From 384579ee5e0a45daf98d53432e3ec3d057a7f009 Mon Sep 17 00:00:00 2001 From: ari melody Date: Tue, 21 Jan 2025 14:53:18 +0000 Subject: [PATCH 01/63] refactored out `global`. long live `AppState` --- .gitignore | 1 + admin/accounthttp.go | 48 ++++---- admin/artisthttp.go | 7 +- admin/http.go | 30 +++-- admin/releasehttp.go | 29 +++-- admin/trackhttp.go | 7 +- api/account.go | 25 ++--- api/api.go | 41 ++++--- api/artist.go | 25 ++--- api/release.go | 51 +++++---- api/track.go | 21 ++-- api/uploads.go | 6 +- controller/account.go | 3 +- controller/artist.go | 1 + {global => controller}/config.go | 47 ++------ controller/release.go | 1 + controller/track.go | 1 + discord/discord.go | 43 +++----- global/const.go | 3 - global/funcs.go | 101 ----------------- main.go | 182 +++++++++++++++++++++++-------- model/account.go | 2 + model/appstate.go | 32 ++++++ view/music.go | 18 ++- 24 files changed, 350 insertions(+), 375 deletions(-) rename {global => controller}/config.go (65%) delete mode 100644 global/const.go delete mode 100644 global/funcs.go create mode 100644 model/appstate.go diff --git a/.gitignore b/.gitignore index cccde2b..9bdf788 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ uploads/ docker-compose*.yml !docker-compose.example.yml config*.toml +arimelody-web diff --git a/admin/accounthttp.go b/admin/accounthttp.go index f0990df..b2cf18a 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -8,10 +8,8 @@ import ( "time" "arimelody-web/controller" - "arimelody-web/global" "arimelody-web/model" - "github.com/jmoiron/sqlx" "golang.org/x/crypto/bcrypt" ) @@ -21,11 +19,11 @@ type TemplateData struct { Token string } -func AccountHandler(db *sqlx.DB) http.Handler { +func AccountHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { account := r.Context().Value("account").(*model.Account) - totps, err := controller.GetTOTPsForAccount(db, account.ID) + totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) if err != nil { fmt.Printf("WARN: Failed to fetch TOTPs: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -47,10 +45,10 @@ func AccountHandler(db *sqlx.DB) http.Handler { }) } -func LoginHandler(db *sqlx.DB) http.Handler { +func LoginHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodGet { - account, err := controller.GetAccountByRequest(db, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) @@ -107,7 +105,7 @@ func LoginHandler(db *sqlx.DB) http.Handler { TOTP: r.Form.Get("totp"), } - account, err := controller.GetAccount(db, credentials.Username) + account, err := controller.GetAccount(app.DB, credentials.Username) if err != nil { render(LoginResponse{ Message: "Invalid username or password" }) return @@ -123,7 +121,7 @@ func LoginHandler(db *sqlx.DB) http.Handler { return } - totps, err := controller.GetTOTPsForAccount(db, account.ID) + totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) render(LoginResponse{ Message: "Something went wrong. Please try again." }) @@ -147,7 +145,7 @@ func LoginHandler(db *sqlx.DB) http.Handler { } // login success! - token, err := controller.CreateToken(db, account.ID, r.UserAgent()) + token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to create token: %v\n", err) render(LoginResponse{ Message: "Something went wrong. Please try again." }) @@ -155,10 +153,10 @@ func LoginHandler(db *sqlx.DB) http.Handler { } cookie := http.Cookie{} - cookie.Name = global.COOKIE_TOKEN + cookie.Name = model.COOKIE_TOKEN cookie.Value = token.Token cookie.Expires = token.ExpiresAt - if strings.HasPrefix(global.Config.BaseUrl, "https") { + if strings.HasPrefix(app.Config.BaseUrl, "https") { cookie.Secure = true } cookie.HttpOnly = true @@ -169,17 +167,17 @@ func LoginHandler(db *sqlx.DB) http.Handler { }) } -func LogoutHandler(db *sqlx.DB) http.Handler { +func LogoutHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodGet { http.NotFound(w, r) return } - tokenStr := controller.GetTokenFromRequest(db, r) + tokenStr := controller.GetTokenFromRequest(app.DB, r) if len(tokenStr) > 0 { - err := controller.DeleteToken(db, tokenStr) + err := controller.DeleteToken(app.DB, tokenStr) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to revoke token: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -188,10 +186,10 @@ func LogoutHandler(db *sqlx.DB) http.Handler { } cookie := http.Cookie{} - cookie.Name = global.COOKIE_TOKEN + cookie.Name = model.COOKIE_TOKEN cookie.Value = "" cookie.Expires = time.Now() - if strings.HasPrefix(global.Config.BaseUrl, "https") { + if strings.HasPrefix(app.Config.BaseUrl, "https") { cookie.Secure = true } cookie.HttpOnly = true @@ -201,9 +199,9 @@ func LogoutHandler(db *sqlx.DB) http.Handler { }) } -func createAccountHandler(db *sqlx.DB) http.Handler { +func createAccountHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - checkAccount, err := controller.GetAccountByRequest(db, r) + checkAccount, err := controller.GetAccountByRequest(app.DB, r) if err != nil { fmt.Printf("WARN: Failed to fetch account: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -260,7 +258,7 @@ func createAccountHandler(db *sqlx.DB) http.Handler { } // make sure code exists in DB - invite, err := controller.GetInvite(db, credentials.Invite) + invite, err := controller.GetInvite(app.DB, credentials.Invite) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) render(CreateAccountResponse{ @@ -270,7 +268,7 @@ func createAccountHandler(db *sqlx.DB) http.Handler { } if invite == nil || time.Now().After(invite.ExpiresAt) { if invite != nil { - err := controller.DeleteInvite(db, invite.Code) + err := controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } } render(CreateAccountResponse{ @@ -294,7 +292,7 @@ func createAccountHandler(db *sqlx.DB) http.Handler { Email: credentials.Email, AvatarURL: "/img/default-avatar.png", } - err = controller.CreateAccount(db, &account) + err = controller.CreateAccount(app.DB, &account) if err != nil { if strings.HasPrefix(err.Error(), "pq: duplicate key") { render(CreateAccountResponse{ @@ -309,11 +307,11 @@ func createAccountHandler(db *sqlx.DB) http.Handler { return } - err = controller.DeleteInvite(db, invite.Code) + err = controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } // registration success! - token, err := controller.CreateToken(db, account.ID, r.UserAgent()) + token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to create token: %v\n", err) // gracefully redirect user to login page @@ -322,10 +320,10 @@ func createAccountHandler(db *sqlx.DB) http.Handler { } cookie := http.Cookie{} - cookie.Name = global.COOKIE_TOKEN + cookie.Name = model.COOKIE_TOKEN cookie.Value = token.Token cookie.Expires = token.ExpiresAt - if strings.HasPrefix(global.Config.BaseUrl, "https") { + if strings.HasPrefix(app.Config.BaseUrl, "https") { cookie.Secure = true } cookie.HttpOnly = true diff --git a/admin/artisthttp.go b/admin/artisthttp.go index af42cb1..d6a5e76 100644 --- a/admin/artisthttp.go +++ b/admin/artisthttp.go @@ -5,16 +5,15 @@ import ( "net/http" "strings" - "arimelody-web/global" "arimelody-web/model" "arimelody-web/controller" ) -func serveArtist() http.Handler { +func serveArtist(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { slices := strings.Split(r.URL.Path[1:], "/") id := slices[0] - artist, err := controller.GetArtist(global.DB, id) + artist, err := controller.GetArtist(app.DB, id) if err != nil { if artist == nil { http.NotFound(w, r) @@ -25,7 +24,7 @@ func serveArtist() http.Handler { return } - credits, err := controller.GetArtistCredits(global.DB, artist.ID, true) + credits, err := controller.GetArtistCredits(app.DB, artist.ID, true) if err != nil { fmt.Printf("Error rendering admin track page for %s: %s\n", id, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/admin/http.go b/admin/http.go index d118647..b44cfa9 100644 --- a/admin/http.go +++ b/admin/http.go @@ -9,28 +9,26 @@ import ( "arimelody-web/controller" "arimelody-web/model" - - "github.com/jmoiron/sqlx" ) -func Handler(db *sqlx.DB) http.Handler { +func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() - mux.Handle("/login", LoginHandler(db)) - mux.Handle("/register", createAccountHandler(db)) - mux.Handle("/logout", RequireAccount(db, LogoutHandler(db))) - mux.Handle("/account", RequireAccount(db, AccountHandler(db))) + mux.Handle("/login", LoginHandler(app)) + mux.Handle("/register", createAccountHandler(app)) + mux.Handle("/logout", RequireAccount(app, LogoutHandler(app))) + mux.Handle("/account", RequireAccount(app, AccountHandler(app))) mux.Handle("/static/", http.StripPrefix("/static", staticHandler())) - mux.Handle("/release/", RequireAccount(db, http.StripPrefix("/release", serveRelease()))) - mux.Handle("/artist/", RequireAccount(db, http.StripPrefix("/artist", serveArtist()))) - mux.Handle("/track/", RequireAccount(db, http.StripPrefix("/track", serveTrack()))) + mux.Handle("/release/", RequireAccount(app, http.StripPrefix("/release", serveRelease(app)))) + mux.Handle("/artist/", RequireAccount(app, http.StripPrefix("/artist", serveArtist(app)))) + mux.Handle("/track/", RequireAccount(app, http.StripPrefix("/track", serveTrack(app)))) mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path != "/" { http.NotFound(w, r) return } - account, err := controller.GetAccountByRequest(db, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %s\n", err) } @@ -39,21 +37,21 @@ func Handler(db *sqlx.DB) http.Handler { return } - releases, err := controller.GetAllReleases(db, false, 0, true) + releases, err := controller.GetAllReleases(app.DB, false, 0, true) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to pull releases: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } - artists, err := controller.GetAllArtists(db) + artists, err := controller.GetAllArtists(app.DB) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to pull artists: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } - tracks, err := controller.GetOrphanTracks(db) + tracks, err := controller.GetOrphanTracks(app.DB) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to pull orphan tracks: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -83,9 +81,9 @@ func Handler(db *sqlx.DB) http.Handler { return mux } -func RequireAccount(db *sqlx.DB, next http.Handler) http.HandlerFunc { +func RequireAccount(app *model.AppState, next http.Handler) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - account, err := controller.GetAccountByRequest(db, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) diff --git a/admin/releasehttp.go b/admin/releasehttp.go index 9132fe8..503166b 100644 --- a/admin/releasehttp.go +++ b/admin/releasehttp.go @@ -5,19 +5,18 @@ import ( "net/http" "strings" - "arimelody-web/global" "arimelody-web/controller" "arimelody-web/model" ) -func serveRelease() http.Handler { +func serveRelease(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { slices := strings.Split(r.URL.Path[1:], "/") releaseID := slices[0] account := r.Context().Value("account").(*model.Account) - release, err := controller.GetRelease(global.DB, releaseID, true) + release, err := controller.GetRelease(app.DB, releaseID, true) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -34,10 +33,10 @@ func serveRelease() http.Handler { serveEditCredits(release).ServeHTTP(w, r) return case "addcredit": - serveAddCredit(release).ServeHTTP(w, r) + serveAddCredit(app, release).ServeHTTP(w, r) return case "newcredit": - serveNewCredit().ServeHTTP(w, r) + serveNewCredit(app).ServeHTTP(w, r) return case "editlinks": serveEditLinks(release).ServeHTTP(w, r) @@ -46,10 +45,10 @@ func serveRelease() http.Handler { serveEditTracks(release).ServeHTTP(w, r) return case "addtrack": - serveAddTrack(release).ServeHTTP(w, r) + serveAddTrack(app, release).ServeHTTP(w, r) return case "newtrack": - serveNewTrack().ServeHTTP(w, r) + serveNewTrack(app).ServeHTTP(w, r) return } http.NotFound(w, r) @@ -83,9 +82,9 @@ func serveEditCredits(release *model.Release) http.Handler { }) } -func serveAddCredit(release *model.Release) http.Handler { +func serveAddCredit(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - artists, err := controller.GetArtistsNotOnRelease(global.DB, release.ID) + artists, err := controller.GetArtistsNotOnRelease(app.DB, release.ID) if err != nil { fmt.Printf("FATAL: Failed to pull artists not on %s: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -109,10 +108,10 @@ func serveAddCredit(release *model.Release) http.Handler { }) } -func serveNewCredit() http.Handler { +func serveNewCredit(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { artistID := strings.Split(r.URL.Path, "/")[3] - artist, err := controller.GetArtist(global.DB, artistID) + artist, err := controller.GetArtist(app.DB, artistID) if err != nil { fmt.Printf("FATAL: Failed to pull artists %s: %s\n", artistID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -154,9 +153,9 @@ func serveEditTracks(release *model.Release) http.Handler { }) } -func serveAddTrack(release *model.Release) http.Handler { +func serveAddTrack(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - tracks, err := controller.GetTracksNotOnRelease(global.DB, release.ID) + tracks, err := controller.GetTracksNotOnRelease(app.DB, release.ID) if err != nil { fmt.Printf("FATAL: Failed to pull tracks not on %s: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -181,10 +180,10 @@ func serveAddTrack(release *model.Release) http.Handler { }) } -func serveNewTrack() http.Handler { +func serveNewTrack(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { trackID := strings.Split(r.URL.Path, "/")[3] - track, err := controller.GetTrack(global.DB, trackID) + track, err := controller.GetTrack(app.DB, trackID) if err != nil { fmt.Printf("Error rendering new track component for %s: %s\n", trackID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/admin/trackhttp.go b/admin/trackhttp.go index 2cea123..fa49b53 100644 --- a/admin/trackhttp.go +++ b/admin/trackhttp.go @@ -5,16 +5,15 @@ import ( "net/http" "strings" - "arimelody-web/global" "arimelody-web/model" "arimelody-web/controller" ) -func serveTrack() http.Handler { +func serveTrack(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { slices := strings.Split(r.URL.Path[1:], "/") id := slices[0] - track, err := controller.GetTrack(global.DB, id) + track, err := controller.GetTrack(app.DB, id) if err != nil { fmt.Printf("Error rendering admin track page for %s: %s\n", id, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -25,7 +24,7 @@ func serveTrack() http.Handler { return } - releases, err := controller.GetTrackReleases(global.DB, track.ID, true) + releases, err := controller.GetTrackReleases(app.DB, track.ID, true) if err != nil { fmt.Printf("FATAL: Failed to pull releases for %s: %s\n", id, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/api/account.go b/api/account.go index 3ce52c8..0a9a7f9 100644 --- a/api/account.go +++ b/api/account.go @@ -3,7 +3,6 @@ package api import ( "arimelody-web/controller" "arimelody-web/model" - "arimelody-web/global" "encoding/json" "fmt" "net/http" @@ -14,7 +13,7 @@ import ( "golang.org/x/crypto/bcrypt" ) -func handleLogin() http.HandlerFunc { +func handleLogin(app *model.AppState) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.NotFound(w, r) @@ -33,7 +32,7 @@ func handleLogin() http.HandlerFunc { return } - account, err := controller.GetAccount(global.DB, credentials.Username) + account, err := controller.GetAccount(app.DB, credentials.Username) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve account: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -50,7 +49,7 @@ func handleLogin() http.HandlerFunc { return } - token, err := controller.CreateToken(global.DB, account.ID, r.UserAgent()) + token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) type LoginResponse struct { Token string `json:"token"` ExpiresAt time.Time `json:"expires_at"` @@ -67,7 +66,7 @@ func handleLogin() http.HandlerFunc { }) } -func handleAccountRegistration() http.HandlerFunc { +func handleAccountRegistration(app *model.AppState) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.NotFound(w, r) @@ -89,7 +88,7 @@ func handleAccountRegistration() http.HandlerFunc { } // make sure code exists in DB - invite, err := controller.GetInvite(global.DB, credentials.Invite) + invite, err := controller.GetInvite(app.DB, credentials.Invite) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -101,7 +100,7 @@ func handleAccountRegistration() http.HandlerFunc { } if time.Now().After(invite.ExpiresAt) { - err := controller.DeleteInvite(global.DB, invite.Code) + err := controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } http.Error(w, "Invalid invite code", http.StatusBadRequest) return @@ -120,7 +119,7 @@ func handleAccountRegistration() http.HandlerFunc { Email: credentials.Email, AvatarURL: "/img/default-avatar.png", } - err = controller.CreateAccount(global.DB, &account) + err = controller.CreateAccount(app.DB, &account) if err != nil { if strings.HasPrefix(err.Error(), "pq: duplicate key") { http.Error(w, "An account with that username already exists", http.StatusBadRequest) @@ -131,10 +130,10 @@ func handleAccountRegistration() http.HandlerFunc { return } - err = controller.DeleteInvite(global.DB, invite.Code) + err = controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } - token, err := controller.CreateToken(global.DB, account.ID, r.UserAgent()) + token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) type LoginResponse struct { Token string `json:"token"` ExpiresAt time.Time `json:"expires_at"` @@ -151,7 +150,7 @@ func handleAccountRegistration() http.HandlerFunc { }) } -func handleDeleteAccount() http.HandlerFunc { +func handleDeleteAccount(app *model.AppState) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.NotFound(w, r) @@ -170,7 +169,7 @@ func handleDeleteAccount() http.HandlerFunc { return } - account, err := controller.GetAccount(global.DB, credentials.Username) + account, err := controller.GetAccount(app.DB, credentials.Username) if err != nil { if strings.Contains(err.Error(), "no rows") { http.Error(w, "Invalid username or password", http.StatusBadRequest) @@ -189,7 +188,7 @@ func handleDeleteAccount() http.HandlerFunc { // TODO: check TOTP - err = controller.DeleteAccount(global.DB, account.Username) + err = controller.DeleteAccount(app.DB, account.Username) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete account: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/api/api.go b/api/api.go index 26e2255..b16d45d 100644 --- a/api/api.go +++ b/api/api.go @@ -7,11 +7,10 @@ import ( "arimelody-web/admin" "arimelody-web/controller" - - "github.com/jmoiron/sqlx" + "arimelody-web/model" ) -func Handler(db *sqlx.DB) http.Handler { +func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() // ACCOUNT ENDPOINTS @@ -32,7 +31,7 @@ func Handler(db *sqlx.DB) http.Handler { mux.Handle("/v1/artist/", http.StripPrefix("/v1/artist", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var artistID = strings.Split(r.URL.Path[1:], "/")[0] - artist, err := controller.GetArtist(db, artistID) + artist, err := controller.GetArtist(app.DB, artistID) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -46,13 +45,13 @@ func Handler(db *sqlx.DB) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/artist/{id} - ServeArtist(artist).ServeHTTP(w, r) + ServeArtist(app, artist).ServeHTTP(w, r) case http.MethodPut: // PUT /api/v1/artist/{id} (admin) - admin.RequireAccount(db, UpdateArtist(artist)).ServeHTTP(w, r) + admin.RequireAccount(app, UpdateArtist(app, artist)).ServeHTTP(w, r) case http.MethodDelete: // DELETE /api/v1/artist/{id} (admin) - admin.RequireAccount(db, DeleteArtist(artist)).ServeHTTP(w, r) + admin.RequireAccount(app, DeleteArtist(app, artist)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -61,10 +60,10 @@ func Handler(db *sqlx.DB) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/artist - ServeAllArtists().ServeHTTP(w, r) + ServeAllArtists(app).ServeHTTP(w, r) case http.MethodPost: // POST /api/v1/artist (admin) - admin.RequireAccount(db, CreateArtist()).ServeHTTP(w, r) + admin.RequireAccount(app, CreateArtist(app)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -74,7 +73,7 @@ func Handler(db *sqlx.DB) http.Handler { mux.Handle("/v1/music/", http.StripPrefix("/v1/music", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var releaseID = strings.Split(r.URL.Path[1:], "/")[0] - release, err := controller.GetRelease(db, releaseID, true) + release, err := controller.GetRelease(app.DB, releaseID, true) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -88,13 +87,13 @@ func Handler(db *sqlx.DB) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/music/{id} - ServeRelease(release).ServeHTTP(w, r) + ServeRelease(app, release).ServeHTTP(w, r) case http.MethodPut: // PUT /api/v1/music/{id} (admin) - admin.RequireAccount(db, UpdateRelease(release)).ServeHTTP(w, r) + admin.RequireAccount(app, UpdateRelease(app, release)).ServeHTTP(w, r) case http.MethodDelete: // DELETE /api/v1/music/{id} (admin) - admin.RequireAccount(db, DeleteRelease(release)).ServeHTTP(w, r) + admin.RequireAccount(app, DeleteRelease(app, release)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -103,10 +102,10 @@ func Handler(db *sqlx.DB) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/music - ServeCatalog().ServeHTTP(w, r) + ServeCatalog(app).ServeHTTP(w, r) case http.MethodPost: // POST /api/v1/music (admin) - admin.RequireAccount(db, CreateRelease()).ServeHTTP(w, r) + admin.RequireAccount(app, CreateRelease(app)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -116,7 +115,7 @@ func Handler(db *sqlx.DB) http.Handler { mux.Handle("/v1/track/", http.StripPrefix("/v1/track", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var trackID = strings.Split(r.URL.Path[1:], "/")[0] - track, err := controller.GetTrack(db, trackID) + track, err := controller.GetTrack(app.DB, trackID) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -130,13 +129,13 @@ func Handler(db *sqlx.DB) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/track/{id} (admin) - admin.RequireAccount(db, ServeTrack(track)).ServeHTTP(w, r) + admin.RequireAccount(app, ServeTrack(app, track)).ServeHTTP(w, r) case http.MethodPut: // PUT /api/v1/track/{id} (admin) - admin.RequireAccount(db, UpdateTrack(track)).ServeHTTP(w, r) + admin.RequireAccount(app, UpdateTrack(app, track)).ServeHTTP(w, r) case http.MethodDelete: // DELETE /api/v1/track/{id} (admin) - admin.RequireAccount(db, DeleteTrack(track)).ServeHTTP(w, r) + admin.RequireAccount(app, DeleteTrack(app, track)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -145,10 +144,10 @@ func Handler(db *sqlx.DB) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/track (admin) - admin.RequireAccount(db, ServeAllTracks()).ServeHTTP(w, r) + admin.RequireAccount(app, ServeAllTracks(app)).ServeHTTP(w, r) case http.MethodPost: // POST /api/v1/track (admin) - admin.RequireAccount(db, CreateTrack()).ServeHTTP(w, r) + admin.RequireAccount(app, CreateTrack(app)).ServeHTTP(w, r) default: http.NotFound(w, r) } diff --git a/api/artist.go b/api/artist.go index c46db59..a9676b1 100644 --- a/api/artist.go +++ b/api/artist.go @@ -10,15 +10,14 @@ import ( "strings" "time" - "arimelody-web/global" "arimelody-web/controller" "arimelody-web/model" ) -func ServeAllArtists() http.Handler { +func ServeAllArtists(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var artists = []*model.Artist{} - artists, err := controller.GetAllArtists(global.DB) + artists, err := controller.GetAllArtists(app.DB) if err != nil { fmt.Printf("WARN: Failed to serve all artists: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -35,7 +34,7 @@ func ServeAllArtists() http.Handler { }) } -func ServeArtist(artist *model.Artist) http.Handler { +func ServeArtist(app *model.AppState, artist *model.Artist) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { type ( creditJSON struct { @@ -52,7 +51,7 @@ func ServeArtist(artist *model.Artist) http.Handler { } ) - account, err := controller.GetAccountByRequest(global.DB, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -60,7 +59,7 @@ func ServeArtist(artist *model.Artist) http.Handler { } show_hidden_releases := account != nil - dbCredits, err := controller.GetArtistCredits(global.DB, artist.ID, show_hidden_releases) + dbCredits, err := controller.GetArtistCredits(app.DB, artist.ID, show_hidden_releases) if err != nil { fmt.Printf("WARN: Failed to retrieve artist credits for %s: %v\n", artist.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -92,7 +91,7 @@ func ServeArtist(artist *model.Artist) http.Handler { }) } -func CreateArtist() http.Handler { +func CreateArtist(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var artist model.Artist err := json.NewDecoder(r.Body).Decode(&artist) @@ -107,7 +106,7 @@ func CreateArtist() http.Handler { } if artist.Name == "" { artist.Name = artist.ID } - err = controller.CreateArtist(global.DB, &artist) + err = controller.CreateArtist(app.DB, &artist) if err != nil { if strings.Contains(err.Error(), "duplicate key") { http.Error(w, fmt.Sprintf("Artist %s already exists\n", artist.ID), http.StatusBadRequest) @@ -122,7 +121,7 @@ func CreateArtist() http.Handler { }) } -func UpdateArtist(artist *model.Artist) http.Handler { +func UpdateArtist(app *model.AppState, artist *model.Artist) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { err := json.NewDecoder(r.Body).Decode(&artist) if err != nil { @@ -136,7 +135,7 @@ func UpdateArtist(artist *model.Artist) http.Handler { } else { if strings.Contains(artist.Avatar, ";base64,") { var artworkDirectory = filepath.Join("uploads", "avatar") - filename, err := HandleImageUpload(&artist.Avatar, artworkDirectory, artist.ID) + filename, err := HandleImageUpload(app, &artist.Avatar, artworkDirectory, artist.ID) // clean up files with this ID and different extensions err = filepath.Walk(artworkDirectory, func(path string, info fs.FileInfo, err error) error { @@ -155,7 +154,7 @@ func UpdateArtist(artist *model.Artist) http.Handler { } } - err = controller.UpdateArtist(global.DB, artist) + err = controller.UpdateArtist(app.DB, artist) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -167,9 +166,9 @@ func UpdateArtist(artist *model.Artist) http.Handler { }) } -func DeleteArtist(artist *model.Artist) http.Handler { +func DeleteArtist(app *model.AppState, artist *model.Artist) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - err := controller.DeleteArtist(global.DB, artist.ID) + err := controller.DeleteArtist(app.DB, artist.ID) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) diff --git a/api/release.go b/api/release.go index d17fb5f..c71043e 100644 --- a/api/release.go +++ b/api/release.go @@ -10,17 +10,16 @@ import ( "strings" "time" - "arimelody-web/global" "arimelody-web/controller" "arimelody-web/model" ) -func ServeRelease(release *model.Release) http.Handler { +func ServeRelease(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // only allow authorised users to view hidden releases privileged := false if !release.Visible { - account, err := controller.GetAccountByRequest(global.DB, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -67,14 +66,14 @@ func ServeRelease(release *model.Release) http.Handler { if release.IsReleased() || privileged { // get credits - credits, err := controller.GetReleaseCredits(global.DB, release.ID) + credits, err := controller.GetReleaseCredits(app.DB, release.ID) if err != nil { fmt.Printf("WARN: Failed to serve release %s: Credits: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } for _, credit := range credits { - artist, err := controller.GetArtist(global.DB, credit.Artist.ID) + artist, err := controller.GetArtist(app.DB, credit.Artist.ID) if err != nil { fmt.Printf("WARN: Failed to serve release %s: Artists: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -89,7 +88,7 @@ func ServeRelease(release *model.Release) http.Handler { } // get tracks - tracks, err := controller.GetReleaseTracks(global.DB, release.ID) + tracks, err := controller.GetReleaseTracks(app.DB, release.ID) if err != nil { fmt.Printf("WARN: Failed to serve release %s: Tracks: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -104,7 +103,7 @@ func ServeRelease(release *model.Release) http.Handler { } // get links - links, err := controller.GetReleaseLinks(global.DB, release.ID) + links, err := controller.GetReleaseLinks(app.DB, release.ID) if err != nil { fmt.Printf("WARN: Failed to serve release %s: Links: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -126,9 +125,9 @@ func ServeRelease(release *model.Release) http.Handler { }) } -func ServeCatalog() http.Handler { +func ServeCatalog(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - releases, err := controller.GetAllReleases(global.DB, false, 0, true) + releases, err := controller.GetAllReleases(app.DB, false, 0, true) if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return @@ -146,7 +145,7 @@ func ServeCatalog() http.Handler { } catalog := []Release{} - account, err := controller.GetAccountByRequest(global.DB, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -192,7 +191,7 @@ func ServeCatalog() http.Handler { }) } -func CreateRelease() http.Handler { +func CreateRelease(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.NotFound(w, r) @@ -220,7 +219,7 @@ func CreateRelease() http.Handler { if release.Artwork == "" { release.Artwork = "/img/default-cover-art.png" } - err = controller.CreateRelease(global.DB, &release) + err = controller.CreateRelease(app.DB, &release) if err != nil { if strings.Contains(err.Error(), "duplicate key") { http.Error(w, fmt.Sprintf("Release %s already exists\n", release.ID), http.StatusBadRequest) @@ -243,7 +242,7 @@ func CreateRelease() http.Handler { }) } -func UpdateRelease(release *model.Release) http.Handler { +func UpdateRelease(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/" { http.NotFound(w, r) @@ -255,11 +254,11 @@ func UpdateRelease(release *model.Release) http.Handler { if len(segments) == 2 { switch segments[1] { case "tracks": - UpdateReleaseTracks(release).ServeHTTP(w, r) + UpdateReleaseTracks(app, release).ServeHTTP(w, r) case "credits": - UpdateReleaseCredits(release).ServeHTTP(w, r) + UpdateReleaseCredits(app, release).ServeHTTP(w, r) case "links": - UpdateReleaseLinks(release).ServeHTTP(w, r) + UpdateReleaseLinks(app, release).ServeHTTP(w, r) } return } @@ -281,7 +280,7 @@ func UpdateRelease(release *model.Release) http.Handler { } else { if strings.Contains(release.Artwork, ";base64,") { var artworkDirectory = filepath.Join("uploads", "musicart") - filename, err := HandleImageUpload(&release.Artwork, artworkDirectory, release.ID) + filename, err := HandleImageUpload(app, &release.Artwork, artworkDirectory, release.ID) // clean up files with this ID and different extensions err = filepath.Walk(artworkDirectory, func(path string, info fs.FileInfo, err error) error { @@ -300,7 +299,7 @@ func UpdateRelease(release *model.Release) http.Handler { } } - err = controller.UpdateRelease(global.DB, release) + err = controller.UpdateRelease(app.DB, release) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -312,7 +311,7 @@ func UpdateRelease(release *model.Release) http.Handler { }) } -func UpdateReleaseTracks(release *model.Release) http.Handler { +func UpdateReleaseTracks(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var trackIDs = []string{} err := json.NewDecoder(r.Body).Decode(&trackIDs) @@ -321,7 +320,7 @@ func UpdateReleaseTracks(release *model.Release) http.Handler { return } - err = controller.UpdateReleaseTracks(global.DB, release.ID, trackIDs) + err = controller.UpdateReleaseTracks(app.DB, release.ID, trackIDs) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -333,7 +332,7 @@ func UpdateReleaseTracks(release *model.Release) http.Handler { }) } -func UpdateReleaseCredits(release *model.Release) http.Handler { +func UpdateReleaseCredits(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { type creditJSON struct { Artist string @@ -358,7 +357,7 @@ func UpdateReleaseCredits(release *model.Release) http.Handler { }) } - err = controller.UpdateReleaseCredits(global.DB, release.ID, credits) + err = controller.UpdateReleaseCredits(app.DB, release.ID, credits) if err != nil { if strings.Contains(err.Error(), "duplicate key") { http.Error(w, "Artists may only be credited once\n", http.StatusBadRequest) @@ -374,7 +373,7 @@ func UpdateReleaseCredits(release *model.Release) http.Handler { }) } -func UpdateReleaseLinks(release *model.Release) http.Handler { +func UpdateReleaseLinks(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPut { http.NotFound(w, r) @@ -388,7 +387,7 @@ func UpdateReleaseLinks(release *model.Release) http.Handler { return } - err = controller.UpdateReleaseLinks(global.DB, release.ID, links) + err = controller.UpdateReleaseLinks(app.DB, release.ID, links) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) @@ -400,9 +399,9 @@ func UpdateReleaseLinks(release *model.Release) http.Handler { }) } -func DeleteRelease(release *model.Release) http.Handler { +func DeleteRelease(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - err := controller.DeleteRelease(global.DB, release.ID) + err := controller.DeleteRelease(app.DB, release.ID) if err != nil { if strings.Contains(err.Error(), "no rows") { http.NotFound(w, r) diff --git a/api/track.go b/api/track.go index 8727b4f..c342e08 100644 --- a/api/track.go +++ b/api/track.go @@ -5,7 +5,6 @@ import ( "fmt" "net/http" - "arimelody-web/global" "arimelody-web/controller" "arimelody-web/model" ) @@ -17,7 +16,7 @@ type ( } ) -func ServeAllTracks() http.Handler { +func ServeAllTracks(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { type Track struct { ID string `json:"id"` @@ -26,7 +25,7 @@ func ServeAllTracks() http.Handler { var tracks = []Track{} var dbTracks = []*model.Track{} - dbTracks, err := controller.GetAllTracks(global.DB) + dbTracks, err := controller.GetAllTracks(app.DB) if err != nil { fmt.Printf("WARN: Failed to pull tracks from DB: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -50,9 +49,9 @@ func ServeAllTracks() http.Handler { }) } -func ServeTrack(track *model.Track) http.Handler { +func ServeTrack(app *model.AppState, track *model.Track) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - dbReleases, err := controller.GetTrackReleases(global.DB, track.ID, false) + dbReleases, err := controller.GetTrackReleases(app.DB, track.ID, false) if err != nil { fmt.Printf("WARN: Failed to pull track releases for %s from DB: %s\n", track.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -74,7 +73,7 @@ func ServeTrack(track *model.Track) http.Handler { }) } -func CreateTrack() http.Handler { +func CreateTrack(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.NotFound(w, r) @@ -93,7 +92,7 @@ func CreateTrack() http.Handler { return } - id, err := controller.CreateTrack(global.DB, &track) + id, err := controller.CreateTrack(app.DB, &track) if err != nil { fmt.Printf("WARN: Failed to create track: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -106,7 +105,7 @@ func CreateTrack() http.Handler { }) } -func UpdateTrack(track *model.Track) http.Handler { +func UpdateTrack(app *model.AppState, track *model.Track) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPut || r.URL.Path == "/" { http.NotFound(w, r) @@ -124,7 +123,7 @@ func UpdateTrack(track *model.Track) http.Handler { return } - err = controller.UpdateTrack(global.DB, track) + err = controller.UpdateTrack(app.DB, track) if err != nil { fmt.Printf("WARN: Failed to update track %s: %s\n", track.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -141,7 +140,7 @@ func UpdateTrack(track *model.Track) http.Handler { }) } -func DeleteTrack(track *model.Track) http.Handler { +func DeleteTrack(app *model.AppState, track *model.Track) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodDelete || r.URL.Path == "/" { http.NotFound(w, r) @@ -149,7 +148,7 @@ func DeleteTrack(track *model.Track) http.Handler { } var trackID = r.URL.Path[1:] - err := controller.DeleteTrack(global.DB, trackID) + err := controller.DeleteTrack(app.DB, trackID) if err != nil { fmt.Printf("WARN: Failed to delete track %s: %s\n", trackID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/api/uploads.go b/api/uploads.go index 6b1c496..ddcf6ee 100644 --- a/api/uploads.go +++ b/api/uploads.go @@ -1,7 +1,7 @@ package api import ( - "arimelody-web/global" + "arimelody-web/model" "bufio" "encoding/base64" "errors" @@ -11,12 +11,12 @@ import ( "strings" ) -func HandleImageUpload(data *string, directory string, filename string) (string, error) { +func HandleImageUpload(app *model.AppState, data *string, directory string, filename string) (string, error) { split := strings.Split(*data, ";base64,") header := split[0] imageData, err := base64.StdEncoding.DecodeString(split[1]) ext, _ := strings.CutPrefix(header, "data:image/") - directory = filepath.Join(global.Config.DataDirectory, directory) + directory = filepath.Join(app.Config.DataDirectory, directory) switch ext { case "png": diff --git a/controller/account.go b/controller/account.go index 3547d35..044faec 100644 --- a/controller/account.go +++ b/controller/account.go @@ -1,7 +1,6 @@ package controller import ( - "arimelody-web/global" "arimelody-web/model" "errors" "fmt" @@ -72,7 +71,7 @@ func GetTokenFromRequest(db *sqlx.DB, r *http.Request) string { return tokenStr } - cookie, err := r.Cookie(global.COOKIE_TOKEN) + cookie, err := r.Cookie(model.COOKIE_TOKEN) if err != nil { return "" } diff --git a/controller/artist.go b/controller/artist.go index c52b78d..1a613aa 100644 --- a/controller/artist.go +++ b/controller/artist.go @@ -2,6 +2,7 @@ package controller import ( "arimelody-web/model" + "github.com/jmoiron/sqlx" ) diff --git a/global/config.go b/controller/config.go similarity index 65% rename from global/config.go rename to controller/config.go index 20e152f..28d4be4 100644 --- a/global/config.go +++ b/controller/config.go @@ -1,4 +1,4 @@ -package global +package controller import ( "errors" @@ -6,44 +6,21 @@ import ( "os" "strconv" - "github.com/jmoiron/sqlx" + "arimelody-web/model" + "github.com/pelletier/go-toml/v2" ) -type ( - dbConfig struct { - Host string `toml:"host"` - Port int64 `toml:"port"` - Name string `toml:"name"` - User string `toml:"user"` - Pass string `toml:"pass"` - } - - discordConfig struct { - AdminID string `toml:"admin_id" comment:"NOTE: admin_id to be deprecated in favour of local accounts and SSO."` - ClientID string `toml:"client_id"` - Secret string `toml:"secret"` - } - - config struct { - BaseUrl string `toml:"base_url" comment:"Used for OAuth redirects."` - Port int64 `toml:"port"` - DataDirectory string `toml:"data_dir"` - DB dbConfig `toml:"db"` - Discord discordConfig `toml:"discord"` - } -) - -var Config = func() config { +func GetConfig() model.Config { configFile := os.Getenv("ARIMELODY_CONFIG") if configFile == "" { configFile = "config.toml" } - config := config{ + config := model.Config{ BaseUrl: "https://arimelody.me", Port: 8080, - DB: dbConfig{ + DB: model.DBConfig{ Host: "127.0.0.1", Port: 5432, User: "arimelody", @@ -63,20 +40,18 @@ var Config = func() config { err = toml.Unmarshal([]byte(data), &config) if err != nil { - fmt.Fprintf(os.Stderr, "FATAL: Failed to parse configuration file: %v\n", err) - os.Exit(1) + panic(fmt.Sprintf("FATAL: Failed to parse configuration file: %v\n", err)) } err = handleConfigOverrides(&config) if err != nil { - fmt.Fprintf(os.Stderr, "FATAL: Failed to parse environment variable %v\n", err) - os.Exit(1) + panic(fmt.Sprintf("FATAL: Failed to parse environment variable %v\n", err)) } return config -}() +} -func handleConfigOverrides(config *config) error { +func handleConfigOverrides(config *model.Config) error { var err error if env, has := os.LookupEnv("ARIMELODY_BASE_URL"); has { config.BaseUrl = env } @@ -101,5 +76,3 @@ func handleConfigOverrides(config *config) error { return nil } - -var DB *sqlx.DB diff --git a/controller/release.go b/controller/release.go index c9791ac..362669a 100644 --- a/controller/release.go +++ b/controller/release.go @@ -5,6 +5,7 @@ import ( "fmt" "arimelody-web/model" + "github.com/jmoiron/sqlx" ) diff --git a/controller/track.go b/controller/track.go index d302045..fa4efc1 100644 --- a/controller/track.go +++ b/controller/track.go @@ -2,6 +2,7 @@ package controller import ( "arimelody-web/model" + "github.com/jmoiron/sqlx" ) diff --git a/discord/discord.go b/discord/discord.go index 8952c85..d46f32d 100644 --- a/discord/discord.go +++ b/discord/discord.go @@ -1,38 +1,17 @@ package discord import ( + "arimelody-web/model" "encoding/json" "errors" "fmt" "net/http" "net/url" "strings" - - "arimelody-web/global" ) const API_ENDPOINT = "https://discord.com/api/v10" -var CREDENTIALS_PROVIDED = true -var CLIENT_ID = func() string { - id := global.Config.Discord.ClientID - if id == "" { - // fmt.Printf("WARN: Discord client ID (DISCORD_CLIENT) was not provided.\n") - CREDENTIALS_PROVIDED = false - } - return id -}() -var CLIENT_SECRET = func() string { - secret := global.Config.Discord.Secret - if secret == "" { - // fmt.Printf("WARN: Discord secret (DISCORD_SECRET) was not provided.\n") - CREDENTIALS_PROVIDED = false - } - return secret -}() -var OAUTH_CALLBACK_URI = fmt.Sprintf("%s/admin/login", global.Config.BaseUrl) -var REDIRECT_URI = fmt.Sprintf("https://discord.com/oauth2/authorize?client_id=%s&response_type=code&redirect_uri=%s&scope=identify", CLIENT_ID, OAUTH_CALLBACK_URI) - type ( AccessTokenResponse struct { AccessToken string `json:"access_token"` @@ -68,15 +47,15 @@ type ( } ) -func GetOAuthTokenFromCode(code string) (string, error) { +func GetOAuthTokenFromCode(app *model.AppState, code string) (string, error) { // let's get an oauth token! req, err := http.NewRequest(http.MethodPost, fmt.Sprintf("%s/oauth2/token", API_ENDPOINT), strings.NewReader(url.Values{ - "client_id": {CLIENT_ID}, - "client_secret": {CLIENT_SECRET}, + "client_id": {app.Config.Discord.ClientID}, + "client_secret": {app.Config.Discord.Secret}, "grant_type": {"authorization_code"}, "code": {code}, - "redirect_uri": {OAUTH_CALLBACK_URI}, + "redirect_uri": {GetOAuthCallbackURI(app.Config.BaseUrl)}, }.Encode())) req.Header.Add("Content-Type", "application/x-www-form-urlencoded") @@ -115,3 +94,15 @@ func GetDiscordUserFromAuth(token string) (DiscordUser, error) { return auth_info.User, nil } + +func GetOAuthCallbackURI(baseURL string) string { + return fmt.Sprintf("%s/admin/login", baseURL) +} + +func GetRedirectURI(app *model.AppState) string { + return fmt.Sprintf( + "https://discord.com/oauth2/authorize?client_id=%s&response_type=code&redirect_uri=%s&scope=identify", + app.Config.Discord.ClientID, + GetOAuthCallbackURI(app.Config.BaseUrl), + ) +} diff --git a/global/const.go b/global/const.go deleted file mode 100644 index 157668d..0000000 --- a/global/const.go +++ /dev/null @@ -1,3 +0,0 @@ -package global - -const COOKIE_TOKEN string = "AM_TOKEN" diff --git a/global/funcs.go b/global/funcs.go deleted file mode 100644 index 49edb01..0000000 --- a/global/funcs.go +++ /dev/null @@ -1,101 +0,0 @@ -package global - -import ( - "fmt" - "math/rand" - "net/http" - "strconv" - "time" - - "arimelody-web/colour" -) - -var PoweredByStrings = []string{ - "nerd rage", - "estrogen", - "your mother", - "awesome powers beyond comprehension", - "jared", - "the weight of my sins", - "the arc reactor", - "AA batteries", - "15 euro solar panel from ebay", - "magnets, how do they work", - "a fax machine", - "dell optiplex", - "a trans girl's nintendo wii", - "BASS", - "electricity, duh", - "seven hamsters in a big wheel", - "girls", - "mzungu hosting", - "golang", - "the state of the world right now", - "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)", - "the good folks at aperture science", - "free2play CDs", - "aridoodle", - "the love of creating", - "not for the sake of art; not for the sake of money; we like painting naked people", - "30 billion dollars in VC funding", -} - -func DefaultHeaders(next http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Add("Server", "arimelody.me") - w.Header().Add("Do-Not-Stab", "1") - w.Header().Add("X-Clacks-Overhead", "GNU Terry Pratchett") - w.Header().Add("X-Hacker", "spare me please") - w.Header().Add("X-Robots-TXT", "'; DROP TABLE pages;") - w.Header().Add("X-Thinking-With", "Portals") - w.Header().Add( - "X-Powered-By", - PoweredByStrings[rand.Intn(len(PoweredByStrings))], - ) - next.ServeHTTP(w, r) - }) -} - -type LoggingResponseWriter struct { - http.ResponseWriter - Status int -} - -func (lrw *LoggingResponseWriter) WriteHeader(status int) { - lrw.Status = status - lrw.ResponseWriter.WriteHeader(status) -} - -func HTTPLog(next http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - start := time.Now() - - lrw := LoggingResponseWriter{w, http.StatusOK} - - next.ServeHTTP(&lrw, r) - - after := time.Now() - difference := (after.Nanosecond() - start.Nanosecond()) / 1_000_000 - elapsed := "<1" - if difference >= 1 { - elapsed = strconv.Itoa(difference) - } - - statusColour := colour.Reset - - if lrw.Status - 600 <= 0 { statusColour = colour.Red } - if lrw.Status - 500 <= 0 { statusColour = colour.Yellow } - if lrw.Status - 400 <= 0 { statusColour = colour.White } - if lrw.Status - 300 <= 0 { statusColour = colour.Green } - - fmt.Printf("[%s] %s %s - %s%d%s (%sms) (%s)\n", - after.Format(time.UnixDate), - r.Method, - r.URL.Path, - statusColour, - lrw.Status, - colour.Reset, - elapsed, - r.Header["User-Agent"][0]) - }) -} diff --git a/main.go b/main.go index cbda0a7..23fc997 100644 --- a/main.go +++ b/main.go @@ -4,16 +4,18 @@ import ( "errors" "fmt" "log" + "math/rand" "net/http" "os" "path/filepath" + "strconv" "strings" "time" "arimelody-web/admin" "arimelody-web/api" + "arimelody-web/colour" "arimelody-web/controller" - "arimelody-web/global" "arimelody-web/model" "arimelody-web/templates" "arimelody-web/view" @@ -30,48 +32,48 @@ const DEFAULT_PORT int64 = 8080 func main() { fmt.Printf("made with <3 by ari melody\n\n") - // TODO: refactor `global` to `AppState` - // this should contain `Config` and `DB`, and be passed through to all - // handlers that need it. it's better than weird static globals everywhere! + app := model.AppState{ + Config: controller.GetConfig(), + } // initialise database connection - if global.Config.DB.Host == "" { + if app.Config.DB.Host == "" { fmt.Fprintf(os.Stderr, "FATAL: db.host not provided! Exiting...\n") os.Exit(1) } - if global.Config.DB.Name == "" { + if app.Config.DB.Name == "" { fmt.Fprintf(os.Stderr, "FATAL: db.name not provided! Exiting...\n") os.Exit(1) } - if global.Config.DB.User == "" { + if app.Config.DB.User == "" { fmt.Fprintf(os.Stderr, "FATAL: db.user not provided! Exiting...\n") os.Exit(1) } - if global.Config.DB.Pass == "" { + if app.Config.DB.Pass == "" { fmt.Fprintf(os.Stderr, "FATAL: db.pass not provided! Exiting...\n") os.Exit(1) } var err error - global.DB, err = sqlx.Connect( + app.DB, err = sqlx.Connect( "postgres", fmt.Sprintf( "host=%s port=%d user=%s dbname=%s password='%s' sslmode=disable", - global.Config.DB.Host, - global.Config.DB.Port, - global.Config.DB.User, - global.Config.DB.Name, - global.Config.DB.Pass, + app.Config.DB.Host, + app.Config.DB.Port, + app.Config.DB.User, + app.Config.DB.Name, + app.Config.DB.Pass, ), ) if err != nil { fmt.Fprintf(os.Stderr, "FATAL: Unable to initialise database: %v\n", err) os.Exit(1) } - global.DB.SetConnMaxLifetime(time.Minute * 3) - global.DB.SetMaxOpenConns(10) - global.DB.SetMaxIdleConns(10) - defer global.DB.Close() + app.DB.SetConnMaxLifetime(time.Minute * 3) + app.DB.SetMaxOpenConns(10) + app.DB.SetMaxIdleConns(10) + defer app.DB.Close() // handle command arguments if len(os.Args) > 1 { @@ -87,7 +89,7 @@ func main() { totpName := os.Args[3] secret := controller.GenerateTOTPSecret(controller.TOTP_SECRET_LENGTH) - account, err := controller.GetAccount(global.DB, username) + account, err := controller.GetAccount(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -104,7 +106,7 @@ func main() { Secret: string(secret), } - err = controller.CreateTOTP(global.DB, &totp) + err = controller.CreateTOTP(app.DB, &totp) if err != nil { fmt.Fprintf(os.Stderr, "Failed to create TOTP method: %v\n", err) os.Exit(1) @@ -122,7 +124,7 @@ func main() { username := os.Args[2] totpName := os.Args[3] - account, err := controller.GetAccount(global.DB, username) + account, err := controller.GetAccount(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -133,7 +135,7 @@ func main() { os.Exit(1) } - err = controller.DeleteTOTP(global.DB, account.ID, totpName) + err = controller.DeleteTOTP(app.DB, account.ID, totpName) if err != nil { fmt.Fprintf(os.Stderr, "Failed to create TOTP method: %v\n", err) os.Exit(1) @@ -149,7 +151,7 @@ func main() { } username := os.Args[2] - account, err := controller.GetAccount(global.DB, username) + account, err := controller.GetAccount(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -160,7 +162,7 @@ func main() { os.Exit(1) } - totps, err := controller.GetTOTPsForAccount(global.DB, account.ID) + totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) if err != nil { fmt.Fprintf(os.Stderr, "Failed to create TOTP methods: %v\n", err) os.Exit(1) @@ -182,7 +184,7 @@ func main() { username := os.Args[2] totpName := os.Args[3] - account, err := controller.GetAccount(global.DB, username) + account, err := controller.GetAccount(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -193,7 +195,7 @@ func main() { os.Exit(1) } - totp, err := controller.GetTOTP(global.DB, account.ID, totpName) + totp, err := controller.GetTOTP(app.DB, account.ID, totpName) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch TOTP method \"%s\": %v\n", totpName, err) os.Exit(1) @@ -210,7 +212,7 @@ func main() { case "createInvite": fmt.Printf("Creating invite...\n") - invite, err := controller.CreateInvite(global.DB, 16, time.Hour * 24) + invite, err := controller.CreateInvite(app.DB, 16, time.Hour * 24) if err != nil { fmt.Fprintf(os.Stderr, "Failed to create invite code: %v\n", err) os.Exit(1) @@ -221,7 +223,7 @@ func main() { case "purgeInvites": fmt.Printf("Deleting all invites...\n") - err := controller.DeleteAllInvites(global.DB) + err := controller.DeleteAllInvites(app.DB) if err != nil { fmt.Fprintf(os.Stderr, "Failed to delete invites: %v\n", err) os.Exit(1) @@ -231,7 +233,7 @@ func main() { return case "listAccounts": - accounts, err := controller.GetAllAccounts(global.DB) + accounts, err := controller.GetAllAccounts(app.DB) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch accounts: %v\n", err) os.Exit(1) @@ -259,7 +261,7 @@ func main() { username := os.Args[2] fmt.Printf("Deleting account \"%s\"...\n", username) - account, err := controller.GetAccount(global.DB, username) + account, err := controller.GetAccount(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -277,7 +279,7 @@ func main() { return } - err = controller.DeleteAccount(global.DB, username) + err = controller.DeleteAccount(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to delete account: %v\n", err) os.Exit(1) @@ -305,20 +307,20 @@ func main() { } // handle DB migrations - controller.CheckDBVersionAndMigrate(global.DB) + controller.CheckDBVersionAndMigrate(app.DB) // initial invite code accountsCount := 0 - err = global.DB.Get(&accountsCount, "SELECT count(*) FROM account") + err = app.DB.Get(&accountsCount, "SELECT count(*) FROM account") if err != nil { panic(err) } if accountsCount == 0 { - _, err := global.DB.Exec("DELETE FROM invite") + _, err := app.DB.Exec("DELETE FROM invite") if err != nil { fmt.Fprintf(os.Stderr, "FATAL: Failed to clear existing invite codes: %v\n", err) os.Exit(1) } - invite, err := controller.CreateInvite(global.DB, 16, time.Hour * 24) + invite, err := controller.CreateInvite(app.DB, 16, time.Hour * 24) if err != nil { fmt.Fprintf(os.Stderr, "FATAL: Failed to create invite code: %v\n", err) os.Exit(1) @@ -328,28 +330,28 @@ func main() { } // delete expired invites - err = controller.DeleteExpiredInvites(global.DB) + err = controller.DeleteExpiredInvites(app.DB) if err != nil { fmt.Fprintf(os.Stderr, "FATAL: Failed to clear expired invite codes: %v\n", err) os.Exit(1) } // start the web server! - mux := createServeMux() - fmt.Printf("Now serving at %s:%d\n", global.Config.BaseUrl, global.Config.Port) + mux := createServeMux(&app) + fmt.Printf("Now serving at %s:%d\n", app.Config.BaseUrl, app.Config.Port) log.Fatal( - http.ListenAndServe(fmt.Sprintf(":%d", global.Config.Port), - global.HTTPLog(global.DefaultHeaders(mux)), + http.ListenAndServe(fmt.Sprintf(":%d", app.Config.Port), + HTTPLog(DefaultHeaders(mux)), )) } -func createServeMux() *http.ServeMux { +func createServeMux(app *model.AppState) *http.ServeMux { mux := http.NewServeMux() - mux.Handle("/admin/", http.StripPrefix("/admin", admin.Handler(global.DB))) - mux.Handle("/api/", http.StripPrefix("/api", api.Handler(global.DB))) - mux.Handle("/music/", http.StripPrefix("/music", view.MusicHandler(global.DB))) - mux.Handle("/uploads/", http.StripPrefix("/uploads", staticHandler(filepath.Join(global.Config.DataDirectory, "uploads")))) + mux.Handle("/admin/", http.StripPrefix("/admin", admin.Handler(app))) + mux.Handle("/api/", http.StripPrefix("/api", api.Handler(app))) + mux.Handle("/music/", http.StripPrefix("/music", view.MusicHandler(app))) + mux.Handle("/uploads/", http.StripPrefix("/uploads", staticHandler(filepath.Join(app.Config.DataDirectory, "uploads")))) mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodHead { w.WriteHeader(http.StatusOK) @@ -390,3 +392,93 @@ func staticHandler(directory string) http.Handler { http.FileServer(http.Dir(directory)).ServeHTTP(w, r) }) } + +var PoweredByStrings = []string{ + "nerd rage", + "estrogen", + "your mother", + "awesome powers beyond comprehension", + "jared", + "the weight of my sins", + "the arc reactor", + "AA batteries", + "15 euro solar panel from ebay", + "magnets, how do they work", + "a fax machine", + "dell optiplex", + "a trans girl's nintendo wii", + "BASS", + "electricity, duh", + "seven hamsters in a big wheel", + "girls", + "mzungu hosting", + "golang", + "the state of the world right now", + "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)", + "the good folks at aperture science", + "free2play CDs", + "aridoodle", + "the love of creating", + "not for the sake of art; not for the sake of money; we like painting naked people", + "30 billion dollars in VC funding", +} + +func DefaultHeaders(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Header().Add("Server", "arimelody.me") + w.Header().Add("Do-Not-Stab", "1") + w.Header().Add("X-Clacks-Overhead", "GNU Terry Pratchett") + w.Header().Add("X-Hacker", "spare me please") + w.Header().Add("X-Robots-TXT", "'; DROP TABLE pages;") + w.Header().Add("X-Thinking-With", "Portals") + w.Header().Add( + "X-Powered-By", + PoweredByStrings[rand.Intn(len(PoweredByStrings))], + ) + next.ServeHTTP(w, r) + }) +} + +type LoggingResponseWriter struct { + http.ResponseWriter + Status int +} + +func (lrw *LoggingResponseWriter) WriteHeader(status int) { + lrw.Status = status + lrw.ResponseWriter.WriteHeader(status) +} + +func HTTPLog(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + start := time.Now() + + lrw := LoggingResponseWriter{w, http.StatusOK} + + next.ServeHTTP(&lrw, r) + + after := time.Now() + difference := (after.Nanosecond() - start.Nanosecond()) / 1_000_000 + elapsed := "<1" + if difference >= 1 { + elapsed = strconv.Itoa(difference) + } + + statusColour := colour.Reset + + if lrw.Status - 600 <= 0 { statusColour = colour.Red } + if lrw.Status - 500 <= 0 { statusColour = colour.Yellow } + if lrw.Status - 400 <= 0 { statusColour = colour.White } + if lrw.Status - 300 <= 0 { statusColour = colour.Green } + + fmt.Printf("[%s] %s %s - %s%d%s (%sms) (%s)\n", + after.Format(time.UnixDate), + r.Method, + r.URL.Path, + statusColour, + lrw.Status, + colour.Reset, + elapsed, + r.Header["User-Agent"][0]) + }) +} diff --git a/model/account.go b/model/account.go index 031cae9..72720a0 100644 --- a/model/account.go +++ b/model/account.go @@ -2,6 +2,8 @@ package model import "time" +const COOKIE_TOKEN string = "AM_TOKEN" + type ( Account struct { ID string `json:"id" db:"id"` diff --git a/model/appstate.go b/model/appstate.go new file mode 100644 index 0000000..08016b7 --- /dev/null +++ b/model/appstate.go @@ -0,0 +1,32 @@ +package model + +import "github.com/jmoiron/sqlx" + +type ( + DBConfig struct { + Host string `toml:"host"` + Port int64 `toml:"port"` + Name string `toml:"name"` + User string `toml:"user"` + Pass string `toml:"pass"` + } + + DiscordConfig struct { + AdminID string `toml:"admin_id" comment:"NOTE: admin_id to be deprecated in favour of local accounts and SSO."` + ClientID string `toml:"client_id"` + Secret string `toml:"secret"` + } + + Config struct { + BaseUrl string `toml:"base_url" comment:"Used for OAuth redirects."` + Port int64 `toml:"port"` + DataDirectory string `toml:"data_dir"` + DB DBConfig `toml:"db"` + Discord DiscordConfig `toml:"discord"` + } + + AppState struct { + DB *sqlx.DB + Config Config + } +) diff --git a/view/music.go b/view/music.go index 227aa5c..cae325f 100644 --- a/view/music.go +++ b/view/music.go @@ -8,36 +8,34 @@ import ( "arimelody-web/controller" "arimelody-web/model" "arimelody-web/templates" - - "github.com/jmoiron/sqlx" ) // HTTP HANDLER METHODS -func MusicHandler(db *sqlx.DB) http.Handler { +func MusicHandler(app *model.AppState) http.Handler { mux := http.NewServeMux() mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/" { - ServeCatalog(db).ServeHTTP(w, r) + ServeCatalog(app).ServeHTTP(w, r) return } - release, err := controller.GetRelease(db, r.URL.Path[1:], true) + release, err := controller.GetRelease(app.DB, r.URL.Path[1:], true) if err != nil { http.NotFound(w, r) return } - ServeGateway(db, release).ServeHTTP(w, r) + ServeGateway(app, release).ServeHTTP(w, r) })) return mux } -func ServeCatalog(db *sqlx.DB) http.Handler { +func ServeCatalog(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - releases, err := controller.GetAllReleases(db, true, 0, true) + releases, err := controller.GetAllReleases(app.DB, true, 0, true) if err != nil { fmt.Printf("FATAL: Failed to pull releases for catalog: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -57,12 +55,12 @@ func ServeCatalog(db *sqlx.DB) http.Handler { }) } -func ServeGateway(db *sqlx.DB, release *model.Release) http.Handler { +func ServeGateway(app *model.AppState, release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // only allow authorised users to view hidden releases privileged := false if !release.Visible { - account, err := controller.GetAccountByRequest(db, r) + account, err := controller.GetAccountByRequest(app.DB, r) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) From 5531ef6bab6b55bed292705ebe60e7fb794f907f Mon Sep 17 00:00:00 2001 From: ari melody Date: Tue, 21 Jan 2025 15:08:59 +0000 Subject: [PATCH 02/63] remove account API endpoints account management should be done on the frontend. some work will need to be done to generate API keys for external clients, but notably some API endpoints are currently used by the frontend using session tokens. --- api/account.go | 201 ------------------------------------------------- api/api.go | 12 --- 2 files changed, 213 deletions(-) delete mode 100644 api/account.go diff --git a/api/account.go b/api/account.go deleted file mode 100644 index 0a9a7f9..0000000 --- a/api/account.go +++ /dev/null @@ -1,201 +0,0 @@ -package api - -import ( - "arimelody-web/controller" - "arimelody-web/model" - "encoding/json" - "fmt" - "net/http" - "os" - "strings" - "time" - - "golang.org/x/crypto/bcrypt" -) - -func handleLogin(app *model.AppState) http.HandlerFunc { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method != http.MethodPost { - http.NotFound(w, r) - return - } - - type LoginRequest struct { - Username string `json:"username"` - Password string `json:"password"` - } - - credentials := LoginRequest{} - err := json.NewDecoder(r.Body).Decode(&credentials) - if err != nil { - http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) - return - } - - account, err := controller.GetAccount(app.DB, credentials.Username) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - if account == nil { - http.Error(w, "Invalid username or password", http.StatusBadRequest) - return - } - - err = bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(credentials.Password)) - if err != nil { - http.Error(w, "Invalid username or password", http.StatusBadRequest) - return - } - - token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) - type LoginResponse struct { - Token string `json:"token"` - ExpiresAt time.Time `json:"expires_at"` - } - - err = json.NewEncoder(w).Encode(LoginResponse{ - Token: token.Token, - ExpiresAt: token.ExpiresAt, - }) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to return session token: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - } - }) -} - -func handleAccountRegistration(app *model.AppState) http.HandlerFunc { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method != http.MethodPost { - http.NotFound(w, r) - return - } - - type RegisterRequest struct { - Username string `json:"username"` - Email string `json:"email"` - Password string `json:"password"` - Invite string `json:"invite"` - } - - credentials := RegisterRequest{} - err := json.NewDecoder(r.Body).Decode(&credentials) - if err != nil { - http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) - return - } - - // make sure code exists in DB - invite, err := controller.GetInvite(app.DB, credentials.Invite) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - if invite == nil { - http.Error(w, "Invalid invite code", http.StatusBadRequest) - return - } - - if time.Now().After(invite.ExpiresAt) { - err := controller.DeleteInvite(app.DB, invite.Code) - if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } - http.Error(w, "Invalid invite code", http.StatusBadRequest) - return - } - - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(credentials.Password), bcrypt.DefaultCost) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - - account := model.Account{ - Username: credentials.Username, - Password: string(hashedPassword), - Email: credentials.Email, - AvatarURL: "/img/default-avatar.png", - } - err = controller.CreateAccount(app.DB, &account) - if err != nil { - if strings.HasPrefix(err.Error(), "pq: duplicate key") { - http.Error(w, "An account with that username already exists", http.StatusBadRequest) - return - } - fmt.Fprintf(os.Stderr, "WARN: Failed to create account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - - err = controller.DeleteInvite(app.DB, invite.Code) - if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } - - token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) - type LoginResponse struct { - Token string `json:"token"` - ExpiresAt time.Time `json:"expires_at"` - } - - err = json.NewEncoder(w).Encode(LoginResponse{ - Token: token.Token, - ExpiresAt: token.ExpiresAt, - }) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to return session token: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - } - }) -} - -func handleDeleteAccount(app *model.AppState) http.HandlerFunc { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method != http.MethodPost { - http.NotFound(w, r) - return - } - - type LoginRequest struct { - Username string `json:"username"` - Password string `json:"password"` - } - - credentials := LoginRequest{} - err := json.NewDecoder(r.Body).Decode(&credentials) - if err != nil { - http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) - return - } - - account, err := controller.GetAccount(app.DB, credentials.Username) - if err != nil { - if strings.Contains(err.Error(), "no rows") { - http.Error(w, "Invalid username or password", http.StatusBadRequest) - return - } - fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - - err = bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(credentials.Password)) - if err != nil { - http.Error(w, "Invalid password", http.StatusBadRequest) - return - } - - // TODO: check TOTP - - err = controller.DeleteAccount(app.DB, account.Username) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to delete account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - - w.WriteHeader(http.StatusOK) - w.Write([]byte("Account deleted successfully\n")) - }) -} diff --git a/api/api.go b/api/api.go index b16d45d..9489126 100644 --- a/api/api.go +++ b/api/api.go @@ -13,20 +13,8 @@ import ( func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() - // ACCOUNT ENDPOINTS - - /* - // temporarily disabling these - // accounts should really be handled via the frontend rn, and juggling - // two different token bearer methods kinda sucks!! - // i'll look into generating API tokens on the frontend in the future // TODO: generate API keys on the frontend - mux.Handle("/v1/login", handleLogin()) - mux.Handle("/v1/register", handleAccountRegistration()) - mux.Handle("/v1/delete-account", handleDeleteAccount()) - */ - // ARTIST ENDPOINTS mux.Handle("/v1/artist/", http.StripPrefix("/v1/artist", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { From 0052c470f94fffc72357a83bbf9669f5e6726ed6 Mon Sep 17 00:00:00 2001 From: ari melody Date: Tue, 21 Jan 2025 17:13:06 +0000 Subject: [PATCH 03/63] (incomplete) change password feature --- admin/accounthttp.go | 71 +++++++++++++++++++++++++++-------- admin/http.go | 2 +- admin/views/edit-account.html | 14 +++++-- admin/views/layout.html | 5 ++- controller/config.go | 2 + main.go | 4 +- model/appstate.go | 1 + schema_migration/000-init.sql | 2 - 8 files changed, 76 insertions(+), 25 deletions(-) diff --git a/admin/accounthttp.go b/admin/accounthttp.go index b2cf18a..b354fd5 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -3,6 +3,7 @@ package admin import ( "fmt" "net/http" + "net/url" "os" "strings" "time" @@ -13,13 +14,22 @@ import ( "golang.org/x/crypto/bcrypt" ) -type TemplateData struct { +type loginRegisterResponse struct { Account *model.Account Message string Token string } func AccountHandler(app *model.AppState) http.Handler { + mux := http.NewServeMux() + + mux.Handle("/password", changePasswordHandler(app)) + mux.Handle("/", accountIndexHandler(app)) + + return mux +} + +func accountIndexHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { account := r.Context().Value("account").(*model.Account) @@ -29,14 +39,18 @@ func AccountHandler(app *model.AppState) http.Handler { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) } - type AccountResponse struct { + type accountResponse struct { Account *model.Account TOTPs []model.TOTP + Message string + Error string } - err = pages["account"].Execute(w, AccountResponse{ + err = pages["account"].Execute(w, accountResponse{ Account: account, TOTPs: totps, + Message: r.URL.Query().Get("message"), + Error: r.URL.Query().Get("error"), }) if err != nil { fmt.Printf("WARN: Failed to render admin account page: %v\n", err) @@ -59,7 +73,7 @@ func LoginHandler(app *model.AppState) http.Handler { return } - err = pages["login"].Execute(w, TemplateData{}) + err = pages["login"].Execute(w, loginRegisterResponse{}) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Error rendering admin login page: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -213,12 +227,12 @@ func createAccountHandler(app *model.AppState) http.Handler { return } - type CreateAccountResponse struct { + type CreateaccountResponse struct { Account *model.Account Message string } - render := func(data CreateAccountResponse) { + render := func(data CreateaccountResponse) { err := pages["create-account"].Execute(w, data) if err != nil { fmt.Printf("WARN: Error rendering create account page: %s\n", err) @@ -227,7 +241,7 @@ func createAccountHandler(app *model.AppState) http.Handler { } if r.Method == http.MethodGet { - render(CreateAccountResponse{}) + render(CreateaccountResponse{}) return } @@ -238,7 +252,7 @@ func createAccountHandler(app *model.AppState) http.Handler { err = r.ParseForm() if err != nil { - render(CreateAccountResponse{ + render(CreateaccountResponse{ Message: "Malformed data.", }) return @@ -261,7 +275,7 @@ func createAccountHandler(app *model.AppState) http.Handler { invite, err := controller.GetInvite(app.DB, credentials.Invite) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) - render(CreateAccountResponse{ + render(CreateaccountResponse{ Message: "Something went wrong. Please try again.", }) return @@ -271,7 +285,7 @@ func createAccountHandler(app *model.AppState) http.Handler { err := controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } } - render(CreateAccountResponse{ + render(CreateaccountResponse{ Message: "Invalid invite code.", }) return @@ -280,7 +294,7 @@ func createAccountHandler(app *model.AppState) http.Handler { hashedPassword, err := bcrypt.GenerateFromPassword([]byte(credentials.Password), bcrypt.DefaultCost) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err) - render(CreateAccountResponse{ + render(CreateaccountResponse{ Message: "Something went wrong. Please try again.", }) return @@ -295,13 +309,13 @@ func createAccountHandler(app *model.AppState) http.Handler { err = controller.CreateAccount(app.DB, &account) if err != nil { if strings.HasPrefix(err.Error(), "pq: duplicate key") { - render(CreateAccountResponse{ + render(CreateaccountResponse{ Message: "An account with that username already exists.", }) return } fmt.Fprintf(os.Stderr, "WARN: Failed to create account: %v\n", err) - render(CreateAccountResponse{ + render(CreateaccountResponse{ Message: "Something went wrong. Please try again.", }) return @@ -330,14 +344,41 @@ func createAccountHandler(app *model.AppState) http.Handler { cookie.Path = "/" http.SetCookie(w, &cookie) - err = pages["login"].Execute(w, TemplateData{ + err = pages["login"].Execute(w, loginRegisterResponse{ Account: &account, Token: token.Token, }) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to render login page: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } }) } + +func changePasswordHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + http.NotFound(w, r) + return + } + + account := r.Context().Value("account").(*model.Account) + + r.ParseForm() + + currentPassword := r.Form.Get("current-password") + if err := bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(currentPassword)); err != nil { + http.Redirect(w, r, "/admin/account?error=" + url.PathEscape("Incorrect password."), http.StatusFound) + return + } + + newPassword := r.Form.Get("new-password") + + http.Redirect( + w, r, "/admin/account?message=" + + url.PathEscape(fmt.Sprintf("Updating password to %s", newPassword)), + http.StatusFound, + ) + }) +} diff --git a/admin/http.go b/admin/http.go index b44cfa9..763537a 100644 --- a/admin/http.go +++ b/admin/http.go @@ -17,7 +17,7 @@ func Handler(app *model.AppState) http.Handler { mux.Handle("/login", LoginHandler(app)) mux.Handle("/register", createAccountHandler(app)) mux.Handle("/logout", RequireAccount(app, LogoutHandler(app))) - mux.Handle("/account", RequireAccount(app, AccountHandler(app))) + mux.Handle("/account/", RequireAccount(app, http.StripPrefix("/account", AccountHandler(app)))) mux.Handle("/static/", http.StripPrefix("/static", staticHandler())) mux.Handle("/release/", RequireAccount(app, http.StripPrefix("/release", serveRelease(app)))) mux.Handle("/artist/", RequireAccount(app, http.StripPrefix("/artist", serveArtist(app)))) diff --git a/admin/views/edit-account.html b/admin/views/edit-account.html index 4d89052..fd527b4 100644 --- a/admin/views/edit-account.html +++ b/admin/views/edit-account.html @@ -6,22 +6,28 @@ {{define "content"}}
+ {{if .Message}} +

