2024-12-03 01:18:04 +00:00
|
|
|
package server
|
2024-12-16 00:09:32 +00:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"github.com/labstack/echo/v4"
|
|
|
|
|
"github.com/thomiceli/opengist/internal/config"
|
|
|
|
|
"github.com/thomiceli/opengist/internal/index"
|
|
|
|
|
"github.com/thomiceli/opengist/internal/web/context"
|
|
|
|
|
"github.com/thomiceli/opengist/internal/web/handler"
|
|
|
|
|
"github.com/thomiceli/opengist/public"
|
|
|
|
|
"net/http"
|
|
|
|
|
"os"
|
|
|
|
|
"path"
|
|
|
|
|
"path/filepath"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
)
|
|
|
|
|
|
2025-01-02 19:55:33 +00:00
|
|
|
func (s *Server) registerRoutes() {
|
2024-12-16 00:09:32 +00:00
|
|
|
r := NewRouter(s.echo.Group(""))
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
r.GET("/", handler.Create, logged)
|
|
|
|
|
r.POST("/", handler.ProcessCreate, logged)
|
|
|
|
|
r.POST("/preview", handler.Preview, logged)
|
|
|
|
|
|
|
|
|
|
r.GET("/healthcheck", handler.Healthcheck)
|
|
|
|
|
r.GET("/metrics", handler.Metrics)
|
|
|
|
|
|
|
|
|
|
r.GET("/register", handler.Register)
|
|
|
|
|
r.POST("/register", handler.ProcessRegister)
|
|
|
|
|
r.GET("/login", handler.Login)
|
|
|
|
|
r.POST("/login", handler.ProcessLogin)
|
|
|
|
|
r.GET("/logout", handler.Logout)
|
|
|
|
|
r.GET("/oauth/:provider", handler.Oauth)
|
|
|
|
|
r.GET("/oauth/:provider/callback", handler.OauthCallback)
|
|
|
|
|
r.GET("/oauth/:provider/unlink", handler.OauthUnlink, logged)
|
|
|
|
|
r.POST("/webauthn/bind", handler.BeginWebAuthnBinding, logged)
|
|
|
|
|
r.POST("/webauthn/bind/finish", handler.FinishWebAuthnBinding, logged)
|
|
|
|
|
r.POST("/webauthn/login", handler.BeginWebAuthnLogin)
|
|
|
|
|
r.POST("/webauthn/login/finish", handler.FinishWebAuthnLogin)
|
|
|
|
|
r.POST("/webauthn/assertion", handler.BeginWebAuthnAssertion, inMFASession)
|
|
|
|
|
r.POST("/webauthn/assertion/finish", handler.FinishWebAuthnAssertion, inMFASession)
|
|
|
|
|
r.GET("/mfa", handler.Mfa, inMFASession)
|
|
|
|
|
r.POST("/mfa/totp/assertion", handler.AssertTotp, inMFASession)
|
|
|
|
|
|
2025-01-02 19:55:33 +00:00
|
|
|
sA := r.SubGroup("/settings")
|
|
|
|
|
{
|
|
|
|
|
sA.Use(logged)
|
|
|
|
|
sA.GET("", handler.UserSettings)
|
|
|
|
|
sA.POST("/email", handler.EmailProcess)
|
|
|
|
|
sA.DELETE("/account", handler.AccountDeleteProcess)
|
|
|
|
|
sA.POST("/ssh-keys", handler.SshKeysProcess)
|
|
|
|
|
sA.DELETE("/ssh-keys/:id", handler.SshKeysDelete)
|
|
|
|
|
sA.DELETE("/passkeys/:id", handler.PasskeyDelete)
|
|
|
|
|
sA.PUT("/password", handler.PasswordProcess)
|
|
|
|
|
sA.PUT("/username", handler.UsernameProcess)
|
|
|
|
|
sA.GET("/totp/generate", handler.BeginTotp)
|
|
|
|
|
sA.POST("/totp/generate", handler.FinishTotp)
|
|
|
|
|
sA.DELETE("/totp", handler.DisableTotp)
|
|
|
|
|
sA.POST("/totp/regenerate", handler.RegenerateTotpRecoveryCodes)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sB := r.SubGroup("/admin-panel")
|
2024-12-16 00:09:32 +00:00
|
|
|
{
|
2025-01-02 19:55:33 +00:00
|
|
|
sB.Use(adminPermission)
|
|
|
|
|
sB.GET("", handler.AdminIndex)
|
|
|
|
|
sB.GET("/users", handler.AdminUsers)
|
|
|
|
|
sB.POST("/users/:user/delete", handler.AdminUserDelete)
|
|
|
|
|
sB.GET("/gists", handler.AdminGists)
|
|
|
|
|
sB.POST("/gists/:gist/delete", handler.AdminGistDelete)
|
|
|
|
|
sB.GET("/invitations", handler.AdminInvitations)
|
|
|
|
|
