package http import ( "fmt" "image/jpeg" "net/http" "strconv" "strings" "time" "git.arav.su/Arav/dwelling-home/pkg/mindflow" "git.arav.su/Arav/justcaptcha/pkg/captcha" "git.arav.su/Arav/justcaptcha/pkg/captcha/inmemdb" "git.arav.su/Arav/justcaptcha/pkg/dwcaptcha" "git.arav.su/Arav/justguestbook/guestbook" ) // Guestbook API /////////////////////////////////////////////////////////////// type GuestbookApiHandlers struct { Owner string PageSize int64 db guestbook.Guestbook } func NewGuestbookApiHandlers(owner string, pageSz int64, db guestbook.Guestbook) *GuestbookApiHandlers { return &GuestbookApiHandlers{Owner: owner, PageSize: pageSz, db: db} } func (h *GuestbookApiHandlers) New(w http.ResponseWriter, r *http.Request) { var entry *guestbook.Entry var err error if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { r.ParseForm() if !inmemdb.Solve(captcha.ID(r.FormValue("captcha_id")), captcha.Answer(r.FormValue("captcha_answer"))) { ForbiddenError("Wrong answer given.", "Here's your message:"+r.FormValue("message"), w) return } if r.FormValue("name") == "" { r.Form.Set("name", "Anonymous") } message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n") message = strings.ReplaceAll(message, "\n\r", "\n") message = strings.ReplaceAll(message, "\r", "\n") entry, err = guestbook.NewEntry(r.FormValue("name"), message, r.FormValue("website"), r.FormValue("hide_website") != "") if err != nil { InternalError(err.Error(), "Here's your message:"+r.FormValue("message"), w) return } } if err = h.db.NewEntry(entry); err != nil { InternalError(err.Error(), "Here's your message:"+r.FormValue("message"), w) return } http.Redirect(w, r, "/guestbook", http.StatusMovedPermanently) } func (h *GuestbookApiHandlers) Edit(w http.ResponseWriter, r *http.Request) { var entry *guestbook.Entry var err error if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { r.ParseForm() if r.FormValue("name") == "" { r.Form.Set("name", "Anonymous") } message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n") message = strings.ReplaceAll(message, "\n\r", "\n") message = strings.ReplaceAll(message, "\r", "\n") entry, err = guestbook.NewEntry(r.FormValue("name"), message, r.FormValue("website"), r.FormValue("hide_website") != "") if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } entry.ID, _ = strconv.ParseInt(GetURLParam(r, "id"), 10, 64) } if err = h.db.EditEntry(entry); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } func (h *GuestbookApiHandlers) Delete(w http.ResponseWriter, r *http.Request) { id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) if err := h.db.DeleteEntry(id); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } func (h *GuestbookApiHandlers) Reply(w http.ResponseWriter, r *http.Request) { var reply *guestbook.Reply var err error if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { r.ParseForm() id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n") message = strings.ReplaceAll(message, "\n\r", "\n") message = strings.ReplaceAll(message, "\r", "\n") reply, err = guestbook.NewReply(id, message) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } if err := h.db.NewReply(reply); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } func (h *GuestbookApiHandlers) EditReply(w http.ResponseWriter, r *http.Request) { var reply *guestbook.Reply var err error if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { r.ParseForm() id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n") message = strings.ReplaceAll(message, "\n\r", "\n") message = strings.ReplaceAll(message, "\r", "\n") reply, err = guestbook.NewReply(id, message) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } if err := h.db.EditReply(reply); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) } } func (h *GuestbookApiHandlers) DeleteReply(w http.ResponseWriter, r *http.Request) { id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) if err := h.db.DeleteReply(id); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) } } // CAPTCHA API ///////////////////////////////////////////////////////////////// type CaptchaApiHandlers struct { Expiry time.Duration } func NewCaptchaApiHandlers(expiry time.Duration) *CaptchaApiHandlers { inmemdb.SetExpiry(expiry) return &CaptchaApiHandlers{Expiry: expiry} } func (h *CaptchaApiHandlers) New(w http.ResponseWriter, r *http.Request) { dwc := dwcaptcha.NewDwellingCaptcha(h.Expiry) _, id := inmemdb.New(r.RemoteAddr, dwc) w.WriteHeader(http.StatusCreated) fmt.Fprint(w, id) } func (h *CaptchaApiHandlers) Solve(w http.ResponseWriter, r *http.Request) { captchaID := captcha.ID(GetURLParam(r, "id")) if r.URL.Query().Has("remove") { inmemdb.Remove(captchaID) w.WriteHeader(http.StatusNoContent) return } if solved := inmemdb.IsSolved(captchaID); !solved { http.Error(w, "wrong answer", http.StatusForbidden) return } w.WriteHeader(http.StatusNoContent) } func (h *CaptchaApiHandlers) Image(w http.ResponseWriter, r *http.Request) { id := captcha.ID(GetURLParam(r, "id")) image := inmemdb.Image(id, r.URL.Query().Get("style")) if image == nil { http.Error(w, "image not found", http.StatusNotFound) return } w.Header().Add("Content-Disposition", "inline; filename=\""+string(id)+"\"") jpeg.Encode(w, *image, &jpeg.Options{Quality: 20}) } // Mindflow API //////////////////////////////////////////////////////////////// type MindflowApiHandlers struct { db mindflow.Mindflow } func NewMindflowApiHandlers(db mindflow.Mindflow) *MindflowApiHandlers { return &MindflowApiHandlers{db: db} } func (h *MindflowApiHandlers) New(w http.ResponseWriter, r *http.Request) { var post *mindflow.Post var err error if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { r.ParseForm() category_id, _ := strconv.ParseInt(r.FormValue("category"), 10, 64) if category_id == 0 { category_id, err = h.db.NewCategory(r.FormValue("new-category")) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } post, err = mindflow.NewPost(mindflow.Category{ID: category_id}, r.FormValue("title"), r.FormValue("body")) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } if err = h.db.New(post); err != nil { InternalError(err.Error(), "Title: "+r.FormValue("title")+" | Body: "+r.FormValue("body"), w) return } http.Redirect(w, r, "/mindflow/admin", http.StatusMovedPermanently) } func (h *MindflowApiHandlers) Edit(w http.ResponseWriter, r *http.Request) { } func (h *MindflowApiHandlers) Delete(w http.ResponseWriter, r *http.Request) { }