mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-11-04 08:52:26 -06:00
117888cf59* start work on user panel * parse source first before checking if empty form * newline * set avi + header nicely * add posts settings * render signin a bit nicer on mobile * return OK json on successful change * return unauthorized on bad password * clarify message on insecure password * make login a bit prettier * add alt text + border round image previews * add logout button * add password change * styling updates * redirect /auth/edit to /user * update tests * fix validation tests * better labels, link to more info * make submit button generic component * move submit button inside forms * add autocomplete labels to password fields * fix indentation (thx eslint) * update eslintrc * eslint: no-unescaped-entities * initial deduplication between user and admin panel * add default status/post format setting * user panel styling for inputs * update user panel styling, include normalize css * add placeholder text * input padding Co-authored-by: f0x <f0x@cthu.lu>
163 lines
5.1 KiB
Go
163 lines
5.1 KiB
Go
/*
|
|
GoToSocial
|
|
Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package web
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"path/filepath"
|
|
"strings"
|
|
"time"
|
|
|
|
"codeberg.org/gruf/go-cache/v2"
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/superseriousbusiness/gotosocial/internal/api"
|
|
"github.com/superseriousbusiness/gotosocial/internal/config"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
|
|
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
|
"github.com/superseriousbusiness/gotosocial/internal/router"
|
|
"github.com/superseriousbusiness/gotosocial/internal/uris"
|
|
)
|
|
|
|
const (
|
|
confirmEmailPath = "/" + uris.ConfirmEmailPath
|
|
profilePath = "/@:" + usernameKey
|
|
statusPath = profilePath + "/statuses/:" + statusIDKey
|
|
adminPanelPath = "/admin"
|
|
userPanelpath = "/user"
|
|
assetsPath = "/assets"
|
|
|
|
tokenParam = "token"
|
|
usernameKey = "username"
|
|
statusIDKey = "status"
|
|
)
|
|
|
|
// Module implements the api.ClientModule interface for web pages.
|
|
type Module struct {
|
|
processor processing.Processor
|
|
webAssetsAbsFilePath string
|
|
assetsETagCache cache.Cache[string, eTagCacheEntry]
|
|
defaultAvatars []string
|
|
}
|
|
|
|
// New returns a new api.ClientModule for web pages.
|
|
func New(processor processing.Processor) (api.ClientModule, error) {
|
|
webAssetsBaseDir := config.GetWebAssetBaseDir()
|
|
if webAssetsBaseDir == "" {
|
|
return nil, fmt.Errorf("%s cannot be empty and must be a relative or absolute path", config.WebAssetBaseDirFlag())
|
|
}
|
|
|
|
webAssetsAbsFilePath, err := filepath.Abs(webAssetsBaseDir)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error getting absolute path of %s: %s", webAssetsBaseDir, err)
|
|
}
|
|
|
|
defaultAvatarsAbsFilePath := filepath.Join(webAssetsAbsFilePath, "default_avatars")
|
|
defaultAvatarFiles, err := ioutil.ReadDir(defaultAvatarsAbsFilePath)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error reading default avatars at %s: %s", defaultAvatarsAbsFilePath, err)
|
|
}
|
|
|
|
defaultAvatars := []string{}
|
|
for _, f := range defaultAvatarFiles {
|
|
// ignore directories
|
|
if f.IsDir() {
|
|
continue
|
|
}
|
|
|
|
// ignore files bigger than 50kb
|
|
if f.Size() > 50000 {
|
|
continue
|
|
}
|
|
|
|
// get the name of the file, eg avatar.jpeg
|
|
fileName := f.Name()
|
|
|
|
// get just the .jpeg, for example, from avatar.jpeg
|
|
extensionWithDot := filepath.Ext(fileName)
|
|
|
|
// remove the leading . to just get, eg, jpeg
|
|
extension := strings.TrimPrefix(extensionWithDot, ".")
|
|
|
|
// take only files with simple extensions
|
|
// that we know will work OK as avatars
|
|
switch strings.ToLower(extension) {
|
|
case "svg", "jpeg", "jpg", "gif", "png":
|
|
avatar := fmt.Sprintf("%s/default_avatars/%s", assetsPath, f.Name())
|
|
defaultAvatars = append(defaultAvatars, avatar)
|
|
default:
|
|
continue
|
|
}
|
|
}
|
|
|
|
assetsETagCache := cache.New[string, eTagCacheEntry]()
|
|
assetsETagCache.SetTTL(time.Hour, false)
|
|
assetsETagCache.Start(time.Minute)
|
|
|
|
return &Module{
|
|
processor: processor,
|
|
webAssetsAbsFilePath: webAssetsAbsFilePath,
|
|
assetsETagCache: assetsETagCache,
|
|
defaultAvatars: defaultAvatars,
|
|
}, nil
|
|
}
|
|
|
|
// Route satisfies the RESTAPIModule interface
|
|
func (m *Module) Route(s router.Router) error {
|
|
// serve static files from assets dir at /assets
|
|
assetsGroup := s.AttachGroup(assetsPath)
|
|
m.mountAssetsFilesystem(assetsGroup)
|
|
|
|
s.AttachHandler(http.MethodGet, adminPanelPath, m.AdminPanelHandler)
|
|
// redirect /admin/ to /admin
|
|
s.AttachHandler(http.MethodGet, adminPanelPath+"/", func(c *gin.Context) {
|
|
c.Redirect(http.StatusMovedPermanently, adminPanelPath)
|
|
})
|
|
|
|
s.AttachHandler(http.MethodGet, userPanelpath, m.UserPanelHandler)
|
|
// redirect /user/ to /user
|
|
s.AttachHandler(http.MethodGet, userPanelpath+"/", func(c *gin.Context) {
|
|
c.Redirect(http.StatusMovedPermanently, userPanelpath)
|
|
})
|
|
// redirect /auth/edit to /user
|
|
s.AttachHandler(http.MethodGet, "/auth/edit", func(c *gin.Context) {
|
|
c.Redirect(http.StatusMovedPermanently, userPanelpath)
|
|
})
|
|
|
|
// serve front-page
|
|
s.AttachHandler(http.MethodGet, "/", m.baseHandler)
|
|
|
|
// serve profile pages at /@username
|
|
s.AttachHandler(http.MethodGet, profilePath, m.profileGETHandler)
|
|
|
|
// serve statuses
|
|
s.AttachHandler(http.MethodGet, statusPath, m.threadGETHandler)
|
|
|
|
// serve email confirmation page at /confirm_email?token=whatever
|
|
s.AttachHandler(http.MethodGet, confirmEmailPath, m.confirmEmailGETHandler)
|
|
|
|
// 404 handler
|
|
s.AttachNoRouteHandler(func(c *gin.Context) {
|
|
api.ErrorHandler(c, gtserror.NewErrorNotFound(errors.New(http.StatusText(http.StatusNotFound))), m.processor.InstanceGet)
|
|
})
|
|
|
|
return nil
|
|
}
|