jason/cpolis
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases 58 Wiki Activity

Compare commits

base: jason:88776337e43c546b5bb139232bc8f7d7bbeaff1a
Branches Tags
jason:main jason:devel jason:firebase jason:tailwind jason:publish_issue jason:article_db jason:streifling.com/rss jason:new_rss jason:sessions
jason:v0.17.1 jason:v0.17.0 jason:v0.16.2 jason:v0.16.1 jason:v0.16.0 jason:v0.15.5 jason:v0.15.4 jason:v0.15.3 jason:v0.15.2 jason:v0.15.1 jason:v0.15.0 jason:v0.14.1 jason:v0.14.0 jason:v0.13.4 jason:v0.13.3 jason:v0.13.2 jason:v0.13.1 jason:v0.13.0 jason:v0.12.0 jason:v0.11.1 jason:v0.11.0 jason:v0.10.3 jason:v0.10.2 jason:v0.10.1 jason:v0.10.0 jason:v0.9.1 jason:v0.9.0 jason:v0.8.3 jason:v0.8.2 jason:v0.8.1 jason:v0.8.0 jason:v0.7.8 jason:v0.7.7 jason:v0.7.6 jason:v0.7.5 jason:v0.7.4 jason:v0.7.3 jason:v0.7.2 jason:v0.7.1 jason:v0.7.0 jason:v0.6.1 jason:v0.6.0 jason:v0.5.2 jason:v0.5.1 jason:v0.5.0 jason:v0.4.0 jason:v0.3.0 jason:v0.2.7 jason:v0.2.6 jason:v0.2.5 jason:v0.2.4 jason:v0.2.3 jason:cpolis-v0.2.2 jason:cpolis-v0.2.1 jason:cpolis-v0.2.0 jason:v0.1.2 jason:v0.1.1 jason:v0.1.0
..
compare: jason:v0.14.1
Branches Tags
jason:main jason:devel jason:firebase jason:tailwind jason:publish_issue jason:article_db jason:streifling.com/rss jason:new_rss jason:sessions
jason:v0.17.1 jason:v0.17.0 jason:v0.16.2 jason:v0.16.1 jason:v0.16.0 jason:v0.15.5 jason:v0.15.4 jason:v0.15.3 jason:v0.15.2 jason:v0.15.1 jason:v0.15.0 jason:v0.14.1 jason:v0.14.0 jason:v0.13.4 jason:v0.13.3 jason:v0.13.2 jason:v0.13.1 jason:v0.13.0 jason:v0.12.0 jason:v0.11.1 jason:v0.11.0 jason:v0.10.3 jason:v0.10.2 jason:v0.10.1 jason:v0.10.0 jason:v0.9.1 jason:v0.9.0 jason:v0.8.3 jason:v0.8.2 jason:v0.8.1 jason:v0.8.0 jason:v0.7.8 jason:v0.7.7 jason:v0.7.6 jason:v0.7.5 jason:v0.7.4 jason:v0.7.3 jason:v0.7.2 jason:v0.7.1 jason:v0.7.0 jason:v0.6.1 jason:v0.6.0 jason:v0.5.2 jason:v0.5.1 jason:v0.5.0 jason:v0.4.0 jason:v0.3.0 jason:v0.2.7 jason:v0.2.6 jason:v0.2.5 jason:v0.2.4 jason:v0.2.3 jason:cpolis-v0.2.2 jason:cpolis-v0.2.1 jason:cpolis-v0.2.0 jason:v0.1.2 jason:v0.1.1 jason:v0.1.0