{{.Message}}

+ {{end}} + {{if .Error}} +

{{.Error}}

+ {{end}}

Account Settings ({{.Account.Username}})

Change Password

-
+
- + - + - +
diff --git a/admin/views/layout.html b/admin/views/layout.html index 0a33b72..bacf014 100644 --- a/admin/views/layout.html +++ b/admin/views/layout.html @@ -26,7 +26,10 @@
{{if .Account}}
- logged in as {{.Account.Username}}. log out + account ({{.Account.Username}}) +
+
+ log out
{{else}}
diff --git a/controller/config.go b/controller/config.go index 28d4be4..8772b6b 100644 --- a/controller/config.go +++ b/controller/config.go @@ -19,6 +19,7 @@ func GetConfig() model.Config { config := model.Config{ BaseUrl: "https://arimelody.me", + Host: "0.0.0.0", Port: 8080, DB: model.DBConfig{ Host: "127.0.0.1", @@ -55,6 +56,7 @@ func handleConfigOverrides(config *model.Config) error { var err error if env, has := os.LookupEnv("ARIMELODY_BASE_URL"); has { config.BaseUrl = env } + if env, has := os.LookupEnv("ARIMELODY_HOST"); has { config.Host = env } if env, has := os.LookupEnv("ARIMELODY_PORT"); has { config.Port, err = strconv.ParseInt(env, 10, 0) if err != nil { return errors.New("ARIMELODY_PORT: " + err.Error()) } diff --git a/main.go b/main.go index 23fc997..5693252 100644 --- a/main.go +++ b/main.go @@ -338,9 +338,9 @@ func main() { // start the web server! mux := createServeMux(&app) - fmt.Printf("Now serving at %s:%d\n", app.Config.BaseUrl, app.Config.Port) + fmt.Printf("Now serving at http://%s:%d\n", app.Config.Host, app.Config.Port) log.Fatal( - http.ListenAndServe(fmt.Sprintf(":%d", app.Config.Port), + http.ListenAndServe(fmt.Sprintf("%s:%d", app.Config.Host, app.Config.Port), HTTPLog(DefaultHeaders(mux)), )) } diff --git a/model/appstate.go b/model/appstate.go index 08016b7..6a965d5 100644 --- a/model/appstate.go +++ b/model/appstate.go @@ -19,6 +19,7 @@ type ( Config struct { BaseUrl string `toml:"base_url" comment:"Used for OAuth redirects."` + Host string `toml:"host"` Port int64 `toml:"port"` DataDirectory string `toml:"data_dir"` DB DBConfig `toml:"db"` diff --git a/schema_migration/000-init.sql b/schema_migration/000-init.sql index 3f4c723..e11b45f 100644 --- a/schema_migration/000-init.sql +++ b/schema_migration/000-init.sql @@ -1,5 +1,3 @@ -CREATE SCHEMA IF NOT EXISTS arimelody; - -- -- Tables -- From c6afc274c2b9d789453314241621976cc8225be8 Mon Sep 17 00:00:00 2001 From: ari melody Date: Wed, 22 Jan 2025 11:39:15 +0000 Subject: [PATCH 04/63] light theme! crt now disabled by default --- public/script/config.js | 63 ++++----- public/script/index.js | 16 +++ public/style/colours.css | 29 +++- public/style/header.css | 242 +++++++++++++++++---------------- public/style/index.css | 122 ++++++++--------- public/style/main.css | 35 ++++- public/style/music-gateway.css | 6 +- public/style/music.css | 149 +++++++++----------- views/index.html | 8 +- 9 files changed, 355 insertions(+), 315 deletions(-) create mode 100644 public/script/index.js diff --git a/public/script/config.js b/public/script/config.js index b3dd135..2bb33a6 100644 --- a/public/script/config.js +++ b/public/script/config.js @@ -1,42 +1,33 @@ -function toggle_config_setting(config, name) { - if (config[name]) { - delete config[name]; - update_config(config); - return true; - } - config[name] = true; - update_config(config); - return true; -} +const DEFAULT_CONFIG = { + crt: false +}; +const config = (() => { + let saved = localStorage.getItem("config"); + if (saved) { + const config = JSON.parse(saved); + setCRT(config.crt || DEFAULT_CONFIG.crt); + return config; + } -function set_config_setting(config, name, value) { - config[name] = value; - update_config(config); - return true; -} + localStorage.setItem("config", JSON.stringify(DEFAULT_CONFIG)); + return DEFAULT_CONFIG; +})(); -function clear_config_setting(config, name) { - if (!config[name]) return false; - delete config[name]; - update_config(config); - return true; -} - -function update_config(config) { - localStorage.setItem("config", JSON.stringify(config)); -} - -const config = JSON.parse(localStorage.getItem("config")) || {}; -if (config) { - if (config.disable_crt) { - document.querySelector('div#overlay').setAttribute("hidden", true); - document.body.style.textShadow = "none"; - document.getElementById('toggle-crt').classList.add("disabled"); - } +function saveConfig() { + localStorage.setItem("config", JSON.stringify(config)); } document.getElementById("toggle-crt").addEventListener("click", () => { - toggle_config_setting(config, "disable_crt"); - document.querySelector('div#overlay').toggleAttribute("hidden"); - document.getElementById('toggle-crt').className = config.disable_crt ? "disabled" : ""; + config.crt = !config.crt; + setCRT(config.crt); + saveConfig(); }); + +function setCRT(/** @type boolean */ enabled) { + if (enabled) { + document.body.classList.add("crt"); + } else { + document.body.classList.remove("crt"); + } + document.getElementById('toggle-crt').className = enabled ? "" : "disabled"; +} diff --git a/public/script/index.js b/public/script/index.js new file mode 100644 index 0000000..512ed8f --- /dev/null +++ b/public/script/index.js @@ -0,0 +1,16 @@ +const hexPrimary = document.getElementById("hex-primary"); +const hexSecondary = document.getElementById("hex-secondary"); +const hexTertiary = document.getElementById("hex-tertiary"); + +function updateHexColours() { + const style = getComputedStyle(document.body); + hexPrimary.textContent = style.getPropertyValue('--primary'); + hexSecondary.textContent = style.getPropertyValue('--secondary'); + hexTertiary.textContent = style.getPropertyValue('--tertiary'); +} + +updateHexColours(); + +window.matchMedia("(prefers-color-scheme: dark)").addEventListener("change", () => { + updateHexColours(); +}); diff --git a/public/style/colours.css b/public/style/colours.css index e45d964..2bf607d 100644 --- a/public/style/colours.css +++ b/public/style/colours.css @@ -1,19 +1,34 @@ :root { - --primary: #b7fd49; - --secondary: #f8e05b; - --tertiary: #f788fe; - --links: #5eb2ff; + --background: #080808; + --on-background: #f0f0f0; + + --primary: #b7fd49; + --secondary: #f8e05b; + --tertiary: #f788fe; + --links: #5eb2ff; +} + +@media (prefers-color-scheme: light) { + :root { + --background: #ffffff; + --on-background: #101010; + + --primary: #6d9e23; + --secondary: #a5911e; + --tertiary: #a92cb1; + --links: #3ba1ff; + } } .col-primary { - color: var(--primary); + color: var(--primary); } .col-secondary { - color: var(--secondary); + color: var(--secondary); } .col-tertiary { - color: var(--tertiary); + color: var(--tertiary); } diff --git a/public/style/header.css b/public/style/header.css index 21b9109..48971b5 100644 --- a/public/style/header.css +++ b/public/style/header.css @@ -1,187 +1,189 @@ header { - position: fixed; - top: 0; - left: 0; - width: 100vw; - border-bottom: 1px solid #888; - background-color: #080808; - z-index: 1; + position: fixed; + top: 0; + left: 0; + width: 100vw; + border-bottom: 1px solid #8888; + background-color: var(--background); + z-index: 1; + + transition: color .2s, background-color .2s; } nav { - width: min(calc(100% - 4rem), 720px); - height: 3em; - margin: auto; - padding: 0 1em; - display: flex; - flex-direction: row; - gap: .8em; - align-items: center; + width: min(calc(100% - 4rem), 720px); + height: 3em; + margin: auto; + padding: 0 1em; + display: flex; + flex-direction: row; + gap: .8em; + align-items: center; } #header-home { - flex-grow: 1; - display: flex; - gap: .5em; - cursor: pointer; + flex-grow: 1; + display: flex; + gap: .5em; + cursor: pointer; } img#header-icon { - width: 2em; - height: 2em; - margin: .5em; - display: block; + width: 2em; + height: 2em; + margin: .5em; + display: block; } #header-text { - width: 11em; - display: flex; - flex-direction: column; - justify-content: center; - flex-grow: 1; + width: 11em; + display: flex; + flex-direction: column; + justify-content: center; + flex-grow: 1; } #header-text h1 { - margin: 0; - font-size: 1em; + margin: 0; + font-size: 1em; } #header-text h2 { - height: 1.2em; - line-height: 1.2em; - margin: 0; - font-size: .7em; - color: #bbb; + height: 1.2em; + line-height: 1.2em; + margin: 0; + font-size: .7em; + color: #bbb; } #header-links-toggle { - width: 3em; - height: 3em; - display: none; - justify-content: center; - align-items: center; - transition: background-color .2s; + width: 3em; + height: 3em; + display: none; + justify-content: center; + align-items: center; + transition: background-color .2s; } #header-links-toggle:hover { - background-color: #fff2; + background-color: #fff2; } header ul#header-links { - margin: 0; - padding: 0; - display: flex; - flex-direction: row; - gap: .5em; - align-items: center; + margin: 0; + padding: 0; + display: flex; + flex-direction: row; + gap: .5em; + align-items: center; } header ul li { - list-style: none; + list-style: none; } header ul li a, header ul li span { - padding: .4em .5em; - border: 1px solid var(--links); - color: var(--links); - border-radius: 2px; - background-color: transparent; - transition-property: color, border-color, background-color; - transition-duration: .2s; - animation-delay: 0s; - animation: list-item-fadein .2s forwards; - opacity: 0; - text-decoration: none; + padding: .4em .5em; + border: 1px solid var(--links); + color: var(--links); + border-radius: 2px; + background-color: transparent; + transition-property: color, border-color, background-color; + transition-duration: .2s; + animation-delay: 0s; + animation: list-item-fadein .2s forwards; + opacity: 0; + text-decoration: none; } header ul li span { - color: #aaa; - border-color: #aaa; - cursor: default; - text-decoration: none; + color: #aaa; + border-color: #aaa; + cursor: default; + text-decoration: none; } header ul li a:hover { - color: #eee; - border-color: #eee; - background-color: var(--links) !important; - text-decoration: none; + color: #eee; + border-color: #eee; + background-color: var(--links) !important; + text-decoration: none; } #toggle-crt a { - color: var(--primary); - border-color: var(--primary); - opacity: 1; + color: var(--primary); + border-color: var(--primary); + opacity: 1; } #toggle-crt a:hover { - color: #111; - background-color: var(--primary) !important; + color: #111; + background-color: var(--primary) !important; } #toggle-crt.disabled a { - opacity: .5 !important; + opacity: .5 !important; } @media screen and (max-width: 780px) { - header { - font-size: 14px; - } + header { + font-size: 14px; + } - nav { - width: calc(100vw - 2rem); - margin: 0; - } + nav { + width: calc(100vw - 2rem); + margin: 0; + } - div#header-text { - flex-grow: 1; - } + div#header-text { + flex-grow: 1; + } - a#header-links-toggle { - display: flex; - } + a#header-links-toggle { + display: flex; + } - header ul#header-links { - position: fixed; - left: 0; - top: 2.7rem; - width: calc(100vw - 2rem); - padding: 1rem; - flex-direction: column; - gap: 1rem; - border-bottom: 1px solid #888; - background: #080808; - display: none; - } + header ul#header-links { + position: fixed; + left: 0; + top: 2.7rem; + width: calc(100vw - 2rem); + padding: 1rem; + flex-direction: column; + gap: 1rem; + border-bottom: 1px solid #888; + background: #080808; + display: none; + } - header ul#header-links.open { - display: flex; - } + header ul#header-links.open { + display: flex; + } - ul#header-links li { - width: 100%; - } + ul#header-links li { + width: 100%; + } - ul#header-links li a, - ul#header-links li span { - margin: 0; - display: block; - font-size: 1em; - text-align: center; - } + ul#header-links li a, + ul#header-links li span { + margin: 0; + display: block; + font-size: 1em; + text-align: center; + } } @keyframes list-item-fadein { - from { - opacity: 1; - background: #fff8; - } + from { + opacity: 1; + background: #fff8; + } - to { - opacity: 1; - background: transparent; - } + to { + opacity: 1; + background: transparent; + } } diff --git a/public/style/index.css b/public/style/index.css index 6e04a37..363c381 100644 --- a/public/style/index.css +++ b/public/style/index.css @@ -1,43 +1,43 @@ main { - width: min(calc(100% - 4rem), 720px); - min-height: calc(100vh - 10.3rem); - margin: 0 auto 2rem auto; - padding-top: 4rem; + width: min(calc(100% - 4rem), 720px); + min-height: calc(100vh - 10.3rem); + margin: 0 auto 2rem auto; + padding-top: 4rem; } main h1 { - line-height: 3rem; - color: var(--primary); + line-height: 3rem; + color: var(--primary); } main h2 { - color: var(--secondary); + color: var(--secondary); } main h3 { - color: var(--tertiary); + color: var(--tertiary); } div#me_irl { - width: fit-content; - height: fit-content; - border: 2px solid white; + width: fit-content; + height: fit-content; + border: 2px solid white; } div#me_irl img { - display: block; + display: block; } div#me_irl::before { - content: ""; - position: absolute; - width: 104px; - height: 104px; - transform: translate(2px, 2px); - background-image: linear-gradient(to top right, - var(--primary), - var(--secondary)); - z-index: -1; + content: ""; + position: absolute; + width: 104px; + height: 104px; + transform: translate(2px, 2px); + background-image: linear-gradient(to top right, + var(--primary), + var(--secondary)); + z-index: -1; } h1, @@ -49,7 +49,7 @@ h6, p, small, blockquote { - transition: background-color 0.1s; + transition: background-color 0.1s; } h1 a, @@ -58,7 +58,7 @@ h3 a, h4 a, h5 a, h6 a { - color: inherit; + color: inherit; } h1 a:hover, @@ -67,7 +67,7 @@ h3 a:hover, h4 a:hover, h5 a:hover, h6 a:hover { - text-decoration: none; + text-decoration: none; } main h1:hover, @@ -79,72 +79,72 @@ main h6:hover, main p:hover, main small:hover, main blockquote:hover { - background-color: #fff1; + background-color: #fff1; } blockquote { - margin: 1rem 0; - padding: 0 2.5rem; + margin: 1rem 0; + padding: 0 2.5rem; } hr { - text-align: center; - line-height: 0px; - border-width: 1px 0 0 0; - border-color: #888f; - margin: 1.5em 0; - overflow: visible; + text-align: center; + line-height: 0px; + border-width: 1px 0 0 0; + border-color: #888f; + margin: 1.5em 0; + overflow: visible; } ul.links { - display: flex; - gap: 1em .5em; - flex-wrap: wrap; + display: flex; + gap: 1em .5em; + flex-wrap: wrap; } ul.links li { - list-style: none; + list-style: none; } ul.links li a { - padding: .4em .5em; - border: 1px solid var(--links); - color: var(--links); - border-radius: 2px; - background-color: transparent; - transition-property: color, border-color, background-color; - transition-duration: .2s; - animation-delay: 0s; - animation: list-item-fadein .2s forwards; - opacity: 0; + padding: .4em .5em; + border: 1px solid var(--links); + color: var(--links); + border-radius: 2px; + background-color: transparent; + transition-property: color, border-color, background-color; + transition-duration: .2s; + animation-delay: 0s; + animation: list-item-fadein .2s forwards; + opacity: 0; } ul.links li a:hover { - color: #eee; - border-color: #eee; - background-color: var(--links) !important; - text-decoration: none; - box-shadow: 0 0 1em var(--links); + color: #eee; + border-color: #eee; + background-color: var(--links) !important; + text-decoration: none; + box-shadow: 0 0 1em var(--links); } div#web-buttons { - margin: 2rem 0; + margin: 2rem 0; } #web-buttons a { - text-decoration: none; + text-decoration: none; } #web-buttons img { - image-rendering: auto; - image-rendering: crisp-edges; - image-rendering: pixelated; + image-rendering: auto; + image-rendering: crisp-edges; + image-rendering: pixelated; } #web-buttons img:hover { - margin: -1px; - border: 1px solid #eee; - transform: translate(-2px, -2px); - box-shadow: 1px 1px 0 #eee, 2px 2px 0 #eee; + margin: -1px; + border: 1px solid #eee; + transform: translate(-2px, -2px); + box-shadow: 1px 1px 0 #eee, 2px 2px 0 #eee; } diff --git a/public/style/main.css b/public/style/main.css index 1e71673..f7f2131 100644 --- a/public/style/main.css +++ b/public/style/main.css @@ -14,15 +14,17 @@ body { margin: 0; padding: 0; - background: #080808; - color: #eee; + background: var(--background); + color: var(--on-background); font-family: "Monaspace Argon", monospace; font-size: 18px; - text-shadow: 0 0 3em; scroll-behavior: smooth; + + transition: color .2s, background-color .2s; } -main { +body.crt #overlay { + display: block; } a { @@ -118,6 +120,7 @@ a#backtotop:hover { left: 0; width: 100vw; height: 100vh; + display: none; background-image: linear-gradient(180deg, rgba(0,0,0,0) 15%, rgb(0, 0, 0) 40%, rgb(0, 0, 0) 60%, rgba(0,0,0,0) 85%); background-size: 100vw .2em; background-repeat: repeat; @@ -136,3 +139,27 @@ a#backtotop:hover { } } + +@media (prefers-color-scheme: light) { + a.link-button:hover { + box-shadow: none; + } + + @keyframes list-item-fadein { + from { + opacity: 1; + background: var(--links); + } + + to { + opacity: 1; + background: transparent; + } + } +} + +@media (prefers-color-scheme: dark) { + body.crt { + text-shadow: 0 0 3em; + } +} diff --git a/public/style/music-gateway.css b/public/style/music-gateway.css index 6790828..0bb7232 100644 --- a/public/style/music-gateway.css +++ b/public/style/music-gateway.css @@ -17,6 +17,10 @@ body { font-family: "Monaspace Argon", monospace; } +header { + background-color: #111; +} + #background { position: fixed; top: 0; @@ -258,7 +262,7 @@ div#info p { #title, #artist { - text-shadow: 0 .05em 2px #0004 + text-shadow: 0 .05em 2px #0004; } #type { diff --git a/public/style/music.css b/public/style/music.css index 9700526..4973e44 100644 --- a/public/style/music.css +++ b/public/style/music.css @@ -1,146 +1,129 @@ main { - width: min(calc(100% - 4rem), 720px); - min-height: calc(100vh - 10.3rem); - margin: 0 auto 2rem auto; - padding-top: 4rem; + width: min(calc(100% - 4rem), 720px); + min-height: calc(100vh - 10.3rem); + margin: 0 auto 2rem auto; + padding-top: 4rem; } main nav { - margin: -1rem .5rem 1rem .5rem; + margin: -1rem .5rem 1rem .5rem; } div.music { - margin-bottom: 1rem; - padding: 1.5rem; - display: flex; - flex-direction: row; - gap: 1.5em; - border: 1px solid #222; - border-radius: 4px; - background-color: #ffffff08; - transition: background-color .1s; - text-decoration: none; - cursor: pointer; + margin-bottom: 1rem; + padding: 1.5rem; + display: flex; + flex-direction: row; + gap: 1.5em; + border: 1px solid #8882; + border-radius: 4px; + background-color: #ffffff08; + transition: background-color .1s; + text-decoration: none; + cursor: pointer; } div.music:hover { - background-color: #fff1; + background-color: #fff1; } div.music a { - text-decoration: none; + text-decoration: none; } .music h1:hover, .music h2:hover, .music h3:hover { - background: initial; + background: initial; } .music-artwork img { - border: 1px solid #888; + border: 1px solid #8888; } .music-title { - margin: 0; - color: #eee; - font-size: 1.6em; - line-height: 1.6em; + margin: 0; + color: var(--on-background); + font-size: 1.6em; + line-height: 1.6em; +} +.music-title a { + color: inherit; + transition: color .2s; } .music-year { - color: #888; + color: #888; } .music-artist { - margin: -.5rem 0 0 0; - font-size: 1em; - color: #aaa; + margin: -.5rem 0 0 0; + font-size: 1em; + color: #aaa; } h3[class^=music-type] { - margin: 0 0 1rem 0; - font-size: .8em; - color: #eee; + margin: 0 0 1rem 0; + font-size: .8em; + color: #eee; + transition: color .2s; } h3.music-type-single { - color: var(--tertiary); + color: var(--tertiary); } h3.music-type-compilation { - color: var(--secondary); + color: var(--secondary); } h3.music-type-album { - color: var(--primary); + color: var(--primary); } h3.music-type-upcoming { - color: #f47070; + color: #f47070; } .music-links { - width: fit-content; - margin: .5em 0; - padding: 0; - display: flex; - gap: .5rem; - flex-wrap: wrap; - line-height: 1.7em; - justify-content: center; + width: fit-content; + margin: .5em 0; + padding: 0; + display: flex; + gap: .5rem; + flex-wrap: wrap; + line-height: 1.7em; + justify-content: center; } .music-links li { - list-style: none; + list-style: none; } -/* -.music-links li a { - padding: .2em .5em; - border: 1px solid #65b4fd; - color: #65b4fd; - border-radius: 2px; - background-color: transparent; - transition-property: color, border-color, background-color; - transition-duration: .2s; - animation: list-item-fadein .2s forwards; - animation-delay: 0s; - opacity: 0; -} - -.music-links li a:hover { - color: #eee; - border-color: #eee; - background-color: var(--links) !important; - text-decoration: none; -} -*/ - h2.question { - margin: 1rem 0; - padding: 1rem 1.5rem; - border-radius: 4px; - cursor: pointer; + margin: 1rem 0; + padding: 1rem 1.5rem; + border-radius: 4px; + cursor: pointer; } div.answer { - margin: -1rem 0 1rem 0; - padding: .5em 1.5em; - border-radius: 4px; + margin: -1rem 0 1rem 0; + padding: .5em 1.5em; + border-radius: 4px; } @media screen and (max-width: 740px) { - div.music { - flex-direction: column; - } + div.music { + flex-direction: column; + } - .music-artwork, - .music-details { - text-align: center; - align-items: center; - display: flex; - flex-direction: column; - } + .music-artwork, + .music-details { + text-align: center; + align-items: center; + display: flex; + flex-direction: column; + } } diff --git a/views/index.html b/views/index.html index 6a598c9..636c369 100644 --- a/views/index.html +++ b/views/index.html @@ -16,6 +16,8 @@ + + {{end}} {{define "content"}} @@ -66,9 +68,9 @@ my colours 🌈

    -
  • primary: #b7fd49
    • -
  • secondary: #f8e05b
    • -
  • tertiary: #f788fe
    • +
  • primary: #b7fd49
    • +
  • secondary: #f8e05b
    • +
  • tertiary: #f788fe

