Ole-Morten Duesund
fc1f7259c5
Go backend with server-rendered HTML/HTMX frontend, SQLite database, and filesystem image storage. Self-hostable single-binary architecture. Phase 1 — Authentication & project foundation: - Argon2id password hashing with timing-attack prevention - Session management with cookie-based auth and periodic cleanup - Login, signup (open/requests/closed modes), logout, forced password reset - CSRF double-submit cookie pattern with HTMX auto-inclusion - Proxy-aware real IP extraction (WireGuard/Tailscale support) - Configurable base path for subdomain and subpath deployment - Rate limiting on auth endpoints with background cleanup - Security headers (CSP, X-Frame-Options, Referrer-Policy) - Structured logging with slog, graceful shutdown - Pico CSS + HTMX vendored and embedded via go:embed Phase 2 — Faves CRUD with tags and images: - Full CRUD for favorites with ownership checks - Image upload with EXIF stripping, resize to 1920px, UUID filenames - Tag system with HTMX autocomplete (prefix search, popularity-sorted) - Privacy controls (public/private per fave, user-configurable default) - Tag browsing, pagination, batch tag loading (avoids N+1) - OpenGraph meta tags on public fave detail pages Includes code quality pass: extracted shared helpers, fixed signup request persistence bug, plugged rate limiter memory leak, removed dead code, and logged previously-swallowed errors. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
61 lines
1.6 KiB
Go
61 lines
1.6 KiB
Go
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
|
|
"kode.naiv.no/olemd/favoritter/internal/model"
|
|
)
|
|
|
|
type contextKey string
|
|
|
|
const (
|
|
userKey contextKey = "user"
|
|
csrfTokenKey contextKey = "csrf_token"
|
|
realIPKey contextKey = "real_ip"
|
|
)
|
|
|
|
// UserFromContext returns the authenticated user from the request context, or nil.
|
|
func UserFromContext(ctx context.Context) *model.User {
|
|
u, _ := ctx.Value(userKey).(*model.User)
|
|
return u
|
|
}
|
|
|
|
// CSRFTokenFromContext returns the CSRF token from the request context.
|
|
func CSRFTokenFromContext(ctx context.Context) string {
|
|
s, _ := ctx.Value(csrfTokenKey).(string)
|
|
return s
|
|
}
|
|
|
|
// RealIPFromContext returns the real client IP from the request context.
|
|
func RealIPFromContext(ctx context.Context) string {
|
|
s, _ := ctx.Value(realIPKey).(string)
|
|
return s
|
|
}
|
|
|
|
// RequireLogin redirects to the login page if no user is authenticated.
|
|
func RequireLogin(basePath string) func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if UserFromContext(r.Context()) == nil {
|
|
http.Redirect(w, r, basePath+"/login", http.StatusSeeOther)
|
|
return
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
}
|
|
|
|
// RequireAdmin returns 403 if the user is not an admin.
|
|
func RequireAdmin(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
user := UserFromContext(r.Context())
|
|
if user == nil || !user.IsAdmin() {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
return
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|