Gitea-John71/Gists
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Gitea-John71:v1.8.2
Branches Tags
Gitea-John71:gists-john71-stable Gitea-John71:fix/gitea-avatar-url-not-found-in-response Gitea-John71:master Gitea-John71:dependabot/npm_and_yarn/vite-8.0.0 Gitea-John71:meili Gitea-John71:rebuild-index Gitea-John71:weblate-_-opengist Gitea-John71:feat/meilichart Gitea-John71:gists-john71-dev Gitea-John71:tcpfix Gitea-John71:feat/logpath Gitea-John71:stable
Gitea-John71:v1.12.1 Gitea-John71:v1.12.0 Gitea-John71:v1.11.1 Gitea-John71:v1.11.0 Gitea-John71:v1.10.0 Gitea-John71:v1.9.1 Gitea-John71:v1.9.0 Gitea-John71:v1.8.4 Gitea-John71:v1.8.3 Gitea-John71:v1.8.2 Gitea-John71:v1.8.1 Gitea-John71:v1.8.0 Gitea-John71:v1.7.5 Gitea-John71:v1.7.4 Gitea-John71:v1.7.3 Gitea-John71:v1.7.2 Gitea-John71:v1.7.1 Gitea-John71:v1.7.0 Gitea-John71:v1.6.1 Gitea-John71:v1.6.0 Gitea-John71:v1.5.3 Gitea-John71:v1.5.2 Gitea-John71:v1.5.1 Gitea-John71:v1.5.0 Gitea-John71:v1.4.2 Gitea-John71:v1.4.1 Gitea-John71:v1.4.0 Gitea-John71:v1.3.0 Gitea-John71:v1.2.0 Gitea-John71:v1.1.1 Gitea-John71:v1.1.0 Gitea-John71:v1.0.1 Gitea-John71:v1.0.0
...
compare: Gitea-John71:v1.9.1
Branches Tags
Gitea-John71:fix/gitea-avatar-url-not-found-in-response Gitea-John71:master Gitea-John71:dependabot/npm_and_yarn/vite-8.0.0 Gitea-John71:meili Gitea-John71:rebuild-index Gitea-John71:weblate-_-opengist Gitea-John71:feat/meilichart Gitea-John71:gists-john71-dev Gitea-John71:gists-john71-stable Gitea-John71:tcpfix Gitea-John71:feat/logpath Gitea-John71:stable
Gitea-John71:v1.12.1 Gitea-John71:v1.12.0 Gitea-John71:v1.11.1 Gitea-John71:v1.11.0 Gitea-John71:v1.10.0 Gitea-John71:v1.9.1 Gitea-John71:v1.9.0 Gitea-John71:v1.8.4 Gitea-John71:v1.8.3 Gitea-John71:v1.8.2 Gitea-John71:v1.8.1 Gitea-John71:v1.8.0 Gitea-John71:v1.7.5 Gitea-John71:v1.7.4 Gitea-John71:v1.7.3 Gitea-John71:v1.7.2 Gitea-John71:v1.7.1 Gitea-John71:v1.7.0 Gitea-John71:v1.6.1 Gitea-John71:v1.6.0 Gitea-John71:v1.5.3 Gitea-John71:v1.5.2 Gitea-John71:v1.5.1 Gitea-John71:v1.5.0 Gitea-John71:v1.4.2 Gitea-John71:v1.4.1 Gitea-John71:v1.4.0 Gitea-John71:v1.3.0 Gitea-John71:v1.2.0 Gitea-John71:v1.1.1 Gitea-John71:v1.1.0 Gitea-John71:v1.0.1 Gitea-John71:v1.0.0

27 Commits
v1.8.2 ... v1.9.1

Author SHA1 Message Date
Thomas Miceli
8c7e941182 v1.9.1 2025-02-04 21:22:47 +01:00
Thomas Miceli
26b5044380 Update go deps (#430) 2025-02-04 21:17:10 +01:00
Thomas Miceli
a2259d5c77 Translations update from Opengist (#401) 
* Translated using Weblate (German)

Currently translated at 94.3% (265 of 281 strings)

Translation: Opengist/Opengist
Translate-URL: http://tr.opengist.io/projects/_/opengist/de/

* Translated using Weblate (German)

Currently translated at 99.6% (280 of 281 strings)

Translation: Opengist/Opengist
Translate-URL: http://tr.opengist.io/projects/_/opengist/de/

---------

Co-authored-by: Sangelo <minecraft.sangelo89@gmail.com>
Co-authored-by: m4skedbyte <m4skedbyte@protonmail.com>
 2025-02-03 23:43:59 +01:00
Thomas Miceli
6fd7f77003 Fix user avatar on gist likes list (#425) 2025-02-03 23:43:43 +01:00
Thomas Miceli
87ae60ce4c Fix SQL query for MySQL/Postgres on user profile (#424) 2025-02-03 23:29:34 +01:00
Thomas Miceli
c14380f4de v1.9.0 2025-02-02 20:48:40 +01:00
Thomas Miceli
da36e9eb55 Add Docker hub in release images registry CI 2025-02-02 20:11:58 +01:00
Thomas Miceli
7aa8f84eff Search gists on user profile with title, visibility, language & topics (#422) 2025-02-02 18:14:03 +01:00
Thomas Miceli
76fc129c09 Remove memdb for gist init (#421) 2025-01-30 10:46:35 +01:00
Thomas Miceli
62d56cd1c7 Save content form on gist create error (#420) 2025-01-29 16:00:58 +01:00
Thomas Miceli
d363743203 Fix empty password error when trying to change the username (#418) 2025-01-27 00:57:46 +01:00
Thomas Miceli
28c7e75657 Use jdenticon for default avatars (#416) 2025-01-27 00:08:50 +01:00
soup
0609b64cff feat: add MIME type support for raw file serving (#417) 2025-01-26 23:40:59 +01:00
Thomas Miceli
f5b8881d35 Add topics for Gists (#413) 2025-01-24 14:39:42 +01:00
gofastasf
8369cbf2f0 fix: replace path.Join with filepath.Join for file system paths (#414) 2025-01-21 07:46:59 +01:00
千橙
2ab9cf556f Add git push option for description (#412) 2025-01-20 18:16:31 +01:00
Thomas Miceli
662f553d37 Remove CSRF check for Git HTTP packs (#408) 2025-01-20 03:18:28 +01:00
Andreas Jaggi
a752e0561d Skip CSRF for embeds (#402) 
* Skip CSRF for embeds

The CSRF middleware sets a _csrf cookie also for loading the embed
javascript on third-party sites. With this change no _csrf cookie is set
when loading the embed javascript (regardless if third-party site or
first-party).
 2025-01-20 02:18:45 +01:00
Thomas Miceli
f935ee1a7e Refactor server code (#407) 2025-01-20 01:57:39 +01:00
Thomas Miceli
4c5a7bda63 v1.8.4 2024-12-16 01:46:26 +01:00
Thomas Miceli
f6bf09d5c2 Translations update from Opengist (#398) 
* Translated using Weblate (Chinese (Simplified Han script))

Currently translated at 100.0% (281 of 281 strings)

Translation: Opengist/Opengist
Translate-URL: http://tr.opengist.io/projects/_/opengist/zh_Hans/

* Translated using Weblate (Polish)

Currently translated at 100.0% (281 of 281 strings)

Translation: Opengist/Opengist
Translate-URL: http://tr.opengist.io/projects/_/opengist/pl/

---------

Co-authored-by: GabrielxD <gabrielxduo@outlook.com>
Co-authored-by: GGORG <GGORG0@protonmail.com>
 2024-12-15 17:52:52 +01:00
Phani Rithvij
86dd59c695 fixup! esbuild for all other platforms (#395) 2024-12-15 17:52:33 +01:00
Sangelo
20aef5e694 feat: Add custom instance names (#399) 
* Add custom name variable

* Add custom name variable usage to docs

* Remove leftover testing config options (oops)
 2024-12-15 17:39:51 +01:00
soup
00951bf63b feat(web): prevent password manager autofill on filename inputs (#357) 
* feat(web): add data-1p-ignore attribute to ignore fields

* feat(web): extend password manager ignore attributes

- Add autocomplete="off" to prevent browser autofill
- Add data-lpignore for LastPass compatibility
- Add data-bwignore for Bitwarden compatibility
 2024-12-15 17:35:08 +01:00
Thomas Miceli
526da6ccbb v1.8.3 2024-11-26 22:46:25 +01:00
Phani Rithvij
3a4080176c esbuild for all other platforms (#393) 
Signed-off-by: phanirithvij <phanirithvij2000@gmail.com>
 2024-11-26 22:38:51 +01:00
Phani Rithvij
64306be2d6 init git config failure -> warn (#392) 
* init git config failure -> warn

Signed-off-by: phanirithvij <phanirithvij2000@gmail.com>
 2024-11-26 22:28:17 +01:00
112 changed files with 7200 additions and 5032 deletions
Expand all files Collapse all files

9
.github/workflows/release.yml vendored
View File

@@ -46,6 +46,7 @@ jobs:
with:
images: |
ghcr.io/thomiceli/opengist
docker.io/thomiceli/opengist
tags: |
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
type=semver,pattern={{major}}
@@ -65,6 +66,12 @@ jobs:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v4
with:
@@ -74,4 +81,4 @@ jobs:
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
cache-to: type=gha,mode=max

53
CHANGELOG.md
View File

@@ -1,5 +1,58 @@
# Changelog
## [1.9.1](https://github.com/thomiceli/opengist/compare/v1.9.0...v1.9.1) - 2025-02-04
See here how to [update](https://opengist.io/docs/update) Opengist.
### Added
- More translation strings (#401)
### Fixed
- SQL query for MySQL/Postgres on user profile (#424)
- User avatar on gist likes list (#425)
### Other
- Update deps Golang & JS deps (#430)
## [1.9.0](https://github.com/thomiceli/opengist/compare/v1.8.4...v1.9.0) - 2025-02-02
See here how to [update](https://opengist.io/docs/update) Opengist.
### Added
- Topics (tags) for Gists (#413)
- Gist languages saved in database (#422)
- Search gists on user profile with title, visibility, language & topics (#422)
- Jdenticon for default avatars (#416)
- Git push option for description (#412)
- MIME type support for raw file serving (#417)
### Fixed
- Skip CSRF for embed gists (#402)
- Remove CSRF check for Git HTTP packs (#408)
- Replace path.Join with filepath.Join for file system paths (#414)
- Empty password error when trying to change the username (#418)
- Save content form on gist create error (#420)
### Other
- Refactor server code (#407)
- Remove memdb for gist init (#421)
- Added Opengist Docker images to Docker Hub
## [1.8.4](https://github.com/thomiceli/opengist/compare/v1.8.3...v1.8.4) - 2024-12-15
See here how to [update](/docs/update.md) Opengist.
### Added
- More translation strings (#398)
- Custom instance names (#399)
### Fixed
- Prevent passwords managers autofill on filename inputs (#357)
## [1.8.3](https://github.com/thomiceli/opengist/compare/v1.8.2...v1.8.3) - 2024-11-26
See here how to [update](/docs/update.md) Opengist.
### Changed
- Throw `warn` instead of `fatal` on Git global config init failure (#392)
- Define esbuild as a Javascript dependency for all other platforms (#393)
## [1.8.2](https://github.com/thomiceli/opengist/compare/v1.8.1...v1.8.2) - 2024-11-25
See here how to [update](/docs/update.md) Opengist.

9
README.md
View File

@@ -21,6 +21,7 @@ It is similar to [GitHub Gist](https://gist.github.com/), but open-source and co
* [Init](/docs/usage/init-via-git.md) / Clone / Pull / Push snippets **via Git** over HTTP or SSH
* Syntax highlighting ; markdown & CSV support
* Search code in snippets; browse users snippets, likes and forks
* Add topics to snippets
* Embed snippets in other websites
* Revisions history
* Like / Fork snippets
@@ -37,7 +38,7 @@ It is similar to [GitHub Gist](https://gist.github.com/), but open-source and co
Docker [images](https://github.com/thomiceli/opengist/pkgs/container/opengist) are available for each release :
```shell
docker pull ghcr.io/thomiceli/opengist:1.8
docker pull ghcr.io/thomiceli/opengist:1.9
```
It can be used in a `docker-compose.yml` file :
@@ -49,7 +50,7 @@ It can be used in a `docker-compose.yml` file :
```yml
services:
opengist:
image: ghcr.io/thomiceli/opengist:1.8
image: ghcr.io/thomiceli/opengist:1.9
container_name: opengist
restart: unless-stopped
ports:
@@ -76,9 +77,9 @@ Download the archive for your system from the release page [here](https://github
```shell
# example for linux amd64
wget https://github.com/thomiceli/opengist/releases/download/v1.8.2/opengist1.8.2-linux-amd64.tar.gz
wget https://github.com/thomiceli/opengist/releases/download/v1.9.1/opengist1.9.1-linux-amd64.tar.gz
tar xzvf opengist1.8.2-linux-amd64.tar.gz
tar xzvf opengist1.9.1-linux-amd64.tar.gz
cd opengist
chmod +x opengist
./opengist # with or without `--config config.yml`

5
config.yml
View File

@@ -38,7 +38,6 @@ git.default-branch:
# For SQLite databases only.
sqlite.journal-mode: WAL
# HTTP server configuration
# Host to bind to. Default: 0.0.0.0
http.host: 0.0.0.0
@@ -72,7 +71,6 @@ ssh.external-domain:
# Path or alias to ssh-keygen executable. Default: ssh-keygen
ssh.keygen-executable: ssh-keygen
# OAuth2 configuration
# The callback/redirect URL must be http://opengist.url/oauth/<github|gitlab|gitea|openid-connect>/callback
@@ -102,6 +100,9 @@ oidc.secret:
# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
oidc.discovery-url:
# Instance name
# Set your own custom name to be displayed instead of 'Opengist'
custom.name:
# Custom assets
# Add your own custom assets, that are files relatives to $opengist-home/custom/

4
deploy/README.md
View File

@@ -28,11 +28,11 @@ namespace: opengist
resources:
- namespace.yaml
- https://github.com/thomiceli/opengist/deploy/?ref:v1.8.2
- https://github.com/thomiceli/opengist/deploy/?ref:v1.9.1
images:
- name: ghcr.io/thomiceli/opengist
newTag: 1.8.2
newTag: 1.9.1
patches:
# Add your ingress

2
docs/.vitepress/theme/Home.vue
View File

@@ -19,7 +19,7 @@ export default {
<div class="mx-auto lg:text-center">
<img class="rotating h-36 mx-auto my-8 " src="https://raw.githubusercontent.com/thomiceli/opengist/master/public/opengist.svg" alt="" >
<a target="_blank" href="https://github.com/thomiceli/opengist/releases" class="inline-flex items-center rounded-full bg-indigo-100 hover:bg-indigo-200 px-4 py-1.5 text-lg font-medium text-indigo-700">
<span class="pr-1">Released 1.8.2</span>
<span class="pr-1">Released 1.9</span>
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-4">
<path stroke-linecap="round" stroke-linejoin="round" d="m4.5 19.5 15-15m0 0H8.25m11.25 0v11.25" />
</svg>

1
docs/configuration/cheat-sheet.md
View File

@@ -37,6 +37,7 @@ aside: false
| oidc.client-key | OG_OIDC_CLIENT_KEY | none | The client key for the OpenID application. |
| oidc.secret | OG_OIDC_SECRET | none | The secret for the OpenID application. |
| oidc.discovery-url | OG_OIDC_DISCOVERY_URL | none | Discovery endpoint of the OpenID provider. |
| custom.name | OG_CUSTOM_NAME | none | The name of your instance, to be displayed in the tab title |
| custom.logo | OG_CUSTOM_LOGO | none | Path to an image, relative to $opengist-home/custom. |
| custom.favicon | OG_CUSTOM_FAVICON | none | Path to an image, relative to $opengist-home/custom. |
| custom.static-links | OG_CUSTOM_STATIC_LINK_#_(PATH,NAME) | none | Path and name to custom links, more info [here](custom-links.md). |

16
docs/configuration/custom-assets.md
View File

@@ -28,4 +28,18 @@ custom.favicon: favicon.png
#### Environment variable
```sh
export OG_CUSTOM_FAVICON=favicon.png
```
```
### Instance Name
It is also possible to set a name for your instance, that would be displayed in the title bar instead of 'Opengist'.
#### YAML
```yaml
custom.name: My Gists
```
#### Environment variable
```sh
export OG_CUSTOM_NAME="My Gists"
```

4
docs/installation/binary.md
View File

@@ -4,9 +4,9 @@ Download the archive for your system from the release page [here](https://github
```shell
# example for linux amd64
wget https://github.com/thomiceli/opengist/releases/download/v1.8.2/opengist1.8.2-linux-amd64.tar.gz
wget https://github.com/thomiceli/opengist/releases/download/v1.9.1/opengist1.9.1-linux-amd64.tar.gz
tar xzvf opengist1.8.2-linux-amd64.tar.gz
tar xzvf opengist1.9.1-linux-amd64.tar.gz
cd opengist
chmod +x opengist
./opengist # with or without `--config config.yml`

2
docs/installation/source.md
View File

@@ -10,7 +10,7 @@ Requirements:
git clone https://github.com/thomiceli/opengist
cd opengist
git checkout v1.8.2 # optional, to checkout the latest release
git checkout v1.9.1 # optional, to checkout the latest release
make
./opengist

1
docs/introduction.md
View File

@@ -15,6 +15,7 @@ Written in [Go](https://go.dev), Opengist aims to be fast and easy to deploy.
* [Init](usage/init-via-git.md) / Clone / Pull / Push snippets **via Git** over HTTP or SSH
* Syntax highlighting ; markdown & CSV support
* Search code in snippets ; browse users snippets, likes and forks
* Add topics to snippets
* Embed snippets in other websites
* Revisions history
* Like / Fork snippets

4
docs/update.md
View File

@@ -27,9 +27,9 @@ Stop the running instance; then like your first installation of Opengist, downlo
```shell
# example for linux amd64
wget https://github.com/thomiceli/opengist/releases/download/v1.8.2/opengist1.8.2-linux-amd64.tar.gz
wget https://github.com/thomiceli/opengist/releases/download/v1.9.1/opengist1.9.1-linux-amd64.tar.gz
tar xzvf opengist1.8.2-linux-amd64.tar.gz
tar xzvf opengist1.9.1-linux-amd64.tar.gz
cd opengist
chmod +x opengist
./opengist # with or without `--config config.yml`

6
docs/usage/git-push-options.md
View File

@@ -17,6 +17,12 @@ git push -o title=Gist123
git push -o title="My Gist 123"
```
## Change description
```shell
git push -o description="This is my gist description"
```
## Change visibility
```shell

31
go.mod
View File

@@ -4,17 +4,17 @@ go 1.23
require (
github.com/Kunde21/markdownfmt/v3 v3.1.0
github.com/alecthomas/chroma/v2 v2.14.0
github.com/blevesearch/bleve/v2 v2.4.3
github.com/alecthomas/chroma/v2 v2.15.0
github.com/blevesearch/bleve/v2 v2.4.4
github.com/dustin/go-humanize v1.0.1
github.com/glebarez/sqlite v1.11.0
github.com/go-playground/validator/v10 v10.23.0
github.com/go-playground/validator/v10 v10.24.0
github.com/go-webauthn/webauthn v0.11.2
github.com/google/uuid v1.6.0
github.com/gorilla/schema v1.4.1
github.com/gorilla/securecookie v1.1.2
github.com/gorilla/sessions v1.4.0
github.com/hashicorp/go-memdb v1.3.4
github.com/labstack/echo/v4 v4.12.0
github.com/labstack/echo/v4 v4.13.3
github.com/markbates/goth v1.80.0
github.com/pquerna/otp v1.4.0
github.com/rs/zerolog v1.33.0
@@ -24,11 +24,11 @@ require (
github.com/yuin/goldmark-emoji v1.0.4
github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
go.abhg.dev/goldmark/mermaid v0.5.0
golang.org/x/crypto v0.29.0
golang.org/x/text v0.20.0
golang.org/x/crypto v0.32.0
golang.org/x/text v0.22.0
gopkg.in/yaml.v3 v3.0.1
gorm.io/driver/mysql v1.5.7
gorm.io/driver/postgres v1.5.10
gorm.io/driver/postgres v1.5.11
gorm.io/gorm v1.25.12
)
@@ -38,7 +38,7 @@ require (
github.com/bits-and-blooms/bitset v1.17.0 // indirect
github.com/blevesearch/bleve_index_api v1.1.13 // indirect
github.com/blevesearch/geo v0.1.20 // indirect
github.com/blevesearch/go-faiss v1.0.23 // indirect
github.com/blevesearch/go-faiss v1.0.24 // indirect
github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
github.com/blevesearch/gtreap v0.1.1 // indirect
github.com/blevesearch/mmap-go v1.0.4 // indirect
@@ -52,27 +52,24 @@ require (
github.com/blevesearch/zapx/v13 v13.3.10 // indirect
github.com/blevesearch/zapx/v14 v14.3.10 // indirect
github.com/blevesearch/zapx/v15 v15.3.16 // indirect
github.com/blevesearch/zapx/v16 v16.1.8 // indirect
github.com/blevesearch/zapx/v16 v16.1.9-0.20241217210638-a0519e7caf3b // indirect
github.com/boombuler/barcode v1.0.2 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dlclark/regexp2 v1.11.4 // indirect
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
github.com/gabriel-vasile/mimetype v1.4.7 // indirect
github.com/gabriel-vasile/mimetype v1.4.8 // indirect
github.com/glebarez/go-sqlite v1.22.0 // indirect
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-sql-driver/mysql v1.8.1 // indirect
github.com/go-webauthn/x v0.1.15 // indirect
github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
github.com/golang/geo v0.0.0-20230421003525-6adc56603217 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/google/go-tpm v0.9.1 // indirect
github.com/gorilla/mux v1.8.1 // indirect
github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
github.com/hashicorp/golang-lru v1.0.2 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
github.com/jackc/pgx/v5 v5.7.1 // indirect
@@ -101,10 +98,10 @@ require (
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
go.etcd.io/bbolt v1.3.11 // indirect
golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
golang.org/x/net v0.31.0 // indirect
golang.org/x/net v0.34.0 // indirect
golang.org/x/oauth2 v0.24.0 // indirect
golang.org/x/sync v0.9.0 // indirect
golang.org/x/sys v0.27.0 // indirect
golang.org/x/sync v0.11.0 // indirect
golang.org/x/sys v0.29.0 // indirect
golang.org/x/time v0.8.0 // indirect
google.golang.org/protobuf v1.35.2 // indirect
modernc.org/libc v1.61.2 // indirect

75
go.sum
View File

@@ -4,25 +4,25 @@ github.com/Kunde21/markdownfmt/v3 v3.1.0 h1:KiZu9LKs+wFFBQKhrZJrFZwtLnCCWJahL+S+
github.com/Kunde21/markdownfmt/v3 v3.1.0/go.mod h1:tPXN1RTyOzJwhfHoon9wUr4HGYmWgVxSQN6VBJDkrVc=
github.com/RoaringBitmap/roaring v1.9.4 h1:yhEIoH4YezLYT04s1nHehNO64EKFTop/wBhxv2QzDdQ=
github.com/RoaringBitmap/roaring v1.9.4/go.mod h1:6AXUsoIEzDTFFQCe1RbGA6uFONMhvejWj5rqITANK90=
github.com/alecthomas/assert/v2 v2.7.0 h1:QtqSACNS3tF7oasA8CU6A6sXZSBDqnm7RfpLl9bZqbE=
github.com/alecthomas/assert/v2 v2.7.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
github.com/alecthomas/chroma/v2 v2.14.0 h1:R3+wzpnUArGcQz7fCETQBzO5n9IMNi13iIs46aU4V9E=
github.com/alecthomas/chroma/v2 v2.14.0/go.mod h1:QolEbTfmUHIMVpBqxeDnNBj2uoeI4EbYP4i6n68SG4I=
github.com/alecthomas/chroma/v2 v2.15.0 h1:LxXTQHFoYrstG2nnV9y2X5O94sOBzf0CIUpSTbpxvMc=
github.com/alecthomas/chroma/v2 v2.15.0/go.mod h1:gUhVLrPDXPtp/f+L1jo9xepo9gL4eLwRuGAunSZMkio=
github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc=
github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
github.com/bits-and-blooms/bitset v1.12.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
github.com/bits-and-blooms/bitset v1.17.0 h1:1X2TS7aHz1ELcC0yU1y2stUs/0ig5oMU6STFZGrhvHI=
github.com/bits-and-blooms/bitset v1.17.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
github.com/blevesearch/bleve/v2 v2.4.3 h1:XDYj+1prgX84L2Cf+V3ojrOPqXxy0qxyd2uLMmeuD+4=
github.com/blevesearch/bleve/v2 v2.4.3/go.mod h1:hEPDPrbYw3vyrm5VOa36GyS4bHWuIf4Fflp7460QQXY=
github.com/blevesearch/bleve/v2 v2.4.4 h1:RwwLGjUm54SwyyykbrZs4vc1qjzYic4ZnAnY9TwNl60=
github.com/blevesearch/bleve/v2 v2.4.4/go.mod h1:fa2Eo6DP7JR+dMFpQe+WiZXINKSunh7WBtlDGbolKXk=
github.com/blevesearch/bleve_index_api v1.1.13 h1:+nrA6oRJr85aCPyqaeZtsruObwKojutfonHJin/BP48=
github.com/blevesearch/bleve_index_api v1.1.13/go.mod h1:PbcwjIcRmjhGbkS/lJCpfgVSMROV6TRubGGAODaK1W8=
github.com/blevesearch/geo v0.1.20 h1:paaSpu2Ewh/tn5DKn/FB5SzvH0EWupxHEIwbCk/QPqM=
github.com/blevesearch/geo v0.1.20/go.mod h1:DVG2QjwHNMFmjo+ZgzrIq2sfCh6rIHzy9d9d0B59I6w=
github.com/blevesearch/go-faiss v1.0.23 h1:Wmc5AFwDLKGl2L6mjLX1Da3vCL0EKa2uHHSorcIS1Uc=
github.com/blevesearch/go-faiss v1.0.23/go.mod h1:OMGQwOaRRYxrmeNdMrXJPvVx8gBnvE5RYrr0BahNnkk=
github.com/blevesearch/go-faiss v1.0.24 h1:K79IvKjoKHdi7FdiXEsAhxpMuns0x4fM0BO93bW5jLI=
github.com/blevesearch/go-faiss v1.0.24/go.mod h1:OMGQwOaRRYxrmeNdMrXJPvVx8gBnvE5RYrr0BahNnkk=
github.com/blevesearch/go-porterstemmer v1.0.3 h1:GtmsqID0aZdCSNiY8SkuPJ12pD4jI+DdXTAn4YRcHCo=
github.com/blevesearch/go-porterstemmer v1.0.3/go.mod h1:angGc5Ht+k2xhJdZi511LtmxuEf0OVpvUUNrwmM1P7M=
github.com/blevesearch/gtreap v0.1.1 h1:2JWigFrzDMR+42WGIN/V2p0cUvn4UP3C4Q5nmaZGW8Y=
@@ -49,8 +49,8 @@ github.com/blevesearch/zapx/v14 v14.3.10 h1:SG6xlsL+W6YjhX5N3aEiL/2tcWh3DO75Bnz7
github.com/blevesearch/zapx/v14 v14.3.10/go.mod h1:qqyuR0u230jN1yMmE4FIAuCxmahRQEOehF78m6oTgns=
github.com/blevesearch/zapx/v15 v15.3.16 h1:Ct3rv7FUJPfPk99TI/OofdC+Kpb4IdyfdMH48sb+FmE=
github.com/blevesearch/zapx/v15 v15.3.16/go.mod h1:Turk/TNRKj9es7ZpKK95PS7f6D44Y7fAFy8F4LXQtGg=
github.com/blevesearch/zapx/v16 v16.1.8 h1:Bxzpw6YQpFs7UjoCV1+RvDw6fmAT2GZxldwX8b3wVBM=
github.com/blevesearch/zapx/v16 v16.1.8/go.mod h1:JqQlOqlRVaYDkpLIl3JnKql8u4zKTNlVEa3nLsi0Gn8=
github.com/blevesearch/zapx/v16 v16.1.9-0.20241217210638-a0519e7caf3b h1:ju9Az5YgrzCeK3M1QwvZIpxYhChkXp7/L0RhDYsxXoE=
github.com/blevesearch/zapx/v16 v16.1.9-0.20241217210638-a0519e7caf3b/go.mod h1:BlrYNpOu4BvVRslmIG+rLtKhmjIaRhIbG8sb9scGTwI=
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
github.com/boombuler/barcode v1.0.2 h1:79yrbttoZrLGkL/oOI8hBrUKucwOL0oOjUgEguGMcJ4=
github.com/boombuler/barcode v1.0.2/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
@@ -75,8 +75,8 @@ github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkp
github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
github.com/gabriel-vasile/mimetype v1.4.7 h1:SKFKl7kD0RiPdbht0s7hFtjl489WcQ1VyPW8ZzUMYCA=
github.com/gabriel-vasile/mimetype v1.4.7/go.mod h1:GDlAgAyIRT27BhFl53XNAFtfjzOkLaF35JdEG0P7LtU=
github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM=
github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8=
github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ=
github.com/glebarez/go-sqlite v1.22.0/go.mod h1:PlBIdHe0+aUEFn+r2/uthrWq4FxbzugL0L8Li6yQJbc=
github.com/glebarez/sqlite v1.11.0 h1:wSG0irqzP6VurnMEpFGer5Li19RpIRi2qvQz++w0GMw=
@@ -87,8 +87,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
github.com/go-playground/validator/v10 v10.23.0 h1:/PwmTwZhS0dPkav3cdK9kV1FsAmrL8sThn8IHr/sO+o=
github.com/go-playground/validator/v10 v10.23.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
github.com/go-playground/validator/v10 v10.24.0 h1:KHQckvo8G6hlWnrPX4NJJ+aBfWNAE/HH+qdL2cBpCmg=
github.com/go-playground/validator/v10 v10.24.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus=
github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
@@ -103,8 +103,6 @@ github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6Wezm
github.com/gobwas/ws v1.1.0 h1:7RFti/xnNkMJnrK7D1yQ/iCIB5OrrY/54/H930kIbHA=
github.com/gobwas/ws v1.1.0/go.mod h1:nzvNcVha5eUziGrbxFCo6qFIojQHjJV5cLYIbezhfL0=
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang/geo v0.0.0-20230421003525-6adc56603217 h1:HKlyj6in2JV6wVkmQ4XmG/EIm+SCYlPZ+V4GWit7Z+I=
@@ -126,21 +124,12 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
github.com/gorilla/schema v1.4.1 h1:jUg5hUjCSDZpNGLuXQOgIWGdlgrIdYvgQ0wZtdK1M3E=
github.com/gorilla/schema v1.4.1/go.mod h1:Dg5SSm5PV60mhF2NFaTV1xuYYj8tV8NOPRo4FggUMnM=
github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
github.com/hashicorp/go-immutable-radix v1.3.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
github.com/hashicorp/go-memdb v1.3.4 h1:XSL3NR682X/cVk2IeV0d70N4DZ9ljI885xAEU8IoK3c=
github.com/hashicorp/go-memdb v1.3.4/go.mod h1:uBTr1oQbtuMgd1SSGoR8YV27eT3sBHbYiNm53bMpgSg=
github.com/hashicorp/go-uuid v1.0.0 h1:RS8zrF7PhGwyNPOtxSClXXj9HA8feRnJzgnI1RJCSnM=
github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c=
github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
@@ -163,8 +152,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/labstack/echo/v4 v4.12.0 h1:IKpw49IMryVB2p1a4dzwlhP1O2Tf2E0Ir/450lH+kI0=
github.com/labstack/echo/v4 v4.12.0/go.mod h1:UP9Cr2DJXbOK3Kr9ONYzNowSh7HP0aG0ShAyycHSJvM=
github.com/labstack/echo/v4 v4.13.3 h1:pwhpCPrTl5qry5HRdM5FwdXnhXSLSY+WE+YQSeCaafY=
github.com/labstack/echo/v4 v4.13.3/go.mod h1:o90YNEeQWjDozo584l7AwhJMHN0bOC4tAfg+Xox9q5g=
github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0=
github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU=
github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
@@ -236,28 +225,28 @@ go.abhg.dev/goldmark/mermaid v0.5.0 h1:mDkykpSPJ+5wCQ8bSXgzJ2KQskjXkI5Ndxz7JYDHW
go.abhg.dev/goldmark/mermaid v0.5.0/go.mod h1:OCyk2o85TX2drWHH+HRy6bih2yZlUwbbv/R1MMh1YLs=
go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=
go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg=
golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.27.0 h1:qEKojBykQkQ4EynWy4S8Weg69NumxKdn40Fce3uc/8o=
@@ -272,8 +261,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gorm.io/driver/mysql v1.5.7 h1:MndhOPYOfEp2rHKgkZIhJ16eVUIRf2HmzgoPmh7FCWo=
gorm.io/driver/mysql v1.5.7/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM=
gorm.io/driver/postgres v1.5.10 h1:7Lggqempgy496c0WfHXsYWxk3Th+ZcW66/21QhVFdeE=
gorm.io/driver/postgres v1.5.10/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
gorm.io/driver/postgres v1.5.11 h1:ubBVAfbKEUld/twyKZ0IYn9rSQh448EdelLYk9Mv314=
gorm.io/driver/postgres v1.5.11/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
gorm.io/gorm v1.25.12 h1:I0u8i2hWQItBq1WfE0o2+WuL9+8L21K9e2HHSTE/0f8=
gorm.io/gorm v1.25.12/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=

30
internal/actions/actions.go
View File

@@ -23,6 +23,7 @@ const (
SyncGistPreviews
ResetHooks
IndexGists
SyncGistLanguages
)
var (
@@ -73,6 +74,8 @@ func Run(actionType int) {
functionToRun = resetHooks
case IndexGists:
functionToRun = indexGists
case SyncGistLanguages:
functionToRun = syncGistLanguages
default:
log.Error().Msg("Unknown action type")
}
@@ -141,17 +144,8 @@ func syncGistPreviews() {
func resetHooks() {
log.Info().Msg("Resetting Git server hooks for all repositories...")
entries, err := filepath.Glob(filepath.Join(config.GetHomeDir(), "repos", "*", "*"))
if err != nil {
log.Error().Err(err).Msg("Cannot read repos directories")
return
}
for _, e := range entries {
path := strings.Split(e, string(os.PathSeparator))
if err := git.CreateDotGitFiles(path[len(path)-2], path[len(path)-1]); err != nil {
log.Error().Err(err).Msgf("Cannot reset hooks for repository %s/%s", path[len(path)-2], path[len(path)-1])
}
if err := git.ResetHooks(); err != nil {
log.Error().Err(err).Msg("Error resetting hooks for repositories")
}
}
@@ -175,3 +169,17 @@ func indexGists() {
}
}
}
func syncGistLanguages() {
log.Info().Msg("Syncing all Gist languages...")
gists, err := db.GetAllGistsRows()
if err != nil {
log.Error().Err(err).Msg("Cannot get gists")
return
}
for _, gist := range gists {
log.Info().Msgf("Syncing languages for gist %d", gist.ID)
gist.UpdateLanguages()
}
}

2
internal/utils/aes.go → internal/auth/aes.go
View File

@@ -1,4 +1,4 @@
package utils
package auth
import (
"crypto/aes"

10
internal/utils/argon2id.go → internal/auth/argon2id.go
View File

@@ -1,4 +1,4 @@
package utils
package auth
import (
"crypto/rand"
@@ -10,7 +10,7 @@ import (
"strings"
)
type Argon2ID struct {
type argon2ID struct {
format string
version int
time uint32
@@ -20,7 +20,7 @@ type Argon2ID struct {
threads uint8
}
var Argon2id = Argon2ID{
var Argon2id = argon2ID{
format: "$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s",
version: argon2.Version,
time: 1,
@@ -30,7 +30,7 @@ var Argon2id = Argon2ID{
threads: 4,
}
func (a Argon2ID) Hash(plain string) (string, error) {
func (a argon2ID) Hash(plain string) (string, error) {
salt := make([]byte, a.saltLen)
if _, err := rand.Read(salt); err != nil {
return "", err
@@ -44,7 +44,7 @@ func (a Argon2ID) Hash(plain string) (string, error) {
), nil
}
func (a Argon2ID) Verify(plain, hash string) (bool, error) {
func (a argon2ID) Verify(plain, hash string) (bool, error) {
if hash == "" {
return false, nil
}

117
internal/auth/oauth/gitea.go Normal file
View File

@@ -0,0 +1,117 @@
package oauth
import (
gocontext "context"
gojson "encoding/json"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
"github.com/markbates/goth/providers/gitea"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"io"
"net/http"
)
type GiteaProvider struct {
Provider
URL string
}
func (p *GiteaProvider) RegisterProvider() error {
goth.UseProviders(
gitea.NewCustomisedURL(
config.C.GiteaClientKey,
config.C.GiteaSecret,
urlJoin(p.URL, "/oauth/gitea/callback"),
urlJoin(config.C.GiteaUrl, "/login/oauth/authorize"),
urlJoin(config.C.GiteaUrl, "/login/oauth/access_token"),
urlJoin(config.C.GiteaUrl, "/api/v1/user"),
),
)
return nil
}
func (p *GiteaProvider) BeginAuthHandler(ctx *context.Context) {
ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GiteaProviderString)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
}
func (p *GiteaProvider) UserHasProvider(user *db.User) bool {
return user.GiteaID != ""
}
func NewGiteaProvider(url string) *GiteaProvider {
return &GiteaProvider{
URL: url,
}
}
type GiteaCallbackProvider struct {
CallbackProvider
User *goth.User
}
func (p *GiteaCallbackProvider) GetProvider() string {
return GiteaProviderString
}
func (p *GiteaCallbackProvider) GetProviderUser() *goth.User {
return p.User
}
func (p *GiteaCallbackProvider) GetProviderUserID(user *db.User) bool {
return user.GiteaID != ""
}
func (p *GiteaCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
resp, err := http.Get(urlJoin(config.C.GiteaUrl, p.User.NickName+".keys"))
if err != nil {
return nil, err
}
defer resp.Body.Close()
return readKeys(resp)
}
func (p *GiteaCallbackProvider) UpdateUserDB(user *db.User) {
user.GiteaID = p.User.UserID
resp, err := http.Get(urlJoin(config.C.GiteaUrl, "/api/v1/users/", p.User.UserID))
if err != nil {
log.Error().Err(err).Msg("Cannot get user from Gitea")
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
log.Error().Err(err).Msg("Cannot read Gitea response body")
return
}
var result map[string]interface{}
err = gojson.Unmarshal(body, &result)
if err != nil {
log.Error().Err(err).Msg("Cannot unmarshal Gitea response body")
return
}
field, ok := result["avatar_url"]
if !ok {
log.Error().Msg("Field 'avatar_url' not found in Gitea JSON response")
return
}
user.AvatarURL = field.(string)
}
func NewGiteaCallbackProvider(user *goth.User) CallbackProvider {
return &GiteaCallbackProvider{
User: user,
}
}

84
internal/auth/oauth/github.go Normal file
View File

@@ -0,0 +1,84 @@
package oauth
import (
gocontext "context"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
"github.com/markbates/goth/providers/github"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"net/http"
)
type GitHubProvider struct {
Provider
URL string
}
func (p *GitHubProvider) RegisterProvider() error {
goth.UseProviders(
github.New(
config.C.GithubClientKey,
config.C.GithubSecret,
urlJoin(p.URL, "/oauth/github/callback"),
),
)
return nil
}
func (p *GitHubProvider) BeginAuthHandler(ctx *context.Context) {
ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GitHubProviderString)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
}
func (p *GitHubProvider) UserHasProvider(user *db.User) bool {
return user.GithubID != ""
}
func NewGitHubProvider(url string) *GitHubProvider {
return &GitHubProvider{
URL: url,
}
}
type GitHubCallbackProvider struct {
CallbackProvider
User *goth.User
}
func (p *GitHubCallbackProvider) GetProvider() string {
return GitHubProviderString
}
func (p *GitHubCallbackProvider) GetProviderUser() *goth.User {
return p.User
}
func (p *GitHubCallbackProvider) GetProviderUserID(user *db.User) bool {
return user.GithubID != ""
}
func (p *GitHubCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
resp, err := http.Get("https://github.com/" + p.User.NickName + ".keys")
if err != nil {
return nil, err
}
defer resp.Body.Close()
return readKeys(resp)
}
func (p *GitHubCallbackProvider) UpdateUserDB(user *db.User) {
user.GithubID = p.User.UserID
user.AvatarURL = "https://avatars.githubusercontent.com/u/" + p.User.UserID + "?v=4"
}
func NewGitHubCallbackProvider(user *goth.User) CallbackProvider {
return &GitHubCallbackProvider{
User: user,
}
}

87
internal/auth/oauth/gitlab.go Normal file
View File

@@ -0,0 +1,87 @@
package oauth
import (
gocontext "context"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
"github.com/markbates/goth/providers/gitlab"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"net/http"
)
type GitLabProvider struct {
Provider
URL string
}
func (p *GitLabProvider) RegisterProvider() error {
goth.UseProviders(
gitlab.NewCustomisedURL(
config.C.GitlabClientKey,
config.C.GitlabSecret,
urlJoin(p.URL, "/oauth/gitlab/callback"),
urlJoin(config.C.GitlabUrl, "/oauth/authorize"),
urlJoin(config.C.GitlabUrl, "/oauth/token"),
urlJoin(config.C.GitlabUrl, "/api/v4/user"),
),
)
return nil
}
func (p *GitLabProvider) BeginAuthHandler(ctx *context.Context) {
ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GitLabProviderString)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
}
func (p *GitLabProvider) UserHasProvider(user *db.User) bool {
return user.GitlabID != ""
}
func NewGitLabProvider(url string) *GitLabProvider {
return &GitLabProvider{
URL: url,
}
}
type GitLabCallbackProvider struct {
CallbackProvider
User *goth.User
}
func (p *GitLabCallbackProvider) GetProvider() string {
return GitLabProviderString
}
func (p *GitLabCallbackProvider) GetProviderUser() *goth.User {
return p.User
}
func (p *GitLabCallbackProvider) GetProviderUserID(user *db.User) bool {
return user.GitlabID != ""
}
func (p *GitLabCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
resp, err := http.Get(urlJoin(config.C.GitlabUrl, p.User.NickName+".keys"))
if err != nil {
return nil, err
}
defer resp.Body.Close()
return readKeys(resp)
}
func (p *GitLabCallbackProvider) UpdateUserDB(user *db.User) {
user.GitlabID = p.User.UserID
user.AvatarURL = urlJoin(config.C.GitlabUrl, "/uploads/-/system/user/avatar/", p.User.UserID, "/avatar.png") + "?width=400"
}
func NewGitLabCallbackProvider(user *goth.User) CallbackProvider {
return &GitLabCallbackProvider{
User: user,
}
}

85
internal/auth/oauth/openid.go Normal file
View File

@@ -0,0 +1,85 @@
package oauth
import (
gocontext "context"
"errors"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
"github.com/markbates/goth/providers/openidConnect"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
)
type OIDCProvider struct {
Provider
URL string
}
func (p *OIDCProvider) RegisterProvider() error {
oidcProvider, err := openidConnect.New(
config.C.OIDCClientKey,
config.C.OIDCSecret,
urlJoin(p.URL, "/oauth/openid-connect/callback"),
config.C.OIDCDiscoveryUrl,
"openid",
"email",
"profile",
)
if err != nil {
return errors.New("Cannot create OIDC provider: " + err.Error())
}
goth.UseProviders(oidcProvider)
return nil
}
func (p *OIDCProvider) BeginAuthHandler(ctx *context.Context) {
ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, OpenIDConnectString)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
}
func (p *OIDCProvider) UserHasProvider(user *db.User) bool {
return user.OIDCID != ""
}
func NewOIDCProvider(url string) *OIDCProvider {
return &OIDCProvider{
URL: url,
}
}
type OIDCCallbackProvider struct {
CallbackProvider
User *goth.User
}
func (p *OIDCCallbackProvider) GetProvider() string {
return OpenIDConnectString
}
func (p *OIDCCallbackProvider) GetProviderUser() *goth.User {
return p.User
}
func (p *OIDCCallbackProvider) GetProviderUserID(user *db.User) bool {
return user.OIDCID != ""
}
func (p *OIDCCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
return nil, nil
}
func (p *OIDCCallbackProvider) UpdateUserDB(user *db.User) {
user.OIDCID = p.User.UserID
user.AvatarURL = p.User.AvatarURL
}
func NewOIDCCallbackProvider(user *goth.User) CallbackProvider {
return &OIDCCallbackProvider{
User: user,
}
}

93
internal/auth/oauth/provider.go Normal file
View File

@@ -0,0 +1,93 @@
package oauth
import (
"fmt"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"io"
"net/http"
"net/url"
"strings"
)
const (
GitHubProviderString = "github"
GitLabProviderString = "gitlab"
GiteaProviderString = "gitea"
OpenIDConnectString = "openid-connect"
)
type Provider interface {
RegisterProvider() error
BeginAuthHandler(ctx *context.Context)
UserHasProvider(user *db.User) bool
}
type CallbackProvider interface {
GetProvider() string
GetProviderUser() *goth.User
GetProviderUserID(user *db.User) bool
GetProviderUserSSHKeys() ([]string, error)
UpdateUserDB(user *db.User)
}
func DefineProvider(provider string, url string) (Provider, error) {
switch provider {
case GitHubProviderString:
return NewGitHubProvider(url), nil
case GitLabProviderString:
return NewGitLabProvider(url), nil
case GiteaProviderString:
return NewGiteaProvider(url), nil
case OpenIDConnectString:
return NewOIDCProvider(url), nil
}
return nil, fmt.Errorf("unsupported provider %s", provider)
}
func CompleteUserAuth(ctx *context.Context) (CallbackProvider, error) {
user, err := gothic.CompleteUserAuth(ctx.Response(), ctx.Request())
if err != nil {
return nil, err
}
switch user.Provider {
case GitHubProviderString:
return NewGitHubCallbackProvider(&user), nil
case GitLabProviderString:
return NewGitLabCallbackProvider(&user), nil
case GiteaProviderString:
return NewGiteaCallbackProvider(&user), nil
case OpenIDConnectString:
return NewOIDCCallbackProvider(&user), nil
}
return nil, fmt.Errorf("unsupported provider %s", user.Provider)
}
func urlJoin(base string, elem ...string) string {
joined, err := url.JoinPath(base, elem...)
if err != nil {
log.Error().Err(err).Msg("Cannot join url")
}
return joined
}
func readKeys(response *http.Response) ([]string, error) {
body, err := io.ReadAll(response.Body)
if err != nil {
return nil, fmt.Errorf("could not get user keys %v", err)
}
keys := strings.Split(string(body), "\n")
if len(keys[len(keys)-1]) == 0 {
keys = keys[:len(keys)-1]
}
return keys, nil
}

11
internal/auth/password/password.go Normal file
View File

@@ -0,0 +1,11 @@
package password
import "github.com/thomiceli/opengist/internal/auth"
func HashPassword(code string) (string, error) {
return auth.Argon2id.Hash(code)
}
func VerifyPassword(code, hashedCode string) (bool, error) {
return auth.Argon2id.Verify(code, hashedCode)
}

4
internal/cli/admin.go
View File

@@ -2,8 +2,8 @@ package cli
import (
"fmt"
"github.com/thomiceli/opengist/internal/auth/password"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/utils"
"github.com/urfave/cli/v2"
)
@@ -33,7 +33,7 @@ var CmdAdminResetPassword = cli.Command{
fmt.Printf("Cannot get user %s: %s\n", username, err)
return err
}
password, err := utils.Argon2id.Hash(plainPassword)
password, err := password.HashPassword(plainPassword)
if err != nil {
fmt.Printf("Cannot hash password for user %s: %s\n", username, err)
return err

2
internal/cli/hook.go
View File

@@ -50,7 +50,7 @@ func initialize(ctx *cli.Context) {
config.InitLog()
db.DeprecationDBFilename()
if err := db.Setup(config.C.DBUri, false); err != nil {
if err := db.Setup(config.C.DBUri); err != nil {
log.Fatal().Err(err).Msg("Failed to initialize database in hooks")
}
}

19
internal/cli/main.go
View File

@@ -8,9 +8,8 @@ import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/index"
"github.com/thomiceli/opengist/internal/memdb"
"github.com/thomiceli/opengist/internal/ssh"
"github.com/thomiceli/opengist/internal/web"
"github.com/thomiceli/opengist/internal/web/server"
"github.com/urfave/cli/v2"
"os"
"os/signal"
@@ -37,7 +36,7 @@ var CmdStart = cli.Command{
Initialize(ctx)
go web.NewServer(os.Getenv("OG_DEV") == "1", path.Join(config.GetHomeDir(), "sessions"), false).Start()
go server.NewServer(os.Getenv("OG_DEV") == "1", path.Join(config.GetHomeDir(), "sessions"), false).Start()
go ssh.Start()
<-stopCtx.Done()
@@ -92,13 +91,13 @@ func Initialize(ctx *cli.Context) {
"Current git version: " + gitVersion)
}
if err := git.InitGitConfig(); err != nil {
log.Fatal().Err(err).Send()
}
homePath := config.GetHomeDir()
log.Info().Msg("Data directory: " + homePath)
if err := git.InitGitConfig(); err != nil {
log.Warn().Err(err).Msgf("Failed to change the host's git global config, ensure to add to `safe.directory` the path %s, and `receive.advertisePushOptions` is set to true.", homePath)
}
if err := createSymlink(homePath, ctx.String("config")); err != nil {
log.Fatal().Err(err).Msg("Failed to create symlinks")
}
@@ -117,14 +116,10 @@ func Initialize(ctx *cli.Context) {
}
db.DeprecationDBFilename()
if err := db.Setup(config.C.DBUri, false); err != nil {
if err := db.Setup(config.C.DBUri); err != nil {
log.Fatal().Err(err).Msg("Failed to initialize database")
}
if err := memdb.Setup(); err != nil {
log.Fatal().Err(err).Msg("Failed to initialize in memory database")
}
if err := webauthn.Init(config.C.ExternalUrl); err != nil {
log.Error().Err(err).Msg("Failed to initialize WebAuthn")
}

11
internal/config/config.go
View File

@@ -2,6 +2,7 @@ package config
import (
"fmt"
"github.com/thomiceli/opengist/internal/session"
"io"
"net/url"
"os"
@@ -14,7 +15,6 @@ import (
"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/utils"
"gopkg.in/yaml.v3"
)
@@ -71,6 +71,7 @@ type config struct {
OIDCSecret string `yaml:"oidc.secret" env:"OG_OIDC_SECRET"`
OIDCDiscoveryUrl string `yaml:"oidc.discovery-url" env:"OG_OIDC_DISCOVERY_URL"`
CustomName string `yaml:"custom.name" env:"OG_CUSTOM_NAME"`
CustomLogo string `yaml:"custom.logo" env:"OG_CUSTOM_LOGO"`
CustomFavicon string `yaml:"custom.favicon" env:"OG_CUSTOM_FAVICON"`
StaticLinks []StaticLink `yaml:"custom.static-links" env:"OG_CUSTOM_STATIC_LINK"`
@@ -164,9 +165,9 @@ func InitLog() {
}
var logWriters []io.Writer
logOutputTypes := utils.RemoveDuplicates[string](
strings.Split(strings.ToLower(C.LogOutput), ","),
)
logOutputTypes := strings.Split(strings.ToLower(C.LogOutput), ",")
slices.Sort(logOutputTypes)
logOutputTypes = slices.Compact(logOutputTypes)
consoleWriter := zerolog.NewConsoleWriter(
func(w *zerolog.ConsoleWriter) {
@@ -244,7 +245,7 @@ func GetHomeDir() string {
func SetupSecretKey() {
if C.SecretKey == "" {
path := filepath.Join(GetHomeDir(), "opengist-secret.key")
SecretKey, _ = utils.GenerateSecretKey(path)
SecretKey, _ = session.GenerateSecretKey(path)
} else {
SecretKey = []byte(C.SecretKey)
}

8
internal/db/admin_setting.go
View File

@@ -19,7 +19,13 @@ const (
func GetSetting(key string) (string, error) {
var setting AdminSetting
err := db.Where("`key` = ?", key).First(&setting).Error
var err error
switch db.Dialector.Name() {
case "mysql", "sqlite":
err = db.Where("`key` = ?", key).First(&setting).Error
case "postgres":
err = db.Where("key = ?", key).First(&setting).Error
}
return setting.Value, err
}

51
internal/db/db.go
View File

@@ -46,6 +46,12 @@ var DatabaseInfo *databaseInfo
func parseDBURI(uri string) (*databaseInfo, error) {
info := &databaseInfo{}
if uri == ":memory:" {
info.Type = SQLite
info.Database = uri
return info, nil
}
u, err := url.Parse(uri)
if err != nil {
return nil, fmt.Errorf("invalid URI: %v", err)
@@ -91,14 +97,14 @@ func parseDBURI(uri string) (*databaseInfo, error) {
return info, nil
}
func Setup(dbUri string, sharedCache bool) error {
func Setup(dbUri string) error {
dbInfo, err := parseDBURI(dbUri)
if err != nil {
return err
}
log.Info().Msgf("Setting up a %s database connection", dbInfo.Type)
var setupFunc func(databaseInfo, bool) error
var setupFunc func(databaseInfo) error
switch dbInfo.Type {
case SQLite:
setupFunc = setupSQLite
@@ -114,7 +120,7 @@ func Setup(dbUri string, sharedCache bool) error {
retryInterval := 1 * time.Second
for attempt := 1; attempt <= maxAttempts; attempt++ {
err = setupFunc(*dbInfo, sharedCache)
err = setupFunc(*dbInfo)
if err == nil {
log.Info().Msg("Database connection established")
break
@@ -138,11 +144,11 @@ func Setup(dbUri string, sharedCache bool) error {
return err
}
if err = db.AutoMigrate(&User{}, &Gist{}, &SSHKey{}, &AdminSetting{}, &Invitation{}, &WebAuthnCredential{}, &TOTP{}); err != nil {
if err = db.AutoMigrate(&User{}, &Gist{}, &SSHKey{}, &AdminSetting{}, &Invitation{}, &WebAuthnCredential{}, &TOTP{}, &GistTopic{}, &GistLanguage{}); err != nil {
return err
}
if err = applyMigrations(db, dbInfo); err != nil {
if err = applyMigrations(dbInfo); err != nil {
return err
}
@@ -183,37 +189,38 @@ func Ping() error {
return sql.Ping()
}
func setupSQLite(dbInfo databaseInfo, sharedCache bool) error {
func setupSQLite(dbInfo databaseInfo) error {
var err error
var dsn string
journalMode := strings.ToUpper(config.C.SqliteJournalMode)
if !slices.Contains([]string{"DELETE", "TRUNCATE", "PERSIST", "MEMORY", "WAL", "OFF"}, journalMode) {
log.Warn().Msg("Invalid SQLite journal mode: " + journalMode)
}
u, err := url.Parse(dbInfo.Database)
if err != nil {
return err
}
if dbInfo.Database == ":memory:" {
dsn = ":memory:?_fk=true&cache=shared"
} else {
u, err := url.Parse(dbInfo.Database)
if err != nil {
return err
}
u.Scheme = "file"
q := u.Query()
q.Set("_fk", "true")
q.Set("_journal_mode", journalMode)
if sharedCache {
q.Set("cache", "shared")
u.Scheme = "file"
q := u.Query()
q.Set("_pragma", "foreign_keys(1)")
q.Set("_journal_mode", journalMode)
u.RawQuery = q.Encode()
dsn = u.String()
}
u.RawQuery = q.Encode()
dsn := u.String()
db, err = gorm.Open(sqlite.Open(dsn), &gorm.Config{
Logger: logger.Default.LogMode(logger.Silent),
TranslateError: true,
})
return err
}
func setupPostgres(dbInfo databaseInfo, sharedCache bool) error {
func setupPostgres(dbInfo databaseInfo) error {
var err error
dsn := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=disable", dbInfo.Host, dbInfo.Port, dbInfo.User, dbInfo.Password, dbInfo.Database)
@@ -225,7 +232,7 @@ func setupPostgres(dbInfo databaseInfo, sharedCache bool) error {
return err
}
func setupMySQL(dbInfo databaseInfo, sharedCache bool) error {
func setupMySQL(dbInfo databaseInfo) error {
var err error
dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/%s?charset=utf8mb4&parseTime=True&loc=Local", dbInfo.User, dbInfo.Password, dbInfo.Host, dbInfo.Port, dbInfo.Database)
@@ -251,5 +258,5 @@ func DeprecationDBFilename() {
}
func TruncateDatabase() error {
return db.Migrator().DropTable("likes", &User{}, "gists", &SSHKey{}, &AdminSetting{}, &Invitation{}, &WebAuthnCredential{}, &TOTP{})
return db.Migrator().DropTable("likes", &User{}, "gists", &SSHKey{}, &AdminSetting{}, &Invitation{}, &WebAuthnCredential{}, &TOTP{}, &GistTopic{}, &GistLanguage{})
}

230
internal/db/gist.go
View File

@@ -1,9 +1,12 @@
package db
import (
"bytes"
"encoding/gob"
"fmt"
"os/exec"
"path/filepath"
"slices"
"strings"
"time"
@@ -48,16 +51,16 @@ func (v Visibility) Next() Visibility {
}
}
func ParseVisibility[T string | int](v T) (Visibility, error) {
func ParseVisibility[T string | int](v T) Visibility {
switch s := fmt.Sprint(v); s {
case "0", "public":
return PublicVisibility, nil
return PublicVisibility
case "1", "unlisted":
return UnlistedVisibility, nil
return UnlistedVisibility
case "2", "private":
return PrivateVisibility, nil
return PrivateVisibility
default:
return -1, fmt.Errorf("unknown visibility %q", s)
return PublicVisibility
}
}
@@ -81,6 +84,9 @@ type Gist struct {
Likes []User `gorm:"many2many:likes;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
Forked *Gist `gorm:"foreignKey:ForkedID;constraint:OnUpdate:CASCADE,OnDelete:SET NULL"`
ForkedID uint
Topics []GistTopic `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
Languages []GistLanguage `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
}
type Like struct {
@@ -100,7 +106,7 @@ func (gist *Gist) BeforeDelete(tx *gorm.DB) error {
func GetGist(user string, gistUuid string) (*Gist, error) {
gist := new(Gist)
err := db.Preload("User").Preload("Forked.User").
err := db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("(gists.uuid like ? OR gists.url = ?) AND users.username like ?", gistUuid+"%", gistUuid, user).
Joins("join users on gists.user_id = users.id").
First(&gist).Error
@@ -110,7 +116,7 @@ func GetGist(user string, gistUuid string) (*Gist, error) {
func GetGistByID(gistId string) (*Gist, error) {
gist := new(Gist)
err := db.Preload("User").Preload("Forked.User").
err := db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("gists.id = ?", gistId).
First(&gist).Error
@@ -119,7 +125,9 @@ func GetGistByID(gistId string) (*Gist, error) {
func GetAllGistsForCurrentUser(currentUserId uint, offset int, sort string, order string) ([]*Gist, error) {
var gists []*Gist
err := db.Preload("User").Preload("Forked.User").
err := db.Preload("User").
Preload("Forked.User").
Preload("Topics").
Where("gists.private = 0 or gists.user_id = ?", currentUserId).
Limit(11).
Offset(offset * 10).
@@ -140,12 +148,18 @@ func GetAllGists(offset int) ([]*Gist, error) {
return gists, err
}
func GetAllGistsFromSearch(currentUserId uint, query string, offset int, sort string, order string) ([]*Gist, error) {
func GetAllGistsFromSearch(currentUserId uint, query string, offset int, sort string, order string, topic string) ([]*Gist, error) {
var gists []*Gist
err := db.Preload("User").Preload("Forked.User").
tx := db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
Where("gists.title like ? or gists.description like ?", "%"+query+"%", "%"+query+"%").
Limit(11).
Where("gists.title like ? or gists.description like ?", "%"+query+"%", "%"+query+"%")
if topic != "" {
tx = tx.Joins("join gist_topics on gists.id = gist_topics.gist_id").
Where("gist_topics.topic = ?", topic)
}
err := tx.Limit(11).
Offset(offset * 10).
Order("gists." + sort + "_at " + order).
Find(&gists).Error
@@ -154,20 +168,47 @@ func GetAllGistsFromSearch(currentUserId uint, query string, offset int, sort st
}
func gistsFromUserStatement(fromUserId uint, currentUserId uint) *gorm.DB {
return db.Preload("User").Preload("Forked.User").
return db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
Where("users.id = ?", fromUserId).
Joins("join users on gists.user_id = users.id")
}
func GetAllGistsFromUser(fromUserId uint, currentUserId uint, offset int, sort string, order string) ([]*Gist, error) {
func GetAllGistsFromUser(fromUserId uint, currentUserId uint, title string, language string, visibility string, topics []string, offset int, sort string, order string) ([]*Gist, int64, error) {
var gists []*Gist
err := gistsFromUserStatement(fromUserId, currentUserId).Limit(11).
var count int64
baseQuery := gistsFromUserStatement(fromUserId, currentUserId).Model(&Gist{})
if title != "" {
baseQuery = baseQuery.Where("gists.title like ?", "%"+title+"%")
}
if language != "" {
baseQuery = baseQuery.Joins("join gist_languages on gists.id = gist_languages.gist_id").
Where("gist_languages.language = ?", language)
}
if visibility != "" {
baseQuery = baseQuery.Where("gists.private = ?", ParseVisibility(visibility))
}
if len(topics) > 0 {
baseQuery = baseQuery.Joins("join gist_topics on gists.id = gist_topics.gist_id").
Where("gist_topics.topic in ?", topics)
}
err := baseQuery.Count(&count).Error
if err != nil {
return nil, 0, err
}
err = baseQuery.Limit(11).
Offset(offset * 10).
Order("gists." + sort + "_at " + order).
Find(&gists).Error
return gists, err
return gists, count, err
}
func CountAllGistsFromUser(fromUserId uint, currentUserId uint) (int64, error) {
@@ -177,7 +218,7 @@ func CountAllGistsFromUser(fromUserId uint, currentUserId uint) (int64, error) {
}
func likedStatement(fromUserId uint, currentUserId uint) *gorm.DB {
return db.Preload("User").Preload("Forked.User").
return db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
Where("likes.user_id = ?", fromUserId).
Joins("join likes on gists.id = likes.gist_id").
@@ -200,7 +241,7 @@ func CountAllGistsLikedByUser(fromUserId uint, currentUserId uint) (int64, error
}
func forkedStatement(fromUserId uint, currentUserId uint) *gorm.DB {
return db.Preload("User").Preload("Forked.User").
return db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("gists.forked_id is not null and ((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
Where("gists.user_id = ?", fromUserId).
Joins("join users on gists.user_id = users.id")
@@ -242,11 +283,22 @@ func GetAllGistsVisibleByUser(userId uint) ([]uint, error) {
func GetAllGistsByIds(ids []uint) ([]*Gist, error) {
var gists []*Gist
err := db.Preload("User").Preload("Forked.User").
err := db.Preload("User").Preload("Forked.User").Preload("Topics").
Where("id in ?", ids).
Find(&gists).Error
return gists, err
// keep order
ordered := make([]*Gist, 0, len(ids))
for _, wantedId := range ids {
for _, gist := range gists {
if gist.ID == wantedId {
ordered = append(ordered, gist)
break
}
}
}
return ordered, err
}
func (gist *Gist) Create() error {
@@ -259,6 +311,12 @@ func (gist *Gist) CreateForked() error {
}
func (gist *Gist) Update() error {
// reset the topics
err := db.Model(&GistTopic{}).Where("gist_id = ?", gist.ID).Delete(&GistTopic{}).Error