49 Commits
88776337e4 ... v0.14.1

Author SHA1 Message Date
Jason Streifling
e03fd78ea9 Merge branch 'devel' 2025-01-12 14:36:01 +01:00
Jason Streifling
370ef205a9 Merge branch 'devel' 2024-12-27 21:36:02 +01:00
Jason Streifling
d328ddb749 Merge branch 'devel' 2024-10-30 03:25:18 +01:00
Jason Streifling
5dc5590da9 Merge branch 'devel' 2024-10-30 02:24:50 +01:00
Jason Streifling
364112a0a4 Merge branch 'devel' 2024-10-30 02:14:16 +01:00
Jason Streifling
a38523e933 Merge branch 'devel' 2024-10-30 02:13:03 +01:00
Jason Streifling
200672dae2 Merge branch 'devel' 2024-10-28 18:28:31 +01:00
Jason Streifling
3d3aad88c8 Merge branch 'devel' 2024-10-28 18:27:33 +01:00
Jason Streifling
e4e43d1a83 Merge branch 'devel' 2024-10-28 18:02:56 +01:00
Jason Streifling
737a9ec314 Merge branch 'devel' 2024-10-27 15:29:50 +01:00
Jason Streifling
1ebe0380ee Merge branch 'devel' 2024-10-27 15:28:22 +01:00
Jason Streifling
d62d71b5d1 Merge branch 'devel' 2024-10-27 15:14:11 +01:00
Jason Streifling
b36e0ea503 Merge branch 'devel' 2024-10-04 16:06:57 +02:00
Jason Streifling
bc4d8fa37e Merge branch 'devel' 2024-09-28 13:59:34 +02:00
Jason Streifling
d2b21e7405 Merge branch 'devel' 2024-09-28 12:36:46 +02:00
Jason Streifling
e3c192359f Merge branch 'devel' 2024-09-11 18:15:31 +02:00
Jason Streifling
46532e4c85 Merge branch 'devel' 2024-09-11 18:15:07 +02:00
Jason Streifling
c722135a56 Merge branch 'devel' 2024-09-11 17:18:42 +02:00
Jason Streifling
887fa863bc Merge branch 'devel' 2024-09-10 19:43:22 +02:00
Jason Streifling
74d71cfb6a Merge branch 'devel' 2024-09-09 22:03:43 +02:00
Jason Streifling
ca7e7cddd3 Merge branch 'devel' 2024-09-08 16:22:59 +02:00
Jason Streifling
94431a2aa9 Merge branch 'devel' 2024-09-08 16:21:38 +02:00
Jason Streifling
5b1f20c5bc Merge branch 'devel' 2024-09-08 13:36:22 +02:00
Jason Streifling
d0c566f8df Merge branch 'devel' 2024-09-01 21:14:05 +02:00
Jason Streifling
5e586aa49a Merge branch 'devel' 2024-09-01 18:51:33 +02:00
Jason Streifling
66b2743d3d Merge branch 'devel' 2024-09-01 18:48:26 +02:00
Jason Streifling
3723b2b5e6 Merge branch 'devel' 2024-09-01 18:18:18 +02:00
Jason Streifling
ce788bfd50 Merge branch 'devel' 2024-09-01 12:54:12 +02:00
Jason Streifling
230a6278cc Merge branch 'devel' 2024-09-01 12:49:30 +02:00
Jason Streifling
42d6e0c198 Merge branch 'devel' 2024-08-31 12:17:41 +02:00
Jason Streifling
e1af2979af Merge branch 'devel' 2024-08-31 11:27:15 +02:00
Jason Streifling
f6dedc6f10 Merge branch 'devel' 2024-08-31 01:43:53 +02:00
Jason Streifling
cdf0a49550 Merge branch 'devel' 2024-08-31 01:38:28 +02:00
Jason Streifling
c3c0650210 Merge branch 'devel' 2024-08-31 01:00:55 +02:00
Jason Streifling
d077f700d8 Merge branch 'devel' 2024-08-31 00:36:48 +02:00
Jason Streifling
ec752b1c66 Merge branch 'devel' 2024-08-30 23:43:12 +02:00
Jason Streifling
46aef4f12f Merge branch 'devel' 2024-08-25 10:51:35 +02:00
Jason Streifling
1b29e328cf Merge branch 'devel' 2024-08-25 06:38:55 +02:00
Jason Streifling
e50cb819f3 Merge branch 'devel' 2024-08-23 21:45:30 +02:00
Jason Streifling
c32e38ca10 Merge branch 'devel' 2024-08-23 20:57:11 +02:00
Jason Streifling
d7c8c7a43a Merge branch 'devel' 2024-08-18 17:31:00 +02:00
Jason Streifling
1cd3edc90c Merge branch 'devel' 2024-08-18 12:06:29 +02:00
Jason Streifling
0e768c9f61 Merge branch 'devel' 2024-08-08 21:27:07 +02:00
Jason Streifling
1fcd775cc5 Merge branch 'devel' 2024-08-08 21:14:24 +02:00
Jason Streifling
203a1ed147 Implemented EasyMDE 2024-08-08 21:13:25 +02:00
Jason Streifling
ef1914ee5c Implemented article preview 2024-08-08 21:13:25 +02:00
Jason Streifling
084b101e31 Register f.ArticlePreviewHtmlData in init() 2024-08-08 21:13:25 +02:00
Jason Streifling
b2db128aa9 Shorten lines by referencing frontend as f and backend as b 2024-08-08 21:13:25 +02:00
Jason Streifling
081e880fb6 Change structure of code tor frontend and backend one 2024-08-08 21:13:25 +02:00
15 changed files with 489 additions and 396 deletions
Expand all files Collapse all files

1
.air.toml
View File

@ -12,6 +12,7 @@ args_bin = [
"-domain localhost",
"-feed tmp/cpolis.atom",
"-firebase tmp/firebase.json",
"-gob tmp/cpolis.gob",
"-img-width 256",
"-link https://distrikt-ni-st.de",
"-log tmp/cpolis.log",

