transmet/route_handlers.go

463 lines
15 KiB
Go
Raw Normal View History

2015-04-29 15:25:48 +00:00
package main
import (
2015-09-13 21:57:22 +00:00
"bytes"
"fmt"
"github.com/dballard/transmet/categories"
"github.com/dballard/transmet/news"
"github.com/dballard/transmet/user"
2015-04-29 15:25:48 +00:00
"github.com/gorilla/mux"
2015-04-30 04:32:39 +00:00
"github.com/gorilla/sessions"
"io/ioutil"
2015-09-13 21:57:22 +00:00
"net/http"
"path"
"regexp"
"strconv"
2015-09-13 21:57:22 +00:00
"strings"
2015-05-16 19:48:42 +00:00
txtTemplate "text/template"
2015-09-13 21:57:22 +00:00
"time"
2015-04-29 15:25:48 +00:00
)
2015-04-30 04:32:39 +00:00
func GetFlashes(session *sessions.Session) map[string]interface{} {
var flashes = make(map[string]interface{})
flashes["error"] = session.Flashes(flash_err)
flashes["info"] = session.Flashes(flash_info)
return flashes
}
func sessionWipe(session *sessions.Session) {
session.Values = make(map[interface{}]interface{})
}
func initSessionUser(r *http.Request) (*user.User, *sessions.Session) {
// TODO verify ssl session
2015-04-30 04:32:39 +00:00
session, _ := store.Get(r, "c_user")
if session.Values["username"] == nil {
return nil, session
}
return user.NewUserFromUsername(db, session.Values["username"].(string)), session
}
// wrapper for handlers requiring a User
func userHandler(next func(http.ResponseWriter, *http.Request, *user.User, *sessions.Session)) func(http.ResponseWriter, *http.Request) {
2015-04-30 04:32:39 +00:00
return func(w http.ResponseWriter, r *http.Request) {
user, session := initSessionUser(r)
2015-04-30 04:32:39 +00:00
if user == nil {
2015-05-01 15:20:02 +00:00
http.Redirect(w, r, "/login", http.StatusFound)
2015-04-30 04:32:39 +00:00
} else {
next(w, r, user, session)
2015-04-30 04:32:39 +00:00
}
}
}
// wrapper for handlers forking on GET and POST
// r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
func getPostHandler(getFn, postFn func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
getFn(w, r)
} else { // POST
postFn(w, r)
}
}
}
// Log in page handler
func LoginFormHandler(w http.ResponseWriter, r *http.Request) {
session, _ := store.Get(r, "c_user")
flashes := GetFlashes(session)
session.Save(r, w)
2015-09-13 21:57:22 +00:00
ShowTemplate("login", w, r, map[string]interface{}{"flashes": flashes})
2015-04-30 04:32:39 +00:00
}
// handler for login POST
// TODO: proper per account and client flood control rate limiting
// currently weak per call slow down is by-passable at scale
func LoginPostHandler(w http.ResponseWriter, r *http.Request) {
fmt.Println("LoginPostHandler()")
2015-04-30 04:32:39 +00:00
time.Sleep(500 * time.Millisecond) // WEAK poor mans rate limiting for logins
r.ParseForm()
username := r.PostFormValue("username")
// lookup user
password := r.PostFormValue("password")
user := user.NewUserFromAuth(db, username, password)
if user != nil {
session, _ := store.Get(r, "c_user")
session.Values["username"] = user.Username
session.Save(r, w)
2015-05-02 19:28:11 +00:00
if r.URL.Query().Get("url") != "" {
2015-09-13 21:57:22 +00:00
http.Redirect(w, r, "/add?"+r.URL.RawQuery, http.StatusFound)
2015-05-02 19:28:11 +00:00
}
http.Redirect(w, r, "/", http.StatusFound)
2015-04-30 04:32:39 +00:00
} else {
time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins
session, _ := store.Get(r, "c_user")
session.AddFlash("Username or password", flash_err)
session.Save(r, w)
2015-05-02 19:28:11 +00:00
http.Redirect(w, r, "/login?"+r.URL.RawQuery, http.StatusFound)
2015-04-30 04:32:39 +00:00
}
}
2015-05-12 05:12:51 +00:00
// logout POST handler
func LogoutHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-05-12 05:12:51 +00:00
