2015-04-29 15:25:48 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/gorilla/mux"
|
2015-04-30 04:32:39 +00:00
|
|
|
"github.com/gorilla/sessions"
|
2015-04-29 15:25:48 +00:00
|
|
|
"net/http"
|
2015-04-30 04:32:39 +00:00
|
|
|
"github.com/dballard/transmet/user"
|
|
|
|
"fmt"
|
|
|
|
"time"
|
2015-05-03 16:31:36 +00:00
|
|
|
"io/ioutil"
|
|
|
|
"regexp"
|
2015-05-05 14:09:10 +00:00
|
|
|
"strings"
|
2015-05-10 21:55:21 +00:00
|
|
|
"strconv"
|
2015-05-12 05:06:28 +00:00
|
|
|
"github.com/dballard/transmet/categories"
|
2015-05-10 21:55:21 +00:00
|
|
|
"github.com/dballard/transmet/news"
|
2015-05-13 15:26:30 +00:00
|
|
|
"bytes"
|
|
|
|
"html/template"
|
2015-04-29 15:25:48 +00:00
|
|
|
)
|
|
|
|
|
2015-04-30 04:32:39 +00:00
|
|
|
func GetFlashes(session *sessions.Session) map[string]interface{} {
|
|
|
|
var flashes = make(map[string]interface{})
|
|
|
|
flashes["error"] = session.Flashes(flash_err)
|
|
|
|
flashes["info"] = session.Flashes(flash_info)
|
|
|
|
return flashes
|
|
|
|
}
|
|
|
|
|
|
|
|
func sessionWipe(session *sessions.Session) {
|
|
|
|
session.Values = make(map[interface{}]interface{})
|
|
|
|
}
|
|
|
|
|
|
|
|
func initSessionUser(r *http.Request) (*user.User, *sessions.Session) {
|
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
if session.Values["username"] == nil {
|
|
|
|
return nil, session
|
|
|
|
}
|
|
|
|
|
|
|
|
return user.NewUserFromUsername(db, session.Values["username"].(string)), session
|
|
|
|
}
|
|
|
|
|
|
|
|
// wrapper for handlers requiring a User
|
|
|
|
func userHandler(next func(http.ResponseWriter, *http.Request, *user.User)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user, _ := initSessionUser(r)
|
|
|
|
if user == nil {
|
2015-05-01 15:20:02 +00:00
|
|
|
http.Redirect(w, r, "/login", http.StatusFound)
|
2015-04-30 04:32:39 +00:00
|
|
|
} else {
|
|
|
|
next(w, r, user)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// wrapper for handlers forking on GET and POST
|
|
|
|
// r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
|
|
|
|
func getPostHandler(getFn, postFn func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if r.Method == "GET" {
|
|
|
|
getFn(w, r)
|
|
|
|
} else { // POST
|
|
|
|
postFn(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-03 16:31:36 +00:00
|
|
|
func ShowTemplate(template string, w http.ResponseWriter, data map[string]interface{}) {
|
|
|
|
err := templates[template].Execute(w, data)
|
2015-05-02 19:28:11 +00:00
|
|
|
if err != nil {
|
|
|
|
fmt.Println("Exec err: ", err)
|
|
|
|
}
|
|
|
|
// TODO: show error 500 page
|
|
|
|
}
|
|
|
|
|
2015-04-30 04:32:39 +00:00
|
|
|
// Log in page handler
|
|
|
|
func LoginFormHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
flashes := GetFlashes(session)
|
|
|
|
session.Save(r, w)
|
2015-05-03 16:31:36 +00:00
|
|
|
|
|
|
|
ShowTemplate("login", w, map[string]interface{}{"flashes": flashes})
|
2015-04-30 04:32:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// handler for login POST
|
|
|
|
// TODO: proper per account and client flood control rate limiting
|
|
|
|
// currently weak per call slow down is by-passable at scale
|
|
|
|
func LoginPostHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
time.Sleep(500 * time.Millisecond) // WEAK poor mans rate limiting for logins
|
|
|
|
r.ParseForm()
|
|
|
|
username := r.PostFormValue("username")
|
|
|
|
// lookup user
|
|
|
|
password := r.PostFormValue("password")
|
|
|
|
