Compare commits
No commits in common. "master" and "88b5b941dfe73b2942f3c64551e34bad22cd182d" have entirely different histories.
master
...
88b5b941df
.golangci.yml.goreleaser.yaml.woodpecker.ymlDockerfileREADME.md
api
auth.goauth_test.goclient
cmd
config.gofiles
filestore.gofilestore_fs.gofilestore_fs_test.gofilestore_memory.gofilestore_memory_test.gofilestore_test.gogo.modgo.sumgpaste-server.tomlhttp.gohttp_test.gomiddleware.gouser.gouser_test.gousers
userstore_bolt.gouserstore_bolt_test.gouserstore_memory.gouserstore_memory_test.gouserstore_test.go@ -1,35 +0,0 @@
|
||||
run:
|
||||
tests: false
|
||||
linters:
|
||||
enable:
|
||||
- deadcode
|
||||
- errcheck
|
||||
- gosimple
|
||||
- govet
|
||||
- ineffassign
|
||||
- staticcheck
|
||||
- structcheck
|
||||
- typecheck
|
||||
- unused
|
||||
- varcheck
|
||||
- gosec
|
||||
- asciicheck
|
||||
- bidichk
|
||||
- bodyclose
|
||||
- gomnd
|
||||
- ifshort
|
||||
- misspell
|
||||
- prealloc
|
||||
- tagliatelle
|
||||
- ireturn
|
||||
- gocritic
|
||||
- whitespace
|
||||
- stylecheck
|
||||
- exportloopref
|
||||
- godot
|
||||
- gofumpt
|
||||
|
||||
linters-settings:
|
||||
gomnd:
|
||||
ignored-functions:
|
||||
- "strconv.ParseUint"
|
@ -6,7 +6,6 @@ before:
|
||||
- go mod tidy
|
||||
# you may remove this if you don't need go generate
|
||||
- go generate ./...
|
||||
|
||||
builds:
|
||||
- id: "gpaste-client"
|
||||
binary: "gpaste"
|
||||
@ -29,42 +28,22 @@ builds:
|
||||
goarch:
|
||||
- amd64
|
||||
main: ./cmd/server/server.go
|
||||
|
||||
archives:
|
||||
- format_overrides:
|
||||
- goos: windows
|
||||
format: zip
|
||||
|
||||
checksum:
|
||||
name_template: 'checksums.txt'
|
||||
|
||||
snapshot:
|
||||
name_template: "{{ incpatch .Version }}-next"
|
||||
|
||||
changelog:
|
||||
sort: asc
|
||||
filters:
|
||||
exclude:
|
||||
- '^docs:'
|
||||
- '^test:'
|
||||
|
||||
scoop:
|
||||
url_template: "https://git.t-juice.club/torjus/gpaste/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
|
||||
bucket:
|
||||
owner: torjus
|
||||
name: scoop-tjuice
|
||||
branch: master
|
||||
folder: bucket
|
||||
commit_author:
|
||||
name: ci.t-juice.club
|
||||
email: ci@t-juice.club
|
||||
commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}"
|
||||
homepage: "https://git.t-juice.club/torjus/gpaste"
|
||||
description: "Simple pastebin-style thingie."
|
||||
|
||||
gitea_urls:
|
||||
api: https://git.t-juice.club/api/v1/
|
||||
download: https://git.t-juice.club
|
||||
|
||||
env_files:
|
||||
gitea_token: gitea_token
|
||||
|
@ -2,22 +2,14 @@ pipeline:
|
||||
test:
|
||||
image: golang:latest
|
||||
commands:
|
||||
- go build -o gpaste-client ./cmd/client/client.go
|
||||
- go build -o gpaste-server ./cmd/server/server.go
|
||||
- go test -cover -coverprofile="/tmp/cover.out" ./...
|
||||
- go tool cover -func="/tmp/cover.out"
|
||||
- go build ./cmd/client/client.go
|
||||
- go build ./cmd/server/server.go
|
||||
- go test -v ./...
|
||||
- go vet ./...
|
||||
when:
|
||||
branch: master
|
||||
event: [push, pull_request, tag, deployment]
|
||||
|
||||
lint:
|
||||
image: golangci/golangci-lint:v1.43.0
|
||||
commands:
|
||||
- golangci-lint run
|
||||
when:
|
||||
event: [push, pull_request]
|
||||
|
||||
image-latest:
|
||||
image: plugins/docker
|
||||
settings:
|
||||
|
@ -10,5 +10,4 @@ RUN go build -o gpaste-server ./cmd/server/server.go
|
||||
FROM alpine:latest
|
||||
COPY --from=builder /src/gpaste /bin/gpaste
|
||||
COPY --from=builder /src/gpaste-server /bin/gpaste-server
|
||||
EXPOSE 8080
|
||||
CMD ["/bin/gpaste-server"]
|
35
README.md
35
README.md
@ -1,35 +0,0 @@
|
||||
![status-badge](https://ci.t-juice.club/api/badges/torjus/gpaste/status.svg)
|
||||
|
||||
# gpaste
|
||||
|
||||
Simple pastebin-style webapp.
|
||||
|
||||
## Build
|
||||
|
||||
### gpaste-server
|
||||
|
||||
```text
|
||||
go build -o gpaste-server cmd/server/server.go
|
||||
```
|
||||
|
||||
### gpaste-client
|
||||
|
||||
```text
|
||||
go build -o gpaste cmd/client/client.go
|
||||
```
|
||||
|
||||
## Run using docker
|
||||
|
||||
### From registry
|
||||
|
||||
```text
|
||||
docker pull registry.t-juice.club/gpaste:latest
|
||||
docker run --rm -it -p 8080:8080 registry.t-juice.club/gpaste:latest
|
||||
```
|
||||
|
||||
### From Dockerfile
|
||||
|
||||
```text
|
||||
docker build -t gpaste:latest .
|
||||
docker run --rm -it p 8080:8080 gpaste:latest
|
||||
```
|
302
api/http.go
302
api/http.go
@ -1,302 +0,0 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"io"
|
||||
"net/http"
|
||||
"path"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/go-chi/chi/v5/middleware"
|
||||
"github.com/google/uuid"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
const multipartMaxMemory = 1024 * 1024 * 100
|
||||
|
||||
type HTTPServer struct {
|
||||
Files files.FileStore
|
||||
Users users.UserStore
|
||||
Auth *gpaste.AuthService
|
||||
config *gpaste.ServerConfig
|
||||
Logger *zap.SugaredLogger
|
||||
AccessLogger *zap.SugaredLogger
|
||||
http.Server
|
||||
}
|
||||
|
||||
func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
|
||||
srv := &HTTPServer{
|
||||
config: cfg,
|
||||
Logger: zap.NewNop().Sugar(),
|
||||
AccessLogger: zap.NewNop().Sugar(),
|
||||
Files: files.NewMemoryFileStore(),
|
||||
Users: users.NewMemoryUserStore(),
|
||||
}
|
||||
signingSecret, _ := uuid.Must(uuid.NewRandom()).MarshalBinary()
|
||||
srv.Auth = gpaste.NewAuthService(srv.Users, signingSecret)
|
||||
|
||||
r := chi.NewRouter()
|
||||
r.Use(middleware.RealIP)
|
||||
r.Use(middleware.RequestID)
|
||||
r.Use(srv.MiddlewareAccessLogger)
|
||||
r.Use(srv.MiddlewareAuthentication)
|
||||
r.Get("/", srv.HandlerIndex)
|
||||
r.Post("/api/file", srv.HandlerAPIFilePost)
|
||||
r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
|
||||
r.Delete("/api/file/{id}", srv.HandlerAPIFileDelete)
|
||||
r.Post("/api/login", srv.HandlerAPILogin)
|
||||
r.Post("/api/user", srv.HandlerAPIUserCreate)
|
||||
srv.Handler = r
|
||||
|
||||
return srv
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerIndex(w http.ResponseWriter, r *http.Request) {
|
||||
_, _ = w.Write([]byte("index"))
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
// Check if multipart form
|
||||
ct := r.Header.Get("Content-Type")
|
||||
if strings.Contains(ct, "multipart/form-data") {
|
||||
s.processMultiPartFormUpload(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
f := fileFromParams(r)
|
||||
f.ID = uuid.NewString()
|
||||
f.Body = r.Body
|
||||
|
||||
err := s.Files.Store(f)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "remote_addr", r.RemoteAddr)
|
||||
|
||||
fileURL := path.Join(s.config.URL, "/api/file", f.ID)
|
||||
resp := &ResponseAPIFilePost{
|
||||
Message: "OK",
|
||||
Files: []ResponseAPIFilePostFiles{
|
||||
{
|
||||
ID: f.ID,
|
||||
URL: fileURL,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusAccepted)
|
||||
|
||||
encoder := json.NewEncoder(w)
|
||||
if err := encoder.Encode(&resp); err != nil {
|
||||
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
|
||||
id := chi.URLParam(r, "id")
|
||||
if id == "" {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
f, err := s.Files.Get(id)
|
||||
if err != nil {
|
||||
// TODO: LOG
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
|
||||
if _, err := io.Copy(w, f.Body); err != nil {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
s.Logger.Warnw("Error writing file to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIFileDelete(w http.ResponseWriter, r *http.Request) {
|
||||
// TODO: Require auth
|
||||
id := chi.URLParam(r, "id")
|
||||
if id == "" {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
if err := s.Files.Delete(id); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
s.Logger.Infow("Deleted file", "id", id, "req_id", reqID)
|
||||
}
|
||||
|
||||
func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
var resp ResponseAPIFilePost
|
||||
|
||||
if err := r.ParseMultipartForm(multipartMaxMemory); err != nil {
|
||||
s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
|
||||
}
|
||||
|
||||
for k := range r.MultipartForm.File {
|
||||
ff, fh, err := r.FormFile(k)
|
||||
if err != nil {
|
||||
s.Logger.Warnw("Error reading file from multipart form.", "req_id", reqID, "error", err)
|
||||
return
|
||||
}
|
||||
|
||||
f := fileFromParams(r)
|
||||
f.ID = uuid.NewString()
|
||||
f.OriginalFilename = fh.Filename
|
||||
f.Body = ff
|
||||
|
||||
if err := s.Files.Store(f); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
|
||||
|
||||
fileURL := path.Join(s.config.URL, "/api/file", f.ID)
|
||||
fileResponse := ResponseAPIFilePostFiles{ID: f.ID, URL: fileURL}
|
||||
resp.Files = append(resp.Files, fileResponse)
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusAccepted)
|
||||
encoder := json.NewEncoder(w)
|
||||
|
||||
if err := encoder.Encode(&resp); err != nil {
|
||||
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
var expectedRequest RequestAPILogin
|
||||
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
defer r.Body.Close()
|
||||
|
||||
if err := decoder.Decode(&expectedRequest); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
token, err := s.Auth.Login(expectedRequest.Username, expectedRequest.Password)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
response := ResponseAPILogin{
|
||||
Token: token,
|
||||
}
|
||||
|
||||
s.Logger.Infow("User logged in.", "req_id", reqID, "username", expectedRequest.Username)
|
||||
|
||||
encoder := json.NewEncoder(w)
|
||||
if err := encoder.Encode(&response); err != nil {
|
||||
s.Logger.Infow("Error encoding json response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
defer r.Body.Close()
|
||||
|
||||
role, err := RoleFromRequest(r)
|
||||
if err != nil || role != users.RoleAdmin {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
var req RequestAPIUserCreate
|
||||
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
if err := decoder.Decode(&req); err != nil {
|
||||
s.Logger.Debugw("Error parsing request.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// TODO: Ensure user does not already exist
|
||||
user := &users.User{Username: req.Username, Role: users.RoleUser}
|
||||
if err := user.SetPassword(req.Password); err != nil {
|
||||
s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
if err := s.Users.Store(user); err != nil {
|
||||
s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusAccepted)
|
||||
s.Logger.Infow("Created user.", "req_id", reqID, "remote_addr", r.RemoteAddr, "username", req.Username)
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIUserList(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
l, err := s.Users.List()
|
||||
if err != nil {
|
||||
s.Logger.Warnw("Error listing users.", "req_id", reqID, "error", err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
encoder := json.NewEncoder(w)
|
||||
if err := encoder.Encode(l); err != nil {
|
||||
s.Logger.Warnw("Error encoding response.", "req_id", "error", err)
|
||||
}
|
||||
}
|
||||
|
||||
func fileFromParams(r *http.Request) *files.File {
|
||||
const (
|
||||
keyMaxViews = "max_views"
|
||||
keyExpiresOn = "exp"
|
||||
)
|
||||
|
||||
var f files.File
|
||||
|
||||
q := r.URL.Query()
|
||||
|
||||
if q.Has(keyMaxViews) {
|
||||
views, err := strconv.ParseUint(q.Get(keyMaxViews), 10, 64) // nolint: gomnd
|
||||
if err == nil {
|
||||
f.MaxViews = uint(views)
|
||||
}
|
||||
}
|
||||
|
||||
if q.Has(keyExpiresOn) {
|
||||
exp, err := time.Parse(time.RFC3339, q.Get(keyExpiresOn))
|
||||
if err == nil {
|
||||
f.ExpiresOn = exp
|
||||
}
|
||||
}
|
||||
|
||||
return &f
|
||||
}
|
280
api/http_test.go
280
api/http_test.go
@ -1,280 +0,0 @@
|
||||
package api_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"git.t-juice.club/torjus/gpaste/api"
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
func TestHandlers(t *testing.T) {
|
||||
//cfg := &gpaste.ServerConfig{
|
||||
// SigningSecret: "abc123",
|
||||
// Store: &gpaste.ServerStoreConfig{
|
||||
// Type: "memory",
|
||||
// },
|
||||
// URL: "http://localhost:8080",
|
||||
//}
|
||||
//hs := api.NewHTTPServer(cfg)
|
||||
|
||||
t.Run("index", func(t *testing.T) {
|
||||
hs := newServer()
|
||||
rr := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if status := rr.Code; status != http.StatusOK {
|
||||
t.Errorf("Returned unexpected status")
|
||||
}
|
||||
|
||||
expectedBody := "index"
|
||||
if body := rr.Body.String(); body != expectedBody {
|
||||
t.Errorf("Body does not match expected. Got %s want %s", body, expectedBody)
|
||||
}
|
||||
})
|
||||
t.Run("api", func(t *testing.T) {
|
||||
t.Run("file", func(t *testing.T) {
|
||||
// POST /api/file
|
||||
t.Run("POST", func(t *testing.T) {
|
||||
hs := newServer()
|
||||
rr := httptest.NewRecorder()
|
||||
buf := &bytes.Buffer{}
|
||||
mw := multipart.NewWriter(buf)
|
||||
fw, err := mw.CreateFormFile("test", "test.txt")
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to create form file: %s", err)
|
||||
}
|
||||
expectedData := "Test OMEGALUL PLS."
