diff options
Diffstat (limited to '#main.go#')
| -rw-r--r-- | #main.go# | 1971 |
1 files changed, 0 insertions, 1971 deletions
diff --git a/#main.go# b/#main.go# deleted file mode 100644 index 7f97ee3..0000000 --- a/#main.go# +++ /dev/null @@ -1,1971 +0,0 @@ -package main - -import "fmt" -import "strings" -import "strconv" -import "net/http" -import "database/sql" -import _ "github.com/lib/pq" -import "math/rand" -import "html/template" -import "time" -import "regexp" -import "os/exec" -import "bytes" -import "encoding/json" -import "io/ioutil" -import "mime/multipart" -import "os" -import "bufio" -import "io" -import "github.com/gofrs/uuid" - -var Port = ":" + GetConfigValue("instanceport") -var TP = GetConfigValue("instancetp") -var Domain = TP + "" + GetConfigValue("instance") - -var authReq = []string{"captcha","email","passphrase"} - -var supportedFiles = []string{"image/gif","image/jpeg","image/png","image/svg+xml","image/webp","image/avif","image/apng","video/mp4","video/ogg","video/webm","audio/mpeg","audio/ogg","audio/wav", "audio/wave", "audio/x-wav"} - -var SiteEmail = GetConfigValue("emailaddress") //contact@fchan.xyz -var SiteEmailPassword = GetConfigValue("emailpass") -var SiteEmailServer = GetConfigValue("emailserver") //mail.fchan.xyz -var SiteEmailPort = GetConfigValue("emailport") //587 - -var ldjson = "application/ld+json" -var activitystreams = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"" - -func main() { - - if _, err := os.Stat("./public"); os.IsNotExist(err) { - os.Mkdir("./public", 0755) - } - - InitCache() - - db := ConnectDB(); - - db. - - defer db.Close() - - go MakeCaptchas(db, 100) - - *Key = CreateClientKey() - - FollowingBoards = GetActorFollowingDB(db, Domain) - - Boards = GetBoardCollection(db) - - // root actor is used to follow remote feeds that are not local - //name, prefname, summary, auth requirements, restricted - if GetConfigValue("instancename") != "" { - CreateNewBoardDB(db, *CreateNewActor("", GetConfigValue("instancename"), GetConfigValue("instancesummary"), authReq, false)) - } - - // Allow access to public media folder - fileServer := http.FileServer(http.Dir("./public")) - http.Handle("/public/", http.StripPrefix("/public", neuter(fileServer))) - - javascriptFiles := http.FileServer(http.Dir("./static")) - http.Handle("/static/", http.StripPrefix("/static", neuter(javascriptFiles))) - - // main routing - http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request){ - path := r.URL.Path - - // remove trailing slash - if path != "/" { - re := regexp.MustCompile(`/$`) - path = re.ReplaceAllString(path, "") - } - - var mainActor bool - var mainInbox bool - var mainOutbox bool - var mainFollowing bool - var mainFollowers bool - - var actorMain bool - var actorInbox bool - var actorCatalog bool - var actorOutbox bool - var actorPost bool - var actorFollowing bool - var actorFollowers bool - var actorReported bool - var actorVerification bool - var actorMainPage bool - - var accept = r.Header.Get("Accept") - - var method = r.Method - - var actor = GetActorFromPath(db, path, "/") - - if actor.Name == "main" { - mainActor = (path == "/") - mainInbox = (path == "/inbox") - mainOutbox = (path == "/outbox") - mainFollowing = (path == "/following") - mainFollowers = (path == "/followers") - } else { - actorMain = (path == "/" + actor.Name) - actorInbox = (path == "/" + actor.Name + "/inbox") - actorCatalog = (path == "/" + actor.Name + "/catalog") - actorOutbox = (path == "/" + actor.Name + "/outbox") - actorFollowing = (path == "/" + actor.Name + "/following") - actorFollowers = (path == "/" + actor.Name + "/followers") - actorReported = (path == "/" + actor.Name + "/reported") - actorVerification = (path == "/" + actor.Name + "/verification") - - escapedActorName := strings.Replace(actor.Name, "*", "\\*", -1) - escapedActorName = strings.Replace(escapedActorName, "^", "\\^", -1) - escapedActorName = strings.Replace(escapedActorName, "$", "\\$", -1) - escapedActorName = strings.Replace(escapedActorName, "?", "\\?", -1) - escapedActorName = strings.Replace(escapedActorName, "+", "\\+", -1) - escapedActorName = strings.Replace(escapedActorName, ".", "\\.", -1) - - re := regexp.MustCompile("/" + escapedActorName + "/[0-9]{1,2}$") - - actorMainPage = re.MatchString(path) - - re = regexp.MustCompile("/" + escapedActorName + "/\\w+") - - actorPost = re.MatchString(path) - } - - if mainActor { - if accept == activitystreams || accept == ldjson { - GetActorInfo(w, db, Domain) - return - } - - IndexGet(w, r, db) - - return - } - - if mainInbox { - if method == "POST" { - - } else { - w.WriteHeader(http.StatusForbidden) - w.Write([]byte("404 no path")) - } - return - } - - if mainOutbox { - if method == "GET" { - GetActorOutbox(w, r, db) - } else if method == "POST" { - ParseOutboxRequest(w, r, db) - } else { - w.WriteHeader(http.StatusForbidden) - w.Write([]byte("404 no path")) - } - return - } - - if mainFollowing { - GetActorFollowing(w, db, Domain) - return - } - - if mainFollowers { - GetActorFollowers(w, db, Domain) - return - } - - if actorMain || actorMainPage { - if accept == activitystreams || accept == ldjson { - GetActorInfo(w, db, actor.Id) - return - } - - postNum := strings.Replace(r.URL.EscapedPath(), "/" + actor.Name + "/", "", 1) - - page, _ := strconv.Atoi(postNum) - collection, valid := WantToServePage(db, actor.Name, page) - if valid { - OutboxGet(w, r, db, collection) - } - - return - } - - if actorFollowing { - GetActorFollowing(w, db, actor.Id) - return - } - - if actorFollowers { - GetActorFollowers(w, db, actor.Id) - return - } - - if actorInbox { - if method == "POST" { - ParseInboxRequest(w, r, db) - } else { - w.WriteHeader(http.StatusForbidden) - w.Write([]byte("404 no path")) - } - return - } - - if actorCatalog { - collection, valid := WantToServeCatalog(db, actor.Name) - if valid { - CatalogGet(w, r, db, collection) - } - return - } - - if actorOutbox { - if method == "GET" { - GetActorOutbox(w, r, db) - } else if method == "POST" { - ParseOutboxRequest(w, r, db) - } else { - w.WriteHeader(http.StatusForbidden) - w.Write([]byte("404 no path")) - } - return - } - - if actorReported { - GetActorReported(w, r, db, actor.Id) - return - } - - if actorVerification { - r.ParseForm() - - code := r.FormValue("code") - - var verify Verify - - verify.Board = actor.Id - verify.Identifier = "post" - - verify = GetVerificationCode(db, verify) - - auth := CreateTripCode(verify.Code) - auth = CreateTripCode(auth) - - if CreateTripCode(auth) == code { - w.WriteHeader(http.StatusOK) - } else { - w.WriteHeader(http.StatusUnauthorized) - } - - w.Write([]byte("")) - } - - //catch all - if actorPost { - if accept == activitystreams || accept == ldjson { - GetActorPost(w, db, path) - return - } - - PostGet(w, r, db) - return - } - - w.WriteHeader(http.StatusForbidden) - w.Write([]byte("404 no path")) - }) - - http.HandleFunc("/post", func(w http.ResponseWriter, r *http.Request){ - - r.ParseMultipartForm(10 << 20) - - file, header, _ := r.FormFile("file") - - if(file != nil && header.Size > (7 << 20)){ - w.Write([]byte("7MB max file size")) - return - } - - if(r.FormValue("inReplyTo") == "" || file == nil) { - if(r.FormValue("comment") == "" && r.FormValue("subject") == ""){ - w.Write([]byte("Comment or Subject required")) - return - } - } - - if(len(r.FormValue("comment")) > 2000) { - w.Write([]byte("Comment limit 2000 characters")) - return - } - - if(len(r.FormValue("subject")) > 100 || len(r.FormValue("name")) > 100 || len(r.FormValue("options")) > 100) { - w.Write([]byte("Name, Subject or Options limit 100 characters")) - return - } - - if(r.FormValue("captcha") == "") { - w.Write([]byte("Incorrect Captcha")) - return - } - - b := bytes.Buffer{} - we := multipart.NewWriter(&b) - - if(file != nil){ - var fw io.Writer - - fw, err := we.CreateFormFile("file", header.Filename) - - CheckError(err, "error with form file create") - - _, err = io.Copy(fw, file) - - CheckError(err, "error with form file copy") - } - - reply := ParseCommentForReply(r.FormValue("comment")) - - for key, r0 := range r.Form { - if(key == "captcha") { - err := we.WriteField(key, r.FormValue("captchaCode") + ":" + r.FormValue("captcha")) - CheckError(err, "error with writing field") - }else{ - err := we.WriteField(key, r0[0]) - CheckError(err, "error with writing field") - } - } - - if(r.FormValue("inReplyTo") == "" && reply != ""){ - err := we.WriteField("inReplyTo", reply) - CheckError(err, "error with writing inReplyTo field") - } - - we.Close() - - req, err := http.NewRequest("POST", r.FormValue("sendTo"), &b) - - CheckError(err, "error with post form req") - - req.Header.Set("Content-Type", we.FormDataContentType()) - req.Header.Set("Authorization", "Basic " + *Key) - - resp, err := http.DefaultClient.Do(req) - - CheckError(err, "error with post form resp") - - defer resp.Body.Close() - - if(resp.StatusCode == 200){ - - body, _ := ioutil.ReadAll(resp.Body) - - var obj ObjectBase - - obj = ParseOptions(r, obj) - for _, e := range obj.Option { - if(e == "noko" || e == "nokosage"){ - http.Redirect(w, r, Domain + "/" + r.FormValue("boardName") + "/" + shortURL(r.FormValue("sendTo"), string(body)) , http.StatusMovedPermanently) - return - } - } - - http.Redirect(w, r, Domain + "/" + r.FormValue("boardName"), http.StatusMovedPermanently) - return - } - - if(resp.StatusCode == 403){ - w.Write([]byte("Incorrect Captcha")) - return - } - - http.Redirect(w, r, Domain + "/" + r.FormValue("boardName"), http.StatusMovedPermanently) - }) - - http.HandleFunc("/" + *Key + "/", func(w http.ResponseWriter, r *http.Request) { - - id, _ := GetPasswordFromSession(r) - - actor := GetActorFromPath(db, r.URL.Path, "/" + *Key + "/") - - if actor.Id == "" { - actor = GetActorFromDB(db, Domain) - } - - if id == "" || (id != actor.Id && id != Domain) { - t := template.Must(template.ParseFiles("./static/verify.html")) - t.Execute(w, "") - return - } - - re := regexp.MustCompile("/" + *Key + "/" + actor.Name + "/follow") - follow := re.MatchString(r.URL.Path) - - re = regexp.MustCompile("/" + *Key + "/" + actor.Name) - manage := re.MatchString(r.URL.Path) - - re = regexp.MustCompile("/" + *Key ) - admin := re.MatchString(r.URL.Path) - - re = regexp.MustCompile("/" + *Key + "/follow" ) - adminFollow := re.MatchString(r.URL.Path) - - if follow || adminFollow { - r.ParseForm() - - - var followActivity Activity - - followActivity.AtContext.Context = "https://www.w3.org/ns/activitystreams" - followActivity.Type = "Follow" - - var nactor Actor - var obj ObjectBase - followActivity.Actor = &nactor - followActivity.Object = &obj - followActivity.Actor.Id = r.FormValue("actor") - - var mactor Actor - followActivity.Object.Actor = &mactor - followActivity.Object.Actor.Id = r.FormValue("follow") - followActivity.To = append(followActivity.To, r.FormValue("follow")) - - if followActivity.Actor.Id == Domain && !IsActorLocal(db, followActivity.Object.Actor.Id) { - w.Write([]byte("main board can only follow local boards. Create a new board and then