user := user.NewUserFromAuth(db, username, password)
|
|
|
|
if user != nil {
|
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
session.Values["username"] = user.Username
|
|
|
|
session.Save(r, w)
|
2015-05-02 19:28:11 +00:00
|
|
|
if r.URL.Query().Get("url") != "" {
|
|
|
|
http.Redirect(w, r, "/add?" + r.URL.RawQuery, http.StatusFound)
|
|
|
|
}
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
2015-04-30 04:32:39 +00:00
|
|
|
} else {
|
|
|
|
time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins
|
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
session.AddFlash("Username or password", flash_err)
|
|
|
|
session.Save(r, w)
|
2015-05-02 19:28:11 +00:00
|
|
|
http.Redirect(w, r, "/login?"+r.URL.RawQuery, http.StatusFound)
|
2015-04-30 04:32:39 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-12 05:12:51 +00:00
|
|
|
// logout POST handler
|
|
|
|
func LogoutHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
//session.Options = &sessions.Options{MaxAge: -1}
|
|
|
|
sessionWipe(session)
|
|
|
|
session.Save(r, w)
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
|
|
}
|
|
|
|
|
2015-05-14 06:12:39 +00:00
|
|
|
func getUrlTitle(url string) string {
|
|
|
|
resp, err := http.Get(url)
|
|
|
|
if err != nil {
|
|
|
|
fmt.Println("Error looking up link", url, ":", err)
|
|
|
|
} else {
|
|
|
|
body, err := ioutil.ReadAll(resp.Body)
|
|
|
|
if err != nil {
|
|
|
|
fmt.Println("Error reading link", url, ":", err)
|
|
|
|
} else {
|
|
|
|
re := regexp.MustCompile("< *[Tt][Ii][Tt][Ll][Ee] *>(.*)</ *[Tt][Ii][Tt][Ll][Ee] *>")
|
|
|
|
title := re.FindStringSubmatch(string(body))
|
|
|
|
if title != nil {
|
|
|
|
return strings.TrimSpace(title[1])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
|
2015-05-02 19:28:11 +00:00
|
|
|
// ?url=
|
2015-04-30 04:38:40 +00:00
|
|
|
func addFormHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
2015-05-12 05:06:28 +00:00
|
|
|
categories.LoadCategories(db)
|
2015-05-10 21:55:21 +00:00
|
|
|
|
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
flashes := GetFlashes(session)
|
|
|
|
title := session.Values["title"]
|
|
|
|
delete(session.Values, "title")
|
|
|
|
link := session.Values["link"]
|
|
|
|
delete(session.Values, "link")
|
|
|
|
description := session.Values["description"]
|
|
|
|
delete(session.Values, "description")
|
|
|
|
session.Save(r, w)
|
|
|
|
|
2015-05-12 05:06:28 +00:00
|
|
|
if link != nil {
|
|
|
|
fmt.Println("link: '" + link.(string) + "'")
|
|
|
|
//TODO category_id
|
|
|
|
ShowTemplate("add", w, map[string]interface{}{"user": user, "flashes": flashes, "categories": categories.CategoriesTree, "link": link, "title": title, "description": description})
|
2015-05-10 21:55:21 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2015-05-03 16:31:36 +00:00
|
|
|
var url = r.URL.Query().Get("url")
|
2015-05-14 06:12:39 +00:00
|
|
|
reHttp := regexp.MustCompile("^https?://")
|
2015-05-12 15:32:47 +00:00
|
|
|
if url != "" && ! reHttp.Match([]byte(url)) {
|
2015-05-05 14:09:10 +00:00
|
|
|
url = "http://" + url
|
|
|
|
}
|
2015-05-14 06:12:39 +00:00
|
|
|
|
|
|
|
title = r.URL.Query().Get("title")
|
|
|
|
if title == "" && url != "" {
|
|
|
|
title = getUrlTitle(url)
|
2015-05-03 16:31:36 +00:00
|
|
|
}
|
|
|
|
|
2015-05-14 06:12:39 +00:00
|
|
|
ShowTemplate("add", w, map[string]interface{}{"user": user, "flashes": flashes, "link": url, "categories": categories.CategoriesTree, "title": title})
|
2015-04-30 04:38:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