if err != nil {
return err
}
return db.Omit("forked_id").Save(&gist).Error
}
@@ -535,6 +593,113 @@ func (gist *Gist) GetLanguagesFromFiles() ([]string, error) {
return languages, nil
}
func (gist *Gist) GetTopics() ([]string, error) {
var topics []string
err := db.Model(&GistTopic{}).
Where("gist_id = ?", gist.ID).
Pluck("topic", &topics).Error
return topics, err
}
func (gist *Gist) TopicsSlice() []string {
topics := make([]string, 0, len(gist.Topics))
for _, topic := range gist.Topics {
topics = append(topics, topic.Topic)
}
return topics
}
func (gist *Gist) SerialiseInitRepository() error {
var gobBuffer bytes.Buffer
encoder := gob.NewEncoder(&gobBuffer)
if err := encoder.Encode(gist); err != nil {
return fmt.Errorf("gob encoding error: %v", err)
}
return git.SerialiseInitRepository(gist.User.Username, gobBuffer.Bytes())
}
func DeserialiseInitRepository(user string) (*Gist, error) {
data, err := git.DeserialiseInitRepository(user)
if err != nil {
return nil, err
}
var gist Gist
decoder := gob.NewDecoder(bytes.NewReader(data))
if err := decoder.Decode(&gist); err != nil {
return nil, fmt.Errorf("gob decoding error: %v", err)
}
return &gist, nil
}
func (gist *Gist) UpdateLanguages() {
languages, err := gist.GetLanguagesFromFiles()
if err != nil {
log.Error().Err(err).Msgf("Cannot get languages for gist %d", gist.ID)
return
}
slices.Sort(languages)
languages = slices.Compact(languages)
tx := db.Begin()
if tx.Error != nil {
log.Error().Err(tx.Error).Msgf("Cannot start transaction for gist %d", gist.ID)
return
}
if err := tx.Where("gist_id = ?", gist.ID).Delete(&GistLanguage{}).Error; err != nil {
tx.Rollback()
log.Error().Err(err).Msgf("Cannot delete languages for gist %d", gist.ID)
return
}
for _, language := range languages {
gistLanguage := &GistLanguage{
GistID: gist.ID,
Language: language,
}
if err := tx.Create(gistLanguage).Error; err != nil {
tx.Rollback()
log.Error().Err(err).Msgf("Cannot create gist language %s for gist %d", language, gist.ID)
return
}
}
if err := tx.Commit().Error; err != nil {
tx.Rollback()
log.Error().Err(err).Msgf("Cannot commit transaction for gist %d", gist.ID)
return
}
}
func (gist *Gist) ToDTO() (*GistDTO, error) {
files, err := gist.Files("HEAD", false)
if err != nil {
return nil, err
}
fileDTOs := make([]FileDTO, 0, len(files))
for _, file := range files {
fileDTOs = append(fileDTOs, FileDTO{
Filename: file.Filename,
Content: file.Content,
})
}
return &GistDTO{
Title: gist.Title,
Description: gist.Description,
URL: gist.URL,
Files: fileDTOs,
VisibilityDTO: VisibilityDTO{
Private: gist.Private,
},
Topics: strings.Join(gist.TopicsSlice(), " "),
}, nil
}
// -- DTO -- //
type GistDTO struct {
@@ -544,9 +709,14 @@ type GistDTO struct {
Files []FileDTO `validate:"min=1,dive"`
Name []string `form:"name"`
Content []string `form:"content"`
Topics string `validate:"gisttopics" form:"topics"`
VisibilityDTO
}
func (dto *GistDTO) HasMetadata() bool {
return dto.Title != "" || dto.Description != "" || dto.URL != "" || dto.Topics != ""
}
type VisibilityDTO struct {
Private Visibility `validate:"number,min=0,max=2" form:"private"`
}
@@ -562,6 +732,7 @@ func (dto *GistDTO) ToGist() *Gist {
Description: dto.Description,
Private: dto.Private,
URL: dto.URL,
Topics: dto.TopicStrToSlice(),
}
}
@@ -569,9 +740,19 @@ func (dto *GistDTO) ToExistingGist(gist *Gist) *Gist {
gist.Title = dto.Title
gist.Description = dto.Description
gist.URL = dto.URL
gist.Topics = dto.TopicStrToSlice()
return gist
}
func (dto *GistDTO) TopicStrToSlice() []GistTopic {
topics := strings.Fields(dto.Topics)
gistTopics := make([]GistTopic, 0, len(topics))
for _, topic := range topics {
gistTopics = append(gistTopics, GistTopic{Topic: topic})
}
return gistTopics
}
// -- Index -- //
func (gist *Gist) ToIndexedGist() (*index.Gist, error) {
@@ -584,6 +765,9 @@ func (gist *Gist) ToIndexedGist() (*index.Gist, error) {
wholeContent := ""
for _, file := range files {
wholeContent += file.Content
if !strings.HasSuffix(wholeContent, "\n") {
wholeContent += "\n"
}
exts = append(exts, filepath.Ext(file.Filename))
}
@@ -597,6 +781,11 @@ func (gist *Gist) ToIndexedGist() (*index.Gist, error) {
return nil, err
}
topics, err := gist.GetTopics()
if err != nil {
return nil, err
}
indexedGist := &index.Gist{
GistID: gist.ID,
Username: gist.User.Username,
@@ -605,6 +794,7 @@ func (gist *Gist) ToIndexedGist() (*index.Gist, error) {
Filenames: fileNames,
Extensions: exts,
Languages: langs,
Topics: topics,
CreatedAt: gist.CreatedAt,
UpdatedAt: gist.UpdatedAt,
}

29
internal/db/gist_language.go Normal file
View File

@@ -0,0 +1,29 @@
package db
type GistLanguage struct {
GistID uint `gorm:"primaryKey"`
Language string `gorm:"primaryKey;size:100"`
}
func GetGistLanguagesForUser(fromUserId, currentUserId uint) ([]struct {
Language string
Count int64
}, error) {
var results []struct {
Language string
Count int64
}
err := db.Model(&GistLanguage{}).
Select("language, count(*) as count").
Joins("JOIN gists ON gists.id = gist_languages.gist_id").
Joins("JOIN users ON gists.user_id = users.id").
Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
Where("users.id = ?", fromUserId).
Group("language").
Order("count DESC").
Limit(15).
Find(&results).Error
return results, err
}

6
internal/db/gist_topic.go Normal file
View File

@@ -0,0 +1,6 @@
package db
type GistTopic struct {
GistID uint `gorm:"primaryKey"`
Topic string `gorm:"primaryKey;size:50"`
}

15
internal/db/migration.go
View File

@@ -3,7 +3,6 @@ package db
import (
"fmt"
"github.com/rs/zerolog/log"
"gorm.io/gorm"
)
type MigrationVersion struct {
@@ -11,10 +10,10 @@ type MigrationVersion struct {
Version uint
}
func applyMigrations(db *gorm.DB, dbInfo *databaseInfo) error {
func applyMigrations(dbInfo *databaseInfo) error {
switch dbInfo.Type {
case SQLite:
return applySqliteMigrations(db)
return applySqliteMigrations()
case PostgreSQL, MySQL:
return nil
default:
@@ -23,7 +22,7 @@ func applyMigrations(db *gorm.DB, dbInfo *databaseInfo) error {
}
func applySqliteMigrations(db *gorm.DB) error {
func applySqliteMigrations() error {
// Create migration table if it doesn't exist
if err := db.AutoMigrate(&MigrationVersion{}); err != nil {
log.Fatal().Err(err).Msg("Error creating migration version table")
@@ -37,7 +36,7 @@ func applySqliteMigrations(db *gorm.DB) error {
// Define migrations
migrations := []struct {
Version uint
Func func(*gorm.DB) error
Func func() error
}{
{1, v1_modifyConstraintToSSHKeys},
{2, v2_lowercaseEmails},
@@ -53,7 +52,7 @@ func applySqliteMigrations(db *gorm.DB) error {
return err
}
if err := m.Func(db); err != nil {
if err := m.Func(); err != nil {
log.Fatal().Err(err).Msg(fmt.Sprintf("Error applying migration %d:", m.Version))
tx.Rollback()
return err
@@ -73,7 +72,7 @@ func applySqliteMigrations(db *gorm.DB) error {
}
// Modify the constraint on the ssh_keys table to use ON DELETE CASCADE
func v1_modifyConstraintToSSHKeys(db *gorm.DB) error {
func v1_modifyConstraintToSSHKeys() error {
createSQL := `
CREATE TABLE ssh_keys_temp (
id integer primary key,
@@ -108,7 +107,7 @@ func v1_modifyConstraintToSSHKeys(db *gorm.DB) error {
return db.Exec(renameSQL).Error
}
func v2_lowercaseEmails(db *gorm.DB) error {
func v2_lowercaseEmails() error {
// Copy the lowercase emails into the new column
copySQL := `UPDATE users SET email = lower(email);`
return db.Exec(copySQL).Error

11
internal/db/totp.go
View File

@@ -6,9 +6,10 @@ import (
"encoding/hex"
"encoding/json"
"fmt"
"github.com/thomiceli/opengist/internal/auth"
"github.com/thomiceli/opengist/internal/auth/password"
ogtotp "github.com/thomiceli/opengist/internal/auth/totp"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/utils"
"slices"
)
@@ -30,7 +31,7 @@ func GetTOTPByUserID(userID uint) (*TOTP, error) {
func (totp *TOTP) StoreSecret(secret string) error {
secretBytes := []byte(secret)
encrypted, err := utils.AESEncrypt(config.SecretKey, secretBytes)
encrypted, err := auth.AESEncrypt(config.SecretKey, secretBytes)
if err != nil {
return err
}
@@ -45,7 +46,7 @@ func (totp *TOTP) ValidateCode(code string) (bool, error) {
return false, err
}
secretBytes, err := utils.AESDecrypt(config.SecretKey, ciphertext)
secretBytes, err := auth.AESDecrypt(config.SecretKey, ciphertext)
if err != nil {
return false, err
}
@@ -60,7 +61,7 @@ func (totp *TOTP) ValidateRecoveryCode(code string) (bool, error) {
}
for i, hashedCode := range hashedCodes {
ok, err := utils.Argon2id.Verify(code, hashedCode)
ok, err := password.VerifyPassword(code, hashedCode)
if err != nil {
return false, err
}
@@ -106,7 +107,7 @@ func generateRandomCodes() ([]string, []string, error) {
hexCode := hex.EncodeToString(bytes)
code := fmt.Sprintf("%s-%s", hexCode[:length/2], hexCode[length/2:])
plainCodes[i] = code
hashed, err := utils.Argon2id.Hash(code)
hashed, err := password.HashPassword(code)
if err != nil {
return nil, nil, err
}

65
internal/db/user.go
View File

@@ -1,6 +1,7 @@
package db
import (
"github.com/thomiceli/opengist/internal/git"
"gorm.io/gorm"
)
@@ -25,31 +26,36 @@ type User struct {
}
func (user *User) BeforeDelete(tx *gorm.DB) error {
// Decrement likes counter for all gists liked by this user
// The likes will be automatically deleted by the foreign key constraint
err := tx.Model(&Gist{}).
Omit("updated_at").
Where("id IN (?)", tx.
Select("gist_id").
Table("likes").
Where("user_id = ?", user.ID),
).
UpdateColumn("nb_likes", gorm.Expr("nb_likes - 1")).
Error
// Decrement likes counter using derived table
err := tx.Exec(`
UPDATE gists
SET nb_likes = nb_likes - 1
WHERE id IN (
SELECT gist_id
FROM (
SELECT gist_id
FROM likes
WHERE user_id = ?
) AS derived_likes
)
`, user.ID).Error
if err != nil {
return err
}
// Decrement forks counter for all gists forked by this user
err = tx.Model(&Gist{}).
Omit("updated_at").
Where("id IN (?)", tx.
Select("forked_id").
Table("gists").
Where("user_id = ?", user.ID),
).
UpdateColumn("nb_forks", gorm.Expr("nb_forks - 1")).
Error
// Decrement forks counter using derived table
err = tx.Exec(`
UPDATE gists
SET nb_forks = nb_forks - 1
WHERE id IN (
SELECT forked_id
FROM (
SELECT forked_id
FROM gists
WHERE user_id = ? AND forked_id IS NOT NULL
) AS derived_forks
)
`, user.ID).Error
if err != nil {
return err
}
@@ -64,8 +70,17 @@ func (user *User) BeforeDelete(tx *gorm.DB) error {
return err
}
// Delete all gists created by this user
return tx.Where("user_id = ?", user.ID).Delete(&Gist{}).Error
err = tx.Where("user_id = ?", user.ID).Delete(&Gist{}).Error
if err != nil {
return err
}
// Delete user directory
if err = git.DeleteUserDirectory(user.Username); err != nil {
return err
}
return nil
}
func UserExists(username string) (bool, error) {
@@ -232,3 +247,7 @@ func (dto *UserDTO) ToUser() *User {
Password: dto.Password,
}
}
type UserUsernameDTO struct {
Username string `form:"username" validate:"required,max=24,alphanumdash,notreserved"`
}

6
internal/db/webauth_credential.go
View File

@@ -73,8 +73,7 @@ func GetUserByCredentialID(credID binaryData) (*User, error) {
if err = db.Preload("User").Where("credential_id = decode(?, 'hex')", hexCredID).First(&credential).Error; err != nil {
return nil, err
}
case "mysql":
case "sqlite":
case "mysql", "sqlite":
hexCredID := hex.EncodeToString(credID)
if err = db.Preload("User").Where("credential_id = unhex(?)", hexCredID).First(&credential).Error; err != nil {
return nil, err
@@ -100,8 +99,7 @@ func GetCredentialByID(id binaryData) (*WebAuthnCredential, error) {
if err = db.Where("credential_id = decode(?, 'hex')", hexCredID).First(&cred).Error; err != nil {
return nil, err
}
case "mysql":
case "sqlite":
case "mysql", "sqlite":
hexCredID := hex.EncodeToString(id)
if err = db.Where("credential_id = unhex(?)", hexCredID).First(&cred).Error; err != nil {
return nil, err

69
internal/git/commands.go
View File

@@ -4,6 +4,7 @@ import (
"bufio"
"bytes"
"context"
"encoding/base64"
"fmt"
"io"
"net/url"
@@ -38,6 +39,10 @@ func RepositoryPath(user string, gist string) string {
return filepath.Join(config.GetHomeDir(), ReposDirectory, strings.ToLower(user), gist)
}
func UserRepositoriesPath(user string) string {
return filepath.Join(config.GetHomeDir(), ReposDirectory, strings.ToLower(user))
}
func RepositoryUrl(ctx echo.Context, user string, gist string) string {
httpProtocol := "http"
if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
@@ -485,6 +490,22 @@ func GcRepos() error {
return err
}
func ResetHooks() error {
entries, err := filepath.Glob(filepath.Join(config.GetHomeDir(), ReposDirectory, "*", "*"))
if err != nil {
return err
}
for _, e := range entries {
repoPath := strings.Split(e, string(os.PathSeparator))
if err := CreateDotGitFiles(repoPath[len(repoPath)-2], repoPath[len(repoPath)-1]); err != nil {
log.Error().Err(err).Msgf("Cannot reset hooks for repository %s/%s", repoPath[len(repoPath)-2], repoPath[len(repoPath)-1])
}
}
return nil
}
func HasNoCommits(user string, gist string) (bool, error) {
repositoryPath := RepositoryPath(user, gist)
@@ -540,6 +561,54 @@ func CreateDotGitFiles(user string, gist string) error {
return nil
}
func DeleteUserDirectory(user string) error {
return os.RemoveAll(filepath.Join(config.GetHomeDir(), ReposDirectory, user))
}
func SerialiseInitRepository(user string, serialized []byte) error {
userRepositoryPath := UserRepositoriesPath(user)
initPath := filepath.Join(userRepositoryPath, "_init")
f, err := os.OpenFile(initPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
return err
}
defer f.Close()
encodedData := base64.StdEncoding.EncodeToString(serialized)
_, err = f.Write(append([]byte(encodedData), '\n'))
return err
}
func DeserialiseInitRepository(user string) ([]byte, error) {
initPath := filepath.Join(UserRepositoriesPath(user), "_init")
content, err := os.ReadFile(initPath)
if err != nil {
return nil, err
}
idx := bytes.Index(content, []byte{'\n'})
if idx == -1 {
return base64.StdEncoding.DecodeString(string(content))
}
firstLine := content[:idx]
remaining := content[idx+1:]
if len(remaining) == 0 {
if err := os.Remove(initPath); err != nil {
return nil, fmt.Errorf("failed to remove file: %v", err)
}
} else {
if err := os.WriteFile(initPath, remaining, 0644); err != nil {
return nil, fmt.Errorf("failed to write remaining content: %v", err)
}
}
return base64.StdEncoding.DecodeString(string(firstLine))
}
func createDotGitHookFile(repositoryPath string, hook string, content string) error {
preReceiveDst, err := os.OpenFile(filepath.Join(repositoryPath, "hooks", hook), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0744)
if err != nil {

11
internal/hooks/post_receive.go
View File

@@ -5,7 +5,7 @@ import (
"fmt"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/utils"
validatorpkg "github.com/thomiceli/opengist/internal/validator"
"io"
"os"
"os/exec"
@@ -18,7 +18,7 @@ func PostReceive(in io.Reader, out, er io.Writer) error {
newGist := false
opts := pushOptions()
gistUrl := os.Getenv("OPENGIST_REPOSITORY_URL_INTERNAL")
validator := utils.NewValidator()
validator := validatorpkg.NewValidator()
scanner := bufio.NewScanner(in)
for scanner.Scan() {
@@ -46,7 +46,7 @@ func PostReceive(in io.Reader, out, er io.Writer) error {
}
if slices.Contains([]string{"public", "unlisted", "private"}, opts["visibility"]) {
gist.Private, _ = db.ParseVisibility(opts["visibility"])
gist.Private = db.ParseVisibility(opts["visibility"])
outputSb.WriteString(fmt.Sprintf("Gist visibility set to %s\n\n", opts["visibility"]))
}
@@ -65,6 +65,11 @@ func PostReceive(in io.Reader, out, er io.Writer) error {
outputSb.WriteString(fmt.Sprintf("Gist title set to \"%s\"\n\n", opts["title"]))
}
if opts["description"] != "" && validator.Var(opts["description"], "max=1000") == nil {
gist.Description = opts["description"]
outputSb.WriteString(fmt.Sprintf("Gist description set to \"%s\"\n\n", opts["description"]))
}
if hasNoCommits, err := git.HasNoCommits(gist.User.Username, gist.Uuid); err != nil {
_, _ = fmt.Fprintln(er, "Failed to check if gist has no commits")
return fmt.Errorf("failed to check if gist has no commits: %w", err)

40
internal/i18n/locales/de-DE.yml
View File

@@ -46,7 +46,7 @@ gist.new.create-private-button: 'Private Gist erstellen'
gist.new.preview: 'Vorschau'
gist.new.create-a-new-gist: 'Neue Gist erstellen'
gist.edit.editing: 'Bearbeiten'
gist.edit.editing: 'In Bearbeitung'
gist.edit.edit-gist: '%s bearbeiten'
gist.edit.change-visibility: 'Sichtbarkeit ändern'
gist.edit.delete: 'Löschen'
@@ -142,7 +142,7 @@ auth.username: 'Benutzername'
auth.password: 'Passwort'
auth.register-instead: 'Stattdessen registrieren'
auth.login-instead: 'Stattdessen anmelden'
auth.oauth: 'Weiter mit %s Account'
auth.oauth: 'Weiter mit %s Konto'
error: 'Fehler'
error.page-not-found: 'Seite nicht gefunden'
@@ -267,3 +267,39 @@ validation.not-enough: 'Nicht genug %s'
validation.invalid: 'Ungültiges %s'
html.title.admin-panel: 'Admin-Panel'
auth.totp.regenerate-recovery-codes: Wiederherstellungscodes neu generieren
auth.totp.already-enabled: TOTP ist bereits aktiv
auth.totp.invalid-secret: Ungültiger TOTP Sicherheitsschlüssel
auth.totp.disable: TOTP ausschalten
auth.mfa.passkey: Hauptschlüssel
auth.mfa.use-passkey: Hauptschlüssel nutzen
auth.mfa.use-passkey-to-finish: Nutzen Sie einen Hauptschlüssel, um Authentisierung abzuschliessen
auth.totp.invalid-code: Ungültiger TOTP Code
auth.mfa: Multi-Faktor Authentisierung
gist.delete.confirm: Sind Sie sich sicher, ob Sie dieses Gist löschen wollen?
auth.mfa.passkeys: Hauptschlüssel
auth.mfa.bind-passkey: Hauptschlüssel verbinden
auth.mfa.login-with-passkey: Mit Hauptschlüssel einloggen
auth.mfa.waiting-for-passkey-input: Auf Eingabe von Browser-Interaktion warten...
auth.mfa.passkey-name: Name
auth.mfa.delete-passkey: Löschen
auth.mfa.passkey-added-at: Hinzugefügt
auth.mfa.passkey-never-used: Niemals benutzt
auth.mfa.passkey-last-used: Zuletzt benutzt
auth.totp.code: Code
auth.totp.proceed: Fortfahren
admin.invitations.delete_confirm: Willst du diese Einladung löschen?
flash.auth.passkey-deleted: Hauptschlüssel gelöscht
flash.auth.passkey-registred: Hauptschlüssel %s wurde registriert
auth.totp: Zeitbasiertes Einmal-Passwort (TOTP)
auth.totp.use: TOTP einrichten
auth.totp.help: TOTP ist eine Zwei-Faktor-Authentifizierungsmethode, welche ein gemeinsames Geheimnis verwendet, um ein Einmal-Passwort zu generieren.
auth.totp.code-used: Der Wiederherstellungscode %s wurde verwendet. Dieser ist nun ungültig. Du solltest die Zwei-Faktor-Authentifizierung möglicherweise vorübergehend deaktivieren oder deine Codes neu generieren.
auth.totp.disabled: TOTP erfolgreich deaktiviert
auth.mfa.passkeys-help: Füge einen Passkey hinzu, um dich bei deinem Account anzumelden und ihn als Zwei-Faktor-Methode zu verwenden.
auth.mfa.delete-passkey-confirm: Löschen des Hauptschlüssels bestätigen
auth.totp.submit: Bestätigen
auth.totp.scan-qr-code: Scanne den unten stehenden QR-Code mit deiner Authentifizierungs-App, um die Zwei-Faktor-Authentifizierung zu aktivieren, oder gib den folgenden Schlüssel ein und bestätige anschliessend mit dem generierten Code.
auth.totp.enter-code: Gib den Code aus deiner Authentifizierungs-App ein
auth.totp.save-recovery-codes: Speichere deine Wiederherstellungscodes an einem sicheren Ort. Du kannst diese Codes verwenden, um wieder Zugang zu deinem Account zu erlangen, wenn du den Zugriff auf deine Authentifizierungs-App verloren hast.
error.not-in-mfa-session: Nutzer ist nicht in einer Zwei-Faktor-Sitzung

17
internal/i18n/locales/en-US.yml
View File

@@ -45,6 +45,7 @@ gist.new.create-unlisted-button: Create unlisted gist
gist.new.create-private-button: Create private gist
gist.new.preview: Preview
gist.new.create-a-new-gist: Create a new gist
gist.new.topics: Topics (separate with spaces)
gist.edit.editing: Editing
gist.edit.edit-gist: Edit %s
@@ -74,6 +75,9 @@ gist.list.no-gists: No gists
gist.list.all-liked-by: All gists liked by %s
gist.list.all-forked-by: All gists forked by %s
gist.list.all-from: All gists from %s
gist.list.topic-results-topic: All gists matching topic %s
gist.list.topic-results: All gists matching topic
gist.search.found: gists found
gist.search.no-results: No gists found
@@ -82,6 +86,16 @@ gist.search.help.title: gists with given title
gist.search.help.filename: gists having files with given name
gist.search.help.extension: gists having files with given extension
gist.search.help.language: gists having files with given language
gist.search.help.topic: gists with given topic
gist.search.placeholder.title: Title
gist.search.placeholder.visibility: Visibility
gist.search.placeholder.public: Public
gist.search.placeholder.unlisted: Unlisted
gist.search.placeholder.private: Private
gist.search.placeholder.language: Language
gist.search.placeholder.all: All
gist.search.placeholder.topics: Topics
gist.search.placeholder.search: Search
gist.forks: Forks
gist.forks.view: View fork
@@ -228,6 +242,7 @@ admin.actions.git-gc: Garbage collect all git repositories
admin.actions.sync-previews: Synchronize all gists previews
admin.actions.reset-hooks: Reset Git server hooks for all repositories
admin.actions.index-gists: Index all gists
admin.actions.sync-gist-languages: Synchronize all gists languages
admin.id: ID
admin.user: User
admin.delete: Delete
@@ -273,6 +288,7 @@ flash.admin.git-gc: Garbage collecting repositories...
flash.admin.sync-previews: Syncing Gist previews...
flash.admin.reset-hooks: Resetting Git server hooks for all repositories...
flash.admin.index-gists: Indexing all gists...
flash.admin.sync-gist-languages: Syncing Gist languages...
flash.auth.username-exists: Username already exists
flash.auth.invalid-credentials: Invalid credentials
@@ -303,5 +319,6 @@ validation.should-only-contain-alphanumeric-characters: Field %s should only con
validation.should-only-contain-alphanumeric-characters-and-dashes: Field %s should only contain alphanumeric characters and dashes
validation.not-enough: Not enough %s
validation.invalid: Invalid %s
validation.invalid-gist-topics: Invalid gist topics, they must start with a letter or number, consist of 50 characters or less, and can include hyphens
html.title.admin-panel: Admin panel

1
internal/i18n/locales/pl_PL.yml
View File

@@ -304,3 +304,4 @@ validation.not-enough: 'Nie wystarczająco %s'
validation.invalid: 'Niepoprawny %s'
html.title.admin-panel: 'Panel administracyjny'
admin.invitations.delete_confirm: Czy chcesz usunąć to zaproszenie?

1
internal/i18n/locales/zh-CN.yml
View File

@@ -294,3 +294,4 @@ auth.totp.code: 代码
auth.totp.submit: 提交
auth.totp.proceed: 继续
auth.totp.save-recovery-codes: 请将您的恢复代码保存在安全的地方。在您无法访问身份验证应用程序时,可以使用这些代码恢复访问。
admin.invitations.delete_confirm: 您想要删除此邀请吗?

3
internal/index/bleve.go
View File

@@ -170,13 +170,14 @@ func SearchGists(queryStr string, queryMetadata SearchGistMetadata, gistsIds []u
addQuery("Extensions", "."+queryMetadata.Extension)
addQuery("Filenames", queryMetadata.Filename)
addQuery("Languages", queryMetadata.Language)
addQuery("Topics", queryMetadata.Topic)
languageFacet := bleve.NewFacetRequest("Languages", 10)
perPage := 10
offset := (page - 1) * perPage
s := bleve.NewSearchRequestOptions(indexerQuery, perPage, offset, false)
s := bleve.NewSearchRequestOptions(indexerQuery, perPage+1, offset, false)
s.AddFacet("languageFacet", languageFacet)
s.Fields = []string{"GistID"}
s.IncludeLocations = false

2
internal/index/gist.go
View File

@@ -8,6 +8,7 @@ type Gist struct {
Filenames []string
Extensions []string
Languages []string
Topics []string
CreatedAt int64
UpdatedAt int64
}
@@ -18,4 +19,5 @@ type SearchGistMetadata struct {
Filename string
Extension string
Language string
Topic string
}

72
internal/memdb/memdb.go
View File

@@ -1,72 +0,0 @@
package memdb
import "github.com/hashicorp/go-memdb"
import ogdb "github.com/thomiceli/opengist/internal/db"
var db *memdb.MemDB
type GistInit struct {
UserID uint
Gist *ogdb.Gist
}
func Setup() error {
var err error
schema := &memdb.DBSchema{
Tables: map[string]*memdb.TableSchema{
"gist_init": {
Name: "gist_init",
Indexes: map[string]*memdb.IndexSchema{
"id": {
Name: "id",
Unique: true,
Indexer: &memdb.UintFieldIndex{Field: "UserID"},
},
},
},
},
}
db, err = memdb.NewMemDB(schema)
if err != nil {
return err
}
return nil
}
func InsertGistInit(userId uint, gist *ogdb.Gist) error {
txn := db.Txn(true)
if err := txn.Insert("gist_init", &GistInit{
UserID: userId,
Gist: gist,
}); err != nil {
txn.Abort()
return err
}
txn.Commit()
return nil
}
func GetGistInitAndDelete(userId uint) (*GistInit, error) {
txn := db.Txn(true)
defer txn.Abort()
raw, err := txn.First("gist_init", "id", userId)
if err != nil {
return nil, err
}
if raw == nil {
return nil, nil
}
gistInit := raw.(*GistInit)
if err := txn.Delete("gist_init", gistInit); err != nil {
return nil, err
}
txn.Commit()
return gistInit, nil
}

2
internal/utils/session.go → internal/session/session.go
View File

@@ -1,4 +1,4 @@
package utils
package session
import (
"github.com/gorilla/securecookie"

13
internal/utils/slice.go
View File

@@ -1,13 +0,0 @@
package utils
func RemoveDuplicates[T string | int](sliceList []T) []T {
allKeys := make(map[T]bool)
list := []T{}
for _, item := range sliceList {
if _, value := allKeys[item]; !value {
allKeys[item] = true
list = append(list, item)
}
}
return list
}

32
internal/utils/validator.go → internal/validator/validator.go
View File

@@ -1,4 +1,4 @@
package utils
package validator
import (
"github.com/go-playground/validator/v10"
@@ -16,6 +16,7 @@ func NewValidator() *OpengistValidator {
_ = v.RegisterValidation("notreserved", validateReservedKeywords)
_ = v.RegisterValidation("alphanumdash", validateAlphaNumDash)
_ = v.RegisterValidation("alphanumdashorempty", validateAlphaNumDashOrEmpty)
_ = v.RegisterValidation("gisttopics", validateGistTopics)
return &OpengistValidator{v}
}
@@ -40,13 +41,14 @@ func ValidationMessages(err *error, locale *i18n.Locale) string {
messages[i] = locale.String("validation.should-not-include-sub-directory", e.Field())
case "alphanum":
messages[i] = locale.String("validation.should-only-contain-alphanumeric-characters", e.Field())
case "alphanumdash":
case "alphanumdashorempty":
case "alphanumdash", "alphanumdashorempty":
messages[i] = locale.String("validation.should-only-contain-alphanumeric-characters-and-dashes", e.Field())
case "min":
messages[i] = locale.String("validation.not-enough", e.Field())
case "notreserved":
messages[i] = locale.String("validation.invalid", e.Field())
case "gisttopics":
messages[i] = locale.String("validation.invalid-gist-topics")
}
}
@@ -73,3 +75,27 @@ func validateAlphaNumDash(fl validator.FieldLevel) bool {
func validateAlphaNumDashOrEmpty(fl validator.FieldLevel) bool {
return regexp.MustCompile(`^$|^[a-zA-Z0-9-]+$`).MatchString(fl.Field().String())
}
func validateGistTopics(fl validator.FieldLevel) bool {
topicsInput := fl.Field().String()
if topicsInput == "" {
return true
}
topics := strings.Fields(topicsInput)
if len(topics) > 10 {
return false
}
for _, tag := range topics {
if len(tag) > 50 {
return false
}
if !regexp.MustCompile(`^[a-zA-Z0-9-]+$`).MatchString(tag) {
return false
}
}
return true
}

236
internal/web/admin.go
View File

@@ -1,236 +0,0 @@
package web
import (
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/actions"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"runtime"
"strconv"
"time"
)
func adminIndex(ctx echo.Context) error {
setData(ctx, "htmlTitle", trH(ctx, "admin.admin_panel"))
setData(ctx, "adminHeaderPage", "index")
setData(ctx, "opengistVersion", config.OpengistVersion)
setData(ctx, "goVersion", runtime.Version())
gitVersion, err := git.GetGitVersion()
if err != nil {
return errorRes(500, "Cannot get git version", err)
}
setData(ctx, "gitVersion", gitVersion)
countUsers, err := db.CountAll(&db.User{})
if err != nil {
return errorRes(500, "Cannot count users", err)
}
setData(ctx, "countUsers", countUsers)
countGists, err := db.CountAll(&db.Gist{})
if err != nil {
return errorRes(500, "Cannot count gists", err)
}
setData(ctx, "countGists", countGists)
countKeys, err := db.CountAll(&db.SSHKey{})
if err != nil {
return errorRes(500, "Cannot count SSH keys", err)
}
setData(ctx, "countKeys", countKeys)
setData(ctx, "syncReposFromFS", actions.IsRunning(actions.SyncReposFromFS))
setData(ctx, "syncReposFromDB", actions.IsRunning(actions.SyncReposFromDB))
setData(ctx, "gitGcRepos", actions.IsRunning(actions.GitGcRepos))
setData(ctx, "syncGistPreviews", actions.IsRunning(actions.SyncGistPreviews))
setData(ctx, "resetHooks", actions.IsRunning(actions.ResetHooks))
setData(ctx, "indexGists", actions.IsRunning(actions.IndexGists))
return html(ctx, "admin_index.html")
}
func adminUsers(ctx echo.Context) error {
setData(ctx, "htmlTitle", trH(ctx, "admin.users")+" - "+trH(ctx, "admin.admin_panel"))
setData(ctx, "adminHeaderPage", "users")
pageInt := getPage(ctx)
var data []*db.User
var err error
if data, err = db.GetAllUsers(pageInt - 1); err != nil {
return errorRes(500, "Cannot get users", err)
}
if err = paginate(ctx, data, pageInt, 10, "data", "admin-panel/users", 1); err != nil {
return errorRes(404, tr(ctx, "error.page-not-found"), nil)
}
return html(ctx, "admin_users.html")
}
func adminGists(ctx echo.Context) error {
setData(ctx, "htmlTitle", trH(ctx, "admin.gists")+" - "+trH(ctx, "admin.admin_panel"))
setData(ctx, "adminHeaderPage", "gists")
pageInt := getPage(ctx)
var data []*db.Gist
var err error
if data, err = db.GetAllGists(pageInt - 1); err != nil {
return errorRes(500, "Cannot get gists", err)
}
if err = paginate(ctx, data, pageInt, 10, "data", "admin-panel/gists", 1); err != nil {
return errorRes(404, tr(ctx, "error.page-not-found"), nil)
}
return html(ctx, "admin_gists.html")
}
func adminUserDelete(ctx echo.Context) error {
userId, _ := strconv.ParseUint(ctx.Param("user"), 10, 64)
user, err := db.GetUserById(uint(userId))
if err != nil {
return errorRes(500, "Cannot retrieve user", err)
}
if err := user.Delete(); err != nil {
return errorRes(500, "Cannot delete this user", err)
}
addFlash(ctx, tr(ctx, "flash.admin.user-deleted"), "success")
return redirect(ctx, "/admin-panel/users")
}
func adminGistDelete(ctx echo.Context) error {
gist, err := db.GetGistByID(ctx.Param("gist"))
if err != nil {
return errorRes(500, "Cannot retrieve gist", err)
}
if err = gist.DeleteRepository(); err != nil {
return errorRes(500, "Cannot delete the repository", err)
}
if err = gist.Delete(); err != nil {
return errorRes(500, "Cannot delete this gist", err)
}
gist.RemoveFromIndex()
addFlash(ctx, tr(ctx, "flash.admin.gist-deleted"), "success")
return redirect(ctx, "/admin-panel/gists")
}
func adminSyncReposFromFS(ctx echo.Context) error {
addFlash(ctx, tr(ctx, "flash.admin.sync-fs"), "success")
go actions.Run(actions.SyncReposFromFS)
return redirect(ctx, "/admin-panel")
}
func adminSyncReposFromDB(ctx echo.Context) error {
addFlash(ctx, tr(ctx, "flash.admin.sync-db"), "success")
go actions.Run(actions.SyncReposFromDB)
return redirect(ctx, "/admin-panel")
}
func adminGcRepos(ctx echo.Context) error {
addFlash(ctx, tr(ctx, "flash.admin.git-gc"), "success")
go actions.Run(actions.GitGcRepos)
return redirect(ctx, "/admin-panel")
}
func adminSyncGistPreviews(ctx echo.Context) error {
addFlash(ctx, tr(ctx, "flash.admin.sync-previews"), "success")
go actions.Run(actions.SyncGistPreviews)
return redirect(ctx, "/admin-panel")
}
func adminResetHooks(ctx echo.Context) error {
addFlash(ctx, tr(ctx, "flash.admin.reset-hooks"), "success")
go actions.Run(actions.ResetHooks)
return redirect(ctx, "/admin-panel")
}
func adminIndexGists(ctx echo.Context) error {
addFlash(ctx, tr(ctx, "flash.admin.index-gists"), "success")
go actions.Run(actions.IndexGists)
return redirect(ctx, "/admin-panel")
}
func adminConfig(ctx echo.Context) error {
setData(ctx, "htmlTitle", trH(ctx, "admin.configuration")+" - "+trH(ctx, "admin.admin_panel"))
setData(ctx, "adminHeaderPage", "config")
setData(ctx, "dbtype", db.DatabaseInfo.Type.String())
setData(ctx, "dbname", db.DatabaseInfo.Database)
return html(ctx, "admin_config.html")
}
func adminSetConfig(ctx echo.Context) error {
key := ctx.FormValue("key")
value := ctx.FormValue("value")
if err := db.UpdateSetting(key, value); err != nil {
return errorRes(500, "Cannot set setting", err)
}
return ctx.JSON(200, map[string]interface{}{
"success": true,
})
}
func adminInvitations(ctx echo.Context) error {
setData(ctx, "htmlTitle", trH(ctx, "admin.invitations")+" - "+trH(ctx, "admin.admin_panel"))
setData(ctx, "adminHeaderPage", "invitations")
var invitations []*db.Invitation
var err error
if invitations, err = db.GetAllInvitations(); err != nil {
return errorRes(500, "Cannot get invites", err)
}
setData(ctx, "invitations", invitations)
return html(ctx, "admin_invitations.html")
}
func adminInvitationsCreate(ctx echo.Context) error {
code := ctx.FormValue("code")
nbMax, err := strconv.ParseUint(ctx.FormValue("nbMax"), 10, 64)
if err != nil {
nbMax = 10
}
expiresAtUnix, err := strconv.ParseInt(ctx.FormValue("expiredAtUnix"), 10, 64)
if err != nil {
expiresAtUnix = time.Now().Unix() + 604800 // 1 week
}
invitation := &db.Invitation{
Code: code,
ExpiresAt: expiresAtUnix,
NbMax: uint(nbMax),
}
if err := invitation.Create(); err != nil {
return errorRes(500, "Cannot create invitation", err)
}
addFlash(ctx, tr(ctx, "flash.admin.invitation-created"), "success")
return redirect(ctx, "/admin-panel/invitations")
}
func adminInvitationsDelete(ctx echo.Context) error {
id, _ := strconv.ParseUint(ctx.Param("id"), 10, 64)
invitation, err := db.GetInvitationByID(uint(id))
if err != nil {
return errorRes(500, "Cannot retrieve invitation", err)
}
if err := invitation.Delete(); err != nil {
return errorRes(500, "Cannot delete this invitation", err)
}
addFlash(ctx, tr(ctx, "flash.admin.invitation-deleted"), "success")
return redirect(ctx, "/admin-panel/invitations")
}

815
internal/web/auth.go
View File

@@ -1,815 +0,0 @@
package web
import (
"bytes"
"context"
"crypto/md5"
gojson "encoding/json"
"errors"
"fmt"
"github.com/labstack/echo/v4"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
"github.com/markbates/goth/providers/gitea"
"github.com/markbates/goth/providers/github"
"github.com/markbates/goth/providers/gitlab"
"github.com/markbates/goth/providers/openidConnect"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/auth/totp"
"github.com/thomiceli/opengist/internal/auth/webauthn"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/utils"
"golang.org/x/text/cases"
"golang.org/x/text/language"
"gorm.io/gorm"
"io"
"net/http"
"net/url"
"strings"
)
const (
GitHubProvider = "github"
GitLabProvider = "gitlab"
GiteaProvider = "gitea"
OpenIDConnect = "openid-connect"
)
func register(ctx echo.Context) error {
disableSignup := getData(ctx, "DisableSignup")
disableForm := getData(ctx, "DisableLoginForm")
code := ctx.QueryParam("code")
if code != "" {
if invitation, err := db.GetInvitationByCode(code); err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
return errorRes(500, "Cannot check for invitation code", err)
} else if invitation != nil && invitation.IsUsable() {
disableSignup = false
}
}
setData(ctx, "title", trH(ctx, "auth.new-account"))
setData(ctx, "htmlTitle", trH(ctx, "auth.new-account"))
setData(ctx, "disableForm", disableForm)
setData(ctx, "disableSignup", disableSignup)
setData(ctx, "isLoginPage", false)
return html(ctx, "auth_form.html")
}
func processRegister(ctx echo.Context) error {
disableSignup := getData(ctx, "DisableSignup")
code := ctx.QueryParam("code")
invitation, err := db.GetInvitationByCode(code)
if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
return errorRes(500, "Cannot check for invitation code", err)
} else if invitation.ID != 0 && invitation.IsUsable() {
disableSignup = false
}
if disableSignup == true {
return errorRes(403, tr(ctx, "error.signup-disabled"), nil)
}
if getData(ctx, "DisableLoginForm") == true {
return errorRes(403, tr(ctx, "error.signup-disabled-form"), nil)
}
setData(ctx, "title", trH(ctx, "auth.new-account"))
setData(ctx, "htmlTitle", trH(ctx, "auth.new-account"))
sess := getSession(ctx)
dto := new(db.UserDTO)
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
return html(ctx, "auth_form.html")
}
if exists, err := db.UserExists(dto.Username); err != nil || exists {
addFlash(ctx, tr(ctx, "flash.auth.username-exists"), "error")
return html(ctx, "auth_form.html")
}
user := dto.ToUser()
password, err := utils.Argon2id.Hash(user.Password)
if err != nil {
return errorRes(500, "Cannot hash password", err)
}
user.Password = password
if err = user.Create(); err != nil {
return errorRes(500, "Cannot create user", err)
}
if user.ID == 1 {
if err = user.SetAdmin(); err != nil {
return errorRes(500, "Cannot set user admin", err)
}
}
if invitation.ID != 0 {
if err := invitation.Use(); err != nil {
return errorRes(500, "Cannot use invitation", err)
}
}
sess.Values["user"] = user.ID
saveSession(sess, ctx)
return redirect(ctx, "/")
}
func login(ctx echo.Context) error {
setData(ctx, "title", trH(ctx, "auth.login"))
setData(ctx, "htmlTitle", trH(ctx, "auth.login"))
setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
setData(ctx, "isLoginPage", true)
return html(ctx, "auth_form.html")
}
func processLogin(ctx echo.Context) error {
if getData(ctx, "DisableLoginForm") == true {
return errorRes(403, tr(ctx, "error.login-disabled-form"), nil)
}
var err error
sess := getSession(ctx)
dto := &db.UserDTO{}
if err = ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
password := dto.Password
var user *db.User
if user, err = db.GetUserByUsername(dto.Username); err != nil {
if !errors.Is(err, gorm.ErrRecordNotFound) {
return errorRes(500, "Cannot get user", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
addFlash(ctx, tr(ctx, "flash.auth.invalid-credentials"), "error")
return redirect(ctx, "/login")
}
if ok, err := utils.Argon2id.Verify(password, user.Password); !ok {
if err != nil {
return errorRes(500, "Cannot check for password", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
addFlash(ctx, tr(ctx, "flash.auth.invalid-credentials"), "error")
return redirect(ctx, "/login")
}
// handle MFA
var hasWebauthn, hasTotp bool
if hasWebauthn, hasTotp, err = user.HasMFA(); err != nil {
return errorRes(500, "Cannot check for user MFA", err)
}
if hasWebauthn || hasTotp {
sess.Values["mfaID"] = user.ID
sess.Options.MaxAge = 5 * 60 // 5 minutes
saveSession(sess, ctx)
return redirect(ctx, "/mfa")
}
sess.Values["user"] = user.ID
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
saveSession(sess, ctx)
deleteCsrfCookie(ctx)
return redirect(ctx, "/")
}
func mfa(ctx echo.Context) error {
var err error
user := db.User{ID: getSession(ctx).Values["mfaID"].(uint)}
var hasWebauthn, hasTotp bool
if hasWebauthn, hasTotp, err = user.HasMFA(); err != nil {
return errorRes(500, "Cannot check for user MFA", err)
}
setData(ctx, "hasWebauthn", hasWebauthn)
setData(ctx, "hasTotp", hasTotp)
return html(ctx, "mfa.html")
}
func oauthCallback(ctx echo.Context) error {
user, err := gothic.CompleteUserAuth(ctx.Response(), ctx.Request())
if err != nil {
return errorRes(400, tr(ctx, "error.complete-oauth-login", err.Error()), err)
}
currUser := getUserLogged(ctx)
if currUser != nil {
// if user is logged in, link account to user and update its avatar URL
updateUserProviderInfo(currUser, user.Provider, user)
if err = currUser.Update(); err != nil {
return errorRes(500, "Cannot update user "+cases.Title(language.English).String(user.Provider)+" id", err)
}
addFlash(ctx, tr(ctx, "flash.auth.account-linked-oauth", cases.Title(language.English).String(user.Provider)), "success")
