torjus/gpaste
1
0
Fork 0
Code Issues 1 Pull Requests Releases 16 Activity

Compare commits

base: torjus:master
Branches Tags
torjus:master
torjus:v0.3.12
torjus:v0.3.11
torjus:v0.3.10
torjus:v0.3.9
torjus:v0.3.8
torjus:v0.3.7
torjus:v0.3.6
torjus:v0.3.5
torjus:v0.3.4
torjus:v0.3.3
torjus:v0.3.2
torjus:v0.3.1
torjus:v0.3.0
torjus:v0.2.0
torjus:v0.1.4
torjus:v0.1.3
torjus:v0.1.2
torjus:v0.1.1
..
compare: torjus:v0.3.3
Branches Tags
torjus:master
torjus:v0.3.12
torjus:v0.3.11
torjus:v0.3.10
torjus:v0.3.9
torjus:v0.3.8
torjus:v0.3.7
torjus:v0.3.6
torjus:v0.3.5
torjus:v0.3.4
torjus:v0.3.3
torjus:v0.3.2
torjus:v0.3.1
torjus:v0.3.0
torjus:v0.2.0
torjus:v0.1.4
torjus:v0.1.3
torjus:v0.1.2
torjus:v0.1.1

No commits in common. "master" and "v0.3.3" have entirely different histories.
master ... v0.3.3

39 changed files with 863 additions and 2090 deletions
Show Stats Expand all files Collapse all files

35
.golangci.yml
View File

@ -1,35 +0,0 @@
run:
tests: false
linters:
enable:
- deadcode
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- structcheck
- typecheck
- unused
- varcheck
- gosec
- asciicheck
- bidichk
- bodyclose
- gomnd
- ifshort
- misspell
- prealloc
- tagliatelle
- ireturn
- gocritic
- whitespace
- stylecheck
- exportloopref
- godot
- gofumpt
linters-settings:
gomnd:
ignored-functions:
- "strconv.ParseUint"

21
.goreleaser.yaml
View File

@ -6,7 +6,6 @@ before:
- go mod tidy
# you may remove this if you don't need go generate
- go generate ./...
builds:
- id: "gpaste-client"
binary: "gpaste"
@ -29,42 +28,22 @@ builds:
goarch:
- amd64
main: ./cmd/server/server.go
archives:
- format_overrides:
- goos: windows
format: zip
checksum:
name_template: 'checksums.txt'
snapshot:
name_template: "{{ incpatch .Version }}-next"
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
scoop:
url_template: "https://git.t-juice.club/torjus/gpaste/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
bucket:
owner: torjus
name: scoop-tjuice
branch: master
folder: bucket
commit_author:
name: ci.t-juice.club
email: ci@t-juice.club
commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}"
homepage: "https://git.t-juice.club/torjus/gpaste"
description: "Simple pastebin-style thingie."
gitea_urls:
api: https://git.t-juice.club/api/v1/
download: https://git.t-juice.club
env_files:
gitea_token: gitea_token

14
.woodpecker.yml
View File

@ -2,22 +2,14 @@ pipeline:
test:
image: golang:latest
commands:
- go build -o gpaste-client ./cmd/client/client.go
- go build -o gpaste-server ./cmd/server/server.go
- go test -cover -coverprofile="/tmp/cover.out" ./...
- go tool cover -func="/tmp/cover.out"
- go build ./cmd/client/client.go
- go build ./cmd/server/server.go
- go test -v ./...
- go vet ./...
when:
branch: master
event: [push, pull_request, tag, deployment]
lint:
image: golangci/golangci-lint:v1.43.0
commands:
- golangci-lint run
when:
event: [push, pull_request]
image-latest:
image: plugins/docker
settings:

1
Dockerfile
View File

@ -10,5 +10,4 @@ RUN go build -o gpaste-server ./cmd/server/server.go
FROM alpine:latest
COPY --from=builder /src/gpaste /bin/gpaste
COPY --from=builder /src/gpaste-server /bin/gpaste-server
EXPOSE 8080
CMD ["/bin/gpaste-server"]

35
README.md
View File

@ -1,35 +0,0 @@
![status-badge](https://ci.t-juice.club/api/badges/torjus/gpaste/status.svg)
# gpaste
Simple pastebin-style webapp.
## Build
### gpaste-server
```text
go build -o gpaste-server cmd/server/server.go
```
### gpaste-client
```text
go build -o gpaste cmd/client/client.go
```
## Run using docker
### From registry
```text
docker pull registry.t-juice.club/gpaste:latest
docker run --rm -it -p 8080:8080 registry.t-juice.club/gpaste:latest
```
### From Dockerfile
```text
docker build -t gpaste:latest .
docker run --rm -it p 8080:8080 gpaste:latest
```

302
api/http.go
View File

@ -1,302 +0,0 @@
package api
import (
"encoding/json"
"io"
"net/http"
"path"
"strconv"
"strings"
"time"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/files"
"git.t-juice.club/torjus/gpaste/users"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
"github.com/google/uuid"
"go.uber.org/zap"
)
const multipartMaxMemory = 1024 * 1024 * 100
type HTTPServer struct {
Files files.FileStore
Users users.UserStore
Auth *gpaste.AuthService
config *gpaste.ServerConfig
Logger *zap.SugaredLogger
AccessLogger *zap.SugaredLogger
http.Server
}
func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
srv := &HTTPServer{
config: cfg,
Logger: zap.NewNop().Sugar(),
AccessLogger: zap.NewNop().Sugar(),
Files: files.NewMemoryFileStore(),
Users: users.NewMemoryUserStore(),
}
signingSecret, _ := uuid.Must(uuid.NewRandom()).MarshalBinary()
srv.Auth = gpaste.NewAuthService(srv.Users, signingSecret)
r := chi.NewRouter()
r.Use(middleware.RealIP)
r.Use(middleware.RequestID)
r.Use(srv.MiddlewareAccessLogger)
r.Use(srv.MiddlewareAuthentication)
r.Get("/", srv.HandlerIndex)
r.Post("/api/file", srv.HandlerAPIFilePost)
r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
r.Delete("/api/file/{id}", srv.HandlerAPIFileDelete)
r.Post("/api/login", srv.HandlerAPILogin)
r.Post("/api/user", srv.HandlerAPIUserCreate)
srv.Handler = r
return srv
}
func (s *HTTPServer) HandlerIndex(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte("index"))
}
func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
// Check if multipart form
ct := r.Header.Get("Content-Type")
if strings.Contains(ct, "multipart/form-data") {
s.processMultiPartFormUpload(w, r)
return
}
f := fileFromParams(r)
f.ID = uuid.NewString()
f.Body = r.Body
err := s.Files.Store(f)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return
}
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "remote_addr", r.RemoteAddr)
fileURL := path.Join(s.config.URL, "/api/file", f.ID)
resp := &ResponseAPIFilePost{
Message: "OK",
Files: []ResponseAPIFilePostFiles{
{
ID: f.ID,
URL: fileURL,
},
},
}
w.WriteHeader(http.StatusAccepted)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&resp); err != nil {
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
id := chi.URLParam(r, "id")
if id == "" {
w.WriteHeader(http.StatusBadRequest)
return
}
f, err := s.Files.Get(id)
if err != nil {
// TODO: LOG
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusOK)
if _, err := io.Copy(w, f.Body); err != nil {
reqID := middleware.GetReqID(r.Context())
s.Logger.Warnw("Error writing file to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPIFileDelete(w http.ResponseWriter, r *http.Request) {
// TODO: Require auth
id := chi.URLParam(r, "id")
if id == "" {
w.WriteHeader(http.StatusBadRequest)
return
}
if err := s.Files.Delete(id); err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
reqID := middleware.GetReqID(r.Context())
s.Logger.Infow("Deleted file", "id", id, "req_id", reqID)
}
func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
var resp ResponseAPIFilePost
if err := r.ParseMultipartForm(multipartMaxMemory); err != nil {
s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
}
for k := range r.MultipartForm.File {
ff, fh, err := r.FormFile(k)
if err != nil {
s.Logger.Warnw("Error reading file from multipart form.", "req_id", reqID, "error", err)
return
}
f := fileFromParams(r)
f.ID = uuid.NewString()
f.OriginalFilename = fh.Filename
f.Body = ff
if err := s.Files.Store(f); err != nil {
w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return
}
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
fileURL := path.Join(s.config.URL, "/api/file", f.ID)
fileResponse := ResponseAPIFilePostFiles{ID: f.ID, URL: fileURL}
resp.Files = append(resp.Files, fileResponse)
}
w.WriteHeader(http.StatusAccepted)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&resp); err != nil {
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
var expectedRequest RequestAPILogin
decoder := json.NewDecoder(r.Body)
defer r.Body.Close()
if err := decoder.Decode(&expectedRequest); err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
token, err := s.Auth.Login(expectedRequest.Username, expectedRequest.Password)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
response := ResponseAPILogin{
Token: token,
}
s.Logger.Infow("User logged in.", "req_id", reqID, "username", expectedRequest.Username)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&response); err != nil {
s.Logger.Infow("Error encoding json response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
defer r.Body.Close()
role, err := RoleFromRequest(r)
if err != nil || role != users.RoleAdmin {
w.WriteHeader(http.StatusUnauthorized)
return
}
var req RequestAPIUserCreate
decoder := json.NewDecoder(r.Body)
if err := decoder.Decode(&req); err != nil {
s.Logger.Debugw("Error parsing request.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
w.WriteHeader(http.StatusBadRequest)
return
}
// TODO: Ensure user does not already exist
user := &users.User{Username: req.Username, Role: users.RoleUser}
if err := user.SetPassword(req.Password); err != nil {
s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
w.WriteHeader(http.StatusBadRequest)
return
}
if err := s.Users.Store(user); err != nil {
s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusAccepted)
s.Logger.Infow("Created user.", "req_id", reqID, "remote_addr", r.RemoteAddr, "username", req.Username)
}
func (s *HTTPServer) HandlerAPIUserList(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
l, err := s.Users.List()
if err != nil {
s.Logger.Warnw("Error listing users.", "req_id", reqID, "error", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
encoder := json.NewEncoder(w)
if err := encoder.Encode(l); err != nil {
s.Logger.Warnw("Error encoding response.", "req_id", "error", err)
}
}
func fileFromParams(r *http.Request) *files.File {
const (
keyMaxViews = "max_views"
keyExpiresOn = "exp"
)
var f files.File
q := r.URL.Query()
if q.Has(keyMaxViews) {
views, err := strconv.ParseUint(q.Get(keyMaxViews), 10, 64) // nolint: gomnd
if err == nil {
f.MaxViews = uint(views)
}
}
if q.Has(keyExpiresOn) {
exp, err := time.Parse(time.RFC3339, q.Get(keyExpiresOn))
if err == nil {
f.ExpiresOn = exp
}
}
return &f
}

