server

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 4, 2024 License: AGPL-3.0 Imports: 42 Imported by: 0

Documentation

Overview

Simple cookie and password based logins. See Init for required schema.

Index

Constants

View Source 
const PageSize int = 50

Changing this will break existing URLs

View Source 
const SoftwareVersion = "0.1.0"

Variables

View Source 
var DBPath = "fishbb.db"
View Source 
var Port = ":8080"

non user-configurable config

View Source 
var SingleInstance = false

TODO -- start gating features on self hosted or not

Functions

func Admin 

func Admin(handler http.Handler) http.Handler

func CSRFWrap 

func CSRFWrap(handler http.Handler) http.Handler

Wrap a handler with CSRF checking.

func CSRFWrapFunc 

func CSRFWrapFunc(fn http.HandlerFunc) http.Handler

func ChangePassword 

func ChangePassword(w http.ResponseWriter, r *http.Request) error

Change password helper. Requires oldpass and newpass form values. Requires logout csrf token.

func ChangePostToHiddenMethod 

func ChangePostToHiddenMethod(next http.Handler) http.Handler

ChangePostToHiddenMethod looks for the _hidden attribute of forms so that we can use DELETE and PUT in <form> submissions. This is, of course, a non-standard "hack"

func CheckCSRF 

func CheckCSRF(r *http.Request) bool

Checks that CSRF value is correct.

func Checker 

func Checker(handler http.Handler) http.Handler

Check for auth cookie. Allows failure.

func GenerateRandomString 

func GenerateRandomString(n int) (string, error)

GenerateRandomString returns a securely generated random string. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.

func GetCSRF 

func GetCSRF(r *http.Request) string

Get a CSRF token

func GetConfigValue 

func GetConfigValue(key string) (string, error)

func GetCookieValue 

func GetCookieValue(r *http.Request, name string) (string, error)

GetCookieValue gets a velue stored in a cookie

func GetFlash 

func GetFlash(w http.ResponseWriter, r *http.Request, name string) (string, error)

GetFlash gets a cookie value and resets it

func KeyByUserID 

func KeyByUserID(r *http.Request) (string, error)

func LimitByRealIP 

func LimitByRealIP(requestLimit int, windowLength time.Duration) func(next http.Handler) http.Handler

func LimitByUser 

func LimitByUser(requestLimit int, windowLength time.Duration) func(next http.Handler) http.Handler

func LoginFunc 

func LoginFunc(w http.ResponseWriter, r *http.Request)

Default handler for /dologin Requires username and password form values. Redirects to / on success and /login on failure.

func LoginInit 

func LoginInit(args LoginInitArgs)

Init. Must be called with the database. Requires a users table with (id, username, hash) columns and a auth table with (userid, hash, expiry) columns. Requires a config table with (key, value) ('csrfkey', some secret).

func LogoutFunc 

func LogoutFunc(w http.ResponseWriter, r *http.Request)

Handler for /dologout route.

func Mod 

func Mod(handler http.Handler) http.Handler

Minimum level of mod (mod or admin)

func NewTOTP 

func NewTOTP(username string) error

func PrepareStatements 

func PrepareStatements(db *sql.DB)

func Required 

func Required(handler http.Handler) http.Handler

Check for auth cookie. On failure redirects to /login. Must already be wrapped in Checker.

func Roles 

func Roles(handler http.Handler, roles []Role) http.Handler

Only accessible to certain roles

func SaveConfig 

func SaveConfig(c Config) error

func SendEmail 

func SendEmail()

func Serve 

func Serve()

func SetCookieValue 

func SetCookieValue(w http.ResponseWriter, name string, value string)

SetCookieValue is used to store some arbitrary value in a cookie

func SetLoginCookie 

func SetLoginCookie()

func SetPassword 

func SetPassword(userid int, newpass string) error

func SetupGoogleOAuth 

func SetupGoogleOAuth()

func TokenRequired 

func TokenRequired(handler http.Handler) http.Handler

Check that the form value "token" is valid auth token

func UpdateConfig 

func UpdateConfig(key string, value any) error

Types

type Config 

type Config struct {
	// Whether new signups require admin approval before users can post
	RequiresApproval bool
	// The title of the bulletin board (NOT CONFIGURABLE)
	BoardName string
	// The description of the bulletin board
	BoardDescription string

	// optional (for oauth)
	Domain                  string // todo not exactly
	GoogleOAuthClientID     string
	GoogleOAuthClientSecret string

	// optional (but required for email sending)
	SMTPUsername string
	SMTPPassword string
}

most of these don't work yet

func DefaultConfig 

func DefaultConfig() Config

func GetConfig 

func GetConfig() (Config, error)

get all config values TODO cleanup

type Forum 

type Forum struct {
	ID          int
	Name        string
	Description string
	Slug        string
	// lowest level that can view this for
	ReadPermissions  Role
	WritePermissions Role
	LastPost         Post
	ThreadCount      int
}

type LoginInitArgs 

type LoginInitArgs struct {
	Db             *sql.DB
	Insecure       bool
	SameSiteStrict bool
	SafariWorks    bool
}

type Notification 

type Notification struct {
	ID      int
	Message string
	Created time.Time
}

type Post 

type Post struct {
	ID      int
	Content string // TODO markdown
	Author  User
	// TODO less ad-hoc
	ThreadID        string
	ThreadTitle     string
	ThreadPostCount int
	Created         time.Time
	Edited          *time.Time
}

func (Post) BuildReply 

func (p Post) BuildReply() string

func (Post) Preview 

func (p Post) Preview() string

unused atm

func (Post) Render 

func (p Post) Render() template.HTML

func (Post) Slug 

func (p Post) Slug() string

This does an inefficient db call for now TODO make it work with joins

type Role 

type Role string
var RoleAdmin Role = "admin"

Roles are hierarchical, admins can do everything mods can, and so on 

var RoleInactive Role = "inactive"
var RoleMod Role = "mod"
var RoleNone Role = ""

Logged out, non-user 

var RoleUser Role = "user"

func (Role) Can 

func (r Role) Can(req Role) bool

type SharedConfig 

type SharedConfig struct {
}

in multi-instance, config values that are shared by the cluster TODO

type Thread 

type Thread struct {
	ID      int
	ForumID int
	Title   string
	Author  User
	Created time.Time
	Pinned  bool
	Locked  bool
	Latest  Post
	Replies int
}

type User 

type User struct {
	ID       int
	Username string
	Email    string
	// Whether the user wishes to display email publicly
	EmailPublic bool
	// TODO fix null schema
	Role    Role
	About   string
	Website string
	Created time.Time
	Posts   int // TODO perf
}

type UserInfo 

type UserInfo struct {
	UserID   int
	Username string
	Role     Role
}

func GetUserInfo 

func GetUserInfo(r *http.Request) *UserInfo

Get UserInfo for this request, if any.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.