olemd/favoritter
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions
favoritter/internal/handler/handler.go

145 lines
5.5 KiB
Go
Raw Normal View History

feat: implement Phase 1 (auth) and Phase 2 (faves CRUD) foundation Go backend with server-rendered HTML/HTMX frontend, SQLite database, and filesystem image storage. Self-hostable single-binary architecture. Phase 1 — Authentication & project foundation: - Argon2id password hashing with timing-attack prevention - Session management with cookie-based auth and periodic cleanup - Login, signup (open/requests/closed modes), logout, forced password reset - CSRF double-submit cookie pattern with HTMX auto-inclusion - Proxy-aware real IP extraction (WireGuard/Tailscale support) - Configurable base path for subdomain and subpath deployment - Rate limiting on auth endpoints with background cleanup - Security headers (CSP, X-Frame-Options, Referrer-Policy) - Structured logging with slog, graceful shutdown - Pico CSS + HTMX vendored and embedded via go:embed Phase 2 — Faves CRUD with tags and images: - Full CRUD for favorites with ownership checks - Image upload with EXIF stripping, resize to 1920px, UUID filenames - Tag system with HTMX autocomplete (prefix search, popularity-sorted) - Privacy controls (public/private per fave, user-configurable default) - Tag browsing, pagination, batch tag loading (avoids N+1) - OpenGraph meta tags on public fave detail pages Includes code quality pass: extracted shared helpers, fixed signup request persistence bug, plugged rate limiter memory leak, removed dead code, and logged previously-swallowed errors. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 15:55:22 +02:00
// SPDX-License-Identifier: AGPL-3.0-or-later
// Package handler contains HTTP handlers for all web and API routes.
package handler
import (
"context"
"io/fs"
"net/http"
"time"
"kode.naiv.no/olemd/favoritter/internal/config"
"kode.naiv.no/olemd/favoritter/internal/middleware"
"kode.naiv.no/olemd/favoritter/internal/render"
"kode.naiv.no/olemd/favoritter/internal/store"
"kode.naiv.no/olemd/favoritter/web"
)
// Deps bundles all dependencies injected into handlers.
type Deps struct {
Config *config.Config
Users *store.UserStore
Sessions *store.SessionStore
Settings *store.SettingsStore
Faves *store.FaveStore
Tags *store.TagStore
SignupRequests *store.SignupRequestStore
Renderer *render.Renderer
}
// Handler holds all HTTP handler methods and their dependencies.
type Handler struct {
deps Deps
rateLimiter *middleware.RateLimiter
}
// New creates a new Handler with the given dependencies.
func New(deps Deps) *Handler {
return &Handler{
deps: deps,
rateLimiter: middleware.NewRateLimiter(deps.Config.RateLimit),
}
}
// RateLimiterCleanupLoop periodically evicts stale rate limiter entries.
func (h *Handler) RateLimiterCleanupLoop(ctx context.Context, interval time.Duration) {
ticker := time.NewTicker(interval)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
h.rateLimiter.Cleanup()
}
}
}
// Routes registers all routes on a new ServeMux and returns it.
func (h *Handler) Routes() *http.ServeMux {
mux := http.NewServeMux()
// Static files (served from embedded filesystem).
staticFS, err := fs.Sub(web.StaticFS, "static")
if err != nil {
panic("embedded static filesystem missing: " + err.Error())
}
mux.Handle("GET /static/", http.StripPrefix("/static/", http.FileServer(http.FS(staticFS))))
// Uploaded images (served from the filesystem upload directory).
mux.Handle("GET /uploads/", http.StripPrefix("/uploads/",
http.FileServer(http.Dir(h.deps.Config.UploadDir))))
// Health check.
mux.HandleFunc("GET /health", h.handleHealth)
// Auth routes (rate-limited).
mux.Handle("POST /login", h.rateLimiter.Limit(http.HandlerFunc(h.handleLoginPost)))
mux.Handle("POST /signup", h.rateLimiter.Limit(http.HandlerFunc(h.handleSignupPost)))
mux.HandleFunc("GET /login", h.handleLoginGet)
mux.HandleFunc("GET /signup", h.handleSignupGet)
mux.HandleFunc("POST /logout", h.handleLogout)
// Password reset (for must-reset-password flow).
mux.HandleFunc("GET /reset-password", h.handleResetPasswordGet)
mux.HandleFunc("POST /reset-password", h.handleResetPasswordPost)
// Home page.
mux.HandleFunc("GET /{$}", h.handleHome)
// Faves — authenticated routes use requireLogin wrapper.
requireLogin := middleware.RequireLogin(h.deps.Config.BasePath)
mux.Handle("GET /faves", requireLogin(http.HandlerFunc(h.handleFaveList)))
mux.Handle("GET /faves/new", requireLogin(http.HandlerFunc(h.handleFaveNew)))
mux.Handle("POST /faves", requireLogin(http.HandlerFunc(h.handleFaveCreate)))
mux.HandleFunc("GET /faves/{id}", h.handleFaveDetail)
mux.Handle("GET /faves/{id}/edit", requireLogin(http.HandlerFunc(h.handleFaveEdit)))
mux.Handle("POST /faves/{id}", requireLogin(http.HandlerFunc(h.handleFaveUpdate)))
mux.Handle("DELETE /faves/{id}", requireLogin(http.HandlerFunc(h.handleFaveDelete)))
// Tags.
mux.HandleFunc("GET /tags/search", h.handleTagSearch)
mux.HandleFunc("GET /tags/{name}", h.handleTagBrowse)
feat: add profiles, public views, settings, and code quality fixes Phase 3 — Profiles & Public Views: - Public profile page (/u/{username}) with OG meta tags - User settings page (display name, bio, visibility, default privacy) - Avatar upload with image processing - Password change from settings (verifies current password) - Home page shows public fave feed for logged-in users - Must-reset-password guard redirects to /reset-password - Profile visibility: public (full) or limited (username only) Code quality improvements from /simplify review: - Fix signup request persistence bug (was silently discarding data) - Fix health check to use configured listen address, not hardcoded :8080 - Add rate limiter cleanup goroutine (was leaking memory) - Extract shared helpers: ClearSessionCookie, IsSecureRequest, scanTags, scanUserFrom (scanner interface), SignupRequestStore - Replace hand-rolled joinPlaceholders with strings.Join - Remove dead _method hidden field, redundant devMode field - Simplify rate-limited route registration (remove double-mux) - Log previously-swallowed errors (session delete, image delete) - Stop leaking internal error messages to users in image upload Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 16:01:41 +02:00
// Profiles.
mux.HandleFunc("GET /u/{username}", h.handlePublicProfile)
// User settings (authenticated).
mux.Handle("GET /settings", requireLogin(http.HandlerFunc(h.handleSettingsGet)))
mux.Handle("POST /settings", requireLogin(http.HandlerFunc(h.handleSettingsPost)))
mux.Handle("POST /settings/avatar", requireLogin(http.HandlerFunc(h.handleAvatarPost)))
mux.Handle("POST /settings/password", requireLogin(http.HandlerFunc(h.handleSettingsPasswordPost)))
feat: add Atom feeds and JSON/CSV import/export Phase 5 — Feeds & Import/Export: - Atom feeds: global (/feed.xml), per-user (/u/{name}/feed.xml), per-tag (/tags/{name}/feed.xml). Uses gorilla/feeds. - JSON export: all user's faves with tags, pretty-printed - CSV export: standard format with header row - JSON import: validates and creates faves with tags - CSV import: flexible column mapping from header row - Import/export pages with format documentation - Feed items include enclosure for images, author info - Limited-visibility profiles excluded from feeds Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 16:11:44 +02:00
// Feeds (public, no auth required).
mux.HandleFunc("GET /feed.xml", h.handleFeedGlobal)
mux.HandleFunc("GET /u/{username}/feed.xml", h.handleFeedUser)
mux.HandleFunc("GET /tags/{name}/feed.xml", h.handleFeedTag)
// Import/Export (authenticated).
