From 5717faed659a9eeb86c528ab56822c42eca1ad3f Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Tue, 12 Aug 2025 11:01:07 +0800 Subject: Refactor --- forged/internal/incoming/web/handlers/group.go | 92 +++++++++++++++++ forged/internal/incoming/web/handlers/index.go | 40 +++++++ .../incoming/web/handlers/not_implemented.go | 22 ++++ .../internal/incoming/web/handlers/repo/handler.go | 15 +++ .../internal/incoming/web/handlers/repo/index.go | 20 ++++ forged/internal/incoming/web/handlers/repo/raw.go | 19 ++++ forged/internal/incoming/web/handlers/repo/tree.go | 19 ++++ .../incoming/web/handlers/special/login.go | 115 +++++++++++++++++++++ 8 files changed, 342 insertions(+) create mode 100644 forged/internal/incoming/web/handlers/group.go create mode 100644 forged/internal/incoming/web/handlers/index.go create mode 100644 forged/internal/incoming/web/handlers/not_implemented.go create mode 100644 forged/internal/incoming/web/handlers/repo/handler.go create mode 100644 forged/internal/incoming/web/handlers/repo/index.go create mode 100644 forged/internal/incoming/web/handlers/repo/raw.go create mode 100644 forged/internal/incoming/web/handlers/repo/tree.go create mode 100644 forged/internal/incoming/web/handlers/special/login.go (limited to 'forged/internal/incoming/web/handlers') diff --git a/forged/internal/incoming/web/handlers/group.go b/forged/internal/incoming/web/handlers/group.go new file mode 100644 index 0000000..3201491 --- /dev/null +++ b/forged/internal/incoming/web/handlers/group.go @@ -0,0 +1,92 @@ +package handlers + +import ( + "log/slog" + "net/http" + "strconv" + + "go.lindenii.runxiyu.org/forge/forged/internal/database/queries" + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/templates" + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +type GroupHTTP struct { + r templates.Renderer +} + +func NewGroupHTTP(r templates.Renderer) *GroupHTTP { + return &GroupHTTP{ + r: r, + } +} + +func (h *GroupHTTP) Index(w http.ResponseWriter, r *http.Request, _ wtypes.Vars) { + base := wtypes.Base(r) + userID, err := strconv.ParseInt(base.UserID, 10, 64) + if err != nil { + userID = 0 + } + + queryParams := queries.GetGroupByPathParams{ + Column1: base.URLSegments, + UserID: userID, + } + p, err := base.Queries.GetGroupByPath(r.Context(), queryParams) + if err != nil { + slog.Error("failed to get group ID by path", "error", err) + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + return + } + subgroups, err := base.Queries.GetSubgroups(r.Context(), &p.ID) + if err != nil { + slog.Error("failed to get subgroups", "error", err) + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + // TODO: gracefully fail this part of the page + } + repos, err := base.Queries.GetReposInGroup(r.Context(), p.ID) + if err != nil { + slog.Error("failed to get repos in group", "error", err) + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + // TODO: gracefully fail this part of the page + } + err = h.r.Render(w, "group", struct { + BaseData *wtypes.BaseData + Subgroups []queries.GetSubgroupsRow + Repos []queries.GetReposInGroupRow + Description string + DirectAccess bool + }{ + BaseData: base, + Subgroups: subgroups, + Repos: repos, + Description: p.Description, + DirectAccess: p.HasRole, + }) + if err != nil { + slog.Error("failed to render index page", "error", err) + } +} + +func (h *GroupHTTP) Post(w http.ResponseWriter, r *http.Request, _ wtypes.Vars) { + base := wtypes.Base(r) + userID, err := strconv.ParseInt(base.UserID, 10, 64) + if err != nil { + userID = 0 + } + + queryParams := queries.GetGroupByPathParams{ + Column1: base.URLSegments, + UserID: userID, + } + p, err := base.Queries.GetGroupByPath(r.Context(), queryParams) + if err != nil { + slog.Error("failed to get group ID by path", "error", err) + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + return + } + + if !p.HasRole { + http.Error(w, "You do not have the necessary permissions to create repositories in this group.", http.StatusForbidden) + return + } +} diff --git a/forged/internal/incoming/web/handlers/index.go b/forged/internal/incoming/web/handlers/index.go new file mode 100644 index 0000000..22e6201 --- /dev/null +++ b/forged/internal/incoming/web/handlers/index.go @@ -0,0 +1,40 @@ +package handlers + +import ( + "log" + "net/http" + + "go.lindenii.runxiyu.org/forge/forged/internal/database/queries" + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/templates" + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +type IndexHTTP struct { + r templates.Renderer +} + +func NewIndexHTTP(r templates.Renderer) *IndexHTTP { + return &IndexHTTP{ + r: r, + } +} + +func (h *IndexHTTP) Index(w http.ResponseWriter, r *http.Request, _ wtypes.Vars) { + groups, err := types.Base(r).Queries.GetRootGroups(r.Context()) + if err != nil { + http.Error(w, "failed to get root groups", http.StatusInternalServerError) + log.Println("failed to get root groups", "error", err) + return + } + err = h.r.Render(w, "index", struct { + BaseData *types.BaseData + Groups []queries.GetRootGroupsRow + }{ + BaseData: types.Base(r), + Groups: groups, + }) + if err != nil { + log.Println("failed to render index page", "error", err) + } +} diff --git a/forged/internal/incoming/web/handlers/not_implemented.go b/forged/internal/incoming/web/handlers/not_implemented.go new file mode 100644 index 0000000..6813c88 --- /dev/null +++ b/forged/internal/incoming/web/handlers/not_implemented.go @@ -0,0 +1,22 @@ +package handlers + +import ( + "net/http" + + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/templates" + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +type NotImplementedHTTP struct { + r templates.Renderer +} + +func NewNotImplementedHTTP(r templates.Renderer) *NotImplementedHTTP { + return &NotImplementedHTTP{ + r: r, + } +} + +func (h *NotImplementedHTTP) Handle(w http.ResponseWriter, _ *http.Request, _ wtypes.Vars) { + http.Error(w, "not implemented", http.StatusNotImplemented) +} diff --git a/forged/internal/incoming/web/handlers/repo/handler.go b/forged/internal/incoming/web/handlers/repo/handler.go new file mode 100644 index 0000000..2881d7d --- /dev/null +++ b/forged/internal/incoming/web/handlers/repo/handler.go @@ -0,0 +1,15 @@ +package repo + +import ( + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/templates" +) + +type HTTP struct { + r templates.Renderer +} + +func NewHTTP(r templates.Renderer) *HTTP { + return &HTTP{ + r: r, + } +} diff --git a/forged/internal/incoming/web/handlers/repo/index.go b/forged/internal/incoming/web/handlers/repo/index.go new file mode 100644 index 0000000..1a804b2 --- /dev/null +++ b/forged/internal/incoming/web/handlers/repo/index.go @@ -0,0 +1,20 @@ +package repo + +import ( + "net/http" + "strings" + + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +func (h *HTTP) Index(w http.ResponseWriter, r *http.Request, v wtypes.Vars) { + base := wtypes.Base(r) + repo := v["repo"] + _ = h.r.Render(w, "repo/index.html", struct { + Group string + Repo string + }{ + Group: "/" + strings.Join(base.GroupPath, "/") + "/", + Repo: repo, + }) +} diff --git a/forged/internal/incoming/web/handlers/repo/raw.go b/forged/internal/incoming/web/handlers/repo/raw.go new file mode 100644 index 0000000..e421f45 --- /dev/null +++ b/forged/internal/incoming/web/handlers/repo/raw.go @@ -0,0 +1,19 @@ +package repo + +import ( + "fmt" + "net/http" + "strings" + + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +func (h *HTTP) Raw(w http.ResponseWriter, r *http.Request, v wtypes.Vars) { + base := wtypes.Base(r) + repo := v["repo"] + rest := v["rest"] + if base.DirMode && rest != "" && !strings.HasSuffix(rest, "/") { + rest += "/" + } + _, _ = w.Write([]byte(fmt.Sprintf("raw: repo=%q path=%q", repo, rest))) +} diff --git a/forged/internal/incoming/web/handlers/repo/tree.go b/forged/internal/incoming/web/handlers/repo/tree.go new file mode 100644 index 0000000..3432244 --- /dev/null +++ b/forged/internal/incoming/web/handlers/repo/tree.go @@ -0,0 +1,19 @@ +package repo + +import ( + "fmt" + "net/http" + "strings" + + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +func (h *HTTP) Tree(w http.ResponseWriter, r *http.Request, v wtypes.Vars) { + base := wtypes.Base(r) + repo := v["repo"] + rest := v["rest"] // may be "" + if base.DirMode && rest != "" && !strings.HasSuffix(rest, "/") { + rest += "/" + } + _, _ = w.Write([]byte(fmt.Sprintf("tree: repo=%q path=%q", repo, rest))) +} diff --git a/forged/internal/incoming/web/handlers/special/login.go b/forged/internal/incoming/web/handlers/special/login.go new file mode 100644 index 0000000..0287c47 --- /dev/null +++ b/forged/internal/incoming/web/handlers/special/login.go @@ -0,0 +1,115 @@ +package handlers + +import ( + "crypto/rand" + "crypto/sha256" + "errors" + "log" + "net/http" + "time" + + "github.com/jackc/pgx/v5" + "github.com/jackc/pgx/v5/pgtype" + "go.lindenii.runxiyu.org/forge/forged/internal/common/argon2id" + "go.lindenii.runxiyu.org/forge/forged/internal/common/misc" + "go.lindenii.runxiyu.org/forge/forged/internal/database/queries" + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/templates" + "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" + wtypes "go.lindenii.runxiyu.org/forge/forged/internal/incoming/web/types" +) + +type LoginHTTP struct { + r templates.Renderer + cookieExpiry int +} + +func NewLoginHTTP(r templates.Renderer, cookieExpiry int) *LoginHTTP { + return &LoginHTTP{ + r: r, + cookieExpiry: cookieExpiry, + } +} + +func (h *LoginHTTP) Login(w http.ResponseWriter, r *http.Request, _ wtypes.Vars) { + renderLoginPage := func(loginError string) bool { + err := h.r.Render(w, "login", struct { + BaseData *types.BaseData + LoginError string + }{ + BaseData: types.Base(r), + LoginError: loginError, + }) + if err != nil { + log.Println("failed to render login page", "error", err) + http.Error(w, "Failed to render login page", http.StatusInternalServerError) + return true + } + return false + } + + if r.Method == http.MethodGet { + renderLoginPage("") + return + } + + username := r.PostFormValue("username") + password := r.PostFormValue("password") + + userCreds, err := types.Base(r).Queries.GetUserCreds(r.Context(), &username) + if err != nil { + if errors.Is(err, pgx.ErrNoRows) { + renderLoginPage("User not found") + return + } + log.Println("failed to get user credentials", "error", err) + http.Error(w, "Failed to get user credentials", http.StatusInternalServerError) + return + } + + if userCreds.PasswordHash == "" { + renderLoginPage("No password set for this user") + return + } + + passwordMatches, err := argon2id.ComparePasswordAndHash(password, userCreds.PasswordHash) + if err != nil { + log.Println("failed to compare password and hash", "error", err) + http.Error(w, "Failed to verify password", http.StatusInternalServerError) + return + } + + if !passwordMatches { + renderLoginPage("Invalid password") + return + } + + cookieValue := rand.Text() + + now := time.Now() + expiry := now.Add(time.Duration(h.cookieExpiry) * time.Second) + + cookie := &http.Cookie{ + Name: "session", + Value: cookieValue, + SameSite: http.SameSiteLaxMode, + HttpOnly: true, + Secure: false, // TODO + Expires: expiry, + Path: "/", + } //exhaustruct:ignore + + http.SetCookie(w, cookie) + + tokenHash := sha256.Sum256(misc.StringToBytes(cookieValue)) + + err = types.Base(r).Queries.InsertSession(r.Context(), queries.InsertSessionParams{ + UserID: userCreds.ID, + TokenHash: tokenHash[:], + ExpiresAt: pgtype.Timestamptz{ + Time: expiry, + Valid: true, + }, + }) + + http.Redirect(w, r, "/", http.StatusSeeOther) +} -- cgit v1.2.3