sB.POST("/invitations", handler.AdminInvitationsCreate)
|
|
|
|
|
sB.POST("/invitations/:id/delete", handler.AdminInvitationsDelete)
|
|
|
|
|
sB.POST("/sync-fs", handler.AdminSyncReposFromFS)
|
|
|
|
|
sB.POST("/sync-db", handler.AdminSyncReposFromDB)
|
|
|
|
|
sB.POST("/gc-repos", handler.AdminGcRepos)
|
|
|
|
|
sB.POST("/sync-previews", handler.AdminSyncGistPreviews)
|
|
|
|
|
sB.POST("/reset-hooks", handler.AdminResetHooks)
|
|
|
|
|
sB.POST("/index-gists", handler.AdminIndexGists)
|
|
|
|
|
sB.GET("/configuration", handler.AdminConfig)
|
|
|
|
|
sB.PUT("/set-config", handler.AdminSetConfig)
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if config.C.HttpGit {
|
2024-12-29 10:40:23 +00:00
|
|
|
r.Any("/init/*", handler.GitHttp, GistNewPushSoftInit)
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-29 10:40:23 +00:00
|
|
|
r.GET("/all", handler.AllGists, checkRequireLogin)
|
2024-12-16 00:09:32 +00:00
|
|
|
|
|
|
|
|
if index.Enabled() {
|
2024-12-29 10:40:23 +00:00
|
|
|
r.GET("/search", handler.Search, checkRequireLogin)
|
2024-12-16 00:09:32 +00:00
|
|
|
} else {
|
2024-12-29 10:40:23 +00:00
|
|
|
r.GET("/search", handler.AllGists, checkRequireLogin)
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-29 10:40:23 +00:00
|
|
|
r.GET("/:user", handler.AllGists, checkRequireLogin)
|
|
|
|
|
r.GET("/:user/liked", handler.AllGists, checkRequireLogin)
|
|
|
|
|
r.GET("/:user/forked", handler.AllGists, checkRequireLogin)
|
2024-12-16 00:09:32 +00:00
|
|
|
|
2025-01-02 19:55:33 +00:00
|
|
|
sC := r.SubGroup("/:user/:gistname")
|
2024-12-16 00:09:32 +00:00
|
|
|
{
|
2025-01-02 19:55:33 +00:00
|
|
|
sC.Use(makeCheckRequireLogin(true), GistInit)
|
|
|
|
|
sC.GET("", handler.GistIndex)
|
|
|
|
|
sC.GET("/rev/:revision", handler.GistIndex)
|
|
|
|
|
sC.GET("/revisions", handler.Revisions)
|
|
|
|
|
sC.GET("/archive/:revision", handler.DownloadZip)
|
|
|
|
|
sC.POST("/visibility", handler.EditVisibility, logged, writePermission)
|
|
|
|
|
sC.POST("/delete", handler.DeleteGist, logged, writePermission)
|
|
|
|
|
sC.GET("/raw/:revision/:file", handler.RawFile)
|
|
|
|
|
sC.GET("/download/:revision/:file", handler.DownloadFile)
|
|
|
|
|
sC.GET("/edit", handler.Edit, logged, writePermission)
|
|
|
|
|
sC.POST("/edit", handler.ProcessCreate, logged, writePermission)
|
|
|
|
|
sC.POST("/like", handler.Like, logged)
|
|
|
|
|
sC.GET("/likes", handler.Likes, checkRequireLogin)
|
|
|
|
|
sC.POST("/fork", handler.Fork, logged)
|
|
|
|
|
sC.GET("/forks", handler.Forks, checkRequireLogin)
|
|
|
|
|
sC.PUT("/checkbox", handler.Checkbox, logged, writePermission)
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
customFs := os.DirFS(filepath.Join(config.GetHomeDir(), "custom"))
|
2024-12-29 10:40:23 +00:00
|
|
|
r.GET("/assets/*", func(ctx *context.OGContext) error {
|
|
|
|
|
if _, err := public.Files.Open(path.Join("assets", ctx.Param("*"))); !s.dev && err == nil {
|
2024-12-16 00:09:32 +00:00
|
|
|
ctx.Response().Header().Set("Cache-Control", "public, max-age=31536000")
|
|
|
|
|
ctx.Response().Header().Set("Expires", time.Now().AddDate(1, 0, 0).Format(http.TimeFormat))
|
|
|
|
|
|
|
|
|
|
return echo.WrapHandler(http.FileServer(http.FS(public.Files)))(ctx)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// if the custom file is an .html template, render it
|
|
|
|
|
if strings.HasSuffix(ctx.Param("*"), ".html") {
|
2024-12-29 10:40:23 +00:00
|
|
|