From 45f33b8b463f4c8d918cb56bbdd92b76b85d541b Mon Sep 17 00:00:00 2001 From: ari melody Date: Thu, 23 Jan 2025 00:37:19 +0000 Subject: [PATCH 05/63] terrible no good massive refactor commit (oh yeah and built generic sessions for admin panel) --- admin/accounthttp.go | 403 ++++-------------- admin/artisthttp.go | 6 +- admin/http.go | 370 ++++++++++++++-- admin/releasehttp.go | 6 +- admin/static/admin.css | 39 +- admin/static/edit-account.css | 22 +- admin/static/edit-artist.css | 2 +- admin/static/edit-release.css | 12 +- admin/static/edit-track.css | 2 +- admin/static/index.css | 22 +- admin/static/release-list-item.css | 6 +- admin/templates.go | 4 +- admin/trackhttp.go | 6 +- admin/views/edit-account.html | 36 +- admin/views/edit-artist.html | 10 +- admin/views/index.html | 6 +- admin/views/layout.html | 4 +- admin/views/login.html | 25 +- admin/views/logout.html | 7 +- .../{create-account.html => register.html} | 12 +- api/artist.go | 9 +- api/release.go | 18 +- controller/account.go | 49 +-- controller/session.go | 128 ++++++ controller/token.go | 61 --- controller/totp.go | 20 +- main.go | 18 +- model/account.go | 19 +- model/{token.go => session.go} | 12 +- public/style/footer.css | 10 +- public/style/index.css | 2 +- schema_migration/000-init.sql | 14 +- schema_migration/001-pre-versioning.sql | 24 +- view/music.go | 10 +- 34 files changed, 740 insertions(+), 654 deletions(-) rename admin/views/{create-account.html => register.html} (73%) create mode 100644 controller/session.go delete mode 100644 controller/token.go rename model/{token.go => session.go} (54%) diff --git a/admin/accounthttp.go b/admin/accounthttp.go index b354fd5..fc701e7 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -3,9 +3,7 @@ package admin import ( "fmt" "net/http" - "net/url" "os" - "strings" "time" "arimelody-web/controller" @@ -14,16 +12,11 @@ import ( "golang.org/x/crypto/bcrypt" ) -type loginRegisterResponse struct { - Account *model.Account - Message string - Token string -} - -func AccountHandler(app *model.AppState) http.Handler { +func accountHandler(app *model.AppState) http.Handler { mux := http.NewServeMux() mux.Handle("/password", changePasswordHandler(app)) + mux.Handle("/delete", deleteAccountHandler(app)) mux.Handle("/", accountIndexHandler(app)) return mux @@ -31,26 +24,22 @@ func AccountHandler(app *model.AppState) http.Handler { func accountIndexHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - account := r.Context().Value("account").(*model.Account) + session := r.Context().Value("session").(*model.Session) - totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) + totps, err := controller.GetTOTPsForAccount(app.DB, session.Account.ID) if err != nil { fmt.Printf("WARN: Failed to fetch TOTPs: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) } type accountResponse struct { - Account *model.Account + Session *model.Session TOTPs []model.TOTP - Message string - Error string } err = pages["account"].Execute(w, accountResponse{ - Account: account, + Session: session, TOTPs: totps, - Message: r.URL.Query().Get("message"), - Error: r.URL.Query().Get("error"), }) if err != nil { fmt.Printf("WARN: Failed to render admin account page: %v\n", err) @@ -59,303 +48,6 @@ func accountIndexHandler(app *model.AppState) http.Handler { }) } -func LoginHandler(app *model.AppState) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method == http.MethodGet { - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) - return - } - if account != nil { - http.Redirect(w, r, "/admin", http.StatusFound) - return - } - - err = pages["login"].Execute(w, loginRegisterResponse{}) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Error rendering admin login page: %s\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - return - } - - type LoginResponse struct { - Account *model.Account - Token string - Message string - } - - render := func(data LoginResponse) { - err := pages["login"].Execute(w, data) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Error rendering admin login page: %s\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - } - - if r.Method != http.MethodPost { - http.NotFound(w, r); - return - } - - err := r.ParseForm() - if err != nil { - render(LoginResponse{ Message: "Malformed request." }) - return - } - - type LoginRequest struct { - Username string `json:"username"` - Password string `json:"password"` - TOTP string `json:"totp"` - } - credentials := LoginRequest{ - Username: r.Form.Get("username"), - Password: r.Form.Get("password"), - TOTP: r.Form.Get("totp"), - } - - account, err := controller.GetAccount(app.DB, credentials.Username) - if err != nil { - render(LoginResponse{ Message: "Invalid username or password" }) - return - } - if account == nil { - render(LoginResponse{ Message: "Invalid username or password" }) - return - } - - err = bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(credentials.Password)) - if err != nil { - render(LoginResponse{ Message: "Invalid username or password" }) - return - } - - totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) - render(LoginResponse{ Message: "Something went wrong. Please try again." }) - return - } - if len(totps) > 0 { - success := false - for _, totp := range totps { - check := controller.GenerateTOTP(totp.Secret, 0) - if check == credentials.TOTP { - success = true - break - } - } - if !success { - render(LoginResponse{ Message: "Invalid TOTP" }) - return - } - } else { - // TODO: user should be prompted to add 2FA method - } - - // login success! - token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to create token: %v\n", err) - render(LoginResponse{ Message: "Something went wrong. Please try again." }) - return - } - - cookie := http.Cookie{} - cookie.Name = model.COOKIE_TOKEN - cookie.Value = token.Token - cookie.Expires = token.ExpiresAt - if strings.HasPrefix(app.Config.BaseUrl, "https") { - cookie.Secure = true - } - cookie.HttpOnly = true - cookie.Path = "/" - http.SetCookie(w, &cookie) - - render(LoginResponse{ Account: account, Token: token.Token }) - }) -} - -func LogoutHandler(app *model.AppState) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method != http.MethodGet { - http.NotFound(w, r) - return - } - - tokenStr := controller.GetTokenFromRequest(app.DB, r) - - if len(tokenStr) > 0 { - err := controller.DeleteToken(app.DB, tokenStr) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to revoke token: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - } - - cookie := http.Cookie{} - cookie.Name = model.COOKIE_TOKEN - cookie.Value = "" - cookie.Expires = time.Now() - if strings.HasPrefix(app.Config.BaseUrl, "https") { - cookie.Secure = true - } - cookie.HttpOnly = true - cookie.Path = "/" - http.SetCookie(w, &cookie) - http.Redirect(w, r, "/admin/login", http.StatusFound) - }) -} - -func createAccountHandler(app *model.AppState) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - checkAccount, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - fmt.Printf("WARN: Failed to fetch account: %s\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - if checkAccount != nil { - // user is already logged in - http.Redirect(w, r, "/admin", http.StatusFound) - return - } - - type CreateaccountResponse struct { - Account *model.Account - Message string - } - - render := func(data CreateaccountResponse) { - err := pages["create-account"].Execute(w, data) - if err != nil { - fmt.Printf("WARN: Error rendering create account page: %s\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - } - } - - if r.Method == http.MethodGet { - render(CreateaccountResponse{}) - return - } - - if r.Method != http.MethodPost { - http.NotFound(w, r) - return - } - - err = r.ParseForm() - if err != nil { - render(CreateaccountResponse{ - Message: "Malformed data.", - }) - return - } - - type RegisterRequest struct { - Username string `json:"username"` - Email string `json:"email"` - Password string `json:"password"` - Invite string `json:"invite"` - } - credentials := RegisterRequest{ - Username: r.Form.Get("username"), - Email: r.Form.Get("email"), - Password: r.Form.Get("password"), - Invite: r.Form.Get("invite"), - } - - // make sure code exists in DB - invite, err := controller.GetInvite(app.DB, credentials.Invite) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) - render(CreateaccountResponse{ - Message: "Something went wrong. Please try again.", - }) - return - } - if invite == nil || time.Now().After(invite.ExpiresAt) { - if invite != nil { - err := controller.DeleteInvite(app.DB, invite.Code) - if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } - } - render(CreateaccountResponse{ - Message: "Invalid invite code.", - }) - return - } - - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(credentials.Password), bcrypt.DefaultCost) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err) - render(CreateaccountResponse{ - Message: "Something went wrong. Please try again.", - }) - return - } - - account := model.Account{ - Username: credentials.Username, - Password: string(hashedPassword), - Email: credentials.Email, - AvatarURL: "/img/default-avatar.png", - } - err = controller.CreateAccount(app.DB, &account) - if err != nil { - if strings.HasPrefix(err.Error(), "pq: duplicate key") { - render(CreateaccountResponse{ - Message: "An account with that username already exists.", - }) - return - } - fmt.Fprintf(os.Stderr, "WARN: Failed to create account: %v\n", err) - render(CreateaccountResponse{ - Message: "Something went wrong. Please try again.", - }) - return - } - - err = controller.DeleteInvite(app.DB, invite.Code) - if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } - - // registration success! - token, err := controller.CreateToken(app.DB, account.ID, r.UserAgent()) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to create token: %v\n", err) - // gracefully redirect user to login page - http.Redirect(w, r, "/admin/login", http.StatusFound) - return - } - - cookie := http.Cookie{} - cookie.Name = model.COOKIE_TOKEN - cookie.Value = token.Token - cookie.Expires = token.ExpiresAt - if strings.HasPrefix(app.Config.BaseUrl, "https") { - cookie.Secure = true - } - cookie.HttpOnly = true - cookie.Path = "/" - http.SetCookie(w, &cookie) - - err = pages["login"].Execute(w, loginRegisterResponse{ - Account: &account, - Token: token.Token, - }) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to render login page: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - }) -} - func changePasswordHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { @@ -363,22 +55,89 @@ func changePasswordHandler(app *model.AppState) http.Handler { return } - account := r.Context().Value("account").(*model.Account) + session := r.Context().Value("session").(*model.Session) r.ParseForm() currentPassword := r.Form.Get("current-password") - if err := bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(currentPassword)); err != nil { - http.Redirect(w, r, "/admin/account?error=" + url.PathEscape("Incorrect password."), http.StatusFound) + if err := bcrypt.CompareHashAndPassword([]byte(session.Account.Password), []byte(currentPassword)); err != nil { + controller.SetSessionMessage(app.DB, session, "Incorrect password.") + http.Redirect(w, r, "/admin/account", http.StatusFound) return } newPassword := r.Form.Get("new-password") - http.Redirect( - w, r, "/admin/account?message=" + - url.PathEscape(fmt.Sprintf("Updating password to %s", newPassword)), - http.StatusFound, - ) + controller.SetSessionMessage(app.DB, session, fmt.Sprintf("Updating password to %s", newPassword)) + http.Redirect(w, r, "/admin/account", http.StatusFound) + }) +} + +func deleteAccountHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + http.NotFound(w, r) + return + } + + err := r.ParseForm() + if err != nil { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + if !r.Form.Has("password") || !r.Form.Has("totp") { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + session := r.Context().Value("session").(*model.Session) + + // check password + if err := bcrypt.CompareHashAndPassword([]byte(session.Account.Password), []byte(r.Form.Get("password"))); err != nil { + fmt.Printf( + "[%s] WARN: Account \"%s\" attempted account deletion with incorrect password.\n", + time.Now().Format("2006-02-01 15:04:05"), + session.Account.Username, + ) + controller.SetSessionMessage(app.DB, session, "Incorrect password.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + + totpMethod, err := controller.CheckTOTPForAccount(app.DB, session.Account.ID, r.Form.Get("totp")) + if err != nil { + fmt.Fprintf(os.Stderr, "Failed to fetch account: %v\n", err) + controller.SetSessionMessage(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + if totpMethod == nil { + fmt.Printf( + "[%s] WARN: Account \"%s\" attempted account deletion with incorrect TOTP.\n", + time.Now().Format("2006-02-01 15:04:05"), + session.Account.Username, + ) + controller.SetSessionMessage(app.DB, session, "Incorrect TOTP.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + } + + err = controller.DeleteAccount(app.DB, session.Account.ID) + if err != nil { + fmt.Fprintf(os.Stderr, "Failed to delete account: %v\n", err) + controller.SetSessionMessage(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + + fmt.Printf( + "[%s] INFO: Account \"%s\" deleted by user request.\n", + time.Now().Format("2006-02-01 15:04:05"), + session.Account.Username, + ) + + session.Account = nil + controller.SetSessionMessage(app.DB, session, "Account deleted successfully.") + http.Redirect(w, r, "/admin/login", http.StatusFound) }) } diff --git a/admin/artisthttp.go b/admin/artisthttp.go index d6a5e76..5979493 100644 --- a/admin/artisthttp.go +++ b/admin/artisthttp.go @@ -32,15 +32,15 @@ func serveArtist(app *model.AppState) http.Handler { } type ArtistResponse struct { - Account *model.Account + Session *model.Session Artist *model.Artist Credits []*model.Credit } - account := r.Context().Value("account").(*model.Account) + session := r.Context().Value("session").(*model.Session) err = pages["artist"].Execute(w, ArtistResponse{ - Account: account, + Session: session, Artist: artist, Credits: credits, }) diff --git a/admin/http.go b/admin/http.go index 763537a..ad0d44e 100644 --- a/admin/http.go +++ b/admin/http.go @@ -2,40 +2,51 @@ package admin import ( "context" + "database/sql" "fmt" "net/http" "os" "path/filepath" + "strings" + "time" "arimelody-web/controller" "arimelody-web/model" + + "golang.org/x/crypto/bcrypt" ) func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() - mux.Handle("/login", LoginHandler(app)) - mux.Handle("/register", createAccountHandler(app)) - mux.Handle("/logout", RequireAccount(app, LogoutHandler(app))) - mux.Handle("/account/", RequireAccount(app, http.StripPrefix("/account", AccountHandler(app)))) - mux.Handle("/static/", http.StripPrefix("/static", staticHandler())) + mux.Handle("/login", loginHandler(app)) + mux.Handle("/logout", RequireAccount(app, logoutHandler(app))) + + mux.Handle("/register", registerAccountHandler(app)) + + mux.Handle("/account", RequireAccount(app, accountIndexHandler(app))) + mux.Handle("/account/", RequireAccount(app, http.StripPrefix("/account", accountHandler(app)))) + mux.Handle("/release/", RequireAccount(app, http.StripPrefix("/release", serveRelease(app)))) mux.Handle("/artist/", RequireAccount(app, http.StripPrefix("/artist", serveArtist(app)))) mux.Handle("/track/", RequireAccount(app, http.StripPrefix("/track", serveTrack(app)))) - mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + + mux.Handle("/static/", http.StripPrefix("/static", staticHandler())) + + mux.Handle("/", RequireAccount(app, AdminIndexHandler(app))) + + // response wrapper to make sure a session cookie exists + return enforceSession(app, mux) +} + +func AdminIndexHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path != "/" { http.NotFound(w, r) return } - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %s\n", err) - } - if account == nil { - http.Redirect(w, r, "/admin/login", http.StatusFound) - return - } + session := r.Context().Value("session").(*model.Session) releases, err := controller.GetAllReleases(app.DB, false, 0, true) if err != nil { @@ -52,52 +63,283 @@ func Handler(app *model.AppState) http.Handler { } tracks, err := controller.GetOrphanTracks(app.DB) - if err != nil { + if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to pull orphan tracks: %s\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } type IndexData struct { - Account *model.Account + Session *model.Session Releases []*model.Release Artists []*model.Artist Tracks []*model.Track } err = pages["index"].Execute(w, IndexData{ - Account: account, + Session: session, Releases: releases, Artists: artists, Tracks: tracks, }) - if err != nil { + if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to render admin index: %s\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - })) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + }) +} - return mux +func registerAccountHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + session := r.Context().Value("session").(*model.Session) + session.Error = sql.NullString{} + session.Message = sql.NullString{} + + if session.Account != nil { + // user is already logged in + http.Redirect(w, r, "/admin", http.StatusFound) + return + } + + render := func() { + err := pages["register"].Execute(w, session) + if err != nil { + fmt.Printf("WARN: Error rendering create account page: %s\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + } + + if r.Method == http.MethodGet { + render() + return + } + + if r.Method != http.MethodPost { + http.NotFound(w, r) + return + } + + err := r.ParseForm() + if err != nil { + session.Error = sql.NullString{ String: "Malformed data.", Valid: true } + render() + return + } + + type RegisterRequest struct { + Username string `json:"username"` + Email string `json:"email"` + Password string `json:"password"` + Invite string `json:"invite"` + } + credentials := RegisterRequest{ + Username: r.Form.Get("username"), + Email: r.Form.Get("email"), + Password: r.Form.Get("password"), + Invite: r.Form.Get("invite"), + } + + // make sure invite code exists in DB + invite, err := controller.GetInvite(app.DB, credentials.Invite) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) + session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + render() + return + } + if invite == nil || time.Now().After(invite.ExpiresAt) { + if invite != nil { + err := controller.DeleteInvite(app.DB, invite.Code) + if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } + } + session.Error = sql.NullString{ String: "Invalid invite code.", Valid: true } + render() + return + } + + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(credentials.Password), bcrypt.DefaultCost) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err) + session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + render() + return + } + + account := model.Account{ + Username: credentials.Username, + Password: string(hashedPassword), + Email: sql.NullString{ String: credentials.Email, Valid: true }, + AvatarURL: sql.NullString{ String: "/img/default-avatar.png", Valid: true }, + } + err = controller.CreateAccount(app.DB, &account) + if err != nil { + if strings.HasPrefix(err.Error(), "pq: duplicate key") { + session.Error = sql.NullString{ String: "An account with that username already exists.", Valid: true } + render() + return + } + fmt.Fprintf(os.Stderr, "WARN: Failed to create account: %v\n", err) + session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + render() + return + } + + err = controller.DeleteInvite(app.DB, invite.Code) + if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } + + // registration success! + controller.SetSessionAccount(app.DB, session, &account) + http.Redirect(w, r, "/admin", http.StatusFound) + }) +} + +func loginHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodGet && r.Method != http.MethodPost { + http.NotFound(w, r) + return + } + + session := r.Context().Value("session").(*model.Session) + + type loginData struct { + Session *model.Session + } + + render := func() { + err := pages["login"].Execute(w, loginData{ Session: session }) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Error rendering admin login page: %s\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + } + + if r.Method == http.MethodGet { + if session.Account != nil { + // user is already logged in + http.Redirect(w, r, "/admin", http.StatusFound) + return + } + + render() + return + } + + err := r.ParseForm() + if err != nil { + session.Error = sql.NullString{ String: "Malformed data.", Valid: true } + render() + return + } + + // new accounts won't have TOTP methods at first. there should be a + // second phase of login that prompts the user for a TOTP *only* + // if that account has a TOTP method. + // TODO: login phases (username & password -> TOTP) + + type LoginRequest struct { + Username string `json:"username"` + Password string `json:"password"` + TOTP string `json:"totp"` + } + credentials := LoginRequest{ + Username: r.Form.Get("username"), + Password: r.Form.Get("password"), + TOTP: r.Form.Get("totp"), + } + + account, err := controller.GetAccountByUsername(app.DB, credentials.Username) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account for login: %v\n", err) + session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true } + render() + return + } + if account == nil { + session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true } + render() + return + } + + err = bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(credentials.Password)) + if err != nil { + fmt.Printf( + "[%s] INFO: Account \"%s\" attempted login with incorrect password.\n", + time.Now().Format("2006-02-01 15:04:05"), + account.Username, + ) + session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true } + render() + return + } + + totpMethod, err := controller.CheckTOTPForAccount(app.DB, account.ID, credentials.TOTP) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) + session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + render() + return + } + if totpMethod == nil { + session.Error = sql.NullString{ String: "Invalid TOTP.", Valid: true } + render() + return + } + + // TODO: log login activity to user + fmt.Printf( + "[%s] INFO: Account \"%s\" logged in with method \"%s\"\n", + time.Now().Format("2006-02-01 15:04:05"), + account.Username, + totpMethod.Name, + ) + + // login success! + controller.SetSessionAccount(app.DB, session, account) + http.Redirect(w, r, "/admin", http.StatusFound) + }) +} + +func logoutHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodGet { + http.NotFound(w, r) + return + } + + session := r.Context().Value("session").(*model.Session) + err := controller.DeleteSession(app.DB, session.Token) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to delete session: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + + http.SetCookie(w, &http.Cookie{ + Name: model.COOKIE_TOKEN, + Expires: time.Now(), + Path: "/", + }) + + err = pages["logout"].Execute(w, nil) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to render logout page: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + }) } func RequireAccount(app *model.AppState, next http.Handler) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) - return - } - if account == nil { + session := r.Context().Value("session").(*model.Session) + if session.Account == nil { // TODO: include context in redirect http.Redirect(w, r, "/admin/login", http.StatusFound) return } - - ctx := context.WithValue(r.Context(), "account", account) - - next.ServeHTTP(w, r.WithContext(ctx)) + next.ServeHTTP(w, r) }) } @@ -121,3 +363,57 @@ func staticHandler() http.Handler { http.FileServer(http.Dir(filepath.Join("admin", "static"))).ServeHTTP(w, r) }) } + +func enforceSession(app *model.AppState, next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + sessionCookie, err := r.Cookie(model.COOKIE_TOKEN) + if err != nil && err != http.ErrNoCookie { + fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve session cookie: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + + var session *model.Session + + if sessionCookie != nil { + // fetch existing session + session, err = controller.GetSession(app.DB, sessionCookie.Value) + + if err != nil { + if strings.Contains(err.Error(), "no rows") { + http.Error(w, "Invalid session. Please try clearing your cookies and refresh.", http.StatusBadRequest) + return + } + fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve session: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + + if session != nil { + // TODO: consider running security checks here (i.e. user agent mismatches) + } + } + + if session == nil { + // create a new session + session, err = controller.CreateSession(app.DB, r.UserAgent()) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to create session: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + + http.SetCookie(w, &http.Cookie{ + Name: model.COOKIE_TOKEN, + Value: session.Token, + Expires: session.ExpiresAt, + Secure: strings.HasPrefix(app.Config.BaseUrl, "https"), + HttpOnly: true, + Path: "/", + }) + } + + ctx := context.WithValue(r.Context(), "session", session) + next.ServeHTTP(w, r.WithContext(ctx)) + }) +} diff --git a/admin/releasehttp.go b/admin/releasehttp.go index 503166b..7d098e6 100644 --- a/admin/releasehttp.go +++ b/admin/releasehttp.go @@ -14,7 +14,7 @@ func serveRelease(app *model.AppState) http.Handler { slices := strings.Split(r.URL.Path[1:], "/") releaseID := slices[0] - account := r.Context().Value("account").(*model.Account) + session := r.Context().Value("session").(*model.Session) release, err := controller.GetRelease(app.DB, releaseID, true) if err != nil { @@ -56,12 +56,12 @@ func serveRelease(app *model.AppState) http.Handler { } type ReleaseResponse struct { - Account *model.Account + Session *model.Session Release *model.Release } err = pages["release"].Execute(w, ReleaseResponse{ - Account: account, + Session: session, Release: release, }) if err != nil { diff --git a/admin/static/admin.css b/admin/static/admin.css index 32f69bb..45d67a4 100644 --- a/admin/static/admin.css +++ b/admin/static/admin.css @@ -24,7 +24,7 @@ nav { justify-content: left; background: #f8f8f8; - border-radius: .5em; + border-radius: 4px; border: 1px solid #808080; } nav .icon { @@ -127,20 +127,34 @@ a img.icon { +#message, #error { - background: #ffa9b8; - border: 1px solid #dc5959; + margin: 0 0 1em 0; padding: 1em; border-radius: 4px; + background: #ffffff; + border: 1px solid #888; +} +#message { + background: #a9dfff; + border-color: #599fdc; +} +#error { + background: #ffa9b8; + border-color: #dc5959; } +a.delete { + color: #d22828; +} + button, .button { padding: .5em .8em; font-family: inherit; font-size: inherit; - border-radius: .5em; + border-radius: 4px; border: 1px solid #a0a0a0; background: #f0f0f0; color: inherit; @@ -154,35 +168,32 @@ button:active, .button:active { border-color: #808080; } -button { +.button, button { color: inherit; } -button.new { +.button.new, button.new { background: #c4ff6a; border-color: #84b141; } -button.save { +.button.save, button.save { background: #6fd7ff; border-color: #6f9eb0; } -button.delete { +.button.delete, button.delete { background: #ff7171; border-color: #7d3535; } -button:hover { +.button:hover, button:hover { background: #fff; border-color: #d0d0d0; } -button:active { +.button:active, button:active { background: #d0d0d0; border-color: #808080; } -button[disabled] { +.button[disabled], button[disabled] { background: #d0d0d0 !important; border-color: #808080 !important; opacity: .5; cursor: not-allowed !important; } -a.delete { - color: #d22828; -} diff --git a/admin/static/edit-account.css b/admin/static/edit-account.css index 625db13..52fb756 100644 --- a/admin/static/edit-account.css +++ b/admin/static/edit-account.css @@ -1,14 +1,7 @@ @import url("/admin/static/index.css"); -form#change-password { - width: 100%; - display: flex; - flex-direction: column; - align-items: start; -} - -form div { - width: 20rem; +div.card { + margin-bottom: 2rem; } form button { @@ -22,7 +15,7 @@ label { color: #10101080; } input { - width: 100%; + width: min(20rem, calc(100% - 1rem)); margin: .5rem 0; padding: .3rem .5rem; display: block; @@ -33,18 +26,11 @@ input { color: inherit; } -#error { - background: #ffa9b8; - border: 1px solid #dc5959; - padding: 1em; - border-radius: 4px; -} - .mfa-device { padding: .75em; background: #f8f8f8f8; border: 1px solid #808080; - border-radius: .5em; + border-radius: 8px; margin-bottom: .5em; display: flex; justify-content: space-between; diff --git a/admin/static/edit-artist.css b/admin/static/edit-artist.css index 793b989..5627e64 100644 --- a/admin/static/edit-artist.css +++ b/admin/static/edit-artist.css @@ -9,7 +9,7 @@ h1 { flex-direction: row; gap: 1.2em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } diff --git a/admin/static/edit-release.css b/admin/static/edit-release.css index 10eada3..63d399e 100644 --- a/admin/static/edit-release.css +++ b/admin/static/edit-release.css @@ -11,7 +11,7 @@ input[type="text"] { flex-direction: row; gap: 1.2em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } @@ -160,7 +160,7 @@ dialog div.dialog-actions { align-items: center; gap: 1em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } @@ -170,7 +170,7 @@ dialog div.dialog-actions { } .card.credits .credit .artist-avatar { - border-radius: .5em; + border-radius: 8px; } .card.credits .credit .artist-name { @@ -196,7 +196,7 @@ dialog div.dialog-actions { align-items: center; gap: 1em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } @@ -215,7 +215,7 @@ dialog div.dialog-actions { } #editcredits .credit .artist-avatar { - border-radius: .5em; + border-radius: 8px; } #editcredits .credit .credit-info { @@ -393,7 +393,7 @@ dialog div.dialog-actions { flex-direction: column; gap: .5em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } diff --git a/admin/static/edit-track.css b/admin/static/edit-track.css index 8a05089..600b680 100644 --- a/admin/static/edit-track.css +++ b/admin/static/edit-track.css @@ -11,7 +11,7 @@ h1 { flex-direction: row; gap: 1.2em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } diff --git a/admin/static/index.css b/admin/static/index.css index 9d38940..9fcd731 100644 --- a/admin/static/index.css +++ b/admin/static/index.css @@ -1,23 +1,5 @@ @import url("/admin/static/release-list-item.css"); -.create-btn { - background: #c4ff6a; - padding: .5em .8em; - border-radius: .5em; - border: 1px solid #84b141; - text-decoration: none; -} -.create-btn:hover { - background: #fff; - border-color: #d0d0d0; - text-decoration: inherit; -} -.create-btn:active { - background: #d0d0d0; - border-color: #808080; - text-decoration: inherit; -} - .artist { margin-bottom: .5em; padding: .5em; @@ -26,7 +8,7 @@ align-items: center; gap: .5em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } @@ -49,7 +31,7 @@ flex-direction: column; gap: .5em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } diff --git a/admin/static/release-list-item.css b/admin/static/release-list-item.css index ee67de7..638eac0 100644 --- a/admin/static/release-list-item.css +++ b/admin/static/release-list-item.css @@ -5,7 +5,7 @@ flex-direction: row; gap: 1em; - border-radius: .5em; + border-radius: 8px; background: #f8f8f8f8; border: 1px solid #808080; } @@ -50,7 +50,7 @@ padding: .5em; display: block; - border-radius: .5em; + border-radius: 8px; text-decoration: none; color: #f0f0f0; background: #303030; @@ -73,7 +73,7 @@ padding: .3em .5em; display: inline-block; - border-radius: .3em; + border-radius: 4px; background: #e0e0e0; transition: color .1s, background .1s; diff --git a/admin/templates.go b/admin/templates.go index 1fa7a65..1021832 100644 --- a/admin/templates.go +++ b/admin/templates.go @@ -18,10 +18,10 @@ var pages = map[string]*template.Template{ filepath.Join("views", "prideflag.html"), filepath.Join("admin", "views", "login.html"), )), - "create-account": template.Must(template.ParseFiles( + "register": template.Must(template.ParseFiles( filepath.Join("admin", "views", "layout.html"), filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "create-account.html"), + filepath.Join("admin", "views", "register.html"), )), "logout": template.Must(template.ParseFiles( filepath.Join("admin", "views", "layout.html"), diff --git a/admin/trackhttp.go b/admin/trackhttp.go index fa49b53..9436671 100644 --- a/admin/trackhttp.go +++ b/admin/trackhttp.go @@ -32,15 +32,15 @@ func serveTrack(app *model.AppState) http.Handler { } type TrackResponse struct { - Account *model.Account + Session *model.Session Track *model.Track Releases []*model.Release } - account := r.Context().Value("account").(*model.Account) + session := r.Context().Value("session").(*model.Session) err = pages["track"].Execute(w, TrackResponse{ - Account: account, + Session: session, Track: track, Releases: releases, }) diff --git a/admin/views/edit-account.html b/admin/views/edit-account.html index fd527b4..0acfaf5 100644 --- a/admin/views/edit-account.html +++ b/admin/views/edit-account.html @@ -6,29 +6,27 @@ {{define "content"}}

- {{if .Message}} -

{{.Message}}

+ {{if .Session.Message.Valid}} +

{{html .Session.Message.String}}

{{end}} - {{if .Error}} -

{{.Error}}

+ {{if .Session.Error.Valid}} +

{{html .Session.Error.String}}

{{end}} -

Account Settings ({{.Account.Username}})

+

Account Settings ({{.Session.Account.Username}})

Change Password

-
- - + + - - + + - - -
+ + @@ -64,9 +62,17 @@

Clicking the button below will delete your account. This action is irreversible. - You will be prompted to confirm this decision. + You will need to enter your password and TOTP below.