|
||||
if _, err := io.WriteString(fw, expectedData); err != nil {
|
||||
t.Fatalf("Unable to write body to buffer: %s", err)
|
||||
}
|
||||
mw.Close()
|
||||
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/file?max_views=99", buf)
|
||||
req.Header.Add("Content-Type", mw.FormDataContentType())
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if status := rr.Code; status != http.StatusAccepted {
|
||||
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
|
||||
}
|
||||
|
||||
var expectedResp api.ResponseAPIFilePost
|
||||
|
||||
decoder := json.NewDecoder(rr.Result().Body)
|
||||
if err := decoder.Decode(&expectedResp); err != nil {
|
||||
t.Fatalf("error decoding response: %s", err)
|
||||
}
|
||||
|
||||
if l := len(expectedResp.Files); l != 1 {
|
||||
t.Errorf("Response has wrong length. Got %d want %d", l, 1)
|
||||
}
|
||||
|
||||
uploadID := expectedResp.Files[0].ID
|
||||
if uploadID == "" {
|
||||
t.Errorf("Response has empty id")
|
||||
}
|
||||
|
||||
retrieved, err := hs.Files.Get(uploadID)
|
||||
if err != nil {
|
||||
t.Errorf("Error retrieving file: %s", err)
|
||||
}
|
||||
defer retrieved.Body.Close()
|
||||
retBuf := new(bytes.Buffer)
|
||||
io.Copy(retBuf, retrieved.Body)
|
||||
if diff := cmp.Diff(retBuf.String(), expectedData); diff != "" {
|
||||
t.Errorf("Retrieved file mismatch: %s", diff)
|
||||
}
|
||||
|
||||
if retrieved.MaxViews != 99 {
|
||||
t.Errorf("Uploaded file has wrong max_views: %d", retrieved.MaxViews)
|
||||
}
|
||||
})
|
||||
// GET /api/file/id
|
||||
t.Run("GET", func(t *testing.T) {
|
||||
hs := newServer()
|
||||
fileData := "abc123456"
|
||||
sr := io.NopCloser(strings.NewReader(fileData))
|
||||
file := &files.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "test-file.txt",
|
||||
MaxViews: 99,
|
||||
ExpiresOn: time.Now().Add(90 * time.Second),
|
||||
Body: sr,
|
||||
}
|
||||
hs.Files.Store(file)
|
||||
rr := httptest.NewRecorder()
|
||||
url := fmt.Sprintf("/api/file/%s", file.ID)
|
||||
req := httptest.NewRequest(http.MethodGet, url, nil)
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if status := rr.Code; status != http.StatusOK {
|
||||
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
|
||||
t.Logf(url)
|
||||
}
|
||||
if diff := cmp.Diff(rr.Body.String(), fileData); diff != "" {
|
||||
t.Errorf("Returned body does not match expected: %s", diff)
|
||||
}
|
||||
})
|
||||
|
||||
// DELETE /api/file/id
|
||||
t.Run("DELETE", func(t *testing.T) {
|
||||
hs := newServer()
|
||||
fileBody := io.NopCloser(strings.NewReader("roflcopter"))
|
||||
file := &files.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "testpls.txt",
|
||||
MaxViews: 9,
|
||||
ExpiresOn: time.Now().Add(10 * time.Hour),
|
||||
Body: fileBody,
|
||||
}
|
||||
|
||||
if err := hs.Files.Store(file); err != nil {
|
||||
t.Fatalf("Error storing file: %s", err)
|
||||
}
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
url := fmt.Sprintf("/api/file/%s", file.ID)
|
||||
req := httptest.NewRequest(http.MethodDelete, url, nil)
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if rr.Result().StatusCode != http.StatusOK {
|
||||
t.Fatalf("Delete returned wrong status: %s", rr.Result().Status)
|
||||
}
|
||||
|
||||
if _, err := hs.Files.Get(file.ID); err == nil {
|
||||
t.Errorf("Getting after delete returned no error")
|
||||
}
|
||||
})
|
||||
})
|
||||
// /api/user
|
||||
|
||||
t.Run("user", func(t *testing.T) {
|
||||
t.Run("POST", func(t *testing.T) {
|
||||
hs := newServer()
|
||||
adminPw := "admin"
|
||||
admin := &users.User{
|
||||
Username: "admin",
|
||||
Role: users.RoleAdmin,
|
||||
}
|
||||
_ = admin.SetPassword(adminPw)
|
||||
_ = hs.Users.Store(admin)
|
||||
|
||||
token, err := hs.Auth.Login(admin.Username, adminPw)
|
||||
if err != nil {
|
||||
t.Fatalf("error getting admin token: %s", err)
|
||||
}
|
||||
|
||||
requestData := &api.RequestAPIUserCreate{
|
||||
Username: "test",
|
||||
Password: "test",
|
||||
}
|
||||
body := new(bytes.Buffer)
|
||||
encoder := json.NewEncoder(body)
|
||||
if err := encoder.Encode(requestData); err != nil {
|
||||
t.Fatalf("Error encoding data: %s", err)
|
||||
}
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/user", body)
|
||||
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if rr.Result().StatusCode != http.StatusAccepted {
|
||||
t.Fatalf("Create returned wrong status: %s", rr.Result().Status)
|
||||
}
|
||||
|
||||
user, err := hs.Users.Get(requestData.Username)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to get user after create: %s", err)
|
||||
}
|
||||
|
||||
expectedUser := &users.User{
|
||||
Username: requestData.Username,
|
||||
Role: users.RoleUser,
|
||||
}
|
||||
ignorePW := cmp.FilterPath(func(p cmp.Path) bool {
|
||||
return p.String() == "HashedPassword"
|
||||
}, cmp.Ignore())
|
||||
|
||||
if diff := cmp.Diff(user, expectedUser, ignorePW); diff != "" {
|
||||
t.Errorf("User does not match expected: %s", diff)
|
||||
}
|
||||
})
|
||||
})
|
||||
|
||||
// /api/login
|
||||
t.Run("Login", func(t *testing.T) {
|
||||
hs := newServer()
|
||||
// TODO: Add test
|
||||
username := "admin"
|
||||
password := "admin"
|
||||
user := &users.User{Username: username}
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
t.Fatalf("Error setting user password: %s", err)
|
||||
}
|
||||
if err := hs.Users.Store(user); err != nil {
|
||||
t.Fatalf("Error storing user: %s", err)
|
||||
}
|
||||
|
||||
requestData := struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}{
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
|
||||
body := new(bytes.Buffer)
|
||||
encoder := json.NewEncoder(body)
|
||||
if err := encoder.Encode(&requestData); err != nil {
|
||||
t.Fatalf("Error encoding request body: %s", err)
|
||||
}
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/login", body)
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
responseData := struct {
|
||||
Token string `json:"token"`
|
||||
}{}
|
||||
|
||||
decoder := json.NewDecoder(rr.Body)
|
||||
if err := decoder.Decode(&responseData); err != nil {
|
||||
t.Fatalf("Error decoding response: %s", err)
|
||||
}
|
||||
|
||||
if _, err := hs.Auth.ValidateToken(responseData.Token); err != nil {
|
||||
t.Fatalf("Unable to validate received token: %s", err)
|
||||
}
|
||||
})
|
||||
})
|
||||
|
||||
}
|
||||
|
||||
func newServer() *api.HTTPServer {
|
||||
cfg := &gpaste.ServerConfig{
|
||||
SigningSecret: "abc123",
|
||||
Store: &gpaste.ServerStoreConfig{
|
||||
Type: "memory",
|
||||
},
|
||||
URL: "http://localhost:8080",
|
||||
}
|
||||
return api.NewHTTPServer(cfg)
|
||||
}
|
29
api/json.go
29
api/json.go
@ -1,29 +0,0 @@
|
||||
package api
|
||||
|
||||
type RequestAPIUserCreate struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
type RequestAPILogin struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
type ResponseAPILogin struct {
|
||||
Token string `json:"token"`
|
||||
}
|
||||
|
||||
type ResponseAPIFilePost struct {
|
||||
Message string `json:"message"`
|
||||
Files []ResponseAPIFilePostFiles `json:"files"`
|
||||
}
|
||||
|
||||
type ResponseAPIFilePostFiles struct {
|
||||
ID string `json:"id"`
|
||||
URL string `json:"url"`
|
||||
}
|
||||
|
||||
type ResponseAPIUserList struct {
|
||||
Usernames []string `json:"usernames"`
|
||||
}
|
@ -1,154 +0,0 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/go-chi/chi/v5/middleware"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type authCtxKey int
|
||||
|
||||
const (
|
||||
authCtxUsername authCtxKey = iota
|
||||
authCtxAuthLevel
|
||||
authCtxClaims
|
||||
)
|
||||
|
||||
func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
|
||||
fn := func(w http.ResponseWriter, r *http.Request) {
|
||||
ww := middleware.NewWrapResponseWriter(w, r.ProtoMajor)
|
||||
t1 := time.Now()
|
||||
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
// TODO: Maybe desugar in HTTPServer to avoid doing for all requests
|
||||
logger := s.AccessLogger.Desugar()
|
||||
|
||||
defer func() {
|
||||
// DEBUG level
|
||||
if ce := logger.Check(zap.DebugLevel, r.Method); ce != nil {
|
||||
ct := r.Header.Get("Content-Type")
|
||||
ce.Write(
|
||||
zap.String("req_id", reqID),
|
||||
zap.String("path", r.URL.Path),
|
||||
zap.Int("status", ww.Status()),
|
||||
zap.String("remote_addr", r.RemoteAddr),
|
||||
zap.Int("bytes_written", ww.BytesWritten()),
|
||||
zap.Duration("processing_time", time.Since(t1)),
|
||||
zap.String("content_type", ct),
|
||||
zap.Any("headers", r.Header),
|
||||
)
|
||||
} else {
|
||||
// INFO level
|
||||
if ce := logger.Check(zap.InfoLevel, r.Method); ce != nil {
|
||||
ce.Write(
|
||||
zap.String("req_id", reqID),
|
||||
zap.String("path", r.URL.Path),
|
||||
zap.Int("status", ww.Status()),
|
||||
zap.String("remote_addr", r.RemoteAddr),
|
||||
zap.Int("bytes_written", ww.BytesWritten()),
|
||||
zap.Duration("processing_time", time.Since(t1)),
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
_ = logger.Sync()
|
||||
}()
|
||||
|
||||
next.ServeHTTP(ww, r)
|
||||
}
|
||||
|
||||
return http.HandlerFunc(fn)
|
||||
}
|
||||
|
||||
func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
|
||||
fn := func(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
header := r.Header.Get("Authorization")
|
||||
if header == "" {
|
||||
s.Logger.Debugw("Request has no auth header.", "req_id", reqID)
|
||||
next.ServeHTTP(w, r)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
splitHeader := strings.Split(header, "Bearer ")
|
||||
if len(splitHeader) != 2 { // nolint: gomnd
|
||||
s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
|
||||
next.ServeHTTP(w, r)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
token := splitHeader[1]
|
||||
|
||||
claims, err := s.Auth.ValidateToken(token)
|
||||
if err != nil {
|
||||
s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
|
||||
next.ServeHTTP(w, r)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
ctx := context.WithValue(r.Context(), authCtxUsername, claims.Subject)
|
||||
ctx = context.WithValue(ctx, authCtxAuthLevel, claims.Role)
|
||||
ctx = context.WithValue(ctx, authCtxClaims, claims)
|
||||
withCtx := r.WithContext(ctx)
|
||||
|
||||
s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject, "role", claims.Role)
|
||||
|
||||
next.ServeHTTP(w, withCtx)
|
||||
}
|
||||
|
||||
return http.HandlerFunc(fn)
|
||||
}
|
||||
|
||||
func UsernameFromRequest(r *http.Request) (string, error) {
|
||||
rawUsername := r.Context().Value(authCtxUsername)
|
||||
if rawUsername == nil {
|
||||
return "", fmt.Errorf("no username")
|
||||
}
|
||||
|
||||
username, ok := rawUsername.(string)
|
||||
if !ok {
|
||||
return "", fmt.Errorf("no username")
|
||||
}
|
||||
|
||||
return username, nil
|
||||
}
|
||||
|
||||
func RoleFromRequest(r *http.Request) (users.Role, error) {
|
||||
rawLevel := r.Context().Value(authCtxAuthLevel)
|
||||
if rawLevel == nil {
|
||||
return users.RoleUnset, fmt.Errorf("no username")
|
||||
}
|
||||
|
||||
level, ok := rawLevel.(users.Role)
|
||||
if !ok {
|
||||
return users.RoleUnset, fmt.Errorf("no username")
|
||||
}
|
||||
|
||||
return level, nil
|
||||
}
|
||||
|
||||
func ClaimsFromRequest(r *http.Request) *gpaste.Claims {
|
||||
rawClaims := r.Context().Value(authCtxAuthLevel)
|
||||
if rawClaims == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
claims, ok := rawClaims.(*gpaste.Claims)
|
||||
if !ok {
|
||||
return nil
|
||||
}
|
||||
|
||||
return claims
|
||||
}
|
37
auth.go
37
auth.go
@ -4,23 +4,16 @@ import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/golang-jwt/jwt"
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type AuthService struct {
|
||||
users users.UserStore
|
||||
users UserStore
|
||||
hmacSecret []byte
|
||||
}
|
||||
|
||||
type Claims struct {
|
||||
Role users.Role `json:"role,omitempty"`
|
||||
|
||||
jwt.StandardClaims
|
||||
}
|
||||
|
||||
func NewAuthService(store users.UserStore, signingSecret []byte) *AuthService {
|
||||
func NewAuthService(store UserStore, signingSecret []byte) *AuthService {
|
||||
return &AuthService{users: store, hmacSecret: signingSecret}
|
||||
}
|
||||
|
||||
@ -35,16 +28,15 @@ func (as *AuthService) Login(username, password string) (string, error) {
|
||||
}
|
||||
|
||||
// TODO: Set iss and aud
|
||||
claims := new(Claims)
|
||||
claims.Subject = user.Username
|
||||
claims.ExpiresAt = time.Now().Add(7 * 24 * time.Hour).Unix()
|
||||
claims.NotBefore = time.Now().Unix()
|
||||
claims.IssuedAt = time.Now().Unix()
|
||||
claims.Id = uuid.NewString()
|
||||
claims.Role = user.Role
|
||||
claims := jwt.StandardClaims{
|
||||
Subject: user.Username,
|
||||
ExpiresAt: time.Now().Add(7 * 24 * time.Hour).Unix(),
|
||||
NotBefore: time.Now().Unix(),
|
||||
IssuedAt: time.Now().Unix(),
|
||||
Id: uuid.NewString(),
|
||||
}
|
||||
|
||||
token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
|
||||
|
||||
signed, err := token.SignedString(as.hmacSecret)
|
||||
if err != nil {
|
||||
return "", err
|
||||
@ -53,18 +45,17 @@ func (as *AuthService) Login(username, password string) (string, error) {
|
||||
return signed, nil
|
||||
}
|
||||
|
||||
func (as *AuthService) ValidateToken(rawToken string) (*Claims, error) {
|
||||
claims := &Claims{}
|
||||
func (as *AuthService) ValidateToken(rawToken string) error {
|
||||
claims := &jwt.StandardClaims{}
|
||||
token, err := jwt.ParseWithClaims(rawToken, claims, func(t *jwt.Token) (interface{}, error) {
|
||||
return as.hmacSecret, nil
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return err
|
||||
}
|
||||
|
||||
if !token.Valid {
|
||||
return nil, fmt.Errorf("invalid token")
|
||||
return fmt.Errorf("invalid token")
|
||||
}
|
||||
|
||||
return claims, nil
|
||||
return nil
|
||||
}
|
||||
|
25
auth_test.go
25
auth_test.go
@ -1,24 +1,21 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
)
|
||||
|
||||
func TestAuth(t *testing.T) {
|
||||
t.Run("Token", func(t *testing.T) {
|
||||
us := users.NewMemoryUserStore()
|
||||
us := gpaste.NewMemoryUserStore()
|
||||
secret := []byte(randomString(16))
|
||||
as := gpaste.NewAuthService(us, secret)
|
||||
|
||||
username := randomString(8)
|
||||
password := randomString(16)
|
||||
|
||||
user := &users.User{Username: username, Role: users.RoleAdmin}
|
||||
user := &gpaste.User{Username: username}
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
t.Fatalf("error setting user password: %s", err)
|
||||
}
|
||||
@ -31,26 +28,12 @@ func TestAuth(t *testing.T) {
|
||||
t.Fatalf("Error creating token: %s", err)
|
||||
}
|
||||
|
||||
claims, err := as.ValidateToken(token)
|
||||
if err != nil {
|
||||
if err := as.ValidateToken(token); err != nil {
|
||||
t.Fatalf("Error validating token: %s", err)
|
||||
}
|
||||
if claims.Role != user.Role {
|
||||
t.Fatalf("Token role is not correct: %s", cmp.Diff(claims.Role, user.Role))
|
||||
}
|
||||
invalidToken := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDMyMjk3NjMsImp0aSI6ImUzNDk5NWI1LThiZmMtNDQyNy1iZDgxLWFmNmQ3OTRiYzM0YiIsImlhdCI6MTY0MjYyNDk2MywibmJmIjoxNjQyNjI0OTYzLCJzdWIiOiJYdE5Hemt5ZSJ9.VM6dkwSLaBv8cStkWRVVv9ADjdUrHGHrlB7GB7Ly7n8`
|
||||
if _, err := as.ValidateToken(invalidToken); err == nil {
|
||||
if err := as.ValidateToken(invalidToken); err == nil {
|
||||
t.Fatalf("Invalid token passed validation")
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
func randomString(length int) string {
|
||||
const charset = "abcdefghijklmnopqrstabcdefghijklmnopqrstuvwxyz" +
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||
b := make([]byte, length)
|
||||
for i := range b {
|
||||
b[i] = charset[rand.Intn(len(charset))]
|
||||
}
|
||||
return string(b)
|
||||
}
|
||||
|
240
client/client.go
240
client/client.go
@ -1,240 +0,0 @@
|
||||
package client
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/api"
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"github.com/google/uuid"
|
||||
"github.com/kirsle/configdir"
|
||||
)
|
||||
|
||||
const defaultTimeout = 10 * time.Second
|
||||
|
||||
type Client struct {
|
||||
BaseURL string `json:"baseUrl"`
|
||||
AuthToken string `json:"authToken"`
|
||||
|
||||
httpClient http.Client
|
||||
}
|
||||
|
||||
func (c *Client) WriteConfigToWriter(w io.Writer) error {
|
||||
encoder := json.NewEncoder(w)
|
||||
return encoder.Encode(c)
|
||||
}
|
||||
|
||||
func (c *Client) WriteConfig() error {
|
||||
dir := configdir.LocalConfig("gpaste")
|
||||
// Ensure dir exists
|
||||
err := os.MkdirAll(dir, os.ModePerm)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
path := filepath.Join(dir, "client.json")
|
||||
|
||||
f, err := os.Create(path)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer f.Close()
|
||||
|
||||
return c.WriteConfigToWriter(f)
|
||||
}
|
||||
|
||||
func (c *Client) LoadConfig() error {
|
||||
dir := configdir.LocalCache("gpaste")
|
||||
path := filepath.Join(dir, "client.json")
|
||||
|
||||
f, err := os.Open(path)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer f.Close()
|
||||
|
||||
return c.LoadConfigFromReader(f)
|
||||
}
|
||||
|
||||
func (c *Client) LoadConfigFromReader(r io.Reader) error {
|
||||
decoder := json.NewDecoder(r)
|
||||
return decoder.Decode(c)
|
||||
}
|
||||
|
||||
func (c *Client) Login(ctx context.Context, username, password string) error {
|
||||
url := fmt.Sprintf("%s/api/login", c.BaseURL)
|
||||
// TODO: Change timeout
|
||||
ctx, cancel := context.WithTimeout(ctx, defaultTimeout)
|
||||
defer cancel()
|
||||
|
||||
body := new(bytes.Buffer)
|
||||
requestData := api.RequestAPILogin{
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
|
||||
encoder := json.NewEncoder(body)
|
||||
if err := encoder.Encode(&requestData); err != nil {
|
||||
return fmt.Errorf("error encoding response: %w", err)
|
||||
}
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error creating request: %w", err)
|
||||
}
|
||||
|
||||
resp, err := c.httpClient.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to perform request: %s", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
return fmt.Errorf("got non-ok response from server: %s", resp.Status)
|
||||
}
|
||||
|
||||
var responseData api.ResponseAPILogin
|
||||
|
||||
decoder := json.NewDecoder(resp.Body)
|
||||
if err := decoder.Decode(&responseData); err != nil {
|
||||
return fmt.Errorf("unable to parse response: %s", err)
|
||||
}
|
||||
|
||||
c.AuthToken = responseData.Token
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) UserCreate(ctx context.Context, username, password string) error {
|
||||
url := fmt.Sprintf("%s/api/user", c.BaseURL)
|
||||
body := new(bytes.Buffer)
|
||||
|
||||
requestData := &api.RequestAPIUserCreate{
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
|
||||
encoder := json.NewEncoder(body)
|
||||
if err := encoder.Encode(requestData); err != nil {
|
||||
return fmt.Errorf("error encoding response: %w", err)
|
||||
}
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error creating request: %w", err)
|
||||
}
|
||||
|
||||
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
|
||||
|
||||
resp, err := c.httpClient.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to perform request: %s", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != http.StatusAccepted {
|
||||
return fmt.Errorf("got non-ok response from server: %s", resp.Status)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) Download(ctx context.Context, id string) (io.ReadCloser, error) {
|
||||
url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error creating request: %w", err)
|
||||
}
|
||||
|
||||
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
|
||||
|
||||
resp, err := c.httpClient.Do(req)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to perform request: %s", err)
|
||||
}
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
return nil, fmt.Errorf("got non-ok response from server: %s", resp.Status)
|
||||
}
|
||||
|
||||
return resp.Body, nil
|
||||
}
|
||||
|
||||
func (c *Client) Upload(ctx context.Context, files ...*files.File) (*api.ResponseAPIFilePost, error) {
|
||||
url := fmt.Sprintf("%s/api/file", c.BaseURL)
|
||||
client := &http.Client{}
|
||||
|
||||
// TODO: Change timeout
|
||||
// TODO: Improve buffering
|
||||
buf := &bytes.Buffer{}
|
||||
mw := multipart.NewWriter(buf)
|
||||
|
||||
for _, file := range files {
|
||||
fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), file.OriginalFilename)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if _, err := io.Copy(fw, file.Body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
file.Body.Close()
|
||||
}
|
||||
|
||||
mw.Close()
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
req.Header.Add("Content-Type", mw.FormDataContentType())
|
||||
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
var expectedResp *api.ResponseAPIFilePost
|
||||
|
||||
decoder := json.NewDecoder(resp.Body)
|
||||
if err := decoder.Decode(&expectedResp); err != nil {
|
||||
return nil, fmt.Errorf("error decoding response: %w", err)
|
||||
}
|
||||
|
||||
return expectedResp, nil
|
||||
}
|
||||
|
||||
func (c *Client) Delete(ctx context.Context, id string) error {
|
||||
url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodDelete, url, nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error creating request: %w", err)
|
||||
}
|
||||
|
||||
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
|
||||
|
||||
resp, err := c.httpClient.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to perform request: %s", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
return fmt.Errorf("got non-ok response from server: %s", resp.Status)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
@ -1,194 +0,0 @@
|
||||
package client_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"git.t-juice.club/torjus/gpaste/api"
|
||||
"git.t-juice.club/torjus/gpaste/client"
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
func TestClient(t *testing.T) {
|
||||
listener, err := net.Listen("tcp", ":0")
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
port := listener.Addr().(*net.TCPAddr).Port
|
||||
cfg := &gpaste.ServerConfig{
|
||||
LogLevel: "ERROR",
|
||||
URL: fmt.Sprintf("http://localhost:%d", port),
|
||||
SigningSecret: "TEST",
|
||||
Store: &gpaste.ServerStoreConfig{Type: "memory"},
|
||||
}
|
||||
|
||||
srv := api.NewHTTPServer(cfg)
|
||||
|
||||
go func() {
|
||||
srv.Serve(listener)
|
||||
}()
|
||||
|
||||
t.Cleanup(func() {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
||||
defer cancel()
|
||||
srv.Shutdown(ctx)
|
||||
listener.Close()
|
||||
})
|
||||
|
||||
// Add users
|
||||
username := "admin"
|
||||
password := "admin"
|
||||
user := &users.User{
|
||||
Username: username,
|
||||
Role: users.RoleAdmin,
|
||||
}
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
t.Fatalf("Error setting password: %s", err)
|
||||
}
|
||||
if err := srv.Users.Store(user); err != nil {
|
||||
t.Fatalf("Error storing user: %s", err)
|
||||
}
|
||||
|
||||
t.Run("Login", func(t *testing.T) {
|
||||
client := client.Client{BaseURL: cfg.URL}
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
||||
defer cancel()
|
||||
if err := client.Login(ctx, username, password); err != nil {
|
||||
t.Fatalf("Error logging in: %s", err)
|
||||
}
|
||||
|
||||
claims, err := srv.Auth.ValidateToken(client.AuthToken)
|
||||
if err != nil {
|
||||
t.Errorf("unable to get claims from token: %s", err)
|
||||
}
|
||||
|
||||
if claims.Role != user.Role {
|
||||
t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Role, user.Role))
|
||||
}
|
||||
if claims.Subject != username {
|
||||
t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Subject, username))
|
||||
}
|
||||
|
||||
t.Run("UserCreate", func(t *testing.T) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
||||
defer cancel()
|
||||
username := "user"
|
||||
password := "user"
|
||||
|
||||
if err := client.UserCreate(ctx, username, password); err != nil {
|
||||
t.Fatalf("Error creating user: %s", err)
|
||||
}
|
||||
|
||||
user, err := srv.Users.Get(username)
|
||||
if err != nil {
|
||||
t.Fatalf("Error getting new user: %s", err)
|
||||
}
|
||||
|
||||
if user.Username != username {
|
||||
t.Errorf("Username does not match.")
|
||||
}
|
||||
if err := user.ValidatePassword(password); err != nil {
|
||||
t.Errorf("Unable to validate password: %s", err)
|
||||
}
|
||||
})
|
||||
})
|
||||
t.Run("Upload", func(t *testing.T) {
|
||||
client := client.Client{BaseURL: cfg.URL}
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
||||
defer cancel()
|
||||
fileContents := "this is the test file"
|
||||
fileBody := io.NopCloser(strings.NewReader(fileContents))
|
||||
file := &files.File{
|
||||
OriginalFilename: "filename.txt",
|
||||
Body: fileBody,
|
||||
}
|
||||
|
||||
resp, err := client.Upload(ctx, file)
|
||||
if err != nil {
|
||||
t.Fatalf("Error uploading: %s", err)
|
||||
}
|
||||
|
||||
retrieved, err := srv.Files.Get(resp.Files[0].ID)
|
||||
if err != nil {
|
||||
t.Fatalf("Error getting uploaded file from store: %s", err)
|
||||
}
|
||||
defer retrieved.Body.Close()
|
||||
|
||||
buf := new(strings.Builder)
|
||||
if _, err := io.Copy(buf, retrieved.Body); err != nil {
|
||||
t.Fatalf("error reading body from store: %s", err)
|
||||
}
|
||||
if buf.String() != fileContents {
|
||||
t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
|
||||
}
|
||||
})
|
||||
t.Run("Download", func(t *testing.T) {
|
||||
client := client.Client{BaseURL: cfg.URL}
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
||||
defer cancel()
|
||||
fileContents := "this is the test file"
|
||||
fileBody := io.NopCloser(strings.NewReader(fileContents))
|
||||
file := &files.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "filename.txt",
|
||||
Body: fileBody,
|
||||
}
|
||||
|
||||
if err := srv.Files.Store(file); err != nil {
|
||||
t.Fatalf("Error putting file in store: %s", err)
|
||||
}
|
||||
|
||||
body, err := client.Download(ctx, file.ID)
|
||||
if err != nil {
|
||||
t.Fatalf("Error uploading: %s", err)
|
||||
}
|
||||
defer body.Close()
|
||||
|
||||
buf := new(strings.Builder)
|
||||
if _, err := io.Copy(buf, body); err != nil {
|
||||
t.Fatalf("error reading body from store: %s", err)
|
||||
}
|
||||
if buf.String() != fileContents {
|
||||
t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
|
||||
}
|
||||
})
|
||||
t.Run("Save", func(t *testing.T) {
|
||||
c := client.Client{BaseURL: "http://example.org/gpaste", AuthToken: "tokenpls"}
|
||||
expectedConfig := "{\"baseUrl\":\"http://example.org/gpaste\",\"authToken\":\"tokenpls\"}\n"
|
||||
buf := new(bytes.Buffer)
|
||||
err := c.WriteConfigToWriter(buf)
|
||||
if err != nil {
|
||||
t.Fatalf("Error writing config: %s", err)
|
||||
}
|
||||
|
||||
if diff := cmp.Diff(buf.String(), expectedConfig); diff != "" {
|
||||
t.Errorf("Written config does not match expected: %s", diff)
|
||||
}
|
||||
})
|
||||
t.Run("Load", func(t *testing.T) {
|
||||
c := client.Client{}
|
||||
config := "{\"baseUrl\":\"http://pasta.example.org\",\"authToken\":\"tokenpls\"}\n"
|
||||
expectedClient := client.Client{BaseURL: "http://pasta.example.org", AuthToken: "tokenpls"}
|
||||
sr := strings.NewReader(config)
|
||||
if err := c.LoadConfigFromReader(sr); err != nil {
|
||||
t.Fatalf("Error reading config: %s", err)
|
||||
}
|
||||
|
||||
if diff := cmp.Diff(c, expectedClient, cmpopts.IgnoreUnexported(client.Client{})); diff != "" {
|
||||
t.Errorf("Client does not match expected: %s", diff)
|
||||
}
|
||||
|
||||
})
|
||||
}
|
@ -1,162 +0,0 @@
|
||||
package actions
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/client"
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"github.com/urfave/cli/v2"
|
||||
"golang.org/x/term"
|
||||
)
|
||||
|
||||
const defaultTimeout = 10 * time.Second
|
||||
|
||||
func ActionUpload(c *cli.Context) error {
|
||||
clnt := client.Client{
|
||||
BaseURL: c.String("url"),
|
||||
}
|
||||
|
||||
for _, arg := range c.Args().Slice() {
|
||||
f, err := os.Open(arg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer f.Close()
|
||||
|
||||
file := &files.File{
|
||||
OriginalFilename: arg,
|
||||
Body: f,
|
||||
}
|
||||
|
||||
resp, err := clnt.Upload(c.Context, file)
|
||||
if err != nil {
|
||||
errmsg := fmt.Sprintf("Error uploading file: %s", err)
|
||||
return cli.Exit(errmsg, 1)
|
||||
}
|
||||
|
||||
fmt.Printf("Uploaded file %s - %s", file.OriginalFilename, resp.Files[0].URL)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func ActionDelete(c *cli.Context) error {
|
||||
clnt := client.Client{
|
||||
BaseURL: c.String("url"),
|
||||
}
|
||||
|
||||
for _, arg := range c.Args().Slice() {
|
||||
ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
|
||||
defer cancel()
|
||||
|
||||
if err := clnt.Delete(ctx, arg); err != nil {
|
||||
fmt.Printf("Error deleting file %s\n", arg)
|
||||
fmt.Printf("%s\n", err)
|
||||
}
|
||||
|
||||
fmt.Printf("Deleted %s\n", arg)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func ActionLogin(c *cli.Context) error {
|
||||
username := c.Args().First()
|
||||
if username == "" {
|
||||
return cli.Exit("USERNAME not supplied.", 1)
|
||||
}
|
||||
|
||||
password, err := readPassword()
|
||||
if err != nil {
|
||||
return fmt.Errorf("error reading password: %w", err)
|
||||
}
|
||||
|
||||
clnt := client.Client{
|
||||
BaseURL: c.String("url"),
|
||||
}
|
||||
if err := clnt.Login(c.Context, username, password); err != nil {
|
||||
errmsg := fmt.Sprintf("Error logging in: %s", err)
|
||||
return cli.Exit(errmsg, 1)
|
||||
}
|
||||
|
||||
if err := clnt.WriteConfig(); err != nil {
|
||||
errMsg := fmt.Sprintf("Failed to write config: %s", err)
|
||||
return cli.Exit(errMsg, 1)
|
||||
}
|
||||
// TODO: Store this somewhere, so we don't need to log in each time
|
||||
fmt.Println("Successfully logged in.")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func ActionUserCreate(c *cli.Context) error {
|
||||
// TODO: Needs to supply auth token to actually work
|
||||
fmt.Println("Need to be logged in to create user")
|
||||
|
||||
username := readString("Enter username: ")
|
||||
|
||||
password, err := readPassword()
|
||||
if err != nil {
|
||||
return fmt.Errorf("error reading password: %w", err)
|
||||
}
|
||||
|
||||
clnt := client.Client{
|
||||
BaseURL: c.String("url"),
|
||||
}
|
||||
|
||||
ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
|
||||
defer cancel()
|
||||
|
||||
if err := clnt.Login(ctx, username, password); err != nil {
|
||||
errmsg := fmt.Sprintf("Error logging in: %s", err)
|
||||
return cli.Exit(errmsg, 1)
|
||||
}
|
||||
|
||||
fmt.Println("User to create:")
|
||||
|
||||
username = readString("Enter username: ")
|
||||
|
||||
password, err = readPassword()
|
||||
if err != nil {
|
||||
return fmt.Errorf("error reading password: %w", err)
|
||||
}
|
||||
|
||||
if err := clnt.UserCreate(ctx, username, password); err != nil {
|
||||
errmsg := fmt.Sprintf("Error creating user: %s", err)
|
||||
return cli.Exit(errmsg, 1)
|
||||
}
|
||||
|
||||
fmt.Printf("Created user %s\n", username)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func readPassword() (string, error) {
|
||||
fmt.Print("Enter Password: ")
|
||||
|
||||
bytePassword, err := term.ReadPassword(int(syscall.Stdin))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
password := string(bytePassword)
|
||||
|
||||
return strings.TrimSpace(password), nil
|
||||
}
|
||||
|
||||
func readString(prompt string) string {
|
||||
fmt.Print(prompt)
|
||||
|
||||
scanner := bufio.NewScanner(os.Stdin)
|
||||
for scanner.Scan() {
|
||||
return scanner.Text()
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
@ -1,11 +1,21 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/cmd/client/actions"
|
||||
"github.com/google/uuid"
|
||||
"github.com/urfave/cli/v2"
|
||||
"golang.org/x/term"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -35,34 +45,138 @@ func main() {
|
||||
Name: "upload",
|
||||
Usage: "Upload file(s)",
|
||||
ArgsUsage: "FILE [FILE]...",
|
||||
Action: actions.ActionUpload,
|
||||
},
|
||||
{
|
||||
Name: "delete",
|
||||
Usage: "Delete file(s)",
|
||||
ArgsUsage: "FILE [FILE]...",
|
||||
Action: actions.ActionDelete,
|
||||
Action: ActionUpload,
|
||||
},
|
||||
{
|
||||
Name: "login",
|
||||
Usage: "Login to gpaste server",
|
||||
ArgsUsage: "USERNAME",
|
||||
Action: actions.ActionLogin,
|
||||
},
|
||||
{
|
||||
Name: "admin",
|
||||
Usage: "Admin related commands",
|
||||
Subcommands: []*cli.Command{
|
||||
{
|
||||
Name: "create-user",
|
||||
Usage: "Create a new user",
|
||||
ArgsUsage: "USERNAME",
|
||||
Action: actions.ActionUserCreate,
|
||||
},
|
||||
},
|
||||
Action: ActionLogin,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
_ = app.Run(os.Args)
|
||||
app.Run(os.Args)
|
||||
}
|
||||
|
||||
func ActionUpload(c *cli.Context) error {
|
||||
url := fmt.Sprintf("%s/api/file", c.String("url"))
|
||||
client := &http.Client{}
|
||||
// TODO: Change timeout
|
||||
ctx, cancel := context.WithTimeout(c.Context, 10*time.Minute)
|
||||
defer cancel()
|
||||
|
||||
buf := &bytes.Buffer{}
|
||||
mw := multipart.NewWriter(buf)
|
||||
|
||||
for _, arg := range c.Args().Slice() {
|
||||
f, err := os.Open(arg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer f.Close()
|
||||
fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), arg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if _, err := io.Copy(fw, f); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
mw.Close()
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
req.Header.Add("Content-Type", mw.FormDataContentType())
|
||||
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
var expectedResp []struct {
|
||||
Message string `json:"message"`
|
||||
ID string `json:"id"`
|
||||
URL string `json:"url"`
|
||||
}
|
||||
|
||||
decoder := json.NewDecoder(resp.Body)
|
||||
if err := decoder.Decode(&expectedResp); err != nil {
|
||||
return fmt.Errorf("error decoding response: %w", err)
|
||||
}
|
||||
|
||||
for _, r := range expectedResp {
|
||||
fmt.Printf("Uploaded file %s\n", r.ID)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func ActionLogin(c *cli.Context) error {
|
||||
username := c.Args().First()
|
||||
if username == "" {
|
||||
return cli.Exit("USERNAME not supplied.", 1)
|
||||
}
|
||||
password, err := readPassword()
|
||||
if err != nil {
|
||||
return fmt.Errorf("error reading password: %w", err)
|
||||
}
|
||||
|
||||
url := fmt.Sprintf("%s/api/login", c.String("url"))
|
||||
client := &http.Client{}
|
||||
// TODO: Change timeout
|
||||
ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
|
||||
defer cancel()
|
||||
|
||||
body := new(bytes.Buffer)
|
||||
requestData := struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}{
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
encoder := json.NewEncoder(body)
|
||||
if err := encoder.Encode(&requestData); err != nil {
|
||||
return fmt.Errorf("error encoding response: %w", err)
|
||||
}
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error creating request: %w", err)
|
||||
}
|
||||
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to perform request: %s", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
return cli.Exit("got non-ok response from server", 0)
|
||||
}
|
||||
|
||||
responseData := struct {
|
||||
Token string `json:"token"`
|
||||
}{}
|
||||
|
||||
decoder := json.NewDecoder(resp.Body)
|
||||
if err := decoder.Decode(&responseData); err != nil {
|
||||
return fmt.Errorf("unable to parse response: %s", err)
|
||||
}
|
||||
|
||||
fmt.Printf("Token: %s", responseData.Token)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func readPassword() (string, error) {
|
||||
fmt.Print("Enter Password: ")
|
||||
bytePassword, err := term.ReadPassword(int(syscall.Stdin))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
password := string(bytePassword)
|
||||
return strings.TrimSpace(password), nil
|
||||
}
|
||||
|
@ -1,215 +0,0 @@
|
||||
package actions
|
||||
|
||||
import (
|
||||
"context"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/signal"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"git.t-juice.club/torjus/gpaste/api"
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/google/uuid"
|
||||
"github.com/urfave/cli/v2"
|
||||
"go.uber.org/zap"
|
||||
"go.uber.org/zap/zapcore"
|
||||
)
|
||||
|
||||
func ActionServe(c *cli.Context) error {
|
||||
configPath := "gpaste-server.toml"
|
||||
if c.IsSet("config") {
|
||||
configPath = c.String("config")
|
||||
}
|
||||
|
||||
var (
|
||||
cfg *gpaste.ServerConfig
|
||||
r io.ReadCloser
|
||||
)
|
||||
|
||||
r, err := os.Open(configPath)
|
||||
if err != nil {
|
||||
cfg = &gpaste.ServerConfig{
|
||||
LogLevel: "INFO",
|
||||
URL: "localhost:8080",
|
||||
ListenAddr: ":8080",
|
||||
SigningSecret: "TODO: CHANGE THIS LOL",
|
||||
Store: &gpaste.ServerStoreConfig{
|
||||
Type: "memory",
|
||||
},
|
||||
}
|
||||
} else {
|
||||
defer r.Close()
|
||||
cfg, err = gpaste.ServerConfigFromReader(r)
|
||||
if err != nil {
|
||||
if err != nil {
|
||||
return cli.Exit(err, 1)
|
||||
}
|
||||
}
|
||||
}
|
||||
// Setup loggers
|
||||
rootLogger := getRootLogger(cfg.LogLevel)
|
||||
serverLogger := rootLogger.Named("SERV")
|
||||
accessLogger := rootLogger.Named("ACCS")
|
||||
|
||||
// Setup contexts for clean shutdown
|
||||
rootCtx, rootCancel := signal.NotifyContext(context.Background(), os.Interrupt)
|
||||
defer rootCancel()
|
||||
|
||||
httpCtx, httpCancel := context.WithCancel(rootCtx)
|
||||
defer httpCancel()
|
||||
|
||||
httpShutdownCtx, httpShutdownCancel := context.WithCancel(context.Background())
|
||||
defer httpShutdownCancel()
|
||||
|
||||
// Setup stores
|
||||
// Files
|
||||
fileStore, fileClose, err := getFileStore(cfg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
defer fileClose() // nolint: errcheck
|
||||
|
||||
// Users
|
||||
userStore, userClose, err := getUserStore(cfg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
defer userClose() // nolint: errcheck
|
||||
|
||||
if userList, err := userStore.List(); err != nil {
|
||||
serverLogger.Panicw("Error checking userstore for users.", "error", err)
|
||||
} else if len(userList) < 1 {
|
||||
admin := users.User{
|
||||
Username: "admin",
|
||||
Role: users.RoleAdmin,
|
||||
}
|
||||
password := uuid.NewString()
|
||||
if err := admin.SetPassword(password); err != nil {
|
||||
serverLogger.DPanic("Error setting admin-user password.", "error", err)
|
||||
}
|
||||
|
||||
serverLogger.Warnw("Created admin-user.", "username", admin.Username, "password", password)
|
||||
}
|
||||
|
||||
// Auth
|
||||
auth := gpaste.NewAuthService(userStore, []byte(cfg.SigningSecret))
|
||||
|
||||
go func() {
|
||||
srv := api.NewHTTPServer(cfg)
|
||||
srv.Users = userStore
|
||||
srv.Files = fileStore
|
||||
srv.Addr = cfg.ListenAddr
|
||||
srv.Logger = serverLogger
|
||||
srv.AccessLogger = accessLogger
|
||||
srv.Auth = auth
|
||||
|
||||
// Wait for cancel
|
||||
go func() {
|
||||
<-httpCtx.Done()
|
||||
|
||||
timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second) // nolint: gomnd
|
||||
defer cancel()
|
||||
|
||||
_ = srv.Shutdown(timeoutCtx)
|
||||
}()
|
||||
serverLogger.Infow("Starting HTTP server.", "addr", cfg.ListenAddr)
|
||||
|
||||
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
|
||||
serverLogger.Errorw("Error during shutdown.", "error", err)
|
||||
}
|
||||
|
||||
serverLogger.Infow("HTTP server shutdown complete.", "addr", cfg.ListenAddr)
|
||||
httpShutdownCancel()
|
||||
}()
|
||||
<-httpShutdownCtx.Done()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func getRootLogger(level string) *zap.SugaredLogger {
|
||||
logEncoderConfig := zap.NewProductionEncoderConfig()
|
||||
logEncoderConfig.EncodeCaller = zapcore.ShortCallerEncoder
|
||||
logEncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
|
||||
logEncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
|
||||
logEncoderConfig.EncodeDuration = zapcore.StringDurationEncoder
|
||||
|
||||
rootLoggerConfig := &zap.Config{
|
||||
Level: zap.NewAtomicLevelAt(zap.DebugLevel),
|
||||
OutputPaths: []string{"stdout"},
|
||||
ErrorOutputPaths: []string{"stdout"},
|
||||
Encoding: "console",
|
||||
EncoderConfig: logEncoderConfig,
|
||||
DisableCaller: true,
|
||||
}
|
||||
|
||||
switch strings.ToUpper(level) {
|
||||
case "DEBUG":
|
||||
rootLoggerConfig.DisableCaller = false
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.DebugLevel)
|
||||
case "INFO":
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.InfoLevel)
|
||||
case "WARN", "WARNING":
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.WarnLevel)
|
||||
case "ERR", "ERROR":
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.ErrorLevel)
|
||||
}
|
||||
|
||||
rootLogger, err := rootLoggerConfig.Build()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return rootLogger.Sugar()
|
||||
}
|
||||
|
||||
// nolint: ireturn
|
||||
func getUserStore(cfg *gpaste.ServerConfig) (users.UserStore, func() error, error) {
|
||||
closer := func() error { return nil }
|
||||
|
||||
switch cfg.Store.Type {
|
||||
case "memory":
|
||||
return users.NewMemoryUserStore(), closer, nil
|
||||
|
||||
case "fs":
|
||||
path := filepath.Join(cfg.Store.FS.Dir, "gpaste-users.db")
|
||||
|
||||
bs, err := users.NewBoltUserStore(path)
|
||||
if err != nil {
|
||||
return nil, closer, cli.Exit("error setting up user store", 1)
|
||||
}
|
||||
|
||||
return bs, bs.Close, nil
|
||||
|
||||
default:
|
||||
return nil, closer, cli.Exit("no userstore configured", 1)
|
||||
}
|
||||
}
|
||||
|
||||
// nolint: ireturn
|
||||
func getFileStore(cfg *gpaste.ServerConfig) (files.FileStore, func() error, error) {
|
||||
closer := func() error { return nil }
|
||||
|
||||
switch cfg.Store.Type {
|
||||
case "memory":
|
||||
return files.NewMemoryFileStore(), closer, nil
|
||||
|
||||
case "fs":
|
||||
var err error
|
||||
|
||||
s, err := files.NewFSFileStore(cfg.Store.FS.Dir)
|
||||
if err != nil {
|
||||
return nil, closer, cli.Exit("error setting up filestore", 1)
|
||||
}
|
||||
|
||||
return s, closer, nil
|
||||
default:
|
||||
return nil, closer, cli.Exit("No store configured", 1)
|
||||
}
|
||||
}
|
@ -1,11 +1,18 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/signal"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/cmd/server/actions"
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"github.com/urfave/cli/v2"
|
||||
"go.uber.org/zap"
|
||||
"go.uber.org/zap/zapcore"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -26,8 +33,97 @@ func main() {
|
||||
Usage: "Path to config-file.",
|
||||
},
|
||||
},
|
||||
Action: actions.ActionServe,
|
||||
Action: ActionServe,
|
||||
}
|
||||
|
||||
_ = app.Run(os.Args)
|
||||
app.Run(os.Args)
|
||||
}
|
||||
|
||||
func ActionServe(c *cli.Context) error {
|
||||
configPath := "gpaste-server.toml"
|
||||
if c.IsSet("config") {
|
||||
configPath = c.String("config")
|
||||
}
|
||||
|
||||
f, err := os.Open(configPath)
|
||||
if err != nil {
|
||||
return cli.Exit(err, 1)
|
||||
}
|
||||
defer f.Close()
|
||||
cfg, err := gpaste.ServerConfigFromReader(f)
|
||||
if err != nil {
|
||||
return cli.Exit(err, 1)
|
||||
}
|
||||
// Setup loggers
|
||||
rootLogger := getRootLogger(cfg.LogLevel)
|
||||
serverLogger := rootLogger.Named("SERV")
|
||||
accessLogger := rootLogger.Named("ACCS")
|
||||
|
||||
// Setup contexts for clean shutdown
|
||||
rootCtx, rootCancel := signal.NotifyContext(context.Background(), os.Interrupt)
|
||||
defer rootCancel()
|
||||
httpCtx, httpCancel := context.WithCancel(rootCtx)
|
||||
defer httpCancel()
|
||||
httpShutdownCtx, httpShutdownCancel := context.WithCancel(context.Background())
|
||||
defer httpShutdownCancel()
|
||||
|
||||
go func() {
|
||||
srv := gpaste.NewHTTPServer(cfg)
|
||||
srv.Addr = cfg.ListenAddr
|
||||
srv.Logger = serverLogger
|
||||
srv.AccessLogger = accessLogger
|
||||
|
||||
// Wait for cancel
|
||||
go func() {
|
||||
<-httpCtx.Done()
|
||||
timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
||||
defer cancel()
|
||||
srv.Shutdown(timeoutCtx)
|
||||
}()
|
||||
serverLogger.Infow("Starting HTTP server.", "addr", cfg.ListenAddr)
|
||||
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
|
||||
serverLogger.Errorw("Error during shutdown.", "error", err)
|
||||
}
|
||||
serverLogger.Infow("HTTP server shutdown complete.", "addr", cfg.ListenAddr)
|
||||
httpShutdownCancel()
|
||||
}()
|
||||
<-httpShutdownCtx.Done()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func getRootLogger(level string) *zap.SugaredLogger {
|
||||
logEncoderConfig := zap.NewProductionEncoderConfig()
|
||||
logEncoderConfig.EncodeCaller = zapcore.ShortCallerEncoder
|
||||
logEncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
|
||||
logEncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
|
||||
logEncoderConfig.EncodeDuration = zapcore.StringDurationEncoder
|
||||
|
||||
rootLoggerConfig := &zap.Config{
|
||||
Level: zap.NewAtomicLevelAt(zap.DebugLevel),
|
||||
OutputPaths: []string{"stdout"},
|
||||
ErrorOutputPaths: []string{"stdout"},
|
||||
Encoding: "console",
|
||||
EncoderConfig: logEncoderConfig,
|
||||
DisableCaller: true,
|
||||
}
|
||||
|
||||
switch strings.ToUpper(level) {
|
||||
case "DEBUG":
|
||||
rootLoggerConfig.DisableCaller = false
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.DebugLevel)
|
||||
case "INFO":
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.InfoLevel)
|
||||
case "WARN", "WARNING":
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.WarnLevel)
|
||||
case "ERR", "ERROR":
|
||||
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.ErrorLevel)
|
||||
}
|
||||
|
||||
rootLogger, err := rootLoggerConfig.Build()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return rootLogger.Sugar()
|
||||
}
|
||||
|
@ -33,7 +33,6 @@ func ServerConfigFromReader(r io.Reader) (*ServerConfig, error) {
|
||||
FS: &ServerStoreFSStoreConfig{},
|
||||
},
|
||||
}
|
||||
|
||||
if err := decoder.Decode(&c); err != nil {
|
||||
return nil, fmt.Errorf("error decoding server config: %w", err)
|
||||
}
|
||||
|
@ -1,29 +0,0 @@
|
||||
package files_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
)
|
||||
|
||||
func TestFSFileStore(t *testing.T) {
|
||||
newFunc := func() files.FileStore {
|
||||
dir := t.TempDir()
|
||||
s, err := files.NewFSFileStore(dir)
|
||||
if err != nil {
|
||||
t.Fatalf("Error creating store: %s", err)
|
||||
}
|
||||
return s
|
||||
}
|
||||
|
||||
RunFilestoreTest(newFunc, t)
|
||||
persistentDir := t.TempDir()
|
||||
persistentFunc := func() files.FileStore {
|
||||
s, err := files.NewFSFileStore(persistentDir)
|
||||
if err != nil {
|
||||
t.Fatalf("Error creating store: %s", err)
|
||||
}
|
||||
return s
|
||||
}
|
||||
RunPersistentFilestoreTest(persistentFunc, t)
|
||||
}
|
@ -1,15 +0,0 @@
|
||||
package files_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
)
|
||||
|
||||
func TestMemoryFileStore(t *testing.T) {
|
||||
newFunc := func() files.FileStore {
|
||||
return files.NewMemoryFileStore()
|
||||
}
|
||||
|
||||
RunFilestoreTest(newFunc, t)
|
||||
}
|
@ -1,217 +0,0 @@
|
||||
package files_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"io"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/files"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
var ignoreBody = cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
|
||||
|
||||
func RunFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
|
||||
t.Run("Basic", func(t *testing.T) {
|
||||
s := newStoreFunc()
|
||||
// Create
|
||||
dataString := "TEST_LOL_OMG"
|
||||
id := uuid.Must(uuid.NewRandom()).String()
|
||||
bodyBuf := &bytes.Buffer{}
|
||||
bodyBuf.Write([]byte(dataString))
|
||||
body := io.NopCloser(bodyBuf)
|
||||
f := &files.File{
|
||||
ID: id,
|
||||
MaxViews: 99,
|
||||
Body: body,
|
||||
ExpiresOn: time.Now().Add(99 * time.Second),
|
||||
}
|
||||
|
||||
err := s.Store(f)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to store file: %s", err)
|
||||
}
|
||||
|
||||
// Retrieve
|
||||
retrieved, err := s.Get(id)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to retrieve file: %s", err)
|
||||
}
|
||||
|
||||
retrievedBuf := &bytes.Buffer{}
|
||||
_, err = retrievedBuf.ReadFrom(retrieved.Body)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to read retrieved body: %s", err)
|
||||
}
|
||||
_ = retrieved.Body.Close()
|
||||
if err != nil {
|
||||
t.Fatalf("Error reading from retrieved file: %s", err)
|
||||
}
|
||||
|
||||
if retrievedBuf.String() != dataString {
|
||||
t.Fatalf("Data from retrieved body mismatch. Got %s want %s", retrievedBuf.String(), dataString)
|
||||
}
|
||||
expected := &files.File{
|
||||
ID: f.ID,
|
||||
MaxViews: f.MaxViews,
|
||||
ExpiresOn: f.ExpiresOn,
|
||||
FileSize: int64(len(dataString)),
|
||||
}
|
||||
|
||||
if diff := cmp.Diff(retrieved, expected, ignoreBody); diff != "" {
|
||||
t.Errorf("File comparison failed: %s", diff)
|
||||
}
|
||||
|
||||
// List
|
||||
ids, err := s.List()
|
||||
if err != nil {
|
||||
t.Fatalf("Error doing list: %s", err)
|
||||
}
|
||||
if len(ids) != 1 {
|
||||
t.Fatalf("List has wrong length: %d", len(ids))
|
||||
}
|
||||
if ids[0] != id {
|
||||
t.Fatalf("ID is wrong. Got %s want %s", ids[0], id)
|
||||
}
|
||||
|
||||
// Delete
|
||||
if err := s.Delete(id); err != nil {
|
||||
t.Fatalf("Error deleting file: %s", err)
|
||||
}
|
||||
|
||||
ids, err = s.List()
|
||||
if err != nil {
|
||||
t.Fatalf("Error listing after delete: %s", err)
|
||||
}
|
||||
if len(ids) != 0 {
|
||||
t.Fatalf("List after delete has wrong length: %d", len(ids))
|
||||
}
|
||||
})
|
||||
t.Run("MultipleGet", func(t *testing.T) {
|
||||
s := newStoreFunc()
|
||||
|
||||
fileContents := "multiple get test !"
|
||||
body := io.NopCloser(strings.NewReader(fileContents))
|
||||
file := &files.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "multiple.txt",
|
||||
MaxViews: 999,
|
||||
ExpiresOn: time.Now().Add(1 * time.Hour),
|
||||
Body: body,
|
||||
FileSize: int64(len(fileContents)),
|
||||
}
|
||||
|
||||
if err := s.Store(file); err != nil {
|
||||
t.Fatalf("Error storing file: %s", err)
|
||||
}
|
||||
|
||||
first, err := s.Get(file.ID)
|
||||
if err != nil {
|
||||
t.Errorf("Error retrieving first file: %s", err)
|
||||
}
|
||||
|
||||
firstBody := new(bytes.Buffer)
|
||||
io.Copy(firstBody, first.Body)
|
||||
first.Body.Close()
|
||||
|
||||
if diff := cmp.Diff(firstBody.String(), fileContents); diff != "" {
|
||||
t.Fatalf("File contents mismatch: %s", diff)
|
||||
}
|
||||
|
||||
second, err := s.Get(file.ID)
|
||||
if err != nil {
|
||||
t.Errorf("Error retrieving first file: %s", err)
|
||||
}
|
||||
|
||||
secondBody := new(bytes.Buffer)
|
||||
io.Copy(secondBody, second.Body)
|
||||
first.Body.Close()
|
||||
|
||||
if diff := cmp.Diff(secondBody.String(), fileContents); diff != "" {
|
||||
t.Fatalf("File contents mismatch: %s", diff)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
|
||||
t.Run("Basics", func(t *testing.T) {
|
||||
s := newStoreFunc()
|
||||
|
||||
files := []struct {
|
||||
File *files.File
|
||||
ExpectedData string
|
||||
}{
|
||||
{
|
||||
File: &files.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "testfile.txt",
|
||||
MaxViews: 5,
|
||||
ExpiresOn: time.Now().Add(10 * time.Minute),
|
||||
Body: io.NopCloser(strings.NewReader("cocks!")),
|
||||
FileSize: 6,
|
||||
},
|
||||
ExpectedData: "cocks!",
|
||||
},
|
||||
{
|
||||
File: &files.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "testfile2.txt",
|
||||
MaxViews: 5,
|
||||
ExpiresOn: time.Now().Add(10 * time.Minute),
|
||||
Body: io.NopCloser(strings.NewReader("derps!")),
|
||||
FileSize: 6,
|
||||
},
|
||||
ExpectedData: "derps!",
|
||||
},
|
||||
}
|
||||
|
||||
for _, f := range files {
|
||||
err := s.Store(f.File)
|
||||
if err != nil {
|
||||
t.Fatalf("Error storing file: %s", err)
|
||||
}
|
||||
}
|
||||
for _, f := range files {
|
||||
retrieved, err := s.Get(f.File.ID)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to retrieve file: %s", err)
|
||||
}
|
||||
|
||||
if !cmp.Equal(retrieved, f.File, ignoreBody) {
|
||||
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
|
||||
}
|
||||
buf := new(strings.Builder)
|
||||
if _, err := io.Copy(buf, retrieved.Body); err != nil {
|
||||
t.Fatalf("Error reading from body: %s", err)
|
||||
}
|
||||
retrieved.Body.Close()
|
||||
if buf.String() != f.ExpectedData {
|
||||
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
|
||||
}
|
||||
}
|
||||
|
||||
// Reopen store, and fetch again
|
||||
s = newStoreFunc()
|
||||
for _, f := range files {
|
||||
retrieved, err := s.Get(f.File.ID)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to retrieve file: %s", err)
|
||||
}
|
||||
|
||||
if !cmp.Equal(retrieved, f.File, ignoreBody) {
|
||||
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
|
||||
}
|
||||
buf := new(strings.Builder)
|
||||
if _, err := io.Copy(buf, retrieved.Body); err != nil {
|
||||
t.Fatalf("Error reading from body: %s", err)
|
||||
}
|
||||
retrieved.Body.Close()
|
||||
if buf.String() != f.ExpectedData {
|
||||
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
package files
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"io"
|
||||
@ -7,13 +7,11 @@ import (
|
||||
|
||||
type File struct {
|
||||
ID string `json:"id"`
|
||||
OriginalFilename string `json:"originalFilename"`
|
||||
MaxViews uint `json:"maxViews"`
|
||||
ExpiresOn time.Time `json:"expiresOn"`
|
||||
OriginalFilename string `json:"original_filename"`
|
||||
MaxViews uint `json:"max_views"`
|
||||
ExpiresOn time.Time `json:"expires_on"`
|
||||
|
||||
Body io.ReadCloser
|
||||
|
||||
FileSize int64 `json:"fileSize"`
|
||||
}
|
||||
|
||||
type FileStore interface {
|
@ -1,4 +1,4 @@
|
||||
package files
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
@ -23,7 +23,6 @@ func NewFSFileStore(dir string) (*FSFileStore, error) {
|
||||
|
||||
return s, err
|
||||
}
|
||||
|
||||
func (s *FSFileStore) Store(f *File) error {
|
||||
defer f.Body.Close()
|
||||
|
||||
@ -35,26 +34,20 @@ func (s *FSFileStore) Store(f *File) error {
|
||||
}
|
||||
|
||||
path := filepath.Join(s.dir, f.ID)
|
||||
|
||||
dst, err := os.Create(path)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer dst.Close()
|
||||
|
||||
n, err := io.Copy(dst, f.Body)
|
||||
if err != nil {
|
||||
if _, err := io.Copy(dst, f.Body); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
s.metadata[f.ID] = metadata
|
||||
s.metadata[f.ID].FileSize = n
|
||||
|
||||
if err := s.writeMetadata(); err != nil {
|
||||
delete(s.metadata, f.ID)
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -65,14 +58,11 @@ func (s *FSFileStore) Get(id string) (*File, error) {
|
||||
}
|
||||
|
||||
path := filepath.Join(s.dir, id)
|
||||
|
||||
f, err := os.Open(path)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
metadata.Body = f
|
||||
|
||||
return metadata, nil
|
||||
}
|
||||
|
||||
@ -81,24 +71,20 @@ func (s *FSFileStore) Delete(id string) error {
|
||||
if err := os.Remove(path); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
delete(s.metadata, id)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *FSFileStore) List() ([]string, error) {
|
||||
results := make([]string, 0, len(s.metadata))
|
||||
var results []string
|
||||
for k := range s.metadata {
|
||||
results = append(results, k)
|
||||
}
|
||||
|
||||
return results, nil
|
||||
}
|
||||
|
||||
func (s *FSFileStore) writeMetadata() error {
|
||||
path := filepath.Join(s.dir, "metadata.json")
|
||||
|
||||
f, err := os.Create(path)
|
||||
if err != nil {
|
||||
return err
|
||||
@ -109,13 +95,11 @@ func (s *FSFileStore) writeMetadata() error {
|
||||
if err := encoder.Encode(s.metadata); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *FSFileStore) readMetadata() error {
|
||||
path := filepath.Join(s.dir, "metadata.json")
|
||||
|
||||
f, err := os.Open(path)
|
||||
if err != nil {
|
||||
// TODO: Handle errors better
|
||||
@ -127,6 +111,5 @@ func (s *FSFileStore) readMetadata() error {
|
||||
if err := decoder.Decode(&s.metadata); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
26
filestore_fs_test.go
Normal file
26
filestore_fs_test.go
Normal file
@ -0,0 +1,26 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func TestFSFileStore(t *testing.T) {
|
||||
dir := t.TempDir()
|
||||
s, err := gpaste.NewFSFileStore(dir)
|
||||
if err != nil {
|
||||
t.Fatalf("Error creating store: %s", err)
|
||||
}
|
||||
|
||||
RunFilestoreTest(s, t)
|
||||
persistentDir := t.TempDir()
|
||||
newFunc := func() gpaste.FileStore {
|
||||
s, err := gpaste.NewFSFileStore(persistentDir)
|
||||
if err != nil {
|
||||
t.Fatalf("Error creating store: %s", err)
|
||||
}
|
||||
return s
|
||||
}
|
||||
RunPersistentFilestoreTest(newFunc, t)
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
package files
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -14,7 +14,6 @@ type fileData struct {
|
||||
|
||||
MaxViews uint
|
||||
ExpiresOn time.Time
|
||||
FileSize int64
|
||||
}
|
||||
|
||||
type MemoryFileStore struct {
|
||||
@ -29,22 +28,20 @@ func NewMemoryFileStore() *MemoryFileStore {
|
||||
}
|
||||
|
||||
func (s *MemoryFileStore) Store(f *File) error {
|
||||
|
||||
data := &fileData{
|
||||
ID: f.ID,
|
||||
MaxViews: f.MaxViews,
|
||||
ExpiresOn: f.ExpiresOn,
|
||||
}
|
||||
|
||||
n, err := io.Copy(&data.Body, f.Body)
|
||||
_, err := io.Copy(&data.Body, f.Body)
|
||||
_ = f.Body.Close()
|
||||
|
||||
data.FileSize = n
|
||||
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
||||
s.data[f.ID] = data
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
@ -56,18 +53,11 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("no such item")
|
||||
}
|
||||
|
||||
body := new(bytes.Buffer)
|
||||
if _, err := body.Write(fd.Body.Bytes()); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
f := &File{
|
||||
ID: fd.ID,
|
||||
MaxViews: fd.MaxViews,
|
||||
ExpiresOn: fd.ExpiresOn,
|
||||
Body: io.NopCloser(body),
|
||||
FileSize: fd.FileSize,
|
||||
Body: io.NopCloser(&fd.Body),
|
||||
}
|
||||
|
||||
return f, nil
|
||||
@ -76,21 +66,17 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
|
||||
func (s *MemoryFileStore) Delete(id string) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
||||
delete(s.data, id)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *MemoryFileStore) List() ([]string, error) {
|
||||
ids := make([]string, 0, len(s.data))
|
||||
var ids []string
|
||||
|
||||
s.lock.RLock()
|
||||
defer s.lock.RUnlock()
|
||||
|
||||
for id := range s.data {
|
||||
ids = append(ids, id)
|
||||
}
|
||||
|
||||
return ids, nil
|
||||
}
|
13
filestore_memory_test.go
Normal file
13
filestore_memory_test.go
Normal file
@ -0,0 +1,13 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func TestMemoryFileStore(t *testing.T) {
|
||||
s := gpaste.NewMemoryFileStore()
|
||||
|
||||
RunFilestoreTest(s, t)
|
||||
}
|
157
filestore_test.go
Normal file
157
filestore_test.go
Normal file
@ -0,0 +1,157 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"io"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
func RunFilestoreTest(s gpaste.FileStore, t *testing.T) {
|
||||
t.Run("Basic", func(t *testing.T) {
|
||||
// Create
|
||||
dataString := "TEST_LOL_OMG"
|
||||
id := uuid.Must(uuid.NewRandom()).String()
|
||||
bodyBuf := &bytes.Buffer{}
|
||||
bodyBuf.Write([]byte(dataString))
|
||||
body := io.NopCloser(bodyBuf)
|
||||
f := &gpaste.File{
|
||||
ID: id,
|
||||
MaxViews: 0,
|
||||
Body: body,
|
||||
}
|
||||
|
||||
err := s.Store(f)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to store file: %s", err)
|
||||
}
|
||||
|
||||
// Retrieve
|
||||
retrieved, err := s.Get(id)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to retrieve file: %s", err)
|
||||
}
|
||||
|
||||
retrievedBuf := &bytes.Buffer{}
|
||||
_, err = retrievedBuf.ReadFrom(retrieved.Body)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to read retrieved body: %s", err)
|
||||
}
|
||||
_ = retrieved.Body.Close()
|
||||
if err != nil {
|
||||
t.Fatalf("Error reading from retrieved file: %s", err)
|
||||
}
|
||||
|
||||
if retrievedBuf.String() != dataString {
|
||||
t.Fatalf("Data from retrieved body mismatch. Got %s want %s", retrievedBuf.String(), dataString)
|
||||
}
|
||||
|
||||
// List
|
||||
ids, err := s.List()
|
||||
if err != nil {
|
||||
t.Fatalf("Error doing list: %s", err)
|
||||
}
|
||||
if len(ids) != 1 {
|
||||
t.Fatalf("List has wrong length: %d", len(ids))
|
||||
}
|
||||
if ids[0] != id {
|
||||
t.Fatalf("ID is wrong. Got %s want %s", ids[0], id)
|
||||
}
|
||||
|
||||
// Delete
|
||||
if err := s.Delete(id); err != nil {
|
||||
t.Fatalf("Error deleting file: %s", err)
|
||||
}
|
||||
|
||||
ids, err = s.List()
|
||||
if err != nil {
|
||||
t.Fatalf("Error listing after delete: %s", err)
|
||||
}
|
||||
if len(ids) != 0 {
|
||||
t.Fatalf("List after delete has wrong length: %d", len(ids))
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
func RunPersistentFilestoreTest(newStoreFunc func() gpaste.FileStore, t *testing.T) {
|
||||
s := newStoreFunc()
|
||||
|
||||
files := []struct {
|
||||
File *gpaste.File
|
||||
ExpectedData string
|
||||
}{
|
||||
{
|
||||
File: &gpaste.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "testfile.txt",
|
||||
MaxViews: 5,
|
||||
ExpiresOn: time.Now().Add(10 * time.Minute),
|
||||
Body: io.NopCloser(strings.NewReader("cocks!")),
|
||||
},
|
||||
ExpectedData: "cocks!",
|
||||
},
|
||||
{
|
||||
File: &gpaste.File{
|
||||
ID: uuid.NewString(),
|
||||
OriginalFilename: "testfile2.txt",
|
||||
MaxViews: 5,
|
||||
ExpiresOn: time.Now().Add(10 * time.Minute),
|
||||
Body: io.NopCloser(strings.NewReader("derps!")),
|
||||
},
|
||||
ExpectedData: "derps!",
|
||||
},
|
||||
}
|
||||
|
||||
for _, f := range files {
|
||||
err := s.Store(f.File)
|
||||
if err != nil {
|
||||
t.Fatalf("Error storing file: %s", err)
|
||||
}
|
||||
}
|
||||
for _, f := range files {
|
||||
retrieved, err := s.Get(f.File.ID)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to retrieve file: %s", err)
|
||||
}
|
||||
|
||||
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
|
||||
if !cmp.Equal(retrieved, f.File, ignoreBody) {
|
||||
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
|
||||
}
|
||||
buf := new(strings.Builder)
|
||||
if _, err := io.Copy(buf, retrieved.Body); err != nil {
|
||||
t.Fatalf("Error reading from body: %s", err)
|
||||
}
|
||||
retrieved.Body.Close()
|
||||
if buf.String() != f.ExpectedData {
|
||||
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
|
||||
}
|
||||
}
|
||||
|
||||
// Reopen store, and fetch again
|
||||
s = newStoreFunc()
|
||||
for _, f := range files {
|
||||
retrieved, err := s.Get(f.File.ID)
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to retrieve file: %s", err)
|
||||
}
|
||||
|
||||
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
|
||||
if !cmp.Equal(retrieved, f.File, ignoreBody) {
|
||||
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
|
||||
}
|
||||
buf := new(strings.Builder)
|
||||
if _, err := io.Copy(buf, retrieved.Body); err != nil {
|
||||
t.Fatalf("Error reading from body: %s", err)
|
||||
}
|
||||
retrieved.Body.Close()
|
||||
if buf.String() != f.ExpectedData {
|
||||
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
|
||||
}
|
||||
}
|
||||
}
|
12
go.mod
12
go.mod
@ -2,17 +2,18 @@ module git.t-juice.club/torjus/gpaste
|
||||
|
||||
go 1.17
|
||||
|
||||
require github.com/google/uuid v1.3.0
|
||||
|
||||
require github.com/go-chi/chi/v5 v5.0.7
|
||||
|
||||
require (
|
||||
github.com/go-chi/chi/v5 v5.0.7
|
||||
github.com/golang-jwt/jwt v3.2.2+incompatible
|
||||
github.com/google/go-cmp v0.5.7
|
||||
github.com/google/uuid v1.3.0
|
||||
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
|
||||
github.com/google/go-cmp v0.5.6
|
||||
github.com/pelletier/go-toml v1.9.4
|
||||
github.com/urfave/cli/v2 v2.3.0
|
||||
go.etcd.io/bbolt v1.3.6
|
||||
go.uber.org/zap v1.20.0
|
||||
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8
|
||||
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
|
||||
)
|
||||
|
||||
@ -22,5 +23,4 @@ require (
|
||||
go.uber.org/atomic v1.9.0 // indirect
|
||||
go.uber.org/multierr v1.7.0 // indirect
|
||||
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
|
||||
)
|
||||
|
10
go.sum
10
go.sum
@ -11,12 +11,10 @@ github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8=
|
||||
github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
|
||||
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
|
||||
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
|
||||
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
|
||||
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
|
||||
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
|
||||
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f h1:dKccXx7xA56UNqOcFIbuqFjAWPVtP688j5QMgmo6OHU=
|
||||
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f/go.mod h1:4rEELDSfUAlBSyUjPG0JnaNGjf13JySHFeRdD/3dLP0=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
@ -51,8 +49,8 @@ go.uber.org/zap v1.20.0 h1:N4oPlghZwYG55MlU6LXk/Zp00FVNE9X9wrYO8CEs4lc=
|
||||
go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8 h1:kACShD3qhmr/3rLmg1yXyt+N4HcwutKyPRB93s54TIU=
|
||||
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce h1:Roh6XWxHFKrPgC/EQhVubSAGQ6Ozk6IdxHSzt1mR0EI=
|
||||
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
|
@ -1,4 +1,4 @@
|
||||
LogLevel = "DEBUG"
|
||||
LogLevel = "INFO"
|
||||
URL = "http://paste.example.org"
|
||||
ListenAddr = ":8080"
|
||||
|
||||
|
189
http.go
Normal file
189
http.go
Normal file
@ -0,0 +1,189 @@
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"io"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/go-chi/chi/v5/middleware"
|
||||
"github.com/google/uuid"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type HTTPServer struct {
|
||||
Files FileStore
|
||||
Users UserStore
|
||||
Auth *AuthService
|
||||
config *ServerConfig
|
||||
Logger *zap.SugaredLogger
|
||||
AccessLogger *zap.SugaredLogger
|
||||
http.Server
|
||||
}
|
||||
|
||||
func NewHTTPServer(cfg *ServerConfig) *HTTPServer {
|
||||
srv := &HTTPServer{
|
||||
config: cfg,
|
||||
Logger: zap.NewNop().Sugar(),
|
||||
AccessLogger: zap.NewNop().Sugar(),
|
||||
}
|
||||
srv.Files = NewMemoryFileStore()
|
||||
srv.Users = NewMemoryUserStore()
|
||||
srv.Auth = NewAuthService(srv.Users, []byte(srv.config.SigningSecret))
|
||||
|
||||
// Create initial user
|
||||
// TODO: Do properly
|
||||
user := &User{Username: "admin"}
|
||||
user.SetPassword("admin")
|
||||
srv.Users.Store(user)
|
||||
|
||||
r := chi.NewRouter()
|
||||
r.Use(middleware.RealIP)
|
||||
r.Use(middleware.RequestID)
|
||||
r.Use(srv.MiddlewareAccessLogger)
|
||||
r.Get("/", srv.HandlerIndex)
|
||||
r.Post("/api/file", srv.HandlerAPIFilePost)
|
||||
r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
|
||||
r.Post("/api/login", srv.HandlerAPILogin)
|
||||
srv.Handler = r
|
||||
|
||||
return srv
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerIndex(w http.ResponseWriter, r *http.Request) {
|
||||
_, _ = w.Write([]byte("index"))
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request) {
|
||||
f := &File{
|
||||
ID: uuid.Must(uuid.NewRandom()).String(),
|
||||
Body: r.Body,
|
||||
}
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
// Check if multipart form
|
||||
ct := r.Header.Get("Content-Type")
|
||||
if strings.Contains(ct, "multipart/form-data") {
|
||||
s.processMultiPartFormUpload(w, r)
|
||||
return
|
||||
}
|
||||
err := s.Files.Store(f)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
|
||||
return
|
||||
}
|
||||
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "remote_addr", r.RemoteAddr)
|
||||
var resp = struct {
|
||||
Message string `json:"message"`
|
||||
ID string `json:"id"`
|
||||
URL string `json:"url"`
|
||||
}{
|
||||
Message: "OK",
|
||||
ID: f.ID,
|
||||
URL: "TODO",
|
||||
}
|
||||
w.WriteHeader(http.StatusAccepted)
|
||||
encoder := json.NewEncoder(w)
|
||||
if err := encoder.Encode(&resp); err != nil {
|
||||
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
|
||||
id := chi.URLParam(r, "id")
|
||||
if id == "" {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
f, err := s.Files.Get(id)
|
||||
if err != nil {
|
||||
// TODO: LOG
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
if _, err := io.Copy(w, f.Body); err != nil {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
s.Logger.Warnw("Error writing file to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
type resp struct {
|
||||
Message string `json:"message"`
|
||||
ID string `json:"id"`
|
||||
URL string `json:"url"`
|
||||
}
|
||||
|
||||
var responses []resp
|
||||
|
||||
if err := r.ParseMultipartForm(1024 * 1024 * 10); err != nil {
|
||||
s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
|
||||
}
|
||||
for k := range r.MultipartForm.File {
|
||||
ff, fh, err := r.FormFile(k)
|
||||
if err != nil {
|
||||
s.Logger.Warnw("Error reading file from multipart form.", "req_id", reqID, "error", err)
|
||||
return
|
||||
}
|
||||
f := &File{
|
||||
ID: uuid.Must(uuid.NewRandom()).String(),
|
||||
OriginalFilename: fh.Filename,
|
||||
Body: ff,
|
||||
}
|
||||
|
||||
if err := s.Files.Store(f); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
|
||||
return
|
||||
}
|
||||
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
|
||||
|
||||
responses = append(responses, resp{Message: "OK", ID: f.ID, URL: "TODO"})
|
||||
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusAccepted)
|
||||
encoder := json.NewEncoder(w)
|
||||
if err := encoder.Encode(&responses); err != nil {
|
||||
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
expectedRequest := struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}{}
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
defer r.Body.Close()
|
||||
if err := decoder.Decode(&expectedRequest); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
token, err := s.Auth.Login(expectedRequest.Username, expectedRequest.Password)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
response := struct {
|
||||
Token string `json:"token"`
|
||||
}{
|
||||
Token: token,
|
||||
}
|
||||
|
||||
s.Logger.Infow("User logged in.", "req_id", reqID, "username", expectedRequest.Username)
|
||||
|
||||
encoder := json.NewEncoder(w)
|
||||
if err := encoder.Encode(&response); err != nil {
|
||||
s.Logger.Infow("Error encoding json response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
|
||||
}
|
||||
}
|
144
http_test.go
Normal file
144
http_test.go
Normal file
@ -0,0 +1,144 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func TestHandlers(t *testing.T) {
|
||||
cfg := &gpaste.ServerConfig{
|
||||
SigningSecret: "abc123",
|
||||
Store: &gpaste.ServerStoreConfig{
|
||||
Type: "memory",
|
||||
},
|
||||
URL: "http://localhost:8080",
|
||||
}
|
||||
hs := gpaste.NewHTTPServer(cfg)
|
||||
|
||||
t.Run("HandlerIndex", func(t *testing.T) {
|
||||
rr := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if status := rr.Code; status != http.StatusOK {
|
||||
t.Errorf("Returned unexpected status")
|
||||
}
|
||||
|
||||
expectedBody := "index"
|
||||
if body := rr.Body.String(); body != expectedBody {
|
||||
t.Errorf("Body does not match expected. Got %s want %s", body, expectedBody)
|
||||
}
|
||||
})
|
||||
t.Run("HandlerAPIFilePost", func(t *testing.T) {
|
||||
rr := httptest.NewRecorder()
|
||||
buf := &bytes.Buffer{}
|
||||
mw := multipart.NewWriter(buf)
|
||||
fw, err := mw.CreateFormFile("test", "test.txt")
|
||||
if err != nil {
|
||||
t.Fatalf("Unable to create form file: %s", err)
|
||||
}
|
||||
expectedData := "Test OMEGALUL PLS."
|
||||
if _, err := io.WriteString(fw, expectedData); err != nil {
|
||||
t.Fatalf("Unable to write body to buffer: %s", err)
|
||||
}
|
||||
mw.Close()
|
||||
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/file", buf)
|
||||
req.Header.Add("Content-Type", mw.FormDataContentType())
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if status := rr.Code; status != http.StatusAccepted {
|
||||
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
|
||||
}
|
||||
|
||||
var expectedResp []struct {
|
||||
Message string `json:"message"`
|
||||
ID string `json:"id"`
|
||||
URL string `json:"url"`
|
||||
}
|
||||
|
||||
decoder := json.NewDecoder(rr.Result().Body)
|
||||
if err := decoder.Decode(&expectedResp); err != nil {
|
||||
t.Fatalf("error decoding response: %s", err)
|
||||
}
|
||||
|
||||
if l := len(expectedResp); l != 1 {
|
||||
t.Errorf("Response has wrong length. Got %d want %d", l, 1)
|
||||
}
|
||||
|
||||
uploadID := expectedResp[0].ID
|
||||
if uploadID == "" {
|
||||
t.Errorf("Response has empty id")
|
||||
}
|
||||
|
||||
t.Run("HandlerAPIFileGet", func(t *testing.T) {
|
||||
rr := httptest.NewRecorder()
|
||||
url := fmt.Sprintf("/api/file/%s", uploadID)
|
||||
req := httptest.NewRequest(http.MethodGet, url, nil)
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
if status := rr.Code; status != http.StatusOK {
|
||||
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
|
||||
t.Logf(url)
|
||||
}
|
||||
if body := rr.Body.String(); body != expectedData {
|
||||
t.Errorf("Returned body does not match expected.")
|
||||
}
|
||||
})
|
||||
})
|
||||
t.Run("HandlerAPILogin", func(t *testing.T) {
|
||||
// TODO: Add test
|
||||
username := "admin"
|
||||
password := "admin"
|
||||
user := &gpaste.User{Username: username}
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
t.Fatalf("Error setting user password: %s", err)
|
||||
}
|
||||
if err := hs.Users.Store(user); err != nil {
|
||||
t.Fatalf("Error storing user: %s", err)
|
||||
}
|
||||
|
||||
requestData := struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}{
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
|
||||
body := new(bytes.Buffer)
|
||||
encoder := json.NewEncoder(body)
|
||||
if err := encoder.Encode(&requestData); err != nil {
|
||||
t.Fatalf("Error encoding request body: %s", err)
|
||||
}
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/login", body)
|
||||
|
||||
hs.Handler.ServeHTTP(rr, req)
|
||||
|
||||
responseData := struct {
|
||||
Token string `json:"token"`
|
||||
}{}
|
||||
|
||||
decoder := json.NewDecoder(rr.Body)
|
||||
if err := decoder.Decode(&responseData); err != nil {
|
||||
t.Fatalf("Error decoding response: %s", err)
|
||||
}
|
||||
|
||||
if err := hs.Auth.ValidateToken(responseData.Token); err != nil {
|
||||
t.Fatalf("Unable to validate received token: %s", err)
|
||||
}
|
||||
})
|
||||
}
|
30
middleware.go
Normal file
30
middleware.go
Normal file
@ -0,0 +1,30 @@
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/go-chi/chi/v5/middleware"
|
||||
)
|
||||
|
||||
func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
|
||||
fn := func(w http.ResponseWriter, r *http.Request) {
|
||||
ww := middleware.NewWrapResponseWriter(w, r.ProtoMajor)
|
||||
t1 := time.Now()
|
||||
|
||||
reqID := middleware.GetReqID(r.Context())
|
||||
|
||||
defer func() {
|
||||
s.AccessLogger.Infow(r.Method,
|
||||
"path", r.URL.Path,
|
||||
"status", ww.Status(),
|
||||
"written", ww.BytesWritten(),
|
||||
"remote_addr", r.RemoteAddr,
|
||||
"processing_time_ms", time.Since(t1).Milliseconds(),
|
||||
"req_id", reqID)
|
||||
}()
|
||||
|
||||
next.ServeHTTP(ww, r)
|
||||
}
|
||||
return http.HandlerFunc(fn)
|
||||
}
|
@ -1,32 +1,16 @@
|
||||
package users
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
type Role string
|
||||
|
||||
const (
|
||||
RoleUnset Role = ""
|
||||
RoleUser Role = "user"
|
||||
RoleAdmin Role = "admin"
|
||||
)
|
||||
import "golang.org/x/crypto/bcrypt"
|
||||
|
||||
type User struct {
|
||||
Username string `json:"username"`
|
||||
HashedPassword []byte `json:"hashedPassword"`
|
||||
Role Role `json:"role"`
|
||||
HashedPassword []byte `json:"hashed_password"`
|
||||
}
|
||||
|
||||
var ErrNoSuchUser = fmt.Errorf("no such user")
|
||||
|
||||
type UserStore interface {
|
||||
Get(username string) (*User, error)
|
||||
Store(user *User) error
|
||||
Delete(username string) error
|
||||
List() ([]string, error)
|
||||
}
|
||||
|
||||
func (u *User) ValidatePassword(password string) error {
|
||||
@ -38,8 +22,6 @@ func (u *User) SetPassword(password string) error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
u.HashedPassword = hashed
|
||||
|
||||
return nil
|
||||
}
|
@ -1,10 +1,10 @@
|
||||
package users_test
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func TestUser(t *testing.T) {
|
||||
@ -15,7 +15,7 @@ func TestUser(t *testing.T) {
|
||||
}
|
||||
|
||||
for username, password := range userMap {
|
||||
user := &users.User{Username: username}
|
||||
user := &gpaste.User{Username: username}
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
t.Fatalf("Error setting password: %s", err)
|
||||
}
|
@ -1,15 +0,0 @@
|
||||
package users_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
)
|
||||
|
||||
func TestMemoryUserStore(t *testing.T) {
|
||||
newFunc := func() (func(), users.UserStore) {
|
||||
return func() {}, users.NewMemoryUserStore()
|
||||
}
|
||||
|
||||
RunUserStoreTest(newFunc, t)
|
||||
}
|
@ -1,73 +0,0 @@
|
||||
package users_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
)
|
||||
|
||||
func RunUserStoreTest(newFunc func() (func(), users.UserStore), t *testing.T) {
|
||||
t.Run("Basics", func(t *testing.T) {
|
||||
cleanup, s := newFunc()
|
||||
t.Cleanup(cleanup)
|
||||
|
||||
userMap := make(map[string]*users.User)
|
||||
passwordMap := make(map[string]string)
|
||||
for i := 0; i < 10; i++ {
|
||||
username := randomString(8)
|
||||
password := randomString(16)
|
||||
passwordMap[username] = password
|
||||
user := &users.User{
|
||||
Username: username,
|
||||
Role: users.RoleAdmin,
|
||||
}
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
t.Fatalf("Error setting password: %s", err)
|
||||
}
|
||||
userMap[username] = user
|
||||
}
|
||||
|
||||
for _, user := range userMap {
|
||||
if err := s.Store(user); err != nil {
|
||||
t.Fatalf("Error storing user: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
for k := range userMap {
|
||||
user, err := s.Get(k)
|
||||
if err != nil {
|
||||
t.Errorf("Error getting user: %s", err)
|
||||
}
|
||||
if err := user.ValidatePassword(passwordMap[user.Username]); err != nil {
|
||||
t.Errorf("Error verifying password: %s", err)
|
||||
}
|
||||
|
||||
if !cmp.Equal(user, userMap[k]) {
|
||||
t.Errorf("User mismatch: %s", cmp.Diff(user, userMap[k]))
|
||||
}
|
||||
}
|
||||
|
||||
l, err := s.List()
|
||||
if err != nil {
|
||||
t.Fatalf("Error listing users: %s", err)
|
||||
}
|
||||
if len(l) != len(userMap) {
|
||||
t.Errorf("List wrong amount of users.")
|
||||
}
|
||||
|
||||
for _, username := range l {
|
||||
if err := s.Delete(username); err != nil {
|
||||
t.Fatalf("Error deleting user: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
l, err = s.List()
|
||||
if err != nil {
|
||||
t.Fatalf("Error listing after delete: %s", err)
|
||||
}
|
||||
if len(l) != 0 {
|
||||
t.Fatalf("List is not empty after deleting all")
|
||||
}
|
||||
})
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
package users
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
@ -6,8 +6,6 @@ import (
|
||||
"go.etcd.io/bbolt"
|
||||
)
|
||||
|
||||
var _ UserStore = &BoltUserStore{}
|
||||
|
||||
var keyUsers = []byte("users")
|
||||
|
||||
type BoltUserStore struct {
|
||||
@ -15,7 +13,7 @@ type BoltUserStore struct {
|
||||
}
|
||||
|
||||
func NewBoltUserStore(path string) (*BoltUserStore, error) {
|
||||
db, err := bbolt.Open(path, 0o666, nil) // nolint: gomnd
|
||||
db, err := bbolt.Open(path, 0666, nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -36,7 +34,6 @@ func (s *BoltUserStore) Close() error {
|
||||
|
||||
func (s *BoltUserStore) Get(username string) (*User, error) {
|
||||
var user User
|
||||
|
||||
err := s.db.View(func(tx *bbolt.Tx) error {
|
||||
bkt := tx.Bucket(keyUsers)
|
||||
rawUser := bkt.Get([]byte(username))
|
||||
@ -48,7 +45,6 @@ func (s *BoltUserStore) Get(username string) (*User, error) {
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &user, nil
|
||||
}
|
||||
|
||||
@ -71,24 +67,3 @@ func (s *BoltUserStore) Delete(username string) error {
|
||||
return bkt.Delete([]byte(username))
|
||||
})
|
||||
}
|
||||
|
||||
func (s *BoltUserStore) List() ([]string, error) {
|
||||
var ids []string
|
||||
|
||||
err := s.db.View(func(tx *bbolt.Tx) error {
|
||||
bkt := tx.Bucket(keyUsers)
|
||||
|
||||
c := bkt.Cursor()
|
||||
|
||||
for k, _ := c.First(); k != nil; k, _ = c.Next() {
|
||||
ids = append(ids, string(k))
|
||||
}
|
||||
|
||||
return nil
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return ids, nil
|
||||
}
|
@ -1,18 +1,18 @@
|
||||
package users_test
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"path/filepath"
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste/users"
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func TestBoltUserStore(t *testing.T) {
|
||||
tmpDir := t.TempDir()
|
||||
newFunc := func() (func(), users.UserStore) {
|
||||
newFunc := func() (func(), gpaste.UserStore) {
|
||||
tmpFile := filepath.Join(tmpDir, randomString(8))
|
||||
|
||||
store, err := users.NewBoltUserStore(tmpFile)
|
||||
store, err := gpaste.NewBoltUserStore(tmpFile)
|
||||
if err != nil {
|
||||
t.Fatalf("Error creating store: %s", err)
|
||||
}
|
@ -1,12 +1,10 @@
|
||||
package users
|
||||
package gpaste
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"sync"
|
||||
)
|
||||
|
||||
var _ UserStore = &MemoryUserStore{}
|
||||
|
||||
type MemoryUserStore struct {
|
||||
users map[string]*User
|
||||
lock sync.Mutex
|
||||
@ -15,13 +13,10 @@ type MemoryUserStore struct {
|
||||
func NewMemoryUserStore() *MemoryUserStore {
|
||||
return &MemoryUserStore{users: make(map[string]*User)}
|
||||
}
|
||||
|
||||
func (s *MemoryUserStore) Get(username string) (*User, error) {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
||||
user, ok := s.users[username]
|
||||
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("no such user: %s", username)
|
||||
}
|
||||
@ -32,29 +27,13 @@ func (s *MemoryUserStore) Get(username string) (*User, error) {
|
||||
func (s *MemoryUserStore) Store(user *User) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
||||
s.users[user.Username] = user
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *MemoryUserStore) Delete(username string) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
||||
delete(s.users, username)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *MemoryUserStore) List() ([]string, error) {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
||||
ids := make([]string, 0, len(s.users))
|
||||
for k := range s.users {
|
||||
ids = append(ids, k)
|
||||
}
|
||||
|
||||
return ids, nil
|
||||
}
|
15
userstore_memory_test.go
Normal file
15
userstore_memory_test.go
Normal file
@ -0,0 +1,15 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func TestMemoryUserStore(t *testing.T) {
|
||||
newFunc := func() (func(), gpaste.UserStore) {
|
||||
return func() {}, gpaste.NewMemoryUserStore()
|
||||
}
|
||||
|
||||
RunUserStoreTest(newFunc, t)
|
||||
}
|
41
userstore_test.go
Normal file
41
userstore_test.go
Normal file
@ -0,0 +1,41 @@
|
||||
package gpaste_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.t-juice.club/torjus/gpaste"
|
||||
)
|
||||
|
||||
func RunUserStoreTest(newFunc func() (func(), gpaste.UserStore), t *testing.T) {
|
||||
t.Run("Basics", func(t *testing.T) {
|
||||
cleanup, s := newFunc()
|
||||
t.Cleanup(cleanup)
|
||||
|
||||
userMap := make(map[string]string)
|
||||
for i := 0; i < 10; i++ {
|
||||
userMap[randomString(8)] = randomString(16)
|
||||
}
|
||||
|
||||
for k, v := range userMap {
|
||||
user := &gpaste.User{
|
||||
Username: k,
|
||||
}
|
||||
if err := user.SetPassword(v); err != nil {
|
||||
t.Fatalf("Error setting password: %s", err)
|
||||
}
|
||||
if err := s.Store(user); err != nil {
|
||||
t.Fatalf("Error storing user: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
for k, v := range userMap {
|
||||
user, err := s.Get(k)
|
||||
if err != nil {
|
||||
t.Errorf("Error getting user: %s", err)
|
||||
}
|
||||
if err := user.ValidatePassword(v); err != nil {
|
||||
t.Errorf("Error verifying password: %s", err)
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
Loading…
Reference in New Issue
Block a user