follow outside boards from it.")) - return - } - - enc, _ := json.Marshal(followActivity) - - req, err := http.NewRequest("POST", actor.Outbox, bytes.NewBuffer(enc)) - - CheckError(err, "error with follow req") - - _, pass := GetPasswordFromSession(r) - - pass = CreateTripCode(pass) - pass = CreateTripCode(pass) - - req.Header.Set("Authorization", "Basic " + pass) - - req.Header.Set("Content-Type", activitystreams) - - _, err = http.DefaultClient.Do(req) - - CheckError(err, "error with add board follow resp") - - FollowingBoards = GetActorFollowingDB(db, Domain) - - Boards = GetBoardCollection(db) - - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - - } else if manage && actor.Name != "" { - t := template.Must(template.ParseFiles("./static/main.html", "./static/manage.html")) - - follow := GetActorCollection(actor.Following) - follower := GetActorCollection(actor.Followers) - reported := GetActorCollectionReq(r, actor.Id + "/reported") - - var following []string - var followers []string - var reports []Report - - for _, e := range follow.Items { - following = append(following, e.Id) - } - - for _, e := range follower.Items { - followers = append(followers, e.Id) - } - - for _, e := range reported.Items { - var r Report - r.Count = int(e.Size) - r.ID = e.Id - reports = append(reports, r) - } - - localReports := GetLocalReportDB(db, actor.Name) - - for _, e := range localReports { - var r Report - r.Count = e.Count - r.ID = e.ID - reports = append(reports, r) - } - - var adminData AdminPage - adminData.Following = following - adminData.Followers = followers - adminData.Reported = reports - adminData.Domain = Domain - adminData.IsLocal = IsActorLocal(db, actor.Id) - - adminData.Title = "Manage /" + actor.Name + "/" - adminData.Boards = Boards - adminData.Board.Name = actor.Name - adminData.Board.Actor = actor - adminData.Key = *Key - adminData.Board.TP = TP - - adminData.Board.Post.Actor = &actor - - t.ExecuteTemplate(w, "layout", adminData) - - } else if admin || actor.Id == Domain { - - t := template.Must(template.ParseFiles("./static/main.html", "./static/nadmin.html")) - - actor := GetActor(Domain) - follow := GetActorCollection(actor.Following).Items - follower := GetActorCollection(actor.Followers).Items - - var following []string - var followers []string - - for _, e := range follow { - following = append(following, e.Id) - } - - for _, e := range follower { - followers = append(followers, e.Id) - } - - var adminData AdminPage - adminData.Following = following - adminData.Followers = followers - adminData.Actor = actor.Id - adminData.Key = *Key - adminData.Domain = Domain - adminData.Board.ModCred,_ = GetPasswordFromSession(r) - - adminData.Boards = Boards - - adminData.Board.Post.Actor = &actor - - t.ExecuteTemplate(w, "layout", adminData) - } - }) - - http.HandleFunc("/" + *Key + "/addboard", func(w http.ResponseWriter, r *http.Request) { - - var newActorActivity Activity - var board Actor - r.ParseForm() - - actor := GetActorFromDB(db, Domain) - - var restrict bool - if r.FormValue("restricted") == "True" { - restrict = true - } else { - restrict = false - } - - board.Name = r.FormValue("name") - board.PreferredUsername = r.FormValue("prefname") - board.Summary = r.FormValue("summary") - board.Restricted = restrict - - newActorActivity.AtContext.Context = "https://www.w3.org/ns/activitystreams" - newActorActivity.Type = "New" - var nactor Actor - var nobj ObjectBase - newActorActivity.Actor = &nactor - newActorActivity.Object = &nobj - newActorActivity.Actor.Id = actor.Id - newActorActivity.Object.Actor = &board - - - enc, _ := json.Marshal(newActorActivity) - - req, err := http.NewRequest("POST", actor.Outbox, bytes.NewBuffer(enc)) - - CheckError(err, "error with add board follow req") - - _, pass := GetPasswordFromSession(r) - - pass = CreateTripCode(pass) - pass = CreateTripCode(pass) - - req.Header.Set("Authorization", "Basic " + pass) - req.Header.Set("Content-Type", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - CheckError(err, "error with add board follow resp") - - defer resp.Body.Close() - - body, _ := ioutil.ReadAll(resp.Body) - - var respActor Actor - - err = json.Unmarshal(body, &respActor) - - CheckError(err, "error getting actor from body in new board") - - //update board list with new instances following - if resp.StatusCode == 200 { - var board []ObjectBase - var item ObjectBase - var removed bool = false - - item.Id = respActor.Id - for _, e := range FollowingBoards { - if e.Id != item.Id { - board = append(board, e) - } else { - removed = true - } - } - - if !removed { - board = append(board, item) - } - - FollowingBoards = board - - Boards = GetBoardCollection(db) - } - - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - }) - - http.HandleFunc("/verify", func(w http.ResponseWriter, r *http.Request){ - if(r.Method == "POST") { - r.ParseForm() - identifier := r.FormValue("id") - code := r.FormValue("code") - - var verify Verify - verify.Identifier = identifier - verify.Code = code - - j, _ := json.Marshal(&verify) - - req, err := http.NewRequest("POST", Domain + "/auth", bytes.NewBuffer(j)) - - CheckError(err, "error making verify req") - - req.Header.Set("Content-Type", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - CheckError(err, "error getting verify resp") - - defer resp.Body.Close() - - rBody, _ := ioutil.ReadAll(resp.Body) - - body := string(rBody) - - if(resp.StatusCode != 200) { - t := template.Must(template.ParseFiles("./static/verify.html")) - t.Execute(w, "wrong password " + verify.Code) - } else { - - sessionToken, _ := uuid.NewV4() - - _, err := cache.Do("SETEX", sessionToken, "86400", body + "|" + verify.Code) - if err != nil { - t := template.Must(template.ParseFiles("./static/verify.html")) - t.Execute(w, "") - return - } - - http.SetCookie(w, &http.Cookie{ - Name: "session_token", - Value: sessionToken.String(), - Expires: time.Now().Add(60 * 60 * 48 * time.Second), - }) - - http.Redirect(w, r, "/", http.StatusSeeOther) - } - } else { - t := template.Must(template.ParseFiles("./static/verify.html")) - t.Execute(w, "") - } - }) - - http.HandleFunc("/delete", func(w http.ResponseWriter, r *http.Request){ - id := r.URL.Query().Get("id") - board := r.URL.Query().Get("board") - actor := GetActorFromPath(db, id, "/") - _, auth := GetPasswordFromSession(r) - - if id == "" || auth == "" { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - if !HasAuth(db, auth, actor.Id) { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - if !IsIDLocal(db, id) { - CreateLocalDeleteDB(db, id, "post") - CloseLocalReportDB(db, id, board) - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - - var obj ObjectBase - obj.Id = id - obj.Actor = &actor - - isOP := CheckIfObjectOP(db, obj.Id) - - if !isOP { - DeleteObjectRequest(db, id) - DeleteObject(db, obj.Id) - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } else { - DeleteObjectAndRepliesRequest(db, id) - DeleteObjectAndReplies(db, obj.Id) - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - }) - - http.HandleFunc("/deleteattach", func(w http.ResponseWriter, r *http.Request){ - - id := r.URL.Query().Get("id") - - _, auth := GetPasswordFromSession(r) - - if id == "" || auth == "" { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - actor := GetActorFromPath(db, id, "/") - - if !HasAuth(db, auth, actor.Id) { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - if !IsIDLocal(db, id) { - CreateLocalDeleteDB(db, id, "attachment") - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - DeleteAttachmentFromFile(db, id) - DeletePreviewFromFile(db, id) - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - }) - - http.HandleFunc("/report", func(w http.ResponseWriter, r *http.Request){ - - r.ParseForm() - - id := r.FormValue("id") - board := r.FormValue("board") - reason := r.FormValue("comment") - close := r.FormValue("close") - - actor := GetActorFromPath(db, id, "/") - _, auth := GetPasswordFromSession(r) - - var captcha = r.FormValue("captchaCode") + ":" + r.FormValue("captcha") - - if len(reason) > 100 { - w.Write([]byte("Report comment limit 100 characters")) - return - } - - if(!CheckCaptcha(db, captcha)) { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("captcha required")) - return - } - - if close == "1" { - if !HasAuth(db, auth, actor.Id) { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - if !IsIDLocal(db, id) { - CloseLocalReportDB(db, id, board) - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - reported := DeleteReportActivity(db, id) - if reported { - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - if !IsIDLocal(db, id) { - CreateLocalReportDB(db, id, board, reason) - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - reported := ReportActivity(db, id, reason) - if reported { - http.Redirect(w, r, r.Header.Get("Referer"), http.StatusSeeOther) - return - } - - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - }) - - http.HandleFunc("/auth", func(w http.ResponseWriter, r *http.Request){ - var verify Verify - defer r.Body.Close() - - body, _ := ioutil.ReadAll(r.Body) - - err := json.Unmarshal(body, &verify) - - CheckError(err, "error get verify from json") - - v := GetVerificationByCode(db, verify.Code) - - if v.Identifier == verify.Identifier { - w.Write([]byte(v.Board)) - return - } - - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - }) - - fmt.Println("Server for " + Domain + " running on port " + Port) - - fmt.Println("Mod key: " + *Key) - PrintAdminAuth(db) - - http.ListenAndServe(Port, nil) -} - -func CheckError(e error, m string) error{ - if e != nil { - fmt.Println() - fmt.Println(m) - fmt.Println() - panic(e) - } - - return e -} - -func ConnectDB() *sql.DB { - - host := GetConfigValue("dbhost") - port,_ := strconv.Atoi(GetConfigValue("dbport")) - user := GetConfigValue("dbuser") - password := GetConfigValue("dbpass") - dbname := GetConfigValue("dbname") - - psqlInfo := fmt.Sprintf("host=%s port=%d user=%s password=%s " + - "dbname=%s sslmode=disable", host, port, user, password, dbname) - - db, err := sql.Open("postgres", psqlInfo) - CheckError(err, "error with db connection") - - err = db.Ping() - - CheckError(err, "error with db ping") - - fmt.Println("Successfully connected DB") - return db -} - -func CreateKey(len int) string { - var key string - str := (CreateTripCode(RandomID(len))) - for i := 0; i < len; i++ { - key += fmt.Sprintf("%c", str[i]) - } - return key -} - -func neuter(next http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if strings.HasSuffix(r.URL.Path, "/") { - http.NotFound(w, r) - return - } - - next.ServeHTTP(w, r) - }) -} - -func CreateTripCode(input string) string { - cmd := exec.Command("sha512sum") - cmd.Stdin = strings.NewReader(input) - var out bytes.Buffer - cmd.Stdout = &out - err := cmd.Run() - - CheckError(err, "error with create trip code") - - code := strings.Split(out.String(), " ") - - return code[0] -} - -func CreateNameTripCode(input string) string { - re := regexp.MustCompile("#.