mux.Handle("GET /export", requireLogin(http.HandlerFunc(h.handleExportPage)))
mux.Handle("GET /export/json", requireLogin(http.HandlerFunc(h.handleExportJSON)))
mux.Handle("GET /export/csv", requireLogin(http.HandlerFunc(h.handleExportCSV)))
mux.Handle("GET /import", requireLogin(http.HandlerFunc(h.handleImportPage)))
mux.Handle("POST /import", requireLogin(http.HandlerFunc(h.handleImportPost)))
feat: add admin panel with user, tag, and signup management Phase 4 — Admin Panel: - Admin dashboard with user/fave/pending-request counts - User management: create with temp password, reset password, enable/disable accounts (prevents self-disable) - Tag management: rename and delete tags - Signup request management: approve (creates user with must-reset-password) and reject pending requests - Site settings: site name, description, signup mode (open/requests/closed) - All admin routes require both login and admin role - SignupRequest model and full store (create, list pending, approve with user creation, reject) - SetMustResetPassword method on UserStore for admin password resets Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 16:09:30 +02:00
// Admin panel (requires admin role).
admin := func(hf http.HandlerFunc) http.Handler {
return requireLogin(middleware.RequireAdmin(http.HandlerFunc(hf)))
}
mux.Handle("GET /admin", admin(h.handleAdminDashboard))
mux.Handle("GET /admin/users", admin(h.handleAdminUsers))
mux.Handle("POST /admin/users", admin(h.handleAdminCreateUser))
mux.Handle("POST /admin/users/{id}/reset-password", admin(h.handleAdminResetPassword))
mux.Handle("POST /admin/users/{id}/toggle-disabled", admin(h.handleAdminToggleDisabled))
mux.Handle("GET /admin/tags", admin(h.handleAdminTags))
mux.Handle("POST /admin/tags/{id}/rename", admin(h.handleAdminRenameTag))
mux.Handle("POST /admin/tags/{id}/delete", admin(h.handleAdminDeleteTag))
mux.Handle("GET /admin/signup-requests", admin(h.handleAdminSignupRequests))
mux.Handle("POST /admin/signup-requests/{id}", admin(h.handleAdminSignupRequestAction))
mux.Handle("GET /admin/settings", admin(h.handleAdminSettingsGet))
mux.Handle("POST /admin/settings", admin(h.handleAdminSettingsPost))
feat: implement Phase 1 (auth) and Phase 2 (faves CRUD) foundation Go backend with server-rendered HTML/HTMX frontend, SQLite database, and filesystem image storage. Self-hostable single-binary architecture. Phase 1 — Authentication & project foundation: - Argon2id password hashing with timing-attack prevention - Session management with cookie-based auth and periodic cleanup - Login, signup (open/requests/closed modes), logout, forced password reset - CSRF double-submit cookie pattern with HTMX auto-inclusion - Proxy-aware real IP extraction (WireGuard/Tailscale support) - Configurable base path for subdomain and subpath deployment - Rate limiting on auth endpoints with background cleanup - Security headers (CSP, X-Frame-Options, Referrer-Policy) - Structured logging with slog, graceful shutdown - Pico CSS + HTMX vendored and embedded via go:embed Phase 2 — Faves CRUD with tags and images: - Full CRUD for favorites with ownership checks - Image upload with EXIF stripping, resize to 1920px, UUID filenames - Tag system with HTMX autocomplete (prefix search, popularity-sorted) - Privacy controls (public/private per fave, user-configurable default) - Tag browsing, pagination, batch tag loading (avoids N+1) - OpenGraph meta tags on public fave detail pages Includes code quality pass: extracted shared helpers, fixed signup request persistence bug, plugged rate limiter memory leak, removed dead code, and logged previously-swallowed errors. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 15:55:22 +02:00
return mux
}
Reference in a new issue Copy permalink