transmet/route_handlers.go

202 lines
6.3 KiB
Go

package main
import (
"github.com/gorilla/mux"
"github.com/gorilla/sessions"
"net/http"
"github.com/dballard/transmet/user"
"fmt"
"time"
"io/ioutil"
"regexp"
"strings"
"strconv"
"github.com/dballard/transmet/tags"
"github.com/dballard/transmet/news"
)
func GetFlashes(session *sessions.Session) map[string]interface{} {
var flashes = make(map[string]interface{})
flashes["error"] = session.Flashes(flash_err)
flashes["info"] = session.Flashes(flash_info)
return flashes
}
func sessionWipe(session *sessions.Session) {
session.Values = make(map[interface{}]interface{})
}
func initSessionUser(r *http.Request) (*user.User, *sessions.Session) {
session, _ := store.Get(r, "c_user")
if session.Values["username"] == nil {
return nil, session
}
return user.NewUserFromUsername(db, session.Values["username"].(string)), session
}
// wrapper for handlers requiring a User
func userHandler(next func(http.ResponseWriter, *http.Request, *user.User)) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
user, _ := initSessionUser(r)
if user == nil {
http.Redirect(w, r, "/login", http.StatusFound)
} else {
next(w, r, user)
}
}
}
// wrapper for handlers forking on GET and POST
// r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
func getPostHandler(getFn, postFn func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
getFn(w, r)
} else { // POST
postFn(w, r)
}
}
}
func ShowTemplate(template string, w http.ResponseWriter, data map[string]interface{}) {
err := templates[template].Execute(w, data)
if err != nil {
fmt.Println("Exec err: ", err)
}
// TODO: show error 500 page
}
// Log in page handler
func LoginFormHandler(w http.ResponseWriter, r *http.Request) {
session, _ := store.Get(r, "c_user")
flashes := GetFlashes(session)
session.Save(r, w)
ShowTemplate("login", w, map[string]interface{}{"flashes": flashes})
}
// handler for login POST
// TODO: proper per account and client flood control rate limiting
// currently weak per call slow down is by-passable at scale
func LoginPostHandler(w http.ResponseWriter, r *http.Request) {
time.Sleep(500 * time.Millisecond) // WEAK poor mans rate limiting for logins
r.ParseForm()
username := r.PostFormValue("username")
// lookup user
password := r.PostFormValue("password")
user := user.NewUserFromAuth(db, username, password)
if user != nil {
session, _ := store.Get(r, "c_user")
session.Values["username"] = user.Username
session.Save(r, w)
if r.URL.Query().Get("url") != "" {
http.Redirect(w, r, "/add?" + r.URL.RawQuery, http.StatusFound)
}
http.Redirect(w, r, "/", http.StatusFound)
} else {
time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins
session, _ := store.Get(r, "c_user")
session.AddFlash("Username or password", flash_err)
session.Save(r, w)
http.Redirect(w, r, "/login?"+r.URL.RawQuery, http.StatusFound)
}
}
// ?url=
func addFormHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
tags.LoadTags(db)
session, _ := store.Get(r, "c_user")
flashes := GetFlashes(session)
title := session.Values["title"]
delete(session.Values, "title")
link := session.Values["link"]
delete(session.Values, "link")
description := session.Values["description"]
delete(session.Values, "description")
session.Save(r, w)
if link != "" {
//TODO tag_id
ShowTemplate("add", w, map[string]interface{}{"user": user, "flashes": flashes, "tags": tags.TagsTree, "link": link, "title": title, "description": description})
return
}
var url = r.URL.Query().Get("url")
reHttp := regexp.MustCompile("^http://")
if ! reHttp.Match([]byte(url)) {
url = "http://" + url
}
resp, err := http.Get(url)
if err != nil {
fmt.Println("Error looking up link", url, ":", err)
} else {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
fmt.Println("Error reading link", url, ":", err)
} else {
re := regexp.MustCompile("< *[Tt][Ii][Tt][Ll][Ee] *>(.*)</ *[Tt][Ii][Tt][Ll][Ee] *>")
title := re.FindStringSubmatch(string(body))
if title != nil {
ShowTemplate("add", w, map[string]interface{}{"user": user, "flashes": flashes, "link": url, "tags": tags.TagsTree, "title": strings.TrimSpace(title[1])})
return
}
}
}
ShowTemplate("add", w, map[string]interface{}{"user": user, "link": url, "tags": tags.TagsTree, "flashes": flashes})
}
func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
session, _ := store.Get(r, "c_user")
var news news.News
news.Title = r.FormValue("title")
news.Description = r.FormValue("description")
news.Url = r.FormValue("link")
tag_id, err := strconv.Atoi(r.FormValue("tag"))
if err != nil {
tag_id = -1
}
news.Tag_id = tag_id
err = (&news).Insert(db)
if err != nil {
session.AddFlash("Error saving news: " + err.Error(), flash_err)
session.Values["title"] = news.Title
session.Values["link"] = news.Url
session.Values["description"] = news.Description
session.Save(r, w)
http.Redirect(w, r, "/add", http.StatusFound)
} else {
// TODO auto close? redirect
session.AddFlash("Added news \""+news.Title+"\"", flash_info)
session.Save(r, w)
http.Redirect(w, r, "/", http.StatusFound)
}
}
func templateFormHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
ShowTemplate("list", w, map[string]interface{}{"user": user})
}
func templatePostHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
}
func init_route_handlers() {
http.Handle("/js/", http.StripPrefix("/js/", http.FileServer(http.Dir("js/"))))
http.Handle("/css/", http.StripPrefix("/css/", http.FileServer(http.Dir("css/"))))
http.Handle("/fonts/", http.StripPrefix("/fonts", http.FileServer(http.Dir("fonts/"))))
r := mux.NewRouter()
r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
r.HandleFunc("/add", getPostHandler(userHandler(addFormHandler), userHandler(addPostHandler)))
r.HandleFunc("/", getPostHandler(userHandler(templateFormHandler), userHandler(templatePostHandler)))
http.Handle("/", r)
}