110
cmd/backend/config.go
View File

@ -12,48 +12,48 @@ import (
)
type Config struct {
AESKeyFile string
ArticleDir string
AtomFile string
ConfigFile string
DBName string
Description string
Domain string
FirebaseKey string
Link string
LogFile string
PDFDir string
PicsDir string
Port string
Title string
Version string
WebDir string
CookieExpiryHours int
MaxBannerHeight int
MaxBannerWidth int
MaxImgHeight int
MaxImgWidth int
AESKeyFile string
ArticleDir string
ConfigFile string
DBName string
Description string
Domain string
AtomFile string
FirebaseKey string
GOBKeyFile string
Link string
LogFile string
PDFDir string
PicsDir string
Port string
Title string
Version string
WebDir string
MaxBannerHeight int
MaxBannerWidth int
MaxImgHeight int
MaxImgWidth int
}
func newConfig() *Config {
return &Config{
AESKeyFile: "/var/www/cpolis/aes.key",
ArticleDir: "/var/www/cpolis/articles",
AtomFile: "/var/www/cpolis/cpolis.atom",
ConfigFile: "/etc/cpolis/config.toml",
CookieExpiryHours: 24 * 30,
DBName: "cpolis",
FirebaseKey: "/var/www/cpolis/serviceAccountKey.json",
LogFile: "/var/log/cpolis.log",
MaxBannerHeight: 1080,
MaxBannerWidth: 1920,
MaxImgHeight: 1080,
MaxImgWidth: 1920,
PDFDir: "/var/www/cpolis/pdfs",
PicsDir: "/var/www/cpolis/pics",
Port: ":8080",
Version: "v0.15.0",
WebDir: "/var/www/cpolis/web",
AESKeyFile: "/var/www/cpolis/aes.key",
ArticleDir: "/var/www/cpolis/articles",
AtomFile: "/var/www/cpolis/cpolis.atom",
ConfigFile: "/etc/cpolis/config.toml",
DBName: "cpolis",
FirebaseKey: "/var/www/cpolis/serviceAccountKey.json",
GOBKeyFile: "/var/www/cpolis/gob.key",
LogFile: "/var/log/cpolis.log",
MaxBannerHeight: 1080,
MaxBannerWidth: 1920,
MaxImgHeight: 1080,
MaxImgWidth: 1920,
PDFDir: "/var/www/cpolis/pdfs",
PicsDir: "/var/www/cpolis/pics",
Port: ":8080",
Version: "v0.14.1",
WebDir: "/var/www/cpolis/web",
}
}
@ -116,13 +116,13 @@ func (c *Config) handleCliArgs() error {
flag.StringVar(&c.Description, "desc", c.Description, "channel description")
flag.StringVar(&c.Domain, "domain", c.Domain, "domain name")
flag.StringVar(&c.FirebaseKey, "firebase", c.FirebaseKey, "Firebase service account key file")
flag.StringVar(&c.GOBKeyFile, "gob", c.GOBKeyFile, "gob key file")
flag.StringVar(&c.Link, "link", c.Link, "channel Link")
flag.StringVar(&c.LogFile, "log", c.LogFile, "log file")
flag.StringVar(&c.PDFDir, "pdfs", c.PDFDir, "pdf directory")
flag.StringVar(&c.PicsDir, "pics", c.PicsDir, "pictures directory")
flag.StringVar(&c.Title, "title", c.Title, "channel title")
flag.StringVar(&c.WebDir, "web", c.WebDir, "web directory")
flag.IntVar(&c.CookieExpiryHours, "cookie-expiry-hours", c.CookieExpiryHours, "cookies expire after this amount of hours")
flag.IntVar(&c.MaxBannerHeight, "banner-height", c.MaxBannerHeight, "maximum banner height")
flag.IntVar(&c.MaxBannerWidth, "banner-width", c.MaxBannerWidth, "maximum banner width")
flag.IntVar(&c.MaxImgHeight, "img-height", c.MaxImgHeight, "maximum image height")
@ -171,18 +171,6 @@ func (c *Config) setupConfig(cliConfig *Config) error {
return fmt.Errorf("error setting up directory: %v", err)
}
if cliConfig.AtomFile != defaultConfig.AtomFile {
c.AtomFile = cliConfig.AtomFile
}
c.AtomFile, err = mkFile(c.AtomFile, 0644, 0744)
if err != nil {
return fmt.Errorf("error setting up file: %v", err)
}
if cliConfig.CookieExpiryHours != defaultConfig.CookieExpiryHours {
c.CookieExpiryHours = cliConfig.CookieExpiryHours
}
if cliConfig.DBName != defaultConfig.DBName {
c.DBName = cliConfig.DBName
}
@ -194,11 +182,19 @@ func (c *Config) setupConfig(cliConfig *Config) error {
if cliConfig.Domain != defaultConfig.Domain {
c.Domain = cliConfig.Domain
}
domainStrings := strings.Split(c.Domain, ":")
if domainStrings[0] != "http" && domainStrings[0] != "https" {
domainStrings := strings.Split(c.Domain, "/")
if domainStrings[0] != "http:" && domainStrings[0] != "https:" {
c.Domain = "https://" + c.Domain
}
if cliConfig.AtomFile != defaultConfig.AtomFile {
c.AtomFile = cliConfig.AtomFile
}
c.AtomFile, err = mkFile(c.AtomFile, 0644, 0744)
if err != nil {
return fmt.Errorf("error setting up file: %v", err)
}
if cliConfig.FirebaseKey != defaultConfig.FirebaseKey {
c.FirebaseKey = cliConfig.FirebaseKey
}
@ -207,6 +203,14 @@ func (c *Config) setupConfig(cliConfig *Config) error {
return fmt.Errorf("error setting up file: %v", err)
}
if cliConfig.GOBKeyFile != defaultConfig.GOBKeyFile {
c.GOBKeyFile = cliConfig.GOBKeyFile
}
c.GOBKeyFile, err = mkFile(c.GOBKeyFile, 0600, 0700)
if err != nil {
return fmt.Errorf("error setting up file: %v", err)
}
if cliConfig.Link != defaultConfig.Link {
c.Link = cliConfig.Link
}

63
cmd/backend/sessions.go Normal file
View File

@ -0,0 +1,63 @@
package backend
import (
"crypto/rand"
"encoding/gob"
"fmt"
"io"
"os"
"github.com/gorilla/sessions"
)
type (
CookieStore struct{ sessions.CookieStore }
Session struct{ sessions.Session }
)
func NewKey() ([]byte, error) {
key := make([]byte, 32)
if _, err := io.ReadFull(rand.Reader, key); err != nil {
return nil, fmt.Errorf("error generating key: %v", err)
}
return key, nil
}
func SaveKey(key []byte, filename string) error {
file, err := os.Create(filename)
if err != nil {
return fmt.Errorf("error creating key file: %v", err)
}
defer file.Close()
file.Chmod(0600)
if err = gob.NewEncoder(file).Encode(key); err != nil {
return fmt.Errorf("error ecoding key: %v", err)
}
return nil
}
func LoadKey(filename string) ([]byte, error) {
file, err := os.Open(filename)
if err != nil {
return nil, fmt.Errorf("error opening key file: %v", err)
}
defer file.Close()
key := make([]byte, 32)
if err = gob.NewDecoder(file).Decode(&key); err != nil {
return nil, fmt.Errorf("error decoding key: %v", err)
}
return key, nil
}
func NewCookieStore(key []byte) *CookieStore {
store := sessions.NewCookieStore(key)
store.Options.Secure = true
store.Options.HttpOnly = true
return &CookieStore{*store}
}

4
cmd/calls/images.go
View File

@ -9,9 +9,9 @@ import (
f "streifling.com/jason/cpolis/cmd/frontend"
)
func ServeImage(c *b.Config, s map[string]*f.Session) http.HandlerFunc {
func ServeImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := f.ManageSession(w, r, c, s); err != nil {
if _, err := f.GetSession(w, r, c, s); err != nil {
if !tokenIsVerified(w, r, c) {
return
}