- +
+ + + + + + + +
diff --git a/admin/views/edit-artist.html b/admin/views/edit-artist.html index ccb3a45..b0cfb41 100644 --- a/admin/views/edit-artist.html +++ b/admin/views/edit-artist.html @@ -36,13 +36,13 @@ {{if .Credits}} {{range .Credits}}
- +
-

{{.Artist.Release.Title}}

-

{{.Artist.Release.PrintArtists true true}}

+

{{.Release.Title}}

+

{{.Release.PrintArtists true true}}

- Role: {{.Artist.Role}} - {{if .Artist.Primary}} + Role: {{.Role}} + {{if .Primary}} (Primary) {{end}}

diff --git a/admin/views/index.html b/admin/views/index.html index 8f42e0e..2b9c897 100644 --- a/admin/views/index.html +++ b/admin/views/index.html @@ -9,7 +9,7 @@

Releases

- Create New + Create New
{{range .Releases}} @@ -22,7 +22,7 @@

Artists

- Create New + Create New
{{range $Artist := .Artists}} @@ -38,7 +38,7 @@

Tracks

- Create New + Create New

"Orphaned" tracks that have not yet been bound to a release.

diff --git a/admin/views/layout.html b/admin/views/layout.html index bacf014..8c34c8e 100644 --- a/admin/views/layout.html +++ b/admin/views/layout.html @@ -24,9 +24,9 @@ home
- {{if .Account}} + {{if .Session.Account}}
- account ({{.Account.Username}}) + account ({{.Session.Account.Username}})
log out diff --git a/admin/views/login.html b/admin/views/login.html index 7744e91..e8581e8 100644 --- a/admin/views/login.html +++ b/admin/views/login.html @@ -52,35 +52,26 @@ input[disabled] { {{define "content"}}
- {{if .Message}} -

{{.Message}}

+ {{if .Session.Message.Valid}} +

{{html .Session.Message.String}}

+ {{end}} + {{if .Session.Error.Valid}} +

{{html .Session.Error.String}}

{{end}} - - {{if .Token}} - - -

- Logged in successfully. - You should be redirected to /admin soon. -

- - {{else}}
- + - + - +
- - {{end}}
{{end}} diff --git a/admin/views/logout.html b/admin/views/logout.html index 1999377..f127fd6 100644 --- a/admin/views/logout.html +++ b/admin/views/logout.html @@ -12,13 +12,10 @@ p a { {{define "content"}}
- +

Logged out successfully. - You should be redirected to / in 5 seconds. - + You should be redirected to /admin/login shortly.

diff --git a/admin/views/create-account.html b/admin/views/register.html similarity index 73% rename from admin/views/create-account.html rename to admin/views/register.html index 8d59c0f..8899fd9 100644 --- a/admin/views/create-account.html +++ b/admin/views/register.html @@ -48,23 +48,23 @@ input { {{define "content"}}
- {{if .Message}} -

{{.Message}}

+ {{if .Session.Error.Valid}} +

{{html .Session.Error.String}}

{{end}}
- + - + - + - +
diff --git a/api/artist.go b/api/artist.go index a9676b1..51c9d62 100644 --- a/api/artist.go +++ b/api/artist.go @@ -51,13 +51,8 @@ func ServeArtist(app *model.AppState, artist *model.Artist) http.Handler { } ) - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - show_hidden_releases := account != nil + session := r.Context().Value("session").(*model.Session) + show_hidden_releases := session != nil && session.Account != nil dbCredits, err := controller.GetArtistCredits(app.DB, artist.ID, show_hidden_releases) if err != nil { diff --git a/api/release.go b/api/release.go index c71043e..4e7372f 100644 --- a/api/release.go +++ b/api/release.go @@ -19,13 +19,8 @@ func ServeRelease(app *model.AppState, release *model.Release) http.Handler { // only allow authorised users to view hidden releases privileged := false if !release.Visible { - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - if account != nil { + session := r.Context().Value("session").(*model.Session) + if session != nil && session.Account != nil { // TODO: check privilege on release privileged = true } @@ -145,16 +140,11 @@ func ServeCatalog(app *model.AppState) http.Handler { } catalog := []Release{} - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } + session := r.Context().Value("session").(*model.Session) for _, release := range releases { if !release.Visible { privileged := false - if account != nil { + if session != nil && session.Account != nil { // TODO: check privilege on release privileged = true } diff --git a/controller/account.go b/controller/account.go index 044faec..8272bad 100644 --- a/controller/account.go +++ b/controller/account.go @@ -2,8 +2,6 @@ package controller import ( "arimelody-web/model" - "errors" - "fmt" "net/http" "strings" @@ -21,7 +19,21 @@ func GetAllAccounts(db *sqlx.DB) ([]model.Account, error) { return accounts, nil } -func GetAccount(db *sqlx.DB, username string) (*model.Account, error) { +func GetAccountByID(db *sqlx.DB, id string) (*model.Account, error) { + var account = model.Account{} + + err := db.Get(&account, "SELECT * FROM account WHERE id=$1", id) + if err != nil { + if strings.Contains(err.Error(), "no rows") { + return nil, nil + } + return nil, err + } + + return &account, nil +} + +func GetAccountByUsername(db *sqlx.DB, username string) (*model.Account, error) { var account = model.Account{} err := db.Get(&account, "SELECT * FROM account WHERE username=$1", username) @@ -49,12 +61,12 @@ func GetAccountByEmail(db *sqlx.DB, email string) (*model.Account, error) { return &account, nil } -func GetAccountByToken(db *sqlx.DB, token string) (*model.Account, error) { - if token == "" { return nil, nil } +func GetAccountBySession(db *sqlx.DB, sessionToken string) (*model.Account, error) { + if sessionToken == "" { return nil, nil } account := model.Account{} - err := db.Get(&account, "SELECT account.* FROM account JOIN token ON id=account WHERE token=$1", token) + err := db.Get(&account, "SELECT account.* FROM account JOIN token ON id=account WHERE token=$1", sessionToken) if err != nil { if strings.Contains(err.Error(), "no rows") { return nil, nil @@ -65,7 +77,7 @@ func GetAccountByToken(db *sqlx.DB, token string) (*model.Account, error) { return &account, nil } -func GetTokenFromRequest(db *sqlx.DB, r *http.Request) string { +func GetSessionFromRequest(db *sqlx.DB, r *http.Request) string { tokenStr := strings.TrimPrefix(r.Header.Get("Authorization"), "Bearer ") if len(tokenStr) > 0 { return tokenStr @@ -78,29 +90,6 @@ func GetTokenFromRequest(db *sqlx.DB, r *http.Request) string { return cookie.Value } -func GetAccountByRequest(db *sqlx.DB, r *http.Request) (*model.Account, error) { - tokenStr := GetTokenFromRequest(db, r) - - token, err := GetToken(db, tokenStr) - if err != nil { - if strings.Contains(err.Error(), "no rows") { - return nil, nil - } - return nil, errors.New("GetToken: " + err.Error()) - } - - // does user-agent match the token? - if r.UserAgent() != token.UserAgent { - // invalidate the token - DeleteToken(db, tokenStr) - fmt.Printf("WARN: Attempted use of token by unauthorised User-Agent (Expected `%s`, got `%s`)\n", token.UserAgent, r.UserAgent()) - // TODO: log unauthorised activity to the user - return nil, errors.New("User agent mismatch") - } - - return GetAccountByToken(db, tokenStr) -} - func CreateAccount(db *sqlx.DB, account *model.Account) error { err := db.Get( &account.ID, diff --git a/controller/session.go b/controller/session.go new file mode 100644 index 0000000..2a2a19e --- /dev/null +++ b/controller/session.go @@ -0,0 +1,128 @@ +package controller + +import ( + "database/sql" + "time" + + "arimelody-web/model" + + "github.com/jmoiron/sqlx" +) + +const TOKEN_LEN = 64 + +func CreateSession(db *sqlx.DB, userAgent string) (*model.Session, error) { + tokenString := GenerateAlnumString(TOKEN_LEN) + + session := model.Session{ + Token: string(tokenString), + UserAgent: userAgent, + CreatedAt: time.Now(), + ExpiresAt: time.Now().Add(time.Hour * 24), + } + + _, err := db.Exec("INSERT INTO session " + + "(token, user_agent, created_at, expires_at) VALUES " + + "($1, $2, $3, $4)", + session.Token, + session.UserAgent, + session.CreatedAt, + session.ExpiresAt, + ) + if err != nil { + return nil, err + } + + return &session, nil +} + +// func WriteSession(db *sqlx.DB, session *model.Session) error { +// _, err := db.Exec( +// "UPDATE session " + +// "SET account=$2,message=$3,error=$4 " + +// "WHERE token=$1", +// session.Token, +// session.Account.ID, +// session.Message, +// session.Error, +// ) +// return err +// } + +func SetSessionAccount(db *sqlx.DB, session *model.Session, account *model.Account) error { + var err error + session.Account = account + if account == nil { + _, err = db.Exec("UPDATE session SET account=NULL WHERE token=$1", session.Token) + } else { + _, err = db.Exec("UPDATE session SET account=$2 WHERE token=$1", session.Token, account.ID) + } + return err +} + +func SetSessionMessage(db *sqlx.DB, session *model.Session, message string) error { + var err error + if message == "" { + session.Message = sql.NullString{ } + _, err = db.Exec("UPDATE session SET message=NULL WHERE token=$1", session.Token) + } else { + session.Message = sql.NullString{ String: message, Valid: true } + _, err = db.Exec("UPDATE session SET message=$2 WHERE token=$1", session.Token, message) + } + return err +} + +func SetSessionError(db *sqlx.DB, session *model.Session, message string) error { + var err error + if message == "" { + session.Message = sql.NullString{ } + _, err = db.Exec("UPDATE session SET error=NULL WHERE token=$1", session.Token) + } else { + session.Message = sql.NullString{ String: message, Valid: true } + _, err = db.Exec("UPDATE session SET error=$2 WHERE token=$1", session.Token, message) + } + return err +} + +func GetSession(db *sqlx.DB, token string) (*model.Session, error) { + type dbSession struct { + model.Session + AccountID sql.NullString `db:"account"` + } + + session := dbSession{} + err := db.Get( + &session, + "SELECT * FROM session WHERE token=$1", + token, + ) + if err != nil { + return nil, err + } + + if session.AccountID.Valid { + session.Account, err = GetAccountByID(db, session.AccountID.String) + if err != nil { + return nil, err + } + } + + return &session.Session, err +} + +// func GetAllSessionsForAccount(db *sqlx.DB, accountID string) ([]model.Session, error) { +// sessions := []model.Session{} +// err := db.Select(&sessions, "SELECT * FROM session WHERE account=$1 AND expires_at>current_timestamp", accountID) +// return sessions, err +// } + +func DeleteAllSessionsForAccount(db *sqlx.DB, accountID string) error { + _, err := db.Exec("DELETE FROM session WHERE account=$1", accountID) + return err +} + +func DeleteSession(db *sqlx.DB, token string) error { + _, err := db.Exec("DELETE FROM session WHERE token=$1", token) + return err +} + diff --git a/controller/token.go b/controller/token.go deleted file mode 100644 index 12982bd..0000000 --- a/controller/token.go +++ /dev/null @@ -1,61 +0,0 @@ -package controller - -import ( - "time" - - "arimelody-web/model" - - "github.com/jmoiron/sqlx" -) - -const TOKEN_LEN = 32 - -func CreateToken(db *sqlx.DB, accountID string, userAgent string) (*model.Token, error) { - tokenString := GenerateAlnumString(TOKEN_LEN) - - token := model.Token{ - Token: string(tokenString), - AccountID: accountID, - UserAgent: userAgent, - CreatedAt: time.Now(), - ExpiresAt: time.Now().Add(time.Hour * 24), - } - - _, err := db.Exec("INSERT INTO token " + - "(token, account, user_agent, created_at, expires_at) VALUES " + - "($1, $2, $3, $4, $5)", - token.Token, - token.AccountID, - token.UserAgent, - token.CreatedAt, - token.ExpiresAt, - ) - if err != nil { - return nil, err - } - - return &token, nil -} - -func GetToken(db *sqlx.DB, token_str string) (*model.Token, error) { - token := model.Token{} - err := db.Get(&token, "SELECT * FROM token WHERE token=$1", token_str) - return &token, err -} - -func GetAllTokensForAccount(db *sqlx.DB, accountID string) ([]model.Token, error) { - tokens := []model.Token{} - err := db.Select(&tokens, "SELECT * FROM token WHERE account=$1 AND expires_at>current_timestamp", accountID) - return tokens, err -} - -func DeleteAllTokensForAccount(db *sqlx.DB, accountID string) error { - _, err := db.Exec("DELETE FROM token WHERE account=$1", accountID) - return err -} - -func DeleteToken(db *sqlx.DB, token string) error { - _, err := db.Exec("DELETE FROM token WHERE token=$1", token) - return err -} - diff --git a/controller/totp.go b/controller/totp.go index 18616da..83a5b1c 100644 --- a/controller/totp.go +++ b/controller/totp.go @@ -17,7 +17,7 @@ import ( "github.com/jmoiron/sqlx" ) -const TOTP_SECRET_LENGTH = 32 +const TOTP_SECRET_LENGTH = 64 const TIME_STEP int64 = 30 const CODE_LENGTH = 6 @@ -89,6 +89,24 @@ func GetTOTPsForAccount(db *sqlx.DB, accountID string) ([]model.TOTP, error) { return totps, nil } +func CheckTOTPForAccount(db *sqlx.DB, accountID string, totp string) (*model.TOTP, error) { + totps, err := GetTOTPsForAccount(db, accountID) + if err != nil { + // user has no TOTP methods + return nil, err + } + for _, method := range totps { + check := GenerateTOTP(method.Secret, 0) + if check == totp { + // return the whole TOTP method as it may be useful for logging + return &method, nil + } + } + // user failed all TOTP checks + // note: this state will still occur even if the account has no TOTP methods. + return nil, nil +} + func GetTOTP(db *sqlx.DB, accountID string, name string) (*model.TOTP, error) { totp := model.TOTP{} diff --git a/main.go b/main.go index 5693252..9c5b38a 100644 --- a/main.go +++ b/main.go @@ -89,7 +89,7 @@ func main() { totpName := os.Args[3] secret := controller.GenerateTOTPSecret(controller.TOTP_SECRET_LENGTH) - account, err := controller.GetAccount(app.DB, username) + account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -108,6 +108,10 @@ func main() { err = controller.CreateTOTP(app.DB, &totp) if err != nil { + if strings.HasPrefix(err.Error(), "pq: duplicate key") { + fmt.Fprintf(os.Stderr, "Account \"%s\" already has a TOTP method named \"%s\"!\n", account.Username, totp.Name) + os.Exit(1) + } fmt.Fprintf(os.Stderr, "Failed to create TOTP method: %v\n", err) os.Exit(1) } @@ -124,7 +128,7 @@ func main() { username := os.Args[2] totpName := os.Args[3] - account, err := controller.GetAccount(app.DB, username) + account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -151,7 +155,7 @@ func main() { } username := os.Args[2] - account, err := controller.GetAccount(app.DB, username) + account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -184,7 +188,7 @@ func main() { username := os.Args[2] totpName := os.Args[3] - account, err := controller.GetAccount(app.DB, username) + account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) @@ -240,6 +244,8 @@ func main() { } for _, account := range accounts { + email := "" + if account.Email.Valid { email = account.Email.String } fmt.Printf( "User: %s\n" + "\tID: %s\n" + @@ -247,7 +253,7 @@ func main() { "\tCreated: %s\n", account.Username, account.ID, - account.Email, + email, account.CreatedAt, ) } @@ -261,7 +267,7 @@ func main() { username := os.Args[2] fmt.Printf("Deleting account \"%s\"...\n", username) - account, err := controller.GetAccount(app.DB, username) + account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) diff --git a/model/account.go b/model/account.go index 72720a0..166e880 100644 --- a/model/account.go +++ b/model/account.go @@ -1,17 +1,20 @@ package model -import "time" +import ( + "database/sql" + "time" +) -const COOKIE_TOKEN string = "AM_TOKEN" +const COOKIE_TOKEN string = "AM_SESSION" type ( Account struct { - ID string `json:"id" db:"id"` - Username string `json:"username" db:"username"` - Password string `json:"password" db:"password"` - Email string `json:"email" db:"email"` - AvatarURL string `json:"avatar_url" db:"avatar_url"` - CreatedAt time.Time `json:"created_at" db:"created_at"` + ID string `json:"id" db:"id"` + Username string `json:"username" db:"username"` + Password string `json:"password" db:"password"` + Email sql.NullString `json:"email" db:"email"` + AvatarURL sql.NullString `json:"avatar_url" db:"avatar_url"` + CreatedAt time.Time `json:"created_at" db:"created_at"` Privileges []AccountPrivilege `json:"privileges"` } diff --git a/model/token.go b/model/session.go similarity index 54% rename from model/token.go rename to model/session.go index 31beb72..c1983a1 100644 --- a/model/token.go +++ b/model/session.go @@ -1,11 +1,17 @@ package model -import "time" +import ( + "database/sql" + "time" +) -type Token struct { +type Session struct { Token string `json:"token" db:"token"` - AccountID string `json:"-" db:"account"` UserAgent string `json:"user_agent" db:"user_agent"` CreatedAt time.Time `json:"created_at" db:"created_at"` ExpiresAt time.Time `json:"expires_at" db:"expires_at"` + + Account *Account `json:"-" db:"account"` + Message sql.NullString `json:"-" db:"message"` + Error sql.NullString `json:"-" db:"error"` } diff --git a/public/style/footer.css b/public/style/footer.css index 72cdebb..d9682b1 100644 --- a/public/style/footer.css +++ b/public/style/footer.css @@ -1,11 +1,11 @@ footer { - border-top: 1px solid #888; + border-top: 1px solid #8888; } #footer { - width: min(calc(100% - 4rem), 720px); - margin: auto; - padding: 2rem 0; - color: #aaa; + width: min(calc(100% - 4rem), 720px); + margin: auto; + padding: 2rem 0; + color: #aaa; } diff --git a/public/style/index.css b/public/style/index.css index 363c381..f3cb761 100644 --- a/public/style/index.css +++ b/public/style/index.css @@ -91,7 +91,7 @@ hr { text-align: center; line-height: 0px; border-width: 1px 0 0 0; - border-color: #888f; + border-color: #888; margin: 1.5em 0; overflow: visible; } diff --git a/schema_migration/000-init.sql b/schema_migration/000-init.sql index e11b45f..48b8fbe 100644 --- a/schema_migration/000-init.sql +++ b/schema_migration/000-init.sql @@ -7,7 +7,7 @@ CREATE TABLE arimelody.account ( id uuid DEFAULT gen_random_uuid(), username text NOT NULL UNIQUE, password text NOT NULL, - email text, + email text, avatar_url text, created_at TIMESTAMP DEFAULT current_timestamp ); @@ -28,15 +28,17 @@ CREATE TABLE arimelody.invite ( ); ALTER TABLE arimelody.invite ADD CONSTRAINT invite_pk PRIMARY KEY (code); --- Tokens -CREATE TABLE arimelody.token ( +-- Session +CREATE TABLE arimelody.session ( token TEXT, - account UUID NOT NULL, user_agent TEXT NOT NULL, created_at TIMESTAMP NOT NULL DEFAULT current_timestamp, expires_at TIMESTAMP DEFAULT NULL + account UUID, + message TEXT, + error TEXT, ); -ALTER TABLE arimelody.token ADD CONSTRAINT token_pk PRIMARY KEY (token); +ALTER TABLE arimelody.session ADD CONSTRAINT session_pk PRIMARY KEY (session); -- TOTPs CREATE TABLE arimelody.totp ( @@ -116,7 +118,7 @@ ALTER TABLE arimelody.musicreleasetrack ADD CONSTRAINT musicreleasetrack_pk PRIM -- ALTER TABLE arimelody.privilege ADD CONSTRAINT privilege_account_fk FOREIGN KEY (account) REFERENCES account(id) ON DELETE CASCADE; -ALTER TABLE arimelody.token ADD CONSTRAINT token_account_fk FOREIGN KEY (account) REFERENCES account(id) ON DELETE CASCADE; +ALTER TABLE arimelody.session ADD CONSTRAINT session_account_fk FOREIGN KEY (account) REFERENCES account(id) ON DELETE CASCADE; ALTER TABLE arimelody.totp ADD CONSTRAINT totp_account_fk FOREIGN KEY (account) REFERENCES account(id) ON DELETE CASCADE; ALTER TABLE arimelody.musiccredit ADD CONSTRAINT musiccredit_artist_fk FOREIGN KEY (artist) REFERENCES artist(id) ON DELETE CASCADE ON UPDATE CASCADE; diff --git a/schema_migration/001-pre-versioning.sql b/schema_migration/001-pre-versioning.sql index 62bc15b..76fb1b8 100644 --- a/schema_migration/001-pre-versioning.sql +++ b/schema_migration/001-pre-versioning.sql @@ -1,17 +1,3 @@ --- --- Migration --- - --- Move existing tables to new schema -ALTER TABLE public.artist SET SCHEMA arimelody; -ALTER TABLE public.musicrelease SET SCHEMA arimelody; -ALTER TABLE public.musiclink SET SCHEMA arimelody; -ALTER TABLE public.musiccredit SET SCHEMA arimelody; -ALTER TABLE public.musictrack SET SCHEMA arimelody; -ALTER TABLE public.musicreleasetrack SET SCHEMA arimelody; - - - -- -- New items -- @@ -42,15 +28,17 @@ CREATE TABLE arimelody.invite ( ); ALTER TABLE arimelody.invite ADD CONSTRAINT invite_pk PRIMARY KEY (code); --- Tokens -CREATE TABLE arimelody.token ( +-- Session +CREATE TABLE arimelody.session ( token TEXT, - account UUID NOT NULL, user_agent TEXT NOT NULL, created_at TIMESTAMP NOT NULL DEFAULT current_timestamp, expires_at TIMESTAMP DEFAULT NULL + account UUID, + message TEXT, + error TEXT, ); -ALTER TABLE arimelody.token ADD CONSTRAINT token_pk PRIMARY KEY (token); +ALTER TABLE arimelody.session ADD CONSTRAINT session_pk PRIMARY KEY (session); -- TOTPs CREATE TABLE arimelody.totp ( diff --git a/view/music.go b/view/music.go index cae325f..e3eb449 100644 --- a/view/music.go +++ b/view/music.go @@ -3,7 +3,6 @@ package view import ( "fmt" "net/http" - "os" "arimelody-web/controller" "arimelody-web/model" @@ -60,13 +59,8 @@ func ServeGateway(app *model.AppState, release *model.Release) http.Handler { // only allow authorised users to view hidden releases privileged := false if !release.Visible { - account, err := controller.GetAccountByRequest(app.DB, r) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account: %v\n", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - if account != nil { + session := r.Context().Value("session").(*model.Session) + if session != nil && session.Account != nil { // TODO: check privilege on release privileged = true } From e457e979ff042ca8871ae21404f1c3e5c384e08c Mon Sep 17 00:00:00 2001 From: ari melody Date: Thu, 23 Jan 2025 09:39:40 +0000 Subject: [PATCH 06/63] tidying some things up session message handling is pretty annoying; should look into a better method of doing this --- admin/accounthttp.go | 50 +++++++++++---- admin/http.go | 51 ++++++++------- admin/views/edit-account.html | 5 +- controller/account.go | 6 +- controller/session.go | 6 +- main.go | 83 ++++++++++++++++++------- schema_migration/000-init.sql | 20 +++--- schema_migration/001-pre-versioning.sql | 22 +++---- 8 files changed, 161 insertions(+), 82 deletions(-) diff --git a/admin/accounthttp.go b/admin/accounthttp.go index fc701e7..fc4fed1 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -17,7 +17,6 @@ func accountHandler(app *model.AppState) http.Handler { mux.Handle("/password", changePasswordHandler(app)) mux.Handle("/delete", deleteAccountHandler(app)) - mux.Handle("/", accountIndexHandler(app)) return mux } @@ -37,6 +36,13 @@ func accountIndexHandler(app *model.AppState) http.Handler { TOTPs []model.TOTP } + sessionMessage := session.Message + sessionError := session.Error + controller.SetSessionMessage(app.DB, session, "") + controller.SetSessionError(app.DB, session, "") + session.Message = sessionMessage + session.Error = sessionError + err = pages["account"].Execute(w, accountResponse{ Session: session, TOTPs: totps, @@ -57,18 +63,39 @@ func changePasswordHandler(app *model.AppState) http.Handler { session := r.Context().Value("session").(*model.Session) + controller.SetSessionMessage(app.DB, session, "") + controller.SetSessionError(app.DB, session, "") + r.ParseForm() currentPassword := r.Form.Get("current-password") if err := bcrypt.CompareHashAndPassword([]byte(session.Account.Password), []byte(currentPassword)); err != nil { - controller.SetSessionMessage(app.DB, session, "Incorrect password.") + controller.SetSessionError(app.DB, session, "Incorrect password.") http.Redirect(w, r, "/admin/account", http.StatusFound) return } newPassword := r.Form.Get("new-password") - controller.SetSessionMessage(app.DB, session, fmt.Sprintf("Updating password to %s", newPassword)) + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + + session.Account.Password = string(hashedPassword) + err = controller.UpdateAccount(app.DB, session.Account) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to update account password: %v\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + + controller.SetSessionError(app.DB, session, "") + controller.SetSessionMessage(app.DB, session, "Password updated successfully.") http.Redirect(w, r, "/admin/account", http.StatusFound) }) } @@ -97,10 +124,10 @@ func deleteAccountHandler(app *model.AppState) http.Handler { if err := bcrypt.CompareHashAndPassword([]byte(session.Account.Password), []byte(r.Form.Get("password"))); err != nil { fmt.Printf( "[%s] WARN: Account \"%s\" attempted account deletion with incorrect password.\n", - time.Now().Format("2006-02-01 15:04:05"), + time.Now().Format(time.UnixDate), session.Account.Username, ) - controller.SetSessionMessage(app.DB, session, "Incorrect password.") + controller.SetSessionError(app.DB, session, "Incorrect password.") http.Redirect(w, r, "/admin/account", http.StatusFound) return } @@ -108,35 +135,36 @@ func deleteAccountHandler(app *model.AppState) http.Handler { totpMethod, err := controller.CheckTOTPForAccount(app.DB, session.Account.ID, r.Form.Get("totp")) if err != nil { fmt.Fprintf(os.Stderr, "Failed to fetch account: %v\n", err) - controller.SetSessionMessage(app.DB, session, "Something went wrong. Please try again.") + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") http.Redirect(w, r, "/admin/account", http.StatusFound) return } if totpMethod == nil { fmt.Printf( "[%s] WARN: Account \"%s\" attempted account deletion with incorrect TOTP.\n", - time.Now().Format("2006-02-01 15:04:05"), + time.Now().Format(time.UnixDate), session.Account.Username, ) - controller.SetSessionMessage(app.DB, session, "Incorrect TOTP.") + controller.SetSessionError(app.DB, session, "Incorrect TOTP.") http.Redirect(w, r, "/admin/account", http.StatusFound) } err = controller.DeleteAccount(app.DB, session.Account.ID) if err != nil { fmt.Fprintf(os.Stderr, "Failed to delete account: %v\n", err) - controller.SetSessionMessage(app.DB, session, "Something went wrong. Please try again.") + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") http.Redirect(w, r, "/admin/account", http.StatusFound) return } fmt.Printf( "[%s] INFO: Account \"%s\" deleted by user request.\n", - time.Now().Format("2006-02-01 15:04:05"), + time.Now().Format(time.UnixDate), session.Account.Username, ) - session.Account = nil + controller.SetSessionAccount(app.DB, session, nil) + controller.SetSessionError(app.DB, session, "") controller.SetSessionMessage(app.DB, session, "Account deleted successfully.") http.Redirect(w, r, "/admin/login", http.StatusFound) }) diff --git a/admin/http.go b/admin/http.go index ad0d44e..5fcce01 100644 --- a/admin/http.go +++ b/admin/http.go @@ -93,8 +93,8 @@ func AdminIndexHandler(app *model.AppState) http.Handler { func registerAccountHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { session := r.Context().Value("session").(*model.Session) - session.Error = sql.NullString{} - session.Message = sql.NullString{} + controller.SetSessionError(app.DB, session, "") + controller.SetSessionMessage(app.DB, session, "") if session.Account != nil { // user is already logged in @@ -102,8 +102,12 @@ func registerAccountHandler(app *model.AppState) http.Handler { return } + type registerData struct { + Session *model.Session + } + render := func() { - err := pages["register"].Execute(w, session) + err := pages["register"].Execute(w, registerData{ Session: session }) if err != nil { fmt.Printf("WARN: Error rendering create account page: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -122,7 +126,7 @@ func registerAccountHandler(app *model.AppState) http.Handler { err := r.ParseForm() if err != nil { - session.Error = sql.NullString{ String: "Malformed data.", Valid: true } + controller.SetSessionError(app.DB, session, "Malformed data.") render() return } @@ -144,7 +148,7 @@ func registerAccountHandler(app *model.AppState) http.Handler { invite, err := controller.GetInvite(app.DB, credentials.Invite) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err) - session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") render() return } @@ -153,7 +157,7 @@ func registerAccountHandler(app *model.AppState) http.Handler { err := controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } } - session.Error = sql.NullString{ String: "Invalid invite code.", Valid: true } + controller.SetSessionError(app.DB, session, "Invalid invite code.") render() return } @@ -161,7 +165,7 @@ func registerAccountHandler(app *model.AppState) http.Handler { hashedPassword, err := bcrypt.GenerateFromPassword([]byte(credentials.Password), bcrypt.DefaultCost) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err) - session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") render() return } @@ -175,16 +179,23 @@ func registerAccountHandler(app *model.AppState) http.Handler { err = controller.CreateAccount(app.DB, &account) if err != nil { if strings.HasPrefix(err.Error(), "pq: duplicate key") { - session.Error = sql.NullString{ String: "An account with that username already exists.", Valid: true } + controller.SetSessionError(app.DB, session, "An account with that username already exists.") render() return } fmt.Fprintf(os.Stderr, "WARN: Failed to create account: %v\n", err) - session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") render() return } + fmt.Printf( + "[%s]: Account registered: %s (%s)\n", + time.Now().Format(time.UnixDate), + account.Username, + account.ID, + ) + err = controller.DeleteInvite(app.DB, invite.Code) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) } @@ -229,7 +240,7 @@ func loginHandler(app *model.AppState) http.Handler { err := r.ParseForm() if err != nil { - session.Error = sql.NullString{ String: "Malformed data.", Valid: true } + controller.SetSessionError(app.DB, session, "Malformed data.") render() return } @@ -253,12 +264,12 @@ func loginHandler(app *model.AppState) http.Handler { account, err := controller.GetAccountByUsername(app.DB, credentials.Username) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account for login: %v\n", err) - session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true } + controller.SetSessionError(app.DB, session, "Invalid username or password.") render() return } if account == nil { - session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true } + controller.SetSessionError(app.DB, session, "Invalid username or password.") render() return } @@ -267,10 +278,10 @@ func loginHandler(app *model.AppState) http.Handler { if err != nil { fmt.Printf( "[%s] INFO: Account \"%s\" attempted login with incorrect password.\n", - time.Now().Format("2006-02-01 15:04:05"), + time.Now().Format(time.UnixDate), account.Username, ) - session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true } + controller.SetSessionError(app.DB, session, "Invalid username or password.") render() return } @@ -278,12 +289,12 @@ func loginHandler(app *model.AppState) http.Handler { totpMethod, err := controller.CheckTOTPForAccount(app.DB, account.ID, credentials.TOTP) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) - session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true } + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") render() return } if totpMethod == nil { - session.Error = sql.NullString{ String: "Invalid TOTP.", Valid: true } + controller.SetSessionError(app.DB, session, "Invalid TOTP.") render() return } @@ -291,7 +302,7 @@ func loginHandler(app *model.AppState) http.Handler { // TODO: log login activity to user fmt.Printf( "[%s] INFO: Account \"%s\" logged in with method \"%s\"\n", - time.Now().Format("2006-02-01 15:04:05"), + time.Now().Format(time.UnixDate), account.Username, totpMethod.Name, ) @@ -379,11 +390,7 @@ func enforceSession(app *model.AppState, next http.Handler) http.Handler { // fetch existing session session, err = controller.GetSession(app.DB, sessionCookie.Value) - if err != nil { - if strings.Contains(err.Error(), "no rows") { - http.Error(w, "Invalid session. Please try clearing your cookies and refresh.", http.StatusBadRequest) - return - } + if err != nil && !strings.Contains(err.Error(), "no rows") { fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve session: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return diff --git a/admin/views/edit-account.html b/admin/views/edit-account.html index 0acfaf5..18a6dca 100644 --- a/admin/views/edit-account.html +++ b/admin/views/edit-account.html @@ -52,7 +52,10 @@

You have no MFA devices.

