gotosocial/internal/api/fileserver.go

// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package api

import (
	"github.com/gin-gonic/gin"
	"github.com/superseriousbusiness/gotosocial/internal/api/fileserver"
	"github.com/superseriousbusiness/gotosocial/internal/config"
	"github.com/superseriousbusiness/gotosocial/internal/media"
	"github.com/superseriousbusiness/gotosocial/internal/middleware"
	"github.com/superseriousbusiness/gotosocial/internal/processing"
	"github.com/superseriousbusiness/gotosocial/internal/router"
)

type Fileserver struct {
	fileserver *fileserver.Module
}

// Attach cache middleware appropriate for file serving.
func useFSCacheMiddleware(grp *gin.RouterGroup) {
	// If we're using local storage or proxying s3 (ie., serving
	// from here) we can set a long max-age + immutable on file
	// requests to reflect that we never host different files at
	// the same URL (since ULIDs are generated per piece of media),
	// so we can prevent clients having to fetch files repeatedly.
	//
	// If we *are* using non-proxying s3, however (ie., not serving
	// from here) the max age must be set dynamically within the
	// request handler, based on how long the signed URL has left
	// to live before it expires. This ensures that clients won't
	// cache expired links. This is done within fileserver/servefile.go
	// so we should not set the middleware here in that case.
	//
	// See:
	//
	// - https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching#avoiding_revalidation
	// - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control#immutable
	servingFromHere := config.GetStorageBackend() == "local" || config.GetStorageS3Proxy()
	if !servingFromHere {
		return
	}

	grp.Use(middleware.CacheControl(middleware.CacheControlConfig{
		Directives: []string{"private", "max-age=604800", "immutable"},
		Vary:       []string{"Range"}, // Cache partial ranges separately.
	}))
}

// Route the "main" fileserver group
// that handles everything except emojis.
func (f *Fileserver) Route(
	r *router.Router,
	m ...gin.HandlerFunc,
) {
	const fsGroupPath = "fileserver" +
		"/:" + fileserver.AccountIDKey +
		"/:" + fileserver.MediaTypeKey
	fsGroup := r.AttachGroup(fsGroupPath)

	// Attach provided +
	// cache middlewares.
	fsGroup.Use(m...)
	useFSCacheMiddleware(fsGroup)

	f.fileserver.Route(fsGroup.Handle)
}

// Route the "emojis" fileserver
// group to handle emojis specifically.
//
// instanceAccount ID is required because
// that is the ID under which all emoji
// files are stored, and from which all
// emoji file requests are therefore served.
func (f *Fileserver) RouteEmojis(
	r *router.Router,
	instanceAcctID string,
	m ...gin.HandlerFunc,
) {
	var fsEmojiGroupPath = "fileserver" +
		"/" + instanceAcctID +
		"/" + string(media.TypeEmoji)
	fsEmojiGroup := r.AttachGroup(fsEmojiGroupPath)

	// Inject the instance account and emoji media
	// type params into the gin context manually,
	// since we know we're only going to be serving
	// emojis (stored under the instance account ID)
	// from this group. This allows us to use the
	// same handler functions for both the "main"
	// fileserver handler and the emojis handler.
	fsEmojiGroup.Use(func(c *gin.Context) {
		c.Params = append(c.Params, []gin.Param{
			{
				Key:   fileserver.AccountIDKey,
				Value: instanceAcctID,
			},
			{
				Key:   fileserver.MediaTypeKey,
				Value: string(media.TypeEmoji),
			},
		}...)
	})

	// Attach provided +
	// cache middlewares.
	fsEmojiGroup.Use(m...)
	useFSCacheMiddleware(fsEmojiGroup)

	f.fileserver.Route(fsEmojiGroup.Handle)
}

func NewFileserver(p *processing.Processor) *Fileserver {
	return &Fileserver{
		fileserver: fileserver.New(p),
	}
}
[chore] Improve copyright header handling (#1608) * [chore] Remove years from all license headers Years or year ranges aren't required in license headers. Many projects have removed them in recent years and it avoids a bit of yearly toil. In many cases our copyright claim was also a bit dodgy since we added the 2021-2023 header to files created after 2021 but you can't claim copyright into the past that way. * [chore] Add license header check This ensures a license header is always added to any new file. This avoids maintainers/reviewers needing to remember to check for and ask for it in case a contribution doesn't include it. * [chore] Add missing license headers * [chore] Further updates to license header * Use the more common // indentend comment format * Remove the hack we had for the linter now that we use the // format * Add SPDX license identifier 2023-03-12 16:00:57 +01:00			`// GoToSocial`
			`// Copyright (C) GoToSocial Authors admin@gotosocial.org`
			`// SPDX-License-Identifier: AGPL-3.0-or-later`
			`//`
			`// This program is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU Affero General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU Affero General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU Affero General Public License`
			`// along with this program. If not, see <http://www.gnu.org/licenses/>.`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00
			`package api`

			`import (`
[chore] shuffle middleware to split rate limitting into client/s2s/fileserver, share gzip middleware globally (#1290) Signed-off-by: kim <grufwub@gmail.com> Signed-off-by: kim <grufwub@gmail.com> 2023-01-03 10:50:59 +00:00			`"github.com/gin-gonic/gin"`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00			`"github.com/superseriousbusiness/gotosocial/internal/api/fileserver"`
[chore] Do cache-control in a less silly way to avoid writing header twice (#1481) * do cache-control in a less silly way to avoid writing header twice * add comment back in 2023-02-13 12:58:22 +01:00			`"github.com/superseriousbusiness/gotosocial/internal/config"`
[feature] Ratelimit + serve emoji images on separate router group (#2548) * [feature] Serve + rate limit emoji files separately from attachments * add a wee little warning about uploading loads of emojis 2024-01-22 16:17:04 +01:00			`"github.com/superseriousbusiness/gotosocial/internal/media"`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00			`"github.com/superseriousbusiness/gotosocial/internal/middleware"`
			`"github.com/superseriousbusiness/gotosocial/internal/processing"`
			`"github.com/superseriousbusiness/gotosocial/internal/router"`
			`)`

			`type Fileserver struct {`
			`fileserver *fileserver.Module`
			`}`

[feature] Ratelimit + serve emoji images on separate router group (#2548) * [feature] Serve + rate limit emoji files separately from attachments * add a wee little warning about uploading loads of emojis 2024-01-22 16:17:04 +01:00			`// Attach cache middleware appropriate for file serving.`
			`func useFSCacheMiddleware(grp *gin.RouterGroup) {`
			`// If we're using local storage or proxying s3 (ie., serving`
			`// from here) we can set a long max-age + immutable on file`
			`// requests to reflect that we never host different files at`
			`// the same URL (since ULIDs are generated per piece of media),`
			`// so we can prevent clients having to fetch files repeatedly.`
[bugfix] Set cache-control max-age dynamically for s3 (#1510) * [bugfix] set cache-control max-age dynamically for s3 * woops * double whoops * time until, thank you linter, bless you, you're the best, no matter what kim says * aa 2023-02-16 14:18:53 +01:00			`//`
[feature] Ratelimit + serve emoji images on separate router group (#2548) * [feature] Serve + rate limit emoji files separately from attachments * add a wee little warning about uploading loads of emojis 2024-01-22 16:17:04 +01:00			`// If we are using non-proxying s3, however (ie., not serving`
			`// from here) the max age must be set dynamically within the`
			`// request handler, based on how long the signed URL has left`
			`// to live before it expires. This ensures that clients won't`
			`// cache expired links. This is done within fileserver/servefile.go`
			`// so we should not set the middleware here in that case.`
[bugfix] Set Vary header correctly on cache-control (#1988) * [bugfix] Set Vary header correctly on cache-control * Prefer activitypub types on AP endpoints * use immutable on file server, vary by range * vary auth on Accept 2023-07-13 21:27:25 +02:00			`//`
			`// See:`
			`//`
			`// - https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching#avoiding_revalidation`
			`// - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control#immutable`
[feature] Ratelimit + serve emoji images on separate router group (#2548) * [feature] Serve + rate limit emoji files separately from attachments * add a wee little warning about uploading loads of emojis 2024-01-22 16:17:04 +01:00			`servingFromHere := config.GetStorageBackend() == "local" \|\| config.GetStorageS3Proxy()`
			`if !servingFromHere {`
			`return`
[bugfix] Set cache-control max-age dynamically for s3 (#1510) * [bugfix] set cache-control max-age dynamically for s3 * woops * double whoops * time until, thank you linter, bless you, you're the best, no matter what kim says * aa 2023-02-16 14:18:53 +01:00			`}`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00
[feature] Ratelimit + serve emoji images on separate router group (#2548) * [feature] Serve + rate limit emoji files separately from attachments * add a wee little warning about uploading loads of emojis 2024-01-22 16:17:04 +01:00			`grp.Use(middleware.CacheControl(middleware.CacheControlConfig{`
			`Directives: []string{"private", "max-age=604800", "immutable"},`
			`Vary: []string{"Range"}, // Cache partial ranges separately.`
			`}))`
			`}`

