1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
package routes
import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"
"log"
"net/http"
"time"
"github.com/FChannel0/FChannel-Server/activitypub"
"github.com/FChannel0/FChannel-Server/config"
"github.com/FChannel0/FChannel-Server/db"
"github.com/FChannel0/FChannel-Server/util"
"github.com/FChannel0/FChannel-Server/webfinger"
"github.com/gofiber/fiber/v2"
"github.com/gofrs/uuid"
)
func AdminVerify(ctx *fiber.Ctx) error {
identifier := ctx.FormValue("id")
code := ctx.FormValue("code")
var verify db.Verify
verify.Identifier = identifier
verify.Code = code
j, _ := json.Marshal(&verify)
req, err := http.NewRequest("POST", config.Domain+"/auth", bytes.NewBuffer(j))
if err != nil {
log.Println("error making verify req")
return err
}
req.Header.Set("Content-Type", config.ActivityStreams)
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Println("error getting verify resp")
return err
}
defer resp.Body.Close()
rBody, _ := ioutil.ReadAll(resp.Body)
body := string(rBody)
if resp.StatusCode != 200 {
return ctx.Redirect("/"+config.Key, http.StatusPermanentRedirect)
}
//TODO remove redis dependency
sessionToken, _ := uuid.NewV4()
_, err = db.Cache.Do("SETEX", sessionToken, "86400", body+"|"+verify.Code)
if err != nil {
return ctx.Redirect("/"+config.Key, http.StatusPermanentRedirect)
}
ctx.Cookie(&fiber.Cookie{
Name: "session_token",
Value: sessionToken.String(),
Expires: time.Now().UTC().Add(60 * 60 * 48 * time.Second),
})
return ctx.Redirect("/", http.StatusSeeOther)
}
// TODO remove this route it is mostly unneeded
func AdminAuth(ctx *fiber.Ctx) error {
var verify db.Verify
err := json.Unmarshal(ctx.Body(), &verify)
if err != nil {
log.Println("error get verify from json")
return err
}
v, _ := db.GetVerificationByCode(verify.Code)
if v.Identifier == verify.Identifier {
_, err := ctx.Write([]byte(v.Board))
return err
}
ctx.Response().Header.SetStatusCode(http.StatusBadRequest)
_, err = ctx.Write([]byte(""))
return err
}
func AdminIndex(ctx *fiber.Ctx) error {
fmt.Println("admin index")
id, _ := db.GetPasswordFromSession(ctx)
actor, _ := webfinger.GetActorFromPath(ctx.Path(), "/"+config.Key+"/")
if actor.Id == "" {
actor, _ = activitypub.GetActorByNameFromDB(config.Domain)
}
if id == "" || (id != actor.Id && id != config.Domain) {
return ctx.Render("verify", fiber.Map{})
}
actor, err := webfinger.GetActor(config.Domain)
if err != nil {
return err
}
follow, _ := webfinger.GetActorCollection(actor.Following)
follower, _ := webfinger.GetActorCollection(actor.Followers)
var following []string
var followers []string
for _, e := range follow.Items {
following = append(following, e.Id)
}
for _, e := range follower.Items {
followers = append(followers, e.Id)
}
var adminData AdminPage
adminData.Following = following
adminData.Followers = followers
adminData.Actor = actor.Id
adminData.Key = config.Key
adminData.Domain = config.Domain
adminData.Board.ModCred, _ = db.GetPasswordFromSession(ctx)
adminData.Title = actor.Name + " Admin page"
adminData.Boards = webfinger.Boards
adminData.Board.Post.Actor = actor.Id
adminData.PostBlacklist, _ = util.GetRegexBlacklistDB()
adminData.Themes = &config.Themes
return ctx.Render("admin", fiber.Map{
"page": adminData,
})
}
func AdminAddBoard(c *fiber.Ctx) error {
// STUB
return c.SendString("admin add board")
}
func AdminPostNews(c *fiber.Ctx) error {
// STUB
return c.SendString("admin post news")
}
func AdminNewsDelete(c *fiber.Ctx) error {
// STUB
return c.SendString("admin news delete")
}
|