//session.Options = &sessions.Options{MaxAge: -1}
sessionWipe(session)
session.Save(r, w)
http.Redirect(w, r, "/", http.StatusFound)
}
2015-05-14 06:12:39 +00:00
func getUrlTitle(url string) string {
2015-09-13 21:57:22 +00:00
resp, err := http.Get(url)
if err != nil {
fmt.Println("Error looking up link", url, ":", err)
} else {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
fmt.Println("Error reading link", url, ":", err)
} else {
re := regexp.MustCompile("< *[Tt][Ii][Tt][Ll][Ee] *>(.*)</ *[Tt][Ii][Tt][Ll][Ee] *>")
title := re.FindStringSubmatch(string(body))
if title != nil {
return strings.TrimSpace(title[1])
}
}
}
return ""
2015-05-14 06:12:39 +00:00
}
2015-05-02 19:28:11 +00:00
// ?url=
func addFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-09-13 21:57:22 +00:00
categories.LoadCategories(db)
flashes := GetFlashes(session)
session.Save(r, w)
2015-09-13 21:57:22 +00:00
var url = r.URL.Query().Get("url")
reHttp := regexp.MustCompile("^https?://")
if url != "" && !reHttp.Match([]byte(url)) {
url = "http://" + url
}
title := r.URL.Query().Get("title")
2015-09-13 21:57:22 +00:00
if title == "" && url != "" {
title = getUrlTitle(url)
}
popup := r.URL.Query().Get("popup")
2015-09-13 21:57:22 +00:00
ShowTemplate("post", w, r, map[string]interface{}{"mode": "add", "user": user, "flashes": flashes, "link": url, "categories": categories.CategoriesTree, "title": title, "popup": popup, "category_id": -1})
2015-04-30 04:38:40 +00:00
}
func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
news := news.News{}
2015-09-13 21:57:22 +00:00
news.Title = r.FormValue("title")
news.Notes = r.FormValue("notes")
news.Url = r.FormValue("link")
2015-05-16 19:48:42 +00:00
popup := r.FormValue("popup")
2015-05-12 05:06:28 +00:00
category_id, err := strconv.Atoi(r.FormValue("category"))
if err != nil {
2015-09-21 15:26:31 +00:00
var flashes = make(map[string]interface{})
flashes["error"] = []string{"Category required: " + err.Error()}
ShowTemplate("post", w, r, map[string]interface{}{"mode": "add", "user": user, "flashes": flashes, "link": news.Url, "categories": categories.CategoriesTree, "title": news.Title, "popup": popup, "notes": news.Notes, "category_id": news.Category_id})
2015-09-21 15:26:31 +00:00
return
}
2015-05-12 05:06:28 +00:00
news.Category_id = category_id
2015-09-13 21:57:22 +00:00
err = news.Insert(db)
if err != nil {
var flashes = make(map[string]interface{})
flashes["error"] = []string{"Error saving news: " + err.Error()}
ShowTemplate("post", w, r, map[string]interface{}{"mode": "add", "user": user, "flashes": flashes, "link": news.Url, "categories": categories.CategoriesTree, "title": news.Title, "popup": popup, "notes": news.Notes, "category_id": news.Category_id})
2015-09-21 15:26:31 +00:00
return
} else {
2015-09-13 21:57:22 +00:00
session.AddFlash("Added news \""+news.Title+"\"", flash_info)
session.Save(r, w)
2015-05-16 19:48:42 +00:00
if popup == "1" {
http.Redirect(w, r, "/news/added", http.StatusFound)
2015-05-16 19:48:42 +00:00
} else {
2015-09-13 21:57:22 +00:00
http.Redirect(w, r, "/", http.StatusFound)
}
}
2015-04-30 04:38:40 +00:00
}
2015-09-17 15:03:53 +00:00
func editFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
categories.LoadCategories(db)
flashes := GetFlashes(session)
2015-11-20 04:00:33 +00:00
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
2015-09-18 15:48:38 +00:00
if idErr != nil {
session.AddFlash("Could not understand news id", flash_err)
session.Save(r, w)
http.Redirect(w, r, "/news", http.StatusFound)
return
2015-09-18 15:48:38 +00:00
}
newsItem, err := news.Get(db, id)
if err != nil {