136
cmd/frontend/articles.go
View File

@ -45,27 +45,33 @@ type EditorHTMLData struct {
Contributors []*b.User
}
func WriteArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func WriteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
var data *EditorHTMLData
if session.Values["article"] == nil {
data = &EditorHTMLData{Action: "submit", Article: new(b.Article), ArticleUsers: make(map[string]*ArticleUser)}
} else {
data = session.Values["article"].(*EditorHTMLData)
}
users, err := db.GetAllUsers(c)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data := &EditorHTMLData{Action: "submit", Article: new(b.Article), ArticleUsers: make(map[string]*ArticleUser)}
for _, user := range users {
data.ArticleUsers[fmt.Sprint(user.LastName, user.FirstName, user.ID)] = &ArticleUser{User: user, ArticleRole: None}
}
creator, err := db.GetUser(c, session.User.ID)
creator, err := db.GetUser(c, session.Values["id"].(int64))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
@ -91,11 +97,19 @@ func WriteArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc
}
}
func SubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func SubmitArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session.Values["article"] = nil
if err = session.Save(r, w); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -103,7 +117,7 @@ func SubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
Title: r.PostFormValue("article-title"),
BannerLink: r.PostFormValue("article-banner-url"),
Summary: r.PostFormValue("article-summary"),
CreatorID: session.User.ID,
CreatorID: session.Values["id"].(int64),
Published: false,
Rejected: false,
IsInIssue: r.PostFormValue("issue") == "on",
@ -201,7 +215,7 @@ func SubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -213,11 +227,12 @@ func SubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
}
}
func ResubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func ResubmitArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -225,7 +240,7 @@ func ResubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerF
Title: r.PostFormValue("article-title"),
BannerLink: r.PostFormValue("article-banner-url"),
Summary: r.PostFormValue("article-summary"),
CreatorID: session.User.ID,
CreatorID: session.Values["id"].(int64),
IsInIssue: r.PostFormValue("issue") == "on",
}
@ -331,7 +346,7 @@ func ResubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerF
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -343,10 +358,11 @@ func ResubmitArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerF
}
}
func ShowUnpublishedUnrejectedAndPublishedRejectedArticles(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func ShowUnpublishedUnrejectedAndPublishedRejectedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -386,11 +402,12 @@ func ShowUnpublishedUnrejectedAndPublishedRejectedArticles(c *b.Config, db *b.DB
}
}
func ShowRejectedArticles(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func ShowRejectedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -408,7 +425,7 @@ func ShowRejectedArticles(c *b.Config, db *b.DB, s map[string]*Session) http.Han
data.MyIDs = make(map[int64]bool)
for _, article := range data.RejectedArticles {
if article.CreatorID == session.User.ID {
if article.CreatorID == session.Values["id"].(int64) {
data.MyIDs[article.ID] = true
}
}
@ -423,11 +440,12 @@ func ShowRejectedArticles(c *b.Config, db *b.DB, s map[string]*Session) http.Han
}
}
func ReviewRejectedArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func ReviewRejectedArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -495,7 +513,7 @@ func ReviewRejectedArticle(c *b.Config, db *b.DB, s map[string]*Session) http.Ha
data.ArticleUsers[fmt.Sprint(contributor.LastName, contributor.FirstName, contributor.ID)].ArticleRole = Contributor
}
creator, err := db.GetUser(c, session.User.ID)
creator, err := db.GetUser(c, session.Values["id"].(int64))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
@ -527,11 +545,12 @@ func ReviewRejectedArticle(c *b.Config, db *b.DB, s map[string]*Session) http.Ha
}
}
func PublishArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func PublishArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -605,7 +624,7 @@ func PublishArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFu
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -617,11 +636,12 @@ func PublishArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFu
}
}
func RejectArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func RejectArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -639,7 +659,7 @@ func RejectArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -651,10 +671,11 @@ func RejectArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
}
}
func ShowCurrentIssue(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func ShowCurrentIssue(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -674,10 +695,11 @@ func ShowCurrentIssue(c *b.Config, db *b.DB, s map[string]*Session) http.Handler
}
}
func ShowPublishedArticles(c *b.Config, db *b.DB, s map[string]*Session, action string) http.HandlerFunc {
func ShowPublishedArticles(c *b.Config, db *b.DB, s *b.CookieStore, action string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -710,10 +732,11 @@ func ShowPublishedArticles(c *b.Config, db *b.DB, s map[string]*Session, action
}
}
func ReviewArticle(c *b.Config, db *b.DB, s map[string]*Session, action, title, button string) http.HandlerFunc {
func ReviewArticle(c *b.Config, db *b.DB, s *b.CookieStore, action, title, button string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -804,11 +827,12 @@ func ReviewArticle(c *b.Config, db *b.DB, s map[string]*Session, action, title,
}
}
func DeleteArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func DeleteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -844,7 +868,7 @@ func DeleteArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -856,11 +880,12 @@ func DeleteArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
}
}
func AllowEditArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func AllowEditArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -937,7 +962,7 @@ func AllowEditArticle(c *b.Config, db *b.DB, s map[string]*Session) http.Handler
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl := template.Must(template.ParseFiles(c.WebDir + "/templates/hub.html"))
if err = tmpl.ExecuteTemplate(w, "page-content", data); err != nil {
@ -948,10 +973,11 @@ func AllowEditArticle(c *b.Config, db *b.DB, s map[string]*Session) http.Handler
}
}
func EditArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func EditArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}