			`// Route the "main" fileserver group`
			`// that handles everything except emojis.`
			`func (f *Fileserver) Route(`
			`r *router.Router,`
			`m ...gin.HandlerFunc,`
			`) {`
			`const fsGroupPath = "fileserver" +`
			`"/:" + fileserver.AccountIDKey +`
			`"/:" + fileserver.MediaTypeKey`
			`fsGroup := r.AttachGroup(fsGroupPath)`

			`// Attach provided +`
			`// cache middlewares.`
			`fsGroup.Use(m...)`
			`useFSCacheMiddleware(fsGroup)`

			`f.fileserver.Route(fsGroup.Handle)`
			`}`

			`// Route the "emojis" fileserver`
			`// group to handle emojis specifically.`
			`//`
			`// instanceAccount ID is required because`
			`// that is the ID under which all emoji`
			`// files are stored, and from which all`
			`// emoji file requests are therefore served.`
			`func (f *Fileserver) RouteEmojis(`
			`r *router.Router,`
			`instanceAcctID string,`
			`m ...gin.HandlerFunc,`
			`) {`
			`var fsEmojiGroupPath = "fileserver" +`
			`"/" + instanceAcctID +`
			`"/" + string(media.TypeEmoji)`
			`fsEmojiGroup := r.AttachGroup(fsEmojiGroupPath)`

			`// Inject the instance account and emoji media`
			`// type params into the gin context manually,`
			`// since we know we're only going to be serving`
			`// emojis (stored under the instance account ID)`
			`// from this group. This allows us to use the`
			`// same handler functions for both the "main"`
			`// fileserver handler and the emojis handler.`
			`fsEmojiGroup.Use(func(c *gin.Context) {`
			`c.Params = append(c.Params, []gin.Param{`
			`{`
			`Key: fileserver.AccountIDKey,`
			`Value: instanceAcctID,`
			`},`
			`{`
			`Key: fileserver.MediaTypeKey,`
			`Value: string(media.TypeEmoji),`
			`},`
			`}...)`
			`})`

			`// Attach provided +`
			`// cache middlewares.`
			`fsEmojiGroup.Use(m...)`
			`useFSCacheMiddleware(fsEmojiGroup)`

			`f.fileserver.Route(fsEmojiGroup.Handle)`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00			`}`

[chore] Deinterface processor and subprocessors (#1501) * [chore] Deinterface processor and subprocessors * expose subprocessors via function calls * missing license header 2023-02-22 16:05:26 +01:00			`func NewFileserver(p processing.Processor) Fileserver {`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00			`return &Fileserver{`
			`fileserver: fileserver.New(p),`
			`}`
			`}`