server

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 4, 2024 License: AGPL-3.0 Imports: 42 Imported by: 0

Documentation

Overview

Simple cookie and password based logins. See Init for required schema.

Index

Constants

View Source
const PageSize int = 50

Changing this will break existing URLs

View Source
const SoftwareVersion = "0.1.0"

Variables

View Source
var DBPath = "fishbb.db"
View Source
var Port = ":8080"

non user-configurable config

View Source
var SingleInstance = false

TODO -- start gating features on self hosted or not

Functions

func Admin

func Admin(handler http.Handler) http.Handler

func CSRFWrap

func CSRFWrap(handler http.Handler) http.Handler

Wrap a handler with CSRF checking.

func CSRFWrapFunc

func CSRFWrapFunc(fn http.HandlerFunc) http.Handler

func ChangePassword

func ChangePassword(w http.ResponseWriter, r *http.Request) error

Change password helper. Requires oldpass and newpass form values. Requires logout csrf token.

func ChangePostToHiddenMethod

func ChangePostToHiddenMethod(next http.Handler) http.Handler

ChangePostToHiddenMethod looks for the _hidden attribute of forms so that we can use DELETE and PUT in <form> submissions. This is, of course, a non-standard "hack"

func CheckCSRF

func CheckCSRF(r *http.Request) bool

Checks that CSRF value is correct.

func Checker

func Checker(handler http.Handler) http.Handler

Check for auth cookie. Allows failure.

func GenerateRandomString

func GenerateRandomString(n int) (string, error)

GenerateRandomString returns a securely generated random string. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.

func GetCSRF

func GetCSRF(r *http.Request) string

Get a CSRF token

func GetConfigValue

func GetConfigValue(key string) (string, error)

func GetCookieValue

func GetCookieValue(r *http.Request, name string) (string, error)

GetCookieValue gets a velue stored in a cookie

func GetFlash

func GetFlash(w http.ResponseWriter, r *http.Request, name string) (string, error)

GetFlash gets a cookie value and resets it

func KeyByUserID

func KeyByUserID(r *http.Request) (string, error)

func LimitByRealIP

func LimitByRealIP(requestLimit int, windowLength time.Duration) func(next http.Handler) http.Handler

func LimitByUser

func LimitByUser(requestLimit int, windowLength time.Duration) func(next http.Handler) http.Handler

func LoginFunc

func LoginFunc(w http.ResponseWriter, r *http.Request)

Default handler for /dologin Requires username and password form values. Redirects to / on success and /login on failure.

func LoginInit

func LoginInit(args LoginInitArgs)

Init. Must be called with the database. Requires a users table with (id, username, hash) columns and a auth table with (userid, hash, expiry) columns. Requires a config table with (key, value) ('csrfkey', some secret).

func LogoutFunc

func LogoutFunc(w http.ResponseWriter, r *http.Request)

Handler for /dologout route.

func Mod

func Mod(handler http.Handler) http.Handler

Minimum level of mod (mod or admin)

func NewTOTP

func NewTOTP(username string) error

func PrepareStatements

func PrepareStatements(db *sql.DB)

func Required

func Required(handler http.Handler) http.Handler

Check for auth cookie. On failure redirects to /login. Must already be wrapped in Checker.

func Roles

func Roles(handler http.Handler, roles []Role) http.Handler

Only accessible to certain roles

func SaveConfig

func SaveConfig(c Config) error

func SendEmail

func SendEmail()

func Serve

func Serve()

func SetCookieValue

func SetCookieValue(w http.ResponseWriter, name string, value string)

SetCookieValue is used to store some arbitrary value in a cookie

func SetLoginCookie

func SetLoginCookie()

func SetPassword

func SetPassword(userid int, newpass string) error

func SetupGoogleOAuth

func SetupGoogleOAuth()

func TokenRequired

func TokenRequired(handler http.Handler) http.Handler

Check that the form value "token" is valid auth token

func UpdateConfig

func UpdateConfig(key string, value any) error

Types

type Config

type Config struct {
	// Whether new signups require admin approval before users can post
	RequiresApproval bool
	// The title of the bulletin board (NOT CONFIGURABLE)
	BoardName string
	// The description of the bulletin board
	BoardDescription string

	// optional (for oauth)
	Domain                  string // todo not exactly
	GoogleOAuthClientID     string
	GoogleOAuthClientSecret string

	// optional (but required for email sending)
	SMTPUsername string
	SMTPPassword string
}

most of these don't work yet

func DefaultConfig

func DefaultConfig() Config

func GetConfig

func GetConfig() (Config, error)

get all config values TODO cleanup

type Forum

type Forum struct {
	ID          int
	Name        string
	Description string
	Slug        string
	// lowest level that can view this for
	ReadPermissions  Role
	WritePermissions Role
	LastPost         Post
	ThreadCount      int
}

type LoginInitArgs

type LoginInitArgs struct {
	Db             *sql.DB
	Insecure       bool
	SameSiteStrict bool
	SafariWorks    bool
}

type Notification

type Notification struct {
	ID      int
	Message string
	Created time.Time
}

type Post

type Post struct {
	ID      int
	Content string // TODO markdown
	Author  User
	// TODO less ad-hoc
	ThreadID        string
	ThreadTitle     string
	ThreadPostCount int
	Created         time.Time
	Edited          *time.Time
}

func (Post) BuildReply

func (p Post) BuildReply() string

func (Post) Preview

func (p Post) Preview() string

unused atm

func (Post) Render

func (p Post) Render() template.HTML

func (Post) Slug

func (p Post) Slug() string

This does an inefficient db call for now TODO make it work with joins

type Role

type Role string
var RoleAdmin Role = "admin"

Roles are hierarchical, admins can do everything mods can, and so on

var RoleInactive Role = "inactive"
var RoleMod Role = "mod"
var RoleNone Role = ""

Logged out, non-user

var RoleUser Role = "user"

func (Role) Can

func (r Role) Can(req Role) bool

type SharedConfig

type SharedConfig struct {
}

in multi-instance, config values that are shared by the cluster TODO

type Thread

type Thread struct {
	ID      int
	ForumID int
	Title   string
	Author  User
	Created time.Time
	Pinned  bool
	Locked  bool
	Latest  Post
	Replies int
}

type User

type User struct {
	ID       int
	Username string
	Email    string
	// Whether the user wishes to display email publicly
	EmailPublic bool
	// TODO fix null schema
	Role    Role
	About   string
	Website string
	Created time.Time
	Posts   int // TODO perf
}

type UserInfo

type UserInfo struct {
	UserID   int
	Username string
	Role     Role
}

func GetUserInfo

func GetUserInfo(r *http.Request) *UserInfo

Get UserInfo for this request, if any.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL