Create ValidateSession() to not have unwanted side effects when validating session

Rename PicsDir to ImgDir
Use proper filepaths for docker-compose
2025-01-19 20:10:51 +01:00 · 2025-01-19 20:10:06 +01:00 · 2025-01-19 20:08:58 +01:00 · 2025-01-19 20:07:32 +01:00 · 2025-01-19 15:17:38 +01:00
13 changed files with 103 additions and 61 deletions
--- a/11
+++ b/11
@@ -0,0 +1,11 @@
 FROM golang:latest
 RUN apk add --no-cache pandoc
 WORKDIR /var/www/cpolis
 COPY . .
 RUN go build -o cpolis cmd/main.go
 CMD ["./cpolis"]
--- a/cmd/backend/articles.go
+++ b/cmd/backend/articles.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"log"
 	"os"
 	"path/filepath"
 	"time"
 	"github.com/google/uuid"
@@ -334,9 +335,9 @@ func (db *DB) DeleteArticle(id int64) error {
 }
 func WriteArticleToFile(c *Config, articleUUID uuid.UUID, content []byte) error {
-	articleAbsName := fmt.Sprint(c.ArticleDir, "/", articleUUID, ".md")
+	articlePath := filepath.Join(c.ArticleDir, fmt.Sprint(articleUUID, ".md"))
-	if err := os.WriteFile(articleAbsName, content, 0644); err != nil {
+	if err := os.WriteFile(articlePath, content, 0644); err != nil {
 		return fmt.Errorf("error writing article %v to file: %v", articleUUID, err)
 	}
--- a/cmd/backend/config.go
+++ b/cmd/backend/config.go
@@ -20,10 +20,10 @@ type Config struct {
 	Description       string
 	Domain            string
 	FirebaseKey       string
 	ImgDir            string
 	Link              string
 	LogFile           string
 	PDFDir            string
 	PicsDir           string
 	Port              string
 	Title             string
 	Version           string
@@ -43,27 +43,24 @@ func newConfig() *Config {
 		ConfigFile:        "/etc/cpolis/config.toml",
 		CookieExpiryHours: 24 * 30,
 		DBName:            "cpolis",
-		FirebaseKey:       "/var/www/cpolis/serviceAccountKey.json",
+		FirebaseKey:       "/etc/cpolis/serviceAccountKey.json",
 		ImgDir:            "/var/www/cpolis/images",
 		LogFile:           "/var/log/cpolis.log",
 		MaxBannerHeight:   1080,
 		MaxBannerWidth:    1920,
 		MaxImgHeight:      1080,
 		MaxImgWidth:       1920,
 		PDFDir:            "/var/www/cpolis/pdfs",
-		PicsDir:           "/var/www/cpolis/pics",
+		Port:              ":1664",
-		Port:              ":8080",
+		Version:           "v0.16.0",
 		Version:           "v0.15.3",
 		WebDir:            "/var/www/cpolis/web",
 	}
 }
 func mkDir(path string, perm fs.FileMode) (string, error) {
-	var err error
+	name := filepath.Base(path)
-	stringSlice := strings.Split(path, "/")
+	path, err := filepath.Abs(path)
 	name := stringSlice[len(stringSlice)-1]
 	path, err = filepath.Abs(path)
 	if err != nil {
 		return "", fmt.Errorf("error finding absolute path for %v directory: %v", name, err)
 	}
@@ -82,20 +79,20 @@ func mkFile(path string, filePerm, dirPerm fs.FileMode) (string, error) {
 		return "", fmt.Errorf("error finding absolute path for %v: %v", path, err)
 	}
 	stringSlice := strings.Split(path, "/")
 	_, err = os.Stat(path)
 	if os.IsNotExist(err) {
-		dir := strings.Join(stringSlice[:len(stringSlice)-1], "/")
+		dir := filepath.Dir(path)
 		if err = os.MkdirAll(dir, dirPerm); err != nil {
 			return "", fmt.Errorf("error creating %v: %v", dir, err)
 		}
-		fileName := stringSlice[len(stringSlice)-1]
+		fileName := filepath.Base(path)
 		file, err := os.Create(filepath.Join(dir, fileName))
 		if err != nil {
 			return "", fmt.Errorf("error creating %v: %v", fileName, err)
 		}
 		defer file.Close()
 		if err = file.Chmod(filePerm); err != nil {
 			return "", fmt.Errorf("error setting permissions for %v: %v", fileName, err)
 		}
@@ -116,10 +113,10 @@ func (c *Config) handleCliArgs() error {
 	flag.StringVar(&c.Description, "desc", c.Description, "channel description")
 	flag.StringVar(&c.Domain, "domain", c.Domain, "domain name")
 	flag.StringVar(&c.FirebaseKey, "firebase", c.FirebaseKey, "Firebase service account key file")
 	flag.StringVar(&c.ImgDir, "pics", c.ImgDir, "pictures directory")
 	flag.StringVar(&c.Link, "link", c.Link, "channel Link")
 	flag.StringVar(&c.LogFile, "log", c.LogFile, "log file")
 	flag.StringVar(&c.PDFDir, "pdfs", c.PDFDir, "pdf directory")
 	flag.StringVar(&c.PicsDir, "pics", c.PicsDir, "pictures directory")
 	flag.StringVar(&c.Title, "title", c.Title, "channel title")
 	flag.StringVar(&c.WebDir, "web", c.WebDir, "web directory")
 	flag.IntVar(&c.CookieExpiryHours, "cookie-expiry-hours", c.CookieExpiryHours, "cookies expire after this amount of hours")
@@ -223,6 +220,18 @@ func (c *Config) setupConfig(cliConfig *Config) error {
 		return fmt.Errorf("error setting up file: %v", err)
 	}
 	if cliConfig.ImgDir != defaultConfig.ImgDir {
 		c.ImgDir = cliConfig.ImgDir
 	}
 	c.ImgDir, err = filepath.Abs(c.ImgDir)
 	if err != nil {
 		return fmt.Errorf("error setting absolute filepath for PicsDir: %v", err)
 	}
 	c.ImgDir, err = mkDir(c.ImgDir, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	if cliConfig.Link != defaultConfig.Link {
 		c.Link = cliConfig.Link
 	}
@@ -267,18 +276,6 @@ func (c *Config) setupConfig(cliConfig *Config) error {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	if cliConfig.PicsDir != defaultConfig.PicsDir {
 		c.PicsDir = cliConfig.PicsDir
 	}
 	c.PicsDir, err = filepath.Abs(c.PicsDir)
 	if err != nil {
 		return fmt.Errorf("error setting absolute filepath for PicsDir: %v", err)
 	}
 	c.PicsDir, err = mkDir(c.PicsDir, 0700)
 	if err != nil {
 		return fmt.Errorf("error setting up directory: %v", err)
 	}
 	if cliConfig.Port != defaultConfig.Port {
 		c.Port = cliConfig.Port
 	}
--- a/cmd/backend/docx.go
+++ b/cmd/backend/docx.go
@@ -45,7 +45,7 @@ func ConvertToMarkdown(c *Config, filename string) ([]byte, error) {
 		}
 		defer image.Close()
-		newImageName, err := SaveImage(image, c.MaxImgHeight, c.MaxImgWidth, c.PicsDir)
+		newImageName, err := SaveImage(image, c.MaxImgHeight, c.MaxImgWidth, c.ImgDir)
 		if err != nil {
 			return nil, fmt.Errorf("error saving image %v: %v", name, err)
 		}
--- a/cmd/backend/images.go
+++ b/cmd/backend/images.go
@@ -48,7 +48,7 @@ func SaveImage(src io.Reader, maxHeight, maxWidth int, path string) (string, err
 }
 func CleanUpImages(c *Config, db *DB) error {
-	if err := filepath.Walk(c.PicsDir, func(path string, info fs.FileInfo, err error) error {
+	if err := filepath.Walk(c.ImgDir, func(path string, info fs.FileInfo, err error) error {
 		if err != nil {
 			return fmt.Errorf("error walking images filepath: %v", err)
 		}
--- a/cmd/calls/articles.go
+++ b/cmd/calls/articles.go
@@ -5,6 +5,7 @@ import (
 	"log"
 	"net/http"
 	"os"
 	"path/filepath"
 	"github.com/google/uuid"
 	b "streifling.com/jason/cpolis/cmd/backend"
@@ -56,8 +57,8 @@ func ServeArticle(c *b.Config, db *b.DB) http.HandlerFunc {
 			return
 		}
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.UUID, ".md")
+		articlePath := filepath.Join(c.ArticleDir, fmt.Sprint(article.UUID, ".md"))
-		contentBytes, err := os.ReadFile(articleAbsName)
+		contentBytes, err := os.ReadFile(articlePath)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
--- a/cmd/calls/images.go
+++ b/cmd/calls/images.go
@@ -10,12 +10,12 @@ import (
 func ServeImage(c *b.Config, s map[string]*f.Session) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		if _, err := f.ManageSession(w, r, c, s); err != nil {
+		if _, err := f.ValidateSession(w, r, c, s); err != nil {
 			if !tokenIsVerified(w, r, c) {
 				return
 			}
 		}
-		http.ServeFile(w, r, filepath.Join(c.PicsDir, r.PathValue("pic")))
+		http.ServeFile(w, r, filepath.Join(c.ImgDir, r.PathValue("pic")))
 	}
 }
--- a/cmd/calls/pdf.go
+++ b/cmd/calls/pdf.go
@@ -5,6 +5,7 @@ import (
 	"log"
 	"net/http"
 	"os"
 	"path/filepath"
 	b "streifling.com/jason/cpolis/cmd/backend"
 )
@@ -42,6 +43,6 @@ func ServePDF(c *b.Config) http.HandlerFunc {
 			return
 		}
-		http.ServeFile(w, r, c.PDFDir+"/"+r.PathValue("id"))
+		http.ServeFile(w, r, filepath.Join(c.PDFDir, r.PathValue("id")))
 	}
 }
--- a/cmd/frontend/articles.go
+++ b/cmd/frontend/articles.go
@@ -456,8 +456,8 @@ func ReviewRejectedArticle(c *b.Config, db *b.DB, s map[string]*Session) http.Ha
 		data.Image = data.Article.BannerLink
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", data.Article.UUID, ".md")
+		articlePath := filepath.Join(c.ArticleDir, fmt.Sprint(data.Article.UUID, ".md"))
-		content, err := os.ReadFile(articleAbsName)
+		content, err := os.ReadFile(articlePath)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -587,7 +587,7 @@ func PublishArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFu
 				return
 			}
-			if err = os.Remove(fmt.Sprint(c.ArticleDir, "/", oldArticle.UUID, ".md")); err != nil {
+			if err = os.Remove(filepath.Join(c.ArticleDir, fmt.Sprint(oldArticle.UUID, ".md"))); err != nil {
 				log.Println(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
@@ -765,8 +765,8 @@ func ReviewArticle(c *b.Config, db *b.DB, s map[string]*Session, action, title,
 			return
 		}
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.UUID, ".md")
+		articlePath := filepath.Join(c.ArticleDir, fmt.Sprint(article.UUID, ".md"))
-		content, err := os.ReadFile(articleAbsName)
+		content, err := os.ReadFile(articlePath)
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -840,7 +840,7 @@ func DeleteArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFun
 			return
 		}
-		if err = os.Remove(fmt.Sprint(c.ArticleDir, "/", article.UUID, ".md")); err != nil {
+		if err = os.Remove(filepath.Join(c.ArticleDir, fmt.Sprint(article.UUID, ".md"))); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
@@ -918,8 +918,8 @@ func AllowEditArticle(c *b.Config, db *b.DB, s map[string]*Session) http.Handler
 			return
 		}
-		src := fmt.Sprint(c.ArticleDir, "/", oldArticle.UUID, ".md")
+		src := filepath.Join(c.ArticleDir, fmt.Sprint(oldArticle.UUID, ".md"))
-		dst := fmt.Sprint(c.ArticleDir, "/", newArticle.UUID, ".md")
+		dst := filepath.Join(c.ArticleDir, fmt.Sprint(newArticle.UUID, ".md"))
 		if err = b.CopyFile(src, dst); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -995,7 +995,7 @@ func EditArticle(c *b.Config, db *b.DB, s map[string]*Session) http.HandlerFunc
 		data.Image = data.Article.BannerLink
-		content, err := os.ReadFile(fmt.Sprint(c.ArticleDir, "/", data.Article.UUID, ".md"))
+		content, err := os.ReadFile(filepath.Join(c.ArticleDir, fmt.Sprint(data.Article.UUID, ".md")))
 		if err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
--- a/cmd/frontend/images.go
+++ b/cmd/frontend/images.go
@@ -25,7 +25,7 @@ func UploadEasyMDEImage(c *b.Config, s map[string]*Session) http.HandlerFunc {
 		}
 		defer file.Close()
-		filename, err := b.SaveImage(file, c.MaxImgHeight, c.MaxImgWidth, c.PicsDir+"/")
+		filename, err := b.SaveImage(file, c.MaxImgHeight, c.MaxImgWidth, c.ImgDir)
 		if err != nil {
 			if err == b.ErrUnsupportedFormat {
 				http.Error(w, "Das Dateiformat wird nicht unterstützt.", http.StatusBadRequest)
@@ -57,7 +57,7 @@ func UploadImage(c *b.Config, s map[string]*Session, fileKey, htmlFile, htmlTemp
 		}
 		defer file.Close()
-		filename, err := b.SaveImage(file, c.MaxBannerHeight, c.MaxBannerWidth, c.PicsDir+"/")
+		filename, err := b.SaveImage(file, c.MaxBannerHeight, c.MaxBannerWidth, c.ImgDir)
 		if err != nil {
 			if err == b.ErrUnsupportedFormat {
 				http.Error(w, "Das Dateiformat wird nicht unterstützt.", http.StatusBadRequest)
--- a/cmd/frontend/issues.go
+++ b/cmd/frontend/issues.go
@@ -58,8 +58,8 @@ func PublishLatestIssue(c *b.Config, db *b.DB, s map[string]*Session) http.Handl
 			return
 		}
-		articleAbsName := fmt.Sprint(c.ArticleDir, "/", article.UUID, ".md")
+		articlePath := filepath.Join(c.ArticleDir, fmt.Sprint(article.UUID, ".md"))
-		if err = os.WriteFile(articleAbsName, content, 0644); err != nil {
+		if err = os.WriteFile(articlePath, content, 0644); err != nil {
 			log.Println(err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
--- a/cmd/frontend/sessions.go
+++ b/cmd/frontend/sessions.go
@@ -64,31 +64,39 @@ func StartSessions() (map[string]*Session, chan string) {
 	return sessions, sessionExpiryChan
 }
-// ManageSession is used for verifying that the user is logged in and returns
+// ValidateSession is used for verifying that the user is logged in and returns
-// their session and an error. It also handles cases where the user is not
+// their session and an error.
