mirror of
https://gitea.phreedom.club/localhost_frssoft/bloat.git
synced 2025-05-09 13:28:44 +00:00
Merge patch and add useredit template...
Patch from: https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73 Patch description: Use cookies for session Remove the server side session storage and store all the session related data in the client side cookies. This decreases the exposure of the auth tokens. It also simplifies the installation process as bloat no longer requires write access to the filesystem. This is a breaking change, all the existing sessions will stop working.
This commit is contained in:
parent
42badedeeb
commit
f9702f81a9
15 changed files with 285 additions and 506 deletions
113
service/client.go
Normal file
113
service/client.go
Normal file
|
|
@ -0,0 +1,113 @@
|
|||
package service
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"bloat/mastodon"
|
||||
"bloat/model"
|
||||
"bloat/renderer"
|
||||
)
|
||||
|
||||
type client struct {
|
||||
*mastodon.Client
|
||||
w http.ResponseWriter
|
||||
r *http.Request
|
||||
s *model.Session
|
||||
csrf string
|
||||
ctx context.Context
|
||||
rctx *renderer.Context
|
||||
}
|
||||
|
||||
func (c *client) setSession(sess *model.Session) error {
|
||||
var sb strings.Builder
|
||||
bw := base64.NewEncoder(base64.URLEncoding, &sb)
|
||||
err := json.NewEncoder(bw).Encode(sess)
|
||||
bw.Close()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
http.SetCookie(c.w, &http.Cookie{
|
||||
Name: "session",
|
||||
Value: sb.String(),
|
||||
Expires: time.Now().Add(365 * 24 * time.Hour),
|
||||
})
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *client) getSession() (sess *model.Session, err error) {
|
||||
cookie, _ := c.r.Cookie("session")
|
||||
if cookie == nil {
|
||||
return nil, errInvalidSession
|
||||
}
|
||||
br := base64.NewDecoder(base64.URLEncoding, strings.NewReader(cookie.Value))
|
||||
err = json.NewDecoder(br).Decode(&sess)
|
||||
return
|
||||
}
|
||||
|
||||
func (c *client) unsetSession() {
|
||||
http.SetCookie(c.w, &http.Cookie{
|
||||
Name: "session",
|
||||
Value: "",
|
||||
Expires: time.Now(),
|
||||
})
|
||||
}
|
||||
|
||||
func (c *client) writeJson(data interface{}) error {
|
||||
return json.NewEncoder(c.w).Encode(map[string]interface{}{
|
||||
"data": data,
|
||||
})
|
||||
}
|
||||
|
||||
func (c *client) redirect(url string) {
|
||||
c.w.Header().Add("Location", url)
|
||||
c.w.WriteHeader(http.StatusFound)
|
||||
}
|
||||
|
||||
func (c *client) authenticate(t int) (err error) {
|
||||
csrf := c.r.FormValue("csrf_token")
|
||||
ref := c.r.URL.RequestURI()
|
||||
defer func() {
|
||||
if c.s == nil {
|
||||
c.s = &model.Session{
|
||||
Settings: *model.NewSettings(),
|
||||
}
|
||||
}
|
||||
c.rctx = &renderer.Context{
|
||||
HideAttachments: c.s.Settings.HideAttachments,
|
||||
MaskNSFW: c.s.Settings.MaskNSFW,
|
||||
ThreadInNewTab: c.s.Settings.ThreadInNewTab,
|
||||
FluorideMode: c.s.Settings.FluorideMode,
|
||||
DarkMode: c.s.Settings.DarkMode,
|
||||
CSRFToken: c.s.CSRFToken,
|
||||
UserID: c.s.UserID,
|
||||
AntiDopamineMode: c.s.Settings.AntiDopamineMode,
|
||||
InstanceEmojiFilter: c.s.Settings.InstanceEmojiFilter,
|
||||
AddReactionsFilter: c.s.Settings.AddReactionsFilter,
|
||||
UserCSS: c.s.Settings.CSS,
|
||||
Referrer: ref,
|
||||
}
|
||||
}()
|
||||
if t < SESSION {
|
||||
return
|
||||
}
|
||||
sess, err := c.getSession()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
c.s = sess
|
||||
c.Client = mastodon.NewClient(&mastodon.Config{
|
||||
Server: "https://" + c.s.Instance,
|
||||
ClientID: c.s.ClientID,
|
||||
ClientSecret: c.s.ClientSecret,
|
||||
AccessToken: c.s.AccessToken,
|
||||
})
|
||||
if t >= CSRF && (len(csrf) < 1 || csrf != c.s.CSRFToken) {
