Add half arsed user separation
This commit is contained in:
parent
3c792decd6
commit
25bcf4d706
6 changed files with 125 additions and 41 deletions
|
|
@ -1,7 +1,6 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
|
||||||
"flag"
|
"flag"
|
||||||
"log"
|
"log"
|
||||||
"net"
|
"net"
|
||||||
|
|
@ -17,7 +16,7 @@ import (
|
||||||
func main() {
|
func main() {
|
||||||
var confFile string
|
var confFile string
|
||||||
|
|
||||||
cache := make(map[string]string, 20)
|
sessions := middleware.NewSessionStore()
|
||||||
|
|
||||||
flag.StringVar(&confFile, "c", "/etc/gonotes/conf.toml", "Specify path to config file.")
|
flag.StringVar(&confFile, "c", "/etc/gonotes/conf.toml", "Specify path to config file.")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
@ -39,22 +38,28 @@ func main() {
|
||||||
if !conf.Conf.Production {
|
if !conf.Conf.Production {
|
||||||
router.HandleFunc("/login/", func(w http.ResponseWriter, r *http.Request) {
|
router.HandleFunc("/login/", func(w http.ResponseWriter, r *http.Request) {
|
||||||
user := r.FormValue("user")
|
user := r.FormValue("user")
|
||||||
log.Printf("Trying to log in %s", user)
|
if len(user) == 0 {
|
||||||
|
user = "anon"
|
||||||
sessionID := rand.Text()
|
|
||||||
cache[sessionID] = user
|
|
||||||
|
|
||||||
cookie := http.Cookie{
|
|
||||||
Name: "id", Value: sessionID, MaxAge: 3600,
|
|
||||||
Secure: true, HttpOnly: true, Path: "/",
|
|
||||||
}
|
}
|
||||||
http.SetCookie(w, &cookie)
|
sessions.Login(user, w)
|
||||||
|
|
||||||
http.Redirect(w, r, "/notes/", http.StatusFound)
|
http.Redirect(w, r, "/notes/", http.StatusFound)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
router.Handle("/logout/", sessions.AsMiddleware(
|
||||||
|
http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := r.FormValue("user")
|
||||||
|
if len(user) == 0 {
|
||||||
|
user = "anon"
|
||||||
|
}
|
||||||
|
|
||||||
|
sessions.Logout(w, r)
|
||||||
|
|
||||||
|
http.Redirect(w, r, "/notes/", http.StatusFound)
|
||||||
|
})))
|
||||||
|
|
||||||
router.Handle("/", middleware.LoggingMiddleware(http.RedirectHandler("/notes/", http.StatusFound)))
|
router.Handle("/", middleware.LoggingMiddleware(http.RedirectHandler("/notes/", http.StatusFound)))
|
||||||
router.Handle("/notes/", middleware.SessionMiddleware(cache, middleware.LoggingMiddleware(http.StripPrefix("/notes", notesRouter))))
|
router.Handle("/notes/", sessions.AsMiddleware(middleware.LoggingMiddleware(http.StripPrefix("/notes", notesRouter))))
|
||||||
router.Handle(
|
router.Handle(
|
||||||
"/static/",
|
"/static/",
|
||||||
middleware.LoggingMiddleware(
|
middleware.LoggingMiddleware(
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,9 @@
|
||||||
<a class="nav-link" href="/notes/">All Notes</a>
|
<a class="nav-link" href="/notes/">All Notes</a>
|
||||||
</li>
|
</li>
|
||||||
{{template "navLinks" .}}
|
{{template "navLinks" .}}
|
||||||
|
<li>
|
||||||
|
<a class="nav-link" href="/logout/">Logout {{.user}}</a>
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
{{template "navExtra" .}}
|
{{template "navExtra" .}}
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -1,33 +1,77 @@
|
||||||
// Middleware to deal with sessions
|
// Package middleware to deal with sessions
|
||||||
package middleware
|
package middleware
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"log"
|
"crypto/rand"
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
func SessionMiddleware(cache map[string]string, next http.Handler) http.Handler {
|
type Session struct {
|
||||||
|
User string
|
||||||
|
}
|
||||||
|
|
||||||
|
type SessionStore struct {
|
||||||
|
sessions map[string]Session
|
||||||
|
}
|
||||||
|
|
||||||
|
type ContextKey string
|
||||||
|
|
||||||
|
func NewSessionStore() SessionStore {
|
||||||
|
return SessionStore{sessions: make(map[string]Session, 10)}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *SessionStore) Login(user string, w http.ResponseWriter) {
|
||||||
|
sessionID := rand.Text()
|
||||||
|
s.sessions[sessionID] = Session{User: user}
|
||||||
|
|
||||||
|
cookie := http.Cookie{
|
||||||
|
Name: "id", Value: sessionID, MaxAge: 3600,
|
||||||
|
Secure: true, HttpOnly: true, Path: "/",
|
||||||
|
}
|
||||||
|
|
||||||
|
http.SetCookie(w, &cookie)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *SessionStore) Logout(w http.ResponseWriter, r *http.Request) {
|
||||||
|
session := r.Context().Value(ContextKey("session")).(string)
|
||||||
|
|
||||||
|
delete(s.sessions, session)
|
||||||
|
cookie := http.Cookie{
|
||||||
|
Name: "id", Value: "", MaxAge: -1,
|
||||||
|
Secure: true, HttpOnly: true, Path: "/",
|
||||||
|
}
|
||||||
|
|
||||||
|
http.SetCookie(w, &cookie)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *SessionStore) AsMiddleware(next http.Handler) http.Handler {
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
sessionCookie, err := r.Cookie("id")
|
sessionCookie, err := r.Cookie("id")
|
||||||
// No session yet
|
// No session yet
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Redirect(w, r, "/login/", http.StatusUnauthorized)
|
http.Redirect(w, r, "/login/", http.StatusFound)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
user, ok := cache[sessionCookie.Value]
|
session, ok := s.sessions[sessionCookie.Value]
|
||||||
|
|
||||||
// Session expired
|
// Session expired
|
||||||
if !ok {
|
if !ok {
|
||||||
http.Redirect(w, r, "/login/", http.StatusUnauthorized)
|
http.Redirect(w, r, "/login/", http.StatusFound)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Printf("User is %s", user)
|
|
||||||
|
|
||||||
ctx := r.Context()
|
ctx := r.Context()
|
||||||
ctx = context.WithValue(ctx, "user", user)
|
ctx = context.WithValue(
|
||||||
|
context.WithValue(
|
||||||
|
ctx,
|
||||||
|
ContextKey("user"),
|
||||||
|
session.User,
|
||||||
|
),
|
||||||
|
ContextKey("session"),
|
||||||
|
sessionCookie.Value,
|
||||||
|
)
|
||||||
|
|
||||||
next.ServeHTTP(w, r.WithContext(ctx))
|
next.ServeHTTP(w, r.WithContext(ctx))
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -29,6 +29,7 @@ type Note struct {
|
||||||
Title string
|
Title string
|
||||||
BodyRendered template.HTML
|
BodyRendered template.HTML
|
||||||
Body []byte
|
Body []byte
|
||||||
|
Owner string
|
||||||
}
|
}
|
||||||
|
|
||||||
func fmtPath(path string) string {
|
func fmtPath(path string) string {
|
||||||
|
|
@ -37,7 +38,7 @@ func fmtPath(path string) string {
|
||||||
|
|
||||||
// Save a note to a path derived from the title
|
// Save a note to a path derived from the title
|
||||||
func (n *Note) Save() error {
|
func (n *Note) Save() error {
|
||||||
filename := filepath.Join(conf.Conf.NotesDir, fmtPath(n.EncodedTitle()))
|
filename := filepath.Join(conf.Conf.NotesDir, n.Owner, fmtPath(n.EncodedTitle()))
|
||||||
return os.WriteFile(filename, n.Body, 0600)
|
return os.WriteFile(filename, n.Body, 0600)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -58,18 +59,18 @@ func (n *Note) Render() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// LoadNote from the disk. The path is derived from the title
|
// LoadNote from the disk. The path is derived from the title
|
||||||
func LoadNote(encodedTitle string) (*Note, error) {
|
func LoadNote(owner string, encodedTitle string) (*Note, error) {
|
||||||
filename := filepath.Join(conf.Conf.NotesDir, fmtPath(encodedTitle))
|
filename := filepath.Join(conf.Conf.NotesDir, owner, fmtPath(encodedTitle))
|
||||||
body, err := os.ReadFile(filename)
|
body, err := os.ReadFile(filename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
title := DecodeTitle(encodedTitle)
|
title := DecodeTitle(encodedTitle)
|
||||||
return &Note{Title: title, Body: body}, nil
|
return &Note{Title: title, Body: body, Owner: owner}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func DeleteNote(title string) error {
|
func DeleteNote(owner string, title string) error {
|
||||||
filename := filepath.Join(conf.Conf.NotesDir, fmtPath(title))
|
filename := filepath.Join(conf.Conf.NotesDir, owner, fmtPath(title))
|
||||||
return os.Remove(filename)
|
return os.Remove(filename)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,18 +4,24 @@ import (
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
|
"path"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
urls "forgejo.gwairfelin.com/max/gispatcho"
|
urls "forgejo.gwairfelin.com/max/gispatcho"
|
||||||
"forgejo.gwairfelin.com/max/gonotes/internal/conf"
|
"forgejo.gwairfelin.com/max/gonotes/internal/conf"
|
||||||
|
"forgejo.gwairfelin.com/max/gonotes/internal/middleware"
