opengist/internal/web/server/server.go

179 lines
4.2 KiB
Go
Raw Normal View History

2024-12-03 01:18:04 +00:00
package server
import (
"errors"
2024-12-29 10:40:23 +00:00
"github.com/thomiceli/opengist/internal/utils"
2024-12-03 01:18:04 +00:00
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handler"
"html/template"
"io"
"net/http"
"strings"
"github.com/gorilla/sessions"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/auth"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
)
type Template struct {
templates *template.Template
}
func (t *Template) Render(w io.Writer, name string, data interface{}, _ echo.Context) error {
return t.templates.ExecuteTemplate(w, name, data)
}
type Server struct {
echo *echo.Echo
flashStore *sessions.CookieStore // session store for flash messages
UserStore *sessions.FilesystemStore // session store for user sessions
dev bool
sessionsPath string
ignoreCsrf bool
}
func NewServer(isDev bool, sessionsPath string, ignoreCsrf bool) *Server {
e := echo.New()
e.HideBanner = true
e.HidePort = true
s := &Server{echo: e, dev: isDev, sessionsPath: sessionsPath, ignoreCsrf: ignoreCsrf}
s.useCustomContext()
if err := i18n.Locales.LoadAll(); err != nil {
log.Fatal().Err(err).Msg("Failed to load locales")
}
2024-12-16 00:09:32 +00:00
s.RegisterMiddlewares()
2024-12-03 01:18:04 +00:00
s.setFuncMap()
2024-12-29 10:40:23 +00:00
s.echo.HTTPErrorHandler = s.errorHandler
2024-12-03 01:18:04 +00:00
e.Validator = utils.NewValidator()
if !s.dev {
parseManifestEntries()
}
2024-12-16 00:09:32 +00:00
s.setupRoutes()
2024-12-03 01:18:04 +00:00
return s
}
func (s *Server) Start() {
addr := config.C.HttpHost + ":" + config.C.HttpPort
log.Info().Msg("Starting HTTP server on http://" + addr)
if err := s.echo.Start(addr); err != nil && err != http.ErrServerClosed {
log.Fatal().Err(err).Msg("Failed to start HTTP server")
}
}
func (s *Server) Stop() {
if err := s.echo.Close(); err != nil {
log.Fatal().Err(err).Msg("Failed to stop HTTP server")
}
}
func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
s.echo.ServeHTTP(w, r)
}
2024-12-29 10:40:23 +00:00
func writePermission(next Handler) Handler {
return func(ctx *context.OGContext) error {
gist := ctx.GetData("gist")
user := ctx.User
2024-12-03 01:18:04 +00:00
if !gist.(*db.Gist).CanWrite(user) {
2024-12-29 10:40:23 +00:00
return ctx.RedirectTo("/" + gist.(*db.Gist).User.Username + "/" + gist.(*db.Gist).Identifier())
2024-12-03 01:18:04 +00:00
}
return next(ctx)
}
}
2024-12-29 10:40:23 +00:00
func adminPermission(next Handler) Handler {
return func(ctx *context.OGContext) error {
user := ctx.User
2024-12-03 01:18:04 +00:00
if user == nil || !user.IsAdmin {
2024-12-29 10:40:23 +00:00
return ctx.NotFound("User not found")
2024-12-03 01:18:04 +00:00
}
return next(ctx)
}
}
2024-12-29 10:40:23 +00:00
func logged(next Handler) Handler {
return func(ctx *context.OGContext) error {
user := ctx.User
2024-12-03 01:18:04 +00:00
if user != nil {
return next(ctx)
}
2024-12-29 10:40:23 +00:00
return ctx.RedirectTo("/all")
2024-12-03 01:18:04 +00:00
}
}
2024-12-29 10:40:23 +00:00
func inMFASession(next Handler) Handler {
return func(ctx *context.OGContext) error {
sess := ctx.GetSession()
2024-12-03 01:18:04 +00:00
_, ok := sess.Values["mfaID"].(uint)
if !ok {
2024-12-29 10:40:23 +00:00
return ctx.ErrorRes(400, ctx.Tr("error.not-in-mfa-session"), nil)
2024-12-03 01:18:04 +00:00
}
return next(ctx)
}
}
2024-12-29 10:40:23 +00:00
func makeCheckRequireLogin(isSingleGistAccess bool) Middleware {
return func(next Handler) Handler {
return func(ctx *context.OGContext) error {
if user := ctx.User; user != nil {
2024-12-03 01:18:04 +00:00
return next(ctx)
}
2024-12-29 10:40:23 +00:00
allow, err := auth.ShouldAllowUnauthenticatedGistAccess(handler.ContextAuthInfo{Context: ctx}, isSingleGistAccess)
2024-12-03 01:18:04 +00:00
if err != nil {
log.Fatal().Err(err).Msg("Failed to check if unauthenticated access is allowed")
}
if !allow {
2024-12-29 10:40:23 +00:00
ctx.AddFlash(ctx.Tr("flash.auth.must-be-logged-in"), "error")
return ctx.RedirectTo("/login")
2024-12-03 01:18:04 +00:00
}
return next(ctx)
}
}
}
2024-12-29 10:40:23 +00:00
func checkRequireLogin(next Handler) Handler {
2024-12-03 01:18:04 +00:00
return makeCheckRequireLogin(false)(next)
}
2024-12-29 10:40:23 +00:00
func noRouteFound(ctx *context.OGContext) error {
return ctx.NotFound("Page not found")
2024-12-03 01:18:04 +00:00
}
2024-12-29 10:40:23 +00:00
func (s *Server) errorHandler(err error, ctx echo.Context) {
var httpErr *echo.HTTPError
if errors.As(err, &httpErr) {
acceptJson := strings.Contains(ctx.Request().Header.Get("Accept"), "application/json")
data := ctx.Request().Context().Value("data").(echo.Map)
data["error"] = err
if acceptJson {
if err := ctx.JSON(httpErr.Code, httpErr); err != nil {
log.Fatal().Err(err).Send()
2024-12-03 01:18:04 +00:00
}
2024-12-29 10:40:23 +00:00
return
2024-12-03 01:18:04 +00:00
}
2024-12-29 10:40:23 +00:00
if err := ctx.Render(httpErr.Code, "error", data); err != nil {
log.Fatal().Err(err).Send()
}
return
2024-12-03 01:18:04 +00:00
}
2024-12-29 10:40:23 +00:00
log.Fatal().Err(err).Send()
2024-12-03 01:18:04 +00:00
}