return redirect(ctx, "/settings")
}
// if user is not in database, create it
userDB, err := db.GetUserByProvider(user.UserID, user.Provider)
if err != nil {
if getData(ctx, "DisableSignup") == true {
return errorRes(403, tr(ctx, "error.signup-disabled"), nil)
}
if !errors.Is(err, gorm.ErrRecordNotFound) {
return errorRes(500, "Cannot get user", err)
}
if user.NickName == "" {
user.NickName = strings.Split(user.Email, "@")[0]
}
userDB = &db.User{
Username: user.NickName,
Email: user.Email,
MD5Hash: fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(user.Email))))),
}
// set provider id and avatar URL
updateUserProviderInfo(userDB, user.Provider, user)
if err = userDB.Create(); err != nil {
if db.IsUniqueConstraintViolation(err) {
addFlash(ctx, tr(ctx, "flash.auth.username-exists"), "error")
return redirect(ctx, "/login")
}
return errorRes(500, "Cannot create user", err)
}
if userDB.ID == 1 {
if err = userDB.SetAdmin(); err != nil {
return errorRes(500, "Cannot set user admin", err)
}
}
var resp *http.Response
switch user.Provider {
case GitHubProvider:
resp, err = http.Get("https://github.com/" + user.NickName + ".keys")
case GitLabProvider:
resp, err = http.Get(urlJoin(config.C.GitlabUrl, user.NickName+".keys"))
case GiteaProvider:
resp, err = http.Get(urlJoin(config.C.GiteaUrl, user.NickName+".keys"))
case OpenIDConnect:
err = errors.New("cannot get keys from OIDC provider")
}
if err == nil {
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
addFlash(ctx, tr(ctx, "flash.auth.user-sshkeys-not-retrievable"), "error")
log.Error().Err(err).Msg("Could not get user keys")
}
keys := strings.Split(string(body), "\n")
if len(keys[len(keys)-1]) == 0 {
keys = keys[:len(keys)-1]
}
for _, key := range keys {
sshKey := db.SSHKey{
Title: "Added from " + user.Provider,
Content: key,
User: *userDB,
}
if err = sshKey.Create(); err != nil {
addFlash(ctx, tr(ctx, "flash.auth.user-sshkeys-not-created"), "error")
log.Error().Err(err).Msg("Could not create ssh key")
}
}
}
}
sess := getSession(ctx)
sess.Values["user"] = userDB.ID
saveSession(sess, ctx)
deleteCsrfCookie(ctx)
return redirect(ctx, "/")
}
func oauth(ctx echo.Context) error {
provider := ctx.Param("provider")
httpProtocol := "http"
if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
httpProtocol = "https"
}
forwarded_hdr := ctx.Request().Header.Get("Forwarded")
if forwarded_hdr != "" {
fields := strings.Split(forwarded_hdr, ";")
fwd := make(map[string]string)
for _, v := range fields {
p := strings.Split(v, "=")
fwd[p[0]] = p[1]
}
val, ok := fwd["proto"]
if ok && val == "https" {
httpProtocol = "https"
}
}
var opengistUrl string
if config.C.ExternalUrl != "" {
opengistUrl = config.C.ExternalUrl
} else {
opengistUrl = httpProtocol + "://" + ctx.Request().Host
}
switch provider {
case GitHubProvider:
goth.UseProviders(
github.New(
config.C.GithubClientKey,
config.C.GithubSecret,
urlJoin(opengistUrl, "/oauth/github/callback"),
),
)
case GitLabProvider:
goth.UseProviders(
gitlab.NewCustomisedURL(
config.C.GitlabClientKey,
config.C.GitlabSecret,
urlJoin(opengistUrl, "/oauth/gitlab/callback"),
urlJoin(config.C.GitlabUrl, "/oauth/authorize"),
urlJoin(config.C.GitlabUrl, "/oauth/token"),
urlJoin(config.C.GitlabUrl, "/api/v4/user"),
),
)
case GiteaProvider:
goth.UseProviders(
gitea.NewCustomisedURL(
config.C.GiteaClientKey,
config.C.GiteaSecret,
urlJoin(opengistUrl, "/oauth/gitea/callback"),
urlJoin(config.C.GiteaUrl, "/login/oauth/authorize"),
urlJoin(config.C.GiteaUrl, "/login/oauth/access_token"),
urlJoin(config.C.GiteaUrl, "/api/v1/user"),
),
)
case OpenIDConnect:
oidcProvider, err := openidConnect.New(
config.C.OIDCClientKey,
config.C.OIDCSecret,
urlJoin(opengistUrl, "/oauth/openid-connect/callback"),
config.C.OIDCDiscoveryUrl,
"openid",
"email",
"profile",
)
if err != nil {
return errorRes(500, "Cannot create OIDC provider", err)
}
goth.UseProviders(oidcProvider)
}
ctxValue := context.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, provider)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
if provider != GitHubProvider && provider != GitLabProvider && provider != GiteaProvider && provider != OpenIDConnect {
return errorRes(400, tr(ctx, "error.oauth-unsupported"), nil)
}
gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
return nil
}
func oauthUnlink(ctx echo.Context) error {
provider := ctx.Param("provider")
currUser := getUserLogged(ctx)
// Map each provider to a function that checks the relevant ID in currUser
providerIDCheckMap := map[string]func() bool{
GitHubProvider: func() bool { return currUser.GithubID != "" },
GitLabProvider: func() bool { return currUser.GitlabID != "" },
GiteaProvider: func() bool { return currUser.GiteaID != "" },
OpenIDConnect: func() bool { return currUser.OIDCID != "" },
}
if checkFunc, exists := providerIDCheckMap[provider]; exists && checkFunc() {
if err := currUser.DeleteProviderID(provider); err != nil {
return errorRes(500, "Cannot unlink account from "+cases.Title(language.English).String(provider), err)
}
addFlash(ctx, tr(ctx, "flash.auth.account-unlinked-oauth", cases.Title(language.English).String(provider)), "success")
return redirect(ctx, "/settings")
}
return redirect(ctx, "/settings")
}
func beginWebAuthnBinding(ctx echo.Context) error {
credsCreation, jsonWaSession, err := webauthn.BeginBinding(getUserLogged(ctx))
if err != nil {
return errorRes(500, "Cannot begin WebAuthn registration", err)
}
sess := getSession(ctx)
sess.Values["webauthn_registration_session"] = jsonWaSession
sess.Options.MaxAge = 5 * 60 // 5 minutes
saveSession(sess, ctx)
return ctx.JSON(200, credsCreation)
}
func finishWebAuthnBinding(ctx echo.Context) error {
sess := getSession(ctx)
jsonWaSession, ok := sess.Values["webauthn_registration_session"].([]byte)
if !ok {
return jsonErrorRes(401, "Cannot get WebAuthn registration session", nil)
}
user := getUserLogged(ctx)
// extract passkey name from request
body, err := io.ReadAll(ctx.Request().Body)
if err != nil {
return jsonErrorRes(400, "Failed to read request body", err)
}
ctx.Request().Body.Close()
ctx.Request().Body = io.NopCloser(bytes.NewBuffer(body))
dto := new(db.CrendentialDTO)
_ = gojson.Unmarshal(body, &dto)
if err = ctx.Validate(dto); err != nil {
return jsonErrorRes(400, "Invalid request", err)
}
passkeyName := dto.PasskeyName
if passkeyName == "" {
passkeyName = "WebAuthn"
}
waCredential, err := webauthn.FinishBinding(user, jsonWaSession, ctx.Request())
if err != nil {
return jsonErrorRes(403, "Failed binding attempt for passkey", err)
}
if _, err = db.CreateFromCrendential(user.ID, passkeyName, waCredential); err != nil {
return jsonErrorRes(500, "Cannot create WebAuthn credential on database", err)
}
delete(sess.Values, "webauthn_registration_session")
saveSession(sess, ctx)
addFlash(ctx, tr(ctx, "flash.auth.passkey-registred", passkeyName), "success")
return json(ctx, []string{"OK"})
}
func beginWebAuthnLogin(ctx echo.Context) error {
credsCreation, jsonWaSession, err := webauthn.BeginDiscoverableLogin()
if err != nil {
return jsonErrorRes(401, "Cannot begin WebAuthn login", err)
}
sess := getSession(ctx)
sess.Values["webauthn_login_session"] = jsonWaSession
sess.Options.MaxAge = 5 * 60 // 5 minutes
saveSession(sess, ctx)
return json(ctx, credsCreation)
}
func finishWebAuthnLogin(ctx echo.Context) error {
sess := getSession(ctx)
sessionData, ok := sess.Values["webauthn_login_session"].([]byte)
if !ok {
return jsonErrorRes(401, "Cannot get WebAuthn login session", nil)
}
userID, err := webauthn.FinishDiscoverableLogin(sessionData, ctx.Request())
if err != nil {
return jsonErrorRes(403, "Failed authentication attempt for passkey", err)
}
sess.Values["user"] = userID
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
delete(sess.Values, "webauthn_login_session")
saveSession(sess, ctx)
return json(ctx, []string{"OK"})
}
func beginWebAuthnAssertion(ctx echo.Context) error {
sess := getSession(ctx)
ogUser, err := db.GetUserById(sess.Values["mfaID"].(uint))
if err != nil {
return jsonErrorRes(500, "Cannot get user", err)
}
credsCreation, jsonWaSession, err := webauthn.BeginLogin(ogUser)
if err != nil {
return jsonErrorRes(401, "Cannot begin WebAuthn login", err)
}
sess.Values["webauthn_assertion_session"] = jsonWaSession
sess.Options.MaxAge = 5 * 60 // 5 minutes
saveSession(sess, ctx)
return json(ctx, credsCreation)
}
func finishWebAuthnAssertion(ctx echo.Context) error {
sess := getSession(ctx)
sessionData, ok := sess.Values["webauthn_assertion_session"].([]byte)
if !ok {
return jsonErrorRes(401, "Cannot get WebAuthn assertion session", nil)
}
userId := sess.Values["mfaID"].(uint)
ogUser, err := db.GetUserById(userId)
if err != nil {
return jsonErrorRes(500, "Cannot get user", err)
}
if err = webauthn.FinishLogin(ogUser, sessionData, ctx.Request()); err != nil {
return jsonErrorRes(403, "Failed authentication attempt for passkey", err)
}
sess.Values["user"] = userId
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
delete(sess.Values, "webauthn_assertion_session")
delete(sess.Values, "mfaID")
saveSession(sess, ctx)
return json(ctx, []string{"OK"})
}
func beginTotp(ctx echo.Context) error {
user := getUserLogged(ctx)
if _, hasTotp, err := user.HasMFA(); err != nil {
return errorRes(500, "Cannot check for user MFA", err)
} else if hasTotp {
addFlash(ctx, tr(ctx, "auth.totp.already-enabled"), "error")
return redirect(ctx, "/settings")
}
ogUrl, err := url.Parse(getData(ctx, "baseHttpUrl").(string))
if err != nil {
return errorRes(500, "Cannot parse base URL", err)
}
sess := getSession(ctx)
generatedSecret, _ := sess.Values["generatedSecret"].([]byte)
totpSecret, qrcode, err, generatedSecret := totp.GenerateQRCode(getUserLogged(ctx).Username, ogUrl.Hostname(), generatedSecret)
if err != nil {
return errorRes(500, "Cannot generate TOTP QR code", err)
}
sess.Values["totpSecret"] = totpSecret
sess.Values["generatedSecret"] = generatedSecret
saveSession(sess, ctx)
setData(ctx, "totpSecret", totpSecret)
setData(ctx, "totpQrcode", qrcode)
return html(ctx, "totp.html")
}
func finishTotp(ctx echo.Context) error {
user := getUserLogged(ctx)
if _, hasTotp, err := user.HasMFA(); err != nil {
return errorRes(500, "Cannot check for user MFA", err)
} else if hasTotp {
addFlash(ctx, tr(ctx, "auth.totp.already-enabled"), "error")
return redirect(ctx, "/settings")
}
dto := &db.TOTPDTO{}
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, "Invalid secret", "error")
return redirect(ctx, "/settings/totp/generate")
}
sess := getSession(ctx)
secret, ok := sess.Values["totpSecret"].(string)
if !ok {
return errorRes(500, "Cannot get TOTP secret from session", nil)
}
if !totp.Validate(dto.Code, secret) {
addFlash(ctx, tr(ctx, "auth.totp.invalid-code"), "error")
return redirect(ctx, "/settings/totp/generate")
}
userTotp := &db.TOTP{
UserID: getUserLogged(ctx).ID,
}
if err := userTotp.StoreSecret(secret); err != nil {
return errorRes(500, "Cannot store TOTP secret", err)
}
if err := userTotp.Create(); err != nil {
return errorRes(500, "Cannot create TOTP", err)
}
addFlash(ctx, "TOTP successfully enabled", "success")
codes, err := userTotp.GenerateRecoveryCodes()
if err != nil {
return errorRes(500, "Cannot generate recovery codes", err)
}
delete(sess.Values, "totpSecret")
delete(sess.Values, "generatedSecret")
saveSession(sess, ctx)
setData(ctx, "recoveryCodes", codes)
return html(ctx, "totp.html")
}
func assertTotp(ctx echo.Context) error {
var err error
dto := &db.TOTPDTO{}
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, tr(ctx, "auth.totp.invalid-code"), "error")
return redirect(ctx, "/mfa")
}
sess := getSession(ctx)
userId := sess.Values["mfaID"].(uint)
var userTotp *db.TOTP
if userTotp, err = db.GetTOTPByUserID(userId); err != nil {
return errorRes(500, "Cannot get TOTP by UID", err)
}
redirectUrl := "/"
var validCode, validRecoveryCode bool
if validCode, err = userTotp.ValidateCode(dto.Code); err != nil {
return errorRes(500, "Cannot validate TOTP code", err)
}
if !validCode {
validRecoveryCode, err = userTotp.ValidateRecoveryCode(dto.Code)
if err != nil {
return errorRes(500, "Cannot validate TOTP code", err)
}
if !validRecoveryCode {
addFlash(ctx, tr(ctx, "auth.totp.invalid-code"), "error")
return redirect(ctx, "/mfa")
}
addFlash(ctx, tr(ctx, "auth.totp.code-used", dto.Code), "warning")
redirectUrl = "/settings"
}
sess.Values["user"] = userId
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
delete(sess.Values, "mfaID")
saveSession(sess, ctx)
return redirect(ctx, redirectUrl)
}
func disableTotp(ctx echo.Context) error {
user := getUserLogged(ctx)
userTotp, err := db.GetTOTPByUserID(user.ID)
if err != nil {
return errorRes(500, "Cannot get TOTP by UID", err)
}
if err = userTotp.Delete(); err != nil {
return errorRes(500, "Cannot delete TOTP", err)
}
addFlash(ctx, tr(ctx, "auth.totp.disabled"), "success")
return redirect(ctx, "/settings")
}
func regenerateTotpRecoveryCodes(ctx echo.Context) error {
user := getUserLogged(ctx)
userTotp, err := db.GetTOTPByUserID(user.ID)
if err != nil {
return errorRes(500, "Cannot get TOTP by UID", err)
}
codes, err := userTotp.GenerateRecoveryCodes()
if err != nil {
return errorRes(500, "Cannot generate recovery codes", err)
}
setData(ctx, "recoveryCodes", codes)
return html(ctx, "totp.html")
}
func logout(ctx echo.Context) error {
deleteSession(ctx)
deleteCsrfCookie(ctx)
return redirect(ctx, "/all")
}
func urlJoin(base string, elem ...string) string {
joined, err := url.JoinPath(base, elem...)
if err != nil {
log.Error().Err(err).Msg("Cannot join url")
}
return joined
}
func updateUserProviderInfo(userDB *db.User, provider string, user goth.User) {
userDB.AvatarURL = getAvatarUrlFromProvider(provider, user.UserID)
switch provider {
case GitHubProvider:
userDB.GithubID = user.UserID
case GitLabProvider:
userDB.GitlabID = user.UserID
case GiteaProvider:
userDB.GiteaID = user.UserID
case OpenIDConnect:
userDB.OIDCID = user.UserID
userDB.AvatarURL = user.AvatarURL
}
}
func getAvatarUrlFromProvider(provider string, identifier string) string {
switch provider {
case GitHubProvider:
return "https://avatars.githubusercontent.com/u/" + identifier + "?v=4"
case GitLabProvider:
return urlJoin(config.C.GitlabUrl, "/uploads/-/system/user/avatar/", identifier, "/avatar.png") + "?width=400"
case GiteaProvider:
resp, err := http.Get(urlJoin(config.C.GiteaUrl, "/api/v1/users/", identifier))
if err != nil {
log.Error().Err(err).Msg("Cannot get user from Gitea")
return ""
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
log.Error().Err(err).Msg("Cannot read Gitea response body")
return ""
}
var result map[string]interface{}
err = gojson.Unmarshal(body, &result)
if err != nil {
log.Error().Err(err).Msg("Cannot unmarshal Gitea response body")
return ""
}
field, ok := result["avatar_url"]
if !ok {
log.Error().Msg("Field 'avatar_url' not found in Gitea JSON response")
return ""
}
return field.(string)
}
return ""
}
type ContextAuthInfo struct {
context echo.Context
}
func (auth ContextAuthInfo) RequireLogin() (bool, error) {
return getData(auth.context, "RequireLogin") == true, nil
}
func (auth ContextAuthInfo) AllowGistsWithoutLogin() (bool, error) {
return getData(auth.context, "AllowGistsWithoutLogin") == true, nil
}

148
internal/web/context/context.go Normal file
View File

@@ -0,0 +1,148 @@
package context
import (
"context"
"github.com/gorilla/sessions"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"html/template"
"net/http"
"sync"
)
type dataKey string
const DataKeyStr dataKey = "data"
type Context struct {
echo.Context
data echo.Map
lock sync.RWMutex
store *Store
User *db.User
}
func NewContext(c echo.Context, sessionPath string) *Context {
ctx := &Context{
Context: c,
data: make(echo.Map),
store: NewStore(sessionPath),
}
ctx.SetRequest(ctx.Request().WithContext(context.WithValue(ctx.Request().Context(), DataKeyStr, ctx.data)))
return ctx
}
func (ctx *Context) SetData(key string, value any) {
ctx.lock.Lock()
defer ctx.lock.Unlock()
ctx.data[key] = value
}
func (ctx *Context) GetData(key string) any {
ctx.lock.RLock()
defer ctx.lock.RUnlock()
return ctx.data[key]
}
func (ctx *Context) DataMap() echo.Map {
return ctx.data
}
func (ctx *Context) ErrorRes(code int, message string, err error) error {
if code >= 500 {
var skipLogger = log.With().CallerWithSkipFrameCount(3).Logger()
skipLogger.Error().Err(err).Msg(message)
}
ctx.SetRequest(ctx.Request().WithContext(context.WithValue(ctx.Request().Context(), DataKeyStr, ctx.data)))
return &echo.HTTPError{Code: code, Message: message, Internal: err}
}
func (ctx *Context) RedirectTo(location string) error {
return ctx.Context.Redirect(302, config.C.ExternalUrl+location)
}
func (ctx *Context) Html(template string) error {
return ctx.HtmlWithCode(200, template)
}
func (ctx *Context) HtmlWithCode(code int, template string) error {
ctx.setErrorFlashes()
return ctx.Render(code, template, ctx.DataMap())
}
func (ctx *Context) Json(data any) error {
return ctx.JsonWithCode(200, data)
}
func (ctx *Context) JsonWithCode(code int, data any) error {
return ctx.JSON(code, data)
}
func (ctx *Context) PlainText(code int, message string) error {
return ctx.String(code, message)
}
func (ctx *Context) NotFound(message string) error {
return ctx.ErrorRes(404, message, nil)
}
func (ctx *Context) GetSession() *sessions.Session {
sess, _ := ctx.store.UserStore.Get(ctx.Request(), "session")
return sess
}
func (ctx *Context) SaveSession(sess *sessions.Session) {
_ = sess.Save(ctx.Request(), ctx.Response())
}
func (ctx *Context) DeleteSession() {
sess := ctx.GetSession()
sess.Options.MaxAge = -1
ctx.SaveSession(sess)
}
func (ctx *Context) AddFlash(flashMessage string, flashType string) {
sess, _ := ctx.store.flashStore.Get(ctx.Request(), "flash")
sess.AddFlash(flashMessage, flashType)
_ = sess.Save(ctx.Request(), ctx.Response())
}
func (ctx *Context) setErrorFlashes() {
sess, _ := ctx.store.flashStore.Get(ctx.Request(), "flash")
ctx.SetData("flashErrors", sess.Flashes("error"))
ctx.SetData("flashSuccess", sess.Flashes("success"))
ctx.SetData("flashWarnings", sess.Flashes("warning"))
_ = sess.Save(ctx.Request(), ctx.Response())
}
func (ctx *Context) DeleteCsrfCookie() {
ctx.SetCookie(&http.Cookie{Name: "_csrf", Path: "/", MaxAge: -1})
}
func (ctx *Context) TrH(key string, args ...any) template.HTML {
l := ctx.GetData("locale").(*i18n.Locale)
return l.Tr(key, args...)
}
func (ctx *Context) Tr(key string, args ...any) string {
l := ctx.GetData("locale").(*i18n.Locale)
return l.String(key, args...)
}
var ManifestEntries map[string]Asset
type Asset struct {
File string `json:"file"`
}

28
internal/web/context/store.go Normal file
View File

@@ -0,0 +1,28 @@
package context
import (
"github.com/gorilla/sessions"
"github.com/markbates/goth/gothic"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/session"
"path/filepath"
)
type Store struct {
sessionsPath string
flashStore *sessions.CookieStore
UserStore *sessions.FilesystemStore
}
func NewStore(sessionsPath string) *Store {
s := &Store{sessionsPath: sessionsPath}
s.flashStore = sessions.NewCookieStore([]byte("opengist"))
encryptKey, _ := session.GenerateSecretKey(filepath.Join(s.sessionsPath, "session-encrypt.key"))
s.UserStore = sessions.NewFilesystemStore(s.sessionsPath, config.SecretKey, encryptKey)
s.UserStore.MaxLength(10 * 1024)
gothic.Store = s.UserStore
return s
}

917
internal/web/gist.go
View File

@@ -1,917 +0,0 @@
package web
import (
"archive/zip"
"bufio"
"bytes"
gojson "encoding/json"
"errors"
"fmt"
"html/template"
"net/url"
"path/filepath"
"regexp"
"strconv"
"strings"
"time"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/index"
"github.com/thomiceli/opengist/internal/render"
"github.com/thomiceli/opengist/internal/utils"
"github.com/google/uuid"
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"gorm.io/gorm"
)
func gistInit(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
currUser := getUserLogged(ctx)
userName := ctx.Param("user")
gistName := ctx.Param("gistname")
switch filepath.Ext(gistName) {
case ".js":
setData(ctx, "gistpage", "js")
gistName = strings.TrimSuffix(gistName, ".js")
case ".json":
setData(ctx, "gistpage", "json")
gistName = strings.TrimSuffix(gistName, ".json")
case ".git":
setData(ctx, "gistpage", "git")
gistName = strings.TrimSuffix(gistName, ".git")
}
gist, err := db.GetGist(userName, gistName)
if err != nil {
return notFound("Gist not found")
}
if gist.Private == db.PrivateVisibility {
if currUser == nil || currUser.ID != gist.UserID {
return notFound("Gist not found")
}
}
setData(ctx, "gist", gist)
if config.C.SshGit {
var sshDomain string
if config.C.SshExternalDomain != "" {
sshDomain = config.C.SshExternalDomain
} else {
sshDomain = strings.Split(ctx.Request().Host, ":")[0]
}
if config.C.SshPort == "22" {
setData(ctx, "sshCloneUrl", sshDomain+":"+userName+"/"+gistName+".git")
} else {
setData(ctx, "sshCloneUrl", "ssh://"+sshDomain+":"+config.C.SshPort+"/"+userName+"/"+gistName+".git")
}
}
baseHttpUrl := getData(ctx, "baseHttpUrl").(string)
if config.C.HttpGit {
setData(ctx, "httpCloneUrl", baseHttpUrl+"/"+userName+"/"+gistName+".git")
}
setData(ctx, "httpCopyUrl", baseHttpUrl+"/"+userName+"/"+gistName)
setData(ctx, "currentUrl", template.URL(ctx.Request().URL.Path))
setData(ctx, "embedScript", fmt.Sprintf(`<script src="%s"></script>`, baseHttpUrl+"/"+userName+"/"+gistName+".js"))
nbCommits, err := gist.NbCommits()
if err != nil {
return errorRes(500, "Error fetching number of commits", err)
}
setData(ctx, "nbCommits", nbCommits)
if currUser != nil {
hasLiked, err := currUser.HasLiked(gist)
if err != nil {
return errorRes(500, "Cannot get user like status", err)
}
setData(ctx, "hasLiked", hasLiked)
}
if gist.Private > 0 {
setData(ctx, "NoIndex", true)
}
return next(ctx)
}
}
// gistSoftInit try to load a gist (same as gistInit) but does not return a 404 if the gist is not found
// useful for git clients using HTTP to obfuscate the existence of a private gist
func gistSoftInit(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
userName := ctx.Param("user")
gistName := ctx.Param("gistname")
gistName = strings.TrimSuffix(gistName, ".git")
gist, _ := db.GetGist(userName, gistName)
setData(ctx, "gist", gist)
return next(ctx)
}
}
// gistNewPushInit has the same behavior as gistSoftInit but create a new gist empty instead
func gistNewPushSoftInit(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
setData(c, "gist", new(db.Gist))
return next(c)
}
}
func allGists(ctx echo.Context) error {
var err error
var urlPage string
fromUserStr := ctx.Param("user")
userLogged := getUserLogged(ctx)
pageInt := getPage(ctx)
sort := "created"
sortText := trH(ctx, "gist.list.sort-by-created")
order := "desc"
orderText := trH(ctx, "gist.list.order-by-desc")
if ctx.QueryParam("sort") == "updated" {
sort = "updated"
sortText = trH(ctx, "gist.list.sort-by-updated")
}
if ctx.QueryParam("order") == "asc" {
order = "asc"
orderText = trH(ctx, "gist.list.order-by-asc")
}
setData(ctx, "sort", sortText)
setData(ctx, "order", orderText)
var gists []*db.Gist
var currentUserId uint
if userLogged != nil {
currentUserId = userLogged.ID
} else {
currentUserId = 0
}
if fromUserStr == "" {
urlctx := ctx.Request().URL.Path
if strings.HasSuffix(urlctx, "search") {
setData(ctx, "htmlTitle", trH(ctx, "gist.list.search-results"))
setData(ctx, "mode", "search")
setData(ctx, "searchQuery", ctx.QueryParam("q"))
setData(ctx, "searchQueryUrl", template.URL("&q="+ctx.QueryParam("q")))
urlPage = "search"
gists, err = db.GetAllGistsFromSearch(currentUserId, ctx.QueryParam("q"), pageInt-1, sort, order)
} else if strings.HasSuffix(urlctx, "all") {
setData(ctx, "htmlTitle", trH(ctx, "gist.list.all"))
setData(ctx, "mode", "all")
urlPage = "all"
gists, err = db.GetAllGistsForCurrentUser(currentUserId, pageInt-1, sort, order)
}
} else {
liked := false
forked := false
liked, err = regexp.MatchString(`/[^/]*/liked`, ctx.Request().URL.Path)
if err != nil {
return errorRes(500, "Error matching regexp", err)
}
forked, err = regexp.MatchString(`/[^/]*/forked`, ctx.Request().URL.Path)
if err != nil {
return errorRes(500, "Error matching regexp", err)
}
var fromUser *db.User
fromUser, err = db.GetUserByUsername(fromUserStr)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return notFound("User not found")
}
return errorRes(500, "Error fetching user", err)
}
setData(ctx, "fromUser", fromUser)
if countFromUser, err := db.CountAllGistsFromUser(fromUser.ID, currentUserId); err != nil {
return errorRes(500, "Error counting gists", err)
} else {
setData(ctx, "countFromUser", countFromUser)
}
if countLiked, err := db.CountAllGistsLikedByUser(fromUser.ID, currentUserId); err != nil {
return errorRes(500, "Error counting liked gists", err)
} else {
setData(ctx, "countLiked", countLiked)
}
if countForked, err := db.CountAllGistsForkedByUser(fromUser.ID, currentUserId); err != nil {
return errorRes(500, "Error counting forked gists", err)
} else {
setData(ctx, "countForked", countForked)
}
if liked {
urlPage = fromUserStr + "/liked"
setData(ctx, "htmlTitle", trH(ctx, "gist.list.all-liked-by", fromUserStr))
setData(ctx, "mode", "liked")
gists, err = db.GetAllGistsLikedByUser(fromUser.ID, currentUserId, pageInt-1, sort, order)
} else if forked {
urlPage = fromUserStr + "/forked"
setData(ctx, "htmlTitle", trH(ctx, "gist.list.all-forked-by", fromUserStr))
setData(ctx, "mode", "forked")
gists, err = db.GetAllGistsForkedByUser(fromUser.ID, currentUserId, pageInt-1, sort, order)
} else {
urlPage = fromUserStr
setData(ctx, "htmlTitle", trH(ctx, "gist.list.all-from", fromUserStr))
setData(ctx, "mode", "fromUser")
gists, err = db.GetAllGistsFromUser(fromUser.ID, currentUserId, pageInt-1, sort, order)
}
}
renderedGists := make([]*render.RenderedGist, 0, len(gists))
for _, gist := range gists {
rendered, err := render.HighlightGistPreview(gist)
if err != nil {
log.Error().Err(err).Msg("Error rendering gist preview for " + gist.Identifier() + " - " + gist.PreviewFilename)
}
renderedGists = append(renderedGists, &rendered)
}
if err != nil {
return errorRes(500, "Error fetching gists", err)
}
if err = paginate(ctx, renderedGists, pageInt, 10, "gists", fromUserStr, 2, "&sort="+sort+"&order="+order); err != nil {
return errorRes(404, tr(ctx, "error.page-not-found"), nil)
}
setData(ctx, "urlPage", urlPage)
return html(ctx, "all.html")
}
func search(ctx echo.Context) error {
var err error
content, meta := parseSearchQueryStr(ctx.QueryParam("q"))
pageInt := getPage(ctx)
var currentUserId uint
userLogged := getUserLogged(ctx)
if userLogged != nil {
currentUserId = userLogged.ID
} else {
currentUserId = 0
}
var visibleGistsIds []uint
visibleGistsIds, err = db.GetAllGistsVisibleByUser(currentUserId)
if err != nil {
return errorRes(500, "Error fetching gists", err)
}
gistsIds, nbHits, langs, err := index.SearchGists(content, index.SearchGistMetadata{
Username: meta["user"],
Title: meta["title"],
Filename: meta["filename"],
Extension: meta["extension"],
Language: meta["language"],
}, visibleGistsIds, pageInt)
if err != nil {
return errorRes(500, "Error searching gists", err)
}
gists, err := db.GetAllGistsByIds(gistsIds)
if err != nil {
return errorRes(500, "Error fetching gists", err)
}
renderedGists := make([]*render.RenderedGist, 0, len(gists))
for _, gist := range gists {
rendered, err := render.HighlightGistPreview(gist)
if err != nil {
log.Error().Err(err).Msg("Error rendering gist preview for " + gist.Identifier() + " - " + gist.PreviewFilename)
}
renderedGists = append(renderedGists, &rendered)
}
if pageInt > 1 && len(renderedGists) != 0 {
setData(ctx, "prevPage", pageInt-1)
}
if 10*pageInt < int(nbHits) {
setData(ctx, "nextPage", pageInt+1)
}
setData(ctx, "prevLabel", trH(ctx, "pagination.previous"))
setData(ctx, "nextLabel", trH(ctx, "pagination.next"))
setData(ctx, "urlPage", "search")
setData(ctx, "urlParams", template.URL("&q="+ctx.QueryParam("q")))
setData(ctx, "htmlTitle", trH(ctx, "gist.list.search-results"))
setData(ctx, "nbHits", nbHits)
setData(ctx, "gists", renderedGists)
setData(ctx, "langs", langs)
setData(ctx, "searchQuery", ctx.QueryParam("q"))
return html(ctx, "search.html")
}
func gistIndex(ctx echo.Context) error {
if getData(ctx, "gistpage") == "js" {
return gistJs(ctx)
} else if getData(ctx, "gistpage") == "json" {
return gistJson(ctx)
}
gist := getData(ctx, "gist").(*db.Gist)
revision := ctx.Param("revision")
if revision == "" {
revision = "HEAD"
}
files, err := gist.Files(revision, true)
if _, ok := err.(*git.RevisionNotFoundError); ok {
return notFound("Revision not found")
} else if err != nil {
return errorRes(500, "Error fetching files", err)
}
renderedFiles := render.HighlightFiles(files)
setData(ctx, "page", "code")
setData(ctx, "commit", revision)
setData(ctx, "files", renderedFiles)
setData(ctx, "revision", revision)
setData(ctx, "htmlTitle", gist.Title)
return html(ctx, "gist.html")
}
func gistJson(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
files, err := gist.Files("HEAD", true)
if err != nil {
return errorRes(500, "Error fetching files", err)
}
renderedFiles := render.HighlightFiles(files)
setData(ctx, "files", renderedFiles)
htmlbuf := bytes.Buffer{}
w := bufio.NewWriter(&htmlbuf)
if err = ctx.Echo().Renderer.Render(w, "gist_embed.html", dataMap(ctx), ctx); err != nil {
return err
}
_ = w.Flush()
jsUrl, err := url.JoinPath(getData(ctx, "baseHttpUrl").(string), gist.User.Username, gist.Identifier()+".js")
if err != nil {
return errorRes(500, "Error joining js url", err)
}
cssUrl, err := url.JoinPath(getData(ctx, "baseHttpUrl").(string), manifestEntries["embed.css"].File)
if err != nil {
return errorRes(500, "Error joining css url", err)
}
return ctx.JSON(200, map[string]interface{}{
"owner": gist.User.Username,
"id": gist.Identifier(),
"uuid": gist.Uuid,
"title": gist.Title,
"description": gist.Description,
"created_at": time.Unix(gist.CreatedAt, 0).Format(time.RFC3339),
"visibility": gist.VisibilityStr(),
"files": renderedFiles,
"embed": map[string]string{
"html": htmlbuf.String(),
"css": cssUrl,
"js": jsUrl,
"js_dark": jsUrl + "?dark",
},
})
}
func gistJs(ctx echo.Context) error {
if _, exists := ctx.QueryParams()["dark"]; exists {
setData(ctx, "dark", "dark")
}
gist := getData(ctx, "gist").(*db.Gist)
files, err := gist.Files("HEAD", true)
if err != nil {
return errorRes(500, "Error fetching files", err)
}
renderedFiles := render.HighlightFiles(files)
setData(ctx, "files", renderedFiles)
htmlbuf := bytes.Buffer{}
w := bufio.NewWriter(&htmlbuf)
if err = ctx.Echo().Renderer.Render(w, "gist_embed.html", dataMap(ctx), ctx); err != nil {
return err
}
_ = w.Flush()
cssUrl, err := url.JoinPath(getData(ctx, "baseHttpUrl").(string), manifestEntries["embed.css"].File)
if err != nil {
return errorRes(500, "Error joining css url", err)
}
js, err := escapeJavaScriptContent(htmlbuf.String(), cssUrl)
if err != nil {
return errorRes(500, "Error escaping JavaScript content", err)
}
ctx.Response().Header().Set("Content-Type", "application/javascript")
return plainText(ctx, 200, js)
}
func revisions(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
userName := gist.User.Username
gistName := gist.Identifier()
pageInt := getPage(ctx)
commits, err := gist.Log((pageInt - 1) * 10)
if err != nil {
return errorRes(500, "Error fetching commits log", err)
}
if err := paginate(ctx, commits, pageInt, 10, "commits", userName+"/"+gistName+"/revisions", 2); err != nil {
return errorRes(404, tr(ctx, "error.page-not-found"), nil)
}
emailsSet := map[string]struct{}{}
for _, commit := range commits {
if commit.AuthorEmail == "" {
continue
}
emailsSet[strings.ToLower(commit.AuthorEmail)] = struct{}{}
}
emailsUsers, err := db.GetUsersFromEmails(emailsSet)
if err != nil {
return errorRes(500, "Error fetching users emails", err)
}
setData(ctx, "page", "revisions")
setData(ctx, "revision", "HEAD")
setData(ctx, "emails", emailsUsers)
setData(ctx, "htmlTitle", trH(ctx, "gist.revision-of", gist.Title))
return html(ctx, "revisions.html")
}
func create(ctx echo.Context) error {
setData(ctx, "htmlTitle", trH(ctx, "gist.new.create-a-new-gist"))
return html(ctx, "create.html")
}
func processCreate(ctx echo.Context) error {
isCreate := false
if ctx.Request().URL.Path == "/" {
isCreate = true
}
err := ctx.Request().ParseForm()
if err != nil {
return errorRes(400, tr(ctx, "error.bad-request"), err)
}
dto := new(db.GistDTO)
var gist *db.Gist
if isCreate {
setData(ctx, "htmlTitle", trH(ctx, "gist.new.create-a-new-gist"))
} else {
gist = getData(ctx, "gist").(*db.Gist)
setData(ctx, "htmlTitle", trH(ctx, "gist.edit.edit-gist", gist.Title))
}
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
dto.Files = make([]db.FileDTO, 0)
fileCounter := 0
for i := 0; i < len(ctx.Request().PostForm["content"]); i++ {
name := ctx.Request().PostForm["name"][i]
content := ctx.Request().PostForm["content"][i]
if name == "" {
fileCounter += 1
name = "gistfile" + strconv.Itoa(fileCounter) + ".txt"
}
escapedValue, err := url.QueryUnescape(content)
if err != nil {
return errorRes(400, tr(ctx, "error.invalid-character-unescaped"), err)
}
dto.Files = append(dto.Files, db.FileDTO{
Filename: strings.Trim(name, " "),
Content: escapedValue,
})
}
err = ctx.Validate(dto)
if err != nil {
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
if isCreate {
return html(ctx, "create.html")
} else {
files, err := gist.Files("HEAD", false)
if err != nil {
return errorRes(500, "Error fetching files", err)
}
setData(ctx, "files", files)
return html(ctx, "edit.html")
}
}
if isCreate {
gist = dto.ToGist()
} else {
gist = dto.ToExistingGist(gist)
}
user := getUserLogged(ctx)
gist.NbFiles = len(dto.Files)
if isCreate {
uuidGist, err := uuid.NewRandom()
if err != nil {
return errorRes(500, "Error creating an UUID", err)
}
gist.Uuid = strings.Replace(uuidGist.String(), "-", "", -1)
gist.UserID = user.ID
gist.User = *user
}
if gist.Title == "" {
if ctx.Request().PostForm["name"][0] == "" {
gist.Title = "gist:" + gist.Uuid
} else {
gist.Title = ctx.Request().PostForm["name"][0]
}
}
if len(dto.Files) > 0 {
split := strings.Split(dto.Files[0].Content, "\n")
if len(split) > 10 {
gist.Preview = strings.Join(split[:10], "\n")
} else {
gist.Preview = dto.Files[0].Content
}
gist.PreviewFilename = dto.Files[0].Filename
}
if err = gist.InitRepository(); err != nil {
return errorRes(500, "Error creating the repository", err)
}
if err = gist.AddAndCommitFiles(&dto.Files); err != nil {
return errorRes(500, "Error adding and committing files", err)
}
if isCreate {
if err = gist.Create(); err != nil {
return errorRes(500, "Error creating the gist", err)
}
} else {
if err = gist.Update(); err != nil {
return errorRes(500, "Error updating the gist", err)
}
}
gist.AddInIndex()
return redirect(ctx, "/"+user.Username+"/"+gist.Identifier())
}
func editVisibility(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
dto := new(db.VisibilityDTO)
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
gist.Private = dto.Private
if err := gist.UpdateNoTimestamps(); err != nil {
return errorRes(500, "Error updating this gist", err)
}
addFlash(ctx, tr(ctx, "flash.gist.visibility-changed"), "success")
return redirect(ctx, "/"+gist.User.Username+"/"+gist.Identifier())
}
func deleteGist(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
if err := gist.Delete(); err != nil {
return errorRes(500, "Error deleting this gist", err)
}
gist.RemoveFromIndex()
addFlash(ctx, tr(ctx, "flash.gist.deleted"), "success")
return redirect(ctx, "/")
}
func like(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
currentUser := getUserLogged(ctx)
hasLiked, err := currentUser.HasLiked(gist)
if err != nil {
return errorRes(500, "Error checking if user has liked a gist", err)
}
if hasLiked {
err = gist.RemoveUserLike(getUserLogged(ctx))
} else {
err = gist.AppendUserLike(getUserLogged(ctx))
}
if err != nil {
return errorRes(500, "Error liking/dislking this gist", err)
}
redirectTo := "/" + gist.User.Username + "/" + gist.Identifier()
if r := ctx.QueryParam("redirecturl"); r != "" {
redirectTo = r
}
return redirect(ctx, redirectTo)
}
func fork(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
currentUser := getUserLogged(ctx)
alreadyForked, err := gist.GetForkParent(currentUser)
if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
return errorRes(500, "Error checking if gist is already forked", err)
}
if gist.User.ID == currentUser.ID {
addFlash(ctx, tr(ctx, "flash.gist.fork-own-gist"), "error")
return redirect(ctx, "/"+gist.User.Username+"/"+gist.Identifier())
}
if alreadyForked.ID != 0 {
return redirect(ctx, "/"+alreadyForked.User.Username+"/"+alreadyForked.Identifier())
}
uuidGist, err := uuid.NewRandom()
if err != nil {
return errorRes(500, "Error creating an UUID", err)
}
newGist := &db.Gist{
Uuid: strings.Replace(uuidGist.String(), "-", "", -1),
Title: gist.Title,
Preview: gist.Preview,
PreviewFilename: gist.PreviewFilename,
Description: gist.Description,
Private: gist.Private,
UserID: currentUser.ID,
ForkedID: gist.ID,
NbFiles: gist.NbFiles,
}
if err = newGist.CreateForked(); err != nil {
return errorRes(500, "Error forking the gist in database", err)
}
if err = gist.ForkClone(currentUser.Username, newGist.Uuid); err != nil {
return errorRes(500, "Error cloning the repository while forking", err)
}
if err = gist.IncrementForkCount(); err != nil {
return errorRes(500, "Error incrementing the fork count", err)
}
addFlash(ctx, tr(ctx, "flash.gist.forked"), "success")
return redirect(ctx, "/"+currentUser.Username+"/"+newGist.Identifier())
}
func rawFile(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
file, err := gist.File(ctx.Param("revision"), ctx.Param("file"), false)
if err != nil {
return errorRes(500, "Error getting file content", err)
}
if file == nil {
return notFound("File not found")
}
return plainText(ctx, 200, file.Content)
}
func downloadFile(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
file, err := gist.File(ctx.Param("revision"), ctx.Param("file"), false)
if err != nil {
return errorRes(500, "Error getting file content", err)
}
if file == nil {
return notFound("File not found")
}
ctx.Response().Header().Set("Content-Type", "text/plain")
ctx.Response().Header().Set("Content-Disposition", "attachment; filename="+file.Filename)
ctx.Response().Header().Set("Content-Length", strconv.Itoa(len(file.Content)))
_, err = ctx.Response().Write([]byte(file.Content))
if err != nil {
return errorRes(500, "Error downloading the file", err)
}
return nil
}
func edit(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
files, err := gist.Files("HEAD", false)
if err != nil {
return errorRes(500, "Error fetching files from repository", err)
}
setData(ctx, "files", files)
setData(ctx, "htmlTitle", trH(ctx, "gist.edit.edit-gist", gist.Title))
return html(ctx, "edit.html")
}
func downloadZip(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
revision := ctx.Param("revision")
files, err := gist.Files(revision, false)
if err != nil {
return errorRes(500, "Error fetching files from repository", err)
}
if len(files) == 0 {
return notFound("No files found in this revision")
}
zipFile := new(bytes.Buffer)
zipWriter := zip.NewWriter(zipFile)
for _, file := range files {
fh := &zip.FileHeader{
Name: file.Filename,
Method: zip.Deflate,
}
f, err := zipWriter.CreateHeader(fh)
if err != nil {
return errorRes(500, "Error adding a file the to the zip archive", err)
}
_, err = f.Write([]byte(file.Content))
if err != nil {
return errorRes(500, "Error adding file content the to the zip archive", err)
}
}
err = zipWriter.Close()
if err != nil {
return errorRes(500, "Error closing the zip archive", err)
}
ctx.Response().Header().Set("Content-Type", "application/zip")
ctx.Response().Header().Set("Content-Disposition", "attachment; filename="+gist.Identifier()+".zip")
ctx.Response().Header().Set("Content-Length", strconv.Itoa(len(zipFile.Bytes())))
_, err = ctx.Response().Write(zipFile.Bytes())
if err != nil {
return errorRes(500, "Error writing the zip archive", err)
}
return nil
}
func likes(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
pageInt := getPage(ctx)
likers, err := gist.GetUsersLikes(pageInt - 1)
if err != nil {
return errorRes(500, "Error getting users who liked this gist", err)
}
if err = paginate(ctx, likers, pageInt, 30, "likers", gist.User.Username+"/"+gist.Identifier()+"/likes", 1); err != nil {
return errorRes(404, tr(ctx, "error.page-not-found"), nil)
}
setData(ctx, "htmlTitle", trH(ctx, "gist.likes.for", gist.Title))
setData(ctx, "revision", "HEAD")
return html(ctx, "likes.html")
}
func forks(ctx echo.Context) error {
gist := getData(ctx, "gist").(*db.Gist)
pageInt := getPage(ctx)
currentUser := getUserLogged(ctx)
var fromUserID uint = 0
if currentUser != nil {
fromUserID = currentUser.ID
}
forks, err := gist.GetForks(fromUserID, pageInt-1)
if err != nil {
return errorRes(500, "Error getting users who liked this gist", err)
}
if err = paginate(ctx, forks, pageInt, 30, "forks", gist.User.Username+"/"+gist.Identifier()+"/forks", 2); err != nil {
return errorRes(404, tr(ctx, "error.page-not-found"), nil)
}
setData(ctx, "htmlTitle", trH(ctx, "gist.forks.for", gist.Title))
setData(ctx, "revision", "HEAD")
return html(ctx, "forks.html")
}
func checkbox(ctx echo.Context) error {
filename := ctx.FormValue("file")
checkboxNb := ctx.FormValue("checkbox")
i, err := strconv.Atoi(checkboxNb)
if err != nil {
return errorRes(400, tr(ctx, "error.invalid-number"), nil)
}
gist := getData(ctx, "gist").(*db.Gist)
file, err := gist.File("HEAD", filename, false)
if err != nil {
return errorRes(500, "Error getting file content", err)
} else if file == nil {
return notFound("File not found")
}
markdown, err := render.Checkbox(file.Content, i)
if err != nil {
return errorRes(500, "Error checking checkbox", err)
}
if err = gist.AddAndCommitFile(&db.FileDTO{
Filename: filename,
Content: markdown,
}); err != nil {
return errorRes(500, "Error adding and committing files", err)
}
if err = gist.UpdatePreviewAndCount(true); err != nil {
return errorRes(500, "Error updating the gist", err)
}
return plainText(ctx, 200, "ok")
}
func preview(ctx echo.Context) error {
content := ctx.FormValue("content")
previewStr, err := render.MarkdownString(content)
if err != nil {
return errorRes(500, "Error rendering markdown", err)
}
return plainText(ctx, 200, previewStr)
}
func escapeJavaScriptContent(htmlContent, cssUrl string) (string, error) {
jsonContent, err := gojson.Marshal(htmlContent)
if err != nil {
return "", fmt.Errorf("failed to encode content: %w", err)
}
jsonCssUrl, err := gojson.Marshal(cssUrl)
if err != nil {
return "", fmt.Errorf("failed to encode CSS URL: %w", err)
}
js := fmt.Sprintf(`
document.write('<link rel="stylesheet" href=%s>');
document.write(%s);
`,
string(jsonCssUrl),
string(jsonContent),
)
return js, nil
}

48
internal/web/handlers/admin/actions.go Normal file
View File

@@ -0,0 +1,48 @@
package admin
import (
"github.com/thomiceli/opengist/internal/actions"
"github.com/thomiceli/opengist/internal/web/context"
)
func AdminSyncReposFromFS(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.sync-fs"), "success")
go actions.Run(actions.SyncReposFromFS)
return ctx.RedirectTo("/admin-panel")
}
func AdminSyncReposFromDB(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.sync-db"), "success")
go actions.Run(actions.SyncReposFromDB)
return ctx.RedirectTo("/admin-panel")
}
func AdminGcRepos(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.git-gc"), "success")
go actions.Run(actions.GitGcRepos)
return ctx.RedirectTo("/admin-panel")
}
func AdminSyncGistPreviews(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.sync-previews"), "success")
go actions.Run(actions.SyncGistPreviews)
return ctx.RedirectTo("/admin-panel")
}
func AdminResetHooks(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.reset-hooks"), "success")
go actions.Run(actions.ResetHooks)
return ctx.RedirectTo("/admin-panel")
}
func AdminIndexGists(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.index-gists"), "success")
go actions.Run(actions.IndexGists)
return ctx.RedirectTo("/admin-panel")
}
func AdminSyncGistLanguages(ctx *context.Context) error {
ctx.AddFlash(ctx.Tr("flash.admin.sync-gist-languages"), "success")
go actions.Run(actions.SyncGistLanguages)
return ctx.RedirectTo("/admin-panel")
}

204
internal/web/handlers/admin/admin.go Normal file
View File

@@ -0,0 +1,204 @@
package admin
import (
"github.com/thomiceli/opengist/internal/actions"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"runtime"
"strconv"
"time"
)
func AdminIndex(ctx *context.Context) error {
ctx.SetData("htmlTitle", ctx.TrH("admin.admin_panel"))
ctx.SetData("adminHeaderPage", "index")
ctx.SetData("opengistVersion", config.OpengistVersion)
ctx.SetData("goVersion", runtime.Version())
gitVersion, err := git.GetGitVersion()
if err != nil {
return ctx.ErrorRes(500, "Cannot get git version", err)
}
ctx.SetData("gitVersion", gitVersion)
countUsers, err := db.CountAll(&db.User{})
if err != nil {
return ctx.ErrorRes(500, "Cannot count users", err)
}
ctx.SetData("countUsers", countUsers)
countGists, err := db.CountAll(&db.Gist{})
if err != nil {
return ctx.ErrorRes(500, "Cannot count gists", err)
}
ctx.SetData("countGists", countGists)
countKeys, err := db.CountAll(&db.SSHKey{})
if err != nil {
return ctx.ErrorRes(500, "Cannot count SSH keys", err)
}
ctx.SetData("countKeys", countKeys)
ctx.SetData("syncReposFromFS", actions.IsRunning(actions.SyncReposFromFS))
ctx.SetData("syncReposFromDB", actions.IsRunning(actions.SyncReposFromDB))
ctx.SetData("gitGcRepos", actions.IsRunning(actions.GitGcRepos))
ctx.SetData("syncGistPreviews", actions.IsRunning(actions.SyncGistPreviews))
ctx.SetData("resetHooks", actions.IsRunning(actions.ResetHooks))
ctx.SetData("indexGists", actions.IsRunning(actions.IndexGists))
ctx.SetData("syncGistLanguages", actions.IsRunning(actions.SyncGistLanguages))
return ctx.Html("admin_index.html")
}
func AdminUsers(ctx *context.Context) error {
ctx.SetData("htmlTitle", ctx.TrH("admin.users")+" - "+ctx.TrH("admin.admin_panel"))
ctx.SetData("adminHeaderPage", "users")
ctx.SetData("loadStartTime", time.Now())
pageInt := handlers.GetPage(ctx)
var data []*db.User
var err error
if data, err = db.GetAllUsers(pageInt - 1); err != nil {
return ctx.ErrorRes(500, "Cannot get users", err)
}
if err = handlers.Paginate(ctx, data, pageInt, 10, "data", "admin-panel/users", 1, nil); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
return ctx.Html("admin_users.html")
}
func AdminGists(ctx *context.Context) error {
ctx.SetData("htmlTitle", ctx.TrH("admin.gists")+" - "+ctx.TrH("admin.admin_panel"))
ctx.SetData("adminHeaderPage", "gists")
pageInt := handlers.GetPage(ctx)
var data []*db.Gist
var err error
if data, err = db.GetAllGists(pageInt - 1); err != nil {
return ctx.ErrorRes(500, "Cannot get gists", err)
}
if err = handlers.Paginate(ctx, data, pageInt, 10, "data", "admin-panel/gists", 1, nil); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
return ctx.Html("admin_gists.html")
}
func AdminUserDelete(ctx *context.Context) error {
userId, _ := strconv.ParseUint(ctx.Param("user"), 10, 64)
user, err := db.GetUserById(uint(userId))
if err != nil {
return ctx.ErrorRes(500, "Cannot retrieve user", err)
}
if err := user.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete this user", err)
}
ctx.AddFlash(ctx.Tr("flash.admin.user-deleted"), "success")
return ctx.RedirectTo("/admin-panel/users")
}
func AdminGistDelete(ctx *context.Context) error {
gist, err := db.GetGistByID(ctx.Param("gist"))
if err != nil {
return ctx.ErrorRes(500, "Cannot retrieve gist", err)
}
if err = gist.DeleteRepository(); err != nil {
return ctx.ErrorRes(500, "Cannot delete the repository", err)
}
if err = gist.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete this gist", err)
}
gist.RemoveFromIndex()
ctx.AddFlash(ctx.Tr("flash.admin.gist-deleted"), "success")
return ctx.RedirectTo("/admin-panel/gists")
}
func AdminConfig(ctx *context.Context) error {
ctx.SetData("htmlTitle", ctx.TrH("admin.configuration")+" - "+ctx.TrH("admin.admin_panel"))
ctx.SetData("adminHeaderPage", "config")
ctx.SetData("dbtype", db.DatabaseInfo.Type.String())
ctx.SetData("dbname", db.DatabaseInfo.Database)
return ctx.Html("admin_config.html")
}
func AdminSetConfig(ctx *context.Context) error {
key := ctx.FormValue("key")
value := ctx.FormValue("value")
if err := db.UpdateSetting(key, value); err != nil {
return ctx.ErrorRes(500, "Cannot set setting", err)
}
return ctx.JSON(200, map[string]interface{}{
"success": true,
})
}
func AdminInvitations(ctx *context.Context) error {
ctx.SetData("htmlTitle", ctx.TrH("admin.invitations")+" - "+ctx.TrH("admin.admin_panel"))
ctx.SetData("adminHeaderPage", "invitations")
var invitations []*db.Invitation
var err error
if invitations, err = db.GetAllInvitations(); err != nil {
return ctx.ErrorRes(500, "Cannot get invites", err)
}
ctx.SetData("invitations", invitations)
return ctx.Html("admin_invitations.html")
}
func AdminInvitationsCreate(ctx *context.Context) error {
code := ctx.FormValue("code")
nbMax, err := strconv.ParseUint(ctx.FormValue("nbMax"), 10, 64)
if err != nil {
nbMax = 10
}
expiresAtUnix, err := strconv.ParseInt(ctx.FormValue("expiredAtUnix"), 10, 64)
if err != nil {
expiresAtUnix = time.Now().Unix() + 604800 // 1 week
}
invitation := &db.Invitation{
Code: code,
ExpiresAt: expiresAtUnix,
NbMax: uint(nbMax),
}
if err := invitation.Create(); err != nil {
return ctx.ErrorRes(500, "Cannot create invitation", err)
}
ctx.AddFlash(ctx.Tr("flash.admin.invitation-created"), "success")
return ctx.RedirectTo("/admin-panel/invitations")
}
func AdminInvitationsDelete(ctx *context.Context) error {
id, _ := strconv.ParseUint(ctx.Param("id"), 10, 64)
invitation, err := db.GetInvitationByID(uint(id))
if err != nil {
return ctx.ErrorRes(500, "Cannot retrieve invitation", err)
}
if err := invitation.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete this invitation", err)
}
ctx.AddFlash(ctx.Tr("flash.admin.invitation-deleted"), "success")
return ctx.RedirectTo("/admin-panel/invitations")
}

17
internal/web/handlers/auth.go Normal file
View File

@@ -0,0 +1,17 @@
package handlers
import (
"github.com/thomiceli/opengist/internal/web/context"
)
type ContextAuthInfo struct {
Context *context.Context
}
func (auth ContextAuthInfo) RequireLogin() (bool, error) {
return auth.Context.GetData("RequireLogin") == true, nil
}
func (auth ContextAuthInfo) AllowGistsWithoutLogin() (bool, error) {
return auth.Context.GetData("AllowGistsWithoutLogin") == true, nil
}

22
internal/web/handlers/auth/mfa.go Normal file
View File

@@ -0,0 +1,22 @@
package auth
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
)
func Mfa(ctx *context.Context) error {
var err error
user := db.User{ID: ctx.GetSession().Values["mfaID"].(uint)}
var hasWebauthn, hasTotp bool
if hasWebauthn, hasTotp, err = user.HasMFA(); err != nil {
return ctx.ErrorRes(500, "Cannot check for user MFA", err)
}
ctx.SetData("hasWebauthn", hasWebauthn)
ctx.SetData("hasTotp", hasTotp)
return ctx.Html("mfa.html")
}

166
internal/web/handlers/auth/oauth.go Normal file
View File

@@ -0,0 +1,166 @@
package auth
import (
"crypto/md5"
"errors"
"fmt"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/auth/oauth"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"golang.org/x/text/cases"
"golang.org/x/text/language"
"gorm.io/gorm"
"strings"
)
func Oauth(ctx *context.Context) error {
providerStr := ctx.Param("provider")
httpProtocol := "http"
if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
httpProtocol = "https"
}
forwarded_hdr := ctx.Request().Header.Get("Forwarded")
if forwarded_hdr != "" {
fields := strings.Split(forwarded_hdr, ";")
fwd := make(map[string]string)
for _, v := range fields {
p := strings.Split(v, "=")
fwd[p[0]] = p[1]
}
val, ok := fwd["proto"]
if ok && val == "https" {
httpProtocol = "https"
}
}
var opengistUrl string
if config.C.ExternalUrl != "" {
opengistUrl = config.C.ExternalUrl
} else {
opengistUrl = httpProtocol + "://" + ctx.Request().Host
}
provider, err := oauth.DefineProvider(providerStr, opengistUrl)
if err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.oauth-unsupported"), nil)
}
if err = provider.RegisterProvider(); err != nil {
return ctx.ErrorRes(500, "Cannot create provider", err)
}
provider.BeginAuthHandler(ctx)
return nil
}
func OauthCallback(ctx *context.Context) error {
provider, err := oauth.CompleteUserAuth(ctx)
if err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.complete-oauth-login", err.Error()), err)
}
currUser := ctx.User
// if user is logged in, link account to user and update its avatar URL
if currUser != nil {
provider.UpdateUserDB(currUser)
if err = currUser.Update(); err != nil {
return ctx.ErrorRes(500, "Cannot update user "+cases.Title(language.English).String(provider.GetProvider())+" id", err)
}
ctx.AddFlash(ctx.Tr("flash.auth.account-linked-oauth", cases.Title(language.English).String(provider.GetProvider())), "success")
return ctx.RedirectTo("/settings")
}
user := provider.GetProviderUser()
userDB, err := db.GetUserByProvider(user.UserID, provider.GetProvider())
// if user is not in database, create it
if err != nil {
if ctx.GetData("DisableSignup") == true {
return ctx.ErrorRes(403, ctx.Tr("error.signup-disabled"), nil)
}
if !errors.Is(err, gorm.ErrRecordNotFound) {
return ctx.ErrorRes(500, "Cannot get user", err)
}
if user.NickName == "" {
user.NickName = strings.Split(user.Email, "@")[0]
}
userDB = &db.User{
Username: user.NickName,
Email: user.Email,
MD5Hash: fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(user.Email))))),
}
// set provider id and avatar URL
provider.UpdateUserDB(userDB)
if err = userDB.Create(); err != nil {
if db.IsUniqueConstraintViolation(err) {
ctx.AddFlash(ctx.Tr("flash.auth.username-exists"), "error")
return ctx.RedirectTo("/login")
}
return ctx.ErrorRes(500, "Cannot create user", err)
}
if userDB.ID == 1 {
if err = userDB.SetAdmin(); err != nil {
return ctx.ErrorRes(500, "Cannot set user admin", err)
}
}
keys, err := provider.GetProviderUserSSHKeys()
if err != nil {
ctx.AddFlash(ctx.Tr("flash.auth.user-sshkeys-not-retrievable"), "error")
log.Error().Err(err).Msg("Could not get user keys")
} else {
for _, key := range keys {
sshKey := db.SSHKey{
Title: "Added from " + user.Provider,
Content: key,
User: *userDB,
}
if err = sshKey.Create(); err != nil {
ctx.AddFlash(ctx.Tr("flash.auth.user-sshkeys-not-created"), "error")
log.Error().Err(err).Msg("Could not create ssh key")
}
}
}
}
sess := ctx.GetSession()
sess.Values["user"] = userDB.ID
ctx.SaveSession(sess)
ctx.DeleteCsrfCookie()
return ctx.RedirectTo("/")
}
func OauthUnlink(ctx *context.Context) error {
providerStr := ctx.Param("provider")
provider, err := oauth.DefineProvider(ctx.Param("provider"), "")
if err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.oauth-unsupported"), nil)
}
currUser := ctx.User
if provider.UserHasProvider(currUser) {
if err := currUser.DeleteProviderID(providerStr); err != nil {
return ctx.ErrorRes(500, "Cannot unlink account from "+cases.Title(language.English).String(providerStr), err)
}
ctx.AddFlash(ctx.Tr("flash.auth.account-unlinked-oauth", cases.Title(language.English).String(providerStr)), "success")
return ctx.RedirectTo("/settings")
}
return ctx.RedirectTo("/settings")
}

170
internal/web/handlers/auth/password.go Normal file
View File

@@ -0,0 +1,170 @@
package auth
import (
"errors"
"github.com/rs/zerolog/log"
passwordpkg "github.com/thomiceli/opengist/internal/auth/password"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/validator"
"github.com/thomiceli/opengist/internal/web/context"
"gorm.io/gorm"
)
func Register(ctx *context.Context) error {
disableSignup := ctx.GetData("DisableSignup")
disableForm := ctx.GetData("DisableLoginForm")
code := ctx.QueryParam("code")
if code != "" {
if invitation, err := db.GetInvitationByCode(code); err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
return ctx.ErrorRes(500, "Cannot check for invitation code", err)
} else if invitation != nil && invitation.IsUsable() {
disableSignup = false
}
}
ctx.SetData("title", ctx.TrH("auth.new-account"))
ctx.SetData("htmlTitle", ctx.TrH("auth.new-account"))
ctx.SetData("disableForm", disableForm)
ctx.SetData("disableSignup", disableSignup)
ctx.SetData("isLoginPage", false)
return ctx.Html("auth_form.html")
}
func ProcessRegister(ctx *context.Context) error {
disableSignup := ctx.GetData("DisableSignup")
code := ctx.QueryParam("code")
invitation, err := db.GetInvitationByCode(code)
if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
return ctx.ErrorRes(500, "Cannot check for invitation code", err)
} else if invitation.ID != 0 && invitation.IsUsable() {
disableSignup = false
}
if disableSignup == true {
return ctx.ErrorRes(403, ctx.Tr("error.signup-disabled"), nil)
}
if ctx.GetData("DisableLoginForm") == true {
return ctx.ErrorRes(403, ctx.Tr("error.signup-disabled-form"), nil)
}
ctx.SetData("title", ctx.TrH("auth.new-account"))
ctx.SetData("htmlTitle", ctx.TrH("auth.new-account"))
sess := ctx.GetSession()
dto := new(db.UserDTO)
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
return ctx.Html("auth_form.html")
}
if exists, err := db.UserExists(dto.Username); err != nil || exists {
ctx.AddFlash(ctx.Tr("flash.auth.username-exists"), "error")
return ctx.Html("auth_form.html")
}
user := dto.ToUser()
password, err := passwordpkg.HashPassword(user.Password)
if err != nil {
return ctx.ErrorRes(500, "Cannot hash password", err)
}
user.Password = password
if err = user.Create(); err != nil {
return ctx.ErrorRes(500, "Cannot create user", err)
}
if user.ID == 1 {
if err = user.SetAdmin(); err != nil {
return ctx.ErrorRes(500, "Cannot set user admin", err)
}
}
if invitation.ID != 0 {
if err := invitation.Use(); err != nil {
return ctx.ErrorRes(500, "Cannot use invitation", err)
}
}
sess.Values["user"] = user.ID
ctx.SaveSession(sess)
return ctx.RedirectTo("/")
}
func Login(ctx *context.Context) error {
ctx.SetData("title", ctx.TrH("auth.login"))
ctx.SetData("htmlTitle", ctx.TrH("auth.login"))
ctx.SetData("disableForm", ctx.GetData("DisableLoginForm"))
ctx.SetData("isLoginPage", true)
return ctx.Html("auth_form.html")
}
func ProcessLogin(ctx *context.Context) error {
if ctx.GetData("DisableLoginForm") == true {
return ctx.ErrorRes(403, ctx.Tr("error.login-disabled-form"), nil)
}
var err error
sess := ctx.GetSession()
dto := &db.UserDTO{}
if err = ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
password := dto.Password
var user *db.User
if user, err = db.GetUserByUsername(dto.Username); err != nil {
if !errors.Is(err, gorm.ErrRecordNotFound) {
return ctx.ErrorRes(500, "Cannot get user", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
ctx.AddFlash(ctx.Tr("flash.auth.invalid-credentials"), "error")
return ctx.RedirectTo("/login")
}
if ok, err := passwordpkg.VerifyPassword(password, user.Password); !ok {
if err != nil {
return ctx.ErrorRes(500, "Cannot check for password", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
ctx.AddFlash(ctx.Tr("flash.auth.invalid-credentials"), "error")
return ctx.RedirectTo("/login")
}
// handle MFA
var hasWebauthn, hasTotp bool
if hasWebauthn, hasTotp, err = user.HasMFA(); err != nil {
return ctx.ErrorRes(500, "Cannot check for user MFA", err)
}
if hasWebauthn || hasTotp {
sess.Values["mfaID"] = user.ID
sess.Options.MaxAge = 5 * 60 // 5 minutes
ctx.SaveSession(sess)
return ctx.RedirectTo("/mfa")
}
sess.Values["user"] = user.ID
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
ctx.SaveSession(sess)
ctx.DeleteCsrfCookie()
return ctx.RedirectTo("/")
}
func Logout(ctx *context.Context) error {
ctx.DeleteSession()
ctx.DeleteCsrfCookie()
return ctx.RedirectTo("/all")
}

177
internal/web/handlers/auth/totp.go Normal file
View File

@@ -0,0 +1,177 @@
package auth
import (
"github.com/thomiceli/opengist/internal/auth/totp"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"net/url"
)
func BeginTotp(ctx *context.Context) error {
user := ctx.User
if _, hasTotp, err := user.HasMFA(); err != nil {
return ctx.ErrorRes(500, "Cannot check for user MFA", err)
} else if hasTotp {
ctx.AddFlash(ctx.Tr("auth.totp.already-enabled"), "error")
return ctx.RedirectTo("/settings")
}
ogUrl, err := url.Parse(ctx.GetData("baseHttpUrl").(string))
if err != nil {
return ctx.ErrorRes(500, "Cannot parse base URL", err)
}
sess := ctx.GetSession()
generatedSecret, _ := sess.Values["generatedSecret"].([]byte)
totpSecret, qrcode, err, generatedSecret := totp.GenerateQRCode(ctx.User.Username, ogUrl.Hostname(), generatedSecret)
if err != nil {
return ctx.ErrorRes(500, "Cannot generate TOTP QR code", err)
}
sess.Values["totpSecret"] = totpSecret
sess.Values["generatedSecret"] = generatedSecret
ctx.SaveSession(sess)
ctx.SetData("totpSecret", totpSecret)
ctx.SetData("totpQrcode", qrcode)
return ctx.Html("totp.html")
}
func FinishTotp(ctx *context.Context) error {
user := ctx.User
if _, hasTotp, err := user.HasMFA(); err != nil {
return ctx.ErrorRes(500, "Cannot check for user MFA", err)
} else if hasTotp {
ctx.AddFlash(ctx.Tr("auth.totp.already-enabled"), "error")
return ctx.RedirectTo("/settings")
}
dto := &db.TOTPDTO{}
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
ctx.AddFlash("Invalid secret", "error")
return ctx.RedirectTo("/settings/totp/generate")
}
sess := ctx.GetSession()
secret, ok := sess.Values["totpSecret"].(string)
if !ok {
return ctx.ErrorRes(500, "Cannot get TOTP secret from session", nil)
}
if !totp.Validate(dto.Code, secret) {
ctx.AddFlash(ctx.Tr("auth.totp.invalid-code"), "error")
return ctx.RedirectTo("/settings/totp/generate")
}
userTotp := &db.TOTP{
UserID: ctx.User.ID,
}
if err := userTotp.StoreSecret(secret); err != nil {
return ctx.ErrorRes(500, "Cannot store TOTP secret", err)
}
if err := userTotp.Create(); err != nil {
return ctx.ErrorRes(500, "Cannot create TOTP", err)
}
ctx.AddFlash("TOTP successfully enabled", "success")
codes, err := userTotp.GenerateRecoveryCodes()
if err != nil {
return ctx.ErrorRes(500, "Cannot generate recovery codes", err)
}
delete(sess.Values, "totpSecret")
delete(sess.Values, "generatedSecret")
ctx.SaveSession(sess)
ctx.SetData("recoveryCodes", codes)
return ctx.Html("totp.html")
}
func AssertTotp(ctx *context.Context) error {
var err error
dto := &db.TOTPDTO{}
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
ctx.AddFlash(ctx.Tr("auth.totp.invalid-code"), "error")
return ctx.RedirectTo("/mfa")
}
sess := ctx.GetSession()
userId := sess.Values["mfaID"].(uint)
var userTotp *db.TOTP
if userTotp, err = db.GetTOTPByUserID(userId); err != nil {
return ctx.ErrorRes(500, "Cannot get TOTP by UID", err)
}
redirectUrl := "/"
var validCode, validRecoveryCode bool
if validCode, err = userTotp.ValidateCode(dto.Code); err != nil {
return ctx.ErrorRes(500, "Cannot validate TOTP code", err)
}
if !validCode {
validRecoveryCode, err = userTotp.ValidateRecoveryCode(dto.Code)
if err != nil {
return ctx.ErrorRes(500, "Cannot validate TOTP code", err)
}
if !validRecoveryCode {
ctx.AddFlash(ctx.Tr("auth.totp.invalid-code"), "error")
return ctx.RedirectTo("/mfa")
}
ctx.AddFlash(ctx.Tr("auth.totp.code-used", dto.Code), "warning")
redirectUrl = "/settings"
}
sess.Values["user"] = userId
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
delete(sess.Values, "mfaID")
ctx.SaveSession(sess)
return ctx.RedirectTo(redirectUrl)
}
func DisableTotp(ctx *context.Context) error {
user := ctx.User
userTotp, err := db.GetTOTPByUserID(user.ID)
if err != nil {
return ctx.ErrorRes(500, "Cannot get TOTP by UID", err)
}
if err = userTotp.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete TOTP", err)
}
ctx.AddFlash(ctx.Tr("auth.totp.disabled"), "success")
return ctx.RedirectTo("/settings")
}
func RegenerateTotpRecoveryCodes(ctx *context.Context) error {
user := ctx.User
userTotp, err := db.GetTOTPByUserID(user.ID)
if err != nil {
return ctx.ErrorRes(500, "Cannot get TOTP by UID", err)
}
codes, err := userTotp.GenerateRecoveryCodes()
if err != nil {
return ctx.ErrorRes(500, "Cannot generate recovery codes", err)
}
ctx.SetData("recoveryCodes", codes)
return ctx.Html("totp.html")
}

151
internal/web/handlers/auth/webauthn.go Normal file
View File

@@ -0,0 +1,151 @@
package auth
import (
"bytes"
gojson "encoding/json"
"github.com/thomiceli/opengist/internal/auth/webauthn"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"io"
)
func BeginWebAuthnBinding(ctx *context.Context) error {
credsCreation, jsonWaSession, err := webauthn.BeginBinding(ctx.User)
if err != nil {
return ctx.ErrorRes(500, "Cannot begin WebAuthn registration", err)
}
sess := ctx.GetSession()
sess.Values["webauthn_registration_session"] = jsonWaSession
sess.Options.MaxAge = 5 * 60 // 5 minutes
ctx.SaveSession(sess)
return ctx.JSON(200, credsCreation)
}
func FinishWebAuthnBinding(ctx *context.Context) error {
sess := ctx.GetSession()
jsonWaSession, ok := sess.Values["webauthn_registration_session"].([]byte)
if !ok {
return ctx.ErrorRes(401, "Cannot get WebAuthn registration session", nil)
}
user := ctx.User
// extract passkey name from request
body, err := io.ReadAll(ctx.Request().Body)
if err != nil {
return ctx.ErrorRes(400, "Failed to read request body", err)
}
ctx.Request().Body.Close()
ctx.Request().Body = io.NopCloser(bytes.NewBuffer(body))
dto := new(db.CrendentialDTO)
_ = gojson.Unmarshal(body, &dto)
if err = ctx.Validate(dto); err != nil {
return ctx.ErrorRes(400, "Invalid request", err)
}
passkeyName := dto.PasskeyName
if passkeyName == "" {
passkeyName = "WebAuthn"
}
waCredential, err := webauthn.FinishBinding(user, jsonWaSession, ctx.Request())
if err != nil {
return ctx.ErrorRes(403, "Failed binding attempt for passkey", err)
}
if _, err = db.CreateFromCrendential(user.ID, passkeyName, waCredential); err != nil {
return ctx.ErrorRes(500, "Cannot create WebAuthn credential on database", err)
}
delete(sess.Values, "webauthn_registration_session")
ctx.SaveSession(sess)
ctx.AddFlash(ctx.Tr("flash.auth.passkey-registred", passkeyName), "success")
return ctx.Json([]string{"OK"})
}
func BeginWebAuthnLogin(ctx *context.Context) error {
credsCreation, jsonWaSession, err := webauthn.BeginDiscoverableLogin()
if err != nil {
return ctx.ErrorRes(401, "Cannot begin WebAuthn login", err)
}
sess := ctx.GetSession()
sess.Values["webauthn_login_session"] = jsonWaSession
sess.Options.MaxAge = 5 * 60 // 5 minutes
ctx.SaveSession(sess)
return ctx.Json(credsCreation)
}
func FinishWebAuthnLogin(ctx *context.Context) error {
sess := ctx.GetSession()
sessionData, ok := sess.Values["webauthn_login_session"].([]byte)
if !ok {
return ctx.ErrorRes(401, "Cannot get WebAuthn login session", nil)
}
userID, err := webauthn.FinishDiscoverableLogin(sessionData, ctx.Request())
if err != nil {
return ctx.ErrorRes(403, "Failed authentication attempt for passkey", err)
}
sess.Values["user"] = userID
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
delete(sess.Values, "webauthn_login_session")
ctx.SaveSession(sess)
return ctx.Json([]string{"OK"})
}
func BeginWebAuthnAssertion(ctx *context.Context) error {
sess := ctx.GetSession()
ogUser, err := db.GetUserById(sess.Values["mfaID"].(uint))
if err != nil {
return ctx.ErrorRes(500, "Cannot get user", err)
}
credsCreation, jsonWaSession, err := webauthn.BeginLogin(ogUser)
if err != nil {
return ctx.ErrorRes(401, "Cannot begin WebAuthn login", err)
}
sess.Values["webauthn_assertion_session"] = jsonWaSession
sess.Options.MaxAge = 5 * 60 // 5 minutes
ctx.SaveSession(sess)
return ctx.Json(credsCreation)
}
func FinishWebAuthnAssertion(ctx *context.Context) error {
sess := ctx.GetSession()
sessionData, ok := sess.Values["webauthn_assertion_session"].([]byte)
if !ok {
return ctx.ErrorRes(401, "Cannot get WebAuthn assertion session", nil)
}
userId := sess.Values["mfaID"].(uint)
ogUser, err := db.GetUserById(userId)
if err != nil {
return ctx.ErrorRes(500, "Cannot get user", err)
}
if err = webauthn.FinishLogin(ogUser, sessionData, ctx.Request()); err != nil {
return ctx.ErrorRes(403, "Failed authentication attempt for passkey", err)
}
sess.Values["user"] = userId
sess.Options.MaxAge = 60 * 60 * 24 * 365 // 1 year
delete(sess.Values, "webauthn_assertion_session")
delete(sess.Values, "mfaID")
ctx.SaveSession(sess)
return ctx.Json([]string{"OK"})
}

223
internal/web/handlers/gist/all.go Normal file
View File

@@ -0,0 +1,223 @@
package gist
import (
"errors"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/index"
"github.com/thomiceli/opengist/internal/render"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"gorm.io/gorm"
"slices"
"strings"
)
func AllGists(ctx *context.Context) error {
var err error
var urlPage string
fromUserStr := ctx.Param("user")
userLogged := ctx.User
pageInt := handlers.GetPage(ctx)
sort := "created"
sortText := ctx.TrH("gist.list.sort-by-created")
order := "desc"
orderText := ctx.TrH("gist.list.order-by-desc")
if ctx.QueryParam("sort") == "updated" {
sort = "updated"
sortText = ctx.TrH("gist.list.sort-by-updated")
}
if ctx.QueryParam("order") == "asc" {
order = "asc"
orderText = ctx.TrH("gist.list.order-by-asc")
}
pagination := &handlers.PaginationParams{
Sort: sort,
Order: order,
}
ctx.SetData("sort", sortText)
ctx.SetData("order", orderText)
var gists []*db.Gist
var currentUserId uint
if userLogged != nil {
currentUserId = userLogged.ID
} else {
currentUserId = 0
}
mode := ctx.GetData("mode")
if fromUserStr == "" {
if mode == "search" {
ctx.SetData("htmlTitle", ctx.TrH("gist.list.search-results"))
ctx.SetData("searchQuery", ctx.QueryParam("q"))
pagination.Query = ctx.QueryParam("q")
urlPage = "search"
gists, err = db.GetAllGistsFromSearch(currentUserId, ctx.QueryParam("q"), pageInt-1, sort, order, "")
} else if mode == "topics" {
ctx.SetData("htmlTitle", ctx.TrH("gist.list.topic-results-topic", ctx.Param("topic")))
ctx.SetData("topic", ctx.Param("topic"))
urlPage = "topics/" + ctx.Param("topic")
gists, err = db.GetAllGistsFromSearch(currentUserId, "", pageInt-1, sort, order, ctx.Param("topic"))
} else if mode == "all" {
ctx.SetData("htmlTitle", ctx.TrH("gist.list.all"))
urlPage = "all"
gists, err = db.GetAllGistsForCurrentUser(currentUserId, pageInt-1, sort, order)
}
} else {
var fromUser *db.User
var count int64
fromUser, err = db.GetUserByUsername(fromUserStr)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return ctx.NotFound("User not found")
}
return ctx.ErrorRes(500, "Error fetching user", err)
}
ctx.SetData("fromUser", fromUser)
if countFromUser, err := db.CountAllGistsFromUser(fromUser.ID, currentUserId); err != nil {
return ctx.ErrorRes(500, "Error counting gists", err)
} else {
ctx.SetData("countFromUser", countFromUser)
}
if countLiked, err := db.CountAllGistsLikedByUser(fromUser.ID, currentUserId); err != nil {
return ctx.ErrorRes(500, "Error counting liked gists", err)
} else {
ctx.SetData("countLiked", countLiked)
}
if countForked, err := db.CountAllGistsForkedByUser(fromUser.ID, currentUserId); err != nil {
return ctx.ErrorRes(500, "Error counting forked gists", err)
} else {
ctx.SetData("countForked", countForked)
}
if mode == "liked" {
urlPage = fromUserStr + "/liked"
ctx.SetData("htmlTitle", ctx.TrH("gist.list.all-liked-by", fromUserStr))
gists, err = db.GetAllGistsLikedByUser(fromUser.ID, currentUserId, pageInt-1, sort, order)
} else if mode == "forked" {
urlPage = fromUserStr + "/forked"
ctx.SetData("htmlTitle", ctx.TrH("gist.list.all-forked-by", fromUserStr))
gists, err = db.GetAllGistsForkedByUser(fromUser.ID, currentUserId, pageInt-1, sort, order)
} else if mode == "fromUser" {
urlPage = fromUserStr
if languages, err := db.GetGistLanguagesForUser(fromUser.ID, currentUserId); err != nil {
return ctx.ErrorRes(500, "Error fetching languages", err)
} else {
ctx.SetData("languages", languages)
}
title := ctx.QueryParam("title")
language := ctx.QueryParam("language")
visibility := ctx.QueryParam("visibility")
topicsStr := ctx.QueryParam("topics")
topics := strings.Fields(topicsStr)
if len(topics) > 10 {
topics = topics[:10]
}
slices.Sort(topics)
topics = slices.Compact(topics)
pagination.Title = title
pagination.Language = language
pagination.Visibility = visibility
pagination.Topics = topicsStr
ctx.SetData("title", title)
ctx.SetData("language", language)
ctx.SetData("visibility", visibility)
ctx.SetData("topics", topicsStr)
ctx.SetData("htmlTitle", ctx.TrH("gist.list.all-from", fromUserStr))
gists, count, err = db.GetAllGistsFromUser(fromUser.ID, currentUserId, title, language, visibility, topics, pageInt-1, sort, order)
ctx.SetData("countFromUser", count)
}
}
if err != nil {
return ctx.ErrorRes(500, "Error fetching gists", err)
}
renderedGists := make([]*render.RenderedGist, 0, len(gists))
for _, gist := range gists {
rendered, err := render.HighlightGistPreview(gist)
if err != nil {
log.Error().Err(err).Msg("Error rendering gist preview for " + gist.Identifier() + " - " + gist.PreviewFilename)
}
renderedGists = append(renderedGists, &rendered)
}
if err = handlers.Paginate(ctx, renderedGists, pageInt, 10, "gists", urlPage, 2, pagination); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
return ctx.Html("all.html")
}
func Search(ctx *context.Context) error {
var err error
pagination := &handlers.PaginationParams{
Query: ctx.QueryParam("q"),
}
content, meta := handlers.ParseSearchQueryStr(ctx.QueryParam("q"))
pageInt := handlers.GetPage(ctx)
var currentUserId uint
userLogged := ctx.User
if userLogged != nil {
currentUserId = userLogged.ID
} else {
currentUserId = 0
}
var visibleGistsIds []uint
visibleGistsIds, err = db.GetAllGistsVisibleByUser(currentUserId)
if err != nil {
return ctx.ErrorRes(500, "Error fetching gists", err)
}
gistsIds, nbHits, langs, err := index.SearchGists(content, index.SearchGistMetadata{
Username: meta["user"],
Title: meta["title"],
Filename: meta["filename"],
Extension: meta["extension"],
Language: meta["language"],
Topic: meta["topic"],
}, visibleGistsIds, pageInt)
if err != nil {
return ctx.ErrorRes(500, "Error searching gists", err)
}
gists, err := db.GetAllGistsByIds(gistsIds)
if err != nil {
return ctx.ErrorRes(500, "Error fetching gists", err)
}
renderedGists := make([]*render.RenderedGist, 0, len(gists))
for _, gist := range gists {
rendered, err := render.HighlightGistPreview(gist)
if err != nil {
log.Error().Err(err).Msg("Error rendering gist preview for " + gist.Identifier() + " - " + gist.PreviewFilename)
}
renderedGists = append(renderedGists, &rendered)
}
if err = handlers.Paginate(ctx, renderedGists, pageInt, 10, "gists", "search", 2, pagination); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
ctx.SetData("htmlTitle", ctx.TrH("gist.list.search-results"))
ctx.SetData("nbHits", nbHits)
ctx.SetData("langs", langs)
ctx.SetData("searchQuery", ctx.QueryParam("q"))
return ctx.Html("search.html")
}

143
internal/web/handlers/gist/create.go Normal file
View File

@@ -0,0 +1,143 @@
package gist
import (
"github.com/google/uuid"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/validator"
"github.com/thomiceli/opengist/internal/web/context"
"net/url"
"strconv"
"strings"
)
func Create(ctx *context.Context) error {
ctx.SetData("htmlTitle", ctx.TrH("gist.new.create-a-new-gist"))
return ctx.Html("create.html")
}
func ProcessCreate(ctx *context.Context) error {
isCreate := false
if ctx.Request().URL.Path == "/" {
isCreate = true
}
err := ctx.Request().ParseForm()
if err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.bad-request"), err)
}
dto := new(db.GistDTO)
var gist *db.Gist
if isCreate {
ctx.SetData("htmlTitle", ctx.TrH("gist.new.create-a-new-gist"))
} else {
gist = ctx.GetData("gist").(*db.Gist)
ctx.SetData("htmlTitle", ctx.TrH("gist.edit.edit-gist", gist.Title))
}
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
dto.Files = make([]db.FileDTO, 0)
fileCounter := 0
for i := 0; i < len(ctx.Request().PostForm["content"]); i++ {
name := ctx.Request().PostForm["name"][i]
content := ctx.Request().PostForm["content"][i]
if name == "" {
fileCounter += 1
name = "gistfile" + strconv.Itoa(fileCounter) + ".txt"
}
escapedValue, err := url.QueryUnescape(content)
if err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.invalid-character-unescaped"), err)
}
dto.Files = append(dto.Files, db.FileDTO{
Filename: strings.Trim(name, " "),
Content: escapedValue,
})
}
ctx.SetData("dto", dto)
err = ctx.Validate(dto)
if err != nil {
ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
if isCreate {
return ctx.HtmlWithCode(400, "create.html")
} else {
files, err := gist.Files("HEAD", false)
if err != nil {
return ctx.ErrorRes(500, "Error fetching files", err)
}
ctx.SetData("files", files)
return ctx.HtmlWithCode(400, "edit.html")
}
}
if isCreate {
gist = dto.ToGist()
} else {
gist = dto.ToExistingGist(gist)
}
user := ctx.User
gist.NbFiles = len(dto.Files)
if isCreate {
uuidGist, err := uuid.NewRandom()
if err != nil {
return ctx.ErrorRes(500, "Error creating an UUID", err)
}
gist.Uuid = strings.Replace(uuidGist.String(), "-", "", -1)
gist.UserID = user.ID
gist.User = *user
}
if gist.Title == "" {
if ctx.Request().PostForm["name"][0] == "" {
gist.Title = "gist:" + gist.Uuid
} else {
gist.Title = ctx.Request().PostForm["name"][0]
}
}
if len(dto.Files) > 0 {
split := strings.Split(dto.Files[0].Content, "\n")
if len(split) > 10 {
gist.Preview = strings.Join(split[:10], "\n")
} else {
gist.Preview = dto.Files[0].Content
}
gist.PreviewFilename = dto.Files[0].Filename
}
if err = gist.InitRepository(); err != nil {
return ctx.ErrorRes(500, "Error creating the repository", err)
}
if err = gist.AddAndCommitFiles(&dto.Files); err != nil {
return ctx.ErrorRes(500, "Error adding and committing files", err)
}
if isCreate {
if err = gist.Create(); err != nil {
return ctx.ErrorRes(500, "Error creating the gist", err)
}
} else {
if err = gist.Update(); err != nil {
return ctx.ErrorRes(500, "Error updating the gist", err)
}
}
gist.AddInIndex()
gist.UpdateLanguages()
return ctx.RedirectTo("/" + user.Username + "/" + gist.Identifier())
}

18
internal/web/handlers/gist/delete.go Normal file
View File

@@ -0,0 +1,18 @@
package gist
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
)
func DeleteGist(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
if err := gist.Delete(); err != nil {
return ctx.ErrorRes(500, "Error deleting this gist", err)
}
gist.RemoveFromIndex()
ctx.AddFlash(ctx.Tr("flash.gist.deleted"), "success")
return ctx.RedirectTo("/")
}

93
internal/web/handlers/gist/download.go Normal file
View File

@@ -0,0 +1,93 @@
package gist
import (
"archive/zip"
"bytes"
"strconv"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
)
func RawFile(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
file, err := gist.File(ctx.Param("revision"), ctx.Param("file"), false)
if err != nil {
return ctx.ErrorRes(500, "Error getting file content", err)
}
if file == nil {
return ctx.NotFound("File not found")
}
contentType := handlers.GetContentTypeFromFilename(file.Filename)
ctx.Response().Header().Set("Content-Type", contentType)
return ctx.PlainText(200, file.Content)