if err := ctx.HTML_(ctx.Param("*")); err != nil {
|
|
|
|
|
return ctx.NotFound("Page not found")
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return echo.WrapHandler(http.StripPrefix("/assets/", http.FileServer(http.FS(customFs))))(ctx)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Git HTTP routes
|
|
|
|
|
if config.C.HttpGit {
|
2024-12-29 10:40:23 +00:00
|
|
|
r.Any("/:user/:gistname/*", handler.GitHttp, GistSoftInit)
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-29 10:40:23 +00:00
|
|
|
r.Any("/*", noRouteFound)
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Router wraps echo.Group to provide custom Handler support
|
|
|
|
|
type Router struct {
|
|
|
|
|
*echo.Group
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewRouter creates a new Router instance
|
|
|
|
|
func NewRouter(g *echo.Group) *Router {
|
|
|
|
|
return &Router{Group: g}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// SubGroup returns a new Router group with the given prefix and middleware
|
|
|
|
|
func (r *Router) SubGroup(prefix string, m ...Middleware) *Router {
|
|
|
|
|
// Convert middleware only when creating group
|
|
|
|
|
echoMiddleware := make([]echo.MiddlewareFunc, len(m))
|
|
|
|
|
for i, mw := range m {
|
|
|
|
|
mw := mw // capture for closure
|
|
|
|
|
echoMiddleware[i] = func(next echo.HandlerFunc) echo.HandlerFunc {
|
2025-01-02 19:55:33 +00:00
|
|
|
return chain(func(c *context.OGContext) error {
|
2024-12-16 00:09:32 +00:00
|
|
|
return next(c)
|
|
|
|
|
}, mw).toEchoHandler()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return NewRouter(r.Group.Group(prefix, echoMiddleware...))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (r *Router) GET(path string, h Handler, m ...Middleware) {
|
2025-01-02 19:55:33 +00:00
|
|
|
r.Group.GET(path, chain(h, m...).toEchoHandler())
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (r *Router) POST(path string, h Handler, m ...Middleware) {
|
2025-01-02 19:55:33 +00:00
|
|
|
r.Group.POST(path, chain(h, m...).toEchoHandler())
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (r *Router) PUT(path string, h Handler, m ...Middleware) {
|
2025-01-02 19:55:33 +00:00
|
|
|
r.Group.PUT(path, chain(h, m...).toEchoHandler())
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (r *Router) DELETE(path string, h Handler, m ...Middleware) {
|
2025-01-02 19:55:33 +00:00
|
|
|
r.Group.DELETE(path, chain(h, m...).toEchoHandler())
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (r *Router) PATCH(path string, h Handler, m ...Middleware) {
|
2025-01-02 19:55:33 +00:00
|
|
|
r.Group.PATCH(path, chain(h, m...).toEchoHandler())
|
2024-12-16 00:09:32 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-29 10:40:23 +00:00
|
|
|
func (r *Router) Any(path string, h Handler, m ...Middleware) {
|
2025-01-02 19:55:33 +00:00
|
|
|
r.Group.Any(path, chain(h, m...).toEchoHandler())
|
2024-12-29 10:40:23 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-16 00:09:32 +00:00
|
|
|
func (r *Router) Use(middleware ...Middleware) {
|
|
|
|
|
for _, m := range middleware {
|
|
|
|
|
m := m // capture for closure
|
|
|
|
|
r.Group.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
|
2025-01-02 19:55:33 +00:00
|
|
|
return chain(func(c *context.OGContext) error {
|
2024-12-16 00:09:32 +00:00
|
|
|
return next(c)
|
|
|
|
|
}, m).toEchoHandler()
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