+") - chunck := re.FindString(input) - hash := CreateTripCode(chunck) - return re.ReplaceAllString(input, "!" + hash[42:50]) -} - -func GetActorFromPath(db *sql.DB, location string, prefix string) Actor { - pattern := fmt.Sprintf("%s([^/\n]+)(/.+)?", prefix) - re := regexp.MustCompile(pattern) - match := re.FindStringSubmatch(location) - - var actor string - - if(len(match) < 1 ) { - actor = "/" - } else { - actor = strings.Replace(match[1], "/", "", -1) - } - - if actor == "/" || actor == "outbox" || actor == "inbox" || actor == "following" || actor == "followers" { - actor = "main" - } - - var nActor Actor - - nActor = GetActorByNameFromDB(db, actor) - - if nActor.Id == "" { - nActor = GetActorByName(db, actor) - } - - return nActor -} - -func GetContentType(location string) string { - elements := strings.Split(location, ";") - if len(elements) > 0 { - return elements[0] - } else { - return location - } -} - -func RandomID(size int) string { - rand.Seed(time.Now().UnixNano()) - domain := "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" - rng := size - newID := "" - for i := 0; i < rng; i++ { - newID += string(domain[rand.Intn(len(domain))]) - } - - return newID -} - -func CreateUniqueID(db *sql.DB, actor string) string { - var newID string - isUnique := false - for !isUnique { - newID = RandomID(8) - - query := fmt.Sprintf("select id from activitystream where id='%s/%s/%s'", Domain, actor, newID) - - rows, err := db.Query(query) - - CheckError(err, "error with unique id query") - - defer rows.Close() - - var count int = 0 - for rows.Next(){ - count += 1 - } - - if count < 1 { - isUnique = true - } - } - - return newID -} - -func CreateNewActor(board string, prefName string, summary string, authReq []string, restricted bool) *Actor{ - actor := new(Actor) - - var path string - if board == "" { - path = Domain - actor.Name = "main" - } else { - path = Domain + "/" + board - actor.Name = board - } - - actor.Type = "Service" - actor.Id = fmt.Sprintf("%s", path) - actor.Following = fmt.Sprintf("%s/following", actor.Id) - actor.Followers = fmt.Sprintf("%s/followers", actor.Id) - actor.Inbox = fmt.Sprintf("%s/inbox", actor.Id) - actor.Outbox = fmt.Sprintf("%s/outbox", actor.Id) - actor.PreferredUsername = prefName - actor.Restricted = restricted - actor.Summary = summary - actor.AuthRequirement = authReq - - return actor -} - -func GetActorInfo(w http.ResponseWriter, db *sql.DB, id string) { - actor := GetActorFromDB(db, id) - enc, _ := json.MarshalIndent(actor, "", "\t") - w.Header().Set("Content-Type", "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") - w.Write(enc) -} - -func GetActorPost(w http.ResponseWriter, db *sql.DB, path string) { - collection := GetCollectionFromPath(db, Domain + "" + path) - if len(collection.OrderedItems) > 0 { - enc, _ := json.MarshalIndent(collection, "", "\t") - w.Header().Set("Content-Type", "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") - w.Write(enc) - } -} - -func CreateObject(objType string) ObjectBase { - var nObj ObjectBase - - nObj.Type = objType - nObj.Published = time.Now().Format(time.RFC3339) - nObj.Updated = time.Now().Format(time.RFC3339) - - return nObj -} - -func AddFollowersToActivity(db *sql.DB, activity Activity) Activity{ - - if len(activity.To) < 1 { - activity.To = append(activity.To, activity.Actor.Id) - } - - for _, e := range activity.To { - aFollowers := GetActorCollection(e + "/followers") - for _, k := range aFollowers.Items { - activity.To = append(activity.To, k.Id) - } - } - - var nActivity Activity - - for _, e := range activity.To { - var alreadyTo = false - for _, k := range nActivity.To { - if e == k || e == activity.Actor.Id { - alreadyTo = true - } - } - - if !alreadyTo { - nActivity.To = append(nActivity.To, e) - } - } - - activity.To = nActivity.To - - return activity -} - -func CreateActivity(activityType string, obj ObjectBase) Activity { - var newActivity Activity - - newActivity.AtContext.Context = "https://www.w3.org/ns/activitystreams" - newActivity.Type = activityType - newActivity.Published = obj.Published - newActivity.Actor = obj.Actor - newActivity.Object = &obj - - for _, e := range obj.To { - if obj.Actor.Id != e { - newActivity.To = append(newActivity.To, e) - } - } - - for _, e := range obj.Cc { - if obj.Actor.Id != e { - newActivity.Cc = append(newActivity.Cc, e) - } - } - - return newActivity -} - -func ProcessActivity(db *sql.DB, activity Activity) { - activityType := activity.Type - - if activityType == "Create" { - for _, e := range activity.To { - if GetActorFromDB(db, e).Id != "" { - fmt.Println("actor is in the database") - } else { - fmt.Println("actor is NOT in the database") - } - } - } else if activityType == "Follow" { - - } else if activityType == "Delete" { - - } -} - -func CreatePreviewObject(obj ObjectBase) *NestedObjectBase { - - re := regexp.MustCompile(`/.+$`) - - mimetype := re.ReplaceAllString(obj.MediaType, "") - - var nPreview NestedObjectBase - - if mimetype != "image" { - return &nPreview - } - - re = regexp.MustCompile(`.+/`) - - file := re.ReplaceAllString(obj.MediaType, "") - - href := GetUniqueFilename(file) - - nPreview.Type = "Preview" - nPreview.Name = obj.Name - nPreview.Href = Domain + "" + href - nPreview.MediaType = obj.MediaType - nPreview.Size = obj.Size - nPreview.Published = obj.Published - - re = regexp.MustCompile(`/public/.