}
func DownloadFile(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
file, err := gist.File(ctx.Param("revision"), ctx.Param("file"), false)
if err != nil {
return ctx.ErrorRes(500, "Error getting file content", err)
}
if file == nil {
return ctx.NotFound("File not found")
}
ctx.Response().Header().Set("Content-Type", "text/plain")
ctx.Response().Header().Set("Content-Disposition", "attachment; filename="+file.Filename)
ctx.Response().Header().Set("Content-Length", strconv.Itoa(len(file.Content)))
_, err = ctx.Response().Write([]byte(file.Content))
if err != nil {
return ctx.ErrorRes(500, "Error downloading the file", err)
}
return nil
}
func DownloadZip(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
revision := ctx.Param("revision")
files, err := gist.Files(revision, false)
if err != nil {
return ctx.ErrorRes(500, "Error fetching files from repository", err)
}
if len(files) == 0 {
return ctx.NotFound("No files found in this revision")
}
zipFile := new(bytes.Buffer)
zipWriter := zip.NewWriter(zipFile)
for _, file := range files {
fh := &zip.FileHeader{
Name: file.Filename,
Method: zip.Deflate,
}
f, err := zipWriter.CreateHeader(fh)
if err != nil {
return ctx.ErrorRes(500, "Error adding a file the to the zip archive", err)
}
_, err = f.Write([]byte(file.Content))
if err != nil {
return ctx.ErrorRes(500, "Error adding file content the to the zip archive", err)
}
}
err = zipWriter.Close()
if err != nil {
return ctx.ErrorRes(500, "Error closing the zip archive", err)
}
ctx.Response().Header().Set("Content-Type", "application/zip")
ctx.Response().Header().Set("Content-Disposition", "attachment; filename="+gist.Identifier()+".zip")
ctx.Response().Header().Set("Content-Length", strconv.Itoa(len(zipFile.Bytes())))
_, err = ctx.Response().Write(zipFile.Bytes())
if err != nil {
return ctx.ErrorRes(500, "Error writing the zip archive", err)
}
return nil
}

75
internal/web/handlers/gist/edit.go Normal file
View File

@@ -0,0 +1,75 @@
package gist
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/render"
"github.com/thomiceli/opengist/internal/web/context"
"strconv"
)
func Edit(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
gistDto, err := gist.ToDTO()
if err != nil {
return ctx.ErrorRes(500, "Error getting gist data", err)
}
ctx.SetData("dto", gistDto)
ctx.SetData("htmlTitle", ctx.TrH("gist.edit.edit-gist", gist.Title))
return ctx.Html("edit.html")
}
func Checkbox(ctx *context.Context) error {
filename := ctx.FormValue("file")
checkboxNb := ctx.FormValue("checkbox")
i, err := strconv.Atoi(checkboxNb)
if err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.invalid-number"), nil)
}
gist := ctx.GetData("gist").(*db.Gist)
file, err := gist.File("HEAD", filename, false)
if err != nil {
return ctx.ErrorRes(500, "Error getting file content", err)
} else if file == nil {
return ctx.NotFound("File not found")
}
markdown, err := render.Checkbox(file.Content, i)
if err != nil {
return ctx.ErrorRes(500, "Error checking checkbox", err)
}
if err = gist.AddAndCommitFile(&db.FileDTO{
Filename: filename,
Content: markdown,
}); err != nil {
return ctx.ErrorRes(500, "Error adding and committing files", err)
}
if err = gist.UpdatePreviewAndCount(true); err != nil {
return ctx.ErrorRes(500, "Error updating the gist", err)
}
return ctx.PlainText(200, "ok")
}
func EditVisibility(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
dto := new(db.VisibilityDTO)
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
gist.Private = dto.Private
if err := gist.UpdateNoTimestamps(); err != nil {
return ctx.ErrorRes(500, "Error updating this gist", err)
}
ctx.AddFlash(ctx.Tr("flash.gist.visibility-changed"), "success")
return ctx.RedirectTo("/" + gist.User.Username + "/" + gist.Identifier())
}

87
internal/web/handlers/gist/fork.go Normal file
View File

@@ -0,0 +1,87 @@
package gist
import (
"errors"
"github.com/google/uuid"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"gorm.io/gorm"
"strings"
)
func Fork(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
currentUser := ctx.User
alreadyForked, err := gist.GetForkParent(currentUser)
if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
return ctx.ErrorRes(500, "Error checking if gist is already forked", err)
}
if gist.User.ID == currentUser.ID {
ctx.AddFlash(ctx.Tr("flash.gist.fork-own-gist"), "error")
return ctx.RedirectTo("/" + gist.User.Username + "/" + gist.Identifier())
}
if alreadyForked.ID != 0 {
return ctx.RedirectTo("/" + alreadyForked.User.Username + "/" + alreadyForked.Identifier())
}
uuidGist, err := uuid.NewRandom()
if err != nil {
return ctx.ErrorRes(500, "Error creating an UUID", err)
}
newGist := &db.Gist{
Uuid: strings.Replace(uuidGist.String(), "-", "", -1),
Title: gist.Title,
Preview: gist.Preview,
PreviewFilename: gist.PreviewFilename,
Description: gist.Description,
Private: gist.Private,
UserID: currentUser.ID,
ForkedID: gist.ID,
NbFiles: gist.NbFiles,
Topics: gist.Topics,
}
if err = newGist.CreateForked(); err != nil {
return ctx.ErrorRes(500, "Error forking the gist in database", err)
}
if err = gist.ForkClone(currentUser.Username, newGist.Uuid); err != nil {
return ctx.ErrorRes(500, "Error cloning the repository while forking", err)
}
if err = gist.IncrementForkCount(); err != nil {
return ctx.ErrorRes(500, "Error incrementing the fork count", err)
}
ctx.AddFlash(ctx.Tr("flash.gist.forked"), "success")
return ctx.RedirectTo("/" + currentUser.Username + "/" + newGist.Identifier())
}
func Forks(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
pageInt := handlers.GetPage(ctx)
currentUser := ctx.User
var fromUserID uint = 0
if currentUser != nil {
fromUserID = currentUser.ID
}
forks, err := gist.GetForks(fromUserID, pageInt-1)
if err != nil {
return ctx.ErrorRes(500, "Error getting users who liked this gist", err)
}
if err = handlers.Paginate(ctx, forks, pageInt, 30, "forks", gist.User.Username+"/"+gist.Identifier()+"/forks", 2, nil); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
ctx.SetData("htmlTitle", ctx.TrH("gist.forks.for", gist.Title))
ctx.SetData("revision", "HEAD")
return ctx.Html("forks.html")
}

163
internal/web/handlers/gist/gist.go Normal file
View File

@@ -0,0 +1,163 @@
package gist
import (
"bufio"
"bytes"
gojson "encoding/json"
"fmt"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/render"
"github.com/thomiceli/opengist/internal/web/context"
"net/url"
"time"
)
func GistIndex(ctx *context.Context) error {
if ctx.GetData("gistpage") == "js" {
return GistJs(ctx)
} else if ctx.GetData("gistpage") == "json" {
return GistJson(ctx)
}
gist := ctx.GetData("gist").(*db.Gist)
revision := ctx.Param("revision")
if revision == "" {
revision = "HEAD"
}
files, err := gist.Files(revision, true)
if _, ok := err.(*git.RevisionNotFoundError); ok {
return ctx.NotFound("Revision not found")
} else if err != nil {
return ctx.ErrorRes(500, "Error fetching files", err)
}
renderedFiles := render.HighlightFiles(files)
ctx.SetData("page", "code")
ctx.SetData("commit", revision)
ctx.SetData("files", renderedFiles)
ctx.SetData("revision", revision)
ctx.SetData("htmlTitle", gist.Title)
return ctx.Html("gist.html")
}
func GistJson(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
files, err := gist.Files("HEAD", true)
if err != nil {
return ctx.ErrorRes(500, "Error fetching files", err)
}
renderedFiles := render.HighlightFiles(files)
ctx.SetData("files", renderedFiles)
topics, err := gist.GetTopics()
if err != nil {
return ctx.ErrorRes(500, "Error fetching topics for gist", err)
}
htmlbuf := bytes.Buffer{}
w := bufio.NewWriter(&htmlbuf)
if err = ctx.Echo().Renderer.Render(w, "gist_embed.html", ctx.DataMap(), ctx); err != nil {
return err
}
_ = w.Flush()
jsUrl, err := url.JoinPath(ctx.GetData("baseHttpUrl").(string), gist.User.Username, gist.Identifier()+".js")
if err != nil {
return ctx.ErrorRes(500, "Error joining js url", err)
}
cssUrl, err := url.JoinPath(ctx.GetData("baseHttpUrl").(string), context.ManifestEntries["embed.css"].File)
if err != nil {
return ctx.ErrorRes(500, "Error joining css url", err)
}
return ctx.JSON(200, map[string]interface{}{
"owner": gist.User.Username,
"id": gist.Identifier(),
"uuid": gist.Uuid,
"title": gist.Title,
"description": gist.Description,
"created_at": time.Unix(gist.CreatedAt, 0).Format(time.RFC3339),
"visibility": gist.VisibilityStr(),
"files": renderedFiles,
"topics": topics,
"embed": map[string]string{
"html": htmlbuf.String(),
"css": cssUrl,
"js": jsUrl,
"js_dark": jsUrl + "?dark",
},
})
}
func GistJs(ctx *context.Context) error {
if _, exists := ctx.QueryParams()["dark"]; exists {
ctx.SetData("dark", "dark")
}
gist := ctx.GetData("gist").(*db.Gist)
files, err := gist.Files("HEAD", true)
if err != nil {
return ctx.ErrorRes(500, "Error fetching files", err)
}
renderedFiles := render.HighlightFiles(files)
ctx.SetData("files", renderedFiles)
htmlbuf := bytes.Buffer{}
w := bufio.NewWriter(&htmlbuf)
if err = ctx.Echo().Renderer.Render(w, "gist_embed.html", ctx.DataMap(), ctx); err != nil {
return err
}
_ = w.Flush()
cssUrl, err := url.JoinPath(ctx.GetData("baseHttpUrl").(string), context.ManifestEntries["embed.css"].File)
if err != nil {
return ctx.ErrorRes(500, "Error joining css url", err)
}
js, err := escapeJavaScriptContent(htmlbuf.String(), cssUrl)
if err != nil {
return ctx.ErrorRes(500, "Error escaping JavaScript content", err)
}
ctx.Response().Header().Set("Content-Type", "application/javascript")
return ctx.PlainText(200, js)
}
func Preview(ctx *context.Context) error {
content := ctx.FormValue("content")
previewStr, err := render.MarkdownString(content)
if err != nil {
return ctx.ErrorRes(500, "Error rendering markdown", err)
}
return ctx.PlainText(200, previewStr)
}
func escapeJavaScriptContent(htmlContent, cssUrl string) (string, error) {
jsonContent, err := gojson.Marshal(htmlContent)
if err != nil {
return "", fmt.Errorf("failed to encode content: %w", err)
}
jsonCssUrl, err := gojson.Marshal(cssUrl)
if err != nil {
return "", fmt.Errorf("failed to encode CSS URL: %w", err)
}
js := fmt.Sprintf(`
document.write('<link rel="stylesheet" href=%s>');
document.write(%s);
`,
string(jsonCssUrl),
string(jsonContent),
)
return js, nil
}

52
internal/web/handlers/gist/like.go Normal file
View File

@@ -0,0 +1,52 @@
package gist
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
)
func Like(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
currentUser := ctx.User
hasLiked, err := currentUser.HasLiked(gist)
if err != nil {
return ctx.ErrorRes(500, "Error checking if user has liked a gist", err)
}
if hasLiked {
err = gist.RemoveUserLike(ctx.User)
} else {
err = gist.AppendUserLike(ctx.User)
}
if err != nil {
return ctx.ErrorRes(500, "Error liking/dislking this gist", err)
}
redirectTo := "/" + gist.User.Username + "/" + gist.Identifier()
if r := ctx.QueryParam("redirecturl"); r != "" {
redirectTo = r
}
return ctx.RedirectTo(redirectTo)
}
func Likes(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
pageInt := handlers.GetPage(ctx)
likers, err := gist.GetUsersLikes(pageInt - 1)
if err != nil {
return ctx.ErrorRes(500, "Error getting users who liked this gist", err)
}
if err = handlers.Paginate(ctx, likers, pageInt, 30, "likers", gist.User.Username+"/"+gist.Identifier()+"/likes", 1, nil); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
ctx.SetData("htmlTitle", ctx.TrH("gist.likes.for", gist.Title))
ctx.SetData("revision", "HEAD")
return ctx.Html("likes.html")
}

45
internal/web/handlers/gist/revisions.go Normal file
View File

@@ -0,0 +1,45 @@
package gist
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"strings"
)
func Revisions(ctx *context.Context) error {
gist := ctx.GetData("gist").(*db.Gist)
userName := gist.User.Username
gistName := gist.Identifier()
pageInt := handlers.GetPage(ctx)
commits, err := gist.Log((pageInt - 1) * 10)
if err != nil {
return ctx.ErrorRes(500, "Error fetching commits log", err)
}
if err := handlers.Paginate(ctx, commits, pageInt, 10, "commits", userName+"/"+gistName+"/revisions", 2, nil); err != nil {
return ctx.ErrorRes(404, ctx.Tr("error.page-not-found"), nil)
}
emailsSet := map[string]struct{}{}
for _, commit := range commits {
if commit.AuthorEmail == "" {
continue
}
emailsSet[strings.ToLower(commit.AuthorEmail)] = struct{}{}
}
emailsUsers, err := db.GetUsersFromEmails(emailsSet)
if err != nil {
return ctx.ErrorRes(500, "Error fetching users emails", err)
}
ctx.SetData("page", "revisions")
ctx.SetData("revision", "HEAD")
ctx.SetData("emails", emailsUsers)
ctx.SetData("htmlTitle", ctx.TrH("gist.revision-of", gist.Title))
return ctx.Html("revisions.html")
}

116
internal/web/git_http.go → internal/web/handlers/git/http.go
View File

@@ -1,4 +1,4 @@
package web
package git
import (
"bytes"
@@ -6,7 +6,9 @@ import (
"encoding/base64"
"errors"
"fmt"
"github.com/thomiceli/opengist/internal/utils"
"github.com/thomiceli/opengist/internal/auth/password"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"net/http"
"os"
"os/exec"
@@ -17,19 +19,17 @@ import (
"time"
"github.com/google/uuid"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/auth"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/memdb"
"gorm.io/gorm"
)
var routes = []struct {
gitUrl string
method string
handler func(ctx echo.Context) error
handler func(ctx *context.Context) error
}{
{"(.*?)/git-upload-pack$", "POST", uploadPack},
{"(.*?)/git-receive-pack$", "POST", receivePack},
@@ -44,7 +44,7 @@ var routes = []struct {
{"(.*?)/objects/pack/pack-[0-9a-f]{40}\\.idx$", "GET", idxFile},
}
func gitHttp(ctx echo.Context) error {
func GitHttp(ctx *context.Context) error {
for _, route := range routes {
matched, _ := regexp.MatchString(route.gitUrl, ctx.Request().URL.Path)
if ctx.Request().Method == route.method && matched {
@@ -52,7 +52,7 @@ func gitHttp(ctx echo.Context) error {
continue
}
gist := getData(ctx, "gist").(*db.Gist)
gist := ctx.GetData("gist").(*db.Gist)
isInit := strings.HasPrefix(ctx.Request().URL.Path, "/init/info/refs")
isInitReceive := strings.HasPrefix(ctx.Request().URL.Path, "/init/git-receive-pack")
@@ -65,13 +65,13 @@ func gitHttp(ctx echo.Context) error {
if _, err := os.Stat(repositoryPath); os.IsNotExist(err) {
if err != nil {
log.Info().Err(err).Msg("Repository directory does not exist")
return errorRes(404, "Repository directory does not exist", err)
return ctx.ErrorRes(404, "Repository directory does not exist", err)
}
}
setData(ctx, "repositoryPath", repositoryPath)
ctx.SetData("repositoryPath", repositoryPath)
allow, err := auth.ShouldAllowUnauthenticatedGistAccess(ContextAuthInfo{ctx}, true)
allow, err := auth.ShouldAllowUnauthenticatedGistAccess(handlers.ContextAuthInfo{Context: ctx}, true)
if err != nil {
log.Fatal().Err(err).Msg("Cannot check if unauthenticated access is allowed")
}
@@ -102,7 +102,7 @@ func gitHttp(ctx echo.Context) error {
if !isInit && !isInitReceive {
if gist.ID == 0 {
return plainText(ctx, 404, "Check your credentials or make sure you have access to the Gist")
return ctx.PlainText(404, "Check your credentials or make sure you have access to the Gist")
}
var userToCheckPermissions *db.User
@@ -112,29 +112,29 @@ func gitHttp(ctx echo.Context) error {
userToCheckPermissions = &gist.User
}
if ok, err := utils.Argon2id.Verify(authPassword, userToCheckPermissions.Password); !ok {
if ok, err := password.VerifyPassword(authPassword, userToCheckPermissions.Password); !ok {
if err != nil {
return errorRes(500, "Cannot verify password", err)
return ctx.ErrorRes(500, "Cannot verify password", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
return plainText(ctx, 404, "Check your credentials or make sure you have access to the Gist")
return ctx.PlainText(404, "Check your credentials or make sure you have access to the Gist")
}
} else {
var user *db.User
if user, err = db.GetUserByUsername(authUsername); err != nil {
if !errors.Is(err, gorm.ErrRecordNotFound) {
return errorRes(500, "Cannot get user", err)
return ctx.ErrorRes(500, "Cannot get user", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
return errorRes(401, "Invalid credentials", nil)
return ctx.ErrorRes(401, "Invalid credentials", nil)
}
if ok, err := utils.Argon2id.Verify(authPassword, user.Password); !ok {
if ok, err := password.VerifyPassword(authPassword, user.Password); !ok {
if err != nil {
return errorRes(500, "Cannot check for password", err)
return ctx.ErrorRes(500, "Cannot check for password", err)
}
log.Warn().Msg("Invalid HTTP authentication attempt from " + ctx.RealIP())
return errorRes(401, "Invalid credentials", nil)
return ctx.ErrorRes(401, "Invalid credentials", nil)
}
if isInit {
@@ -143,56 +143,56 @@ func gitHttp(ctx echo.Context) error {
gist.User = *user
uuidGist, err := uuid.NewRandom()
if err != nil {
return errorRes(500, "Error creating an UUID", err)
return ctx.ErrorRes(500, "Error creating an UUID", err)
}
gist.Uuid = strings.Replace(uuidGist.String(), "-", "", -1)
gist.Title = "gist:" + gist.Uuid
if err = gist.InitRepository(); err != nil {
return errorRes(500, "Cannot init repository in the file system", err)
return ctx.ErrorRes(500, "Cannot init repository in the file system", err)
}
if err = gist.Create(); err != nil {
return errorRes(500, "Cannot init repository in database", err)
return ctx.ErrorRes(500, "Cannot init repository in database", err)
}
if err := memdb.InsertGistInit(user.ID, gist); err != nil {
return errorRes(500, "Cannot save the URL for the new Gist", err)
}
setData(ctx, "gist", gist)
} else {
gistFromMemdb, err := memdb.GetGistInitAndDelete(user.ID)
err = gist.SerialiseInitRepository()
if err != nil {
return errorRes(500, "Cannot get the gist link from the in memory database", err)
return ctx.ErrorRes(500, "Cannot serialise the repository", err)
}
gist := gistFromMemdb.Gist
setData(ctx, "gist", gist)
setData(ctx, "repositoryPath", git.RepositoryPath(gist.User.Username, gist.Uuid))
ctx.SetData("gist", gist)
} else {
gist, err = db.DeserialiseInitRepository(user.Username)
if err != nil {
return ctx.ErrorRes(500, "Cannot deserialise the repository", err)
}
ctx.SetData("gist", gist)
ctx.SetData("repositoryPath", git.RepositoryPath(gist.User.Username, gist.Uuid))
}
}
return route.handler(ctx)
}
}
return notFound("Gist not found")
return ctx.NotFound("Gist not found")
}
func uploadPack(ctx echo.Context) error {
func uploadPack(ctx *context.Context) error {
return pack(ctx, "upload-pack")
}
func receivePack(ctx echo.Context) error {
func receivePack(ctx *context.Context) error {
return pack(ctx, "receive-pack")
}
func pack(ctx echo.Context, serviceType string) error {
func pack(ctx *context.Context, serviceType string) error {
noCacheHeaders(ctx)
defer ctx.Request().Body.Close()
if ctx.Request().Header.Get("Content-Type") != "application/x-git-"+serviceType+"-request" {
return errorRes(401, "Git client unsupported", nil)
return ctx.ErrorRes(401, "Git client unsupported", nil)
}
ctx.Response().Header().Set("Content-Type", "application/x-git-"+serviceType+"-result")
@@ -202,12 +202,12 @@ func pack(ctx echo.Context, serviceType string) error {
if ctx.Request().Header.Get("Content-Encoding") == "gzip" {
reqBody, err = gzip.NewReader(reqBody)
if err != nil {
return errorRes(500, "Cannot create gzip reader", err)
return ctx.ErrorRes(500, "Cannot create gzip reader", err)
}
}
repositoryPath := getData(ctx, "repositoryPath").(string)
gist := getData(ctx, "gist").(*db.Gist)
repositoryPath := ctx.GetData("repositoryPath").(string)
gist := ctx.GetData("gist").(*db.Gist)
var stderr bytes.Buffer
cmd := exec.Command("git", serviceType, "--stateless-rpc", repositoryPath)
@@ -220,17 +220,17 @@ func pack(ctx echo.Context, serviceType string) error {
cmd.Env = append(cmd.Env, "OPENGIST_REPOSITORY_ID="+strconv.Itoa(int(gist.ID)))
if err = cmd.Run(); err != nil {
return errorRes(500, "Cannot run git "+serviceType+" ; "+stderr.String(), err)
return ctx.ErrorRes(500, "Cannot run git "+serviceType+" ; "+stderr.String(), err)
}
return nil
}
func infoRefs(ctx echo.Context) error {
func infoRefs(ctx *context.Context) error {
noCacheHeaders(ctx)
var service string
gist := getData(ctx, "gist").(*db.Gist)
gist := ctx.GetData("gist").(*db.Gist)
serviceType := ctx.QueryParam("service")
if strings.HasPrefix(serviceType, "git-") {
@@ -239,14 +239,14 @@ func infoRefs(ctx echo.Context) error {
if service != "upload-pack" && service != "receive-pack" {
if err := gist.UpdateServerInfo(); err != nil {
return errorRes(500, "Cannot update server info", err)
return ctx.ErrorRes(500, "Cannot update server info", err)
}
return sendFile(ctx, "text/plain; charset=utf-8")
}
refs, err := gist.RPC(service)
if err != nil {
return errorRes(500, "Cannot run git "+service, err)
return ctx.ErrorRes(500, "Cannot run git "+service, err)
}
ctx.Response().Header().Set("Content-Type", "application/x-git-"+service+"-advertisement")
@@ -258,38 +258,38 @@ func infoRefs(ctx echo.Context) error {
return nil
}
func textFile(ctx echo.Context) error {
func textFile(ctx *context.Context) error {
noCacheHeaders(ctx)
return sendFile(ctx, "text/plain")
}
func infoPacks(ctx echo.Context) error {
func infoPacks(ctx *context.Context) error {
cacheHeadersForever(ctx)
return sendFile(ctx, "text/plain; charset=utf-8")
}
func looseObject(ctx echo.Context) error {
func looseObject(ctx *context.Context) error {
cacheHeadersForever(ctx)
return sendFile(ctx, "application/x-git-loose-object")
}
func packFile(ctx echo.Context) error {
func packFile(ctx *context.Context) error {
cacheHeadersForever(ctx)
return sendFile(ctx, "application/x-git-packed-objects")
}
func idxFile(ctx echo.Context) error {
func idxFile(ctx *context.Context) error {
cacheHeadersForever(ctx)
return sendFile(ctx, "application/x-git-packed-objects-toc")
}
func noCacheHeaders(ctx echo.Context) {
func noCacheHeaders(ctx *context.Context) {
ctx.Response().Header().Set("Expires", "Thu, 01 Jan 1970 00:00:00 UTC")
ctx.Response().Header().Set("Pragma", "no-cache")
ctx.Response().Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")
}
func cacheHeadersForever(ctx echo.Context) {
func cacheHeadersForever(ctx *context.Context) {
now := time.Now().Unix()
expires := now + 31536000
ctx.Response().Header().Set("Date", fmt.Sprintf("%d", now))
@@ -297,9 +297,9 @@ func cacheHeadersForever(ctx echo.Context) {
ctx.Response().Header().Set("Cache-Control", "public, max-age=31536000")
}
func basicAuth(ctx echo.Context) error {
func basicAuth(ctx *context.Context) error {
ctx.Response().Header().Set("WWW-Authenticate", `Basic realm="."`)
return plainText(ctx, 401, "Requires authentication")
return ctx.PlainText(401, "Requires authentication")
}
func basicAuthDecode(encoded string) (string, string, error) {
@@ -312,12 +312,12 @@ func basicAuthDecode(encoded string) (string, string, error) {
return auth[0], auth[1], nil
}
func sendFile(ctx echo.Context, contentType string) error {
func sendFile(ctx *context.Context, contentType string) error {
gitFile := "/" + strings.Join(strings.Split(ctx.Request().URL.Path, "/")[3:], "/")
gitFile = path.Join(getData(ctx, "repositoryPath").(string), gitFile)
gitFile = path.Join(ctx.GetData("repositoryPath").(string), gitFile)
fi, err := os.Stat(gitFile)
if os.IsNotExist(err) {
return errorRes(404, "File not found", nil)
return ctx.ErrorRes(404, "File not found", nil)
}
ctx.Response().Header().Set("Content-Type", contentType)
ctx.Response().Header().Set("Content-Length", fmt.Sprintf("%d", fi.Size()))

12
internal/web/healthcheck.go → internal/web/handlers/health/healthcheck.go
View File

@@ -1,12 +1,12 @@
package web
package health
import (
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
"time"
)
func healthcheck(ctx echo.Context) error {
func Healthcheck(ctx *context.Context) error {
// Check database connection
dbOk := "ok"
httpStatus := 200
@@ -23,9 +23,3 @@ func healthcheck(ctx echo.Context) error {
"time": time.Now().Format(time.RFC3339),
})
}
// metrics is a dummy handler to satisfy the /metrics endpoint (for Prometheus, Openmetrics, etc.)
// until we have a proper metrics endpoint
func metrics(ctx echo.Context) error {
return ctx.String(200, "")
}

9
internal/web/handlers/health/metrics.go Normal file
View File

@@ -0,0 +1,9 @@
package health
import "github.com/thomiceli/opengist/internal/web/context"
// Metrics is a dummy handler to satisfy the /metrics endpoint (for Prometheus, Openmetrics, etc.)
// until we have a proper metrics endpoint
func Metrics(ctx *context.Context) error {
return ctx.String(200, "")
}

87
internal/web/handlers/settings/account.go Normal file
View File

@@ -0,0 +1,87 @@
package settings
import (
"crypto/md5"
"fmt"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/validator"
"github.com/thomiceli/opengist/internal/web/context"
"os"
"path/filepath"
"strings"
"time"
)
func EmailProcess(ctx *context.Context) error {
user := ctx.User
email := ctx.FormValue("email")
var hash string
if email == "" {
// generate random md5 string
hash = fmt.Sprintf("%x", md5.Sum([]byte(time.Now().String())))
} else {
hash = fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(email)))))
}
user.Email = strings.ToLower(email)
user.MD5Hash = hash
if err := user.Update(); err != nil {
return ctx.ErrorRes(500, "Cannot update email", err)
}
ctx.AddFlash(ctx.Tr("flash.user.email-updated"), "success")
return ctx.RedirectTo("/settings")
}
func AccountDeleteProcess(ctx *context.Context) error {
user := ctx.User
if err := user.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete this user", err)
}
return ctx.RedirectTo("/all")
}
func UsernameProcess(ctx *context.Context) error {
user := ctx.User
dto := new(db.UserUsernameDTO)
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
return ctx.RedirectTo("/settings")
}
if exists, err := db.UserExists(dto.Username); err != nil || exists {
ctx.AddFlash(ctx.Tr("flash.auth.username-exists"), "error")
return ctx.RedirectTo("/settings")
}
sourceDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(user.Username))
destinationDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(dto.Username))
if _, err := os.Stat(sourceDir); !os.IsNotExist(err) {
err := os.Rename(sourceDir, destinationDir)
if err != nil {
return ctx.ErrorRes(500, "Cannot rename user directory", err)
}
}
user.Username = dto.Username
if err := user.Update(); err != nil {
return ctx.ErrorRes(500, "Cannot update username", err)
}
ctx.AddFlash(ctx.Tr("flash.user.username-updated"), "success")
return ctx.RedirectTo("/settings")
}

58
internal/web/handlers/settings/auth.go Normal file
View File

@@ -0,0 +1,58 @@
package settings
import (
passwordpkg "github.com/thomiceli/opengist/internal/auth/password"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/validator"
"github.com/thomiceli/opengist/internal/web/context"
"strconv"
)
func PasskeyDelete(ctx *context.Context) error {
user := ctx.User
keyId, err := strconv.Atoi(ctx.Param("id"))
if err != nil {
return ctx.RedirectTo("/settings")
}
passkey, err := db.GetCredentialByIDDB(uint(keyId))
if err != nil || passkey.UserID != user.ID {
return ctx.RedirectTo("/settings")
}
if err := passkey.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete passkey", err)
}
ctx.AddFlash(ctx.Tr("flash.auth.passkey-deleted"), "success")
return ctx.RedirectTo("/settings")
}
func PasswordProcess(ctx *context.Context) error {
user := ctx.User
dto := new(db.UserDTO)
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
dto.Username = user.Username
if err := ctx.Validate(dto); err != nil {
ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
return ctx.Html("settings.html")
}
password, err := passwordpkg.HashPassword(dto.Password)
if err != nil {
return ctx.ErrorRes(500, "Cannot hash password", err)
}
user.Password = password
if err = user.Update(); err != nil {
return ctx.ErrorRes(500, "Cannot update password", err)
}
ctx.AddFlash(ctx.Tr("flash.user.password-updated"), "success")
return ctx.RedirectTo("/settings")
}

34
internal/web/handlers/settings/settings.go Normal file
View File

@@ -0,0 +1,34 @@
package settings
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/web/context"
)
func UserSettings(ctx *context.Context) error {
user := ctx.User
keys, err := db.GetSSHKeysByUserID(user.ID)
if err != nil {
return ctx.ErrorRes(500, "Cannot get SSH keys", err)
}
passkeys, err := db.GetAllCredentialsForUser(user.ID)
if err != nil {
return ctx.ErrorRes(500, "Cannot get WebAuthn credentials", err)
}
_, hasTotp, err := user.HasMFA()
if err != nil {
return ctx.ErrorRes(500, "Cannot get MFA status", err)
}
ctx.SetData("email", user.Email)
ctx.SetData("sshKeys", keys)
ctx.SetData("passkeys", passkeys)
ctx.SetData("hasTotp", hasTotp)
ctx.SetData("hasPassword", user.Password != "")
ctx.SetData("disableForm", ctx.GetData("DisableLoginForm"))
ctx.SetData("htmlTitle", ctx.TrH("settings"))
return ctx.Html("settings.html")
}

71
internal/web/handlers/settings/sshkey.go Normal file
View File

@@ -0,0 +1,71 @@
package settings
import (
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/validator"
"github.com/thomiceli/opengist/internal/web/context"
"golang.org/x/crypto/ssh"
"strconv"
"strings"
)
func SshKeysProcess(ctx *context.Context) error {
user := ctx.User
dto := new(db.SSHKeyDTO)
if err := ctx.Bind(dto); err != nil {
return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
return ctx.RedirectTo("/settings")
}
key := dto.ToSSHKey()
key.UserID = user.ID
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
if err != nil {
ctx.AddFlash(ctx.Tr("flash.user.invalid-ssh-key"), "error")
return ctx.RedirectTo("/settings")
}
key.Content = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
if exists, err := db.SSHKeyDoesExists(key.Content); exists {
if err != nil {
return ctx.ErrorRes(500, "Cannot check if SSH key exists", err)
}
ctx.AddFlash(ctx.Tr("settings.ssh-key-exists"), "error")
return ctx.RedirectTo("/settings")
}
if err := key.Create(); err != nil {
return ctx.ErrorRes(500, "Cannot add SSH key", err)
}
ctx.AddFlash(ctx.Tr("flash.user.ssh-key-added"), "success")
return ctx.RedirectTo("/settings")
}
func SshKeysDelete(ctx *context.Context) error {
user := ctx.User
keyId, err := strconv.Atoi(ctx.Param("id"))
if err != nil {
return ctx.RedirectTo("/settings")
}
key, err := db.GetSSHKeyByID(uint(keyId))
if err != nil || key.UserID != user.ID {
return ctx.RedirectTo("/settings")
}
if err := key.Delete(); err != nil {
return ctx.ErrorRes(500, "Cannot delete SSH key", err)
}
ctx.AddFlash(ctx.Tr("flash.user.ssh-key-deleted"), "success")
return ctx.RedirectTo("/settings")
}

152
internal/web/handlers/util.go Normal file
View File

@@ -0,0 +1,152 @@
package handlers
import (
"errors"
"github.com/gorilla/schema"
"html/template"
"net/url"
"path/filepath"
"strconv"
"strings"
"github.com/thomiceli/opengist/internal/web/context"
)
func GetPage(ctx *context.Context) int {
page := ctx.QueryParam("page")
if page == "" {
page = "1"
}
pageInt, err := strconv.Atoi(page)
if err != nil {
pageInt = 1
}
ctx.SetData("currPage", pageInt)
return pageInt
}
type PaginationParams struct {
Page int `schema:"page,omitempty"`
Sort string `schema:"sort,omitempty"`
Order string `schema:"order,omitempty"`
Title string `schema:"title,omitempty"`
Visibility string `schema:"visibility,omitempty"`
Language string `schema:"language,omitempty"`
Topics string `schema:"topics,omitempty"`
Query string `schema:"q,omitempty"`
HasPrevious bool `schema:"-"` // Exclude from URL parameters
HasNext bool `schema:"-"`
}
var encoder = schema.NewEncoder()
func (p PaginationParams) String() string {
values := url.Values{}
err := encoder.Encode(p, values)
if err != nil {
return ""
}
if len(values) == 0 {
return ""
}
return "?" + values.Encode()
}
func (p PaginationParams) NextURL() template.URL {
p.Page++
return template.URL(p.String())
}
func (p PaginationParams) PreviousURL() template.URL {
p.Page--
return template.URL(p.String())
}
func (p PaginationParams) WithParams(pairs ...string) template.URL {
values := url.Values{}
_ = encoder.Encode(p, values)
// reset page
values.Del("page")
for i := 0; i < len(pairs); i += 2 {
values.Set(pairs[i], pairs[i+1])
}
return template.URL("?" + values.Encode())
}
func Paginate[T any](ctx *context.Context, data []*T, pageInt int, perPage int, templateDataName string, urlPage string, labels int, params *PaginationParams) error {
var paginationParams PaginationParams
if params == nil {
paginationParams = PaginationParams{}
} else {
paginationParams = *params
}
paginationParams.Page = pageInt
lenData := len(data)
if lenData == 0 && pageInt != 1 {
return errors.New("page not found")
}
if lenData > perPage {
if lenData > 1 {
data = data[:lenData-1]
}
paginationParams.HasNext = true
}
if pageInt > 1 {
paginationParams.HasPrevious = true
}
ctx.SetData("pagination", paginationParams)
switch labels {
case 1:
ctx.SetData("prevLabel", ctx.TrH("pagination.previous"))
ctx.SetData("nextLabel", ctx.TrH("pagination.next"))
case 2:
ctx.SetData("prevLabel", ctx.TrH("pagination.newer"))
ctx.SetData("nextLabel", ctx.TrH("pagination.older"))
}
ctx.SetData("urlPage", urlPage)
ctx.SetData(templateDataName, data)
return nil
}
func ParseSearchQueryStr(query string) (string, map[string]string) {
words := strings.Fields(query)
metadata := make(map[string]string)
var contentBuilder strings.Builder
for _, word := range words {
if strings.Contains(word, ":") {
keyValue := strings.SplitN(word, ":", 2)
if len(keyValue) == 2 {
key := keyValue[0]
value := keyValue[1]
metadata[key] = value
}
} else {
contentBuilder.WriteString(word + " ")
}
}
content := strings.TrimSpace(contentBuilder.String())
return content, metadata
}
func GetContentTypeFromFilename(filename string) string {
ext := strings.ToLower(filepath.Ext(filename))
switch ext {
case ".css":
return "text/css"
default:
return "text/plain"
}
}

626
internal/web/server.go
View File

@@ -1,626 +0,0 @@
package web
import (
"context"
gojson "encoding/json"
"errors"
"fmt"
htmlpkg "html"
"html/template"
"io"
"net/http"
"net/url"
"os"
"path"
"path/filepath"
"regexp"
"strconv"
"strings"
"time"
"github.com/thomiceli/opengist/internal/index"
"github.com/thomiceli/opengist/internal/utils"
"github.com/thomiceli/opengist/templates"
"github.com/gorilla/sessions"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
"github.com/markbates/goth/gothic"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/auth"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/public"
"golang.org/x/text/language"
)
var (
dev bool
flashStore *sessions.CookieStore // session store for flash messages
userStore *sessions.FilesystemStore // session store for user sessions
re = regexp.MustCompile("[^a-z0-9]+")
fm = template.FuncMap{
"split": strings.Split,
"indexByte": strings.IndexByte,
"toInt": func(i string) int {
val, _ := strconv.Atoi(i)
return val
},
"inc": func(i int) int {
return i + 1
},
"splitGit": func(i string) []string {
return strings.FieldsFunc(i, func(r rune) bool {
return r == ',' || r == ' '
})
},
"lines": func(i string) []string {
return strings.Split(i, "\n")
},
"isMarkdown": func(i string) bool {
return strings.ToLower(filepath.Ext(i)) == ".md"
},
"isCsv": func(i string) bool {
return strings.ToLower(filepath.Ext(i)) == ".csv"
},
"isSvg": func(i string) bool {
return strings.ToLower(filepath.Ext(i)) == ".svg"
},
"csvFile": func(file *git.File) *git.CsvFile {
if strings.ToLower(filepath.Ext(file.Filename)) != ".csv" {
return nil
}
csvFile, err := git.ParseCsv(file)
if err != nil {
return nil
}
return csvFile
},
"httpStatusText": http.StatusText,
"loadedTime": func(startTime time.Time) string {
return fmt.Sprint(time.Since(startTime).Nanoseconds()/1e6) + "ms"
},
"slug": func(s string) string {
return strings.Trim(re.ReplaceAllString(strings.ToLower(s), "-"), "-")
},
"avatarUrl": func(user *db.User, noGravatar bool) string {
if user.AvatarURL != "" {
return user.AvatarURL
}
if user.MD5Hash != "" && !noGravatar {
return "https://www.gravatar.com/avatar/" + user.MD5Hash + "?d=identicon&s=200"
}
return defaultAvatar()
},
"asset": asset,
"custom": customAsset,
"dev": func() bool {
return dev
},
"defaultAvatar": defaultAvatar,
"visibilityStr": func(visibility db.Visibility, lowercase bool) string {
s := "Public"
switch visibility {
case 1:
s = "Unlisted"
case 2:
s = "Private"
}
if lowercase {
return strings.ToLower(s)
}
return s
},
"unescape": htmlpkg.UnescapeString,
"join": func(s ...string) string {
return strings.Join(s, "")
},
"toStr": func(i interface{}) string {
return fmt.Sprint(i)
},
"safe": func(s string) template.HTML {
return template.HTML(s)
},
"dict": func(values ...interface{}) (map[string]interface{}, error) {
if len(values)%2 != 0 {
return nil, errors.New("invalid dict call")
}
dict := make(map[string]interface{})
for i := 0; i < len(values); i += 2 {
key, ok := values[i].(string)
if !ok {
return nil, errors.New("dict keys must be strings")
}
dict[key] = values[i+1]
}
return dict, nil
},
"addMetadataToSearchQuery": addMetadataToSearchQuery,
"indexEnabled": index.Enabled,
"isUrl": func(s string) bool {
_, err := url.ParseRequestURI(s)
return err == nil
},
}
)
type Template struct {
templates *template.Template
}
func (t *Template) Render(w io.Writer, name string, data interface{}, _ echo.Context) error {
return t.templates.ExecuteTemplate(w, name, data)
}
type Server struct {
echo *echo.Echo
dev bool
}
func NewServer(isDev bool, sessionsPath string, ignoreCsrf bool) *Server {
dev = isDev
flashStore = sessions.NewCookieStore([]byte("opengist"))
encryptKey, _ := utils.GenerateSecretKey(filepath.Join(sessionsPath, "session-encrypt.key"))
userStore = sessions.NewFilesystemStore(sessionsPath, config.SecretKey, encryptKey)
userStore.MaxLength(10 * 1024)
gothic.Store = userStore
e := echo.New()
e.HideBanner = true
e.HidePort = true
if err := i18n.Locales.LoadAll(); err != nil {
log.Fatal().Err(err).Msg("Failed to load locales")
}
e.Use(dataInit)
e.Use(locale)
e.Pre(middleware.MethodOverrideWithConfig(middleware.MethodOverrideConfig{
Getter: middleware.MethodFromForm("_method"),
}))
e.Pre(middleware.RemoveTrailingSlash())
e.Pre(middleware.CORS())
e.Pre(middleware.RequestLoggerWithConfig(middleware.RequestLoggerConfig{
LogURI: true, LogStatus: true, LogMethod: true,
LogValuesFunc: func(ctx echo.Context, v middleware.RequestLoggerValues) error {
log.Info().Str("uri", v.URI).Int("status", v.Status).Str("method", v.Method).
Str("ip", ctx.RealIP()).TimeDiff("duration", time.Now(), v.StartTime).
Msg("HTTP")
return nil
},
}))
e.Use(middleware.Recover())
e.Use(middleware.Secure())
t := template.Must(template.New("t").Funcs(fm).ParseFS(templates.Files, "*/*.html"))
customPattern := filepath.Join(config.GetHomeDir(), "custom", "*.html")
matches, err := filepath.Glob(customPattern)
if err != nil {
log.Fatal().Err(err).Msg("Failed to check for custom templates")
}
if len(matches) > 0 {
t, err = t.ParseGlob(customPattern)
if err != nil {
log.Fatal().Err(err).Msg("Failed to parse custom templates")
}
}
e.Renderer = &Template{
templates: t,
}
e.HTTPErrorHandler = func(er error, ctx echo.Context) {
var httpErr *echo.HTTPError
if errors.As(er, &httpErr) {
acceptJson := strings.Contains(ctx.Request().Header.Get("Accept"), "application/json")
setData(ctx, "error", er)
if acceptJson {
if fatalErr := jsonWithCode(ctx, httpErr.Code, httpErr); fatalErr != nil {
log.Fatal().Err(fatalErr).Send()
}
} else {
if fatalErr := htmlWithCode(ctx, httpErr.Code, "error.html"); fatalErr != nil {
log.Fatal().Err(fatalErr).Send()
}
}
} else {
log.Fatal().Err(er).Send()
}
}
e.Use(sessionInit)
e.Validator = utils.NewValidator()
if !dev {
parseManifestEntries()
