feat: generate random names for uploaded images for better security

go.mod

@@ -5,6 +5,7 @@ go 1.22.3
 require (
 	github.com/dchest/uniuri v1.2.0
 	github.com/gofiber/fiber/v2 v2.52.5
+	github.com/google/uuid v1.6.0
 	github.com/h2non/bimg v1.1.9
 	github.com/joho/godotenv v1.5.1
 	gorm.io/driver/sqlite v1.5.6
@@ -13,7 +14,6 @@ require (
 
 require (
 	github.com/andybalholm/brotli v1.1.0 // indirect
-	github.com/google/uuid v1.6.0 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/klauspost/compress v1.17.9 // indirect

handlers/handlers.go

@@ -5,13 +5,13 @@ import (
 	"io"
 	"os"
 	"strconv"
-	"strings"
 
 	DB "log101/konulu-konum-backend/db"
 	"log101/konulu-konum-backend/models"
 
 	"github.com/dchest/uniuri"
 	"github.com/gofiber/fiber/v2"
+	"github.com/google/uuid"
 	"github.com/h2non/bimg"
 	"gorm.io/gorm"
 )
@@ -62,9 +62,9 @@ func KonuluKonumCreate(c *fiber.Ctx) error {
 		}
 
 		// Save image file in public folder
-		imageName := strings.Split(file[0].Filename, ".")[0]
+		imageName := uuid.New()
 		imagePath := fmt.Sprintf("./public/%s.webp", imageName)
-		imageURL := fmt.Sprintf("%s.webp", imageName)
+		imageNameWithExtension := fmt.Sprintf("%s.webp", imageName)
 		err = bimg.Write(imagePath, newImage)
 		if err != nil {
 			fmt.Fprintln(os.Stderr, err)
@@ -80,7 +80,7 @@ func KonuluKonumCreate(c *fiber.Ctx) error {
 
 		// Write to DB
 		db := DB.GetDB()
-		db.Create(&models.KonuluKonum{URI: imageUri, ImageURL: imageURL, Coordinates: geolocation, AuthorName: author, Description: description, UnlockedCounter: 0, Radius: radiusInt})
+		db.Create(&models.KonuluKonum{URI: imageUri, ImageURL: imageNameWithExtension, Coordinates: geolocation, AuthorName: author, Description: description, UnlockedCounter: 0, Radius: radiusInt})
 
 		// Return URL
 		redirectURL := fmt.Sprintf("%s/x?id=%s", clientURL, imageUri)