-// logged in.
+func ValidateSession(w http.ResponseWriter, r *http.Request, c *b.Config, s map[string]*Session) (*Session, error) {
 func ManageSession(w http.ResponseWriter, r *http.Request, c *b.Config, s map[string]*Session) (*Session, error) {
 	tmpl, tmplErr := template.ParseFiles(filepath.Join(c.WebDir, "templates", "index.html"), filepath.Join(c.WebDir, "templates", "login.html"))
 	cookie, err := r.Cookie("cpolis_session")
 	if err != nil {
 		if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
 			return nil, fmt.Errorf("error executing template: %v", err)
 		}
 		return nil, errors.New("no cookie set")
 	}
 	session, ok := s[cookie.Value]
 	if !ok {
-		cookie.Expires = time.Now()
+		return nil, errors.New("session does not exist")
-		http.SetCookie(w, cookie)
+	}
 	return session, nil
 }
 // ManageSession is used for verifying that the user is logged in and returns
 // their session and an error. It also handles cases where the user is not
 // logged in.
 func ManageSession(w http.ResponseWriter, r *http.Request, c *b.Config, s map[string]*Session) (*Session, error) {
 	session, err := ValidateSession(w, r, c, s)
 	if err != nil {
 		if session.cookie != nil {
 			session.cookie.Expires = time.Now()
 			http.SetCookie(w, session.cookie)
 		}
 		tmpl, tmplErr := template.ParseFiles(filepath.Join(c.WebDir, "templates", "index.html"), filepath.Join(c.WebDir, "templates", "login.html"))
 		if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", nil); err != nil {
 			return nil, fmt.Errorf("error executing template: %v", err)
 		}
-		return nil, errors.New("session does not exist")
+		return nil, err
 	}
 	session.cookie.Expires = time.Now().Add(time.Hour * time.Duration(c.CookieExpiryHours))
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,23 @@
 services:
  app:
    build: .
    ports:
      - "1664:1664"
    volumes:
      - /etc/cpolis/config.toml:/etc/cpolis/config.toml
      - /etc/cpolis/serviceAccountKey.json:/etc/cpolis/serviceAccountKey.json
      - /var/log/cpolis.log:/var/log/cpolis.log
    depends_on:
      - db
  db:
    image: mariadb:latest
    environment:
      MYSQL_ROOT_PASSWORD: example
      MYSQL_DATABASE: cpolis
      MYSQL_USER: exampleuser
      MYSQL_PASSWORD: examplepass
    ports:
      - "3306:3306"
    volumes:
      - ./create_db.sql:/docker-entrypoint-initdb.d/create_db.sql
Author	SHA1	Message	Date
Jason Streifling	f99358729c	Create ValidateSession() to not have unwanted side effects when validating session	2025-01-19 20:10:51 +01:00
Jason Streifling	7b04149a28	Rename PicsDir to ImgDir	2025-01-19 20:10:06 +01:00
Jason Streifling	43c1cb6d9a	Use proper filepaths for docker-compose	2025-01-19 20:08:58 +01:00
Jason Streifling	9feb16a8d8	Change filepaths to use filepath.Join() where possible	2025-01-19 20:07:32 +01:00
Jason Streifling	6885dfbb38	Add the ability to run cpolis from docker	2025-01-19 15:17:38 +01:00