}
// Web based routes
g1 := e.Group("")
{
if !ignoreCsrf {
g1.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
TokenLookup: "form:_csrf,header:X-CSRF-Token",
CookiePath: "/",
CookieHTTPOnly: true,
CookieSameSite: http.SameSiteStrictMode,
}))
g1.Use(csrfInit)
}
g1.GET("/", create, logged)
g1.POST("/", processCreate, logged)
g1.POST("/preview", preview, logged)
g1.GET("/healthcheck", healthcheck)
g1.GET("/metrics", metrics)
g1.GET("/register", register)
g1.POST("/register", processRegister)
g1.GET("/login", login)
g1.POST("/login", processLogin)
g1.GET("/logout", logout)
g1.GET("/oauth/:provider", oauth)
g1.GET("/oauth/:provider/callback", oauthCallback)
g1.GET("/oauth/:provider/unlink", oauthUnlink, logged)
g1.POST("/webauthn/bind", beginWebAuthnBinding, logged)
g1.POST("/webauthn/bind/finish", finishWebAuthnBinding, logged)
g1.POST("/webauthn/login", beginWebAuthnLogin)
g1.POST("/webauthn/login/finish", finishWebAuthnLogin)
g1.POST("/webauthn/assertion", beginWebAuthnAssertion, inMFASession)
g1.POST("/webauthn/assertion/finish", finishWebAuthnAssertion, inMFASession)
g1.GET("/mfa", mfa, inMFASession)
g1.POST("/mfa/totp/assertion", assertTotp, inMFASession)
g1.GET("/settings", userSettings, logged)
g1.POST("/settings/email", emailProcess, logged)
g1.DELETE("/settings/account", accountDeleteProcess, logged)
g1.POST("/settings/ssh-keys", sshKeysProcess, logged)
g1.DELETE("/settings/ssh-keys/:id", sshKeysDelete, logged)
g1.DELETE("/settings/passkeys/:id", passkeyDelete, logged)
g1.PUT("/settings/password", passwordProcess, logged)
g1.PUT("/settings/username", usernameProcess, logged)
g1.GET("/settings/totp/generate", beginTotp, logged)
g1.POST("/settings/totp/generate", finishTotp, logged)
g1.DELETE("/settings/totp", disableTotp, logged)
g1.POST("/settings/totp/regenerate", regenerateTotpRecoveryCodes, logged)
g2 := g1.Group("/admin-panel")
{
g2.Use(adminPermission)
g2.GET("", adminIndex)
g2.GET("/users", adminUsers)
g2.POST("/users/:user/delete", adminUserDelete)
g2.GET("/gists", adminGists)
g2.POST("/gists/:gist/delete", adminGistDelete)
g2.GET("/invitations", adminInvitations)
g2.POST("/invitations", adminInvitationsCreate)
g2.POST("/invitations/:id/delete", adminInvitationsDelete)
g2.POST("/sync-fs", adminSyncReposFromFS)
g2.POST("/sync-db", adminSyncReposFromDB)
g2.POST("/gc-repos", adminGcRepos)
g2.POST("/sync-previews", adminSyncGistPreviews)
g2.POST("/reset-hooks", adminResetHooks)
g2.POST("/index-gists", adminIndexGists)
g2.GET("/configuration", adminConfig)
g2.PUT("/set-config", adminSetConfig)
}
if config.C.HttpGit {
e.Any("/init/*", gitHttp, gistNewPushSoftInit)
}
g1.GET("/all", allGists, checkRequireLogin)
if index.Enabled() {
g1.GET("/search", search, checkRequireLogin)
} else {
g1.GET("/search", allGists, checkRequireLogin)
}
g1.GET("/:user", allGists, checkRequireLogin)
g1.GET("/:user/liked", allGists, checkRequireLogin)
g1.GET("/:user/forked", allGists, checkRequireLogin)
g3 := g1.Group("/:user/:gistname")
{
g3.Use(makeCheckRequireLogin(true), gistInit)
g3.GET("", gistIndex)
g3.GET("/rev/:revision", gistIndex)
g3.GET("/revisions", revisions)
g3.GET("/archive/:revision", downloadZip)
g3.POST("/visibility", editVisibility, logged, writePermission)
g3.POST("/delete", deleteGist, logged, writePermission)
g3.GET("/raw/:revision/:file", rawFile)
g3.GET("/download/:revision/:file", downloadFile)
g3.GET("/edit", edit, logged, writePermission)
g3.POST("/edit", processCreate, logged, writePermission)
g3.POST("/like", like, logged)
g3.GET("/likes", likes, checkRequireLogin)
g3.POST("/fork", fork, logged)
g3.GET("/forks", forks, checkRequireLogin)
g3.PUT("/checkbox", checkbox, logged, writePermission)
}
}
customFs := os.DirFS(filepath.Join(config.GetHomeDir(), "custom"))
e.GET("/assets/*", func(ctx echo.Context) error {
if _, err := public.Files.Open(path.Join("assets", ctx.Param("*"))); !dev && err == nil {
ctx.Response().Header().Set("Cache-Control", "public, max-age=31536000")
ctx.Response().Header().Set("Expires", time.Now().AddDate(1, 0, 0).Format(http.TimeFormat))
return echo.WrapHandler(http.FileServer(http.FS(public.Files)))(ctx)
}
// if the custom file is an .html template, render it
if strings.HasSuffix(ctx.Param("*"), ".html") {
if err := html(ctx, ctx.Param("*")); err != nil {
return notFound("Page not found")
}
return nil
}
return echo.WrapHandler(http.StripPrefix("/assets/", http.FileServer(http.FS(customFs))))(ctx)
})
// Git HTTP routes
if config.C.HttpGit {
e.Any("/:user/:gistname/*", gitHttp, gistSoftInit)
}
e.Any("/*", noRouteFound)
return &Server{echo: e, dev: dev}
}
func (s *Server) Start() {
addr := config.C.HttpHost + ":" + config.C.HttpPort
log.Info().Msg("Starting HTTP server on http://" + addr)
if err := s.echo.Start(addr); err != nil && err != http.ErrServerClosed {
log.Fatal().Err(err).Msg("Failed to start HTTP server")
}
}
func (s *Server) Stop() {
if err := s.echo.Close(); err != nil {
log.Fatal().Err(err).Msg("Failed to stop HTTP server")
}
}
func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
s.echo.ServeHTTP(w, r)
}
func dataInit(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
ctxValue := context.WithValue(ctx.Request().Context(), dataKey, echo.Map{})
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
setData(ctx, "loadStartTime", time.Now())
if err := loadSettings(ctx); err != nil {
return errorRes(500, "Cannot read settings from database", err)
}
setData(ctx, "c", config.C)
setData(ctx, "githubOauth", config.C.GithubClientKey != "" && config.C.GithubSecret != "")
setData(ctx, "gitlabOauth", config.C.GitlabClientKey != "" && config.C.GitlabSecret != "")
setData(ctx, "giteaOauth", config.C.GiteaClientKey != "" && config.C.GiteaSecret != "")
setData(ctx, "oidcOauth", config.C.OIDCClientKey != "" && config.C.OIDCSecret != "" && config.C.OIDCDiscoveryUrl != "")
httpProtocol := "http"
if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
httpProtocol = "https"
}
setData(ctx, "httpProtocol", strings.ToUpper(httpProtocol))
var baseHttpUrl string
// if a custom external url is set, use it
if config.C.ExternalUrl != "" {
baseHttpUrl = config.C.ExternalUrl
} else {
baseHttpUrl = httpProtocol + "://" + ctx.Request().Host
}
setData(ctx, "baseHttpUrl", baseHttpUrl)
return next(ctx)
}
}
func locale(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
// Check URL arguments
lang := ctx.Request().URL.Query().Get("lang")
changeLang := lang != ""
// Then check cookies
if len(lang) == 0 {
cookie, _ := ctx.Request().Cookie("lang")
if cookie != nil {
lang = cookie.Value
}
}
// Check again in case someone changes the supported language list.
if lang != "" && !i18n.Locales.HasLocale(lang) {
lang = ""
changeLang = false
}
// 3.Then check from 'Accept-Language' header.
if len(lang) == 0 {
tags, _, _ := language.ParseAcceptLanguage(ctx.Request().Header.Get("Accept-Language"))
lang = i18n.Locales.MatchTag(tags)
}
if changeLang {
ctx.SetCookie(&http.Cookie{Name: "lang", Value: lang, Path: "/", MaxAge: 1<<31 - 1})
}
localeUsed, err := i18n.Locales.GetLocale(lang)
if err != nil {
return errorRes(500, "Cannot get locale", err)
}
setData(ctx, "localeName", localeUsed.Name)
setData(ctx, "locale", localeUsed)
setData(ctx, "allLocales", i18n.Locales.Locales)
return next(ctx)
}
}
func sessionInit(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
sess := getSession(ctx)
if sess.Values["user"] != nil {
var err error
var user *db.User
if user, err = db.GetUserById(sess.Values["user"].(uint)); err != nil {
sess.Values["user"] = nil
saveSession(sess, ctx)
setData(ctx, "userLogged", nil)
return redirect(ctx, "/all")
}
if user != nil {
setData(ctx, "userLogged", user)
}
return next(ctx)
}
setData(ctx, "userLogged", nil)
return next(ctx)
}
}
func csrfInit(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
setCsrfHtmlForm(ctx)
return next(ctx)
}
}
func writePermission(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
gist := getData(ctx, "gist")
user := getUserLogged(ctx)
if !gist.(*db.Gist).CanWrite(user) {
return redirect(ctx, "/"+gist.(*db.Gist).User.Username+"/"+gist.(*db.Gist).Identifier())
}
return next(ctx)
}
}
func adminPermission(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
user := getUserLogged(ctx)
if user == nil || !user.IsAdmin {
return notFound("User not found")
}
return next(ctx)
}
}
func logged(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
user := getUserLogged(ctx)
if user != nil {
return next(ctx)
}
return redirect(ctx, "/all")
}
}
func inMFASession(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
sess := getSession(ctx)
_, ok := sess.Values["mfaID"].(uint)
if !ok {
return errorRes(400, tr(ctx, "error.not-in-mfa-session"), nil)
}
return next(ctx)
}
}
func makeCheckRequireLogin(isSingleGistAccess bool) echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
if user := getUserLogged(ctx); user != nil {
return next(ctx)
}
allow, err := auth.ShouldAllowUnauthenticatedGistAccess(ContextAuthInfo{ctx}, isSingleGistAccess)
if err != nil {
log.Fatal().Err(err).Msg("Failed to check if unauthenticated access is allowed")
}
if !allow {
addFlash(ctx, tr(ctx, "flash.auth.must-be-logged-in"), "error")
return redirect(ctx, "/login")
}
return next(ctx)
}
}
}
func checkRequireLogin(next echo.HandlerFunc) echo.HandlerFunc {
return makeCheckRequireLogin(false)(next)
}
func noRouteFound(echo.Context) error {
return notFound("Page not found")
}
// ---
type Asset struct {
File string `json:"file"`
}
var manifestEntries map[string]Asset
func parseManifestEntries() {
file, err := public.Files.Open("manifest.json")
if err != nil {
log.Fatal().Err(err).Msg("Failed to open manifest.json")
}
byteValue, err := io.ReadAll(file)
if err != nil {
log.Fatal().Err(err).Msg("Failed to read manifest.json")
}
if err = gojson.Unmarshal(byteValue, &manifestEntries); err != nil {
log.Fatal().Err(err).Msg("Failed to unmarshal manifest.json")
}
}
func defaultAvatar() string {
if dev {
return "http://localhost:16157/default.png"
}
return config.C.ExternalUrl + "/" + manifestEntries["default.png"].File
}
func asset(file string) string {
if dev {
return "http://localhost:16157/" + file
}
return config.C.ExternalUrl + "/" + manifestEntries[file].File
}
func customAsset(file string) string {
assetpath, err := url.JoinPath("/", "assets", file)
if err != nil {
log.Error().Err(err).Msgf("Failed to join path for custom file %s", file)
}
return config.C.ExternalUrl + assetpath
}

40
internal/web/server/handler.go Normal file
View File

@@ -0,0 +1,40 @@
package server
import (
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/web/context"
)
type Handler func(ctx *context.Context) error
type Middleware func(next Handler) Handler
func (h Handler) toEcho() echo.HandlerFunc {
return func(c echo.Context) error {
return h(c.(*context.Context))
}
}
func (m Middleware) toEcho() echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return m(func(c *context.Context) error {
return next(c)
}).toEcho()
}
}
func (h Handler) toEchoHandler() echo.HandlerFunc {
return func(c echo.Context) error {
if ogc, ok := c.(*context.Context); ok {
return h(ogc)
}
// Could also add error handling for incorrect context type
return h(c.(*context.Context))
}
}
func chain(h Handler, middleware ...Middleware) Handler {
for i := len(middleware) - 1; i >= 0; i-- {
h = middleware[i](h)
}
return h
}

420
internal/web/server/middlewares.go Normal file
View File

@@ -0,0 +1,420 @@
package server
import (
"errors"
"fmt"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/auth"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"golang.org/x/text/cases"
"golang.org/x/text/language"
"html/template"
"net/http"
"path/filepath"
"regexp"
"strings"
"time"
)
func (s *Server) useCustomContext() {
s.echo.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
cc := context.NewContext(c, s.sessionsPath)
return next(cc)
}
})
}
func (s *Server) registerMiddlewares() {
s.echo.Use(Middleware(dataInit).toEcho())
s.echo.Use(Middleware(locale).toEcho())
s.echo.Pre(middleware.MethodOverrideWithConfig(middleware.MethodOverrideConfig{
Getter: middleware.MethodFromForm("_method"),
}))
s.echo.Pre(middleware.RemoveTrailingSlash())
s.echo.Pre(middleware.CORS())
s.echo.Pre(middleware.RequestLoggerWithConfig(middleware.RequestLoggerConfig{
LogURI: true, LogStatus: true, LogMethod: true,
LogValuesFunc: func(ctx echo.Context, v middleware.RequestLoggerValues) error {
log.Info().Str("uri", v.URI).Int("status", v.Status).Str("method", v.Method).
Str("ip", ctx.RealIP()).TimeDiff("duration", time.Now(), v.StartTime).
Msg("HTTP")
return nil
},
}))
//s.echo.Use(middleware.Recover())
s.echo.Use(middleware.Secure())
s.echo.Use(Middleware(sessionInit).toEcho())
if !s.ignoreCsrf {
s.echo.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
TokenLookup: "form:_csrf,header:X-CSRF-Token",
CookiePath: "/",
CookieHTTPOnly: true,
CookieSameSite: http.SameSiteStrictMode,
Skipper: func(ctx echo.Context) bool {
/* skip CSRF for embeds */
gistName := ctx.Param("gistname")
/* skip CSRF for git clients */
matchUploadPack, _ := regexp.MatchString("(.*?)/git-upload-pack$", ctx.Request().URL.Path)
matchReceivePack, _ := regexp.MatchString("(.*?)/git-receive-pack$", ctx.Request().URL.Path)
return filepath.Ext(gistName) == ".js" || matchUploadPack || matchReceivePack
},
ErrorHandler: func(err error, c echo.Context) error {
log.Info().Err(err).Msg("CSRF error")
return err
},
}))
s.echo.Use(Middleware(csrfInit).toEcho())
}
}
func (s *Server) errorHandler(err error, ctx echo.Context) {
var httpErr *echo.HTTPError
data := ctx.Request().Context().Value(context.DataKeyStr).(echo.Map)
if errors.As(err, &httpErr) {
acceptJson := strings.Contains(ctx.Request().Header.Get("Accept"), "application/json")
data["error"] = err
if acceptJson {
if err := ctx.JSON(httpErr.Code, httpErr); err != nil {
log.Fatal().Err(err).Send()
}
return
}
if err := ctx.Render(httpErr.Code, "error", data); err != nil {
log.Fatal().Err(err).Send()
}
return
}
log.Error().Err(err).Send()
httpErr = echo.NewHTTPError(http.StatusInternalServerError, err.Error())
data["error"] = httpErr
if err := ctx.Render(500, "error", data); err != nil {
log.Fatal().Err(err).Send()
}
}
func dataInit(next Handler) Handler {
return func(ctx *context.Context) error {
ctx.SetData("loadStartTime", time.Now())
if err := loadSettings(ctx); err != nil {
return ctx.ErrorRes(500, "Cannot load settings", err)
}
ctx.SetData("c", config.C)
ctx.SetData("githubOauth", config.C.GithubClientKey != "" && config.C.GithubSecret != "")
ctx.SetData("gitlabOauth", config.C.GitlabClientKey != "" && config.C.GitlabSecret != "")
ctx.SetData("giteaOauth", config.C.GiteaClientKey != "" && config.C.GiteaSecret != "")
ctx.SetData("oidcOauth", config.C.OIDCClientKey != "" && config.C.OIDCSecret != "" && config.C.OIDCDiscoveryUrl != "")
httpProtocol := "http"
if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
httpProtocol = "https"
}
ctx.SetData("httpProtocol", strings.ToUpper(httpProtocol))
var baseHttpUrl string
// if a custom external url is set, use it
if config.C.ExternalUrl != "" {
baseHttpUrl = config.C.ExternalUrl
} else {
baseHttpUrl = httpProtocol + "://" + ctx.Request().Host
}
ctx.SetData("baseHttpUrl", baseHttpUrl)
return next(ctx)
}
}
func writePermission(next Handler) Handler {
return func(ctx *context.Context) error {
gist := ctx.GetData("gist")
user := ctx.User
if !gist.(*db.Gist).CanWrite(user) {
return ctx.RedirectTo("/" + gist.(*db.Gist).User.Username + "/" + gist.(*db.Gist).Identifier())
}
return next(ctx)
}
}
func adminPermission(next Handler) Handler {
return func(ctx *context.Context) error {
user := ctx.User
if user == nil || !user.IsAdmin {
return ctx.NotFound("User not found")
}
return next(ctx)
}
}
func logged(next Handler) Handler {
return func(ctx *context.Context) error {
user := ctx.User
if user != nil {
return next(ctx)
}
return ctx.RedirectTo("/all")
}
}
func inMFASession(next Handler) Handler {
return func(ctx *context.Context) error {
sess := ctx.GetSession()
_, ok := sess.Values["mfaID"].(uint)
if !ok {
return ctx.ErrorRes(400, ctx.Tr("error.not-in-mfa-session"), nil)
}
return next(ctx)
}
}
func makeCheckRequireLogin(isSingleGistAccess bool) Middleware {
return func(next Handler) Handler {
return func(ctx *context.Context) error {
if user := ctx.User; user != nil {
return next(ctx)
}
allow, err := auth.ShouldAllowUnauthenticatedGistAccess(handlers.ContextAuthInfo{Context: ctx}, isSingleGistAccess)
if err != nil {
log.Fatal().Err(err).Msg("Failed to check if unauthenticated access is allowed")
}
if !allow {
ctx.AddFlash(ctx.Tr("flash.auth.must-be-logged-in"), "error")
return ctx.RedirectTo("/login")
}
return next(ctx)
}
}
}
func checkRequireLogin(next Handler) Handler {
return makeCheckRequireLogin(false)(next)
}
func noRouteFound(ctx *context.Context) error {
return ctx.NotFound("Page not found")
}
func locale(next Handler) Handler {
return func(ctx *context.Context) error {
// Check URL arguments
lang := ctx.Request().URL.Query().Get("lang")
changeLang := lang != ""
// Then check cookies
if len(lang) == 0 {
cookie, _ := ctx.Request().Cookie("lang")
if cookie != nil {
lang = cookie.Value
}
}
// Check again in case someone changes the supported language list.
if lang != "" && !i18n.Locales.HasLocale(lang) {
lang = ""
changeLang = false
}
// 3.Then check from 'Accept-Language' header.
if len(lang) == 0 {
tags, _, _ := language.ParseAcceptLanguage(ctx.Request().Header.Get("Accept-Language"))
lang = i18n.Locales.MatchTag(tags)
}
if changeLang {
ctx.SetCookie(&http.Cookie{Name: "lang", Value: lang, Path: "/", MaxAge: 1<<31 - 1})
}
localeUsed, err := i18n.Locales.GetLocale(lang)
if err != nil {
return ctx.ErrorRes(500, "Cannot get locale", err)
}
ctx.SetData("localeName", localeUsed.Name)
ctx.SetData("locale", localeUsed)
ctx.SetData("allLocales", i18n.Locales.Locales)
return next(ctx)
}
}
func sessionInit(next Handler) Handler {
return func(ctx *context.Context) error {
sess := ctx.GetSession()
if sess.Values["user"] != nil {
var err error
var user *db.User
if user, err = db.GetUserById(sess.Values["user"].(uint)); err != nil {
sess.Values["user"] = nil
ctx.SaveSession(sess)
ctx.User = nil
ctx.SetData("userLogged", nil)
return ctx.RedirectTo("/all")
}
if user != nil {
ctx.User = user
ctx.SetData("userLogged", user)
}
return next(ctx)
}
ctx.User = nil
ctx.SetData("userLogged", nil)
return next(ctx)
}
}
func csrfInit(next Handler) Handler {
return func(ctx *context.Context) error {
var csrf string
if csrfToken, ok := ctx.Get("csrf").(string); ok {
csrf = csrfToken
}
ctx.SetData("csrfHtml", template.HTML(`<input type="hidden" name="_csrf" value="`+csrf+`">`))
ctx.SetData("csrfHtml", template.HTML(`<input type="hidden" name="_csrf" value="`+csrf+`">`))
return next(ctx)
}
}
func loadSettings(ctx *context.Context) error {
settings, err := db.GetSettings()
if err != nil {
return err
}
for key, value := range settings {
s := strings.ReplaceAll(key, "-", " ")
s = cases.Title(language.English).String(s)
ctx.SetData(strings.ReplaceAll(s, " ", ""), value == "1")
}
return nil
}
func gistInit(next Handler) Handler {
return func(ctx *context.Context) error {
currUser := ctx.User
userName := ctx.Param("user")
gistName := ctx.Param("gistname")
switch filepath.Ext(gistName) {
case ".js":
ctx.SetData("gistpage", "js")
gistName = strings.TrimSuffix(gistName, ".js")
case ".json":
ctx.SetData("gistpage", "json")
gistName = strings.TrimSuffix(gistName, ".json")
case ".git":
ctx.SetData("gistpage", "git")
gistName = strings.TrimSuffix(gistName, ".git")
}
gist, err := db.GetGist(userName, gistName)
if err != nil {
return ctx.NotFound("Gist not found")
}
if gist.Private == db.PrivateVisibility {
if currUser == nil || currUser.ID != gist.UserID {
return ctx.NotFound("Gist not found")
}
}
ctx.SetData("gist", gist)
if config.C.SshGit {
var sshDomain string
if config.C.SshExternalDomain != "" {
sshDomain = config.C.SshExternalDomain
} else {
sshDomain = strings.Split(ctx.Request().Host, ":")[0]
}
if config.C.SshPort == "22" {
ctx.SetData("sshCloneUrl", sshDomain+":"+userName+"/"+gistName+".git")
} else {
ctx.SetData("sshCloneUrl", "ssh://"+sshDomain+":"+config.C.SshPort+"/"+userName+"/"+gistName+".git")
}
}
baseHttpUrl := ctx.GetData("baseHttpUrl").(string)
if config.C.HttpGit {
ctx.SetData("httpCloneUrl", baseHttpUrl+"/"+userName+"/"+gistName+".git")
}
ctx.SetData("httpCopyUrl", baseHttpUrl+"/"+userName+"/"+gistName)
ctx.SetData("currentUrl", template.URL(ctx.Request().URL.Path))
ctx.SetData("embedScript", fmt.Sprintf(`<script src="%s"></script>`, baseHttpUrl+"/"+userName+"/"+gistName+".js"))
nbCommits, err := gist.NbCommits()
if err != nil {
return ctx.ErrorRes(500, "Error fetching number of commits", err)
}
ctx.SetData("nbCommits", nbCommits)
if currUser != nil {
hasLiked, err := currUser.HasLiked(gist)
if err != nil {
return ctx.ErrorRes(500, "Cannot get user like status", err)
}
ctx.SetData("hasLiked", hasLiked)
}
if gist.Private > 0 {
ctx.SetData("NoIndex", true)
}
return next(ctx)
}
}
// gistSoftInit try to load a gist (same as gistInit) but does not return a 404 if the gist is not found
// useful for git clients using HTTP to obfuscate the existence of a private gist
func gistSoftInit(next Handler) Handler {
return func(ctx *context.Context) error {
userName := ctx.Param("user")
gistName := ctx.Param("gistname")
gistName = strings.TrimSuffix(gistName, ".git")
gist, _ := db.GetGist(userName, gistName)
ctx.SetData("gist", gist)
return next(ctx)
}
}
// gistNewPushSoftInit has the same behavior as gistSoftInit but create a new gist empty instead
func gistNewPushSoftInit(next Handler) Handler {
return func(ctx *context.Context) error {
ctx.SetData("gist", new(db.Gist))
return next(ctx)
}
}
func setAllGistsMode(mode string) Middleware {
return func(next Handler) Handler {
return func(ctx *context.Context) error {
ctx.SetData("mode", mode)
return next(ctx)
}
}
}

220
internal/web/server/renderer.go Normal file
View File

@@ -0,0 +1,220 @@
package server
import (
gojson "encoding/json"
"errors"
"fmt"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/index"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers"
"github.com/thomiceli/opengist/public"
"github.com/thomiceli/opengist/templates"
htmlpkg "html"
"html/template"
"io"
"net/http"
"net/url"
"path/filepath"
"regexp"
"strconv"
"strings"
"time"
)
type Template struct {
templates *template.Template
}
func (t *Template) Render(w io.Writer, name string, data interface{}, _ echo.Context) error {
return t.templates.ExecuteTemplate(w, name, data)
}
var re = regexp.MustCompile("[^a-z0-9]+")
func (s *Server) setFuncMap() {
fm := template.FuncMap{
"split": strings.Split,
"indexByte": strings.IndexByte,
"toInt": func(i string) int {
val, _ := strconv.Atoi(i)
return val
},
"inc": func(i int) int {
return i + 1
},
"splitGit": func(i string) []string {
return strings.FieldsFunc(i, func(r rune) bool {
return r == ',' || r == ' '
})
},
"lines": func(i string) []string {
return strings.Split(i, "\n")
},
"isMarkdown": func(i string) bool {
return strings.ToLower(filepath.Ext(i)) == ".md"
},
"isCsv": func(i string) bool {
return strings.ToLower(filepath.Ext(i)) == ".csv"
},
"isSvg": func(i string) bool {
return strings.ToLower(filepath.Ext(i)) == ".svg"
},
"csvFile": func(file *git.File) *git.CsvFile {
if strings.ToLower(filepath.Ext(file.Filename)) != ".csv" {
return nil
}
csvFile, err := git.ParseCsv(file)
if err != nil {
return nil
}
return csvFile
},
"httpStatusText": http.StatusText,
"loadedTime": func(startTime time.Time) string {
return fmt.Sprint(time.Since(startTime).Nanoseconds()/1e6) + "ms"
},
"slug": func(s string) string {
return strings.Trim(re.ReplaceAllString(strings.ToLower(s), "-"), "-")
},
"avatarUrl": func(user *db.User, noGravatar bool) string {
if user.AvatarURL != "" {
return user.AvatarURL
}
if user.MD5Hash != "" && !noGravatar {
return "https://www.gravatar.com/avatar/" + user.MD5Hash + "?d=identicon&s=200"
}
return ""
},
"shouldGenerateAvatar": func(user *db.User, noGravatar bool) bool {
if user == nil {
return true
}
return user.AvatarURL == "" && (user.MD5Hash == "" || noGravatar)
},
"asset": func(file string) string {
if s.dev {
return "http://localhost:16157/" + file
}
return config.C.ExternalUrl + "/" + context.ManifestEntries[file].File
},
"custom": func(file string) string {
assetpath, err := url.JoinPath("/", "assets", file)
if err != nil {
log.Error().Err(err).Msgf("Failed to join path for custom file %s", file)
}
return config.C.ExternalUrl + assetpath
},
"dev": func() bool {
return s.dev
},
"visibilityStr": func(visibility db.Visibility, lowercase bool) string {
s := "Public"
switch visibility {
case 1:
s = "Unlisted"
case 2:
s = "Private"
}
if lowercase {
return strings.ToLower(s)
}
return s
},
"unescape": htmlpkg.UnescapeString,
"join": func(s ...string) string {
return strings.Join(s, "")
},
"toStr": func(i interface{}) string {
return fmt.Sprint(i)
},
"safe": func(s string) template.HTML {
return template.HTML(s)
},
"dict": func(values ...interface{}) (map[string]interface{}, error) {
if len(values)%2 != 0 {
return nil, errors.New("invalid dict call")
}
dict := make(map[string]interface{})
for i := 0; i < len(values); i += 2 {
key, ok := values[i].(string)
if !ok {
return nil, errors.New("dict keys must be strings")
}
dict[key] = values[i+1]
}
return dict, nil
},
"addMetadataToSearchQuery": func(input, key, value string) string {
content, metadata := handlers.ParseSearchQueryStr(input)
metadata[key] = value
var resultBuilder strings.Builder
resultBuilder.WriteString(content)
for k, v := range metadata {
resultBuilder.WriteString(" ")
resultBuilder.WriteString(k)
resultBuilder.WriteString(":")
resultBuilder.WriteString(v)
}
return strings.TrimSpace(resultBuilder.String())
},
"indexEnabled": index.Enabled,
"isUrl": func(s string) bool {
_, err := url.ParseRequestURI(s)
return err == nil
},
"topicsToStr": func(topics []db.GistTopic) string {
str := ""
for i, topic := range topics {
if i > 0 {
str += " "
}
str += topic.Topic
}
return str
},
}
t := template.Must(template.New("t").Funcs(fm).ParseFS(templates.Files, "*/*.html"))
customPattern := filepath.Join(config.GetHomeDir(), "custom", "*.html")
matches, err := filepath.Glob(customPattern)
if err != nil {
log.Fatal().Err(err).Msg("Failed to check for custom templates")
}
if len(matches) > 0 {
t, err = t.ParseGlob(customPattern)
if err != nil {
log.Fatal().Err(err).Msg("Failed to parse custom templates")
}
}
s.echo.Renderer = &Template{
templates: t,
}
}
func (s *Server) parseManifestEntries() {
file, err := public.Files.Open("manifest.json")
if err != nil {
log.Fatal().Err(err).Msg("Failed to open manifest.json")
}
byteValue, err := io.ReadAll(file)
if err != nil {
log.Fatal().Err(err).Msg("Failed to read manifest.json")
}
if err = gojson.Unmarshal(byteValue, &context.ManifestEntries); err != nil {
log.Fatal().Err(err).Msg("Failed to unmarshal manifest.json")
}
}

212
internal/web/server/router.go Normal file
View File

@@ -0,0 +1,212 @@
package server
import (
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/index"
"github.com/thomiceli/opengist/internal/web/context"
"github.com/thomiceli/opengist/internal/web/handlers/admin"
"github.com/thomiceli/opengist/internal/web/handlers/auth"
"github.com/thomiceli/opengist/internal/web/handlers/gist"
"github.com/thomiceli/opengist/internal/web/handlers/git"
"github.com/thomiceli/opengist/internal/web/handlers/health"
"github.com/thomiceli/opengist/internal/web/handlers/settings"
"github.com/thomiceli/opengist/public"
"net/http"
"os"
"path"
"path/filepath"
"strings"
"time"
)
func (s *Server) registerRoutes() {
r := NewRouter(s.echo.Group(""))
{
r.GET("/", gist.Create, logged)
r.POST("/", gist.ProcessCreate, logged)
r.POST("/preview", gist.Preview, logged)
r.GET("/healthcheck", health.Healthcheck)
r.GET("/metrics", health.Metrics)
r.GET("/register", auth.Register)
r.POST("/register", auth.ProcessRegister)
r.GET("/login", auth.Login)
r.POST("/login", auth.ProcessLogin)
r.GET("/logout", auth.Logout)
r.GET("/oauth/:provider", auth.Oauth)
r.GET("/oauth/:provider/callback", auth.OauthCallback)
r.GET("/oauth/:provider/unlink", auth.OauthUnlink, logged)
r.POST("/webauthn/bind", auth.BeginWebAuthnBinding, logged)
r.POST("/webauthn/bind/finish", auth.FinishWebAuthnBinding, logged)
r.POST("/webauthn/login", auth.BeginWebAuthnLogin)
r.POST("/webauthn/login/finish", auth.FinishWebAuthnLogin)
r.POST("/webauthn/assertion", auth.BeginWebAuthnAssertion, inMFASession)
r.POST("/webauthn/assertion/finish", auth.FinishWebAuthnAssertion, inMFASession)
r.GET("/mfa", auth.Mfa, inMFASession)
r.POST("/mfa/totp/assertion", auth.AssertTotp, inMFASession)
sA := r.SubGroup("/settings")
{
sA.Use(logged)
sA.GET("", settings.UserSettings)
sA.POST("/email", settings.EmailProcess)
sA.DELETE("/account", settings.AccountDeleteProcess)
sA.POST("/ssh-keys", settings.SshKeysProcess)
sA.DELETE("/ssh-keys/:id", settings.SshKeysDelete)
sA.DELETE("/passkeys/:id", settings.PasskeyDelete)
sA.PUT("/password", settings.PasswordProcess)
sA.PUT("/username", settings.UsernameProcess)
sA.GET("/totp/generate", auth.BeginTotp)
sA.POST("/totp/generate", auth.FinishTotp)
sA.DELETE("/totp", auth.DisableTotp)
sA.POST("/totp/regenerate", auth.RegenerateTotpRecoveryCodes)
}
sB := r.SubGroup("/admin-panel")
{
sB.Use(adminPermission)
sB.GET("", admin.AdminIndex)
sB.GET("/users", admin.AdminUsers)
sB.POST("/users/:user/delete", admin.AdminUserDelete)
sB.GET("/gists", admin.AdminGists)
sB.POST("/gists/:gist/delete", admin.AdminGistDelete)
sB.GET("/invitations", admin.AdminInvitations)
sB.POST("/invitations", admin.AdminInvitationsCreate)
sB.POST("/invitations/:id/delete", admin.AdminInvitationsDelete)
sB.POST("/sync-fs", admin.AdminSyncReposFromFS)
sB.POST("/sync-db", admin.AdminSyncReposFromDB)
sB.POST("/gc-repos", admin.AdminGcRepos)
sB.POST("/sync-previews", admin.AdminSyncGistPreviews)
sB.POST("/reset-hooks", admin.AdminResetHooks)
sB.POST("/index-gists", admin.AdminIndexGists)
sB.POST("/sync-languages", admin.AdminSyncGistLanguages)
sB.GET("/configuration", admin.AdminConfig)
sB.PUT("/set-config", admin.AdminSetConfig)
}
if config.C.HttpGit {
r.Any("/init/*", git.GitHttp, gistNewPushSoftInit)
}
r.GET("/all", gist.AllGists, checkRequireLogin, setAllGistsMode("all"))
if index.Enabled() {
r.GET("/search", gist.Search, checkRequireLogin)
} else {
r.GET("/search", gist.AllGists, checkRequireLogin, setAllGistsMode("search"))
}
r.GET("/:user", gist.AllGists, checkRequireLogin, setAllGistsMode("fromUser"))
r.GET("/:user/liked", gist.AllGists, checkRequireLogin, setAllGistsMode("liked"))
r.GET("/:user/forked", gist.AllGists, checkRequireLogin, setAllGistsMode("forked"))
r.GET("/topics/:topic", gist.AllGists, checkRequireLogin, setAllGistsMode("topics"))
sC := r.SubGroup("/:user/:gistname")
{
sC.Use(makeCheckRequireLogin(true), gistInit)
sC.GET("", gist.GistIndex)
sC.GET("/rev/:revision", gist.GistIndex)
sC.GET("/revisions", gist.Revisions)
sC.GET("/archive/:revision", gist.DownloadZip)
sC.POST("/visibility", gist.EditVisibility, logged, writePermission)
sC.POST("/delete", gist.DeleteGist, logged, writePermission)
sC.GET("/raw/:revision/:file", gist.RawFile)
sC.GET("/download/:revision/:file", gist.DownloadFile)
sC.GET("/edit", gist.Edit, logged, writePermission)
sC.POST("/edit", gist.ProcessCreate, logged, writePermission)
sC.POST("/like", gist.Like, logged)
sC.GET("/likes", gist.Likes, checkRequireLogin)
sC.POST("/fork", gist.Fork, logged)
sC.GET("/forks", gist.Forks, checkRequireLogin)
sC.PUT("/checkbox", gist.Checkbox, logged, writePermission)
}
}
customFs := os.DirFS(filepath.Join(config.GetHomeDir(), "custom"))
r.GET("/assets/*", func(ctx *context.Context) error {
if _, err := public.Files.Open(path.Join("assets", ctx.Param("*"))); !s.dev && err == nil {
ctx.Response().Header().Set("Cache-Control", "public, max-age=31536000")
ctx.Response().Header().Set("Expires", time.Now().AddDate(1, 0, 0).Format(http.TimeFormat))
return echo.WrapHandler(http.FileServer(http.FS(public.Files)))(ctx)
}
// if the custom file is an .html template, render it
if strings.HasSuffix(ctx.Param("*"), ".html") {
if err := ctx.Html(ctx.Param("*")); err != nil {
return ctx.NotFound("Page not found")
}
return nil
}
return echo.WrapHandler(http.StripPrefix("/assets/", http.FileServer(http.FS(customFs))))(ctx)
})
// Git HTTP routes
if config.C.HttpGit {
r.Any("/:user/:gistname/*", git.GitHttp, gistSoftInit)
}
r.Any("/*", noRouteFound)
}
// Router wraps echo.Group to provide custom Handler support
type Router struct {
*echo.Group
}
func NewRouter(g *echo.Group) *Router {
return &Router{Group: g}
}
func (r *Router) SubGroup(prefix string, m ...Middleware) *Router {
echoMiddleware := make([]echo.MiddlewareFunc, len(m))
for i, mw := range m {
mw := mw // capture for closure
echoMiddleware[i] = func(next echo.HandlerFunc) echo.HandlerFunc {
return chain(func(c *context.Context) error {
return next(c)
}, mw).toEchoHandler()
}
}
return NewRouter(r.Group.Group(prefix, echoMiddleware...))
}
func (r *Router) GET(path string, h Handler, m ...Middleware) {
r.Group.GET(path, chain(h, m...).toEchoHandler())
}
func (r *Router) POST(path string, h Handler, m ...Middleware) {
r.Group.POST(path, chain(h, m...).toEchoHandler())
}
func (r *Router) PUT(path string, h Handler, m ...Middleware) {
r.Group.PUT(path, chain(h, m...).toEchoHandler())
}
func (r *Router) DELETE(path string, h Handler, m ...Middleware) {
r.Group.DELETE(path, chain(h, m...).toEchoHandler())
}
func (r *Router) PATCH(path string, h Handler, m ...Middleware) {
r.Group.PATCH(path, chain(h, m...).toEchoHandler())
}
func (r *Router) Any(path string, h Handler, m ...Middleware) {
r.Group.Any(path, chain(h, m...).toEchoHandler())
}
func (r *Router) Use(middleware ...Middleware) {
for _, m := range middleware {
m := m // capture for closure
r.Group.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return chain(func(c *context.Context) error {
return next(c)
}, m).toEchoHandler()
})
}
}

65
internal/web/server/server.go Normal file
View File

@@ -0,0 +1,65 @@
package server
import (
"github.com/thomiceli/opengist/internal/validator"
"net/http"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/i18n"
)
type Server struct {
echo *echo.Echo
dev bool
sessionsPath string
ignoreCsrf bool
}
func NewServer(isDev bool, sessionsPath string, ignoreCsrf bool) *Server {
e := echo.New()
e.HideBanner = true
e.HidePort = true
e.Validator = validator.NewValidator()
s := &Server{echo: e, dev: isDev, sessionsPath: sessionsPath, ignoreCsrf: ignoreCsrf}
s.useCustomContext()
if err := i18n.Locales.LoadAll(); err != nil {
log.Fatal().Err(err).Msg("Failed to load locales")
}
s.registerMiddlewares()
s.setFuncMap()
s.echo.HTTPErrorHandler = s.errorHandler
if !s.dev {
s.parseManifestEntries()
}
s.registerRoutes()
return s
}
func (s *Server) Start() {
addr := config.C.HttpHost + ":" + config.C.HttpPort
log.Info().Msg("Starting HTTP server on http://" + addr)
if err := s.echo.Start(addr); err != nil && err != http.ErrServerClosed {
log.Fatal().Err(err).Msg("Failed to start HTTP server")
}
}
func (s *Server) Stop() {
if err := s.echo.Close(); err != nil {
log.Fatal().Err(err).Msg("Failed to stop HTTP server")
}
}
func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
s.echo.ServeHTTP(w, r)
}

227
internal/web/settings.go
View File

@@ -1,227 +0,0 @@
package web
import (
"crypto/md5"
"fmt"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/i18n"
"github.com/thomiceli/opengist/internal/utils"
"os"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/db"
"golang.org/x/crypto/ssh"
)
func userSettings(ctx echo.Context) error {
user := getUserLogged(ctx)
keys, err := db.GetSSHKeysByUserID(user.ID)
if err != nil {
return errorRes(500, "Cannot get SSH keys", err)
}
passkeys, err := db.GetAllCredentialsForUser(user.ID)
if err != nil {
return errorRes(500, "Cannot get WebAuthn credentials", err)
}
_, hasTotp, err := user.HasMFA()
if err != nil {
return errorRes(500, "Cannot get MFA status", err)
}
setData(ctx, "email", user.Email)
setData(ctx, "sshKeys", keys)
setData(ctx, "passkeys", passkeys)
setData(ctx, "hasTotp", hasTotp)
setData(ctx, "hasPassword", user.Password != "")
setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
setData(ctx, "htmlTitle", trH(ctx, "settings"))
return html(ctx, "settings.html")
}
func emailProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
email := ctx.FormValue("email")
var hash string
if email == "" {
// generate random md5 string
hash = fmt.Sprintf("%x", md5.Sum([]byte(time.Now().String())))
} else {
hash = fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(email)))))
}
user.Email = strings.ToLower(email)
user.MD5Hash = hash
if err := user.Update(); err != nil {
return errorRes(500, "Cannot update email", err)
}
addFlash(ctx, tr(ctx, "flash.user.email-updated"), "success")
return redirect(ctx, "/settings")
}
func accountDeleteProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
if err := user.Delete(); err != nil {
return errorRes(500, "Cannot delete this user", err)
}
return redirect(ctx, "/all")
}
func sshKeysProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
dto := new(db.SSHKeyDTO)
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
return redirect(ctx, "/settings")
}
key := dto.ToSSHKey()
key.UserID = user.ID
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
if err != nil {
addFlash(ctx, tr(ctx, "flash.user.invalid-ssh-key"), "error")
return redirect(ctx, "/settings")
}
key.Content = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
if exists, err := db.SSHKeyDoesExists(key.Content); exists {
if err != nil {
return errorRes(500, "Cannot check if SSH key exists", err)
}
addFlash(ctx, tr(ctx, "settings.ssh-key-exists"), "error")
return redirect(ctx, "/settings")
}
if err := key.Create(); err != nil {
return errorRes(500, "Cannot add SSH key", err)
}
addFlash(ctx, tr(ctx, "flash.user.ssh-key-added"), "success")
return redirect(ctx, "/settings")
}
func sshKeysDelete(ctx echo.Context) error {
user := getUserLogged(ctx)
keyId, err := strconv.Atoi(ctx.Param("id"))
if err != nil {
return redirect(ctx, "/settings")
}
key, err := db.GetSSHKeyByID(uint(keyId))
if err != nil || key.UserID != user.ID {
return redirect(ctx, "/settings")
}
if err := key.Delete(); err != nil {
return errorRes(500, "Cannot delete SSH key", err)
}
addFlash(ctx, tr(ctx, "flash.user.ssh-key-deleted"), "success")
return redirect(ctx, "/settings")
}
func passkeyDelete(ctx echo.Context) error {
user := getUserLogged(ctx)
keyId, err := strconv.Atoi(ctx.Param("id"))
if err != nil {
return redirect(ctx, "/settings")
}
passkey, err := db.GetCredentialByIDDB(uint(keyId))
if err != nil || passkey.UserID != user.ID {
return redirect(ctx, "/settings")
}
if err := passkey.Delete(); err != nil {
return errorRes(500, "Cannot delete passkey", err)
}
addFlash(ctx, tr(ctx, "flash.auth.passkey-deleted"), "success")
return redirect(ctx, "/settings")
}
func passwordProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
dto := new(db.UserDTO)
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
dto.Username = user.Username
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
return html(ctx, "settings.html")
}
password, err := utils.Argon2id.Hash(dto.Password)
if err != nil {
return errorRes(500, "Cannot hash password", err)
}
user.Password = password
if err = user.Update(); err != nil {
return errorRes(500, "Cannot update password", err)
}
addFlash(ctx, tr(ctx, "flash.user.password-updated"), "success")
return redirect(ctx, "/settings")
}
func usernameProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
dto := new(db.UserDTO)
if err := ctx.Bind(dto); err != nil {
return errorRes(400, tr(ctx, "error.cannot-bind-data"), err)
}
dto.Password = user.Password
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, utils.ValidationMessages(&err, getData(ctx, "locale").(*i18n.Locale)), "error")
return redirect(ctx, "/settings")
}
if exists, err := db.UserExists(dto.Username); err != nil || exists {
addFlash(ctx, tr(ctx, "flash.auth.username-exists"), "error")
return redirect(ctx, "/settings")
}
sourceDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(user.Username))
destinationDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(dto.Username))
if _, err := os.Stat(sourceDir); !os.IsNotExist(err) {
err := os.Rename(sourceDir, destinationDir)
if err != nil {
return errorRes(500, "Cannot rename user directory", err)
}
}
user.Username = dto.Username
if err := user.Update(); err != nil {
return errorRes(500, "Cannot update username", err)
}
addFlash(ctx, tr(ctx, "flash.user.username-updated"), "success")
return redirect(ctx, "/settings")
}

41
internal/web/test/actions_test.go Normal file
View File

@@ -0,0 +1,41 @@
package test
import (
"github.com/stretchr/testify/require"
"github.com/thomiceli/opengist/internal/db"
"testing"
)
func TestAdminActions(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
urls := []string{
"/admin-panel/sync-fs",
"/admin-panel/sync-db",
"/admin-panel/gc-repos",
"/admin-panel/sync-previews",
"/admin-panel/reset-hooks",
"/admin-panel/index-gists",
}
for _, url := range urls {
err := s.Request("POST", url, nil, 404)
require.NoError(t, err)
}
user1 := db.UserDTO{Username: "admin", Password: "admin"}
register(t, s, user1)
login(t, s, user1)
for _, url := range urls {
err := s.Request("POST", url, nil, 302)
require.NoError(t, err)
}
user2 := db.UserDTO{Username: "nonadmin", Password: "nonadmin"}
register(t, s, user2)
login(t, s, user2)
for _, url := range urls {
err := s.Request("POST", url, nil, 404)
require.NoError(t, err)
}
}

263
internal/web/test/admin_test.go Normal file
View File

@@ -0,0 +1,263 @@
package test
import (
"github.com/stretchr/testify/require"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"os"
"path/filepath"
"strconv"
"testing"
"time"
)
func TestAdminPages(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
urls := []string{
"/admin-panel",
"/admin-panel/users",
"/admin-panel/gists",
"/admin-panel/invitations",
"/admin-panel/configuration",
}
for _, url := range urls {
err := s.Request("GET", url, nil, 404)
require.NoError(t, err)
}
user1 := db.UserDTO{Username: "admin", Password: "admin"}
register(t, s, user1)
login(t, s, user1)
for _, url := range urls {
err := s.Request("GET", url, nil, 200)
require.NoError(t, err)
}
user2 := db.UserDTO{Username: "nonadmin", Password: "nonadmin"}
register(t, s, user2)
login(t, s, user2)
for _, url := range urls {
err := s.Request("GET", url, nil, 404)
require.NoError(t, err)
}
}
func TestSetConfig(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
settings := []string{
db.SettingDisableSignup,
db.SettingRequireLogin,
db.SettingAllowGistsWithoutLogin,
db.SettingDisableLoginForm,
db.SettingDisableGravatar,
}
user1 := db.UserDTO{Username: "admin", Password: "admin"}
register(t, s, user1)
login(t, s, user1)
for _, setting := range settings {
val, err := db.GetSetting(setting)
require.NoError(t, err)
require.Equal(t, "0", val)
err = s.Request("PUT", "/admin-panel/set-config", settingSet{setting, "1"}, 200)
require.NoError(t, err)
val, err = db.GetSetting(setting)
require.NoError(t, err)
require.Equal(t, "1", val)
err = s.Request("PUT", "/admin-panel/set-config", settingSet{setting, "0"}, 200)
require.NoError(t, err)
val, err = db.GetSetting(setting)
require.NoError(t, err)
require.Equal(t, "0", val)
}
}
func TestPagination(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "admin", Password: "admin"}
register(t, s, user1)
for i := 0; i < 11; i++ {
user := db.UserDTO{Username: "user" + strconv.Itoa(i), Password: "user" + strconv.Itoa(i)}
register(t, s, user)
}
login(t, s, user1)
err := s.Request("GET", "/admin-panel/users", nil, 200)
require.NoError(t, err)
err = s.Request("GET", "/admin-panel/users?page=2", nil, 200)
require.NoError(t, err)
err = s.Request("GET", "/admin-panel/users?page=3", nil, 404)
require.NoError(t, err)
err = s.Request("GET", "/admin-panel/users?page=0", nil, 200)
require.NoError(t, err)
err = s.Request("GET", "/admin-panel/users?page=-1", nil, 200)
require.NoError(t, err)
err = s.Request("GET", "/admin-panel/users?page=a", nil, 200)
require.NoError(t, err)
}
func TestAdminUser(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "admin", Password: "admin"}
user2 := db.UserDTO{Username: "nonadmin", Password: "nonadmin"}
register(t, s, user1)
register(t, s, user2)
login(t, s, user2)
gist1 := db.GistDTO{
Title: "gist",
VisibilityDTO: db.VisibilityDTO{
Private: 0,
},
Name: []string{"gist1.txt"},
Content: []string{"yeah"},
Topics: "",
}
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
_, err = os.Stat(filepath.Join(config.GetHomeDir(), git.ReposDirectory, user2.Username))
require.NoError(t, err)
count, err := db.CountAll(db.User{})
require.NoError(t, err)
require.Equal(t, int64(2), count)
login(t, s, user1)
err = s.Request("POST", "/admin-panel/users/2/delete", nil, 302)
require.NoError(t, err)
count, err = db.CountAll(db.User{})
require.NoError(t, err)
require.Equal(t, int64(1), count)
_, err = os.Stat(filepath.Join(config.GetHomeDir(), git.ReposDirectory, user2.Username))
require.Error(t, err)
}
func TestAdminGist(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "admin", Password: "admin"}
register(t, s, user1)
login(t, s, user1)
gist1 := db.GistDTO{
Title: "gist",
VisibilityDTO: db.VisibilityDTO{
Private: 0,
},
Name: []string{"gist1.txt"},
Content: []string{"yeah"},
Topics: "",
}
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
count, err := db.CountAll(db.Gist{})
require.NoError(t, err)
require.Equal(t, int64(1), count)
gist1Db, err := db.GetGistByID("1")
require.NoError(t, err)
_, err = os.Stat(filepath.Join(config.GetHomeDir(), git.ReposDirectory, user1.Username, gist1Db.Identifier()))
require.NoError(t, err)
err = s.Request("POST", "/admin-panel/gists/1/delete", nil, 302)
require.NoError(t, err)
count, err = db.CountAll(db.Gist{})
require.NoError(t, err)
require.Equal(t, int64(0), count)
_, err = os.Stat(filepath.Join(config.GetHomeDir(), git.ReposDirectory, user1.Username, gist1Db.Identifier()))
require.Error(t, err)
}
func TestAdminInvitation(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "admin", Password: "admin"}
register(t, s, user1)
login(t, s, user1)
err := s.Request("POST", "/admin-panel/invitations", invitationAdmin{
nbMax: "",
expiredAtUnix: "",
}, 302)
require.NoError(t, err)
invitation1, err := db.GetInvitationByID(1)
require.NoError(t, err)
require.Equal(t, invitation1, &db.Invitation{
ID: 1,
Code: invitation1.Code,
ExpiresAt: time.Now().Unix() + 604800,
NbUsed: 0,
NbMax: 10,
})
err = s.Request("POST", "/admin-panel/invitations", invitationAdmin{
nbMax: "aa",
expiredAtUnix: "1735722000",
}, 302)
require.NoError(t, err)
invitation2, err := db.GetInvitationByID(2)
require.NoError(t, err)
require.Equal(t, invitation2, &db.Invitation{
ID: 2,
Code: invitation2.Code,
ExpiresAt: time.Unix(1735722000, 0).Unix(),
NbUsed: 0,
NbMax: 10,
})
err = s.Request("POST", "/admin-panel/invitations", invitationAdmin{
nbMax: "20",
expiredAtUnix: "1735722000",
}, 302)
require.NoError(t, err)
invitation3, err := db.GetInvitationByID(3)
require.NoError(t, err)
require.Equal(t, invitation3, &db.Invitation{
ID: 3,
Code: invitation3.Code,
ExpiresAt: time.Unix(1735722000, 0).Unix(),
NbUsed: 0,
NbMax: 20,
})
count, err := db.CountAll(db.Invitation{})
require.NoError(t, err)
require.Equal(t, int64(3), count)
err = s.Request("POST", "/admin-panel/invitations/1/delete", nil, 302)
require.NoError(t, err)
count, err = db.CountAll(db.Invitation{})
require.NoError(t, err)
require.Equal(t, int64(2), count)
}

98
internal/web/test/auth_test.go
View File

@@ -1,24 +1,25 @@
package test
import (
"fmt"
"os"
"os/exec"
"path/filepath"
"testing"
"github.com/rs/zerolog/log"
"github.com/stretchr/testify/require"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"os"
"os/exec"
"path"
"testing"
)
func TestRegister(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
err := s.request("GET", "/", nil, 302)
err := s.Request("GET", "/", nil, 302)
require.NoError(t, err)
err = s.request("GET", "/register", nil, 200)
err = s.Request("GET", "/register", nil, 200)
require.NoError(t, err)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -29,13 +30,13 @@ func TestRegister(t *testing.T) {
require.Equal(t, user1.Username, user1db.Username)
require.True(t, user1db.IsAdmin)
err = s.request("GET", "/", nil, 200)
err = s.Request("GET", "/", nil, 200)
require.NoError(t, err)
s.sessionCookie = ""
user2 := db.UserDTO{Username: "thomas", Password: "azeaze"}
err = s.request("POST", "/register", user2, 200)
err = s.Request("POST", "/register", user2, 200)
require.Error(t, err)
user3 := db.UserDTO{Username: "kaguya", Password: "kaguya"}
@@ -53,10 +54,10 @@ func TestRegister(t *testing.T) {
}
func TestLogin(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
err := s.request("GET", "/login", nil, 200)
err := s.Request("GET", "/login", nil, 200)
require.NoError(t, err)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -72,38 +73,33 @@ func TestLogin(t *testing.T) {
user2 := db.UserDTO{Username: "thomas", Password: "azeaze"}
user3 := db.UserDTO{Username: "azeaze", Password: ""}
err = s.request("POST", "/login", user2, 302)
err = s.Request("POST", "/login", user2, 302)
require.Empty(t, s.sessionCookie)
require.Error(t, err)
err = s.request("POST", "/login", user3, 302)
err = s.Request("POST", "/login", user3, 302)
require.Empty(t, s.sessionCookie)
require.Error(t, err)
}
func register(t *testing.T, s *testServer, user db.UserDTO) {
err := s.request("POST", "/register", user, 302)
func register(t *testing.T, s *TestServer, user db.UserDTO) {
err := s.Request("POST", "/register", user, 302)
require.NoError(t, err)
}
func login(t *testing.T, s *testServer, user db.UserDTO) {
err := s.request("POST", "/login", user, 302)
func login(t *testing.T, s *TestServer, user db.UserDTO) {
err := s.Request("POST", "/login", user, 302)
require.NoError(t, err)
}
type settingSet struct {
key string `form:"key"`
value string `form:"value"`
}
func TestAnonymous(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
user := db.UserDTO{Username: "thomas", Password: "azeaze"}
register(t, s, user)
err := s.request("PUT", "/admin-panel/set-config", settingSet{"require-login", "1"}, 200)
err := s.Request("PUT", "/admin-panel/set-config", settingSet{"require-login", "1"}, 200)
require.NoError(t, err)
gist1 := db.GistDTO{
@@ -114,42 +110,43 @@ func TestAnonymous(t *testing.T) {
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "",
}
err = s.request("POST", "/", gist1, 302)
err = s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
gist1db, err := db.GetGistByID("1")
require.NoError(t, err)
err = s.request("GET", "/all", nil, 200)
err = s.Request("GET", "/all", nil, 200)
require.NoError(t, err)
cookie := s.sessionCookie
s.sessionCookie = ""
err = s.request("GET", "/all", nil, 302)
err = s.Request("GET", "/all", nil, 302)
require.NoError(t, err)
// Should redirect to login if RequireLogin
err = s.request("GET", "/"+gist1db.User.Username+"/"+gist1db.Uuid, nil, 302)
err = s.Request("GET", "/"+gist1db.User.Username+"/"+gist1db.Uuid, nil, 302)
require.NoError(t, err)
s.sessionCookie = cookie
err = s.request("PUT", "/admin-panel/set-config", settingSet{"allow-gists-without-login", "1"}, 200)
err = s.Request("PUT", "/admin-panel/set-config", settingSet{"allow-gists-without-login", "1"}, 200)
require.NoError(t, err)
s.sessionCookie = ""
// Should return results
err = s.request("GET", "/"+gist1db.User.Username+"/"+gist1db.Uuid, nil, 200)
err = s.Request("GET", "/"+gist1db.User.Username+"/"+gist1db.Uuid, nil, 200)
require.NoError(t, err)
}
func TestGitOperations(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
admin := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, admin)
@@ -169,8 +166,9 @@ func TestGitOperations(t *testing.T) {
Content: []string{
"yeah",
},
Topics: "",
}
err := s.request("POST", "/", gist1, 302)
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
gist2 := db.GistDTO{
@@ -184,8 +182,9 @@ func TestGitOperations(t *testing.T) {
Content: []string{
"cool",
},
Topics: "",
}
err = s.request("POST", "/", gist2, 302)
err = s.Request("POST", "/", gist2, 302)
require.NoError(t, err)
gist3 := db.GistDTO{
@@ -199,12 +198,13 @@ func TestGitOperations(t *testing.T) {
Content: []string{
"super",
},
Topics: "",
}
err = s.request("POST", "/", gist3, 302)
err = s.Request("POST", "/", gist3, 302)
require.NoError(t, err)
gitOperations := func(credentials, owner, url, filename string, expectErrorClone, expectErrorCheck, expectErrorPush bool) {
fmt.Println("Testing", credentials, url, expectErrorClone, expectErrorCheck, expectErrorPush)
log.Debug().Msgf("Testing %s %s %t %t %t", credentials, url, expectErrorClone, expectErrorCheck, expectErrorPush)
err := clientGitClone(credentials, owner, url)
if expectErrorClone {
require.Error(t, err)
@@ -249,7 +249,7 @@ func TestGitOperations(t *testing.T) {
}
login(t, s, admin)
err = s.request("PUT", "/admin-panel/set-config", settingSet{"require-login", "1"}, 200)
err = s.Request("PUT", "/admin-panel/set-config", settingSet{"require-login", "1"}, 200)
require.NoError(t, err)
testsRequireLogin := []struct {
@@ -276,7 +276,7 @@ func TestGitOperations(t *testing.T) {
}
login(t, s, admin)
err = s.request("PUT", "/admin-panel/set-config", settingSet{"allow-gists-without-login", "1"}, 200)
err = s.Request("PUT", "/admin-panel/set-config", settingSet{"allow-gists-without-login", "1"}, 200)
require.NoError(t, err)
for _, test := range tests {
@@ -285,26 +285,26 @@ func TestGitOperations(t *testing.T) {
}
func clientGitClone(creds string, user string, url string) error {
return exec.Command("git", "clone", "http://"+creds+"@localhost:6157/"+user+"/"+url, path.Join(config.GetHomeDir(), "tmp", url)).Run()
return exec.Command("git", "clone", "http://"+creds+"@localhost:6157/"+user+"/"+url, filepath.Join(config.GetHomeDir(), "tmp", url)).Run()
}
func clientGitPush(url string) error {
f, err := os.Create(path.Join(config.GetHomeDir(), "tmp", url, "newfile.txt"))
f, err := os.Create(filepath.Join(config.GetHomeDir(), "tmp", url, "newfile.txt"))
if err != nil {
return err
}
f.Close()
_ = exec.Command("git", "-C", path.Join(config.GetHomeDir(), "tmp", url), "add", "newfile.txt").Run()
_ = exec.Command("git", "-C", path.Join(config.GetHomeDir(), "tmp", url), "commit", "-m", "new file").Run()
err = exec.Command("git", "-C", path.Join(config.GetHomeDir(), "tmp", url), "push", "origin", "master").Run()
_ = exec.Command("git", "-C", filepath.Join(config.GetHomeDir(), "tmp", url), "add", "newfile.txt").Run()
_ = exec.Command("git", "-C", filepath.Join(config.GetHomeDir(), "tmp", url), "commit", "-m", "new file").Run()
err = exec.Command("git", "-C", filepath.Join(config.GetHomeDir(), "tmp", url), "push", "origin", "master").Run()
_ = os.RemoveAll(path.Join(config.GetHomeDir(), "tmp", url))
_ = os.RemoveAll(filepath.Join(config.GetHomeDir(), "tmp", url))
return err
}
func clientCheckRepo(url string, file string) error {
_, err := os.ReadFile(path.Join(config.GetHomeDir(), "tmp", url, file))
_, err := os.ReadFile(filepath.Join(config.GetHomeDir(), "tmp", url, file))
return err
}

135
internal/web/test/gist_test.go
View File

@@ -9,19 +9,19 @@ import (
)
func TestGists(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
err := s.request("GET", "/", nil, 302)
err := s.Request("GET", "/", nil, 302)
require.NoError(t, err)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, user1)
err = s.request("GET", "/all", nil, 200)
err = s.Request("GET", "/all", nil, 200)
require.NoError(t, err)
err = s.request("POST", "/", nil, 200)
err = s.Request("POST", "/", nil, 400)
require.NoError(t, err)
gist1 := db.GistDTO{
@@ -32,8 +32,9 @@ func TestGists(t *testing.T) {
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "",
}
err = s.request("POST", "/", gist1, 302)
err = s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
gist1db, err := db.GetGistByID("1")
@@ -44,7 +45,7 @@ func TestGists(t *testing.T) {
require.Regexp(t, "[a-f0-9]{32}", gist1db.Uuid)
require.Equal(t, user1.Username, gist1db.User.Username)
err = s.request("GET", "/"+gist1db.User.Username+"/"+gist1db.Uuid, nil, 200)
err = s.Request("GET", "/"+gist1db.User.Username+"/"+gist1db.Uuid, nil, 200)
require.NoError(t, err)
gist1files, err := git.GetFilesOfRepository(gist1db.User.Username, gist1db.Uuid, "HEAD")
@@ -63,8 +64,9 @@ func TestGists(t *testing.T) {
},
Name: []string{"", "gist2.txt", "gist3.txt"},
Content: []string{"", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "",
}
err = s.request("POST", "/", gist2, 200)
err = s.Request("POST", "/", gist2, 400)
require.NoError(t, err)
gist3 := db.GistDTO{
@@ -75,8 +77,9 @@ func TestGists(t *testing.T) {
},
Name: []string{""},
Content: []string{"yeah"},
Topics: "",
}
err = s.request("POST", "/", gist3, 302)
err = s.Request("POST", "/", gist3, 302)
require.NoError(t, err)
gist3db, err := db.GetGistByID("2")
@@ -86,26 +89,26 @@ func TestGists(t *testing.T) {
require.NoError(t, err)
require.Equal(t, "gistfile1.txt", gist3files[0])
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/edit", nil, 200)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/edit", nil, 400)
require.NoError(t, err)
gist1.Name = []string{"gist1.txt"}
gist1.Content = []string{"only want one gist"}
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/edit", gist1, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/edit", gist1, 302)
require.NoError(t, err)
gist1files, err = git.GetFilesOfRepository(gist1db.User.Username, gist1db.Uuid, "HEAD")
require.NoError(t, err)
require.Equal(t, 1, len(gist1files))
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/delete", nil, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/delete", nil, 302)
require.NoError(t, err)
}
func TestVisibility(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, user1)
@@ -118,27 +121,28 @@ func TestVisibility(t *testing.T) {
},
Name: []string{""},
Content: []string{"yeah"},
Topics: "",
}
err := s.request("POST", "/", gist1, 302)
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
gist1db, err := db.GetGistByID("1")
require.NoError(t, err)
require.Equal(t, db.UnlistedVisibility, gist1db.Private)
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/visibility", db.VisibilityDTO{Private: db.PrivateVisibility}, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/visibility", db.VisibilityDTO{Private: db.PrivateVisibility}, 302)
require.NoError(t, err)
gist1db, err = db.GetGistByID("1")
require.NoError(t, err)
require.Equal(t, db.PrivateVisibility, gist1db.Private)
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/visibility", db.VisibilityDTO{Private: db.PublicVisibility}, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/visibility", db.VisibilityDTO{Private: db.PublicVisibility}, 302)
require.NoError(t, err)
gist1db, err = db.GetGistByID("1")
require.NoError(t, err)
require.Equal(t, db.PublicVisibility, gist1db.Private)
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/visibility", db.VisibilityDTO{Private: db.UnlistedVisibility}, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/visibility", db.VisibilityDTO{Private: db.UnlistedVisibility}, 302)
require.NoError(t, err)
gist1db, err = db.GetGistByID("1")
require.NoError(t, err)
@@ -146,8 +150,8 @@ func TestVisibility(t *testing.T) {
}
func TestLikeFork(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, user1)
@@ -160,8 +164,9 @@ func TestLikeFork(t *testing.T) {
},
Name: []string{""},
Content: []string{"yeah"},
Topics: "",
}
err := s.request("POST", "/", gist1, 302)
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
s.sessionCookie = ""
@@ -176,7 +181,7 @@ func TestLikeFork(t *testing.T) {
require.NoError(t, err)
require.Equal(t, int64(0), likeCount)
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/like", nil, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/like", nil, 302)
require.NoError(t, err)
gist1db, err = db.GetGistByID("1")
require.NoError(t, err)
@@ -185,7 +190,7 @@ func TestLikeFork(t *testing.T) {
require.NoError(t, err)
require.Equal(t, int64(1), likeCount)
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/like", nil, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/like", nil, 302)
require.NoError(t, err)
gist1db, err = db.GetGistByID("1")
require.NoError(t, err)
@@ -194,7 +199,7 @@ func TestLikeFork(t *testing.T) {
require.NoError(t, err)
require.Equal(t, int64(0), likeCount)
err = s.request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/fork", nil, 302)
err = s.Request("POST", "/"+gist1db.User.Username+"/"+gist1db.Uuid+"/fork", nil, 302)
require.NoError(t, err)
gist2db, err := db.GetGistByID("2")
require.NoError(t, err)
@@ -205,8 +210,8 @@ func TestLikeFork(t *testing.T) {
}
func TestCustomUrl(t *testing.T) {
s := setup(t)
defer teardown(t, s)
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, user1)
@@ -220,8 +225,9 @@ func TestCustomUrl(t *testing.T) {
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "",
}
err := s.request("POST", "/", gist1, 302)
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
gist1db, err := db.GetGistByID("1")
@@ -251,8 +257,9 @@ func TestCustomUrl(t *testing.T) {
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "",
}
err = s.request("POST", "/", gist2, 302)
err = s.Request("POST", "/", gist2, 302)
require.NoError(t, err)
gist2db, err := db.GetGistByID("2")
@@ -261,3 +268,75 @@ func TestCustomUrl(t *testing.T) {
require.Equal(t, gist2db.Uuid, gist2db.Identifier())
require.NotEqual(t, gist2db.URL, gist2db.Identifier())
}
func TestTopics(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, user1)
gist1 := db.GistDTO{
Title: "gist1",
URL: "my-gist",
Description: "my first gist",
VisibilityDTO: db.VisibilityDTO{
Private: 0,
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "topic1 topic2 topic3",
}
err := s.Request("POST", "/", gist1, 302)
require.NoError(t, err)
gist1db, err := db.GetGistByID("1")
require.NoError(t, err)
require.Equal(t, []db.GistTopic{
{GistID: 1, Topic: "topic1"},
{GistID: 1, Topic: "topic2"},
{GistID: 1, Topic: "topic3"},
}, gist1db.Topics)
gist2 := db.GistDTO{
Title: "gist2",
URL: "my-gist",
Description: "my second gist",
VisibilityDTO: db.VisibilityDTO{
Private: 0,
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "topic1 topic2 topic3 topic2 topic4 topic1",
}
err = s.Request("POST", "/", gist2, 302)
require.NoError(t, err)
gist2db, err := db.GetGistByID("2")
require.NoError(t, err)
require.Equal(t, []db.GistTopic{
{GistID: 2, Topic: "topic1"},
{GistID: 2, Topic: "topic2"},
{GistID: 2, Topic: "topic3"},
{GistID: 2, Topic: "topic4"},
}, gist2db.Topics)
gist3 := db.GistDTO{
Title: "gist3",
URL: "my-gist",
Description: "my third gist",
VisibilityDTO: db.VisibilityDTO{
Private: 0,
},
Name: []string{"gist1.txt", "gist2.txt", "gist3.txt"},
Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
Topics: "topic1 topic2 topic3 topic4 topic5 topic6 topic7 topic8 topic9 topic10 topic11",
}
err = s.Request("POST", "/", gist3, 400)
require.NoError(t, err)
gist3.Topics = "topictoolongggggggggggggggggggggggggggggggggggggggg"
err = s.Request("POST", "/", gist3, 400)
require.NoError(t, err)
}

95
internal/web/test/server.go
View File

@@ -8,47 +8,47 @@ import (
"net/http/httptest"
"net/url"
"os"
"path"
"path/filepath"
"reflect"
"runtime"
"strconv"
"strings"
"testing"
"time"
"github.com/rs/zerolog/log"
"github.com/stretchr/testify/require"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/git"
"github.com/thomiceli/opengist/internal/memdb"
"github.com/thomiceli/opengist/internal/web"
"github.com/thomiceli/opengist/internal/web/server"
)
var databaseType string
type testServer struct {
server *web.Server
type TestServer struct {
server *server.Server
sessionCookie string
}
func newTestServer() (*testServer, error) {
s := &testServer{
server: web.NewServer(true, path.Join(config.GetHomeDir(), "tmp", "sessions"), true),
func newTestServer() (*TestServer, error) {
s := &TestServer{
server: server.NewServer(true, filepath.Join(config.GetHomeDir(), "tmp", "sessions"), true),
}
go s.start()
return s, nil
}
func (s *testServer) start() {
func (s *TestServer) start() {
s.server.Start()
}
func (s *testServer) stop() {
func (s *TestServer) stop() {
s.server.Stop()
}
func (s *testServer) request(method, uri string, data interface{}, expectedCode int) error {
func (s *TestServer) Request(method, uri string, data interface{}, expectedCode int) error {
var bodyReader io.Reader
if method == http.MethodPost || method == http.MethodPut {
values := structToURLValues(data)
@@ -133,18 +133,7 @@ func structToURLValues(s interface{}) url.Values {
return v
}
func setup(t *testing.T) *testServer {
var databaseDsn string
databaseType = os.Getenv("OPENGIST_TEST_DB")
switch databaseType {
case "sqlite":
databaseDsn = "file::memory:"
case "postgres":
databaseDsn = "postgres://postgres:opengist@localhost:5432/opengist_test"
case "mysql":
databaseDsn = "mysql://root:opengist@localhost:3306/opengist_test"
}
func Setup(t *testing.T) *TestServer {
_ = os.Setenv("OPENGIST_SKIP_GIT_HOOKS", "1")
err := config.InitConfig("", io.Discard)
@@ -155,31 +144,44 @@ func setup(t *testing.T) *testServer {
config.SetupSecretKey()
git.ReposDirectory = path.Join("tests")
git.ReposDirectory = filepath.Join("tests")
config.C.IndexEnabled = false
config.C.LogLevel = "debug"
config.C.LogLevel = "error"
config.InitLog()
homePath := config.GetHomeDir()
log.Info().Msg("Data directory: " + homePath)
var databaseDsn string
databaseType = os.Getenv("OPENGIST_TEST_DB")
switch databaseType {
case "sqlite":
databaseDsn = "file:" + filepath.Join(homePath, "tmp", "opengist.db")
case "postgres":
databaseDsn = "postgres://postgres:opengist@localhost:5432/opengist_test"
case "mysql":
databaseDsn = "mysql://root:opengist@localhost:3306/opengist_test"
default:
databaseDsn = ":memory:"
}
err = os.MkdirAll(filepath.Join(homePath, "tests"), 0755)
require.NoError(t, err, "Could not create tests directory")
err = os.MkdirAll(filepath.Join(homePath, "tmp", "sessions"), 0755)
require.NoError(t, err, "Could not create sessions directory")
err = os.MkdirAll(filepath.Join(homePath, "tmp", "repos"), 0755)
require.NoError(t, err, "Could not create tmp repos directory")
err = db.Setup(databaseDsn, true)
err = db.Setup(databaseDsn)
require.NoError(t, err, "Could not initialize database")
if err != nil {
log.Fatal().Err(err).Msg("Could not initialize database")
}
err = memdb.Setup()
require.NoError(t, err, "Could not initialize in memory database")
// err = index.Open(filepath.Join(homePath, "testsindex", "opengist.index"))
// require.NoError(t, err, "Could not open index")
@@ -189,27 +191,40 @@ func setup(t *testing.T) *testServer {
return s
}
func teardown(t *testing.T, s *testServer) {
func Teardown(t *testing.T, s *TestServer) {
s.stop()
//err := db.Close()
//require.NoError(t, err, "Could not close database")
err := os.RemoveAll(path.Join(config.GetHomeDir(), "tests"))
require.NoError(t, err, "Could not remove repos directory")
err = os.RemoveAll(path.Join(config.GetHomeDir(), "tmp", "repos"))
require.NoError(t, err, "Could not remove repos directory")
err = os.RemoveAll(path.Join(config.GetHomeDir(), "tmp", "sessions"))
require.NoError(t, err, "Could not remove repos directory")
err = db.TruncateDatabase()
err := db.TruncateDatabase()
require.NoError(t, err, "Could not truncate database")
err = os.RemoveAll(filepath.Join(config.GetHomeDir(), "tests"))
require.NoError(t, err, "Could not remove repos directory")
if runtime.GOOS == "windows" {
err = db.Close()
require.NoError(t, err, "Could not close database")
time.Sleep(2 * time.Second)
}
err = os.RemoveAll(filepath.Join(config.GetHomeDir(), "tmp"))
require.NoError(t, err, "Could not remove tmp directory")
// err = os.RemoveAll(path.Join(config.C.OpengistHome, "testsindex"))
// require.NoError(t, err, "Could not remove repos directory")
// err = index.Close()
// require.NoError(t, err, "Could not close index")
}
type settingSet struct {
key string `form:"key"`
value string `form:"value"`
}
type invitationAdmin struct {
nbMax string `form:"nbMax"`
expiredAtUnix string `form:"expiredAtUnix"`
}

22
internal/web/test/settings_test.go Normal file
View File

@@ -0,0 +1,22 @@
package test
import (
"github.com/stretchr/testify/require"
"github.com/thomiceli/opengist/internal/db"
"testing"
)
func TestSettingsPage(t *testing.T) {
s := Setup(t)
defer Teardown(t, s)
err := s.Request("GET", "/settings", nil, 302)
require.NoError(t, err)
user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
register(t, s, user1)
login(t, s, user1)
err = s.Request("GET", "/settings", nil, 200)
require.NoError(t, err)
}

248
internal/web/util.go
View File

@@ -1,248 +0,0 @@
package web
import (
"context"
"errors"
"github.com/gorilla/sessions"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog/log"
"github.com/thomiceli/opengist/internal/config"
"github.com/thomiceli/opengist/internal/db"
"github.com/thomiceli/opengist/internal/i18n"
"golang.org/x/text/cases"
"golang.org/x/text/language"
"html/template"
"net/http"
"strconv"
"strings"
)
type dataTypeKey string
const dataKey dataTypeKey = "data"
func setData(ctx echo.Context, key string, value any) {
data := ctx.Request().Context().Value(dataKey).(echo.Map)
data[key] = value
ctxValue := context.WithValue(ctx.Request().Context(), dataKey, data)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
}
func getData(ctx echo.Context, key string) any {
data := ctx.Request().Context().Value(dataKey).(echo.Map)
return data[key]
}
func dataMap(ctx echo.Context) echo.Map {
return ctx.Request().Context().Value(dataKey).(echo.Map)
}
func html(ctx echo.Context, template string) error {
return htmlWithCode(ctx, 200, template)
}
func htmlWithCode(ctx echo.Context, code int, template string) error {
setErrorFlashes(ctx)
return ctx.Render(code, template, ctx.Request().Context().Value(dataKey))
}
func json(ctx echo.Context, data any) error {
return jsonWithCode(ctx, 200, data)
}
func jsonWithCode(ctx echo.Context, code int, data any) error {
return ctx.JSON(code, data)
}
func redirect(ctx echo.Context, location string) error {
return ctx.Redirect(302, config.C.ExternalUrl+location)
}
func plainText(ctx echo.Context, code int, message string) error {
return ctx.String(code, message)
}
func notFound(message string) error {
return errorRes(404, message, nil)
}
func errorRes(code int, message string, err error) error {
if code >= 500 {
var skipLogger = log.With().CallerWithSkipFrameCount(3).Logger()
skipLogger.Error().Err(err).Msg(message)
}
return &echo.HTTPError{Code: code, Message: message, Internal: err}
}
func jsonErrorRes(code int, message string, err error) error {
if code >= 500 {
var skipLogger = log.With().CallerWithSkipFrameCount(3).Logger()
skipLogger.Error().Err(err).Msg(message)
}
return &echo.HTTPError{Code: code, Message: message, Internal: err}
}
func getUserLogged(ctx echo.Context) *db.User {
user := getData(ctx, "userLogged")
if user != nil {
return user.(*db.User)
}
return nil
}
func setErrorFlashes(ctx echo.Context) {
sess, _ := flashStore.Get(ctx.Request(), "flash")
setData(ctx, "flashErrors", sess.Flashes("error"))
setData(ctx, "flashSuccess", sess.Flashes("success"))
setData(ctx, "flashWarnings", sess.Flashes("warning"))
_ = sess.Save(ctx.Request(), ctx.Response())
}
func addFlash(ctx echo.Context, flashMessage string, flashType string) {
sess, _ := flashStore.Get(ctx.Request(), "flash")
sess.AddFlash(flashMessage, flashType)
_ = sess.Save(ctx.Request(), ctx.Response())
}
func getSession(ctx echo.Context) *sessions.Session {
sess, _ := userStore.Get(ctx.Request(), "session")
return sess
}
func saveSession(sess *sessions.Session, ctx echo.Context) {
_ = sess.Save(ctx.Request(), ctx.Response())
}
func deleteSession(ctx echo.Context) {
sess := getSession(ctx)
sess.Options.MaxAge = -1
saveSession(sess, ctx)
}
func setCsrfHtmlForm(ctx echo.Context) {
var csrf string
if csrfToken, ok := ctx.Get("csrf").(string); ok {
csrf = csrfToken
}
setData(ctx, "csrfHtml", template.HTML(`<input type="hidden" name="_csrf" value="`+csrf+`">`))
}
func deleteCsrfCookie(ctx echo.Context) {
ctx.SetCookie(&http.Cookie{Name: "_csrf", Path: "/", MaxAge: -1})
}
func loadSettings(ctx echo.Context) error {
settings, err := db.GetSettings()
if err != nil {
return err
}
for key, value := range settings {
s := strings.ReplaceAll(key, "-", " ")
s = cases.Title(language.English).String(s)
setData(ctx, strings.ReplaceAll(s, " ", ""), value == "1")
}
return nil
}
func getPage(ctx echo.Context) int {
page := ctx.QueryParam("page")
if page == "" {
page = "1"
}
pageInt, err := strconv.Atoi(page)
if err != nil {
pageInt = 1
}
setData(ctx, "currPage", pageInt)
return pageInt
}
func paginate[T any](ctx echo.Context, data []*T, pageInt int, perPage int, templateDataName string, urlPage string, labels int, urlParams ...string) error {
lenData := len(data)
if lenData == 0 && pageInt != 1 {
return errors.New("page not found")
}
if lenData > perPage {
if lenData > 1 {
data = data[:lenData-1]
}
setData(ctx, "nextPage", pageInt+1)
}
if pageInt > 1 {
setData(ctx, "prevPage", pageInt-1)
}
if len(urlParams) > 0 {
setData(ctx, "urlParams", template.URL(urlParams[0]))
}
switch labels {
case 1:
setData(ctx, "prevLabel", trH(ctx, "pagination.previous"))
setData(ctx, "nextLabel", trH(ctx, "pagination.next"))
case 2:
setData(ctx, "prevLabel", trH(ctx, "pagination.newer"))
setData(ctx, "nextLabel", trH(ctx, "pagination.older"))
}
setData(ctx, "urlPage", urlPage)
setData(ctx, templateDataName, data)
return nil
}
func trH(ctx echo.Context, key string, args ...any) template.HTML {
l := getData(ctx, "locale").(*i18n.Locale)
return l.Tr(key, args...)
}
func tr(ctx echo.Context, key string, args ...any) string {
l := getData(ctx, "locale").(*i18n.Locale)
return l.String(key, args...)
}
func parseSearchQueryStr(query string) (string, map[string]string) {
words := strings.Fields(query)
metadata := make(map[string]string)
var contentBuilder strings.Builder
for _, word := range words {
if strings.Contains(word, ":") {
keyValue := strings.SplitN(word, ":", 2)
if len(keyValue) == 2 {
key := keyValue[0]
value := keyValue[1]
metadata[key] = value
}
} else {
contentBuilder.WriteString(word + " ")
}
}
content := strings.TrimSpace(contentBuilder.String())
return content, metadata
}
func addMetadataToSearchQuery(input, key, value string) string {
content, metadata := parseSearchQueryStr(input)
metadata[key] = value
var resultBuilder strings.Builder
resultBuilder.WriteString(content)
for k, v := range metadata {
resultBuilder.WriteString(" ")
resultBuilder.WriteString(k)
resultBuilder.WriteString(":")
resultBuilder.WriteString(v)
}
return strings.TrimSpace(resultBuilder.String())
}

3146
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

1
package.json
View File

@@ -23,6 +23,7 @@
"cssnano": "^5.1.15",
"dayjs": "^1.11.9",
"github-markdown-css": "^5.5.0",
"jdenticon": "^3.3.0",
"nodemon": "^2.0.22",
"postcss": "^8.4.32",
"postcss-cli": "^11.0.0",

BIN
public/default.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 15 KiB

38
public/main.ts
View File

@@ -1,7 +1,6 @@
import './style.scss';
import './favicon-32.png';
import './opengist.svg';
import './default.png';
import dayjs from 'dayjs';
import relativeTime from 'dayjs/plugin/relativeTime';
import 'dayjs/locale/cs';
@@ -13,11 +12,14 @@ import 'dayjs/locale/pt';
import 'dayjs/locale/ru';
import 'dayjs/locale/zh';
import localizedFormat from 'dayjs/plugin/localizedFormat';
import jdenticon from 'jdenticon/standalone';
dayjs.extend(relativeTime);
dayjs.extend(localizedFormat);
dayjs.locale(window.opengist_locale || 'en');
jdenticon.update("[data-jdenticon-value]")
document.addEventListener('DOMContentLoaded', () => {
const themeMenu = document.getElementById('theme-menu')!;
@@ -159,6 +161,40 @@ document.addEventListener('DOMContentLoaded', () => {
};
}
const searchUserGistsVisibility = document.getElementById('search-user-gists-visibility');
if (searchUserGistsVisibility) {
let dropdown = document.getElementById('search-user-gists-visibility-dropdown');
searchUserGistsVisibility.onclick = () => {
dropdown!.classList.toggle('hidden');
};
let buttons = dropdown.querySelectorAll('button');
buttons.forEach((button) => {
button.onclick = () => {
let value = document.getElementById('visibility-value') as HTMLInputElement;
value.textContent = button.dataset.visibilityStr;
dropdown!.classList.add('hidden');
dropdown.querySelector('input')!.value = button.dataset.visibility || '';
};
});
}
const searchUserGistsLanguage = document.getElementById('search-user-gists-language');
if (searchUserGistsLanguage) {
let dropdown = document.getElementById('search-user-gists-language-dropdown');
searchUserGistsLanguage.onclick = () => {
dropdown!.classList.toggle('hidden');
};
let buttons = dropdown.querySelectorAll('button');
buttons.forEach((button) => {
button.onclick = () => {
let value = document.getElementById('language-value') as HTMLInputElement;
value.textContent = button.dataset.languageStr;
dropdown!.classList.add('hidden');
dropdown.querySelector('input')!.value = button.dataset.language || '';
};
});
}
document.getElementById('language-btn')!.onclick = () => {
document.getElementById('language-list')!.classList.toggle('hidden');
};

6
public/tailwind-embed.config.js vendored
View File

@@ -32,9 +32,9 @@ module.exports = {
500: '#588fee',
600: '#3c79e2',
700: '#356fc0',
800: '#2d6195',
900: '#2a5574',
950: '#173040',
800: '#2b5da3',
900: '#1f4b8c',
950: '#192b57'
},
slate: colors.slate

6
public/tailwind.config.js vendored
View File

@@ -34,9 +34,9 @@ module.exports = {
500: '#588fee',
600: '#3c79e2',
700: '#356fc0',
800: '#2d6195',
900: '#2a5574',
950: '#173040',
800: '#2b5da3',
900: '#1f4b8c',
950: '#192b57'
},
slate: colors.slate

5
templates/base/base_header.html vendored
View File

@@ -46,9 +46,9 @@
{{ end }}
{{ if .htmlTitle }}
<title>{{ .htmlTitle }} - Opengist</title>
<title>{{ .htmlTitle }} - {{ if $.c.CustomName }}{{ $.c.CustomName }}{{ else }}Opengist{{ end }}</title>
{{ else }}
<title>Opengist</title>
<title>{{ if $.c.CustomName }}{{ $.c.CustomName }}{{ else }}Opengist{{ end }}</title>
{{ end }}
</head>
<body class="h-full">
@@ -114,6 +114,7 @@
<p class="text-gray-400"><code class="text-slate-800 dark:text-slate-300 pr-1">filename:myfile.txt</code> {{ .locale.Tr "gist.search.help.filename" }}</p>
<p class="text-gray-400"><code class="text-slate-800 dark:text-slate-300 pr-1">extension:yml</code> {{ .locale.Tr "gist.search.help.extension" }}</p>
<p class="text-gray-400"><code class="text-slate-800 dark:text-slate-300 pr-1">language:go</code> {{ .locale.Tr "gist.search.help.language" }}</p>
<p class="text-gray-400"><code class="text-slate-800 dark:text-slate-300 pr-1">topic:homelab</code> {{ .locale.Tr "gist.search.help.topic" }}</p>
</div>
</div>
</div>

Some files were not shown because too many files have changed in this diff Show More