|
||||||
"forgejo.gwairfelin.com/max/gonotes/internal/notes"
|
"forgejo.gwairfelin.com/max/gonotes/internal/notes"
|
||||||
"forgejo.gwairfelin.com/max/gonotes/internal/templ"
|
"forgejo.gwairfelin.com/max/gonotes/internal/templ"
|
||||||
)
|
)
|
||||||
|
|
||||||
var myurls urls.URLs
|
var myurls urls.URLs
|
||||||
|
|
||||||
|
func addRequestContext(r *http.Request, ctx templ.Ctx) templ.Ctx {
|
||||||
|
return ctx
|
||||||
|
}
|
||||||
|
|
||||||
func GetRoutes(prefix string) *http.ServeMux {
|
func GetRoutes(prefix string) *http.ServeMux {
|
||||||
myurls = urls.URLs{
|
myurls = urls.URLs{
|
||||||
Prefix: prefix,
|
Prefix: prefix,
|
||||||
|
|
@ -34,8 +40,10 @@ func GetRoutes(prefix string) *http.ServeMux {
|
||||||
}
|
}
|
||||||
|
|
||||||
func view(w http.ResponseWriter, r *http.Request) {
|
func view(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
title := r.PathValue("note")
|
title := r.PathValue("note")
|
||||||
note, err := notes.LoadNote(title)
|
note, err := notes.LoadNote(user, title)
|
||||||
urlEdit := myurls.Reverse("edit", urls.Repl{"note": title})
|
urlEdit := myurls.Reverse("edit", urls.Repl{"note": title})
|
||||||
urlDelete := myurls.Reverse("delete", urls.Repl{"note": title})
|
urlDelete := myurls.Reverse("delete", urls.Repl{"note": title})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -45,7 +53,7 @@ func view(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
context := templ.Ctx{"note": note, "urlEdit": urlEdit, "urlDelete": urlDelete}
|
context := templ.Ctx{"note": note, "urlEdit": urlEdit, "urlDelete": urlDelete}
|
||||||
note.Render()
|
note.Render()
|
||||||
err = templ.RenderTemplate(w, "view.tmpl.html", context)
|
err = templ.RenderTemplate(w, r, "view.tmpl.html", context)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err.Error())
|
log.Print(err.Error())
|
||||||
http.Error(w, "Couldn't load template", http.StatusInternalServerError)
|
http.Error(w, "Couldn't load template", http.StatusInternalServerError)
|
||||||
|
|
@ -54,8 +62,10 @@ func view(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func edit(w http.ResponseWriter, r *http.Request) {
|
func edit(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
encodedTitle := r.PathValue("note")
|
encodedTitle := r.PathValue("note")
|
||||||
note, err := notes.LoadNote(encodedTitle)
|
note, err := notes.LoadNote(user, encodedTitle)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
title := notes.DecodeTitle(encodedTitle)
|
title := notes.DecodeTitle(encodedTitle)
|
||||||
note = ¬es.Note{Title: title}
|
note = ¬es.Note{Title: title}
|
||||||
|
|
@ -63,7 +73,7 @@ func edit(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
urlSave := myurls.Reverse("save", urls.Repl{"note": encodedTitle})
|
urlSave := myurls.Reverse("save", urls.Repl{"note": encodedTitle})
|
||||||
context := templ.Ctx{"note": note, "urlSave": urlSave, "text": string(note.Body)}
|
context := templ.Ctx{"note": note, "urlSave": urlSave, "text": string(note.Body)}
|
||||||
err = templ.RenderTemplate(w, "edit.tmpl.html", context)
|
err = templ.RenderTemplate(w, r, "edit.tmpl.html", context)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err.Error())
|
log.Print(err.Error())
|
||||||
http.Error(w, "Couldn't load template", http.StatusInternalServerError)
|
http.Error(w, "Couldn't load template", http.StatusInternalServerError)
|
||||||
|
|
@ -84,8 +94,10 @@ func new(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func delete(w http.ResponseWriter, r *http.Request) {
|
func delete(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
encodedTitle := r.PathValue("note")
|
encodedTitle := r.PathValue("note")
|
||||||
err := notes.DeleteNote(encodedTitle)
|
err := notes.DeleteNote(user, encodedTitle)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err.Error())
|
log.Print(err.Error())
|
||||||
http.Error(w, "Couldn't delete note", http.StatusInternalServerError)
|
http.Error(w, "Couldn't delete note", http.StatusInternalServerError)
|
||||||
|
|
@ -97,21 +109,25 @@ func delete(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func save(w http.ResponseWriter, r *http.Request) {
|
func save(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
oldTitle := r.PathValue("note")