+`) - - objFile := re.FindString(obj.Href) - - cmd := exec.Command("convert", "." + objFile ,"-resize", "250x250>", "." + href) - - err := cmd.Run() - - if CheckError(err, "error with resize attachment preview") != nil { - var preview NestedObjectBase - return &preview - } - - return &nPreview -} - -func CreateAttachmentObject(file multipart.File, header *multipart.FileHeader) ([]ObjectBase, *os.File) { - contentType, _ := GetFileContentType(file) - filename := header.Filename - size := header.Size - - re := regexp.MustCompile(`.+/`) - - fileType := re.ReplaceAllString(contentType, "") - - tempFile, _ := ioutil.TempFile("./public", "*." + fileType) - - var nAttachment []ObjectBase - var image ObjectBase - - image.Type = "Attachment" - image.Name = filename - image.Href = Domain + "/" + tempFile.Name() - image.MediaType = contentType - image.Size = size - image.Published = time.Now().Format(time.RFC3339) - - nAttachment = append(nAttachment, image) - - return nAttachment, tempFile -} - -func ParseCommentForReplies(comment string) []ObjectBase { - - re := regexp.MustCompile("(>>)(https://|http://)?(www\\.)?.+\\/\\w+") - match := re.FindAllStringSubmatch(comment, -1) - - var links []string - - for i:= 0; i < len(match); i++ { - str := strings.Replace(match[i][0], ">>", "", 1) - str = strings.Replace(str, "www.", "", 1) - str = strings.Replace(str, "http://", "", 1) - str = strings.Replace(str, "https://", "", 1) - str = TP + "" + str - if !IsInStringArray(links, str) { - links = append(links, str) - } - } - - var validLinks []ObjectBase - for i:= 0; i < len(links); i++ { - _, isValid := CheckValidActivity(links[i]) - if(isValid) { - var reply = new(ObjectBase) - reply.Id = links[i] - reply.Published = time.Now().Format(time.RFC3339) - validLinks = append(validLinks, *reply) - } - } - - return validLinks -} - -func CheckValidActivity(id string) (Collection, bool) { - - req, err := http.NewRequest("GET", id, nil) - - if err != nil { - fmt.Println("error with request") - panic(err) - } - - req.Header.Set("Accept", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - if err != nil { - fmt.Println("error with response") - panic(err) - } - - defer resp.Body.Close() - - body, _ := ioutil.ReadAll(resp.Body) - - var respCollection Collection - - err = json.Unmarshal(body, &respCollection) - - if err != nil { - panic(err) - } - - if respCollection.AtContext.Context == "https://www.w3.org/ns/activitystreams" && respCollection.OrderedItems[0].Id != "" { - return respCollection, true; - } - - return respCollection, false; -} - -func GetActor(id string) Actor { - - var respActor Actor - - if id == "" { - return respActor - } - - req, err := http.NewRequest("GET", id, nil) - - CheckError(err, "error with getting actor req") - - req.Header.Set("Accept", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - if err != nil { - fmt.Println("error with getting actor resp " + id) - return respActor - } - - defer resp.Body.Close() - - body, _ := ioutil.ReadAll(resp.Body) - - err = json.Unmarshal(body, &respActor) - - CheckError(err, "error getting actor from body") - - return respActor -} - -func GetActorCollection(collection string) Collection { - var nCollection Collection - - if collection == "" { - return nCollection - } - - req, err := http.NewRequest("GET", collection, nil) - - CheckError(err, "error with getting actor collection req " + collection) - - req.Header.Set("Accept", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - if err != nil { - fmt.Println("error with getting actor collection resp " + collection) - return nCollection - } - - - defer resp.Body.Close() - - if resp.StatusCode == 200 { - body, _ := ioutil.ReadAll(resp.Body) - - if len(body) > 0 { - err = json.Unmarshal(body, &nCollection) - - CheckError(err, "error getting actor collection from body " + collection) - } - } - - return nCollection -} - -func IsValidActor(id string) (Actor, bool) { - var respCollection Actor - req, err := http.NewRequest("GET", id, nil) - - CheckError(err, "error with valid actor request") - - req.Header.Set("Accept", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - CheckError(err, "error with valid actor response") - - defer resp.Body.Close() - - if resp.StatusCode == 403 { - return respCollection, false; - } - - body, _ := ioutil.ReadAll(resp.Body) - - err = json.Unmarshal(body, &respCollection) - - if err != nil { - panic(err) - } - - if respCollection.Id != "" && respCollection.Inbox != "" && respCollection.Outbox != "" { - return respCollection, true; - } - - return respCollection, false; -} - -func IsActivityLocal(db *sql.DB, activity Activity) bool { - for _, e := range activity.To { - if GetActorFromDB(db, e).Id != "" { - return true - } - } - - for _, e := range activity.Cc { - if GetActorFromDB(db, e).Id != "" { - return true - } - } - - if activity.Actor != nil && GetActorFromDB(db, activity.Actor.Id).Id != "" { - return true - } - - return false -} - -func IsIDLocal(db *sql.DB, id string) bool { - activity := GetActivityFromDB(db, id) - return len(activity.OrderedItems) > 0 -} - -func IsActorLocal(db *sql.DB, id string) bool { - actor := GetActorFromDB(db, id) - - if actor.Id != "" { - return true - } - - return false -} - -func IsObjectLocal(db *sql.DB, id string) bool { - - query := `select id from activitystream where id=$1` - - rows, _ := db.Query(query, id) - - var nID string - defer rows.Close() - rows.Next() - rows.Scan(&nID) - - if nID == "" { - return false - } - - return true -} - -func IsObjectCached(db *sql.DB, id string) bool { - - query := `select id from cacheactivitystream where id=$1` - rows, _ := db.Query(query, id) - - var nID string - defer rows.Close() - rows.Next() - rows.Scan(&nID) - - if nID == "" { - return