{{end}} - +
+ + Add TOTP Device +
diff --git a/controller/account.go b/controller/account.go index 8272bad..0cf3364 100644 --- a/controller/account.go +++ b/controller/account.go @@ -108,7 +108,7 @@ func CreateAccount(db *sqlx.DB, account *model.Account) error { func UpdateAccount(db *sqlx.DB, account *model.Account) error { _, err := db.Exec( "UPDATE account " + - "SET username=$2, password=$3, email=$4, avatar_url=$5) " + + "SET username=$2,password=$3,email=$4,avatar_url=$5 " + "WHERE id=$1", account.ID, account.Username, @@ -120,7 +120,7 @@ func UpdateAccount(db *sqlx.DB, account *model.Account) error { return err } -func DeleteAccount(db *sqlx.DB, username string) error { - _, err := db.Exec("DELETE FROM account WHERE username=$1", username) +func DeleteAccount(db *sqlx.DB, accountID string) error { + _, err := db.Exec("DELETE FROM account WHERE id=$1", accountID) return err } diff --git a/controller/session.go b/controller/session.go index 2a2a19e..c9c4cbb 100644 --- a/controller/session.go +++ b/controller/session.go @@ -63,6 +63,7 @@ func SetSessionAccount(db *sqlx.DB, session *model.Session, account *model.Accou func SetSessionMessage(db *sqlx.DB, session *model.Session, message string) error { var err error if message == "" { + if !session.Message.Valid { return nil } session.Message = sql.NullString{ } _, err = db.Exec("UPDATE session SET message=NULL WHERE token=$1", session.Token) } else { @@ -75,10 +76,11 @@ func SetSessionMessage(db *sqlx.DB, session *model.Session, message string) erro func SetSessionError(db *sqlx.DB, session *model.Session, message string) error { var err error if message == "" { - session.Message = sql.NullString{ } + if !session.Error.Valid { return nil } + session.Error = sql.NullString{ } _, err = db.Exec("UPDATE session SET error=NULL WHERE token=$1", session.Token) } else { - session.Message = sql.NullString{ String: message, Valid: true } + session.Error = sql.NullString{ String: message, Valid: true } _, err = db.Exec("UPDATE session SET error=$2 WHERE token=$1", session.Token, message) } return err diff --git a/main.go b/main.go index 9c5b38a..251d9a9 100644 --- a/main.go +++ b/main.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "log" + "math" "math/rand" "net/http" "os" @@ -22,6 +23,7 @@ import ( "github.com/jmoiron/sqlx" _ "github.com/lib/pq" + "golang.org/x/crypto/bcrypt" ) // used for database migrations @@ -91,12 +93,12 @@ func main() { account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) } if account == nil { - fmt.Fprintf(os.Stderr, "Account \"%s\" does not exist.\n", username) + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" does not exist.\n", username) os.Exit(1) } @@ -109,10 +111,10 @@ func main() { err = controller.CreateTOTP(app.DB, &totp) if err != nil { if strings.HasPrefix(err.Error(), "pq: duplicate key") { - fmt.Fprintf(os.Stderr, "Account \"%s\" already has a TOTP method named \"%s\"!\n", account.Username, totp.Name) + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" already has a TOTP method named \"%s\"!\n", account.Username, totp.Name) os.Exit(1) } - fmt.Fprintf(os.Stderr, "Failed to create TOTP method: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to create TOTP method: %v\n", err) os.Exit(1) } @@ -130,18 +132,18 @@ func main() { account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) } if account == nil { - fmt.Fprintf(os.Stderr, "Account \"%s\" does not exist.\n", username) + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" does not exist.\n", username) os.Exit(1) } err = controller.DeleteTOTP(app.DB, account.ID, totpName) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to create TOTP method: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to create TOTP method: %v\n", err) os.Exit(1) } @@ -157,18 +159,18 @@ func main() { account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) } if account == nil { - fmt.Fprintf(os.Stderr, "Account \"%s\" does not exist.\n", username) + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" does not exist.\n", username) os.Exit(1) } totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to create TOTP methods: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to create TOTP methods: %v\n", err) os.Exit(1) } @@ -190,23 +192,23 @@ func main() { account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) } if account == nil { - fmt.Fprintf(os.Stderr, "Account \"%s\" does not exist.\n", username) + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" does not exist.\n", username) os.Exit(1) } totp, err := controller.GetTOTP(app.DB, account.ID, totpName) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch TOTP method \"%s\": %v\n", totpName, err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch TOTP method \"%s\": %v\n", totpName, err) os.Exit(1) } if totp == nil { - fmt.Fprintf(os.Stderr, "TOTP method \"%s\" does not exist for account \"%s\"\n", totpName, username) + fmt.Fprintf(os.Stderr, "FATAL: TOTP method \"%s\" does not exist for account \"%s\"\n", totpName, username) os.Exit(1) } @@ -218,18 +220,22 @@ func main() { fmt.Printf("Creating invite...\n") invite, err := controller.CreateInvite(app.DB, 16, time.Hour * 24) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to create invite code: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to create invite code: %v\n", err) os.Exit(1) } - fmt.Printf("Here you go! This code expires in 24 hours: %s\n", invite.Code) + fmt.Printf( + "Here you go! This code expires in %d hours: %s\n", + int(math.Ceil(invite.ExpiresAt.Sub(invite.CreatedAt).Hours())), + invite.Code, + ) return case "purgeInvites": fmt.Printf("Deleting all invites...\n") err := controller.DeleteAllInvites(app.DB) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to delete invites: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to delete invites: %v\n", err) os.Exit(1) } @@ -239,7 +245,7 @@ func main() { case "listAccounts": accounts, err := controller.GetAllAccounts(app.DB) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch accounts: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch accounts: %v\n", err) os.Exit(1) } @@ -259,6 +265,39 @@ func main() { } return + case "changePassword": + if len(os.Args) < 4 { + fmt.Fprintf(os.Stderr, "FATAL: `username` and `password` must be specified for changePassword\n") + os.Exit(1) + } + + username := os.Args[2] + password := os.Args[3] + account, err := controller.GetAccountByUsername(app.DB, username) + if err != nil { + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch account \"%s\": %v\n", username, err) + os.Exit(1) + } + if account == nil { + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" does not exist.\n", username) + os.Exit(1) + } + + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) + if err != nil { + fmt.Fprintf(os.Stderr, "FATAL: Failed to update password: %v\n", err) + os.Exit(1) + } + account.Password = string(hashedPassword) + err = controller.UpdateAccount(app.DB, account) + if err != nil { + fmt.Fprintf(os.Stderr, "FATAL: Failed to delete account: %v\n", err) + os.Exit(1) + } + + fmt.Printf("Account \"%s\" deleted successfully.\n", account.Username) + return + case "deleteAccount": if len(os.Args) < 3 { fmt.Fprintf(os.Stderr, "FATAL: `username` must be specified for deleteAccount\n") @@ -269,12 +308,12 @@ func main() { account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to fetch account \"%s\": %v\n", username, err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to fetch account \"%s\": %v\n", username, err) os.Exit(1) } if account == nil { - fmt.Fprintf(os.Stderr, "Account \"%s\" does not exist.\n", username) + fmt.Fprintf(os.Stderr, "FATAL: Account \"%s\" does not exist.\n", username) os.Exit(1) } @@ -285,9 +324,9 @@ func main() { return } - err = controller.DeleteAccount(app.DB, username) + err = controller.DeleteAccount(app.DB, account.ID) if err != nil { - fmt.Fprintf(os.Stderr, "Failed to delete account: %v\n", err) + fmt.Fprintf(os.Stderr, "FATAL: Failed to delete account: %v\n", err) os.Exit(1) } diff --git a/schema_migration/000-init.sql b/schema_migration/000-init.sql index 48b8fbe..ff5c1af 100644 --- a/schema_migration/000-init.sql +++ b/schema_migration/000-init.sql @@ -4,19 +4,19 @@ -- Accounts CREATE TABLE arimelody.account ( - id uuid DEFAULT gen_random_uuid(), - username text NOT NULL UNIQUE, - password text NOT NULL, - email text, - avatar_url text, + id UUID DEFAULT gen_random_uuid(), + username TEXT NOT NULL UNIQUE, + password TEXT NOT NULL, + email TEXT, + avatar_url TEXT, created_at TIMESTAMP DEFAULT current_timestamp ); ALTER TABLE arimelody.account ADD CONSTRAINT account_pk PRIMARY KEY (id); -- Privilege CREATE TABLE arimelody.privilege ( - account uuid NOT NULL, - privilege text NOT NULL + account UUID NOT NULL, + privilege TEXT NOT NULL ); ALTER TABLE arimelody.privilege ADD CONSTRAINT privilege_pk PRIMARY KEY (account, privilege); @@ -33,12 +33,12 @@ CREATE TABLE arimelody.session ( token TEXT, user_agent TEXT NOT NULL, created_at TIMESTAMP NOT NULL DEFAULT current_timestamp, - expires_at TIMESTAMP DEFAULT NULL + expires_at TIMESTAMP DEFAULT NULL, account UUID, message TEXT, - error TEXT, + error TEXT ); -ALTER TABLE arimelody.session ADD CONSTRAINT session_pk PRIMARY KEY (session); +ALTER TABLE arimelody.session ADD CONSTRAINT session_pk PRIMARY KEY (token); -- TOTPs CREATE TABLE arimelody.totp ( diff --git a/schema_migration/001-pre-versioning.sql b/schema_migration/001-pre-versioning.sql index 76fb1b8..cd0c061 100644 --- a/schema_migration/001-pre-versioning.sql +++ b/schema_migration/001-pre-versioning.sql @@ -2,21 +2,21 @@ -- New items -- --- Acounts +-- Accounts CREATE TABLE arimelody.account ( - id uuid DEFAULT gen_random_uuid(), - username text NOT NULL UNIQUE, - password text NOT NULL, - email text, - avatar_url text, + id UUID DEFAULT gen_random_uuid(), + username TEXT NOT NULL UNIQUE, + password TEXT NOT NULL, + email TEXT, + avatar_url TEXT, created_at TIMESTAMP DEFAULT current_timestamp ); ALTER TABLE arimelody.account ADD CONSTRAINT account_pk PRIMARY KEY (id); -- Privilege CREATE TABLE arimelody.privilege ( - account uuid NOT NULL, - privilege text NOT NULL + account UUID NOT NULL, + privilege TEXT NOT NULL ); ALTER TABLE arimelody.privilege ADD CONSTRAINT privilege_pk PRIMARY KEY (account, privilege); @@ -33,12 +33,12 @@ CREATE TABLE arimelody.session ( token TEXT, user_agent TEXT NOT NULL, created_at TIMESTAMP NOT NULL DEFAULT current_timestamp, - expires_at TIMESTAMP DEFAULT NULL + expires_at TIMESTAMP DEFAULT NULL, account UUID, message TEXT, - error TEXT, + error TEXT ); -ALTER TABLE arimelody.session ADD CONSTRAINT session_pk PRIMARY KEY (session); +ALTER TABLE arimelody.session ADD CONSTRAINT session_pk PRIMARY KEY (token); -- TOTPs CREATE TABLE arimelody.totp ( From 50cbce92fcde5ada0eae1e0fa8b2072737ffdc5d Mon Sep 17 00:00:00 2001 From: ari melody Date: Thu, 23 Jan 2025 12:09:33 +0000 Subject: [PATCH 07/63] TOTP methods can now be created on the frontend! --- admin/accounthttp.go | 180 ++++++++++++++++++++++++++++++++++ admin/http.go | 12 +-- admin/static/admin.css | 29 +++++- admin/static/edit-account.css | 4 - admin/templates.go | 10 ++ admin/views/edit-account.html | 2 +- admin/views/login.html | 20 +--- admin/views/register.html | 18 +--- admin/views/totp-confirm.html | 34 +++++++ admin/views/totp-setup.html | 20 ++++ controller/totp.go | 22 +++-- 11 files changed, 295 insertions(+), 56 deletions(-) create mode 100644 admin/views/totp-confirm.html create mode 100644 admin/views/totp-setup.html diff --git a/admin/accounthttp.go b/admin/accounthttp.go index fc4fed1..b5deca2 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -3,6 +3,7 @@ package admin import ( "fmt" "net/http" + "net/url" "os" "time" @@ -15,6 +16,10 @@ import ( func accountHandler(app *model.AppState) http.Handler { mux := http.NewServeMux() + mux.Handle("/totp-setup", totpSetupHandler(app)) + mux.Handle("/totp-confirm", totpConfirmHandler(app)) + mux.Handle("/totp-delete/", http.StripPrefix("/totp-delete", totpDeleteHandler(app))) + mux.Handle("/password", changePasswordHandler(app)) mux.Handle("/delete", deleteAccountHandler(app)) @@ -169,3 +174,178 @@ func deleteAccountHandler(app *model.AppState) http.Handler { http.Redirect(w, r, "/admin/login", http.StatusFound) }) } + +func totpSetupHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method == http.MethodGet { + type totpSetupData struct { + Session *model.Session + } + + session := r.Context().Value("session").(*model.Session) + + err := pages["totp-setup"].Execute(w, totpSetupData{ Session: session }) + if err != nil { + fmt.Printf("WARN: Failed to render TOTP setup page: %s\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + return + } + + if r.Method != http.MethodPost { + http.NotFound(w, r) + return + } + + type totpSetupData struct { + Session *model.Session + TOTP *model.TOTP + NameEscaped string + } + + err := r.ParseForm() + if err != nil { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + name := r.FormValue("totp-name") + if len(name) == 0 { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + session := r.Context().Value("session").(*model.Session) + + secret := controller.GenerateTOTPSecret(controller.TOTP_SECRET_LENGTH) + totp := model.TOTP { + AccountID: session.Account.ID, + Name: name, + Secret: string(secret), + } + err = controller.CreateTOTP(app.DB, &totp) + if err != nil { + fmt.Printf("WARN: Failed to create TOTP method: %s\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + err := pages["totp-setup"].Execute(w, totpSetupData{ Session: session }) + if err != nil { + fmt.Printf("WARN: Failed to render TOTP setup page: %s\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + return + } + + err = pages["totp-confirm"].Execute(w, totpSetupData{ + Session: session, + TOTP: &totp, + NameEscaped: url.PathEscape(totp.Name), + }) + if err != nil { + fmt.Printf("WARN: Failed to render TOTP confirm page: %s\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + }) +} + +func totpConfirmHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + http.NotFound(w, r) + return + } + + type totpConfirmData struct { + Session *model.Session + TOTP *model.TOTP + } + + session := r.Context().Value("session").(*model.Session) + + err := r.ParseForm() + if err != nil { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + name := r.FormValue("totp-name") + if len(name) == 0 { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + code := r.FormValue("totp") + if len(code) != controller.TOTP_CODE_LENGTH { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + totp, err := controller.GetTOTP(app.DB, session.Account.ID, name) + if err != nil { + fmt.Printf("WARN: Failed to fetch TOTP method: %s\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + if totp == nil { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + confirmCode := controller.GenerateTOTP(totp.Secret, 0) + if code != confirmCode { + confirmCodeOffset := controller.GenerateTOTP(totp.Secret, 1) + if code != confirmCodeOffset { + controller.SetSessionError(app.DB, session, "Incorrect TOTP code. Please try again.") + err = pages["totp-confirm"].Execute(w, totpConfirmData{ + Session: session, + TOTP: totp, + }) + return + } + } + + controller.SetSessionError(app.DB, session, "") + controller.SetSessionMessage(app.DB, session, fmt.Sprintf("TOTP method \"%s\" created successfully.", totp.Name)) + http.Redirect(w, r, "/admin/account", http.StatusFound) + }) +} + +func totpDeleteHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodGet { + http.NotFound(w, r) + return + } + + name := r.URL.Path + fmt.Printf("%s\n", name); + if len(name) == 0 { + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) + return + } + + session := r.Context().Value("session").(*model.Session) + + totp, err := controller.GetTOTP(app.DB, session.Account.ID, name) + if err != nil { + fmt.Printf("WARN: Failed to fetch TOTP method: %s\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + if totp == nil { + http.NotFound(w, r) + return + } + + err = controller.DeleteTOTP(app.DB, session.Account.ID, totp.Name) + if err != nil { + fmt.Printf("WARN: Failed to delete TOTP method: %s\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + http.Redirect(w, r, "/admin/account", http.StatusFound) + return + } + + controller.SetSessionError(app.DB, session, "") + controller.SetSessionMessage(app.DB, session, fmt.Sprintf("TOTP method \"%s\" deleted successfully.", totp.Name)) + http.Redirect(w, r, "/admin/account", http.StatusFound) + }) +} diff --git a/admin/http.go b/admin/http.go index 5fcce01..7dd5207 100644 --- a/admin/http.go +++ b/admin/http.go @@ -93,8 +93,6 @@ func AdminIndexHandler(app *model.AppState) http.Handler { func registerAccountHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { session := r.Context().Value("session").(*model.Session) - controller.SetSessionError(app.DB, session, "") - controller.SetSessionMessage(app.DB, session, "") if session.Account != nil { // user is already logged in @@ -126,8 +124,7 @@ func registerAccountHandler(app *model.AppState) http.Handler { err := r.ParseForm() if err != nil { - controller.SetSessionError(app.DB, session, "Malformed data.") - render() + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } @@ -201,6 +198,8 @@ func registerAccountHandler(app *model.AppState) http.Handler { // registration success! controller.SetSessionAccount(app.DB, session, &account) + controller.SetSessionMessage(app.DB, session, "") + controller.SetSessionError(app.DB, session, "") http.Redirect(w, r, "/admin", http.StatusFound) }) } @@ -240,8 +239,7 @@ func loginHandler(app *model.AppState) http.Handler { err := r.ParseForm() if err != nil { - controller.SetSessionError(app.DB, session, "Malformed data.") - render() + http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } @@ -309,6 +307,8 @@ func loginHandler(app *model.AppState) http.Handler { // login success! controller.SetSessionAccount(app.DB, session, account) + controller.SetSessionMessage(app.DB, session, "") + controller.SetSessionError(app.DB, session, "") http.Redirect(w, r, "/admin", http.StatusFound) }) } diff --git a/admin/static/admin.css b/admin/static/admin.css index 45d67a4..cbb827e 100644 --- a/admin/static/admin.css +++ b/admin/static/admin.css @@ -146,7 +146,7 @@ a img.icon { -a.delete { +a.delete:not(.button) { color: #d22828; } @@ -197,3 +197,30 @@ button:active, .button:active { opacity: .5; cursor: not-allowed !important; } + + + +form { + width: 100%; + display: block; +} +label { + width: 100%; + margin: 1rem 0 .5rem 0; + display: block; + color: #10101080; +} +input { + margin: .5rem 0; + padding: .3rem .5rem; + display: block; + border-radius: 4px; + border: 1px solid #808080; + font-size: inherit; + font-family: inherit; + color: inherit; +} +input[disabled] { + opacity: .5; + cursor: not-allowed; +} diff --git a/admin/static/edit-account.css b/admin/static/edit-account.css index 52fb756..37351b2 100644 --- a/admin/static/edit-account.css +++ b/admin/static/edit-account.css @@ -4,10 +4,6 @@ div.card { margin-bottom: 2rem; } -form button { - margin-top: 1rem; -} - label { width: 100%; margin: 1rem 0 .5rem 0; diff --git a/admin/templates.go b/admin/templates.go index 1021832..3bae106 100644 --- a/admin/templates.go +++ b/admin/templates.go @@ -33,6 +33,16 @@ var pages = map[string]*template.Template{ filepath.Join("views", "prideflag.html"), filepath.Join("admin", "views", "edit-account.html"), )), + "totp-setup": template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "totp-setup.html"), + )), + "totp-confirm": template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "totp-confirm.html"), + )), "release": template.Must(template.ParseFiles( filepath.Join("admin", "views", "layout.html"), diff --git a/admin/views/edit-account.html b/admin/views/edit-account.html index 18a6dca..b1d083a 100644 --- a/admin/views/edit-account.html +++ b/admin/views/edit-account.html @@ -44,7 +44,7 @@

Added: {{.CreatedAt}}

{{end}} diff --git a/admin/views/login.html b/admin/views/login.html index e8581e8..b77af83 100644 --- a/admin/views/login.html +++ b/admin/views/login.html @@ -11,7 +11,7 @@ a.discord { color: #5865F2; } -form { +form#login { width: 100%; display: flex; flex-direction: column; @@ -26,26 +26,8 @@ form button { margin-top: 1rem; } -label { - width: 100%; - margin: 1rem 0 .5rem 0; - display: block; - color: #10101080; -} input { width: 100%; - margin: .5rem 0; - padding: .3rem .5rem; - display: block; - border-radius: 4px; - border: 1px solid #808080; - font-size: inherit; - font-family: inherit; - color: inherit; -} -input[disabled] { - opacity: .5; - cursor: not-allowed; } {{end}} diff --git a/admin/views/register.html b/admin/views/register.html index 8899fd9..94170c9 100644 --- a/admin/views/register.html +++ b/admin/views/register.html @@ -11,7 +11,7 @@ a.discord { color: #5865F2; } -form { +form#register { width: 100%; display: flex; flex-direction: column; @@ -26,22 +26,8 @@ form button { margin-top: 1rem; } -label { - width: 100%; - margin: 1rem 0 .5rem 0; - display: block; - color: #10101080; -} input { width: 100%; - margin: .5rem 0; - padding: .3rem .5rem; - display: block; - border-radius: 4px; - border: 1px solid #808080; - font-size: inherit; - font-family: inherit; - color: inherit; } {{end}} @@ -52,7 +38,7 @@ input {

{{html .Session.Error.String}}

{{end}} - +
diff --git a/admin/views/totp-confirm.html b/admin/views/totp-confirm.html new file mode 100644 index 0000000..af6b6e1 --- /dev/null +++ b/admin/views/totp-confirm.html @@ -0,0 +1,34 @@ +{{define "head"}} +TOTP Confirmation - ari melody 💫 + + + +{{end}} + +{{define "content"}} +
+ {{if .Session.Error.Valid}} +

{{html .Session.Error.String}}

+ {{end}} + + +

Your TOTP secret: {{.TOTP.Secret}}

+ + + +

+ Please store this into your two-factor authentication app or + password manager, then enter your code below: +

+ + + + + + +
+{{end}} diff --git a/admin/views/totp-setup.html b/admin/views/totp-setup.html new file mode 100644 index 0000000..62b9daf --- /dev/null +++ b/admin/views/totp-setup.html @@ -0,0 +1,20 @@ +{{define "head"}} +TOTP Setup - ari melody 💫 + + +{{end}} + +{{define "content"}} +
+ {{if .Session.Error.Valid}} +

{{html .Session.Error.String}}

+ {{end}} + +
+ + + + +
+
+{{end}} diff --git a/controller/totp.go b/controller/totp.go index 83a5b1c..02f1c4b 100644 --- a/controller/totp.go +++ b/controller/totp.go @@ -17,9 +17,9 @@ import ( "github.com/jmoiron/sqlx" ) -const TOTP_SECRET_LENGTH = 64 -const TIME_STEP int64 = 30 -const CODE_LENGTH = 6 +const TOTP_SECRET_LENGTH = 32 +const TOTP_TIME_STEP int64 = 30 +const TOTP_CODE_LENGTH = 6 func GenerateTOTP(secret string, timeStepOffset int) string { decodedSecret, err := base32.StdEncoding.WithPadding(base32.NoPadding).DecodeString(secret) @@ -27,7 +27,7 @@ func GenerateTOTP(secret string, timeStepOffset int) string { fmt.Fprintf(os.Stderr, "WARN: Invalid Base32 secret\n") } - counter := time.Now().Unix() / TIME_STEP - int64(timeStepOffset) + counter := time.Now().Unix() / TOTP_TIME_STEP - int64(timeStepOffset) counterBytes := make([]byte, 8) binary.BigEndian.PutUint64(counterBytes, uint64(counter)) @@ -37,9 +37,9 @@ func GenerateTOTP(secret string, timeStepOffset int) string { offset := hash[len(hash) - 1] & 0x0f binaryCode := int32(binary.BigEndian.Uint32(hash[offset : offset + 4]) & 0x7FFFFFFF) - code := binaryCode % int32(math.Pow10(CODE_LENGTH)) + code := binaryCode % int32(math.Pow10(TOTP_CODE_LENGTH)) - return fmt.Sprintf(fmt.Sprintf("%%0%dd", CODE_LENGTH), code) + return fmt.Sprintf(fmt.Sprintf("%%0%dd", TOTP_CODE_LENGTH), code) } func GenerateTOTPSecret(length int) string { @@ -65,8 +65,8 @@ func GenerateTOTPURI(username string, secret string) string { query.Set("secret", secret) query.Set("issuer", "arimelody.me") query.Set("algorithm", "SHA1") - query.Set("digits", fmt.Sprintf("%d", CODE_LENGTH)) - query.Set("period", fmt.Sprintf("%d", TIME_STEP)) + query.Set("digits", fmt.Sprintf("%d", TOTP_CODE_LENGTH)) + query.Set("period", fmt.Sprintf("%d", TOTP_TIME_STEP)) url.RawQuery = query.Encode() return url.String() @@ -98,7 +98,11 @@ func CheckTOTPForAccount(db *sqlx.DB, accountID string, totp string) (*model.TOT for _, method := range totps { check := GenerateTOTP(method.Secret, 0) if check == totp { - // return the whole TOTP method as it may be useful for logging + return &method, nil + } + // try again with offset- maybe user input the code late? + check = GenerateTOTP(method.Secret, 1) + if check == totp { return &method, nil } } From e004491b553f041b9f59a453fd94e1377b9cb419 Mon Sep 17 00:00:00 2001 From: ari melody Date: Thu, 23 Jan 2025 13:53:06 +0000 Subject: [PATCH 08/63] TOTP fully functioning, account settings done! --- admin/accounthttp.go | 23 ++++++++++-- admin/http.go | 71 +++++++++++++++++++++++++++-------- admin/static/admin.css | 16 ++++---- admin/templates.go | 5 +++ admin/views/edit-account.html | 6 +-- admin/views/login-totp.html | 42 +++++++++++++++++++++ admin/views/login.html | 17 ++------- admin/views/register.html | 6 ++- admin/views/totp-confirm.html | 2 +- admin/views/totp-setup.html | 2 +- controller/totp.go | 1 - 11 files changed, 143 insertions(+), 48 deletions(-) create mode 100644 admin/views/login-totp.html diff --git a/admin/accounthttp.go b/admin/accounthttp.go index b5deca2..9402410 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -30,15 +30,30 @@ func accountIndexHandler(app *model.AppState) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { session := r.Context().Value("session").(*model.Session) - totps, err := controller.GetTOTPsForAccount(app.DB, session.Account.ID) + dbTOTPs, err := controller.GetTOTPsForAccount(app.DB, session.Account.ID) if err != nil { fmt.Printf("WARN: Failed to fetch TOTPs: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) } - type accountResponse struct { - Session *model.Session - TOTPs []model.TOTP + type ( + TOTP struct { + model.TOTP + CreatedAtString string + } + + accountResponse struct { + Session *model.Session + TOTPs []TOTP + } + ) + + totps := []TOTP{} + for _, totp := range dbTOTPs { + totps = append(totps, TOTP{ + TOTP: totp, + CreatedAtString: totp.CreatedAt.Format("02 Jan 2006, 15:04:05"), + }) } sessionMessage := session.Message diff --git a/admin/http.go b/admin/http.go index 7dd5207..4d32aa9 100644 --- a/admin/http.go +++ b/admin/http.go @@ -284,26 +284,65 @@ func loginHandler(app *model.AppState) http.Handler { return } - totpMethod, err := controller.CheckTOTPForAccount(app.DB, account.ID, credentials.TOTP) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) - controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") - render() - return + var totpMethod *model.TOTP + if len(credentials.TOTP) == 0 { + // check if user has TOTP + totps, err := controller.GetTOTPsForAccount(app.DB, account.ID) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + render() + return + } + + if len(totps) > 0 { + type loginTOTPData struct { + Session *model.Session + Username string + Password string + } + err = pages["login-totp"].Execute(w, loginTOTPData{ + Session: session, + Username: credentials.Username, + Password: credentials.Password, + }) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to render login TOTP page: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + } + } else { + totpMethod, err = controller.CheckTOTPForAccount(app.DB, account.ID, credentials.TOTP) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + render() + return + } + if totpMethod == nil { + controller.SetSessionError(app.DB, session, "Invalid TOTP.") + render() + return + } } - if totpMethod == nil { - controller.SetSessionError(app.DB, session, "Invalid TOTP.") - render() - return + + if totpMethod != nil { + fmt.Printf( + "[%s] INFO: Account \"%s\" logged in with method \"%s\"\n", + time.Now().Format(time.UnixDate), + account.Username, + totpMethod.Name, + ) + } else { + fmt.Printf( + "[%s] INFO: Account \"%s\" logged in\n", + time.Now().Format(time.UnixDate), + account.Username, + ) } // TODO: log login activity to user - fmt.Printf( - "[%s] INFO: Account \"%s\" logged in with method \"%s\"\n", - time.Now().Format(time.UnixDate), - account.Username, - totpMethod.Name, - ) // login success! controller.SetSessionAccount(app.DB, session, account) diff --git a/admin/static/admin.css b/admin/static/admin.css index cbb827e..a6e0bc2 100644 --- a/admin/static/admin.css +++ b/admin/static/admin.css @@ -85,6 +85,15 @@ a img.icon { height: .8em; } +code { + background: #303030; + color: #f0f0f0; + padding: .23em .3em; + border-radius: 4px; +} + + + .card { margin-bottom: 1em; } @@ -93,13 +102,6 @@ a img.icon { margin: 0 0 .5em 0; } -/* -.card h3, -.card p { - margin: 0; -} -*/ - .card-title { margin-bottom: 1em; display: flex; diff --git a/admin/templates.go b/admin/templates.go index 3bae106..d9a74ca 100644 --- a/admin/templates.go +++ b/admin/templates.go @@ -18,6 +18,11 @@ var pages = map[string]*template.Template{ filepath.Join("views", "prideflag.html"), filepath.Join("admin", "views", "login.html"), )), + "login-totp": template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "login-totp.html"), + )), "register": template.Must(template.ParseFiles( filepath.Join("admin", "views", "layout.html"), filepath.Join("views", "prideflag.html"), diff --git a/admin/views/edit-account.html b/admin/views/edit-account.html index b1d083a..6c17088 100644 --- a/admin/views/edit-account.html +++ b/admin/views/edit-account.html @@ -40,11 +40,11 @@ {{range .TOTPs}}
-

{{.Name}}

-

Added: {{.CreatedAt}}

+

{{.TOTP.Name}}

+

Added: {{.CreatedAtString}}

{{end}} diff --git a/admin/views/login-totp.html b/admin/views/login-totp.html new file mode 100644 index 0000000..d959e3c --- /dev/null +++ b/admin/views/login-totp.html @@ -0,0 +1,42 @@ +{{define "head"}} +Login - ari melody 💫 + + + +{{end}} + +{{define "content"}} +
+
+

Two-Factor Authentication

+ +
+ + + + +
+ + +
+
+{{end}} diff --git a/admin/views/login.html b/admin/views/login.html index b77af83..fbb7294 100644 --- a/admin/views/login.html +++ b/admin/views/login.html @@ -3,14 +3,6 @@ {{end}} @@ -42,15 +34,14 @@ input { {{end}}
+

Log In

+
- + - - -
diff --git a/admin/views/register.html b/admin/views/register.html index 94170c9..37f0947 100644 --- a/admin/views/register.html +++ b/admin/views/register.html @@ -27,7 +27,7 @@ form button { } input { - width: 100%; + width: calc(100% - 1rem - 2px); } {{end}} @@ -39,9 +39,11 @@ input { {{end}} +

Create Account

+
- + diff --git a/admin/views/totp-confirm.html b/admin/views/totp-confirm.html index af6b6e1..ac39e52 100644 --- a/admin/views/totp-confirm.html +++ b/admin/views/totp-confirm.html @@ -26,7 +26,7 @@ code {

- + diff --git a/admin/views/totp-setup.html b/admin/views/totp-setup.html index 62b9daf..e74c970 100644 --- a/admin/views/totp-setup.html +++ b/admin/views/totp-setup.html @@ -12,7 +12,7 @@
- +
diff --git a/controller/totp.go b/controller/totp.go index 02f1c4b..bc71747 100644 --- a/controller/totp.go +++ b/controller/totp.go @@ -92,7 +92,6 @@ func GetTOTPsForAccount(db *sqlx.DB, accountID string) ([]model.TOTP, error) { func CheckTOTPForAccount(db *sqlx.DB, accountID string, totp string) (*model.TOTP, error) { totps, err := GetTOTPsForAccount(db, accountID) if err != nil { - // user has no TOTP methods return nil, err } for _, method := range totps { From 9a27dbdc3716be63389a8b551867c09e556bdc12 Mon Sep 17 00:00:00 2001 From: ari melody Date: Fri, 24 Jan 2025 01:04:57 +0000 Subject: [PATCH 09/63] fixed style of inputs on release edit page (whoops!) --- admin/static/admin.css | 4 ++-- admin/static/edit-account.css | 9 +++++---- admin/static/edit-release.css | 9 ++++++++- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/admin/static/admin.css b/admin/static/admin.css index a6e0bc2..877b5da 100644 --- a/admin/static/admin.css +++ b/admin/static/admin.css @@ -206,13 +206,13 @@ form { width: 100%; display: block; } -label { +form label { width: 100%; margin: 1rem 0 .5rem 0; display: block; color: #10101080; } -input { +form input { margin: .5rem 0; padding: .3rem .5rem; display: block; diff --git a/admin/static/edit-account.css b/admin/static/edit-account.css index 37351b2..7a4d34a 100644 --- a/admin/static/edit-account.css +++ b/admin/static/edit-account.css @@ -5,10 +5,11 @@ div.card { } label { - width: 100%; - margin: 1rem 0 .5rem 0; - display: block; - color: #10101080; + width: auto; + margin: 0; + display: flex; + align-items: center; + color: inherit; } input { width: min(20rem, calc(100% - 1rem)); diff --git a/admin/static/edit-release.css b/admin/static/edit-release.css index 63d399e..aa70e34 100644 --- a/admin/static/edit-release.css +++ b/admin/static/edit-release.css @@ -228,12 +228,14 @@ dialog div.dialog-actions { } #editcredits .credit .credit-info .credit-attribute label { + width: auto; + margin: 0; display: flex; align-items: center; } #editcredits .credit .credit-info .credit-attribute input[type="text"] { - margin-left: .25em; + margin: 0 0 0 .25em; padding: .2em .4em; flex-grow: 1; font-family: inherit; @@ -241,6 +243,9 @@ dialog div.dialog-actions { border-radius: 4px; color: inherit; } +#editcredits .credit .credit-info .credit-attribute input[type="checkbox"] { + margin: 0 .3em; +} #editcredits .credit .artist-name { font-weight: bold; @@ -369,8 +374,10 @@ dialog div.dialog-actions { #editlinks td input[type="text"] { width: calc(100% - .6em); height: 100%; + margin: 0; padding: 0 .3em; border: none; + border-radius: 0; outline: none; cursor: pointer; background: none; From 090de0554bbfd64ab68fb560e8ad1559dd9ee312 Mon Sep 17 00:00:00 2001 From: ari melody Date: Fri, 24 Jan 2025 01:33:14 +0000 Subject: [PATCH 10/63] fix bug causing edit tracks component to crash --- admin/components/tracks/edittracks.html | 10 +++++----- admin/releasehttp.go | 11 ++++++++++- model/track.go | 2 ++ 3 files changed, 17 insertions(+), 6 deletions(-) diff --git a/admin/components/tracks/edittracks.html b/admin/components/tracks/edittracks.html index 0500532..d03f80a 100644 --- a/admin/components/tracks/edittracks.html +++ b/admin/components/tracks/edittracks.html @@ -3,20 +3,20 @@

Editing: Tracks

Add -
+
    - {{range $i, $track := .Tracks}} + {{range $i, $track := .Release.Tracks}}

  • - {{$track.Add $i 1}} + {{.Add $i 1}} {{$track.Title}}

    Delete diff --git a/admin/releasehttp.go b/admin/releasehttp.go index 7d098e6..cd73e98 100644 --- a/admin/releasehttp.go +++ b/admin/releasehttp.go @@ -145,7 +145,16 @@ func serveEditLinks(release *model.Release) http.Handler { func serveEditTracks(release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") - err := components["edittracks"].Execute(w, release) + + type editTracksData struct { + Release *model.Release + Add func(a int, b int) int + } + + err := components["edittracks"].Execute(w, editTracksData{ + Release: release, + Add: func(a, b int) int { return a + b }, + }) if err != nil { fmt.Printf("Error rendering edit tracks component for %s: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/model/track.go b/model/track.go index d44c224..ca54ddd 100644 --- a/model/track.go +++ b/model/track.go @@ -12,6 +12,8 @@ type ( Description string `json:"description"` Lyrics string `json:"lyrics" db:"lyrics"` PreviewURL string `json:"previewURL" db:"preview_url"` + + Number int } ) From ad39e68cd651176211e98d3e7b9cf1e25ec925e1 Mon Sep 17 00:00:00 2001 From: ari melody Date: Fri, 24 Jan 2025 18:49:04 +0000 Subject: [PATCH 11/63] fix API endpoints which require account authorisation --- admin/http.go | 16 +++++------ api/api.go | 74 ++++++++++++++++++++++++++++++++++++++++++--------- 2 files changed, 70 insertions(+), 20 deletions(-) diff --git a/admin/http.go b/admin/http.go index 4d32aa9..b6a71ee 100644 --- a/admin/http.go +++ b/admin/http.go @@ -20,20 +20,20 @@ func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() mux.Handle("/login", loginHandler(app)) - mux.Handle("/logout", RequireAccount(app, logoutHandler(app))) + mux.Handle("/logout", requireAccount(app, logoutHandler(app))) mux.Handle("/register", registerAccountHandler(app)) - mux.Handle("/account", RequireAccount(app, accountIndexHandler(app))) - mux.Handle("/account/", RequireAccount(app, http.StripPrefix("/account", accountHandler(app)))) + mux.Handle("/account", requireAccount(app, accountIndexHandler(app))) + mux.Handle("/account/", requireAccount(app, http.StripPrefix("/account", accountHandler(app)))) - mux.Handle("/release/", RequireAccount(app, http.StripPrefix("/release", serveRelease(app)))) - mux.Handle("/artist/", RequireAccount(app, http.StripPrefix("/artist", serveArtist(app)))) - mux.Handle("/track/", RequireAccount(app, http.StripPrefix("/track", serveTrack(app)))) + mux.Handle("/release/", requireAccount(app, http.StripPrefix("/release", serveRelease(app)))) + mux.Handle("/artist/", requireAccount(app, http.StripPrefix("/artist", serveArtist(app)))) + mux.Handle("/track/", requireAccount(app, http.StripPrefix("/track", serveTrack(app)))) mux.Handle("/static/", http.StripPrefix("/static", staticHandler())) - mux.Handle("/", RequireAccount(app, AdminIndexHandler(app))) + mux.Handle("/", requireAccount(app, AdminIndexHandler(app))) // response wrapper to make sure a session cookie exists return enforceSession(app, mux) @@ -381,7 +381,7 @@ func logoutHandler(app *model.AppState) http.Handler { }) } -func RequireAccount(app *model.AppState, next http.Handler) http.HandlerFunc { +func requireAccount(app *model.AppState, next http.Handler) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { session := r.Context().Value("session").(*model.Session) if session.Account == nil { diff --git a/api/api.go b/api/api.go index 9489126..50b1c63 100644 --- a/api/api.go +++ b/api/api.go @@ -1,11 +1,13 @@ package api import ( + "context" + "errors" "fmt" "net/http" + "os" "strings" - "arimelody-web/admin" "arimelody-web/controller" "arimelody-web/model" ) @@ -36,10 +38,10 @@ func Handler(app *model.AppState) http.Handler { ServeArtist(app, artist).ServeHTTP(w, r) case http.MethodPut: // PUT /api/v1/artist/{id} (admin) - admin.RequireAccount(app, UpdateArtist(app, artist)).ServeHTTP(w, r) + requireAccount(app, UpdateArtist(app, artist)).ServeHTTP(w, r) case http.MethodDelete: // DELETE /api/v1/artist/{id} (admin) - admin.RequireAccount(app, DeleteArtist(app, artist)).ServeHTTP(w, r) + requireAccount(app, DeleteArtist(app, artist)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -51,7 +53,7 @@ func Handler(app *model.AppState) http.Handler { ServeAllArtists(app).ServeHTTP(w, r) case http.MethodPost: // POST /api/v1/artist (admin) - admin.RequireAccount(app, CreateArtist(app)).ServeHTTP(w, r) + requireAccount(app, CreateArtist(app)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -78,10 +80,10 @@ func Handler(app *model.AppState) http.Handler { ServeRelease(app, release).ServeHTTP(w, r) case http.MethodPut: // PUT /api/v1/music/{id} (admin) - admin.RequireAccount(app, UpdateRelease(app, release)).ServeHTTP(w, r) + requireAccount(app, UpdateRelease(app, release)).ServeHTTP(w, r) case http.MethodDelete: // DELETE /api/v1/music/{id} (admin) - admin.RequireAccount(app, DeleteRelease(app, release)).ServeHTTP(w, r) + requireAccount(app, DeleteRelease(app, release)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -93,7 +95,7 @@ func Handler(app *model.AppState) http.Handler { ServeCatalog(app).ServeHTTP(w, r) case http.MethodPost: // POST /api/v1/music (admin) - admin.RequireAccount(app, CreateRelease(app)).ServeHTTP(w, r) + requireAccount(app, CreateRelease(app)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -117,13 +119,13 @@ func Handler(app *model.AppState) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/track/{id} (admin) - admin.RequireAccount(app, ServeTrack(app, track)).ServeHTTP(w, r) + requireAccount(app, ServeTrack(app, track)).ServeHTTP(w, r) case http.MethodPut: // PUT /api/v1/track/{id} (admin) - admin.RequireAccount(app, UpdateTrack(app, track)).ServeHTTP(w, r) + requireAccount(app, UpdateTrack(app, track)).ServeHTTP(w, r) case http.MethodDelete: // DELETE /api/v1/track/{id} (admin) - admin.RequireAccount(app, DeleteTrack(app, track)).ServeHTTP(w, r) + requireAccount(app, DeleteTrack(app, track)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -132,10 +134,10 @@ func Handler(app *model.AppState) http.Handler { switch r.Method { case http.MethodGet: // GET /api/v1/track (admin) - admin.RequireAccount(app, ServeAllTracks(app)).ServeHTTP(w, r) + requireAccount(app, ServeAllTracks(app)).ServeHTTP(w, r) case http.MethodPost: // POST /api/v1/track (admin) - admin.RequireAccount(app, CreateTrack(app)).ServeHTTP(w, r) + requireAccount(app, CreateTrack(app)).ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -143,3 +145,51 @@ func Handler(app *model.AppState) http.Handler { return mux } + +func requireAccount(app *model.AppState, next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + session, err := getSession(app, r) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to get session: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + if session.Account == nil { + http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) + return + } + ctx := context.WithValue(r.Context(), "session", session) + next.ServeHTTP(w, r.WithContext(ctx)) + }) +} + +func getSession(app *model.AppState, r *http.Request) (*model.Session, error) { + var token string + + // check cookies first + sessionCookie, err := r.Cookie(model.COOKIE_TOKEN) + if err != nil && err != http.ErrNoCookie { + return nil, errors.New(fmt.Sprintf("Failed to retrieve session cookie: %v\n", err)) + } + if sessionCookie != nil { + token = sessionCookie.Value + } else { + // check Authorization header + token = strings.TrimPrefix(r.Header.Get("Authorization"), "Bearer ") + } + + if token == "" { return nil, nil } + + // fetch existing session + session, err := controller.GetSession(app.DB, token) + + if err != nil && !strings.Contains(err.Error(), "no rows") { + return nil, errors.New(fmt.Sprintf("Failed to retrieve session: %v\n", err)) + } + + if session != nil { + // TODO: consider running security checks here (i.e. user agent mismatches) + } + + return session, nil +} From 1edc051ae21f8cc64d2d00796ad04dc8305d8dec Mon Sep 17 00:00:00 2001 From: ari melody Date: Sun, 26 Jan 2025 00:48:19 +0000 Subject: [PATCH 12/63] fixed GetTOTP, started rough QR code implementation GetTOTP handles TOTP method retrieval for confirmation and deletion. QR code implementation looks like it's gonna suck, so might end up using a library for this later. --- admin/accounthttp.go | 11 +++-- admin/http.go | 16 +++++-- controller/qr.go | 107 +++++++++++++++++++++++++++++++++++++++++++ controller/totp.go | 9 ++-- main.go | 2 +- 5 files changed, 132 insertions(+), 13 deletions(-) create mode 100644 controller/qr.go diff --git a/admin/accounthttp.go b/admin/accounthttp.go index 9402410..aa1e042 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -304,6 +304,12 @@ func totpConfirmHandler(app *model.AppState) http.Handler { return } + fmt.Printf( + "TOTP:\n\tName: %s\n\tSecret: %s\n", + totp.Name, + totp.Secret, + ) + confirmCode := controller.GenerateTOTP(totp.Secret, 0) if code != confirmCode { confirmCodeOffset := controller.GenerateTOTP(totp.Secret, 1) @@ -330,12 +336,11 @@ func totpDeleteHandler(app *model.AppState) http.Handler { return } - name := r.URL.Path - fmt.Printf("%s\n", name); - if len(name) == 0 { + if len(r.URL.Path) < 2 { http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } + name := r.URL.Path[1:] session := r.Context().Value("session").(*model.Session) diff --git a/admin/http.go b/admin/http.go index b6a71ee..42b7e46 100644 --- a/admin/http.go +++ b/admin/http.go @@ -19,6 +19,17 @@ import ( func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() + mux.Handle("/qr-test", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + qrB64Img, err := controller.GenerateQRCode([]byte("super epic mega gaming test message. be sure to buy free2play on bandcamp so i can put food on my family")) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to generate QR code: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + return + } + + w.Write([]byte("")) + })) + mux.Handle("/login", loginHandler(app)) mux.Handle("/logout", requireAccount(app, logoutHandler(app))) @@ -243,11 +254,6 @@ func loginHandler(app *model.AppState) http.Handler { return } - // new accounts won't have TOTP methods at first. there should be a - // second phase of login that prompts the user for a TOTP *only* - // if that account has a TOTP method. - // TODO: login phases (username & password -> TOTP) - type LoginRequest struct { Username string `json:"username"` Password string `json:"password"` diff --git a/controller/qr.go b/controller/qr.go new file mode 100644 index 0000000..c4c2520 --- /dev/null +++ b/controller/qr.go @@ -0,0 +1,107 @@ +package controller + +import ( + "bytes" + "encoding/base64" + "errors" + "fmt" + "image" + "image/color" + "image/png" +) + +const margin = 4 + +type QRCodeECCLevel int64 +const ( + LOW QRCodeECCLevel = iota + MEDIUM + QUARTILE + HIGH +) + +func GenerateQRCode(data []byte) (string, error) { + version := 1 + + size := 0 + size = 21 + version * 4 + if version > 10 { + return "", errors.New(fmt.Sprintf("QR version %d not supported", version)) + } + + img := image.NewGray(image.Rect(0, 0, size + margin * 2, size + margin * 2)) + + // fill white + for y := range size + margin * 2 { + for x := range size + margin * 2 { + img.Set(x, y, color.White) + } + } + + // draw alignment squares + drawLargeAlignmentSquare(margin, margin, img) + drawLargeAlignmentSquare(margin, margin + size - 7, img) + drawLargeAlignmentSquare(margin + size - 7, margin, img) + drawSmallAlignmentSquare(size - 5, size - 5, img) + /* + if version > 4 { + space := version * 3 - 2 + end := size / space + for y := range size / space + 1 { + for x := range size / space + 1 { + if x == 0 && y == 0 { continue } + if x == 0 && y == end { continue } + if x == end && y == 0 { continue } + if x == end && y == end { continue } + drawSmallAlignmentSquare( + x * space + margin + 4, + y * space + margin + 4, + img, + ) + } + } + } + */ + + // draw timing bits + for i := margin + 6; i < size - 4; i++ { + if (i % 2 == 0) { + img.Set(i, margin + 6, color.Black) + img.Set(margin + 6, i, color.Black) + } + } + img.Set(margin + 8, size - 4, color.Black) + + var imgBuf bytes.Buffer + err := png.Encode(&imgBuf, img) + if err != nil { + return "", err + } + + base64Img := base64.StdEncoding.EncodeToString(imgBuf.Bytes()) + + return "data:image/png;base64," + base64Img, nil +} + +func drawLargeAlignmentSquare(x int, y int, img *image.Gray) { + for yi := range 7 { + for xi := range 7 { + if (xi == 0 || xi == 6) || (yi == 0 || yi == 6) { + img.Set(x + xi, y + yi, color.Black) + } else if (xi > 1 && xi < 5) && (yi > 1 && yi < 5) { + img.Set(x + xi, y + yi, color.Black) + } + } + } +} + +func drawSmallAlignmentSquare(x int, y int, img *image.Gray) { + for yi := range 5 { + for xi := range 5 { + if (xi == 0 || xi == 4) || (yi == 0 || yi == 4) { + img.Set(x + xi, y + yi, color.Black) + } + } + } + img.Set(x + 2, y + 2, color.Black) +} diff --git a/controller/totp.go b/controller/totp.go index bc71747..dbbeec7 100644 --- a/controller/totp.go +++ b/controller/totp.go @@ -64,9 +64,9 @@ func GenerateTOTPURI(username string, secret string) string { query := url.Query() query.Set("secret", secret) query.Set("issuer", "arimelody.me") - query.Set("algorithm", "SHA1") - query.Set("digits", fmt.Sprintf("%d", TOTP_CODE_LENGTH)) - query.Set("period", fmt.Sprintf("%d", TOTP_TIME_STEP)) + // query.Set("algorithm", "SHA1") + // query.Set("digits", fmt.Sprintf("%d", TOTP_CODE_LENGTH)) + // query.Set("period", fmt.Sprintf("%d", TOTP_TIME_STEP)) url.RawQuery = query.Encode() return url.String() @@ -116,8 +116,9 @@ func GetTOTP(db *sqlx.DB, accountID string, name string) (*model.TOTP, error) { err := db.Get( &totp, "SELECT * FROM totp " + - "WHERE account=$1", + "WHERE account=$1 AND name=$2", accountID, + name, ) if err != nil { if strings.Contains(err.Error(), "no rows") { diff --git a/main.go b/main.go index 251d9a9..ac1de59 100644 --- a/main.go +++ b/main.go @@ -89,7 +89,6 @@ func main() { } username := os.Args[2] totpName := os.Args[3] - secret := controller.GenerateTOTPSecret(controller.TOTP_SECRET_LENGTH) account, err := controller.GetAccountByUsername(app.DB, username) if err != nil { @@ -102,6 +101,7 @@ func main() { os.Exit(1) } + secret := controller.GenerateTOTPSecret(controller.TOTP_SECRET_LENGTH) totp := model.TOTP { AccountID: account.ID, Name: totpName, From 3450d879acd0662f8bfae1d010f6e02ee9441e06 Mon Sep 17 00:00:00 2001 From: ari melody Date: Sun, 26 Jan 2025 20:09:18 +0000 Subject: [PATCH 13/63] QR codes complete, account settings finished! + refactored templates a little; this might need more work! --- admin/accounthttp.go | 31 ++++--- admin/artisthttp.go | 2 +- admin/http.go | 12 +-- admin/releasehttp.go | 16 ++-- admin/templates.go | 150 ++++++++++++++++++---------------- admin/trackhttp.go | 2 +- admin/views/totp-confirm.html | 17 ++-- controller/qr.go | 15 +++- go.mod | 6 +- go.sum | 6 +- main.go | 2 +- templates/templates.go | 47 +++++------ view/music.go | 4 +- 13 files changed, 175 insertions(+), 135 deletions(-) diff --git a/admin/accounthttp.go b/admin/accounthttp.go index aa1e042..408b4c5 100644 --- a/admin/accounthttp.go +++ b/admin/accounthttp.go @@ -63,7 +63,7 @@ func accountIndexHandler(app *model.AppState) http.Handler { session.Message = sessionMessage session.Error = sessionError - err = pages["account"].Execute(w, accountResponse{ + err = accountTemplate.Execute(w, accountResponse{ Session: session, TOTPs: totps, }) @@ -199,7 +199,7 @@ func totpSetupHandler(app *model.AppState) http.Handler { session := r.Context().Value("session").(*model.Session) - err := pages["totp-setup"].Execute(w, totpSetupData{ Session: session }) + err := totpSetupTemplate.Execute(w, totpSetupData{ Session: session }) if err != nil { fmt.Printf("WARN: Failed to render TOTP setup page: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -216,6 +216,7 @@ func totpSetupHandler(app *model.AppState) http.Handler { Session *model.Session TOTP *model.TOTP NameEscaped string + QRBase64Image string } err := r.ParseForm() @@ -242,7 +243,7 @@ func totpSetupHandler(app *model.AppState) http.Handler { if err != nil { fmt.Printf("WARN: Failed to create TOTP method: %s\n", err) controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") - err := pages["totp-setup"].Execute(w, totpSetupData{ Session: session }) + err := totpSetupTemplate.Execute(w, totpSetupData{ Session: session }) if err != nil { fmt.Printf("WARN: Failed to render TOTP setup page: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -250,10 +251,24 @@ func totpSetupHandler(app *model.AppState) http.Handler { return } - err = pages["totp-confirm"].Execute(w, totpSetupData{ + qrBase64Image, err := controller.GenerateQRCode( + controller.GenerateTOTPURI(session.Account.Username, totp.Secret)) + if err != nil { + fmt.Printf("WARN: Failed to generate TOTP setup QR code: %s\n", err) + controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.") + err := totpSetupTemplate.Execute(w, totpSetupData{ Session: session }) + if err != nil { + fmt.Printf("WARN: Failed to render TOTP setup page: %s\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + return + } + + err = totpConfirmTemplate.Execute(w, totpSetupData{ Session: session, TOTP: &totp, NameEscaped: url.PathEscape(totp.Name), + QRBase64Image: qrBase64Image, }) if err != nil { fmt.Printf("WARN: Failed to render TOTP confirm page: %s\n", err) @@ -304,18 +319,12 @@ func totpConfirmHandler(app *model.AppState) http.Handler { return } - fmt.Printf( - "TOTP:\n\tName: %s\n\tSecret: %s\n", - totp.Name, - totp.Secret, - ) - confirmCode := controller.GenerateTOTP(totp.Secret, 0) if code != confirmCode { confirmCodeOffset := controller.GenerateTOTP(totp.Secret, 1) if code != confirmCodeOffset { controller.SetSessionError(app.DB, session, "Incorrect TOTP code. Please try again.") - err = pages["totp-confirm"].Execute(w, totpConfirmData{ + err = totpConfirmTemplate.Execute(w, totpConfirmData{ Session: session, TOTP: totp, }) diff --git a/admin/artisthttp.go b/admin/artisthttp.go index 5979493..6dfbbfd 100644 --- a/admin/artisthttp.go +++ b/admin/artisthttp.go @@ -39,7 +39,7 @@ func serveArtist(app *model.AppState) http.Handler { session := r.Context().Value("session").(*model.Session) - err = pages["artist"].Execute(w, ArtistResponse{ + err = artistTemplate.Execute(w, ArtistResponse{ Session: session, Artist: artist, Credits: credits, diff --git a/admin/http.go b/admin/http.go index 42b7e46..6fd8f59 100644 --- a/admin/http.go +++ b/admin/http.go @@ -20,7 +20,7 @@ func Handler(app *model.AppState) http.Handler { mux := http.NewServeMux() mux.Handle("/qr-test", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - qrB64Img, err := controller.GenerateQRCode([]byte("super epic mega gaming test message. be sure to buy free2play on bandcamp so i can put food on my family")) + qrB64Img, err := controller.GenerateQRCode("super epic mega gaming test message. be sure to buy free2play on bandcamp so i can put food on my family") if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to generate QR code: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -87,7 +87,7 @@ func AdminIndexHandler(app *model.AppState) http.Handler { Tracks []*model.Track } - err = pages["index"].Execute(w, IndexData{ + err = indexTemplate.Execute(w, IndexData{ Session: session, Releases: releases, Artists: artists, @@ -116,7 +116,7 @@ func registerAccountHandler(app *model.AppState) http.Handler { } render := func() { - err := pages["register"].Execute(w, registerData{ Session: session }) + err := registerTemplate.Execute(w, registerData{ Session: session }) if err != nil { fmt.Printf("WARN: Error rendering create account page: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -229,7 +229,7 @@ func loginHandler(app *model.AppState) http.Handler { } render := func() { - err := pages["login"].Execute(w, loginData{ Session: session }) + err := loginTemplate.Execute(w, loginData{ Session: session }) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Error rendering admin login page: %s\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -307,7 +307,7 @@ func loginHandler(app *model.AppState) http.Handler { Username string Password string } - err = pages["login-totp"].Execute(w, loginTOTPData{ + err = loginTOTPTemplate.Execute(w, loginTOTPData{ Session: session, Username: credentials.Username, Password: credentials.Password, @@ -379,7 +379,7 @@ func logoutHandler(app *model.AppState) http.Handler { Path: "/", }) - err = pages["logout"].Execute(w, nil) + err = logoutTemplate.Execute(w, nil) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to render logout page: %v\n", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/admin/releasehttp.go b/admin/releasehttp.go index cd73e98..be5052b 100644 --- a/admin/releasehttp.go +++ b/admin/releasehttp.go @@ -60,7 +60,7 @@ func serveRelease(app *model.AppState) http.Handler { Release *model.Release } - err = pages["release"].Execute(w, ReleaseResponse{ + err = releaseTemplate.Execute(w, ReleaseResponse{ Session: session, Release: release, }) @@ -74,7 +74,7 @@ func serveRelease(app *model.AppState) http.Handler { func serveEditCredits(release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") - err := components["editcredits"].Execute(w, release) + err := editCreditsTemplate.Execute(w, release) if err != nil { fmt.Printf("Error rendering edit credits component for %s: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -97,7 +97,7 @@ func serveAddCredit(app *model.AppState, release *model.Release) http.Handler { } w.Header().Set("Content-Type", "text/html") - err = components["addcredit"].Execute(w, response{ + err = addCreditTemplate.Execute(w, response{ ReleaseID: release.ID, Artists: artists, }) @@ -123,7 +123,7 @@ func serveNewCredit(app *model.AppState) http.Handler { } w.Header().Set("Content-Type", "text/html") - err = components["newcredit"].Execute(w, artist) + err = newCreditTemplate.Execute(w, artist) if err != nil { fmt.Printf("Error rendering new credit component for %s: %s\n", artist.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -134,7 +134,7 @@ func serveNewCredit(app *model.AppState) http.Handler { func serveEditLinks(release *model.Release) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") - err := components["editlinks"].Execute(w, release) + err := editLinksTemplate.Execute(w, release) if err != nil { fmt.Printf("Error rendering edit links component for %s: %s\n", release.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) @@ -151,7 +151,7 @@ func serveEditTracks(release *model.Release) http.Handler { Add func(a int, b int) int } - err := components["edittracks"].Execute(w, editTracksData{ + err := editTracksTemplate.Execute(w, editTracksData{ Release: release, Add: func(a, b int) int { return a + b }, }) @@ -177,7 +177,7 @@ func serveAddTrack(app *model.AppState, release *model.Release) http.Handler { } w.Header().Set("Content-Type", "text/html") - err = components["addtrack"].Execute(w, response{ + err = addTrackTemplate.Execute(w, response{ ReleaseID: release.ID, Tracks: tracks, }) @@ -204,7 +204,7 @@ func serveNewTrack(app *model.AppState) http.Handler { } w.Header().Set("Content-Type", "text/html") - err = components["newtrack"].Execute(w, track) + err = newTrackTemplate.Execute(w, track) if err != nil { fmt.Printf("Error rendering new track component for %s: %s\n", track.ID, err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) diff --git a/admin/templates.go b/admin/templates.go index d9a74ca..49c118b 100644 --- a/admin/templates.go +++ b/admin/templates.go @@ -1,80 +1,90 @@ package admin import ( - "html/template" - "path/filepath" + "html/template" + "path/filepath" ) -var pages = map[string]*template.Template{ - "index": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "components", "release", "release-list-item.html"), - filepath.Join("admin", "views", "index.html"), - )), +var indexTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "components", "release", "release-list-item.html"), + filepath.Join("admin", "views", "index.html"), +)) - "login": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "login.html"), - )), - "login-totp": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "login-totp.html"), - )), - "register": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "register.html"), - )), - "logout": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "logout.html"), - )), - "account": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "edit-account.html"), - )), - "totp-setup": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "totp-setup.html"), - )), - "totp-confirm": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "totp-confirm.html"), - )), +var loginTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "login.html"), +)) +var loginTOTPTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "login-totp.html"), +)) +var registerTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "register.html"), +)) +var logoutTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "logout.html"), +)) +var accountTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "edit-account.html"), +)) +var totpSetupTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "totp-setup.html"), +)) +var totpConfirmTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "totp-confirm.html"), +)) - "release": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "edit-release.html"), - )), - "artist": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "views", "edit-artist.html"), - )), - "track": template.Must(template.ParseFiles( - filepath.Join("admin", "views", "layout.html"), - filepath.Join("views", "prideflag.html"), - filepath.Join("admin", "components", "release", "release-list-item.html"), - filepath.Join("admin", "views", "edit-track.html"), - )), -} +var releaseTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "edit-release.html"), +)) +var artistTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "views", "edit-artist.html"), +)) +var trackTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "views", "layout.html"), + filepath.Join("views", "prideflag.html"), + filepath.Join("admin", "components", "release", "release-list-item.html"), + filepath.Join("admin", "views", "edit-track.html"), +)) -var components = map[string]*template.Template{ - "editcredits": template.Must(template.ParseFiles(filepath.Join("admin", "components", "credits", "editcredits.html"))), - "addcredit": template.Must(template.ParseFiles(filepath.Join("admin", "components", "credits", "addcredit.html"))), - "newcredit": template.Must(template.ParseFiles(filepath.Join("admin", "components", "credits", "newcredit.html"))), +var editCreditsTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "credits", "editcredits.html"), +)) +var addCreditTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "credits", "addcredit.html"), +)) +var newCreditTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "credits", "newcredit.html"), +)) - "editlinks": template.Must(template.ParseFiles(filepath.Join("admin", "components", "links", "editlinks.html"))), +var editLinksTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "links", "editlinks.html"), +)) - "edittracks": template.Must(template.ParseFiles(filepath.Join("admin", "components", "tracks", "edittracks.html"))), - "addtrack": template.Must(template.ParseFiles(filepath.Join("admin", "components", "tracks", "addtrack.html"))), - "newtrack": template.Must(template.ParseFiles(filepath.Join("admin", "components", "tracks", "newtrack.html"))), -} +var editTracksTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "tracks", "edittracks.html"), +)) +var addTrackTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "tracks", "addtrack.html"), +)) +var newTrackTemplate = template.Must(template.ParseFiles( + filepath.Join("admin", "components", "tracks", "newtrack.html"), +)) diff --git a/admin/trackhttp.go b/admin/trackhttp.go index 9436671..a92f81a 100644 --- a/admin/trackhttp.go +++ b/admin/trackhttp.go @@ -39,7 +39,7 @@ func serveTrack(app *model.AppState) http.Handler { session := r.Context().Value("session").(*model.Session) - err = pages["track"].Execute(w, TrackResponse{ + err = trackTemplate.Execute(w, TrackResponse{ Session: session, Track: track, Releases: releases, diff --git a/admin/views/totp-confirm.html b/admin/views/totp-confirm.html index ac39e52..b0810e2 100644 --- a/admin/views/totp-confirm.html +++ b/admin/views/totp-confirm.html @@ -3,6 +3,9 @@ \ No newline at end of file diff --git a/public/img/brand/twitch.svg b/public/img/brand/twitch.svg new file mode 100644 index 0000000..3120fea --- /dev/null +++ b/public/img/brand/twitch.svg @@ -0,0 +1,21 @@ + + + + +Asset 2 + + + + + + + + + + + diff --git a/public/img/brand/youtube.svg b/public/img/brand/youtube.svg new file mode 100644 index 0000000..3286071 --- /dev/null +++ b/public/img/brand/youtube.svg @@ -0,0 +1,10 @@ + + + + + + + + + + diff --git a/public/script/index.js b/public/script/index.js index 512ed8f..2197bd4 100644 --- a/public/script/index.js +++ b/public/script/index.js @@ -1,3 +1,5 @@ +import { hijackClickEvent } from "./main.js"; + const hexPrimary = document.getElementById("hex-primary"); const hexSecondary = document.getElementById("hex-secondary"); const hexTertiary = document.getElementById("hex-tertiary"); @@ -14,3 +16,8 @@ updateHexColours(); window.matchMedia("(prefers-color-scheme: dark)").addEventListener("change", () => { updateHexColours(); }); + +document.querySelectorAll("ul#projects li.project-item").forEach(projectItem => { + const link = projectItem.querySelector('a'); + hijackClickEvent(projectItem, link); +}); diff --git a/public/script/main.js b/public/script/main.js index c1d5101..19eddc2 100644 --- a/public/script/main.js +++ b/public/script/main.js @@ -45,6 +45,23 @@ function fill_list(list) { }); } +export function hijackClickEvent(container, link) { + container.addEventListener('click', event => { + if (event.target.tagName.toLowerCase() === 'a') return; + event.preventDefault(); + link.dispatchEvent(new MouseEvent('click', { + bubbles: true, + cancelable: true, + view: window, + ctrlKey: event.ctrlKey, + metaKey: event.metaKey, + shiftKey: event.shiftKey, + altKey: event.altKey, + button: event.button, + })); + }); +} + document.addEventListener("DOMContentLoaded", () => { [...document.querySelectorAll(".typeout")] .filter((e) => e.innerText != "") diff --git a/public/script/music.js b/public/script/music.js index 273ce2b..91f34ab 100644 --- a/public/script/music.js +++ b/public/script/music.js @@ -1,12 +1,6 @@ -import "./main.js"; +import { hijackClickEvent } from "./main.js"; document.querySelectorAll("div.music").forEach(container => { - const link = container.querySelector(".music-title a").href - - container.addEventListener("click", event => { - if (event.target.href) return; - - event.preventDefault(); - location = link; - }); + const link = container.querySelector(".music-title a") + hijackClickEvent(container, link); }); diff --git a/public/style/index.css b/public/style/index.css index f3cb761..6edb362 100644 --- a/public/style/index.css +++ b/public/style/index.css @@ -96,30 +96,36 @@ hr { overflow: visible; } -ul.links { +ul.platform-links { + padding-left: 1em; display: flex; - gap: 1em .5em; + gap: .5em; flex-wrap: wrap; } -ul.links li { +ul.platform-links li { list-style: none; } -ul.links li a { +ul.platform-links li a { padding: .4em .5em; + display: flex; + flex-direction: row; + justify-content: center; + align-items: center; + gap: .5em; border: 1px solid var(--links); color: var(--links); border-radius: 2px; background-color: transparent; - transition-property: color, border-color, background-color; + transition-property: color, border-color, background-color, box-shadow; transition-duration: .2s; animation-delay: 0s; animation: list-item-fadein .2s forwards; opacity: 0; } -ul.links li a:hover { +ul.platform-links li a:hover { color: #eee; border-color: #eee; background-color: var(--links) !important; @@ -127,6 +133,75 @@ ul.links li a:hover { box-shadow: 0 0 1em var(--links); } +ul.platform-links li a img { + height: 1em; + width: 1em; +} + +ul#projects { + padding: 0; + list-style: none; +} + +li.project-item { + padding: .5em; + border: 1px solid var(--links); + margin: 1em 0; + display: flex; + flex-direction: row; + gap: .5em; + border-radius: 2px; + transition-property: color, border-color, background-color, box-shadow; + transition-duration: .2s; + cursor: pointer; +} +li.project-item a { + transition: color .2s linear; +} + +li.project-item:hover { + color: #eee; + border-color: #eee; + background-color: var(--links) !important; + text-decoration: none; + box-shadow: 0 0 1em var(--links); +} +li.project-item:hover a { + color: #eee; +} + +li.project-item .project-info { + display: flex; + flex-direction: column; + justify-content: center; +} + +li.project-item img.project-icon { + width: 2.5em; + height: 2.5em; + object-fit: cover; + border-radius: 2px; +} + +li.project-item span.project-icon { + font-size: 2em; + display: block; + width: 45px; + height: 45px; + text-align: center; + /* background: #0004; */ + /* border: 1px solid var(--on-background); */ + border-radius: 2px; +} + +li.project-item a { + text-decoration: none; +} + +li.project-item p { + margin: 0; +} + div#web-buttons { margin: 2rem 0; } @@ -147,4 +222,3 @@ div#web-buttons { transform: translate(-2px, -2px); box-shadow: 1px 1px 0 #eee, 2px 2px 0 #eee; } - diff --git a/views/index.html b/views/index.html index 070d648..f639c55 100644 --- a/views/index.html +++ b/views/index.html @@ -17,7 +17,7 @@ - + {{end}} {{define "content"}} @@ -33,7 +33,7 @@

    - i'm a musician, developer, + i'm a musician, developer, streamer, youtuber, and probably a bunch of other things i forgot to mention!

    @@ -44,7 +44,7 @@

    if you're looking to support me financially, that's so cool of you!! if you like, you can buy some of my music over on - bandcamp + bandcamp so you can at least get something for your money. thank you very much either way!! 💕

    @@ -84,65 +84,119 @@

    where to find me 🛰️

    + +

    projects i've worked on 🛠️

    -
      -
    • - - mcstatusface - + @@ -156,40 +210,40 @@ ari melody web button - + zaire web button - + vimae web button - - thermia web button + + thermia web button - + elke web button - + InvoxiPlayGames web button - + ioletsgo web button - + notnite web button - + retr0id web button - + aikoyori web button - + xenia web button - + stardust web button - + isabel roses web button @@ -205,16 +259,16 @@ sprunk go straight to hell virus alert! click here - + wii www get mandatory internet explorer HTML - learn it today! - + high on SMOKE - + epic blazed closeup anime blink From f7b3faf8e89b240ca1e65eb698734039fcae9ce3 Mon Sep 17 00:00:00 2001 From: ari melody Date: Mon, 16 Jun 2025 22:41:54 +0100 Subject: [PATCH 56/63] move source link from header to footer --- public/style/header.css | 5 ++--- views/footer.html | 7 ++++++- views/header.html | 3 --- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/public/style/header.css b/public/style/header.css index 531649a..f399d4d 100644 --- a/public/style/header.css +++ b/public/style/header.css @@ -25,7 +25,6 @@ nav { flex-grow: 1; display: flex; gap: .5em; - cursor: pointer; } img#header-icon { @@ -36,19 +35,19 @@ img#header-icon { } #header-text { - width: 11em; display: flex; flex-direction: column; justify-content: center; - flex-grow: 1; } #header-text h1 { + width: fit-content; margin: 0; font-size: 1em; } #header-text h2 { + width: fit-content; height: 1.2em; line-height: 1.2em; margin: 0; diff --git a/views/footer.html b/views/footer.html index 217c4b5..eccf125 100644 --- a/views/footer.html +++ b/views/footer.html @@ -2,7 +2,12 @@
      diff --git a/views/header.html b/views/header.html index 291b8ac..03a8384 100644 --- a/views/header.html +++ b/views/header.html @@ -23,9 +23,6 @@
    • music
      • -
    • - source -
    • blog From 9274796729a56290d788106e0ed5327643103e4a Mon Sep 17 00:00:00 2001 From: ari melody Date: Tue, 17 Jun 2025 01:15:08 +0100 Subject: [PATCH 57/63] early implementation of ari melody LIVE tracker --- controller/config.go | 4 ++ controller/twitch.go | 97 ++++++++++++++++++++++++++++++++++++++++ main.go | 47 ++++--------------- model/appstate.go | 8 ++++ model/twitch.go | 43 ++++++++++++++++++ public/style/colours.css | 1 + public/style/index.css | 81 +++++++++++++++++++++++++++++++++ view/index.go | 45 +++++++++++++++++++ view/static.go | 31 +++++++++++++ views/index.html | 17 +++++++ 10 files changed, 335 insertions(+), 39 deletions(-) create mode 100644 controller/twitch.go create mode 100644 model/twitch.go create mode 100644 view/index.go create mode 100644 view/static.go diff --git a/controller/config.go b/controller/config.go index 1d3cbbb..fdfa756 100644 --- a/controller/config.go +++ b/controller/config.go @@ -77,5 +77,9 @@ func handleConfigOverrides(config *model.Config) error { if env, has := os.LookupEnv("ARIMELODY_DISCORD_CLIENT_ID"); has { config.Discord.ClientID = env } if env, has := os.LookupEnv("ARIMELODY_DISCORD_SECRET"); has { config.Discord.Secret = env } + if env, has := os.LookupEnv("ARIMELODY_TWITCH_BROADCASTER"); has { config.Twitch.Broadcaster = env } + if env, has := os.LookupEnv("ARIMELODY_TWITCH_CLIENT_ID"); has { config.Twitch.ClientID = env } + if env, has := os.LookupEnv("ARIMELODY_TWITCH_SECRET"); has { config.Twitch.Secret = env } + return nil } diff --git a/controller/twitch.go b/controller/twitch.go new file mode 100644 index 0000000..f7dc509 --- /dev/null +++ b/controller/twitch.go @@ -0,0 +1,97 @@ +package controller + +import ( + "arimelody-web/model" + "bytes" + "encoding/json" + "fmt" + "net/http" + "net/url" + "time" +) + +const TWITCH_API_BASE = "https://api.twitch.tv/helix/" + +func TwitchSetup(app *model.AppState) error { + app.Twitch = &model.TwitchState{} + err := RefreshTwitchToken(app) + return err +} + +func RefreshTwitchToken(app *model.AppState) error { + if app.Twitch != nil && app.Twitch.Token != nil && time.Now().UTC().After(app.Twitch.Token.ExpiresAt) { + return nil + } + + requestUrl, _ := url.Parse("https://id.twitch.tv/oauth2/token") + req, _ := http.NewRequest(http.MethodPost, requestUrl.String(), bytes.NewBuffer([]byte(url.Values{ + "client_id": []string{ app.Config.Twitch.ClientID }, + "client_secret": []string{ app.Config.Twitch.Secret }, + "grant_type": []string{ "client_credentials" }, + }.Encode()))) + + res, err := http.DefaultClient.Do(req) + if err != nil { + return err + } + + type TwitchOAuthToken struct { + AccessToken string `json:"access_token"` + ExpiresIn int `json:"expires_in"` + TokenType string `json:"token_type"` + } + oauthResponse := TwitchOAuthToken{} + err = json.NewDecoder(res.Body).Decode(&oauthResponse) + if err != nil { + return err + } + + app.Twitch.Token = &model.TwitchOAuthToken{ + AccessToken: oauthResponse.AccessToken, + ExpiresAt: time.Now().UTC().Add(time.Second * time.Duration(oauthResponse.ExpiresIn)).UTC(), + TokenType: oauthResponse.TokenType, + } + + return nil +} + +var lastStreamState *model.TwitchStreamInfo +var lastStreamStateAt time.Time + +func GetTwitchStatus(app *model.AppState, broadcaster string) (*model.TwitchStreamInfo, error) { + if lastStreamState != nil && time.Now().UTC().Before(lastStreamStateAt.Add(time.Minute)) { + return lastStreamState, nil + } + + fmt.Print("MAKING COSTLY REQUEST TO TWITCH.TV API...\n") + + requestUrl, _ := url.Parse(TWITCH_API_BASE + "streams") + requestUrl.RawQuery = url.Values{ + "user_login": []string{ broadcaster }, + }.Encode() + req, _ := http.NewRequest(http.MethodGet, requestUrl.String(), nil) + req.Header.Set("Client-Id", app.Config.Twitch.ClientID) + req.Header.Set("Authorization", "Bearer " + app.Twitch.Token.AccessToken) + + res, err := http.DefaultClient.Do(req) + if err != nil { + return nil, err + } + + type StreamsResponse struct { + Data []model.TwitchStreamInfo `json:"data"` + } + streamInfo := StreamsResponse{} + err = json.NewDecoder(res.Body).Decode(&streamInfo) + if err != nil { + return nil, err + } + + if len(streamInfo.Data) == 0 { + return nil, nil + } + + lastStreamState = &streamInfo.Data[0] + lastStreamStateAt = time.Now().UTC() + return lastStreamState, nil +} diff --git a/main.go b/main.go index 29539ac..8f37639 100644 --- a/main.go +++ b/main.go @@ -22,7 +22,6 @@ import ( "arimelody-web/cursor" "arimelody-web/log" "arimelody-web/model" - "arimelody-web/templates" "arimelody-web/view" "github.com/jmoiron/sqlx" @@ -40,6 +39,7 @@ func main() { app := model.AppState{ Config: controller.GetConfig(), + Twitch: nil, } // initialise database connection @@ -460,6 +460,11 @@ func main() { // handle DB migrations controller.CheckDBVersionAndMigrate(app.DB) + err = controller.TwitchSetup(&app) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to set up Twitch integration: %v\n", err) + } + // initial invite code accountsCount := 0 err = app.DB.Get(&accountsCount, "SELECT count(*) FROM account") @@ -511,49 +516,13 @@ func createServeMux(app *model.AppState) *http.ServeMux { mux.Handle("/admin/", http.StripPrefix("/admin", admin.Handler(app))) mux.Handle("/api/", http.StripPrefix("/api", api.Handler(app))) mux.Handle("/music/", http.StripPrefix("/music", view.MusicHandler(app))) - mux.Handle("/uploads/", http.StripPrefix("/uploads", staticHandler(filepath.Join(app.Config.DataDirectory, "uploads")))) + mux.Handle("/uploads/", http.StripPrefix("/uploads", view.StaticHandler(filepath.Join(app.Config.DataDirectory, "uploads")))) mux.Handle("/cursor-ws", cursor.Handler(app)) - mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method == http.MethodHead { - w.WriteHeader(http.StatusOK) - return - } - - if r.URL.Path == "/" || r.URL.Path == "/index.html" { - err := templates.IndexTemplate.Execute(w, nil) - if err != nil { - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - } - return - } - staticHandler("public").ServeHTTP(w, r) - })) + mux.Handle("/", view.IndexHandler(app)) return mux } -func staticHandler(directory string) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - info, err := os.Stat(filepath.Join(directory, filepath.Clean(r.URL.Path))) - - // does the file exist? - if err != nil { - if errors.Is(err, os.ErrNotExist) { - http.NotFound(w, r) - return - } - } - - // is thjs a directory? (forbidden) - if info.IsDir() { - http.NotFound(w, r) - return - } - - http.FileServer(http.Dir(directory)).ServeHTTP(w, r) - }) -} - var PoweredByStrings = []string{ "nerd rage", "estrogen", diff --git a/model/appstate.go b/model/appstate.go index a910a29..861a991 100644 --- a/model/appstate.go +++ b/model/appstate.go @@ -21,6 +21,12 @@ type ( Secret string `toml:"secret"` } + TwitchConfig struct { + Broadcaster string `toml:"broadcaster"` + ClientID string `toml:"client_id"` + Secret string `toml:"secret"` + } + Config struct { BaseUrl string `toml:"base_url" comment:"Used for OAuth redirects."` Host string `toml:"host"` @@ -29,11 +35,13 @@ type ( TrustedProxies []string `toml:"trusted_proxies"` DB DBConfig `toml:"db"` Discord DiscordConfig `toml:"discord"` + Twitch TwitchConfig `toml:"twitch"` } AppState struct { DB *sqlx.DB Config Config Log log.Logger + Twitch *TwitchState } ) diff --git a/model/twitch.go b/model/twitch.go new file mode 100644 index 0000000..6bca17d --- /dev/null +++ b/model/twitch.go @@ -0,0 +1,43 @@ +package model + +import ( + "fmt" + "strings" + "time" +) + +type ( + TwitchOAuthToken struct { + AccessToken string + ExpiresAt time.Time + TokenType string + } + + TwitchState struct { + Token *TwitchOAuthToken + } + + TwitchStreamInfo struct { + ID string `json:"id"` + UserID string `json:"user_id"` + UserLogin string `json:"user_login"` + UserName string `json:"user_name"` + GameID string `json:"game_id"` + GameName string `json:"game_name"` + Type string `json:"type"` + Title string `json:"title"` + ViewerCount int `json:"viewer_count"` + StartedAt string `json:"started_at"` + Language string `json:"language"` + ThumbnailURL string `json:"thumbnail_url"` + TagIDs []string `json:"tag_ids"` + Tags []string `json:"tags"` + IsMature bool `json:"is_mature"` + } +) + +func (info *TwitchStreamInfo) Thumbnail(width int, height int) string { + res := strings.Replace(info.ThumbnailURL, "{width}", fmt.Sprintf("%d", width), 1) + res = strings.Replace(res, "{height}", fmt.Sprintf("%d", height), 1) + return res +} diff --git a/public/style/colours.css b/public/style/colours.css index 2bf607d..de63198 100644 --- a/public/style/colours.css +++ b/public/style/colours.css @@ -6,6 +6,7 @@ --secondary: #f8e05b; --tertiary: #f788fe; --links: #5eb2ff; + --live: #fd3737; } @media (prefers-color-scheme: light) { diff --git a/public/style/index.css b/public/style/index.css index 6edb362..f60fdb7 100644 --- a/public/style/index.css +++ b/public/style/index.css @@ -222,3 +222,84 @@ div#web-buttons { transform: translate(-2px, -2px); box-shadow: 1px 1px 0 #eee, 2px 2px 0 #eee; } + +#live-banner { + margin: 1em 0 2em 0; + padding: 1em; + border-radius: 4px; + border: 1px solid var(--primary); + box-shadow: 0 0 8px var(--primary); +} + +#live-banner h2 { + margin: 0 0 .4em 0; + color: var(--on-background); +} + +#live-banner p { + margin: 0; +} + +.live-highlight { + color: var(--primary); +} + +.live-preview { + display: flex; + flex-direction: row; + justify-content: center; + gap: 1em; +} + +.live-preview div:first-of-type { + text-align: center; +} + +.live-thumbnail { + border-radius: 4px; +} + +.live-button { + margin: .2em; + padding: .4em .5em; + display: inline-block; + color: var(--primary); + border: 1px solid var(--primary); + border-radius: 4px; + transition: color .1s linear, background-color .1s linear, box-shadow .1s linear; +} + +.live-button:hover { + color: var(--background); + background-color: var(--primary); + box-shadow: 0 0 8px var(--primary); + text-decoration: none; +} + +.live-info { + display: flex; + flex-direction: column; + gap: .3em; + overflow-x: hidden; +} + +.live-game { + overflow: hidden; + text-wrap: nowrap; + text-overflow: ellipsis; +} + +.live-game .live-game-prefix { + opacity: .8; +} + +.live-title { + display: -webkit-box; + -webkit-line-clamp: 2; + -webkit-box-orient: vertical; + overflow: hidden; +} + +.live-viewers { + opacity: .5; +} diff --git a/view/index.go b/view/index.go new file mode 100644 index 0000000..995de44 --- /dev/null +++ b/view/index.go @@ -0,0 +1,45 @@ +package view + +import ( + "arimelody-web/controller" + "arimelody-web/model" + "arimelody-web/templates" + "fmt" + "net/http" + "os" +) + +func IndexHandler(app *model.AppState) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method == http.MethodHead { + w.WriteHeader(http.StatusOK) + return + } + + type IndexData struct { + TwitchStatus *model.TwitchStreamInfo + } + + var err error + var twitchStatus *model.TwitchStreamInfo = nil + if len(app.Config.Twitch.Broadcaster) > 0 { + twitchStatus, err = controller.GetTwitchStatus(app, app.Config.Twitch.Broadcaster) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to get Twitch status for %s: %v\n", app.Config.Twitch.Broadcaster, err) + } + } + + if r.URL.Path == "/" || r.URL.Path == "/index.html" { + err := templates.IndexTemplate.Execute(w, IndexData{ + TwitchStatus: twitchStatus, + }) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to render index page: %v\n", err) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) + } + return + } + + StaticHandler("public").ServeHTTP(w, r) + }) +} diff --git a/view/static.go b/view/static.go new file mode 100644 index 0000000..52263a2 --- /dev/null +++ b/view/static.go @@ -0,0 +1,31 @@ +package view + +import ( + "errors" + "net/http" + "os" + "path/filepath" +) + +func StaticHandler(directory string) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + info, err := os.Stat(filepath.Join(directory, filepath.Clean(r.URL.Path))) + + // does the file exist? + if err != nil { + if errors.Is(err, os.ErrNotExist) { + http.NotFound(w, r) + return + } + } + + // is thjs a directory? (forbidden) + if info.IsDir() { + http.NotFound(w, r) + return + } + + http.FileServer(http.Dir(directory)).ServeHTTP(w, r) + }) +} + diff --git a/views/index.html b/views/index.html index f639c55..98a862c 100644 --- a/views/index.html +++ b/views/index.html @@ -22,6 +22,23 @@ {{define "content"}}
      + {{if .TwitchStatus}} +
      +

      ari is LIVE right now!

      +
      +
      + livestream thumbnail + join in! +
      +
      +

      streaming: {{.TwitchStatus.GameName}}

      +

      {{.TwitchStatus.Title}}

      +

      {{.TwitchStatus.ViewerCount}} viewers

      +
      +
      +
      + {{end}} +

      # hello, world!

      From 581273370de2029c8258564ab2a180eea93f0a0d Mon Sep 17 00:00:00 2001 From: ari melody Date: Tue, 17 Jun 2025 02:01:06 +0100 Subject: [PATCH 58/63] improvements to LIVE tracker --- controller/twitch.go | 3 --- main.go | 8 +++++--- model/appstate.go | 4 ++-- public/style/index.css | 41 +++++++++++++++++++++++++++++++++++------ public/style/main.css | 1 + view/index.go | 2 +- views/index.html | 2 +- 7 files changed, 45 insertions(+), 16 deletions(-) diff --git a/controller/twitch.go b/controller/twitch.go index f7dc509..98d3b9a 100644 --- a/controller/twitch.go +++ b/controller/twitch.go @@ -4,7 +4,6 @@ import ( "arimelody-web/model" "bytes" "encoding/json" - "fmt" "net/http" "net/url" "time" @@ -63,8 +62,6 @@ func GetTwitchStatus(app *model.AppState, broadcaster string) (*model.TwitchStre return lastStreamState, nil } - fmt.Print("MAKING COSTLY REQUEST TO TWITCH.TV API...\n") - requestUrl, _ := url.Parse(TWITCH_API_BASE + "streams") requestUrl.RawQuery = url.Values{ "user_login": []string{ broadcaster }, diff --git a/main.go b/main.go index 8f37639..0234d79 100644 --- a/main.go +++ b/main.go @@ -460,9 +460,11 @@ func main() { // handle DB migrations controller.CheckDBVersionAndMigrate(app.DB) - err = controller.TwitchSetup(&app) - if err != nil { - fmt.Fprintf(os.Stderr, "WARN: Failed to set up Twitch integration: %v\n", err) + if app.Config.Twitch != nil { + err = controller.TwitchSetup(&app) + if err != nil { + fmt.Fprintf(os.Stderr, "WARN: Failed to set up Twitch integration: %v\n", err) + } } // initial invite code diff --git a/model/appstate.go b/model/appstate.go index 861a991..3a1c230 100644 --- a/model/appstate.go +++ b/model/appstate.go @@ -34,8 +34,8 @@ type ( DataDirectory string `toml:"data_dir"` TrustedProxies []string `toml:"trusted_proxies"` DB DBConfig `toml:"db"` - Discord DiscordConfig `toml:"discord"` - Twitch TwitchConfig `toml:"twitch"` + Discord *DiscordConfig `toml:"discord"` + Twitch *TwitchConfig `toml:"twitch"` } AppState struct { diff --git a/public/style/index.css b/public/style/index.css index f60fdb7..6efe241 100644 --- a/public/style/index.css +++ b/public/style/index.css @@ -231,11 +231,6 @@ div#web-buttons { box-shadow: 0 0 8px var(--primary); } -#live-banner h2 { - margin: 0 0 .4em 0; - color: var(--on-background); -} - #live-banner p { margin: 0; } @@ -252,7 +247,11 @@ div#web-buttons { } .live-preview div:first-of-type { - text-align: center; + display: flex; + flex-direction: column; + justify-content: space-between; + align-items: center; + gap: .3em; } .live-thumbnail { @@ -283,6 +282,36 @@ div#web-buttons { overflow-x: hidden; } +#live-banner h2 { + margin: 0; + color: var(--on-background); + font-family: 'Inter', sans-serif; + font-weight: 800; + font-style: italic; +} + +.live-pinger { + width: .5em; + height: .5em; + margin: .1em .2em; + display: inline-block; + border-radius: 100%; + background-color: var(--primary); + box-shadow: 0 0 4px var(--primary); + animation: live-pinger-pulse 1s infinite alternate ease-in-out; +} + +@keyframes live-pinger-pulse { + from { + opacity: .8; + transform: scale(1.0); + } + to { + opacity: 1; + transform: scale(1.1); + } +} + .live-game { overflow: hidden; text-wrap: nowrap; diff --git a/public/style/main.css b/public/style/main.css index 4e9e113..680ee2b 100644 --- a/public/style/main.css +++ b/public/style/main.css @@ -3,6 +3,7 @@ @import url("/style/footer.css"); @import url("/style/prideflag.css"); @import url("/style/cursor.css"); +@import url("/font/inter/inter.css"); @font-face { font-family: "Monaspace Argon"; diff --git a/view/index.go b/view/index.go index 995de44..b6e3891 100644 --- a/view/index.go +++ b/view/index.go @@ -22,7 +22,7 @@ func IndexHandler(app *model.AppState) http.Handler { var err error var twitchStatus *model.TwitchStreamInfo = nil - if len(app.Config.Twitch.Broadcaster) > 0 { + if app.Twitch != nil && len(app.Config.Twitch.Broadcaster) > 0 { twitchStatus, err = controller.GetTwitchStatus(app, app.Config.Twitch.Broadcaster) if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to get Twitch status for %s: %v\n", app.Config.Twitch.Broadcaster, err) diff --git a/views/index.html b/views/index.html index 98a862c..6985f6c 100644 --- a/views/index.html +++ b/views/index.html @@ -24,13 +24,13 @@
      {{if .TwitchStatus}}
      -

      ari is LIVE right now!

      +

      ari melody LIVE

      streaming: {{.TwitchStatus.GameName}}

      {{.TwitchStatus.Title}}

      {{.TwitchStatus.ViewerCount}} viewers

      From 375ae84ae33d352421dffcfbe44bbbdff32a3b11 Mon Sep 17 00:00:00 2001 From: ari melody Date: Sun, 22 Jun 2025 18:00:08 +0100 Subject: [PATCH 59/63] update some arimelody.me references to .space --- views/index.html | 30 ++++-------------------------- 1 file changed, 4 insertions(+), 26 deletions(-) diff --git a/views/index.html b/views/index.html index 6985f6c..37bd2a3 100644 --- a/views/index.html +++ b/views/index.html @@ -6,8 +6,8 @@ - - + + @@ -101,28 +101,6 @@

      where to find me 🛰️

      -
    • - +
      pride flag

      progressive pride flag widget for websites

      From 7a354cddf520e5673f347f911c2951401a53da35 Mon Sep 17 00:00:00 2001 From: ari melody Date: Sun, 22 Jun 2025 18:05:21 +0100 Subject: [PATCH 60/63] update some more links! --- views/index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/views/index.html b/views/index.html index 37bd2a3..0e09475 100644 --- a/views/index.html +++ b/views/index.html @@ -133,7 +133,7 @@
    • - + discord discord @@ -202,7 +202,7 @@
      - + ari melody web button From 05ab207a1f365d3a6c0742bda79431a2e3803742 Mon Sep 17 00:00:00 2001 From: ari melody Date: Sat, 5 Jul 2025 18:53:57 +0100 Subject: [PATCH 61/63] live banner: fix horizontal alignment --- public/style/index.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/public/style/index.css b/public/style/index.css index 6efe241..b970c17 100644 --- a/public/style/index.css +++ b/public/style/index.css @@ -242,7 +242,7 @@ div#web-buttons { .live-preview { display: flex; flex-direction: row; - justify-content: center; + justify-content: start; gap: 1em; } From 1896633fd18ebf4580e19a2810eb717d8b38e39a Mon Sep 17 00:00:00 2001 From: ari melody Date: Fri, 18 Jul 2025 23:38:01 +0100 Subject: [PATCH 62/63] clear expired sessions on server start why wasn't i doing this before?? :sob: --- controller/session.go | 4 ++++ main.go | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/controller/session.go b/controller/session.go index b037575..5028789 100644 --- a/controller/session.go +++ b/controller/session.go @@ -188,3 +188,7 @@ func DeleteSession(db *sqlx.DB, token string) error { return err } +func DeleteExpiredSessions(db *sqlx.DB) error { + _, err := db.Exec("DELETE FROM session WHERE expires_at Date: Fri, 1 Aug 2025 00:29:47 +0100 Subject: [PATCH 63/63] update web buttons --- public/img/buttons/girlonthemoon.png | Bin 0 -> 1556 bytes views/index.html | 3 +++ 2 files changed, 3 insertions(+) create mode 100644 public/img/buttons/girlonthemoon.png diff --git a/public/img/buttons/girlonthemoon.png b/public/img/buttons/girlonthemoon.png new file mode 100644 index 0000000000000000000000000000000000000000..4e98a12226a4ae1f958336c54d46413e5cdb5bee GIT binary patch literal 1556 zcmV+v2J88WP)EX>4Tx04R}tkv&MmKpe$iTeVUv3U&~2$k003MMWHI6^c+H)C#RSm|XfHG-*gu zTpR`0f`cE6RRe3JS*_Gq>z@3D;exij#C4jZNMQks5FtQD4I8MyLY!8O6cZWRPkQ)A9KT2|nOqxS z{&ffk#)9UXBXg+eHe!)YF00009a7bBm001r{001r{0eGc9b^rhX2XskI zMF;5y3lJ+H^yciE0000PbVXQnLvL+uWo~o;Lvm$dbY)~9cWHEJAV*0}P*;Ht7XSbQ z{z*hZRA}Dqnoo!uRUF4Z@6BYBm~3{Fb=B6gySA{d_>UrM3m!bQD0u2Y@fOyDhrJaK zMYbX+xQBu_p;+(_+M@>rp?DEg7Q3zpR)qzj(n7m6TQ}R?r1>+M84uae>Ez91CY!8D z%@+d6d-Hqm_xrx@d%xcsA`ZU(x6J@bEH6s7OYp`8gIuM(F?4{rtTtd%37ao|skKcm zfb6%BPt7JdHJc3lyIsuB*sSF(zP!4-4K90`y#E?Ym+vOG`p;ELYpdaph zH7)r1FB1>|7`N6~Kc59)^u+rlCZ7pUuu46R02+O&fK+|XvD`MQKKC{cN?a%Xavl#? zZrbDx;b;|YZG71cRk#CllhNygVhj)KO zbZhJN^6@c0W3ySb`S_yAce&=|Hk3Y~v>O|Zk{%u+9@V&Au5m3_qFgnb73^GDzho0M z8MPW?FOp`M_EOd67oFf&74^Bh?C|7Orw_$zD=K7{h(UKHojC4{b6SLXaF!|`Wx?R~Yd2+PK z(S4E+SCiyx0$r2g%Cv?eypEE4;mkg}+FUiv&)7UQ(P*pee4zS(&BZJ5$5y?kW`Qnk zp3RtilhZLw%l`~kk>>T=tKF|cXjMIUEtp>g5VoobB8s!CLirie1q;U_ytrR55r?ti z`htu`O)Sf1bE{fkrgwk1X@B~e*);H8yq{3b>xaF3XX5s)F?XYkb7H#$!}0p}l^geQ z?$-*rjj}(%-3Tfyp?gJk7{9)KTk`o&HI7aSo;aYPJKU(5@Xq&=OE)UPugZ&B0O|x!C*k3Q;L-a9(+^6f#s!+JCrEvu z$2Q-#?TGjB6r4U5ArZUN*AU5ER%<4>p(MAO+zRtjoR@vjey?X+&E`#E}Jytgb2brBg5{6DBL27mtRGX4b;&mcd6GW2Z#0000 isabel roses web button + + sweet like bubblegum web button +