gosora/routes/common.go

139 lines
3.9 KiB
Go
Raw Normal View History

UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
package routes
import (
//"fmt"
"net/http"
"strconv"
"strings"
"time"
c "github.com/Azareal/Gosora/common"
)
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
var successJSONBytes = []byte(`{"success":"1"}`)
func ParseSEOURL(urlBit string) (slug string, id int, err error) {
halves := strings.Split(urlBit, ".")
if len(halves) < 2 {
halves = append(halves, halves[0])
}
tid, err := strconv.Atoi(halves[1])
return halves[0], tid, err
}
var slen1 = len("</static/>; rel=preload; as=script,")
var slen2 = len("</static/>; rel=preload; as=style,")
func doPush(w http.ResponseWriter, header *c.Header) {
//fmt.Println("in doPush")
if c.Config.EnableCDNPush {
// TODO: Cache these in a sync.Pool?
var sb strings.Builder
var push = func(in []string) {
sb.Grow((slen1 + 5) * len(in))
for _, path := range in {
sb.WriteString("</static/")
sb.WriteString(path)
sb.WriteString(">; rel=preload; as=script,")
}
}
push(header.Scripts)
//push(header.PreScriptsAsync)
push(header.ScriptsAsync)
if len(header.Stylesheets) > 0 {
sb.Grow((slen2 + 6) * len(header.Stylesheets))
for _, path := range header.Stylesheets {
sb.WriteString("</static/")
sb.WriteString(path)
sb.WriteString(">; rel=preload; as=style,")
}
}
// TODO: Push avatars?
if sb.Len() > 0 {
sbuf := sb.String()
w.Header().Set("Link", sbuf[:len(sbuf)-1])
}
} else if !c.Config.DisableServerPush {
//fmt.Println("push enabled")
gzw, ok := w.(c.GzipResponseWriter)
if ok {
w = gzw.ResponseWriter
}
pusher, ok := w.(http.Pusher)
if !ok {
return
}
//fmt.Println("has pusher")
var push = func(in []string) {
for _, path := range in {
//fmt.Println("pushing /static/" + path)
// TODO: Avoid concatenating here
err := pusher.Push("/static/"+path, nil)
if err != nil {
break
}
}
}
push(header.Scripts)
//push(header.PreScriptsAsync)
push(header.ScriptsAsync)
push(header.Stylesheets)
// TODO: Push avatars?
}
}
func renderTemplate(tmplName string, w http.ResponseWriter, r *http.Request, header *c.Header, pi interface{}) c.RouteError {
return renderTemplate2(tmplName, tmplName, w, r, header, pi)
}
func renderTemplate2(tmplName string, hookName string, w http.ResponseWriter, r *http.Request, header *c.Header, pi interface{}) c.RouteError {
err := renderTemplate3(tmplName, tmplName, w, r, header, pi)
if err != nil {
return c.InternalError(err, w, r)
}
return nil
}
func FootHeaders(w http.ResponseWriter, header *c.Header) {
// TODO: Expand this to non-HTTPS requests too
if !header.LooseCSP && c.Site.EnableSsl {
w.Header().Set("Content-Security-Policy", "default-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src * data: 'unsafe-eval' 'unsafe-inline'; connect-src * 'unsafe-eval' 'unsafe-inline'; frame-src 'self' www.youtube-nocookie.com;upgrade-insecure-requests")
}
// Server pushes can backfire on certain browsers, so we want to make sure it's only triggered for ones where it'll help
lastAgent := header.CurrentUser.LastAgent
//fmt.Println("lastAgent:", lastAgent)
if lastAgent == "chrome" || lastAgent == "firefox" {
doPush(w, header)
}
}
func renderTemplate3(tmplName string, hookName string, w http.ResponseWriter, r *http.Request, header *c.Header, pi interface{}) error {
c.PrepResources(&header.CurrentUser, header, header.Theme)
if header.CurrentUser.Loggedin {
header.MetaDesc = ""
header.OGDesc = ""
} else if header.MetaDesc != "" && header.OGDesc == "" {
header.OGDesc = header.MetaDesc
}
header.AddScript("global.js")
if header.CurrentUser.Loggedin {
header.AddScriptAsync("member.js")
}
FootHeaders(w, header)
if header.CurrentUser.IsAdmin {
header.Elapsed1 = time.Since(header.StartedAt).String()
}
if c.RunPreRenderHook("pre_render_"+hookName, w, r, &header.CurrentUser, pi) {
return nil
}
return header.Theme.RunTmpl(tmplName, pi, w)
}
// TODO: Rename renderTemplate to RenderTemplate instead of using this hack to avoid breaking things
var RenderTemplate = renderTemplate3