session.AddFlash("Could not load news item "+strconv.Itoa(id), flash_err)
session.Save(r, w)
http.Redirect(w, r, "/news", http.StatusFound)
2015-09-17 15:03:53 +00:00
return
}
session.Save(r, w)
ShowTemplate("post", w, r, map[string]interface{}{"mode": "edit", "user": user, "flashes": flashes, "categories": categories.CategoriesTree, "link": newsItem.Url, "title": newsItem.Title, "notes": newsItem.Notes, "popup": false, "category_id": newsItem.Category_id, "id": newsItem.Id()})
return
2015-09-17 15:03:53 +00:00
}
func editPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-11-20 04:03:51 +00:00
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
2015-11-20 04:00:33 +00:00
if idErr != nil {
2015-09-21 15:26:31 +00:00
session.AddFlash("Error trying to save news item", flash_err)
session.Save(r, w)
http.Redirect(w, r, "/news", http.StatusFound)
return
}
2015-11-20 04:00:33 +00:00
news, err := news.Get(db, id)
2015-09-24 03:22:12 +00:00
if err != nil {
fmt.Println("Error trying to edit news item that doesn't exist")
session.AddFlash("Error trying to save news item", flash_err)
session.Save(r, w)
http.Redirect(w, r, "/news", http.StatusFound)
return
}
2015-09-17 15:03:53 +00:00
news.Title = r.FormValue("title")
news.Notes = r.FormValue("notes")
news.Url = r.FormValue("link")
2015-09-21 15:26:31 +00:00
2015-09-17 15:03:53 +00:00
category_id, err := strconv.Atoi(r.FormValue("category"))
if err != nil {
2015-09-21 15:26:31 +00:00
var flashes = make(map[string]interface{})
flashes["error"] = []string{"Category required: " + err.Error()}
ShowTemplate("post", w, r, map[string]interface{}{"mode": "edit", "user": user, "flashes": flashes, "link": news.Url, "categories": categories.CategoriesTree, "title": news.Title, "popup": false, "notes": news.Notes, "category_id": news.Category_id, "id": news.Id()})
2015-09-21 15:26:31 +00:00
return
2015-09-17 15:03:53 +00:00
}
news.Category_id = category_id
2015-09-24 03:22:12 +00:00
err = news.Update(db)
2015-09-17 15:03:53 +00:00
if err != nil {
2015-09-24 03:22:12 +00:00
var flashes = make(map[string]interface{})
flashes["error"] = []string{"Error saving news: " + err.Error()}
ShowTemplate("post", w, r, map[string]interface{}{"mode": "edit", "user": user, "flashes": flashes, "link": news.Url, "categories": categories.CategoriesTree, "title": news.Title, "popup": false, "notes": news.Notes, "category_id": news.Category_id, "id": news.Id()})
2015-09-24 03:22:12 +00:00
return
2015-09-17 15:03:53 +00:00
} else {
2015-09-24 03:22:12 +00:00
session.AddFlash("Updated news \""+news.Title+"\"", flash_info)
2015-09-17 15:03:53 +00:00
session.Save(r, w)
2015-09-24 03:22:12 +00:00
http.Redirect(w, r, "/", http.StatusFound)
2015-09-17 15:03:53 +00:00
}
}
func templateFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-09-13 21:57:22 +00:00
flashes := GetFlashes(session)
session.Save(r, w)
news, count, err := news.Unexported(db)
2015-05-13 06:21:06 +00:00
if err != nil {
2015-09-13 21:57:22 +00:00
return
2015-05-13 06:21:06 +00:00
}
2015-09-13 21:57:22 +00:00
2015-05-13 15:26:30 +00:00
var templateBuf bytes.Buffer
2015-05-16 19:48:42 +00:00
template, err := txtTemplate.ParseFiles("templates/html_template.txt")
2015-05-13 15:26:30 +00:00
if err != nil {
2015-09-13 21:57:22 +00:00
fmt.Println("Error processing html_tempalte:", err)
2015-05-13 15:26:30 +00:00
}
err = template.Execute(&templateBuf, map[string]interface{}{"news": news})
if err != nil {
fmt.Println("Exec err: ", err)
}
2015-09-13 21:57:22 +00:00
ShowTemplate("export", w, r, map[string]interface{}{"user": user, "flashes": flashes, "template": &templateBuf, "count": count, "url": config.Url})
