aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFelix Hanley <felix@userspace.com.au>2020-02-28 06:18:40 +0000
committerFelix Hanley <felix@userspace.com.au>2020-02-28 06:18:40 +0000
commit1fbf1e1e1edc16e9a08fdb0d2012ca10f695f7ca (patch)
treed2c260fbffdc9da6202ef70de468476b371d04fd
parent71f16081700ccdae5442aa2abf969012a999c774 (diff)
downloadsws-1fbf1e1e1edc16e9a08fdb0d2012ca10f695f7ca.tar.gz
sws-1fbf1e1e1edc16e9a08fdb0d2012ca10f695f7ca.tar.bz2
Fix template clobbering
-rw-r--r--cmd/server/auth.go32
-rw-r--r--cmd/server/handlers.go4
-rw-r--r--cmd/server/helpers.go9
-rw-r--r--cmd/server/hits.go5
-rw-r--r--cmd/server/main.go77
-rw-r--r--cmd/server/sites.go2
-rw-r--r--templates/home.tmpl1
-rw-r--r--templates/login.tmpl3
-rw-r--r--templates/navbar.tmpl2
-rw-r--r--templates/site.tmpl6
10 files changed, 72 insertions, 69 deletions
diff --git a/cmd/server/auth.go b/cmd/server/auth.go
index 642eb7c..ed0c75f 100644
--- a/cmd/server/auth.go
+++ b/cmd/server/auth.go
@@ -9,7 +9,12 @@ import (
"src.userspace.com.au/sws"
)
-func handleAuth(db sws.UserStore, rndr Renderer) http.HandlerFunc {
+const (
+ loginURL = "/login"
+ logoutURL = "/logout"
+)
+
+func handleLogin(db sws.UserStore, rndr Renderer) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
email := r.PostFormValue("email")
password := r.PostFormValue("password")
@@ -72,8 +77,33 @@ func handleAuth(db sws.UserStore, rndr Renderer) http.HandlerFunc {
if returnPath := qs.Get("return_to"); returnPath != "" {
qs.Del("return_to")
r.URL.RawQuery = qs.Encode()
+ debug("redirecting to", returnPath)
http.Redirect(w, r, flashURL(r, returnPath), http.StatusSeeOther)
}
http.Redirect(w, r, flashURL(r, "/sites"), http.StatusSeeOther)
}
}
+
+func handleLogout(rndr Renderer) http.HandlerFunc {
+ return func(w http.ResponseWriter, r *http.Request) {
+ http.SetCookie(w, &http.Cookie{
+ Name: "jwt",
+ Value: "",
+ HttpOnly: true,
+ Path: "/",
+ //Secure: true,
+ Expires: time.Time{},
+ })
+ r = flashSet(r, flashSuccess, "de-authenticated successfully")
+ http.Redirect(w, r, flashURL(r, "/"), http.StatusSeeOther)
+ }
+}
+
+func authRedirect(w http.ResponseWriter, r *http.Request, msg string) {
+ flashSet(r, flashError, msg)
+ log(msg)
+ qs := r.URL.Query()
+ qs.Set("return_to", r.URL.Path)
+ r.URL.RawQuery = qs.Encode()
+ http.Redirect(w, r, flashURL(r, loginURL), http.StatusSeeOther)
+}
diff --git a/cmd/server/handlers.go b/cmd/server/handlers.go
index 603f7e9..e5ab385 100644
--- a/cmd/server/handlers.go
+++ b/cmd/server/handlers.go
@@ -14,7 +14,7 @@ type templateData struct {
End *time.Time
Site *sws.Site
Sites []*sws.Site
- Pages *sws.PageSet
+ PageSet *sws.PageSet
Browsers *sws.BrowserSet
Hits *sws.HitSet
}
@@ -29,7 +29,6 @@ func newTemplateData(r *http.Request) *templateData {
func handleIndex(rndr Renderer) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "text/html")
payload := newTemplateData(r)
if err := rndr.Render(w, "home", payload); err != nil {
log(err)
@@ -40,7 +39,6 @@ func handleIndex(rndr Renderer) http.HandlerFunc {
func handleExample(rndr Renderer) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "text/html")
if err := rndr.Render(w, "example", nil); err != nil {