false - } - - return true -} - -func GetObjectFromActivity(activity Activity) ObjectBase { - return *activity.Object -} - -func MakeCaptchas(db *sql.DB, total int) { - difference := total - GetCaptchaTotal(db) - - for i := 0; i < difference; i++ { - CreateNewCaptcha(db) - } -} - -func GetFileContentType(out multipart.File) (string, error) { - - buffer := make([]byte, 512) - - _, err := out.Read(buffer) - if err != nil { - return "", err - } - - out.Seek(0, 0) - - contentType := http.DetectContentType(buffer) - - return contentType, nil -} - -func IsReplyInThread(db *sql.DB, inReplyTo string, id string) bool { - obj, _ := CheckValidActivity(inReplyTo) - - for _, e := range obj.OrderedItems[0].Replies.OrderedItems { - if e.Id == id { - return true - } - } - return false -} - -func SupportedMIMEType(mime string) bool { - for _, e := range supportedFiles { - if e == mime { - return true - } - } - - return false -} - -func DeleteReportActivity(db *sql.DB, id string) bool { - - query := `delete from reported where id=$1` - - _, err := db.Exec(query, id) - - if err != nil { - CheckError(err, "error closing reported activity") - return false - } - - return true -} - -func ReportActivity(db *sql.DB, id string, reason string) bool { - - if !IsIDLocal(db, id) { - return false - } - - actor := GetActivityFromDB(db, id) - - query := `select count from reported where id=$1` - - rows, err := db.Query(query, id) - - CheckError(err, "could not select count from reported") - - defer rows.Close() - var count int - for rows.Next() { - rows.Scan(&count) - } - - if count < 1 { - query = `insert into reported (id, count, board, reason) values ($1, $2, $3, $4)` - - _, err := db.Exec(query, id, 1, actor.Actor.Id, reason) - - if err != nil { - CheckError(err, "error inserting new reported activity") - return false - } - - } else { - count = count + 1 - query = `update reported set count=$1 where id=$2` - - _, err := db.Exec(query, count, id) - - if err != nil { - CheckError(err, "error updating reported activity") - return false - } - } - - return true -} - -func GetActorReported(w http.ResponseWriter, r *http.Request, db *sql.DB, id string) { - - auth := r.Header.Get("Authorization") - verification := strings.Split(auth, " ") - - if len(verification) < 2 { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - if !HasAuth(db, verification[1], id) { - w.WriteHeader(http.StatusBadRequest) - w.Write([]byte("")) - return - } - - var following Collection - - following.AtContext.Context = "https://www.w3.org/ns/activitystreams" - following.Type = "Collection" - following.TotalItems = GetActorReportedTotal(db, id) - following.Items = GetActorReportedDB(db, id) - - enc, _ := json.MarshalIndent(following, "", "\t") - w.Header().Set("Content-Type", activitystreams) - w.Write(enc) -} - -func MakeActivityRequest(db *sql.DB, activity Activity) { - - j, _ := json.MarshalIndent(activity, "", "\t") - - var verify Verify - - verify.Board = activity.Actor.Id - verify.Identifier = "post" - - verify = GetVerificationCode(db, verify) - - auth := CreateTripCode(verify.Code) - - auth = CreateTripCode(auth) - - for _, e := range activity.To { - - actor := GetActor(e) - - if actor.Inbox != "" { - req, err := http.NewRequest("POST", actor.Inbox, bytes.NewBuffer(j)) - - req.Header.Set("Content-Type", activitystreams) - - req.Header.Set("Authorization", "Basic " + auth) - - CheckError(err, "error with sending activity req to") - - _, err = http.DefaultClient.Do(req) - - CheckError(err, "error with sending activity resp to") - } - } -} - -func GetCollectionFromID(id string) Collection { - var nColl Collection - - req, err := http.NewRequest("GET", id, nil) - - CheckError(err, "could not get collection from id req") - - req.Header.Set("Accept", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - if err != nil { - CheckError(err, "could not get collection from " + id) - return nColl - } - - if resp.StatusCode == 200 { - defer resp.Body.Close() - - body, _ := ioutil.ReadAll(resp.Body) - - err = json.Unmarshal(body, &nColl) - - CheckError(err, "error getting collection resp from json body") - - } - - return nColl -} - -func GetActorFromID(id string) Actor { - req, err := http.NewRequest("GET", id, nil) - - CheckError(err, "error getting actor from id req") - - req.Header.Set("Accept", activitystreams) - - resp, err := http.DefaultClient.Do(req) - - CheckError(err, "error getting actor from id resp") - - defer resp.Body.Close() - - body, _ := ioutil.ReadAll(resp.Body) - - var respCollection Collection - - err = json.Unmarshal(body, &respCollection) - - CheckError(err, "error getting actor resp from json body") - - return *respCollection.OrderedItems[0].Actor -} - -func GetConfigValue(value string) string{ - file, err := os.Open("config") - - CheckError(err, "there was an error opening the config file") - - defer file.Close() - - lines := bufio.NewScanner(file) - - for lines.Scan() { - line := strings.SplitN(lines.Text(), ":", 2) - if line[0] == value { - return line[1] - } - } - - return "" -} - -func PrintAdminAuth(db *sql.DB){ - query := fmt.Sprintf("select identifier, code from boardaccess where board='%s' and type='admin'", Domain) - - rows, err := db.Query(query) - - CheckError(err, "Error getting Domain auth") - - var code string - var identifier string - - rows.Next() - rows.Scan(&identifier, &code) - - fmt.Println("Admin Login: " + identifier + ", Code: " + code) -} - -func IsInStringArray(array []string, value string) bool { - for _, e := range array { - if e == value { - return true - } - } - return false -} - -func GetUniqueFilename(_type string) string { - id := RandomID(8) - file := "/public/" + id + "." + _type - - for true { - if _, err := os.Stat("." + file); err == nil { - id = RandomID(8) - file = "/public/" + id + "." + _type - }else{ - return "/public/" + id + "." + _type - } - } - - return "" -} - -func DeleteObjectRequest(db *sql.DB, id string) { - var nObj ObjectBase - var nActor Actor - nObj.Id = id - nObj.Actor = &nActor - - activity := CreateActivity("Delete", nObj) - - obj := GetObjectFromPath(db, id) - - activity.Actor.Id = obj.Actor.Id - - followers := GetActorFollowDB(db, obj.Actor.Id) - for _, e := range followers { - activity.To = append(activity.To, e.Id) - } - - following := GetActorFollowingDB(db, obj.Actor.Id) - for _, e := range following { - activity.To = append(activity.To, e.Id) - } - - MakeActivityRequest(db, activity) -} - -func DeleteObjectAndRepliesRequest(db *sql.DB, id string) { - var nObj ObjectBase - var nActor Actor - nObj.Id = id - nObj.Actor = &nActor - - activity := CreateActivity("Delete", nObj) - - obj := GetObjectByIDFromDB(db, id) - - activity.Actor.Id = obj.OrderedItems[0].Actor.Id - - activity.Object = &obj.OrderedItems[0] - - followers := GetActorFollowDB(db, obj.OrderedItems[0].Actor.Id) - for _, e := range followers { - activity.To = append(activity.To, e.Id) - } - - following := GetActorFollowingDB(db, obj.OrderedItems[0].Actor.Id) - for _, e := range following { - activity.To = append(activity.To, e.Id) - } - - MakeActivityRequest(db, activity) -} - -func ResizeAttachmentToPreview(db *sql.DB) { - query := `select id, href, mediatype, name, size, published from activitystream where id in (select attachment from activitystream where attachment!='' and preview='')` - - rows, err := db.Query(query) - - CheckError(err, "error getting attachments") - - - defer rows.Close() - for rows.Next() { - - var id string - var href string - var mediatype string - var name string - var size int - var published string - - rows.Scan(&id, &href, &mediatype, &name, &size, &published) - - re := regexp.MustCompile(`^\w+`) - - _type := re.FindString(mediatype) - - if _type == "image" { - - re = regexp.MustCompile(`.+/`) - - file := re.ReplaceAllString(mediatype, "") - - nHref := GetUniqueFilename(file) - - var nPreview NestedObjectBase - - re = regexp.MustCompile(`/\w+$`) - actor := re.ReplaceAllString(id, "") - - nPreview.Type = "Preview" - nPreview.Id = fmt.Sprintf("%s/%s", actor, CreateUniqueID(db, actor)) - nPreview.Name = name - nPreview.Href = Domain + "" + nHref - nPreview.MediaType = mediatype - nPreview.Size = int64(size) - nPreview.Published = published - nPreview.Updated = published - - re = regexp.MustCompile(`/public/.+`) - - objFile := re.FindString(href) - - if(id != "") { - cmd := exec.Command("convert", "." + objFile ,"-resize", "250x250>", "." + nHref) - - err := cmd.Run() - - CheckError(err, "error with resize attachment preview") - - if err == nil { - fmt.Println(objFile + " -> " + nHref) - WritePreviewToDB(db, nPreview) - UpdateObjectWithPreview(db, id, nPreview.Id) - } - } - } - } -} - -func UpdateObjectWithPreview(db *sql.DB, id string, preview string) { - query := `update activitystream set preview=$1 where attachment=$2` - - _, err := db.Exec(query, preview, id) - - CheckError(err, "could not update activity stream with preview") - -} - -func ParseCommentForReply(comment string) string { - - re := regexp.MustCompile("(>>)(https://|http://)?(www\\.)?.+\\/\\w+") - match := re.FindAllStringSubmatch(comment, -1) - - var links []string - - for i:= 0; i < len(match); i++ { - str := strings.Replace(match[i][0], ">>", "", 1) - links = append(links, str) - } - - if(len(links) > 0){ - _, isValid := CheckValidActivity(links[0]) - - if(isValid) { - return links[0] - } - } - - return "" -} - -func GetActorByName(db *sql.DB, name string) Actor { - var actor Actor - for _, e := range Boards { - if e.Actor.Name == name { - actor = e.Actor - } - } - - return actor -} - -func GetActorCollectionReq(r *http.Request, collection string) Collection { - var nCollection Collection - - req, err := http.NewRequest("GET", collection, nil) - - CheckError(err, "error with getting actor collection req " + collection) - - _, pass := GetPasswordFromSession(r) - - req.Header.Set("Accept", activitystreams) - - req.Header.Set("Authorization", "Basic " + pass) - - resp, err := http.DefaultClient.Do(req) - - CheckError(err, "error with getting actor collection resp " + collection) - - if resp.StatusCode == 200 { - - defer resp.Body.Close() - - body, _ := ioutil.ReadAll(resp.Body) - - err = json.Unmarshal(body, &nCollection) - - CheckError(err, "error getting actor collection from body " + collection) - } - - return nCollection -} - - -func shortURL(actorName string, url string) string { - - re := regexp.MustCompile(`outbox`) - - actor := re.ReplaceAllString(actorName, "") - - re = regexp.MustCompile(`\w+$`) - temp := re.ReplaceAllString(url, "") - - if(temp == actor){ - short := StripTransferProtocol(url) - - re := regexp.MustCompile(`\w+$`) - - id := re.FindString(short); - - return id; - }else{ - short := StripTransferProtocol(url) - - re := regexp.MustCompile(`\w+$`) - - id := re.FindString(short); - - re = regexp.MustCompile(`.+/.+/`) - - actorurl := re.FindString(short) - - re = regexp.MustCompile(`/.+/`) - - actorname := re.FindString(actorurl) - - actorname = strings.Replace(actorname, "/", "", -1) - - id = "f" + actorname + "-" + id - - return id; - } -} |