99
cmd/frontend/homepage.go
View File

@ -1,99 +0,0 @@
package frontend
import (
"html/template"
"log"
"net/http"
"time"
b "streifling.com/jason/cpolis/cmd/backend"
)
func HomePage(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
numRows, err := db.CountEntries("users")
if err != nil {
log.Fatalln(err)
}
data := new(struct {
*UserHTMLData
Version string
})
data.UserHTMLData = &UserHTMLData{User: new(b.User)}
data.Version = c.Version
files := make([]string, 2)
files[0] = c.WebDir + "/templates/index.html"
if numRows == 0 {
data.Role = b.NonExistent
data.Title = "Erster Benutzer (Administrator)"
data.ButtonText = "Anlegen"
data.URL = "/user/add-first"
files[1] = c.WebDir + "/templates/edit-user.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
} else {
cookie, err := r.Cookie("cpolis_session")
if err != nil {
files[1] = c.WebDir + "/templates/login.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
return
}
session, ok := s[cookie.Value]
if !ok {
cookie.Expires = time.Now()
http.SetCookie(w, cookie)
files[1] = c.WebDir + "/templates/login.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
return
}
data.Role = session.User.Role
files[1] = c.WebDir + "/templates/hub.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}
}
}
func ShowHub(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
return
}
data := new(struct{ Role int })
data.Role = session.User.Role
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}
}

14
cmd/frontend/images.go
View File

@ -9,10 +9,11 @@ import (
b "streifling.com/jason/cpolis/cmd/backend"
)
func UploadEasyMDEImage(c *b.Config, s map[string]*Session) http.HandlerFunc {
func UploadEasyMDEImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -41,10 +42,11 @@ func UploadEasyMDEImage(c *b.Config, s map[string]*Session) http.HandlerFunc {
}
}
func UploadImage(c *b.Config, s map[string]*Session, fileKey, htmlFile, htmlTemplate string) http.HandlerFunc {
func UploadImage(c *b.Config, s *b.CookieStore, fileKey, htmlFile, htmlTemplate string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}

32
cmd/frontend/issues.go
View File

@ -11,11 +11,19 @@ import (
b "streifling.com/jason/cpolis/cmd/backend"
)
func PublishLatestIssue(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func PublishLatestIssue(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session.Values["article"] = nil
if err = session.Save(r, w); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -41,7 +49,14 @@ func PublishLatestIssue(c *b.Config, db *b.DB, s map[string]*Session) http.Handl
}
authorIDs := make([]int64, 1)
authorIDs[0] = session.User.ID
var ok bool
if authorIDs[0], ok = session.Values["id"].(int64); !ok {
msg := "fälschlicherweise session.Values[\"id\"].(int64) für authorIDs[0] angenommen"
log.Println(msg)
http.Error(w, msg, http.StatusInternalServerError)
return
}
if err = db.WriteArticleAuthors(article.ID, authorIDs); err != nil {
log.Println(err)
@ -86,8 +101,15 @@ func PublishLatestIssue(c *b.Config, db *b.DB, s map[string]*Session) http.Handl
return
}
session.Values["issue-image"] = nil
if err = session.Save(r, w); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)

7
cmd/frontend/pdf.go
View File

@ -10,10 +10,11 @@ import (
b "streifling.com/jason/cpolis/cmd/backend"
)
func UploadPDF(c *b.Config, s map[string]*Session) http.HandlerFunc {
func UploadPDF(c *b.Config, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}

219
cmd/frontend/sessions.go
View File

@ -1,102 +1,115 @@
package frontend
import (
"context"
"errors"
"fmt"
"html/template"
"log"
"net/http"
"time"
"github.com/google/uuid"
b "streifling.com/jason/cpolis/cmd/backend"
)
type Session struct {
ctx context.Context
cancel context.CancelFunc
cookie *http.Cookie
User *b.User
}
func newSession(w http.ResponseWriter, c *b.Config, sessionExpiryChan chan<- string, user *b.User) *Session {
sessionID := uuid.New().String()
expires := time.Now().Add(time.Hour * time.Duration(c.CookieExpiryHours))
ctx, cancel := context.WithDeadline(context.Background(), expires)
session := &Session{
ctx: ctx,
cancel: cancel,
cookie: &http.Cookie{
Name: "cpolis_session",
Value: sessionID,
Expires: expires,
Path: "/",
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteStrictMode,
},
User: user,
func saveSession(w http.ResponseWriter, r *http.Request, s *b.CookieStore, u *b.User) error {
session, err := s.Get(r, "cookie")
if err != nil {
return fmt.Errorf("error getting session: %v", err)
}
go func() {
<-session.ctx.Done()
sessionExpiryChan <- session.cookie.Value
session.cookie.Expires = time.Now()
http.SetCookie(w, session.cookie)
}()
session.Values["authenticated"] = true
session.Values["id"] = u.ID
session.Values["name"] = u.FirstName + u.LastName
session.Values["role"] = u.Role
if err := session.Save(r, w); err != nil {
return fmt.Errorf("error saving session: %v", err)
}
return session
return nil
}
func StartSessions() (map[string]*Session, chan string) {
sessions := make(map[string]*Session)
sessionExpiryChan := make(chan string)
go func() {
for sessionID := range sessionExpiryChan {
delete(sessions, sessionID)
}
}()
return sessions, sessionExpiryChan
}
// ManageSession is used for verifying that the user is logged in and returns
// their session and an error. It also handles cases where the user is not
// logged in.
func ManageSession(w http.ResponseWriter, r *http.Request, c *b.Config, s map[string]*Session) (*Session, error) {
// GetSession is used for verifying that the user is logged in and returns their session and an error.
func GetSession(w http.ResponseWriter, r *http.Request, c *b.Config, s *b.CookieStore) (*b.Session, error) {
msg := "Keine gültige Session. Bitte erneut anmelden."
tmpl, tmplErr := template.ParseFiles(c.WebDir+"/templates/index.html", c.WebDir+"/templates/login.html")
cookie, err := r.Cookie("cpolis_session")
tmpSession, err := s.Get(r, "cookie")
if err != nil {
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg); err != nil {
return nil, fmt.Errorf("error executing template: %v", err)
}
return nil, errors.New("no cookie set")
return nil, fmt.Errorf("error getting session: %v", err)
}
session, ok := s[cookie.Value]
if !ok {
cookie.Expires = time.Now()
http.SetCookie(w, cookie)
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
session := &b.Session{Session: *tmpSession}
if session.IsNew {
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg); err != nil {
return nil, fmt.Errorf("error executing template: %v", err)
}
return nil, errors.New("session does not exist")
}
session.cookie.Expires = time.Now().Add(time.Hour * time.Duration(c.CookieExpiryHours))
http.SetCookie(w, session.cookie)
return session, nil
}
func Login(c *b.Config, db *b.DB, s map[string]*Session, sessionExpiryChan chan string) http.HandlerFunc {
func HomePage(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
numRows, err := db.CountEntries("users")
if err != nil {
log.Fatalln(err)
}
data := new(struct {
*UserHTMLData
Version string
})
data.UserHTMLData = &UserHTMLData{User: new(b.User)}
data.Version = c.Version
files := make([]string, 2)
files[0] = c.WebDir + "/templates/index.html"
if numRows == 0 {
data.Role = b.NonExistent
data.Title = "Erster Benutzer (Administrator)"
data.ButtonText = "Anlegen"
data.URL = "/user/add-first"
files[1] = c.WebDir + "/templates/edit-user.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
} else {
session, err := s.Get(r, "cookie")
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
if auth, ok := session.Values["authenticated"].(bool); auth && ok {
data.Role = session.Values["role"].(int)
files[1] = c.WebDir + "/templates/hub.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
} else {
data.Role = b.Author
files[1] = c.WebDir + "/templates/login.html"
tmpl, err := template.ParseFiles(files...)
if err = template.Must(tmpl, err).Execute(w, data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}
}
}
}
func Login(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
userName := r.PostFormValue("username")
password := r.PostFormValue("password")
@ -120,9 +133,11 @@ func Login(c *b.Config, db *b.DB, s map[string]*Session, sessionExpiryChan chan
return
}
session := newSession(w, c, sessionExpiryChan, user)
s[session.cookie.Value] = session
http.SetCookie(w, session.cookie)
if err := saveSession(w, r, s, user); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user); err != nil {
@ -133,32 +148,52 @@ func Login(c *b.Config, db *b.DB, s map[string]*Session, sessionExpiryChan chan
}
}
func Logout(c *b.Config, s map[string]*Session) http.HandlerFunc {
func Logout(c *b.Config, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
tmpl, tmplErr := template.ParseFiles(c.WebDir + "/templates/login.html")
cookie, err := r.Cookie("cpolis_session")
session, err := GetSession(w, r, c, s)
if err != nil {
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
cookie.Expires = time.Now()
http.SetCookie(w, cookie)
session, ok := s[cookie.Value]
if !ok {
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session.Options.MaxAge = -1
if err = session.Save(r, w); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session.cancel()
if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}
}
func ShowHub(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := GetSession(w, r, c, s)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session.Values["article"] = nil
if err = session.Save(r, w); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data := new(struct{ Role int })
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return

16
cmd/frontend/tags.go
View File

@ -8,10 +8,11 @@ import (
b "streifling.com/jason/cpolis/cmd/backend"
)
func CreateTag(c *b.Config, s map[string]*Session) http.HandlerFunc {
func CreateTag(c *b.Config, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -24,11 +25,12 @@ func CreateTag(c *b.Config, s map[string]*Session) http.HandlerFunc {
}
}
func AddTag(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func AddTag(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -40,7 +42,7 @@ func AddTag(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
db.AddTag(tag)
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)

78
cmd/frontend/users.go
View File

@ -43,10 +43,11 @@ func sortUsersByName(users []*b.User) {
})
}
func CreateUser(c *b.Config, s map[string]*Session) http.HandlerFunc {
func CreateUser(c *b.Config, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -66,11 +67,12 @@ func CreateUser(c *b.Config, s map[string]*Session) http.HandlerFunc {
}
}
func AddUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func AddUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -132,7 +134,7 @@ func AddUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -144,15 +146,16 @@ func AddUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
}
func EditSelf(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func EditSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
user, err := db.GetUser(c, session.User.ID)
user, err := db.GetUser(c, session.Values["id"].(int64))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
@ -176,16 +179,17 @@ func EditSelf(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
}
func UpdateSelf(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
user := &b.User{
ID: session.User.ID,
ID: session.Values["id"].(int64),
UserName: r.PostFormValue("username"),
FirstName: r.PostFormValue("first-name"),
LastName: r.PostFormValue("last-name"),
@ -240,7 +244,7 @@ func UpdateSelf(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)
@ -252,7 +256,7 @@ func UpdateSelf(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
}
func AddFirstUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func AddFirstUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
var err error
user := &b.User{
@ -299,6 +303,12 @@ func AddFirstUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc
return
}
if err := saveSession(w, r, s, user); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
if _, err := db.AddIssue(); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
@ -317,11 +327,12 @@ func AddFirstUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc
}
}
func ShowAllUsers(c *b.Config, db *b.DB, s map[string]*Session, action string) http.HandlerFunc {
func ShowAllUsers(c *b.Config, db *b.DB, s *b.CookieStore, action string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -337,7 +348,7 @@ func ShowAllUsers(c *b.Config, db *b.DB, s map[string]*Session, action string) h
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
delete(data.Users, session.User.ID)
delete(data.Users, session.Values["id"].(int64))
tmpl, err := template.ParseFiles(c.WebDir + "/templates/show-all-users.html")
if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data); err != nil {
@ -348,10 +359,11 @@ func ShowAllUsers(c *b.Config, db *b.DB, s map[string]*Session, action string) h
}
}
func EditUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func EditUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, err := ManageSession(w, r, c, s); err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
if _, err := GetSession(w, r, c, s); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -386,11 +398,12 @@ func EditUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
}
func UpdateUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func UpdateUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -460,7 +473,7 @@ func UpdateUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl := template.Must(template.ParseFiles(c.WebDir + "/templates/hub.html"))
if err = tmpl.ExecuteTemplate(w, "page-content", data); err != nil {
@ -471,11 +484,12 @@ func UpdateUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
}
func DeleteUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
func DeleteUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := ManageSession(w, r, c, s)
session, err := GetSession(w, r, c, s)
if err != nil {
http.Error(w, "Die Session ist abgelaufen. Bitte erneut anmelden.", http.StatusUnauthorized)
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
@ -493,7 +507,7 @@ func DeleteUser(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc {
}
data := new(struct{ Role int })
data.Role = session.User.Role
data.Role = session.Values["role"].(int)
tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
tmpl = template.Must(tmpl, err)