|
||||
return errInvalidCSRFToken
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
@ -29,14 +29,11 @@ type service struct {
|
|||
instance string
|
||||
postFormats []model.PostFormat
|
||||
renderer renderer.Renderer
|
||||
sessionRepo model.SessionRepo
|
||||
appRepo model.AppRepo
|
||||
}
|
||||
|
||||
func NewService(cname string, cscope string, cwebsite string,
|
||||
css string, instance string, postFormats []model.PostFormat,
|
||||
renderer renderer.Renderer, sessionRepo model.SessionRepo,
|
||||
appRepo model.AppRepo) *service {
|
||||
renderer renderer.Renderer) *service {
|
||||
return &service{
|
||||
cname: cname,
|
||||
cscope: cscope,
|
||||
|
|
@ -45,59 +42,9 @@ func NewService(cname string, cscope string, cwebsite string,
|
|||
instance: instance,
|
||||
postFormats: postFormats,
|
||||
renderer: renderer,
|
||||
sessionRepo: sessionRepo,
|
||||
appRepo: appRepo,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *service) authenticate(c *client, sid string, csrf string, ref string, t int) (err error) {
|
||||
var sett *model.Settings
|
||||
defer func() {
|
||||
if sett == nil {
|
||||
sett = model.NewSettings()
|
||||
}
|
||||
c.rctx = &renderer.Context{
|
||||
HideAttachments: sett.HideAttachments,
|
||||
MaskNSFW: sett.MaskNSFW,
|
||||
ThreadInNewTab: sett.ThreadInNewTab,
|
||||
FluorideMode: sett.FluorideMode,
|
||||
DarkMode: sett.DarkMode,
|
||||
CSRFToken: c.s.CSRFToken,
|
||||
UserID: c.s.UserID,
|
||||
AntiDopamineMode: sett.AntiDopamineMode,
|
||||
UserCSS: sett.CSS,
|
||||
InstanceEmojiFilter: sett.InstanceEmojiFilter,
|
||||
AddReactionsFilter: sett.AddReactionsFilter,
|
||||
Referrer: ref,
|
||||
}
|
||||
}()
|
||||
if t < SESSION {
|
||||
return
|
||||
}
|
||||
if len(sid) < 1 {
|
||||
return errInvalidSession
|
||||
}
|
||||
c.s, err = s.sessionRepo.Get(sid)
|
||||
if err != nil {
|
||||
return errInvalidSession
|
||||
}
|
||||
sett = &c.s.Settings
|
||||
app, err := s.appRepo.Get(c.s.InstanceDomain)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
c.Client = mastodon.NewClient(&mastodon.Config{
|
||||
Server: app.InstanceURL,
|
||||
ClientID: app.ClientID,
|
||||
ClientSecret: app.ClientSecret,
|
||||
AccessToken: c.s.AccessToken,
|
||||
})
|
||||
if t >= CSRF && (len(csrf) < 1 || csrf != c.s.CSRFToken) {
|
||||
return errInvalidCSRFToken
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (s *service) cdata(c *client, title string, count int, rinterval int,
|
||||
target string) (data *renderer.CommonData) {
|
||||
data = &renderer.CommonData{
|
||||
|
|
@ -902,7 +849,7 @@ func (s *service) SingleInstance() (instance string, ok bool) {
|
|||
return
|
||||
}
|
||||
|
||||
func (s *service) NewSession(c *client, instance string) (rurl string, sid string, err error) {
|
||||
func (s *service) NewSession(c *client, instance string) (rurl string, sess *model.Session, err error) {
|
||||
var instanceURL string
|
||||
if strings.HasPrefix(instance, "https://") {
|
||||
instanceURL = instance
|
||||
|
|
@ -911,7 +858,7 @@ func (s *service) NewSession(c *client, instance string) (rurl string, sid strin
|
|||
instanceURL = "https://" + instance
|
||||
}
|
||||
|
||||
sid, err = util.NewSessionID()
|
||||
sid, err := util.NewSessionID()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -920,42 +867,23 @@ func (s *service) NewSession(c *client, instance string) (rurl string, sid strin
|
|||
return
|
||||
}
|
||||
|
||||
sess := model.Session{
|
||||
ID: sid,
|
||||
InstanceDomain: instance,
|
||||
CSRFToken: csrf,
|
||||
Settings: *model.NewSettings(),
|
||||
}
|
||||
err = s.sessionRepo.Add(sess)
|
||||
app, err := mastodon.RegisterApp(c.ctx, &mastodon.AppConfig{
|
||||
Server: instanceURL,
|
||||
ClientName: s.cname,
|