2015-05-10 21:55:21 +00:00
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
var news news.News
|
|
|
|
news.Title = r.FormValue("title")
|
2015-05-12 05:06:28 +00:00
|
|
|
news.Notes = r.FormValue("notes")
|
2015-05-10 21:55:21 +00:00
|
|
|
news.Url = r.FormValue("link")
|
2015-05-12 05:06:28 +00:00
|
|
|
category_id, err := strconv.Atoi(r.FormValue("category"))
|
2015-05-10 21:55:21 +00:00
|
|
|
if err != nil {
|
2015-05-12 05:06:28 +00:00
|
|
|
category_id = -1
|
2015-05-10 21:55:21 +00:00
|
|
|
}
|
2015-05-12 05:06:28 +00:00
|
|
|
news.Category_id = category_id
|
2015-04-30 04:38:40 +00:00
|
|
|
|
2015-05-10 21:55:21 +00:00
|
|
|
err = (&news).Insert(db)
|
|
|
|
if err != nil {
|
|
|
|
session.AddFlash("Error saving news: " + err.Error(), flash_err)
|
|
|
|
session.Values["title"] = news.Title
|
|
|
|
session.Values["link"] = news.Url
|
2015-05-12 05:06:28 +00:00
|
|
|
session.Values["notes"] = news.Notes
|
2015-05-10 21:55:21 +00:00
|
|
|
session.Save(r, w)
|
|
|
|
http.Redirect(w, r, "/add", http.StatusFound)
|
|
|
|
} else {
|
|
|
|
// TODO auto close? redirect
|
|
|
|
session.AddFlash("Added news \""+news.Title+"\"", flash_info)
|
|
|
|
session.Save(r, w)
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
|
|
}
|
2015-04-30 04:38:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func templateFormHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
2015-05-12 05:06:28 +00:00
|
|
|
session, _ := store.Get(r, "c_user")
|
|
|
|
flashes := GetFlashes(session)
|
|
|
|
session.Save(r, w)
|
2015-05-13 06:21:06 +00:00
|
|
|
|
|
|
|
news, err := news.Unexported(db)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
2015-05-13 15:26:30 +00:00
|
|
|
|
|
|
|
var templateBuf bytes.Buffer
|
|
|
|
template, err := template.ParseFiles("templates/html_template.html")
|
|
|
|
if err != nil {
|
|
|
|
fmt.Println("Error processing html_tempalte:" , err)
|
|
|
|
}
|
|
|
|
err = template.Execute(&templateBuf, map[string]interface{}{"news": news})
|
|
|
|
if err != nil {
|
|
|
|
fmt.Println("Exec err: ", err)
|
|
|
|
}
|
2015-05-13 06:21:06 +00:00
|
|
|
|
2015-05-14 06:12:39 +00:00
|
|
|
ShowTemplate("list", w, map[string]interface{}{"user": user, "flashes": flashes, "template": &templateBuf, "url": config.Url})
|
2015-04-30 04:38:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func templatePostHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
2015-05-13 06:21:06 +00:00
|
|
|
|
2015-04-30 04:32:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2015-04-29 15:25:48 +00:00
|
|
|
func init_route_handlers() {
|
|
|
|
http.Handle("/js/", http.StripPrefix("/js/", http.FileServer(http.Dir("js/"))))
|
|
|
|
http.Handle("/css/", http.StripPrefix("/css/", http.FileServer(http.Dir("css/"))))
|
|
|
|
http.Handle("/fonts/", http.StripPrefix("/fonts", http.FileServer(http.Dir("fonts/"))))
|
|
|
|
|
|
|
|
r := mux.NewRouter()
|
|
|
|
|
2015-04-30 04:32:39 +00:00
|
|
|
r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
|
2015-05-12 05:12:51 +00:00
|
|
|
r.HandleFunc("/logout", userHandler(LogoutHandler))
|
|
|
|
|
2015-04-30 04:32:39 +00:00
|
|
|
r.HandleFunc("/add", getPostHandler(userHandler(addFormHandler), userHandler(addPostHandler)))
|
|
|
|
r.HandleFunc("/", getPostHandler(userHandler(templateFormHandler), userHandler(templatePostHandler)))
|
2015-04-29 15:25:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
http.Handle("/", r)
|
2015-05-10 21:55:21 +00:00
|
|
|
}
|