log(err)
http.Error(w, http.StatusText(500), 500)
diff --git a/cmd/server/helpers.go b/cmd/server/helpers.go
index a91744d..d17fa43 100644
--- a/cmd/server/helpers.go
+++ b/cmd/server/helpers.go
@@ -43,15 +43,6 @@ func httpError(w http.ResponseWriter, code int, msg string) {
http.Error(w, http.StatusText(code), code)
}
-func authRedirect(w http.ResponseWriter, r *http.Request, msg string) {
- flashSet(r, flashError, msg)
- log(msg)
- qs := r.URL.Query()
- qs.Set("return_to", r.URL.Path)
- r.URL.RawQuery = qs.Encode()
- http.Redirect(w, r, flashURL(r, "/login"), http.StatusSeeOther)
-}
-
func extractTimeRange(r *http.Request) (*time.Time, *time.Time) {
begin := timePtr(time.Now().Truncate(time.Hour).Add(-168 * time.Hour))
end := timePtr(time.Now())
diff --git a/cmd/server/hits.go b/cmd/server/hits.go
index 8c0d703..af06757 100644
--- a/cmd/server/hits.go
+++ b/cmd/server/hits.go
@@ -13,7 +13,10 @@ import (
"src.userspace.com.au/sws"
)
-const gif = "R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"
+const (
+ endpoint = "//stats.userspace.com.au/sws.gif"
+ gif = "R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"
+)
func handleHits(db sws.HitStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
diff --git a/cmd/server/main.go b/cmd/server/main.go
index d220a03..fc9515c 100644
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@@ -29,12 +29,6 @@ var (
tokenAuth *jwtauth.JWTAuth
)
-const (
- endpoint = "//stats.userspace.com.au/sws.gif"
- loginURL = "/login"
- logoutURL = "/logout"
-)
-
// Flags
var (
verbose *bool
@@ -113,17 +107,18 @@ func main() {
tmplsPublic := append(tmplsCommon, "layouts/public.tmpl")
tmpls, err := LoadHTMLTemplateMap(map[string][]string{
- "sites": append(tmplsAuthed, "sites.tmpl"),
- "site": append(tmplsAuthed, "site.tmpl"),
- "home": append(tmplsPublic, "home.tmpl"),
- "login": append(tmplsPublic, "login.tmpl"),
+ "sites": append([]string{"sites.tmpl"}, tmplsAuthed...),
+ "site": append([]string{"site.tmpl"}, tmplsAuthed...),
+ "home": append([]string{"home.tmpl"}, tmplsPublic...),
+ "login": append([]string{"login.tmpl"}, tmplsPublic...),
"example": []string{"example.tmpl"},
}, funcMap)
if err != nil {
log(err)
os.Exit(1)
}
- //debug(tmpls.DefinedTemplates())
+ debug(tmpls["login"].DefinedTemplates())
+ debug(tmpls["home"].DefinedTemplates())
renderer := templates.NewRenderer(tmpls)
r := chi.NewRouter()
@@ -147,22 +142,32 @@ func main() {
// For UI
r.Get("/hits", handleHits(st))
+ // Public routes
+ r.Get("/", handleIndex(renderer))
+ r.Get(loginURL, func(w http.ResponseWriter, r *http.Request) {
+ payload := newTemplateData(r)
+ if err := renderer.Render(w, "login", payload); err != nil {
+ httpError(w, 500, err.Error())
+ return
+ }
+ return
+ })
+
+ r.Post(loginURL, handleLogin(st, renderer))
+
+ r.Get("/*", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ p := strings.TrimPrefix(r.URL.Path, "/")
+ if b, err := StaticLoadTemplate(p); err == nil {
+ name := filepath.Base(p)
+ http.ServeContent(w, r, name, time.Now(), bytes.NewReader(b))
+ }
+ }))
+
// Authed routes
r.Group(func(r chi.Router) {
r.Use(jwtauth.Verifier(tokenAuth))
r.Use(userCtx)
- r.Get(logoutURL, func(w http.ResponseWriter, r *http.Request) {
- http.SetCookie(w, &http.Cookie{
- Name: "jwt",
- Value: "",
- HttpOnly: true,
- Path: "/",
- //Secure: true,
- Expires: time.Time{},
- })
- r = flashSet(r, flashSuccess, "de-authenticated successfully")
- http.Redirect(w, r, flashURL(r, "/"), http.StatusSeeOther)
- })
+ r.Get(logoutURL, handleLogout(renderer))
r.Route("/sites", func(r chi.Router) {
r.Get("/", handleSites(st, renderer))
r.Route("/{siteID}", func(r chi.Router) {
@@ -182,32 +187,6 @@ func main() {
// Example
r.Get("/test.html", handleExample(renderer))
- authHandler := handleAuth(st, renderer)
-
- // Public routes
- r.Route("/", func(r chi.Router) {
- r.Get("/", handleIndex(renderer))
- r.Get(loginURL, func(w http.ResponseWriter, r *http.Request) {
- flash := flashGet(r)
- if err := renderer.Render(w, "login", map[string]interface{}{
- "Flash": flash,
- }); err != nil {
- httpError(w, 500, err.Error())
- return
- }
- return
- })
- r.Post(loginURL, authHandler)
-
- r.Get("/*", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- p := strings.TrimPrefix(r.URL.Path, "/")
- if b, err := StaticLoadTemplate(p); err == nil {
- name := filepath.Base(p)
- http.ServeContent(w, r, name, time.Now(), bytes.NewReader(b))
- }
- }))
- })
-
log("listening at", *addr)
http.ListenAndServe(*addr, r)
}
diff --git a/cmd/server/sites.go b/cmd/server/sites.go
index cf78fda..f7e7793 100644
--- a/cmd/server/sites.go
+++ b/cmd/server/sites.go
@@ -66,7 +66,7 @@ func handleSite(db sws.SiteStore, rndr Renderer) http.HandlerFunc {
payload := newTemplateData(r)
payload.Site = site
- payload.Pages = &pageSet
+ payload.PageSet = &pageSet
payload.Browsers = &browserSet
payload.Hits = hitSet
diff --git a/templates/home.tmpl b/templates/home.tmpl
index 7920916..956c589 100644
--- a/templates/home.tmpl
+++ b/templates/home.tmpl
@@ -1,4 +1,5 @@
{{ define "content" }}
+ <!-- home -->
<main>
home page
</main>
diff --git a/templates/login.tmpl b/templates/login.tmpl
index 13a942c..f4bf395 100644
--- a/templates/login.tmpl
+++ b/templates/login.tmpl
@@ -1,7 +1,8 @@
{{ define "content" }}
+ <!-- login -->
<main>
<h2>Login</h2>
- <form method="post">
+ <form method="post" action="/login">
<div class="field">
<input type="email" name="email" placeholder="your email" />
</div>
diff --git a/templates/navbar.tmpl b/templates/navbar.tmpl
index 3c2733c..99dba68 100644
--- a/templates/navbar.tmpl
+++ b/templates/navbar.tmpl
@@ -1,6 +1,6 @@
{{ define "navbar" }}
<header class="site">
- <a class="logo" href="/"><img /></a>
+ <a class="logo" href="/">Logo</a>
{{ if .User }}
<a href="/sites">Sites</a>
<a class="logout" href="/logout">Logout</a>
diff --git a/templates/site.tmpl b/templates/site.tmpl
index 236f7f4..3a2b198 100644
--- a/templates/site.tmpl
+++ b/templates/site.tmpl
@@ -12,12 +12,12 @@
<h2>Popular pages</h2>
<fig>
- {{ template "barChartHorizontal" .Pages }}
+ {{ template "barChartHorizontal" .PageSet }}
</fig>
<ul class="pages">
- {{ $pages := .Pages }}
- {{ range .Pages }}
+ {{ $pages := .PageSet }}
+ {{ range .PageSet }}
{{ template "pageForList" . }}
<fig>
{{ $pathHits := $pages.Page .Path }}