2015-04-30 04:38:40 +00:00
}
func exportHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-05-15 14:26:50 +00:00
err := news.MarkExported(db)
2015-09-13 21:57:22 +00:00
2015-05-15 14:26:50 +00:00
if err != nil {
2015-09-13 21:57:22 +00:00
session.AddFlash("Error marking last batch of news exported", flash_err)
2015-05-15 14:26:50 +00:00
} else {
session.AddFlash("Last batch of news marked exported", flash_info)
}
session.Save(r, w)
http.Redirect(w, r, "/export", http.StatusFound)
2015-04-30 04:32:39 +00:00
}
func addedHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-09-13 21:57:22 +00:00
flashes := GetFlashes(session)
session.Save(r, w)
ShowTemplate("added", w, r, map[string]interface{}{"user": user, "flashes": flashes})
2015-05-16 19:48:42 +00:00
}
2015-04-30 04:32:39 +00:00
2015-09-03 14:16:16 +00:00
func deleteHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
2015-09-13 21:57:22 +00:00
2015-09-03 14:16:16 +00:00
if idErr != nil {
2015-09-13 21:57:22 +00:00
session.AddFlash("Invalid news to delete", flash_err)
2015-09-03 14:16:16 +00:00
} else {
2015-09-13 21:57:22 +00:00
err := news.Delete(db, id)
if err != nil {
session.AddFlash("Error commiting to Database", flash_err)
} else {
session.AddFlash("Deleted news post", flash_info)
}
}
2015-09-03 14:16:16 +00:00
2015-09-13 21:57:22 +00:00
session.Save(r, w)
http.Redirect(w, r, "/", http.StatusFound)
}
2015-05-22 05:59:28 +00:00
func categoriesFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-09-13 21:57:22 +00:00
flashes := GetFlashes(session)
session.Save(r, w)
categories.LoadCategories(db)
ShowTemplate("categories", w, r, map[string]interface{}{"user": user, "flashes": flashes, "categories": categories.CategoriesTree})
}
func categoriesPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-09-13 21:57:22 +00:00
http.Redirect(w, r, "/categories", http.StatusFound)
}
2015-06-21 18:42:05 +00:00
func categoryFromReqArg(arg string) *categories.Category {
2015-09-13 21:57:22 +00:00
if cid, err := strconv.Atoi(arg); err != nil {
return nil
} else if category, ok := categories.CategoriesFlat[cid]; !ok {
return nil
} else {
return category
}
2015-06-21 18:42:05 +00:00
}
func categoryChangeParentHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-06-21 18:42:05 +00:00
categories.LoadCategories(db)
2015-11-20 04:00:33 +00:00
category := categoryFromReqArg(mux.Vars(r)["id"])
2015-06-21 18:42:05 +00:00
parent := categoryFromReqArg(r.FormValue("parent"))
2015-09-13 21:57:22 +00:00
2015-06-21 18:42:05 +00:00
if category == nil {
2015-09-13 21:57:22 +00:00
session.AddFlash("Invalid category", flash_err)
} else if parent != nil && category.Id == parent.Id {
session.AddFlash("Cannot set category parent to itself", flash_err)
2015-06-21 18:42:05 +00:00
} else {
2015-09-13 21:57:22 +00:00
err := category.ChangeParent(db, parent)
if err != nil {
session.AddFlash("Error commiting to Database", flash_err)
} else {
session.AddFlash("Changed category parent", flash_info)
}
}
session.Save(r, w)
http.Redirect(w, r, "/categories", http.StatusFound)
}
func categoryAddHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-07-09 03:30:47 +00:00
name := r.FormValue("name")
parent, perr := strconv.Atoi(r.FormValue("parent"))
2015-09-13 21:57:22 +00:00
2015-07-09 03:30:47 +00:00
if perr != nil {
2015-09-13 21:57:22 +00:00
parent = -1
2015-07-09 03:30:47 +00:00
}
if name == "" {
2015-09-13 21:57:22 +00:00
session.AddFlash("Invalid category name", flash_err)
2015-07-08 04:38:15 +00:00
} else {
2015-09-13 21:57:22 +00:00
err := categories.Add(db, name, parent)
if err != nil {
session.AddFlash("Error commiting to Database", flash_err)
} else {
session.AddFlash("Added category", flash_info)
}
}
session.Save(r, w)
http.Redirect(w, r, "/categories", http.StatusFound)
2015-07-08 04:38:15 +00:00
}
func categoryDeleteHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-11-20 04:00:33 +00:00
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
2015-09-13 21:57:22 +00:00
if idErr != nil {
2015-09-13 21:57:22 +00:00
session.AddFlash("Invalid category to delete", flash_err)
} else {
2015-09-13 21:57:22 +00:00
err := categories.Delete(db, id)
if err != nil {
session.AddFlash("Error commiting to Database", flash_err)
} else {
session.AddFlash("Deleted category", flash_info)
}
}
session.Save(r, w)
http.Redirect(w, r, "/categories", http.StatusFound)
}
2015-07-14 15:10:22 +00:00
func newsFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
2015-09-13 21:57:22 +00:00
flashes := GetFlashes(session)
session.Save(r, w)
var offset = 0
var amount = 100
argOffset, eOffset := strconv.Atoi(r.FormValue("offset"))
if eOffset == nil {
offset = amount * argOffset
}
news, count, err := news.LoadPage(db, offset, amount)
2015-07-21 14:10:57 +00:00
if err != nil {
2015-09-13 21:57:22 +00:00
session.AddFlash("Error loading news", flash_err)
2015-07-21 14:10:57 +00:00
}
2015-09-13 21:57:22 +00:00
ShowTemplate("news", w, r, map[string]interface{}{"user": user, "flashes": flashes, "news": news, "count": count, "categories": categories.CategoriesFlat, "url": config.Url})
2015-07-14 15:10:22 +00:00
}
2015-09-13 21:57:22 +00:00
func ServeFileHandler(res http.ResponseWriter, req *http.Request) {
fname := path.Base(req.URL.Path)
http.ServeFile(res, req, "./"+fname)
}
2015-05-22 22:34:06 +00:00
func init_route_handlers() *mux.Router {
2015-04-29 15:25:48 +00:00
r := mux.NewRouter()
2015-09-13 21:57:22 +00:00
// Basic Handle - static files - no CSRF wrapper
r.PathPrefix("/js/").Handler(http.StripPrefix("/js/", http.FileServer(http.Dir("js/"))))
r.PathPrefix("/css/").Handler(http.StripPrefix("/css/", http.FileServer(http.Dir("css/"))))
r.PathPrefix("/fonts/").Handler(http.StripPrefix("/fonts", http.FileServer(http.Dir("fonts/"))))
r.HandleFunc("/favicon.ico", ServeFileHandler)
rGet := r.Methods("GET").Subrouter()
rPost := r.Methods("POST").Subrouter()
2015-11-20 04:03:51 +00:00
rGet.HandleFunc("/login", LoginFormHandler)
rPost.HandleFunc("/login", LoginPostHandler)
2015-11-20 04:03:51 +00:00
rPost.HandleFunc("/logout", userHandler(LogoutHandler))
rGet.HandleFunc("/news/add", userHandler(addFormHandler))
rPost.HandleFunc("/news/add", userHandler(addPostHandler))
2015-11-20 04:03:51 +00:00
rGet.HandleFunc("/", userHandler(newsFormHandler))
rGet.HandleFunc("/news", userHandler(newsFormHandler))
2015-11-20 04:03:51 +00:00
rGet.HandleFunc("/news/export", userHandler(templateFormHandler))
rPost.HandleFunc("/news/export", userHandler(exportHandler))
2015-11-20 04:03:51 +00:00
rGet.HandleFunc("/news/added", userHandler(addedHandler))
2015-11-20 04:03:51 +00:00
rPost.HandleFunc("/news/{id:[0-9]+}/delete", userHandler(deleteHandler))
rGet.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editFormHandler))
rPost.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editPostHandler))
rGet.HandleFunc("/categories", userHandler(categoriesFormHandler))
rPost.HandleFunc("/caegories", userHandler(categoriesPostHandler))
2015-11-20 04:03:51 +00:00
2015-11-20 04:00:33 +00:00
rPost.HandleFunc("/categories/{id:[0-9]+}/change-parent", userHandler(categoryChangeParentHandler))
rPost.HandleFunc("/categories/add", userHandler(categoryAddHandler))
2015-11-20 04:00:33 +00:00
rPost.HandleFunc("/categories/{id:[0-9]+}/delete", userHandler(categoryDeleteHandler))
return r
}