280
api/http_test.go
View File

@ -1,280 +0,0 @@
package api_test
import (
"bytes"
"encoding/json"
"fmt"
"io"
"mime/multipart"
"net/http"
"net/http/httptest"
"strings"
"testing"
"time"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/api"
"git.t-juice.club/torjus/gpaste/files"
"git.t-juice.club/torjus/gpaste/users"
"github.com/google/go-cmp/cmp"
"github.com/google/uuid"
)
func TestHandlers(t *testing.T) {
//cfg := &gpaste.ServerConfig{
// SigningSecret: "abc123",
// Store: &gpaste.ServerStoreConfig{
// Type: "memory",
// },
// URL: "http://localhost:8080",
//}
//hs := api.NewHTTPServer(cfg)
t.Run("index", func(t *testing.T) {
hs := newServer()
rr := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodGet, "/", nil)
hs.Handler.ServeHTTP(rr, req)
if status := rr.Code; status != http.StatusOK {
t.Errorf("Returned unexpected status")
}
expectedBody := "index"
if body := rr.Body.String(); body != expectedBody {
t.Errorf("Body does not match expected. Got %s want %s", body, expectedBody)
}
})
t.Run("api", func(t *testing.T) {
t.Run("file", func(t *testing.T) {
// POST /api/file
t.Run("POST", func(t *testing.T) {
hs := newServer()
rr := httptest.NewRecorder()
buf := &bytes.Buffer{}
mw := multipart.NewWriter(buf)
fw, err := mw.CreateFormFile("test", "test.txt")
if err != nil {
t.Fatalf("Unable to create form file: %s", err)
}
expectedData := "Test OMEGALUL PLS."
if _, err := io.WriteString(fw, expectedData); err != nil {
t.Fatalf("Unable to write body to buffer: %s", err)
}
mw.Close()
req := httptest.NewRequest(http.MethodPost, "/api/file?max_views=99", buf)
req.Header.Add("Content-Type", mw.FormDataContentType())
hs.Handler.ServeHTTP(rr, req)
if status := rr.Code; status != http.StatusAccepted {
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
}
var expectedResp api.ResponseAPIFilePost
decoder := json.NewDecoder(rr.Result().Body)
if err := decoder.Decode(&expectedResp); err != nil {
t.Fatalf("error decoding response: %s", err)
}
if l := len(expectedResp.Files); l != 1 {
t.Errorf("Response has wrong length. Got %d want %d", l, 1)
}
uploadID := expectedResp.Files[0].ID
if uploadID == "" {
t.Errorf("Response has empty id")
}
retrieved, err := hs.Files.Get(uploadID)
if err != nil {
t.Errorf("Error retrieving file: %s", err)
}
defer retrieved.Body.Close()
retBuf := new(bytes.Buffer)
io.Copy(retBuf, retrieved.Body)
if diff := cmp.Diff(retBuf.String(), expectedData); diff != "" {
t.Errorf("Retrieved file mismatch: %s", diff)
}
if retrieved.MaxViews != 99 {
t.Errorf("Uploaded file has wrong max_views: %d", retrieved.MaxViews)
}
})
// GET /api/file/id
t.Run("GET", func(t *testing.T) {
hs := newServer()
fileData := "abc123456"
sr := io.NopCloser(strings.NewReader(fileData))
file := &files.File{
ID: uuid.NewString(),
OriginalFilename: "test-file.txt",
MaxViews: 99,
ExpiresOn: time.Now().Add(90 * time.Second),
Body: sr,
}
hs.Files.Store(file)
rr := httptest.NewRecorder()
url := fmt.Sprintf("/api/file/%s", file.ID)
req := httptest.NewRequest(http.MethodGet, url, nil)
hs.Handler.ServeHTTP(rr, req)
if status := rr.Code; status != http.StatusOK {
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
t.Logf(url)
}
if diff := cmp.Diff(rr.Body.String(), fileData); diff != "" {
t.Errorf("Returned body does not match expected: %s", diff)
}
})
// DELETE /api/file/id
t.Run("DELETE", func(t *testing.T) {
hs := newServer()
fileBody := io.NopCloser(strings.NewReader("roflcopter"))
file := &files.File{
ID: uuid.NewString(),
OriginalFilename: "testpls.txt",
MaxViews: 9,
ExpiresOn: time.Now().Add(10 * time.Hour),
Body: fileBody,
}
if err := hs.Files.Store(file); err != nil {
t.Fatalf("Error storing file: %s", err)
}
rr := httptest.NewRecorder()
url := fmt.Sprintf("/api/file/%s", file.ID)
req := httptest.NewRequest(http.MethodDelete, url, nil)
hs.Handler.ServeHTTP(rr, req)
if rr.Result().StatusCode != http.StatusOK {
t.Fatalf("Delete returned wrong status: %s", rr.Result().Status)
}
if _, err := hs.Files.Get(file.ID); err == nil {
t.Errorf("Getting after delete returned no error")
}
})
})
// /api/user
t.Run("user", func(t *testing.T) {
t.Run("POST", func(t *testing.T) {
hs := newServer()
adminPw := "admin"
admin := &users.User{
Username: "admin",
Role: users.RoleAdmin,
}
_ = admin.SetPassword(adminPw)
_ = hs.Users.Store(admin)
token, err := hs.Auth.Login(admin.Username, adminPw)
if err != nil {
t.Fatalf("error getting admin token: %s", err)
}
requestData := &api.RequestAPIUserCreate{
Username: "test",
Password: "test",
}
body := new(bytes.Buffer)
encoder := json.NewEncoder(body)
if err := encoder.Encode(requestData); err != nil {
t.Fatalf("Error encoding data: %s", err)
}
rr := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodPost, "/api/user", body)
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
hs.Handler.ServeHTTP(rr, req)
if rr.Result().StatusCode != http.StatusAccepted {
t.Fatalf("Create returned wrong status: %s", rr.Result().Status)
}
user, err := hs.Users.Get(requestData.Username)
if err != nil {
t.Fatalf("Unable to get user after create: %s", err)
}
expectedUser := &users.User{
Username: requestData.Username,
Role: users.RoleUser,
}
ignorePW := cmp.FilterPath(func(p cmp.Path) bool {
return p.String() == "HashedPassword"
}, cmp.Ignore())
if diff := cmp.Diff(user, expectedUser, ignorePW); diff != "" {
t.Errorf("User does not match expected: %s", diff)
}
})
})
// /api/login
t.Run("Login", func(t *testing.T) {
hs := newServer()
// TODO: Add test
username := "admin"
password := "admin"
user := &users.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting user password: %s", err)
}
if err := hs.Users.Store(user); err != nil {
t.Fatalf("Error storing user: %s", err)
}
requestData := struct {
Username string `json:"username"`
Password string `json:"password"`
}{
Username: username,
Password: password,
}
body := new(bytes.Buffer)
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
t.Fatalf("Error encoding request body: %s", err)
}
rr := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodPost, "/api/login", body)
hs.Handler.ServeHTTP(rr, req)
responseData := struct {
Token string `json:"token"`
}{}
decoder := json.NewDecoder(rr.Body)
if err := decoder.Decode(&responseData); err != nil {
t.Fatalf("Error decoding response: %s", err)
}
if _, err := hs.Auth.ValidateToken(responseData.Token); err != nil {
t.Fatalf("Unable to validate received token: %s", err)
}
})
})
}
func newServer() *api.HTTPServer {
cfg := &gpaste.ServerConfig{
SigningSecret: "abc123",
Store: &gpaste.ServerStoreConfig{
Type: "memory",
},
URL: "http://localhost:8080",
}
return api.NewHTTPServer(cfg)
}

29
api/json.go
View File

@ -1,29 +0,0 @@
package api
type RequestAPIUserCreate struct {
Username string `json:"username"`
Password string `json:"password"`
}
type RequestAPILogin struct {
Username string `json:"username"`
Password string `json:"password"`
}
type ResponseAPILogin struct {
Token string `json:"token"`
}
type ResponseAPIFilePost struct {
Message string `json:"message"`
Files []ResponseAPIFilePostFiles `json:"files"`
}
type ResponseAPIFilePostFiles struct {
ID string `json:"id"`
URL string `json:"url"`
}
type ResponseAPIUserList struct {
Usernames []string `json:"usernames"`
}

39
auth.go
View File

@ -4,23 +4,24 @@ import (
"fmt"
"time"
"git.t-juice.club/torjus/gpaste/users"
"github.com/golang-jwt/jwt"
"github.com/google/uuid"
)
type AuthLevel int
const (
AuthLevelUnset AuthLevel = iota
AuthLevelUser
AuthLevelAdmin
)
type AuthService struct {
users users.UserStore
users UserStore
hmacSecret []byte
}
type Claims struct {
Role users.Role `json:"role,omitempty"`
jwt.StandardClaims
}
func NewAuthService(store users.UserStore, signingSecret []byte) *AuthService {
func NewAuthService(store UserStore, signingSecret []byte) *AuthService {
return &AuthService{users: store, hmacSecret: signingSecret}
}
@ -35,16 +36,15 @@ func (as *AuthService) Login(username, password string) (string, error) {
}
// TODO: Set iss and aud
claims := new(Claims)
claims.Subject = user.Username
claims.ExpiresAt = time.Now().Add(7 * 24 * time.Hour).Unix()
claims.NotBefore = time.Now().Unix()
claims.IssuedAt = time.Now().Unix()
claims.Id = uuid.NewString()
claims.Role = user.Role
claims := jwt.StandardClaims{
Subject: user.Username,
ExpiresAt: time.Now().Add(7 * 24 * time.Hour).Unix(),
NotBefore: time.Now().Unix(),
IssuedAt: time.Now().Unix(),
Id: uuid.NewString(),
}
token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
signed, err := token.SignedString(as.hmacSecret)
if err != nil {
return "", err
@ -53,15 +53,14 @@ func (as *AuthService) Login(username, password string) (string, error) {
return signed, nil
}
func (as *AuthService) ValidateToken(rawToken string) (*Claims, error) {
claims := &Claims{}
func (as *AuthService) ValidateToken(rawToken string) (*jwt.StandardClaims, error) {
claims := &jwt.StandardClaims{}
token, err := jwt.ParseWithClaims(rawToken, claims, func(t *jwt.Token) (interface{}, error) {
return as.hmacSecret, nil
})
if err != nil {
return nil, err
}
if !token.Valid {
return nil, fmt.Errorf("invalid token")
}

23
auth_test.go
View File

@ -1,24 +1,21 @@
package gpaste_test
import (
"math/rand"
"testing"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/users"
"github.com/google/go-cmp/cmp"
)
func TestAuth(t *testing.T) {
t.Run("Token", func(t *testing.T) {
us := users.NewMemoryUserStore()
us := gpaste.NewMemoryUserStore()
secret := []byte(randomString(16))
as := gpaste.NewAuthService(us, secret)
username := randomString(8)
password := randomString(16)
user := &users.User{Username: username, Role: users.RoleAdmin}
user := &gpaste.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("error setting user password: %s", err)
}
@ -31,26 +28,12 @@ func TestAuth(t *testing.T) {
t.Fatalf("Error creating token: %s", err)
}
claims, err := as.ValidateToken(token)
if err != nil {
if _, err := as.ValidateToken(token); err != nil {
t.Fatalf("Error validating token: %s", err)
}
if claims.Role != user.Role {
t.Fatalf("Token role is not correct: %s", cmp.Diff(claims.Role, user.Role))
}
invalidToken := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDMyMjk3NjMsImp0aSI6ImUzNDk5NWI1LThiZmMtNDQyNy1iZDgxLWFmNmQ3OTRiYzM0YiIsImlhdCI6MTY0MjYyNDk2MywibmJmIjoxNjQyNjI0OTYzLCJzdWIiOiJYdE5Hemt5ZSJ9.VM6dkwSLaBv8cStkWRVVv9ADjdUrHGHrlB7GB7Ly7n8`
if _, err := as.ValidateToken(invalidToken); err == nil {
t.Fatalf("Invalid token passed validation")
}
})
}
func randomString(length int) string {
const charset = "abcdefghijklmnopqrstabcdefghijklmnopqrstuvwxyz" +
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
b := make([]byte, length)
for i := range b {
b[i] = charset[rand.Intn(len(charset))]
}
return string(b)
}

240
client/client.go
View File

@ -1,240 +0,0 @@
package client
import (
"bytes"
"context"
"encoding/json"
"fmt"
"io"
"mime/multipart"
"net/http"
"os"
"path/filepath"
"time"
"git.t-juice.club/torjus/gpaste/api"
"git.t-juice.club/torjus/gpaste/files"
"github.com/google/uuid"
"github.com/kirsle/configdir"
)
const defaultTimeout = 10 * time.Second
type Client struct {
BaseURL string `json:"baseUrl"`
AuthToken string `json:"authToken"`
httpClient http.Client
}
func (c *Client) WriteConfigToWriter(w io.Writer) error {
encoder := json.NewEncoder(w)
return encoder.Encode(c)
}
func (c *Client) WriteConfig() error {
dir := configdir.LocalConfig("gpaste")
// Ensure dir exists
err := os.MkdirAll(dir, os.ModePerm)
if err != nil {
return err
}
path := filepath.Join(dir, "client.json")
f, err := os.Create(path)
if err != nil {
return err
}
defer f.Close()
return c.WriteConfigToWriter(f)
}
func (c *Client) LoadConfig() error {
dir := configdir.LocalCache("gpaste")
path := filepath.Join(dir, "client.json")
f, err := os.Open(path)
if err != nil {
return err
}
defer f.Close()
return c.LoadConfigFromReader(f)
}
func (c *Client) LoadConfigFromReader(r io.Reader) error {
decoder := json.NewDecoder(r)
return decoder.Decode(c)
}
func (c *Client) Login(ctx context.Context, username, password string) error {
url := fmt.Sprintf("%s/api/login", c.BaseURL)
// TODO: Change timeout
ctx, cancel := context.WithTimeout(ctx, defaultTimeout)
defer cancel()
body := new(bytes.Buffer)
requestData := api.RequestAPILogin{
Username: username,
Password: password,
}
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
return fmt.Errorf("error encoding response: %w", err)
}
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
if err != nil {
return fmt.Errorf("error creating request: %w", err)
}
resp, err := c.httpClient.Do(req)
if err != nil {
return fmt.Errorf("unable to perform request: %s", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return fmt.Errorf("got non-ok response from server: %s", resp.Status)
}
var responseData api.ResponseAPILogin
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&responseData); err != nil {
return fmt.Errorf("unable to parse response: %s", err)
}
c.AuthToken = responseData.Token
return nil
}
func (c *Client) UserCreate(ctx context.Context, username, password string) error {
url := fmt.Sprintf("%s/api/user", c.BaseURL)
body := new(bytes.Buffer)
requestData := &api.RequestAPIUserCreate{
Username: username,
Password: password,
}
encoder := json.NewEncoder(body)
if err := encoder.Encode(requestData); err != nil {
return fmt.Errorf("error encoding response: %w", err)
}
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
if err != nil {
return fmt.Errorf("error creating request: %w", err)
}
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
resp, err := c.httpClient.Do(req)
if err != nil {
return fmt.Errorf("unable to perform request: %s", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusAccepted {
return fmt.Errorf("got non-ok response from server: %s", resp.Status)
}
return nil
}
func (c *Client) Download(ctx context.Context, id string) (io.ReadCloser, error) {
url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
if err != nil {
return nil, fmt.Errorf("error creating request: %w", err)
}
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
resp, err := c.httpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("unable to perform request: %s", err)
}
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("got non-ok response from server: %s", resp.Status)
}
return resp.Body, nil
}
func (c *Client) Upload(ctx context.Context, files ...*files.File) (*api.ResponseAPIFilePost, error) {
url := fmt.Sprintf("%s/api/file", c.BaseURL)
client := &http.Client{}
// TODO: Change timeout
// TODO: Improve buffering
buf := &bytes.Buffer{}
mw := multipart.NewWriter(buf)
for _, file := range files {
fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), file.OriginalFilename)
if err != nil {
return nil, err
}
if _, err := io.Copy(fw, file.Body); err != nil {
return nil, err
}
file.Body.Close()
}
mw.Close()
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
if err != nil {
return nil, err
}
req.Header.Add("Content-Type", mw.FormDataContentType())
resp, err := client.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
var expectedResp *api.ResponseAPIFilePost
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&expectedResp); err != nil {
return nil, fmt.Errorf("error decoding response: %w", err)
}
return expectedResp, nil
}
func (c *Client) Delete(ctx context.Context, id string) error {
url := fmt.Sprintf("%s/api/file/%s", c.BaseURL, id)
req, err := http.NewRequestWithContext(ctx, http.MethodDelete, url, nil)
if err != nil {
return fmt.Errorf("error creating request: %w", err)
}
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
resp, err := c.httpClient.Do(req)
if err != nil {
return fmt.Errorf("unable to perform request: %s", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return fmt.Errorf("got non-ok response from server: %s", resp.Status)
}
return nil
}

194
client/client_test.go
View File

@ -1,194 +0,0 @@
package client_test
import (
"bytes"
"context"
"fmt"
"io"
"net"
"strings"
"testing"
"time"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/api"
"git.t-juice.club/torjus/gpaste/client"
"git.t-juice.club/torjus/gpaste/files"
"git.t-juice.club/torjus/gpaste/users"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
"github.com/google/uuid"
)
func TestClient(t *testing.T) {
listener, err := net.Listen("tcp", ":0")
if err != nil {
panic(err)
}
port := listener.Addr().(*net.TCPAddr).Port
cfg := &gpaste.ServerConfig{
LogLevel: "ERROR",
URL: fmt.Sprintf("http://localhost:%d", port),
SigningSecret: "TEST",
Store: &gpaste.ServerStoreConfig{Type: "memory"},
}
srv := api.NewHTTPServer(cfg)
go func() {
srv.Serve(listener)
}()
t.Cleanup(func() {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
srv.Shutdown(ctx)
listener.Close()
})
// Add users
username := "admin"
password := "admin"
user := &users.User{
Username: username,
Role: users.RoleAdmin,
}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting password: %s", err)
}
if err := srv.Users.Store(user); err != nil {
t.Fatalf("Error storing user: %s", err)
}
t.Run("Login", func(t *testing.T) {
client := client.Client{BaseURL: cfg.URL}
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
if err := client.Login(ctx, username, password); err != nil {
t.Fatalf("Error logging in: %s", err)
}
claims, err := srv.Auth.ValidateToken(client.AuthToken)
if err != nil {
t.Errorf("unable to get claims from token: %s", err)
}
if claims.Role != user.Role {
t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Role, user.Role))
}
if claims.Subject != username {
t.Errorf("Claims have wrong role: %s", cmp.Diff(claims.Subject, username))
}
t.Run("UserCreate", func(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
username := "user"
password := "user"
if err := client.UserCreate(ctx, username, password); err != nil {
t.Fatalf("Error creating user: %s", err)
}
user, err := srv.Users.Get(username)
if err != nil {
t.Fatalf("Error getting new user: %s", err)
}
if user.Username != username {
t.Errorf("Username does not match.")
}
if err := user.ValidatePassword(password); err != nil {
t.Errorf("Unable to validate password: %s", err)
}
})
})
t.Run("Upload", func(t *testing.T) {
client := client.Client{BaseURL: cfg.URL}
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
fileContents := "this is the test file"
fileBody := io.NopCloser(strings.NewReader(fileContents))
file := &files.File{
OriginalFilename: "filename.txt",
Body: fileBody,
}
resp, err := client.Upload(ctx, file)
if err != nil {
t.Fatalf("Error uploading: %s", err)
}
retrieved, err := srv.Files.Get(resp.Files[0].ID)
if err != nil {
t.Fatalf("Error getting uploaded file from store: %s", err)
}
defer retrieved.Body.Close()
buf := new(strings.Builder)
if _, err := io.Copy(buf, retrieved.Body); err != nil {
t.Fatalf("error reading body from store: %s", err)
}
if buf.String() != fileContents {
t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
}
})
t.Run("Download", func(t *testing.T) {
client := client.Client{BaseURL: cfg.URL}
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
fileContents := "this is the test file"
fileBody := io.NopCloser(strings.NewReader(fileContents))
file := &files.File{
ID: uuid.NewString(),
OriginalFilename: "filename.txt",
Body: fileBody,
}
if err := srv.Files.Store(file); err != nil {
t.Fatalf("Error putting file in store: %s", err)
}
body, err := client.Download(ctx, file.ID)
if err != nil {
t.Fatalf("Error uploading: %s", err)
}
defer body.Close()
buf := new(strings.Builder)
if _, err := io.Copy(buf, body); err != nil {
t.Fatalf("error reading body from store: %s", err)
}
if buf.String() != fileContents {
t.Errorf("File contents does not match: %s", cmp.Diff(buf.String(), fileContents))
}
})
t.Run("Save", func(t *testing.T) {
c := client.Client{BaseURL: "http://example.org/gpaste", AuthToken: "tokenpls"}
expectedConfig := "{\"baseUrl\":\"http://example.org/gpaste\",\"authToken\":\"tokenpls\"}\n"
buf := new(bytes.Buffer)
err := c.WriteConfigToWriter(buf)
if err != nil {
t.Fatalf("Error writing config: %s", err)
}
if diff := cmp.Diff(buf.String(), expectedConfig); diff != "" {
t.Errorf("Written config does not match expected: %s", diff)
}
})
t.Run("Load", func(t *testing.T) {
c := client.Client{}
config := "{\"baseUrl\":\"http://pasta.example.org\",\"authToken\":\"tokenpls\"}\n"
expectedClient := client.Client{BaseURL: "http://pasta.example.org", AuthToken: "tokenpls"}
sr := strings.NewReader(config)
if err := c.LoadConfigFromReader(sr); err != nil {
t.Fatalf("Error reading config: %s", err)
}
if diff := cmp.Diff(c, expectedClient, cmpopts.IgnoreUnexported(client.Client{})); diff != "" {
t.Errorf("Client does not match expected: %s", diff)
}
})
}

162
cmd/client/actions/actions.go
View File

@ -1,162 +0,0 @@
package actions
import (
"bufio"
"context"
"fmt"
"os"
"strings"
"syscall"
"time"
"git.t-juice.club/torjus/gpaste/client"
"git.t-juice.club/torjus/gpaste/files"
"github.com/urfave/cli/v2"
"golang.org/x/term"
)
const defaultTimeout = 10 * time.Second
func ActionUpload(c *cli.Context) error {
clnt := client.Client{
BaseURL: c.String("url"),
}
for _, arg := range c.Args().Slice() {
f, err := os.Open(arg)
if err != nil {
return err
}
defer f.Close()
file := &files.File{
OriginalFilename: arg,
Body: f,
}
resp, err := clnt.Upload(c.Context, file)
if err != nil {
errmsg := fmt.Sprintf("Error uploading file: %s", err)
return cli.Exit(errmsg, 1)
}
fmt.Printf("Uploaded file %s - %s", file.OriginalFilename, resp.Files[0].URL)
}
return nil
}
func ActionDelete(c *cli.Context) error {
clnt := client.Client{
BaseURL: c.String("url"),
}
for _, arg := range c.Args().Slice() {
ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
defer cancel()
if err := clnt.Delete(ctx, arg); err != nil {
fmt.Printf("Error deleting file %s\n", arg)
fmt.Printf("%s\n", err)
}
fmt.Printf("Deleted %s\n", arg)
}
return nil
}
func ActionLogin(c *cli.Context) error {
username := c.Args().First()
if username == "" {
return cli.Exit("USERNAME not supplied.", 1)
}
password, err := readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
}
clnt := client.Client{
BaseURL: c.String("url"),
}
if err := clnt.Login(c.Context, username, password); err != nil {
errmsg := fmt.Sprintf("Error logging in: %s", err)
return cli.Exit(errmsg, 1)
}
if err := clnt.WriteConfig(); err != nil {
errMsg := fmt.Sprintf("Failed to write config: %s", err)
return cli.Exit(errMsg, 1)
}
// TODO: Store this somewhere, so we don't need to log in each time
fmt.Println("Successfully logged in.")
return nil
}
func ActionUserCreate(c *cli.Context) error {
// TODO: Needs to supply auth token to actually work
fmt.Println("Need to be logged in to create user")
username := readString("Enter username: ")
password, err := readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
}
clnt := client.Client{
BaseURL: c.String("url"),
}
ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
defer cancel()
if err := clnt.Login(ctx, username, password); err != nil {
errmsg := fmt.Sprintf("Error logging in: %s", err)
return cli.Exit(errmsg, 1)
}
fmt.Println("User to create:")
username = readString("Enter username: ")
password, err = readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
}
if err := clnt.UserCreate(ctx, username, password); err != nil {
errmsg := fmt.Sprintf("Error creating user: %s", err)
return cli.Exit(errmsg, 1)
}
fmt.Printf("Created user %s\n", username)
return nil
}
func readPassword() (string, error) {
fmt.Print("Enter Password: ")
bytePassword, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", err
}
password := string(bytePassword)
return strings.TrimSpace(password), nil
}
func readString(prompt string) string {
fmt.Print(prompt)
scanner := bufio.NewScanner(os.Stdin)
for scanner.Scan() {
return scanner.Text()
}
return ""
}

158
cmd/client/client.go
View File

@ -1,11 +1,21 @@
package main
import (
"bytes"
"context"
"encoding/json"
"fmt"
"io"
"mime/multipart"
"net/http"
"os"
"strings"
"syscall"
"time"
"git.t-juice.club/torjus/gpaste/cmd/client/actions"
"github.com/google/uuid"
"github.com/urfave/cli/v2"
"golang.org/x/term"
)
var (
@ -35,34 +45,138 @@ func main() {
Name: "upload",
Usage: "Upload file(s)",
ArgsUsage: "FILE [FILE]...",
Action: actions.ActionUpload,
},
{
Name: "delete",
Usage: "Delete file(s)",
ArgsUsage: "FILE [FILE]...",
Action: actions.ActionDelete,
Action: ActionUpload,
},
{
Name: "login",
Usage: "Login to gpaste server",
ArgsUsage: "USERNAME",
Action: actions.ActionLogin,
},
{
Name: "admin",
Usage: "Admin related commands",
Subcommands: []*cli.Command{
{
Name: "create-user",
Usage: "Create a new user",
ArgsUsage: "USERNAME",
Action: actions.ActionUserCreate,
},
},
Action: ActionLogin,
},
},
}
_ = app.Run(os.Args)
app.Run(os.Args)
}
func ActionUpload(c *cli.Context) error {
url := fmt.Sprintf("%s/api/file", c.String("url"))
client := &http.Client{}
// TODO: Change timeout
ctx, cancel := context.WithTimeout(c.Context, 10*time.Minute)
defer cancel()
buf := &bytes.Buffer{}
mw := multipart.NewWriter(buf)
for _, arg := range c.Args().Slice() {
f, err := os.Open(arg)
if err != nil {
return err
}
defer f.Close()
fw, err := mw.CreateFormFile(uuid.Must(uuid.NewRandom()).String(), arg)
if err != nil {
return err
}
if _, err := io.Copy(fw, f); err != nil {
return err
}
}
mw.Close()
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
if err != nil {
return err
}
req.Header.Add("Content-Type", mw.FormDataContentType())
resp, err := client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
var expectedResp []struct {
Message string `json:"message"`
ID string `json:"id"`
URL string `json:"url"`
}
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&expectedResp); err != nil {
return fmt.Errorf("error decoding response: %w", err)
}
for _, r := range expectedResp {
fmt.Printf("Uploaded file %s\n", r.ID)
}
return nil
}
func ActionLogin(c *cli.Context) error {
username := c.Args().First()
if username == "" {
return cli.Exit("USERNAME not supplied.", 1)
}
password, err := readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
}
url := fmt.Sprintf("%s/api/login", c.String("url"))
client := &http.Client{}
// TODO: Change timeout
ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
defer cancel()
body := new(bytes.Buffer)
requestData := struct {
Username string `json:"username"`
Password string `json:"password"`
}{
Username: username,
Password: password,
}
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
return fmt.Errorf("error encoding response: %w", err)
}
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
if err != nil {
return fmt.Errorf("error creating request: %w", err)
}
resp, err := client.Do(req)
if err != nil {
return fmt.Errorf("unable to perform request: %s", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return cli.Exit("got non-ok response from server", 0)
}
responseData := struct {
Token string `json:"token"`
}{}
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&responseData); err != nil {
return fmt.Errorf("unable to parse response: %s", err)
}
fmt.Printf("Token: %s", responseData.Token)
return nil
}
func readPassword() (string, error) {
fmt.Print("Enter Password: ")
bytePassword, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", err
}
password := string(bytePassword)
return strings.TrimSpace(password), nil
}

215
cmd/server/actions/actions.go
View File

@ -1,215 +0,0 @@
package actions
import (
"context"
"io"
"net/http"
"os"
"os/signal"
"path/filepath"
"strings"
"time"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/api"
"git.t-juice.club/torjus/gpaste/files"
"git.t-juice.club/torjus/gpaste/users"
"github.com/google/uuid"
"github.com/urfave/cli/v2"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
)
func ActionServe(c *cli.Context) error {
configPath := "gpaste-server.toml"
if c.IsSet("config") {
configPath = c.String("config")
}
var (
cfg *gpaste.ServerConfig
r io.ReadCloser
)
r, err := os.Open(configPath)
if err != nil {
cfg = &gpaste.ServerConfig{
LogLevel: "INFO",
URL: "localhost:8080",
ListenAddr: ":8080",
SigningSecret: "TODO: CHANGE THIS LOL",
Store: &gpaste.ServerStoreConfig{
Type: "memory",
},
}
} else {
defer r.Close()
cfg, err = gpaste.ServerConfigFromReader(r)
if err != nil {
if err != nil {
return cli.Exit(err, 1)
}
}
}
// Setup loggers
rootLogger := getRootLogger(cfg.LogLevel)
serverLogger := rootLogger.Named("SERV")
accessLogger := rootLogger.Named("ACCS")
// Setup contexts for clean shutdown
rootCtx, rootCancel := signal.NotifyContext(context.Background(), os.Interrupt)
defer rootCancel()
httpCtx, httpCancel := context.WithCancel(rootCtx)
defer httpCancel()
httpShutdownCtx, httpShutdownCancel := context.WithCancel(context.Background())
defer httpShutdownCancel()
// Setup stores
// Files
fileStore, fileClose, err := getFileStore(cfg)
if err != nil {
return err
}
defer fileClose() // nolint: errcheck
// Users
userStore, userClose, err := getUserStore(cfg)
if err != nil {
return err
}
defer userClose() // nolint: errcheck
if userList, err := userStore.List(); err != nil {
serverLogger.Panicw("Error checking userstore for users.", "error", err)
} else if len(userList) < 1 {
admin := users.User{
Username: "admin",
Role: users.RoleAdmin,
}
password := uuid.NewString()
if err := admin.SetPassword(password); err != nil {
serverLogger.DPanic("Error setting admin-user password.", "error", err)
}
serverLogger.Warnw("Created admin-user.", "username", admin.Username, "password", password)
}
// Auth
auth := gpaste.NewAuthService(userStore, []byte(cfg.SigningSecret))
go func() {
srv := api.NewHTTPServer(cfg)
srv.Users = userStore
srv.Files = fileStore
srv.Addr = cfg.ListenAddr
srv.Logger = serverLogger
srv.AccessLogger = accessLogger
srv.Auth = auth
// Wait for cancel
go func() {
<-httpCtx.Done()
timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second) // nolint: gomnd
defer cancel()
_ = srv.Shutdown(timeoutCtx)
}()
serverLogger.Infow("Starting HTTP server.", "addr", cfg.ListenAddr)
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
serverLogger.Errorw("Error during shutdown.", "error", err)
}
serverLogger.Infow("HTTP server shutdown complete.", "addr", cfg.ListenAddr)
httpShutdownCancel()
}()
<-httpShutdownCtx.Done()
return nil
}
func getRootLogger(level string) *zap.SugaredLogger {
logEncoderConfig := zap.NewProductionEncoderConfig()
logEncoderConfig.EncodeCaller = zapcore.ShortCallerEncoder
logEncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
logEncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
logEncoderConfig.EncodeDuration = zapcore.StringDurationEncoder
rootLoggerConfig := &zap.Config{
Level: zap.NewAtomicLevelAt(zap.DebugLevel),
OutputPaths: []string{"stdout"},
ErrorOutputPaths: []string{"stdout"},
Encoding: "console",
EncoderConfig: logEncoderConfig,
DisableCaller: true,
}
switch strings.ToUpper(level) {
case "DEBUG":
rootLoggerConfig.DisableCaller = false
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.DebugLevel)
case "INFO":
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.InfoLevel)
case "WARN", "WARNING":
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.WarnLevel)
case "ERR", "ERROR":
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.ErrorLevel)
}
rootLogger, err := rootLoggerConfig.Build()
if err != nil {
panic(err)
}
return rootLogger.Sugar()
}
// nolint: ireturn
func getUserStore(cfg *gpaste.ServerConfig) (users.UserStore, func() error, error) {
closer := func() error { return nil }
switch cfg.Store.Type {
case "memory":
return users.NewMemoryUserStore(), closer, nil
case "fs":
path := filepath.Join(cfg.Store.FS.Dir, "gpaste-users.db")
bs, err := users.NewBoltUserStore(path)
if err != nil {
return nil, closer, cli.Exit("error setting up user store", 1)
}
return bs, bs.Close, nil
default:
return nil, closer, cli.Exit("no userstore configured", 1)
}
}
// nolint: ireturn
func getFileStore(cfg *gpaste.ServerConfig) (files.FileStore, func() error, error) {
closer := func() error { return nil }
switch cfg.Store.Type {
case "memory":
return files.NewMemoryFileStore(), closer, nil
case "fs":
var err error
s, err := files.NewFSFileStore(cfg.Store.FS.Dir)
if err != nil {
return nil, closer, cli.Exit("error setting up filestore", 1)
}
return s, closer, nil
default:
return nil, closer, cli.Exit("No store configured", 1)
}
}

102
cmd/server/server.go
View File

@ -1,11 +1,18 @@
package main
import (
"context"
"fmt"
"net/http"
"os"
"os/signal"
"strings"
"time"
"git.t-juice.club/torjus/gpaste/cmd/server/actions"
"git.t-juice.club/torjus/gpaste"
"github.com/urfave/cli/v2"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
)
var (
@ -26,8 +33,97 @@ func main() {
Usage: "Path to config-file.",
},
},
Action: actions.ActionServe,
Action: ActionServe,
}
_ = app.Run(os.Args)
app.Run(os.Args)
}
func ActionServe(c *cli.Context) error {
configPath := "gpaste-server.toml"
if c.IsSet("config") {
configPath = c.String("config")
}
f, err := os.Open(configPath)
if err != nil {
return cli.Exit(err, 1)
}
defer f.Close()
cfg, err := gpaste.ServerConfigFromReader(f)
if err != nil {
return cli.Exit(err, 1)
}
// Setup loggers
rootLogger := getRootLogger(cfg.LogLevel)
serverLogger := rootLogger.Named("SERV")
accessLogger := rootLogger.Named("ACCS")
// Setup contexts for clean shutdown
rootCtx, rootCancel := signal.NotifyContext(context.Background(), os.Interrupt)
defer rootCancel()
httpCtx, httpCancel := context.WithCancel(rootCtx)
defer httpCancel()
httpShutdownCtx, httpShutdownCancel := context.WithCancel(context.Background())
defer httpShutdownCancel()
go func() {
srv := gpaste.NewHTTPServer(cfg)
srv.Addr = cfg.ListenAddr
srv.Logger = serverLogger
srv.AccessLogger = accessLogger
// Wait for cancel
go func() {
<-httpCtx.Done()
timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
srv.Shutdown(timeoutCtx)
}()
serverLogger.Infow("Starting HTTP server.", "addr", cfg.ListenAddr)
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
serverLogger.Errorw("Error during shutdown.", "error", err)
}
serverLogger.Infow("HTTP server shutdown complete.", "addr", cfg.ListenAddr)
httpShutdownCancel()
}()
<-httpShutdownCtx.Done()
return nil
}
func getRootLogger(level string) *zap.SugaredLogger {
logEncoderConfig := zap.NewProductionEncoderConfig()
logEncoderConfig.EncodeCaller = zapcore.ShortCallerEncoder
logEncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
logEncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
logEncoderConfig.EncodeDuration = zapcore.StringDurationEncoder
rootLoggerConfig := &zap.Config{
Level: zap.NewAtomicLevelAt(zap.DebugLevel),
OutputPaths: []string{"stdout"},
ErrorOutputPaths: []string{"stdout"},
Encoding: "console",
EncoderConfig: logEncoderConfig,
DisableCaller: true,
}
switch strings.ToUpper(level) {
case "DEBUG":
rootLoggerConfig.DisableCaller = false
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.DebugLevel)
case "INFO":
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.InfoLevel)
case "WARN", "WARNING":
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.WarnLevel)
case "ERR", "ERROR":
rootLoggerConfig.Level = zap.NewAtomicLevelAt(zap.ErrorLevel)
}
rootLogger, err := rootLoggerConfig.Build()
if err != nil {
panic(err)
}
return rootLogger.Sugar()
}

1
config.go
View File

@ -33,7 +33,6 @@ func ServerConfigFromReader(r io.Reader) (*ServerConfig, error) {
FS: &ServerStoreFSStoreConfig{},
},
}
if err := decoder.Decode(&c); err != nil {
return nil, fmt.Errorf("error decoding server config: %w", err)
}

29
files/filestore_fs_test.go
View File

@ -1,29 +0,0 @@
package files_test
import (
"testing"
"git.t-juice.club/torjus/gpaste/files"
)
func TestFSFileStore(t *testing.T) {
newFunc := func() files.FileStore {
dir := t.TempDir()
s, err := files.NewFSFileStore(dir)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
return s
}
RunFilestoreTest(newFunc, t)
persistentDir := t.TempDir()
persistentFunc := func() files.FileStore {
s, err := files.NewFSFileStore(persistentDir)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
return s
}
RunPersistentFilestoreTest(persistentFunc, t)
}

15
files/filestore_memory_test.go
View File

@ -1,15 +0,0 @@
package files_test
import (
"testing"
"git.t-juice.club/torjus/gpaste/files"
)
func TestMemoryFileStore(t *testing.T) {
newFunc := func() files.FileStore {
return files.NewMemoryFileStore()
}
RunFilestoreTest(newFunc, t)
}

217
files/filestore_test.go
View File

@ -1,217 +0,0 @@
package files_test
import (
"bytes"
"io"
"strings"
"testing"
"time"
"git.t-juice.club/torjus/gpaste/files"
"github.com/google/go-cmp/cmp"
"github.com/google/uuid"
)
var ignoreBody = cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
func RunFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
t.Run("Basic", func(t *testing.T) {
s := newStoreFunc()
// Create
dataString := "TEST_LOL_OMG"
id := uuid.Must(uuid.NewRandom()).String()
bodyBuf := &bytes.Buffer{}
bodyBuf.Write([]byte(dataString))
body := io.NopCloser(bodyBuf)
f := &files.File{
ID: id,
MaxViews: 99,
Body: body,
ExpiresOn: time.Now().Add(99 * time.Second),
}
err := s.Store(f)
if err != nil {
t.Fatalf("Unable to store file: %s", err)
}
// Retrieve
retrieved, err := s.Get(id)
if err != nil {
t.Fatalf("Unable to retrieve file: %s", err)
}
retrievedBuf := &bytes.Buffer{}
_, err = retrievedBuf.ReadFrom(retrieved.Body)
if err != nil {
t.Fatalf("Unable to read retrieved body: %s", err)
}
_ = retrieved.Body.Close()
if err != nil {
t.Fatalf("Error reading from retrieved file: %s", err)
}
if retrievedBuf.String() != dataString {
t.Fatalf("Data from retrieved body mismatch. Got %s want %s", retrievedBuf.String(), dataString)
}
expected := &files.File{
ID: f.ID,
MaxViews: f.MaxViews,
ExpiresOn: f.ExpiresOn,
FileSize: int64(len(dataString)),
}
if diff := cmp.Diff(retrieved, expected, ignoreBody); diff != "" {
t.Errorf("File comparison failed: %s", diff)
}
// List
ids, err := s.List()
if err != nil {
t.Fatalf("Error doing list: %s", err)
}
if len(ids) != 1 {
t.Fatalf("List has wrong length: %d", len(ids))
}
if ids[0] != id {
t.Fatalf("ID is wrong. Got %s want %s", ids[0], id)
}
// Delete
if err := s.Delete(id); err != nil {
t.Fatalf("Error deleting file: %s", err)
}
ids, err = s.List()
if err != nil {
t.Fatalf("Error listing after delete: %s", err)
}
if len(ids) != 0 {
t.Fatalf("List after delete has wrong length: %d", len(ids))
}
})
t.Run("MultipleGet", func(t *testing.T) {
s := newStoreFunc()
fileContents := "multiple get test !"
body := io.NopCloser(strings.NewReader(fileContents))
file := &files.File{
ID: uuid.NewString(),
OriginalFilename: "multiple.txt",
MaxViews: 999,
ExpiresOn: time.Now().Add(1 * time.Hour),
Body: body,
FileSize: int64(len(fileContents)),
}
if err := s.Store(file); err != nil {
t.Fatalf("Error storing file: %s", err)
}
first, err := s.Get(file.ID)
if err != nil {
t.Errorf("Error retrieving first file: %s", err)
}
firstBody := new(bytes.Buffer)
io.Copy(firstBody, first.Body)
first.Body.Close()
if diff := cmp.Diff(firstBody.String(), fileContents); diff != "" {
t.Fatalf("File contents mismatch: %s", diff)
}
second, err := s.Get(file.ID)
if err != nil {
t.Errorf("Error retrieving first file: %s", err)
}
secondBody := new(bytes.Buffer)
io.Copy(secondBody, second.Body)
first.Body.Close()
if diff := cmp.Diff(secondBody.String(), fileContents); diff != "" {
t.Fatalf("File contents mismatch: %s", diff)
}
})
}
func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
t.Run("Basics", func(t *testing.T) {
s := newStoreFunc()
files := []struct {
File *files.File
ExpectedData string
}{
{
File: &files.File{
ID: uuid.NewString(),
OriginalFilename: "testfile.txt",
MaxViews: 5,
ExpiresOn: time.Now().Add(10 * time.Minute),
Body: io.NopCloser(strings.NewReader("cocks!")),
FileSize: 6,
},
ExpectedData: "cocks!",
},
{
File: &files.File{
ID: uuid.NewString(),
OriginalFilename: "testfile2.txt",
MaxViews: 5,
ExpiresOn: time.Now().Add(10 * time.Minute),
Body: io.NopCloser(strings.NewReader("derps!")),
FileSize: 6,
},
ExpectedData: "derps!",
},
}
for _, f := range files {
err := s.Store(f.File)
if err != nil {
t.Fatalf("Error storing file: %s", err)
}
}
for _, f := range files {
retrieved, err := s.Get(f.File.ID)
if err != nil {
t.Fatalf("Unable to retrieve file: %s", err)
}
if !cmp.Equal(retrieved, f.File, ignoreBody) {
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
}
buf := new(strings.Builder)
if _, err := io.Copy(buf, retrieved.Body); err != nil {
t.Fatalf("Error reading from body: %s", err)
}
retrieved.Body.Close()
if buf.String() != f.ExpectedData {
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
}
}
// Reopen store, and fetch again
s = newStoreFunc()
for _, f := range files {
retrieved, err := s.Get(f.File.ID)
if err != nil {
t.Fatalf("Unable to retrieve file: %s", err)
}
if !cmp.Equal(retrieved, f.File, ignoreBody) {
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
}
buf := new(strings.Builder)
if _, err := io.Copy(buf, retrieved.Body); err != nil {
t.Fatalf("Error reading from body: %s", err)
}
retrieved.Body.Close()
if buf.String() != f.ExpectedData {
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
}
}
})
}

10
files/filestore.go → filestore.go
View File

@ -1,4 +1,4 @@
package files
package gpaste
import (
"io"
@ -7,13 +7,11 @@ import (
type File struct {
ID string `json:"id"`
OriginalFilename string `json:"originalFilename"`
MaxViews uint `json:"maxViews"`
ExpiresOn time.Time `json:"expiresOn"`
OriginalFilename string `json:"original_filename"`
MaxViews uint `json:"max_views"`
ExpiresOn time.Time `json:"expires_on"`
Body io.ReadCloser
FileSize int64 `json:"fileSize"`
}
type FileStore interface {

23
files/filestore_fs.go → filestore_fs.go
View File

@ -1,4 +1,4 @@
package files
package gpaste
import (
"encoding/json"
@ -23,7 +23,6 @@ func NewFSFileStore(dir string) (*FSFileStore, error) {
return s, err
}
func (s *FSFileStore) Store(f *File) error {
defer f.Body.Close()
@ -35,26 +34,20 @@ func (s *FSFileStore) Store(f *File) error {
}
path := filepath.Join(s.dir, f.ID)
dst, err := os.Create(path)
if err != nil {
return err
}
defer dst.Close()
n, err := io.Copy(dst, f.Body)
if err != nil {
if _, err := io.Copy(dst, f.Body); err != nil {
return err
}
s.metadata[f.ID] = metadata
s.metadata[f.ID].FileSize = n
if err := s.writeMetadata(); err != nil {
delete(s.metadata, f.ID)
return err
}
return nil
}
@ -65,14 +58,11 @@ func (s *FSFileStore) Get(id string) (*File, error) {
}
path := filepath.Join(s.dir, id)
f, err := os.Open(path)
if err != nil {
return nil, err
}
metadata.Body = f
return metadata, nil
}
@ -81,24 +71,20 @@ func (s *FSFileStore) Delete(id string) error {
if err := os.Remove(path); err != nil {
return err
}
delete(s.metadata, id)
return nil
}
func (s *FSFileStore) List() ([]string, error) {
results := make([]string, 0, len(s.metadata))
var results []string
for k := range s.metadata {
results = append(results, k)
}
return results, nil
}
func (s *FSFileStore) writeMetadata() error {
path := filepath.Join(s.dir, "metadata.json")
f, err := os.Create(path)
if err != nil {
return err
@ -109,13 +95,11 @@ func (s *FSFileStore) writeMetadata() error {
if err := encoder.Encode(s.metadata); err != nil {
return err
}
return nil
}
func (s *FSFileStore) readMetadata() error {
path := filepath.Join(s.dir, "metadata.json")
f, err := os.Open(path)
if err != nil {
// TODO: Handle errors better
@ -127,6 +111,5 @@ func (s *FSFileStore) readMetadata() error {
if err := decoder.Decode(&s.metadata); err != nil {
return err
}
return nil
}

26
filestore_fs_test.go Normal file
View File

@ -0,0 +1,26 @@
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestFSFileStore(t *testing.T) {
dir := t.TempDir()
s, err := gpaste.NewFSFileStore(dir)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
RunFilestoreTest(s, t)
persistentDir := t.TempDir()
newFunc := func() gpaste.FileStore {
s, err := gpaste.NewFSFileStore(persistentDir)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
return s
}
RunPersistentFilestoreTest(newFunc, t)
}

24
files/filestore_memory.go → filestore_memory.go
View File

@ -1,4 +1,4 @@
package files
package gpaste
import (
"bytes"
@ -14,7 +14,6 @@ type fileData struct {
MaxViews uint
ExpiresOn time.Time
FileSize int64
}
type MemoryFileStore struct {
@ -29,22 +28,20 @@ func NewMemoryFileStore() *MemoryFileStore {
}
func (s *MemoryFileStore) Store(f *File) error {
data := &fileData{
ID: f.ID,
MaxViews: f.MaxViews,
ExpiresOn: f.ExpiresOn,
}
n, err := io.Copy(&data.Body, f.Body)
_, err := io.Copy(&data.Body, f.Body)
_ = f.Body.Close()
data.FileSize = n
s.lock.Lock()
defer s.lock.Unlock()
s.data[f.ID] = data
return err
}
@ -56,18 +53,11 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
if !ok {
return nil, fmt.Errorf("no such item")
}
body := new(bytes.Buffer)
if _, err := body.Write(fd.Body.Bytes()); err != nil {
return nil, err
}
f := &File{
ID: fd.ID,
MaxViews: fd.MaxViews,
ExpiresOn: fd.ExpiresOn,
Body: io.NopCloser(body),
FileSize: fd.FileSize,
Body: io.NopCloser(&fd.Body),
}
return f, nil
@ -76,21 +66,17 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
func (s *MemoryFileStore) Delete(id string) error {
s.lock.Lock()
defer s.lock.Unlock()
delete(s.data, id)
return nil
}
func (s *MemoryFileStore) List() ([]string, error) {
ids := make([]string, 0, len(s.data))
var ids []string
s.lock.RLock()
defer s.lock.RUnlock()
for id := range s.data {
ids = append(ids, id)
}
return ids, nil
}

13
filestore_memory_test.go Normal file
View File

@ -0,0 +1,13 @@
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestMemoryFileStore(t *testing.T) {
s := gpaste.NewMemoryFileStore()
RunFilestoreTest(s, t)
}

157
filestore_test.go Normal file
View File

@ -0,0 +1,157 @@
package gpaste_test
import (
"bytes"
"io"
"strings"
"testing"
"time"
"git.t-juice.club/torjus/gpaste"
"github.com/google/go-cmp/cmp"
"github.com/google/uuid"
)
func RunFilestoreTest(s gpaste.FileStore, t *testing.T) {
t.Run("Basic", func(t *testing.T) {
// Create
dataString := "TEST_LOL_OMG"
id := uuid.Must(uuid.NewRandom()).String()
bodyBuf := &bytes.Buffer{}
bodyBuf.Write([]byte(dataString))
body := io.NopCloser(bodyBuf)
f := &gpaste.File{
ID: id,
MaxViews: 0,
Body: body,
}
err := s.Store(f)
if err != nil {
t.Fatalf("Unable to store file: %s", err)
}
// Retrieve
retrieved, err := s.Get(id)
if err != nil {
t.Fatalf("Unable to retrieve file: %s", err)
}
retrievedBuf := &bytes.Buffer{}
_, err = retrievedBuf.ReadFrom(retrieved.Body)
if err != nil {
t.Fatalf("Unable to read retrieved body: %s", err)
}
_ = retrieved.Body.Close()
if err != nil {
t.Fatalf("Error reading from retrieved file: %s", err)
}
if retrievedBuf.String() != dataString {
t.Fatalf("Data from retrieved body mismatch. Got %s want %s", retrievedBuf.String(), dataString)
}
// List
ids, err := s.List()
if err != nil {
t.Fatalf("Error doing list: %s", err)
}
if len(ids) != 1 {
t.Fatalf("List has wrong length: %d", len(ids))
}
if ids[0] != id {
t.Fatalf("ID is wrong. Got %s want %s", ids[0], id)
}
// Delete
if err := s.Delete(id); err != nil {
t.Fatalf("Error deleting file: %s", err)
}
ids, err = s.List()
if err != nil {
t.Fatalf("Error listing after delete: %s", err)
}
if len(ids) != 0 {
t.Fatalf("List after delete has wrong length: %d", len(ids))
}
})
}
func RunPersistentFilestoreTest(newStoreFunc func() gpaste.FileStore, t *testing.T) {
s := newStoreFunc()
files := []struct {
File *gpaste.File
ExpectedData string
}{
{
File: &gpaste.File{
ID: uuid.NewString(),
OriginalFilename: "testfile.txt",
MaxViews: 5,
ExpiresOn: time.Now().Add(10 * time.Minute),
Body: io.NopCloser(strings.NewReader("cocks!")),
},
ExpectedData: "cocks!",
},
{
File: &gpaste.File{
ID: uuid.NewString(),
OriginalFilename: "testfile2.txt",
MaxViews: 5,
ExpiresOn: time.Now().Add(10 * time.Minute),
Body: io.NopCloser(strings.NewReader("derps!")),
},
ExpectedData: "derps!",
},
}
for _, f := range files {
err := s.Store(f.File)
if err != nil {
t.Fatalf("Error storing file: %s", err)
}
}
for _, f := range files {
retrieved, err := s.Get(f.File.ID)
if err != nil {
t.Fatalf("Unable to retrieve file: %s", err)
}
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
if !cmp.Equal(retrieved, f.File, ignoreBody) {
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
}
buf := new(strings.Builder)
if _, err := io.Copy(buf, retrieved.Body); err != nil {
t.Fatalf("Error reading from body: %s", err)
}
retrieved.Body.Close()
if buf.String() != f.ExpectedData {
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
}
}
// Reopen store, and fetch again
s = newStoreFunc()
for _, f := range files {
retrieved, err := s.Get(f.File.ID)
if err != nil {
t.Fatalf("Unable to retrieve file: %s", err)
}
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
if !cmp.Equal(retrieved, f.File, ignoreBody) {
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
}
buf := new(strings.Builder)
if _, err := io.Copy(buf, retrieved.Body); err != nil {
t.Fatalf("Error reading from body: %s", err)
}
retrieved.Body.Close()
if buf.String() != f.ExpectedData {
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
}
}
}

12
go.mod
View File

@ -2,17 +2,18 @@ module git.t-juice.club/torjus/gpaste
go 1.17
require github.com/google/uuid v1.3.0
require github.com/go-chi/chi/v5 v5.0.7
require (
github.com/go-chi/chi/v5 v5.0.7
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/google/go-cmp v0.5.7
github.com/google/uuid v1.3.0
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
github.com/google/go-cmp v0.5.6
github.com/pelletier/go-toml v1.9.4
github.com/urfave/cli/v2 v2.3.0
go.etcd.io/bbolt v1.3.6
go.uber.org/zap v1.20.0
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
)
@ -22,5 +23,4 @@ require (
go.uber.org/atomic v1.9.0 // indirect
go.uber.org/multierr v1.7.0 // indirect
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
)

10
go.sum
View File

@ -11,12 +11,10 @@ github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8=
github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f h1:dKccXx7xA56UNqOcFIbuqFjAWPVtP688j5QMgmo6OHU=
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f/go.mod h1:4rEELDSfUAlBSyUjPG0JnaNGjf13JySHFeRdD/3dLP0=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@ -51,8 +49,8 @@ go.uber.org/zap v1.20.0 h1:N4oPlghZwYG55MlU6LXk/Zp00FVNE9X9wrYO8CEs4lc=
go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8 h1:kACShD3qhmr/3rLmg1yXyt+N4HcwutKyPRB93s54TIU=
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce h1:Roh6XWxHFKrPgC/EQhVubSAGQ6Ozk6IdxHSzt1mR0EI=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=

190
http.go Normal file
View File

@ -0,0 +1,190 @@
package gpaste
import (
"encoding/json"
"io"
"net/http"
"strings"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
"github.com/google/uuid"
"go.uber.org/zap"
)
type HTTPServer struct {
Files FileStore
Users UserStore
Auth *AuthService
config *ServerConfig
Logger *zap.SugaredLogger
AccessLogger *zap.SugaredLogger
http.Server
}
func NewHTTPServer(cfg *ServerConfig) *HTTPServer {
srv := &HTTPServer{
config: cfg,
Logger: zap.NewNop().Sugar(),
AccessLogger: zap.NewNop().Sugar(),
}
srv.Files = NewMemoryFileStore()
srv.Users = NewMemoryUserStore()
srv.Auth = NewAuthService(srv.Users, []byte(srv.config.SigningSecret))
// Create initial user
// TODO: Do properly
user := &User{Username: "admin"}
user.SetPassword("admin")
srv.Users.Store(user)
r := chi.NewRouter()
r.Use(middleware.RealIP)
r.Use(middleware.RequestID)
r.Use(srv.MiddlewareAccessLogger)
r.Use(srv.MiddlewareAuthentication)
r.Get("/", srv.HandlerIndex)
r.Post("/api/file", srv.HandlerAPIFilePost)
r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
r.Post("/api/login", srv.HandlerAPILogin)
srv.Handler = r
return srv
}
func (s *HTTPServer) HandlerIndex(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte("index"))
}
func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request) {
f := &File{
ID: uuid.Must(uuid.NewRandom()).String(),
Body: r.Body,
}
reqID := middleware.GetReqID(r.Context())
// Check if multipart form
ct := r.Header.Get("Content-Type")
if strings.Contains(ct, "multipart/form-data") {
s.processMultiPartFormUpload(w, r)
return
}
err := s.Files.Store(f)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return
}
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "remote_addr", r.RemoteAddr)
var resp = struct {
Message string `json:"message"`
ID string `json:"id"`
URL string `json:"url"`
}{
Message: "OK",
ID: f.ID,
URL: "TODO",
}
w.WriteHeader(http.StatusAccepted)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&resp); err != nil {
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
id := chi.URLParam(r, "id")
if id == "" {
w.WriteHeader(http.StatusBadRequest)
return
}
f, err := s.Files.Get(id)
if err != nil {
// TODO: LOG
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusOK)
if _, err := io.Copy(w, f.Body); err != nil {
reqID := middleware.GetReqID(r.Context())
s.Logger.Warnw("Error writing file to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
type resp struct {
Message string `json:"message"`
ID string `json:"id"`
URL string `json:"url"`
}
var responses []resp
if err := r.ParseMultipartForm(1024 * 1024 * 10); err != nil {
s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
}
for k := range r.MultipartForm.File {
ff, fh, err := r.FormFile(k)
if err != nil {
s.Logger.Warnw("Error reading file from multipart form.", "req_id", reqID, "error", err)
return
}
f := &File{
ID: uuid.Must(uuid.NewRandom()).String(),
OriginalFilename: fh.Filename,
Body: ff,
}
if err := s.Files.Store(f); err != nil {
w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return
}
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
responses = append(responses, resp{Message: "OK", ID: f.ID, URL: "TODO"})
}
w.WriteHeader(http.StatusAccepted)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&responses); err != nil {
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
expectedRequest := struct {
Username string `json:"username"`
Password string `json:"password"`
}{}
decoder := json.NewDecoder(r.Body)
defer r.Body.Close()
if err := decoder.Decode(&expectedRequest); err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
token, err := s.Auth.Login(expectedRequest.Username, expectedRequest.Password)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
response := struct {
Token string `json:"token"`
}{
Token: token,
}
s.Logger.Infow("User logged in.", "req_id", reqID, "username", expectedRequest.Username)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&response); err != nil {
s.Logger.Infow("Error encoding json response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}

144
http_test.go Normal file
View File

@ -0,0 +1,144 @@
package gpaste_test
import (
"bytes"
"encoding/json"
"fmt"
"io"
"mime/multipart"
"net/http"
"net/http/httptest"
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestHandlers(t *testing.T) {
cfg := &gpaste.ServerConfig{
SigningSecret: "abc123",
Store: &gpaste.ServerStoreConfig{
Type: "memory",
},
URL: "http://localhost:8080",
}
hs := gpaste.NewHTTPServer(cfg)
t.Run("HandlerIndex", func(t *testing.T) {
rr := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodGet, "/", nil)
hs.Handler.ServeHTTP(rr, req)
if status := rr.Code; status != http.StatusOK {
t.Errorf("Returned unexpected status")
}
expectedBody := "index"
if body := rr.Body.String(); body != expectedBody {
t.Errorf("Body does not match expected. Got %s want %s", body, expectedBody)
}
})
t.Run("HandlerAPIFilePost", func(t *testing.T) {
rr := httptest.NewRecorder()
buf := &bytes.Buffer{}
mw := multipart.NewWriter(buf)
fw, err := mw.CreateFormFile("test", "test.txt")
if err != nil {
t.Fatalf("Unable to create form file: %s", err)
}
expectedData := "Test OMEGALUL PLS."
if _, err := io.WriteString(fw, expectedData); err != nil {
t.Fatalf("Unable to write body to buffer: %s", err)
}
mw.Close()
req := httptest.NewRequest(http.MethodPost, "/api/file", buf)
req.Header.Add("Content-Type", mw.FormDataContentType())
hs.Handler.ServeHTTP(rr, req)
if status := rr.Code; status != http.StatusAccepted {
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
}
var expectedResp []struct {
Message string `json:"message"`
ID string `json:"id"`
URL string `json:"url"`
}
decoder := json.NewDecoder(rr.Result().Body)
if err := decoder.Decode(&expectedResp); err != nil {
t.Fatalf("error decoding response: %s", err)
}
if l := len(expectedResp); l != 1 {
t.Errorf("Response has wrong length. Got %d want %d", l, 1)
}
uploadID := expectedResp[0].ID
if uploadID == "" {
t.Errorf("Response has empty id")
}
t.Run("HandlerAPIFileGet", func(t *testing.T) {
rr := httptest.NewRecorder()
url := fmt.Sprintf("/api/file/%s", uploadID)
req := httptest.NewRequest(http.MethodGet, url, nil)
hs.Handler.ServeHTTP(rr, req)
if status := rr.Code; status != http.StatusOK {
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
t.Logf(url)
}
if body := rr.Body.String(); body != expectedData {
t.Errorf("Returned body does not match expected.")
}
})
})
t.Run("HandlerAPILogin", func(t *testing.T) {
// TODO: Add test
username := "admin"
password := "admin"
user := &gpaste.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting user password: %s", err)
}
if err := hs.Users.Store(user); err != nil {
t.Fatalf("Error storing user: %s", err)
}
requestData := struct {
Username string `json:"username"`
Password string `json:"password"`
}{
Username: username,
Password: password,
}
body := new(bytes.Buffer)
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
t.Fatalf("Error encoding request body: %s", err)
}
rr := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodPost, "/api/login", body)
hs.Handler.ServeHTTP(rr, req)
responseData := struct {
Token string `json:"token"`
}{}
decoder := json.NewDecoder(rr.Body)
if err := decoder.Decode(&responseData); err != nil {
t.Fatalf("Error decoding response: %s", err)
}
if _, err := hs.Auth.ValidateToken(responseData.Token); err != nil {
t.Fatalf("Unable to validate received token: %s", err)
}
})
}

85
api/middleware.go → middleware.go
View File

@ -1,4 +1,4 @@
package api
package gpaste
import (
"context"
@ -7,10 +7,7 @@ import (
"strings"
"time"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/users"
"github.com/go-chi/chi/v5/middleware"
"go.uber.org/zap"
)
type authCtxKey int
@ -18,7 +15,6 @@ type authCtxKey int
const (
authCtxUsername authCtxKey = iota
authCtxAuthLevel
authCtxClaims
)
func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
@ -28,82 +24,50 @@ func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
reqID := middleware.GetReqID(r.Context())
// TODO: Maybe desugar in HTTPServer to avoid doing for all requests
logger := s.AccessLogger.Desugar()
defer func() {
// DEBUG level
if ce := logger.Check(zap.DebugLevel, r.Method); ce != nil {
ct := r.Header.Get("Content-Type")
ce.Write(
zap.String("req_id", reqID),
zap.String("path", r.URL.Path),
zap.Int("status", ww.Status()),
zap.String("remote_addr", r.RemoteAddr),
zap.Int("bytes_written", ww.BytesWritten()),
zap.Duration("processing_time", time.Since(t1)),
zap.String("content_type", ct),
zap.Any("headers", r.Header),
)
} else {
// INFO level
if ce := logger.Check(zap.InfoLevel, r.Method); ce != nil {
ce.Write(
zap.String("req_id", reqID),
zap.String("path", r.URL.Path),
zap.Int("status", ww.Status()),
zap.String("remote_addr", r.RemoteAddr),
zap.Int("bytes_written", ww.BytesWritten()),
zap.Duration("processing_time", time.Since(t1)),
)
}
}
_ = logger.Sync()
s.AccessLogger.Infow(r.Method,
"path", r.URL.Path,
"status", ww.Status(),
"written", ww.BytesWritten(),
"remote_addr", r.RemoteAddr,
"processing_time_ms", time.Since(t1).Milliseconds(),
"req_id", reqID)
}()
next.ServeHTTP(ww, r)
}
return http.HandlerFunc(fn)
}
func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
header := r.Header.Get("Authorization")
if header == "" {
s.Logger.Debugw("Request has no auth header.", "req_id", reqID)
next.ServeHTTP(w, r)
return
}
splitHeader := strings.Split(header, "Bearer ")
if len(splitHeader) != 2 { // nolint: gomnd
if len(splitHeader) != 2 {
s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
next.ServeHTTP(w, r)
return
}
token := splitHeader[1]
claims, err := s.Auth.ValidateToken(token)
if err != nil {
s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
next.ServeHTTP(w, r)
return
}
ctx := context.WithValue(r.Context(), authCtxUsername, claims.Subject)
ctx = context.WithValue(ctx, authCtxAuthLevel, claims.Role)
ctx = context.WithValue(ctx, authCtxClaims, claims)
ctx = context.WithValue(ctx, authCtxAuthLevel, AuthLevelUser)
withCtx := r.WithContext(ctx)
s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject, "role", claims.Role)
s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject)
next.ServeHTTP(w, withCtx)
}
@ -114,41 +78,24 @@ func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
func UsernameFromRequest(r *http.Request) (string, error) {
rawUsername := r.Context().Value(authCtxUsername)
if rawUsername == nil {
return "", fmt.Errorf("no username")
}
username, ok := rawUsername.(string)
if !ok {
return "", fmt.Errorf("no username")
}
return username, nil
}
func RoleFromRequest(r *http.Request) (users.Role, error) {
func AuthLevelFromRequest(r *http.Request) (AuthLevel, error) {
rawLevel := r.Context().Value(authCtxAuthLevel)
if rawLevel == nil {
return users.RoleUnset, fmt.Errorf("no username")
return AuthLevelUnset, fmt.Errorf("no username")
}
level, ok := rawLevel.(users.Role)
level, ok := rawLevel.(AuthLevel)
if !ok {
return users.RoleUnset, fmt.Errorf("no username")
return AuthLevelUnset, fmt.Errorf("no username")
}
return level, nil
}
func ClaimsFromRequest(r *http.Request) *gpaste.Claims {
rawClaims := r.Context().Value(authCtxAuthLevel)
if rawClaims == nil {
return nil
}
claims, ok := rawClaims.(*gpaste.Claims)
if !ok {
return nil
}
return claims
}

17
users/user.go → user.go
View File

@ -1,10 +1,6 @@
package users
package gpaste
import (
"fmt"
"golang.org/x/crypto/bcrypt"
)
import "golang.org/x/crypto/bcrypt"
type Role string
@ -16,17 +12,14 @@ const (
type User struct {
Username string `json:"username"`
HashedPassword []byte `json:"hashedPassword"`
Role Role `json:"role"`
HashedPassword []byte `json:"hashed_password"`
Roles []Role `json:"roles"`
}
var ErrNoSuchUser = fmt.Errorf("no such user")
type UserStore interface {
Get(username string) (*User, error)
Store(user *User) error
Delete(username string) error
List() ([]string, error)
}
func (u *User) ValidatePassword(password string) error {
@ -38,8 +31,6 @@ func (u *User) SetPassword(password string) error {
if err != nil {
return err
}
u.HashedPassword = hashed
return nil
}

6
users/user_test.go → user_test.go
View File

@ -1,10 +1,10 @@
package users_test
package gpaste_test
import (
"math/rand"
"testing"
"git.t-juice.club/torjus/gpaste/users"
"git.t-juice.club/torjus/gpaste"
)
func TestUser(t *testing.T) {
@ -15,7 +15,7 @@ func TestUser(t *testing.T) {
}
for username, password := range userMap {
user := &users.User{Username: username}
user := &gpaste.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting password: %s", err)
}

15
users/userstore_memory_test.go
View File

@ -1,15 +0,0 @@
package users_test
import (
"testing"
"git.t-juice.club/torjus/gpaste/users"
)
func TestMemoryUserStore(t *testing.T) {
newFunc := func() (func(), users.UserStore) {
return func() {}, users.NewMemoryUserStore()
}
RunUserStoreTest(newFunc, t)
}

29
users/userstore_bolt.go → userstore_bolt.go
View File

@ -1,4 +1,4 @@
package users
package gpaste
import (
"encoding/json"
@ -6,8 +6,6 @@ import (
"go.etcd.io/bbolt"
)
var _ UserStore = &BoltUserStore{}
var keyUsers = []byte("users")
type BoltUserStore struct {
@ -15,7 +13,7 @@ type BoltUserStore struct {
}
func NewBoltUserStore(path string) (*BoltUserStore, error) {
db, err := bbolt.Open(path, 0o666, nil) // nolint: gomnd
db, err := bbolt.Open(path, 0666, nil)
if err != nil {
return nil, err
}
@ -36,7 +34,6 @@ func (s *BoltUserStore) Close() error {
func (s *BoltUserStore) Get(username string) (*User, error) {
var user User
err := s.db.View(func(tx *bbolt.Tx) error {
bkt := tx.Bucket(keyUsers)
rawUser := bkt.Get([]byte(username))
@ -48,7 +45,6 @@ func (s *BoltUserStore) Get(username string) (*User, error) {
if err != nil {
return nil, err
}
return &user, nil
}
@ -71,24 +67,3 @@ func (s *BoltUserStore) Delete(username string) error {
return bkt.Delete([]byte(username))
})
}
func (s *BoltUserStore) List() ([]string, error) {
var ids []string
err := s.db.View(func(tx *bbolt.Tx) error {
bkt := tx.Bucket(keyUsers)
c := bkt.Cursor()
for k, _ := c.First(); k != nil; k, _ = c.Next() {
ids = append(ids, string(k))
}
return nil
})
if err != nil {
return nil, err
}
return ids, nil
}

8
users/userstore_bolt_test.go → userstore_bolt_test.go
View File

@ -1,18 +1,18 @@
package users_test
package gpaste_test
import (
"path/filepath"
"testing"
"git.t-juice.club/torjus/gpaste/users"
"git.t-juice.club/torjus/gpaste"
)
func TestBoltUserStore(t *testing.T) {
tmpDir := t.TempDir()
newFunc := func() (func(), users.UserStore) {
newFunc := func() (func(), gpaste.UserStore) {
tmpFile := filepath.Join(tmpDir, randomString(8))
store, err := users.NewBoltUserStore(tmpFile)
store, err := gpaste.NewBoltUserStore(tmpFile)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}

23
users/userstore_memory.go → userstore_memory.go
View File

@ -1,12 +1,10 @@
package users
package gpaste
import (
"fmt"
"sync"
)
var _ UserStore = &MemoryUserStore{}
type MemoryUserStore struct {
users map[string]*User
lock sync.Mutex
@ -15,13 +13,10 @@ type MemoryUserStore struct {
func NewMemoryUserStore() *MemoryUserStore {
return &MemoryUserStore{users: make(map[string]*User)}
}
func (s *MemoryUserStore) Get(username string) (*User, error) {
s.lock.Lock()
defer s.lock.Unlock()
user, ok := s.users[username]
if !ok {
return nil, fmt.Errorf("no such user: %s", username)
}
@ -32,29 +27,13 @@ func (s *MemoryUserStore) Get(username string) (*User, error) {
func (s *MemoryUserStore) Store(user *User) error {
s.lock.Lock()
defer s.lock.Unlock()
s.users[user.Username] = user
return nil
}
func (s *MemoryUserStore) Delete(username string) error {
s.lock.Lock()
defer s.lock.Unlock()
delete(s.users, username)
return nil
}
func (s *MemoryUserStore) List() ([]string, error) {
s.lock.Lock()
defer s.lock.Unlock()
ids := make([]string, 0, len(s.users))
for k := range s.users {
ids = append(ids, k)
}
return ids, nil
}

15
userstore_memory_test.go Normal file
View File

@ -0,0 +1,15 @@
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestMemoryUserStore(t *testing.T) {
newFunc := func() (func(), gpaste.UserStore) {
return func() {}, gpaste.NewMemoryUserStore()
}
RunUserStoreTest(newFunc, t)
}

34
users/userstore_test.go → userstore_test.go
View File

@ -1,26 +1,26 @@
package users_test
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste/users"
"git.t-juice.club/torjus/gpaste"
"github.com/google/go-cmp/cmp"
)
func RunUserStoreTest(newFunc func() (func(), users.UserStore), t *testing.T) {
func RunUserStoreTest(newFunc func() (func(), gpaste.UserStore), t *testing.T) {
t.Run("Basics", func(t *testing.T) {
cleanup, s := newFunc()
t.Cleanup(cleanup)
userMap := make(map[string]*users.User)
userMap := make(map[string]*gpaste.User)
passwordMap := make(map[string]string)
for i := 0; i < 10; i++ {
username := randomString(8)
password := randomString(16)
passwordMap[username] = password
user := &users.User{
user := &gpaste.User{
Username: username,
Role: users.RoleAdmin,
Roles: []gpaste.Role{gpaste.RoleAdmin},
}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting password: %s", err)
@ -47,27 +47,5 @@ func RunUserStoreTest(newFunc func() (func(), users.UserStore), t *testing.T) {
t.Errorf("User mismatch: %s", cmp.Diff(user, userMap[k]))
}
}
l, err := s.List()
if err != nil {
t.Fatalf("Error listing users: %s", err)
}
if len(l) != len(userMap) {
t.Errorf("List wrong amount of users.")
}
for _, username := range l {
if err := s.Delete(username); err != nil {
t.Fatalf("Error deleting user: %s", err)
}
}
l, err = s.List()
if err != nil {
t.Fatalf("Error listing after delete: %s", err)
}
if len(l) != 0 {
t.Fatalf("List is not empty after deleting all")
}
})
}