||||
Scopes: s.cscope,
|
||||
Website: s.cwebsite,
|
||||
RedirectURIs: s.cwebsite + "/oauth_callback",
|
||||
})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
app, err := s.appRepo.Get(instance)
|
||||
if err != nil {
|
||||
if err != model.ErrAppNotFound {
|
||||
return
|
||||
}
|
||||
mastoApp, err := mastodon.RegisterApp(c.ctx, &mastodon.AppConfig{
|
||||
Server: instanceURL,
|
||||
ClientName: s.cname,
|
||||
Scopes: s.cscope,
|
||||
Website: s.cwebsite,
|
||||
RedirectURIs: s.cwebsite + "/oauth_callback",
|
||||
})
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
app = model.App{
|
||||
InstanceDomain: instance,
|
||||
InstanceURL: instanceURL,
|
||||
ClientID: mastoApp.ClientID,
|
||||
ClientSecret: mastoApp.ClientSecret,
|
||||
}
|
||||
err = s.appRepo.Add(app)
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
sess = &model.Session{
|
||||
ID: sid,
|
||||
Instance: instance,
|
||||
ClientID: app.ClientID,
|
||||
ClientSecret: app.ClientSecret,
|
||||
CSRFToken: csrf,
|
||||
Settings: *model.NewSettings(),
|
||||
}
|
||||
|
||||
u, err := url.Parse("/oauth/authorize")
|
||||
|
|
@ -989,12 +917,7 @@ func (s *service) Signin(c *client, code string) (err error) {
|
|||
}
|
||||
c.s.AccessToken = c.GetAccessToken(c.ctx)
|
||||
c.s.UserID = u.ID
|
||||
return s.sessionRepo.Add(c.s)
|
||||
}
|
||||
|
||||
func (s *service) Signout(c *client) (err error) {
|
||||
s.sessionRepo.Remove(c.s.ID)
|
||||
return
|
||||
return c.setSession(c.s)
|
||||
}
|
||||
|
||||
func (s *service) Post(c *client, content string, replyToID string,
|
||||
|
|
@ -1146,12 +1069,8 @@ func (s *service) SaveSettings(c *client, settings *model.Settings) (err error)
|
|||
if len(settings.CSS) > 1<<20 {
|
||||
return errInvalidArgument
|
||||
}
|
||||
sess, err := s.sessionRepo.Get(c.s.ID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
sess.Settings = *settings
|
||||
return s.sessionRepo.Add(sess)
|
||||
c.s.Settings = *settings
|
||||
return c.setSession(c.s)
|
||||
}
|
||||
|
||||
func (s *service) UserSave(c *client, usersettings mastodon.Profile) (err error) {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
package service
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
|
|
@ -10,15 +9,10 @@ import (
|
|||
|
||||
"bloat/mastodon"
|
||||
"bloat/model"
|
||||
"bloat/renderer"
|
||||
|
||||
"github.com/gorilla/mux"
|
||||
)
|
||||
|
||||
const (
|
||||
sessionExp = 365 * 24 * time.Hour
|
||||
)
|
||||
|
||||
const (
|
||||
HTML int = iota
|
||||
JSON
|
||||
|
|
@ -30,35 +24,6 @@ const (
|
|||
CSRF
|
||||
)
|
||||
|
||||
type client struct {
|
||||
*mastodon.Client
|
||||
w http.ResponseWriter
|
||||
r *http.Request
|
||||
s model.Session
|
||||
csrf string
|
||||
ctx context.Context
|
||||
rctx *renderer.Context
|
||||
}
|
||||
|
||||
func setSessionCookie(w http.ResponseWriter, sid string, exp time.Duration) {
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "session_id",
|
||||
Value: sid,
|
||||
Expires: time.Now().Add(exp),
|
||||
})
|
||||
}
|
||||
|
||||
func writeJson(c *client, data interface{}) error {
|
||||
return json.NewEncoder(c.w).Encode(map[string]interface{}{
|
||||
"data": data,
|
||||
})
|
||||
}
|
||||
|
||||
func redirect(c *client, url string) {
|
||||
c.w.Header().Add("Location", url)
|
||||
c.w.WriteHeader(http.StatusFound)
|
||||
}
|
||||
|
||||
func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
||||
r := mux.NewRouter()
|
||||
|
||||
|
|
@ -75,16 +40,6 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
}
|
||||
}
|
||||
|
||||
authenticate := func(c *client, t int) error {
|
||||
var sid string
|
||||
if cookie, _ := c.r.Cookie("session_id"); cookie != nil {
|
||||
sid = cookie.Value
|
||||
}
|
||||
csrf := c.r.FormValue("csrf_token")
|
||||
ref := c.r.URL.RequestURI()
|
||||
return s.authenticate(c, sid, csrf, ref, t)
|
||||
}
|
||||
|
||||
handle := func(f func(c *client) error, at int, rt int) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, req *http.Request) {
|
||||
var err error
|
||||
|
|
@ -108,7 +63,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
}
|
||||
c.w.Header().Add("Content-Type", ct)
|
||||
|
||||
err = authenticate(c, at)
|
||||
err = c.authenticate(at)
|
||||
if err != nil {
|
||||
writeError(c, err, rt, req.Method == http.MethodGet)
|
||||
return
|
||||
|
|
@ -123,16 +78,16 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
}
|
||||
|
||||
rootPage := handle(func(c *client) error {
|
||||
err := authenticate(c, SESSION)
|
||||
err := c.authenticate(SESSION)
|
||||
if err != nil {
|
||||
if err == errInvalidSession {
|
||||
redirect(c, "/signin")
|
||||
c.redirect("/signin")
|
||||
return nil
|
||||
}
|
||||
return err
|
||||
}
|
||||
if !c.s.IsLoggedIn() {
|
||||
redirect(c, "/signin")
|
||||
c.redirect("/signin")
|
||||
return nil
|
||||
}
|
||||
return s.RootPage(c)
|
||||
|
|
@ -147,12 +102,12 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if !ok {
|
||||
return s.SigninPage(c)
|
||||
}
|
||||
url, sid, err := s.NewSession(c, instance)
|
||||
url, sess, err := s.NewSession(c, instance)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
setSessionCookie(c.w, sid, sessionExp)
|
||||
redirect(c, url)
|
||||
c.setSession(sess)
|
||||
c.redirect(url)
|
||||
return nil
|
||||
}, NOAUTH, HTML)
|
||||
|
||||
|
|
@ -168,7 +123,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
}, SESSION, HTML)
|
||||
|
||||
defaultTimelinePage := handle(func(c *client) error {
|
||||
redirect(c, "/timeline/home")
|
||||
c.redirect("/timeline/home")
|
||||
return nil
|
||||
}, SESSION, HTML)
|
||||
|
||||
|
|
@ -276,7 +231,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, "/user/"+c.r.FormValue("id"))
|
||||
c.redirect("/user/"+c.r.FormValue("id"))
|
||||
return nil
|
||||
}, SESSION, HTML)
|
||||
|
||||
|
|
@ -290,12 +245,12 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
|
||||
signin := handle(func(c *client) error {
|
||||
instance := c.r.FormValue("instance")
|
||||
url, sid, err := s.NewSession(c, instance)
|
||||
url, sess, err := s.NewSession(c, instance)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
setSessionCookie(c.w, sid, sessionExp)
|
||||
redirect(c, url)
|
||||
c.setSession(sess)
|
||||
c.redirect(url)
|
||||
return nil
|
||||
}, NOAUTH, HTML)
|
||||
|
||||
|
|
@ -306,7 +261,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, "/")
|
||||
c.redirect("/")
|
||||
return nil
|
||||
}, SESSION, HTML)
|
||||
|
||||
|
|
@ -336,7 +291,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
} else {
|
||||
location = c.r.FormValue("referrer")
|
||||
}
|
||||
redirect(c, location)
|
||||
c.redirect(location)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -350,7 +305,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if len(rid) > 0 {
|
||||
id = rid
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -364,7 +319,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if len(rid) > 0 {
|
||||
id = rid
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -380,7 +335,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer")+"#status-"+id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -392,7 +347,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer")+"#status-"+id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -407,7 +362,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if len(rid) > 0 {
|
||||
id = rid
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -421,7 +376,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if len(rid) > 0 {