|
oldTitle := r.PathValue("note")
|
||||||
title := r.FormValue("title")
|
title := r.FormValue("title")
|
||||||
body := r.FormValue("body")
|
body := r.FormValue("body")
|
||||||
|
|
||||||
note := ¬es.Note{Title: title, Body: []byte(body)}
|
note := ¬es.Note{Title: title, Body: []byte(body), Owner: user}
|
||||||
note.Save()
|
note.Save()
|
||||||
|
|
||||||
if oldTitle != note.EncodedTitle() {
|
if oldTitle != note.EncodedTitle() {
|
||||||
notes.DeleteNote(oldTitle)
|
notes.DeleteNote(user, oldTitle)
|
||||||
}
|
}
|
||||||
|
|
||||||
http.Redirect(w, r, myurls.Reverse("view", urls.Repl{"note": note.EncodedTitle()}), http.StatusFound)
|
http.Redirect(w, r, myurls.Reverse("view", urls.Repl{"note": note.EncodedTitle()}), http.StatusFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
func togglebox(w http.ResponseWriter, r *http.Request) {
|
func togglebox(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
title := r.PathValue("note")
|
title := r.PathValue("note")
|
||||||
nthBox, err := strconv.Atoi(r.FormValue("box"))
|
nthBox, err := strconv.Atoi(r.FormValue("box"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -119,7 +135,7 @@ func togglebox(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
note, err := notes.LoadNote(title)
|
note, err := notes.LoadNote(user, title)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Redirect(w, r, myurls.Reverse("view", urls.Repl{"note": title}), http.StatusFound)
|
http.Redirect(w, r, myurls.Reverse("view", urls.Repl{"note": title}), http.StatusFound)
|
||||||
return
|
return
|
||||||
|
|
@ -136,11 +152,19 @@ type titleAndURL struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func list(w http.ResponseWriter, r *http.Request) {
|
func list(w http.ResponseWriter, r *http.Request) {
|
||||||
files, err := os.ReadDir(conf.Conf.NotesDir)
|
user := r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
|
notesDir := path.Join(conf.Conf.NotesDir, user)
|
||||||
|
|
||||||
|
files, err := os.ReadDir(notesDir)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err.Error())
|
if os.IsNotExist(err) {
|
||||||
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
os.MkdirAll(notesDir, os.FileMode(0750))
|
||||||
return
|
} else {
|
||||||
|
log.Print(err.Error())
|
||||||
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
titlesAndUrls := make([]titleAndURL, 0)
|
titlesAndUrls := make([]titleAndURL, 0)
|
||||||
|
|
@ -162,7 +186,7 @@ func list(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
urlNew := myurls.Reverse("new", urls.Repl{})
|
urlNew := myurls.Reverse("new", urls.Repl{})
|
||||||
|
|
||||||
err = templ.RenderTemplate(w, "list.tmpl.html", templ.Ctx{"notes": titlesAndUrls, "urlNew": urlNew})
|
err = templ.RenderTemplate(w, r, "list.tmpl.html", templ.Ctx{"notes": titlesAndUrls, "urlNew": urlNew})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Print(err.Error())
|
log.Print(err.Error())
|
||||||
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
||||||
|
|
|
||||||
|
|
@ -6,11 +6,12 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
"forgejo.gwairfelin.com/max/gonotes/internal/conf"
|
"forgejo.gwairfelin.com/max/gonotes/internal/conf"
|
||||||
|
"forgejo.gwairfelin.com/max/gonotes/internal/middleware"
|
||||||
)
|
)
|
||||||
|
|
||||||
type Ctx map[string]any
|
type Ctx map[string]any
|
||||||
|
|
||||||
func RenderTemplate(w http.ResponseWriter, tmpl string, context any) error {
|
func RenderTemplate(w http.ResponseWriter, r *http.Request, tmpl string, context Ctx) error {
|
||||||
var err error
|
var err error
|
||||||
files := []string{
|
files := []string{
|
||||||
filepath.Join("templates", "base.tmpl.html"),
|
filepath.Join("templates", "base.tmpl.html"),
|
||||||
|
|
@ -26,6 +27,12 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, context any) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
t, err := template.ParseFS(conf.Templates, files...)
|
t, err := template.ParseFS(conf.Templates, files...)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
context["user"] = r.Context().Value(middleware.ContextKey("user")).(string)
|
||||||
|
|
||||||
err = t.ExecuteTemplate(w, "base", context)
|
err = t.ExecuteTemplate(w, "base", context)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue