mycorrhiza/web/web.go

// Package web contains web handlers and initialization stuff.
package web

import (
	"github.com/bouncepaw/mycorrhiza/admin"
	"github.com/bouncepaw/mycorrhiza/backlinks"
	"github.com/bouncepaw/mycorrhiza/categories"
	"github.com/bouncepaw/mycorrhiza/help"
	"github.com/bouncepaw/mycorrhiza/history/histweb"
	"github.com/bouncepaw/mycorrhiza/hypview"
	"github.com/bouncepaw/mycorrhiza/interwiki"
	"github.com/bouncepaw/mycorrhiza/misc"
	"io"
	"net/http"
	"net/url"

	"github.com/gorilla/mux"

	"github.com/bouncepaw/mycorrhiza/cfg"
	"github.com/bouncepaw/mycorrhiza/user"
	"github.com/bouncepaw/mycorrhiza/util"
)

// Handler initializes and returns the HTTP router based on the configuration.
func Handler() http.Handler {
	router := mux.NewRouter()
	router.Use(func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, rq *http.Request) {
			util.PrepareRq(rq)
			w.Header().Add("Content-Security-Policy",
				"default-src 'self' telegram.org *.telegram.org; "+
					"img-src * data:; media-src *; style-src *; font-src * data:")
			next.ServeHTTP(w, rq)
		})
	})
	router.StrictSlash(true)

	// Public routes. They're always accessible regardless of the user status.
	initAuth(router)

	// Wiki routes. They may be locked or restricted.
	wikiRouter := router.PathPrefix("").Subrouter()
	wikiRouter.Use(func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, rq *http.Request) {
			user := user.FromRequest(rq)
			if !user.ShowLockMaybe(w, rq) {
				next.ServeHTTP(w, rq)
			}
		})
	})

	initReaders(wikiRouter)
	initMutators(wikiRouter)
	help.InitHandlers(wikiRouter)
	backlinks.InitHandlers(wikiRouter)
	categories.InitHandlers(wikiRouter)
	misc.InitHandlers(wikiRouter)
	hypview.Init()
	histweb.InitHandlers(wikiRouter)
	interwiki.InitHandlers(wikiRouter)

	// Admin routes.
	if cfg.UseAuth {
		adminRouter := wikiRouter.PathPrefix("/admin").Subrouter()
		adminRouter.Use(groupMiddleware("admin"))
		initAdmin(adminRouter)
		admin.Init(adminRouter)
	}

	// Index page
	wikiRouter.HandleFunc("/", func(w http.ResponseWriter, rq *http.Request) {
		// Let's pray it never fails
		addr, _ := url.Parse("/hypha/" + cfg.HomeHypha)
		rq.URL = addr
		handlerHypha(w, rq)
	})

	return router
}

func groupMiddleware(group string) func(http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, rq *http.Request) {
			if cfg.UseAuth && user.CanProceed(rq, group) {
				next.ServeHTTP(w, rq)
				return
			}

			// TODO: handle this better. Merge this code with all other
			// authorization code in this project.

			w.WriteHeader(http.StatusForbidden)
			io.WriteString(w, "403 forbidden")
		})
	}
}
Reorganise and document the web stuff a little 2021-05-09 11:09:27 +00:00			`// Package web contains web handlers and initialization stuff.`
Move all web-related stuff to a new module 2021-05-09 10:42:12 +00:00			`package web`

			`import (`
Admin: Isolate the panel view 2022-05-18 18:03:36 +00:00			`"github.com/bouncepaw/mycorrhiza/admin"`
Backlinks: Isolate 2022-04-02 16:58:57 +00:00			`"github.com/bouncepaw/mycorrhiza/backlinks"`
Categories, views: Refactor the list view 2022-04-01 20:52:56 +00:00			`"github.com/bouncepaw/mycorrhiza/categories"`
Isolate help 2022-04-09 08:28:57 +00:00			`"github.com/bouncepaw/mycorrhiza/help"`
History: Rename the web package 2022-05-18 17:30:24 +00:00			`"github.com/bouncepaw/mycorrhiza/history/histweb"`
Reimplement Navititle with go templates That was rough 2022-04-23 20:35:36 +00:00			`"github.com/bouncepaw/mycorrhiza/hypview"`
Interwiki: Implement /interwiki It just shown what entries there are. It will let administrators modify it later. 2022-05-27 13:43:40 +00:00			`"github.com/bouncepaw/mycorrhiza/interwiki"`
Misc: Make the new package It contains things like hypha list or about wiki pages 2022-04-02 06:38:16 +00:00			`"github.com/bouncepaw/mycorrhiza/misc"`
Move all web-related stuff to a new module 2021-05-09 10:42:12 +00:00			`"io"`
			`"net/http"`
			`"net/url"`

Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00			`"github.com/gorilla/mux"`

Do nothing in particular 2021-05-11 10:14:00 +00:00			`"github.com/bouncepaw/mycorrhiza/cfg"`
Move all web-related stuff to a new module 2021-05-09 10:42:12 +00:00			`"github.com/bouncepaw/mycorrhiza/user"`
Do nothing in particular 2021-05-11 10:14:00 +00:00			`"github.com/bouncepaw/mycorrhiza/util"`
Move all web-related stuff to a new module 2021-05-09 10:42:12 +00:00			`)`

Tidy up some more 2021-10-01 17:34:56 +00:00			`// Handler initializes and returns the HTTP router based on the configuration.`
Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00			`func Handler() http.Handler {`
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`router := mux.NewRouter()`
			`router.Use(func(next http.Handler) http.Handler {`
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`return http.HandlerFunc(func(w http.ResponseWriter, rq *http.Request) {`
			`util.PrepareRq(rq)`
Use Content-Security-Policy And remove inline event handlers. 2022-02-18 08:57:15 +00:00			`w.Header().Add("Content-Security-Policy",`
			`"default-src 'self' telegram.org *.telegram.org; "+`
			`"img-src * data:; media-src ; style-src ; font-src * data:")`
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`next.ServeHTTP(w, rq)`
Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00			`})`
			`})`
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`router.StrictSlash(true)`
Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`// Public routes. They're always accessible regardless of the user status.`
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`initAuth(router)`

Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`// Wiki routes. They may be locked or restricted.`
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`wikiRouter := router.PathPrefix("").Subrouter()`
			`wikiRouter.Use(func(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, rq *http.Request) {`
			`user := user.FromRequest(rq)`
			`if !user.ShowLockMaybe(w, rq) {`
			`next.ServeHTTP(w, rq)`
			`}`
			`})`
			`})`
Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`initReaders(wikiRouter)`
			`initMutators(wikiRouter)`
Isolate help 2022-04-09 08:28:57 +00:00			`help.InitHandlers(wikiRouter)`
Backlinks: Isolate 2022-04-02 16:58:57 +00:00			`backlinks.InitHandlers(wikiRouter)`
Categories: Rename exported functions 2022-04-01 22:01:54 +00:00			`categories.InitHandlers(wikiRouter)`
Misc: Make the new package It contains things like hypha list or about wiki pages 2022-04-02 06:38:16 +00:00			`misc.InitHandlers(wikiRouter)`
Reimplement Navititle with go templates That was rough 2022-04-23 20:35:36 +00:00			`hypview.Init()`
History: Rename the web package 2022-05-18 17:30:24 +00:00			`histweb.InitHandlers(wikiRouter)`
Interwiki: Implement /interwiki It just shown what entries there are. It will let administrators modify it later. 2022-05-27 13:43:40 +00:00			`interwiki.InitHandlers(wikiRouter)`
Reorganise and document the web stuff a little 2021-05-09 11:09:27 +00:00
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`// Admin routes.`
			`if cfg.UseAuth {`
			`adminRouter := wikiRouter.PathPrefix("/admin").Subrouter()`
			`adminRouter.Use(groupMiddleware("admin"))`
			`initAdmin(adminRouter)`
Admin: Isolate the panel view 2022-05-18 18:03:36 +00:00			`admin.Init(adminRouter)`
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00			`}`

New static files system assets.qtpl is no more! Now you can just add files to static/ folder, make sure the extension is registered in static.go (a shortcoming that'll be addressed in future Go versions), and you're done! It searches the local file system first, then falls back to the files embedded with the binary (in the static/ folder). 2021-06-12 13:51:28 +00:00			`// Index page`
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`wikiRouter.HandleFunc("/", func(w http.ResponseWriter, rq *http.Request) {`
Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00			`// Let's pray it never fails`
			`addr, _ := url.Parse("/hypha/" + cfg.HomeHypha)`
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`rq.URL = addr`
			`handlerHypha(w, rq)`
Move all web-related stuff to a new module 2021-05-09 10:42:12 +00:00			`})`
Migrate to gorilla/mux for web needs What a wonderful package! 2021-07-15 17:46:35 +00:00
Refactor the locking mechanism 2021-07-15 18:14:05 +00:00			`return router`
Move all web-related stuff to a new module 2021-05-09 10:42:12 +00:00			`}`
Refactor admin routes They're not perfect, I still don't like them, but I can't think of a good solution right now. I'm going to thinking about the best way of doing web stuff for some time. 2021-07-15 18:58:27 +00:00
			`func groupMiddleware(group string) func(http.Handler) http.Handler {`
			`return func(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, rq *http.Request) {`
			`if cfg.UseAuth && user.CanProceed(rq, group) {`
			`next.ServeHTTP(w, rq)`
			`return`
			`}`

			`// TODO: handle this better. Merge this code with all other`
			`// authorization code in this project.`

			`w.WriteHeader(http.StatusForbidden)`
			`io.WriteString(w, "403 forbidden")`
			`})`
			`}`
			`}`