|
||||
id = rid
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -433,7 +388,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+statusID)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + statusID)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -449,7 +404,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -459,7 +414,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -469,7 +424,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -479,7 +434,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -495,7 +450,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -505,7 +460,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -515,7 +470,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -525,7 +480,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -535,7 +490,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -545,7 +500,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -586,7 +541,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, "/")
|
||||
c.redirect("/")
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -596,7 +551,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -606,7 +561,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -616,7 +571,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -626,7 +581,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -636,7 +591,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -647,7 +602,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -661,7 +616,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if len(rid) > 0 {
|
||||
id = rid
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -675,7 +630,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if len(rid) > 0 {
|
||||
id = rid
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer")+"#status-"+id)
|
||||
c.redirect(c.r.FormValue("referrer") + "#status-" + id)
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -686,7 +641,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -696,7 +651,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -710,7 +665,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -720,7 +675,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -731,7 +686,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -750,7 +705,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -762,14 +717,13 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
redirect(c, c.r.FormValue("referrer"))
|
||||
c.redirect(c.r.FormValue("referrer"))
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
signout := handle(func(c *client) error {
|
||||
s.Signout(c)
|
||||
setSessionCookie(c.w, "", 0)
|
||||
redirect(c, "/")
|
||||
c.unsetSession()
|
||||
c.redirect("/")
|
||||
return nil
|
||||
}, CSRF, HTML)
|
||||
|
||||
|
|
@ -779,7 +733,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return writeJson(c, count)
|
||||
return c.writeJson(count)
|
||||
}, CSRF, JSON)
|
||||
|
||||
fUnlike := handle(func(c *client) error {
|
||||
|
|
@ -788,7 +742,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return writeJson(c, count)
|
||||
return c.writeJson(count)
|
||||
}, CSRF, JSON)
|
||||
|
||||
fRetweet := handle(func(c *client) error {
|
||||
|
|
@ -797,7 +751,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return writeJson(c, count)
|
||||
return c.writeJson(count)
|
||||
}, CSRF, JSON)
|
||||
|
||||
fUnretweet := handle(func(c *client) error {
|
||||
|
|
@ -806,7 +760,7 @@ func NewHandler(s *service, logger *log.Logger, staticDir string) http.Handler {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return writeJson(c, count)
|
||||
return c.writeJson(count)
|
||||
}, CSRF, JSON)
|
||||
|
||||
r.HandleFunc("/", rootPage).Methods(http.MethodGet)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue