"user/"+user.email)
     old_list=user_file.addresses