98
cmd/main.go
View File

@ -1,6 +1,7 @@
package main
import (
"encoding/gob"
"log"
"net/http"
"os"
@ -10,6 +11,10 @@ import (
f "streifling.com/jason/cpolis/cmd/frontend"
)
func init() {
gob.Register(b.User{})
}
func main() {
config, err := b.HandleConfig()
if err != nil {
@ -29,59 +34,68 @@ func main() {
}
defer db.Close()
sessions, sessionExpiryChan := f.StartSessions()
defer close(sessionExpiryChan)
key, err := b.LoadKey(config.GOBKeyFile)
if err != nil {
key, err = b.NewKey()
if err != nil {
log.Fatalln(err)
}
if err = b.SaveKey(key, config.GOBKeyFile); err != nil {
log.Fatalln(err)
}
}
store := b.NewCookieStore(key)
mux := http.NewServeMux()
mux.Handle("/web/static/", http.StripPrefix("/web/static/",
http.FileServer(http.Dir(config.WebDir+"/static/"))))
mux.HandleFunc("/", f.HomePage(config, db, sessions))
mux.HandleFunc("/", f.HomePage(config, db, store))
mux.HandleFunc("GET /article/allow-edit/{id}", f.AllowEditArticle(config, db, sessions))
mux.HandleFunc("GET /article/all-published/review-edit", f.ShowPublishedArticles(config, db, sessions, "review-edit"))
mux.HandleFunc("GET /article/all-published/delete", f.ShowPublishedArticles(config, db, sessions, "review-delete"))
mux.HandleFunc("GET /article/all-rejected", f.ShowRejectedArticles(config, db, sessions))
mux.HandleFunc("GET /article/all-unpublished-unrejected-and-published-rejected", f.ShowUnpublishedUnrejectedAndPublishedRejectedArticles(config, db, sessions))
mux.HandleFunc("GET /article/delete/{id}", f.DeleteArticle(config, db, sessions))
mux.HandleFunc("GET /article/edit/{id}", f.EditArticle(config, db, sessions))
mux.HandleFunc("GET /article/publish/{id}", f.PublishArticle(config, db, sessions))
mux.HandleFunc("GET /article/reject/{id}", f.RejectArticle(config, db, sessions))
mux.HandleFunc("GET /article/review-delete/{id}", f.ReviewArticle(config, db, sessions, "delete", "Artikel löschen", "Löschen"))
mux.HandleFunc("GET /article/review-edit/{id}", f.ReviewArticle(config, db, sessions, "allow-edit", "Artikel bearbeiten", "Bearbeiten erlauben"))
mux.HandleFunc("GET /article/review-rejected/{id}", f.ReviewRejectedArticle(config, db, sessions))
mux.HandleFunc("GET /article/review-unpublished/{id}", f.ReviewArticle(config, db, sessions, "publish", "Artikel veröffentlichen", "Veröffentlichen"))
mux.HandleFunc("GET /article/allow-edit/{id}", f.AllowEditArticle(config, db, store))
mux.HandleFunc("GET /article/all-published/review-edit", f.ShowPublishedArticles(config, db, store, "review-edit"))
mux.HandleFunc("GET /article/all-published/delete", f.ShowPublishedArticles(config, db, store, "review-delete"))
mux.HandleFunc("GET /article/all-rejected", f.ShowRejectedArticles(config, db, store))
mux.HandleFunc("GET /article/all-unpublished-unrejected-and-published-rejected", f.ShowUnpublishedUnrejectedAndPublishedRejectedArticles(config, db, store))
mux.HandleFunc("GET /article/delete/{id}", f.DeleteArticle(config, db, store))
mux.HandleFunc("GET /article/edit/{id}", f.EditArticle(config, db, store))
mux.HandleFunc("GET /article/publish/{id}", f.PublishArticle(config, db, store))
mux.HandleFunc("GET /article/reject/{id}", f.RejectArticle(config, db, store))
mux.HandleFunc("GET /article/review-delete/{id}", f.ReviewArticle(config, db, store, "delete", "Artikel löschen", "Löschen"))
mux.HandleFunc("GET /article/review-edit/{id}", f.ReviewArticle(config, db, store, "allow-edit", "Artikel bearbeiten", "Bearbeiten erlauben"))
mux.HandleFunc("GET /article/review-rejected/{id}", f.ReviewRejectedArticle(config, db, store))
mux.HandleFunc("GET /article/review-unpublished/{id}", f.ReviewArticle(config, db, store, "publish", "Artikel veröffentlichen", "Veröffentlichen"))
mux.HandleFunc("GET /article/serve/{id}", c.ServeArticle(config, db))
mux.HandleFunc("GET /article/serve/{id}/clicks", c.ServeClicks(db))
mux.HandleFunc("GET /article/write", f.WriteArticle(config, db, sessions))
mux.HandleFunc("GET /article/write", f.WriteArticle(config, db, store))
mux.HandleFunc("GET /atom/serve", c.ServeAtomFeed(config))
mux.HandleFunc("GET /hub", f.ShowHub(config, db, sessions))
mux.HandleFunc("GET /image/serve/{pic}", c.ServeImage(config, sessions))
mux.HandleFunc("GET /issue/this", f.ShowCurrentIssue(config, db, sessions))
mux.HandleFunc("GET /logout", f.Logout(config, sessions))
mux.HandleFunc("GET /hub", f.ShowHub(config, db, store))
mux.HandleFunc("GET /image/serve/{pic}", c.ServeImage(config, store))
mux.HandleFunc("GET /issue/this", f.ShowCurrentIssue(config, db, store))
mux.HandleFunc("GET /logout", f.Logout(config, store))
mux.HandleFunc("GET /pdf/get-list", c.ServePDFList(config))
mux.HandleFunc("GET /pdf/serve/{id}", c.ServePDF(config))
mux.HandleFunc("GET /tag/create", f.CreateTag(config, sessions))
mux.HandleFunc("GET /user/create", f.CreateUser(config, sessions))
mux.HandleFunc("GET /user/delete/{id}", f.DeleteUser(config, db, sessions))
mux.HandleFunc("GET /user/edit/{id}", f.EditUser(config, db, sessions))
mux.HandleFunc("GET /user/edit/self", f.EditSelf(config, db, sessions))
mux.HandleFunc("GET /user/show-all/delete", f.ShowAllUsers(config, db, sessions, "delete"))
mux.HandleFunc("GET /user/show-all/edit", f.ShowAllUsers(config, db, sessions, "edit"))
mux.HandleFunc("GET /tag/create", f.CreateTag(config, store))
mux.HandleFunc("GET /user/create", f.CreateUser(config, store))
mux.HandleFunc("GET /user/delete/{id}", f.DeleteUser(config, db, store))
mux.HandleFunc("GET /user/edit/{id}", f.EditUser(config, db, store))
mux.HandleFunc("GET /user/edit/self", f.EditSelf(config, db, store))
mux.HandleFunc("GET /user/show-all/delete", f.ShowAllUsers(config, db, store, "delete"))
mux.HandleFunc("GET /user/show-all/edit", f.ShowAllUsers(config, db, store, "edit"))
mux.HandleFunc("POST /article/resubmit/{id}", f.ResubmitArticle(config, db, sessions))
mux.HandleFunc("POST /article/submit", f.SubmitArticle(config, db, sessions))
mux.HandleFunc("POST /article/upload-banner", f.UploadImage(config, sessions, "article-banner", "editor.html", "article-banner-template"))
mux.HandleFunc("POST /article/upload-image", f.UploadEasyMDEImage(config, sessions))
mux.HandleFunc("POST /issue/publish", f.PublishLatestIssue(config, db, sessions))
mux.HandleFunc("POST /issue/upload-banner", f.UploadImage(config, sessions, "issue-banner", "current-issue.html", "issue-banner-template"))
mux.HandleFunc("POST /login", f.Login(config, db, sessions, sessionExpiryChan))
mux.HandleFunc("POST /pdf/upload", f.UploadPDF(config, sessions))
mux.HandleFunc("POST /tag/add", f.AddTag(config, db, sessions))
mux.HandleFunc("POST /user/add", f.AddUser(config, db, sessions))
mux.HandleFunc("POST /user/add-first", f.AddFirstUser(config, db, sessions))
mux.HandleFunc("POST /user/update/{id}", f.UpdateUser(config, db, sessions))
mux.HandleFunc("POST /user/update/self", f.UpdateSelf(config, db, sessions))
mux.HandleFunc("POST /user/upload-profile-pic", f.UploadImage(config, sessions, "upload-profile-pic", "edit-user.html", "profile-pic-template"))
mux.HandleFunc("POST /article/resubmit/{id}", f.ResubmitArticle(config, db, store))
mux.HandleFunc("POST /article/submit", f.SubmitArticle(config, db, store))
mux.HandleFunc("POST /article/upload-banner", f.UploadImage(config, store, "article-banner", "editor.html", "article-banner-template"))
mux.HandleFunc("POST /article/upload-image", f.UploadEasyMDEImage(config, store))
mux.HandleFunc("POST /issue/publish", f.PublishLatestIssue(config, db, store))
mux.HandleFunc("POST /issue/upload-banner", f.UploadImage(config, store, "issue-banner", "current-issue.html", "issue-banner-template"))
mux.HandleFunc("POST /login", f.Login(config, db, store))
mux.HandleFunc("POST /pdf/upload", f.UploadPDF(config, store))
mux.HandleFunc("POST /tag/add", f.AddTag(config, db, store))
mux.HandleFunc("POST /user/add", f.AddUser(config, db, store))
mux.HandleFunc("POST /user/add-first", f.AddFirstUser(config, db, store))
mux.HandleFunc("POST /user/update/{id}", f.UpdateUser(config, db, store))
mux.HandleFunc("POST /user/update/self", f.UpdateSelf(config, db, store))
mux.HandleFunc("POST /user/upload-profile-pic", f.UploadImage(config, store, "upload-profile-pic", "edit-user.html", "profile-pic-template"))
log.Fatalln(http.ListenAndServe(config.Port, mux))
}

2
go.mod
View File

@ -10,6 +10,7 @@ require (
github.com/disintegration/imaging v1.6.2
github.com/go-sql-driver/mysql v1.8.1
github.com/google/uuid v1.6.0
github.com/gorilla/sessions v1.4.0
github.com/microcosm-cc/bluemonday v1.0.27
github.com/yuin/goldmark v1.7.8
golang.org/x/crypto v0.32.0
@ -48,6 +49,7 @@ require (
github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
github.com/googleapis/gax-go/v2 v2.14.1 // indirect
github.com/gorilla/css v1.0.1 // indirect
github.com/gorilla/securecookie v1.1.2 // indirect
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/contrib/detectors/gcp v1.33.0 // indirect

6
go.sum
View File

@ -80,6 +80,8 @@ github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
@ -92,6 +94,10 @@ github.com/googleapis/gax-go/v2 v2.14.1 h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrk
github.com/googleapis/gax-go/v2 v2.14.1/go.mod h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA=
github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8=
github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0=
github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk=
github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA=
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo=