torjus/gpaste
1
0
Fork 0
Code Issues 1 Pull Requests Releases 16 Activity

Compare commits

base: torjus:master
Branches Tags
torjus:master
torjus:v0.3.12
torjus:v0.3.11
torjus:v0.3.10
torjus:v0.3.9
torjus:v0.3.8
torjus:v0.3.7
torjus:v0.3.6
torjus:v0.3.5
torjus:v0.3.4
torjus:v0.3.3
torjus:v0.3.2
torjus:v0.3.1
torjus:v0.3.0
torjus:v0.2.0
torjus:v0.1.4
torjus:v0.1.3
torjus:v0.1.2
torjus:v0.1.1
..
compare: torjus:v0.3.7
Branches Tags
torjus:master
torjus:v0.3.12
torjus:v0.3.11
torjus:v0.3.10
torjus:v0.3.9
torjus:v0.3.8
torjus:v0.3.7
torjus:v0.3.6
torjus:v0.3.5
torjus:v0.3.4
torjus:v0.3.3
torjus:v0.3.2
torjus:v0.3.1
torjus:v0.3.0
torjus:v0.2.0
torjus:v0.1.4
torjus:v0.1.3
torjus:v0.1.2
torjus:v0.1.1

No commits in common. "master" and "v0.3.7" have entirely different histories.
master ... v0.3.7

26 changed files with 162 additions and 509 deletions
Show Stats Expand all files Collapse all files

35
.golangci.yml
View File

@ -1,35 +0,0 @@
run:
tests: false
linters:
enable:
- deadcode
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- structcheck
- typecheck
- unused
- varcheck
- gosec
- asciicheck
- bidichk
- bodyclose
- gomnd
- ifshort
- misspell
- prealloc
- tagliatelle
- ireturn
- gocritic
- whitespace
- stylecheck
- exportloopref
- godot
- gofumpt
linters-settings:
gomnd:
ignored-functions:
- "strconv.ParseUint"

21
.goreleaser.yaml
View File

@ -6,7 +6,6 @@ before:
- go mod tidy
# you may remove this if you don't need go generate
- go generate ./...
builds:
- id: "gpaste-client"
binary: "gpaste"
@ -29,42 +28,22 @@ builds:
goarch:
- amd64
main: ./cmd/server/server.go
archives:
- format_overrides:
- goos: windows
format: zip
checksum:
name_template: 'checksums.txt'
snapshot:
name_template: "{{ incpatch .Version }}-next"
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
scoop:
url_template: "https://git.t-juice.club/torjus/gpaste/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
bucket:
owner: torjus
name: scoop-tjuice
branch: master
folder: bucket
commit_author:
name: ci.t-juice.club
email: ci@t-juice.club
commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}"
homepage: "https://git.t-juice.club/torjus/gpaste"
description: "Simple pastebin-style thingie."
gitea_urls:
api: https://git.t-juice.club/api/v1/
download: https://git.t-juice.club
env_files:
gitea_token: gitea_token

10
.woodpecker.yml
View File

@ -4,20 +4,12 @@ pipeline:
commands:
- go build -o gpaste-client ./cmd/client/client.go
- go build -o gpaste-server ./cmd/server/server.go
- go test -cover -coverprofile="/tmp/cover.out" ./...
- go tool cover -func="/tmp/cover.out"
- go test -cover ./...
- go vet ./...
when:
branch: master
event: [push, pull_request, tag, deployment]
lint:
image: golangci/golangci-lint:v1.43.0
commands:
- golangci-lint run
when:
event: [push, pull_request]
image-latest:
image: plugins/docker
settings:

67
api/http.go
View File

@ -4,7 +4,6 @@ import (
"encoding/json"
"io"
"net/http"
"path"
"strconv"
"strings"
"time"
@ -18,8 +17,6 @@ import (
"go.uber.org/zap"
)
const multipartMaxMemory = 1024 * 1024 * 100
type HTTPServer struct {
Files files.FileStore
Users users.UserStore
@ -35,11 +32,16 @@ func NewHTTPServer(cfg *gpaste.ServerConfig) *HTTPServer {
config: cfg,
Logger: zap.NewNop().Sugar(),
AccessLogger: zap.NewNop().Sugar(),
Files: files.NewMemoryFileStore(),
Users: users.NewMemoryUserStore(),
}
signingSecret, _ := uuid.Must(uuid.NewRandom()).MarshalBinary()
srv.Auth = gpaste.NewAuthService(srv.Users, signingSecret)
srv.Files = files.NewMemoryFileStore()
srv.Users = users.NewMemoryUserStore()
srv.Auth = gpaste.NewAuthService(srv.Users, []byte(srv.config.SigningSecret))
// Create initial user
// TODO: Do properly
user := &users.User{Username: "admin", Role: users.RoleAdmin}
user.SetPassword("admin")
srv.Users.Store(user)
r := chi.NewRouter()
r.Use(middleware.RealIP)
@ -79,25 +81,19 @@ func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return
}
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "remote_addr", r.RemoteAddr)
fileURL := path.Join(s.config.URL, "/api/file", f.ID)
resp := &ResponseAPIFilePost{
var resp = struct {
Message string `json:"message"`
ID string `json:"id"`
URL string `json:"url"`
}{
Message: "OK",
Files: []ResponseAPIFilePostFiles{
{
ID: f.ID,
URL: fileURL,
},
},
URL: "TODO",
}
w.WriteHeader(http.StatusAccepted)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&resp); err != nil {
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
@ -119,7 +115,6 @@ func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
}
w.WriteHeader(http.StatusOK)
if _, err := io.Copy(w, f.Body); err != nil {
reqID := middleware.GetReqID(r.Context())
s.Logger.Warnw("Error writing file to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
@ -134,11 +129,11 @@ func (s *HTTPServer) HandlerAPIFileDelete(w http.ResponseWriter, r *http.Request
return
}
if err := s.Files.Delete(id); err != nil {
err := s.Files.Delete(id)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
reqID := middleware.GetReqID(r.Context())
s.Logger.Infow("Deleted file", "id", id, "req_id", reqID)
}
@ -146,19 +141,17 @@ func (s *HTTPServer) HandlerAPIFileDelete(w http.ResponseWriter, r *http.Request
func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
var resp ResponseAPIFilePost
var responses []ResponseAPIFilePost
if err := r.ParseMultipartForm(multipartMaxMemory); err != nil {
if err := r.ParseMultipartForm(1024 * 1024 * 10); err != nil {
s.Logger.Warnw("Error parsing multipart form.", "req_id", reqID, "err", err)
}
for k := range r.MultipartForm.File {
ff, fh, err := r.FormFile(k)
if err != nil {
s.Logger.Warnw("Error reading file from multipart form.", "req_id", reqID, "error", err)
return
}
f := fileFromParams(r)
f.ID = uuid.NewString()
f.OriginalFilename = fh.Filename
@ -167,33 +160,26 @@ func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.R
if err := s.Files.Store(f); err != nil {
w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return
}
s.Logger.Infow("Stored file.", "req_id", reqID, "id", f.ID, "filename", f.OriginalFilename, "remote_addr", r.RemoteAddr)
fileURL := path.Join(s.config.URL, "/api/file", f.ID)
fileResponse := ResponseAPIFilePostFiles{ID: f.ID, URL: fileURL}
resp.Files = append(resp.Files, fileResponse)
responses = append(responses, ResponseAPIFilePost{Message: "OK", ID: f.ID, URL: "TODO"})
}
w.WriteHeader(http.StatusAccepted)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&resp); err != nil {
if err := encoder.Encode(&responses); err != nil {
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}
func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
var expectedRequest RequestAPILogin
decoder := json.NewDecoder(r.Body)
defer r.Body.Close()
if err := decoder.Decode(&expectedRequest); err != nil {
w.WriteHeader(http.StatusBadRequest)
return
@ -228,12 +214,10 @@ func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request
}
var req RequestAPIUserCreate
decoder := json.NewDecoder(r.Body)
if err := decoder.Decode(&req); err != nil {
s.Logger.Debugw("Error parsing request.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
w.WriteHeader(http.StatusBadRequest)
return
}
@ -242,17 +226,14 @@ func (s *HTTPServer) HandlerAPIUserCreate(w http.ResponseWriter, r *http.Request
if err := user.SetPassword(req.Password); err != nil {
s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
w.WriteHeader(http.StatusBadRequest)
return
}
if err := s.Users.Store(user); err != nil {
s.Logger.Warnw("Error setting user password.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusAccepted)
s.Logger.Infow("Created user.", "req_id", reqID, "remote_addr", r.RemoteAddr, "username", req.Username)
}
@ -264,7 +245,6 @@ func (s *HTTPServer) HandlerAPIUserList(w http.ResponseWriter, r *http.Request)
if err != nil {
s.Logger.Warnw("Error listing users.", "req_id", reqID, "error", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
@ -279,13 +259,12 @@ func fileFromParams(r *http.Request) *files.File {
keyMaxViews = "max_views"
keyExpiresOn = "exp"
)
var f files.File
q := r.URL.Query()
if q.Has(keyMaxViews) {
views, err := strconv.ParseUint(q.Get(keyMaxViews), 10, 64) // nolint: gomnd
views, err := strconv.ParseUint(q.Get(keyMaxViews), 10, 64)
if err == nil {
f.MaxViews = uint(views)
}

10
api/http_test.go
View File

@ -73,18 +73,22 @@ func TestHandlers(t *testing.T) {
t.Errorf("Returned unexpected status. Got %d want %d", status, http.StatusAccepted)
}
var expectedResp api.ResponseAPIFilePost
var expectedResp []struct {
Message string `json:"message"`
ID string `json:"id"`
URL string `json:"url"`
}
decoder := json.NewDecoder(rr.Result().Body)
if err := decoder.Decode(&expectedResp); err != nil {
t.Fatalf("error decoding response: %s", err)
}
if l := len(expectedResp.Files); l != 1 {
if l := len(expectedResp); l != 1 {
t.Errorf("Response has wrong length. Got %d want %d", l, 1)
}
uploadID := expectedResp.Files[0].ID
uploadID := expectedResp[0].ID
if uploadID == "" {
t.Errorf("Response has empty id")
}

5
api/json.go
View File

@ -13,13 +13,8 @@ type RequestAPILogin struct {
type ResponseAPILogin struct {
Token string `json:"token"`
}
type ResponseAPIFilePost struct {
Message string `json:"message"`
Files []ResponseAPIFilePostFiles `json:"files"`
}
type ResponseAPIFilePostFiles struct {
ID string `json:"id"`
URL string `json:"url"`
}

54
api/middleware.go
View File

@ -10,7 +10,6 @@ import (
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/users"
"github.com/go-chi/chi/v5/middleware"
"go.uber.org/zap"
)
type authCtxKey int
@ -28,73 +27,43 @@ func (s *HTTPServer) MiddlewareAccessLogger(next http.Handler) http.Handler {
reqID := middleware.GetReqID(r.Context())
// TODO: Maybe desugar in HTTPServer to avoid doing for all requests
logger := s.AccessLogger.Desugar()
defer func() {
// DEBUG level
if ce := logger.Check(zap.DebugLevel, r.Method); ce != nil {
ct := r.Header.Get("Content-Type")
ce.Write(
zap.String("req_id", reqID),
zap.String("path", r.URL.Path),
zap.Int("status", ww.Status()),
zap.String("remote_addr", r.RemoteAddr),
zap.Int("bytes_written", ww.BytesWritten()),
zap.Duration("processing_time", time.Since(t1)),
zap.String("content_type", ct),
zap.Any("headers", r.Header),
)
} else {
// INFO level
if ce := logger.Check(zap.InfoLevel, r.Method); ce != nil {
ce.Write(
zap.String("req_id", reqID),
zap.String("path", r.URL.Path),
zap.Int("status", ww.Status()),
zap.String("remote_addr", r.RemoteAddr),
zap.Int("bytes_written", ww.BytesWritten()),
zap.Duration("processing_time", time.Since(t1)),
)
}
}
_ = logger.Sync()
s.AccessLogger.Infow(r.Method,
"path", r.URL.Path,
"status", ww.Status(),
"written", ww.BytesWritten(),
"remote_addr", r.RemoteAddr,
"processing_time_ms", time.Since(t1).Milliseconds(),
"req_id", reqID)
}()
next.ServeHTTP(ww, r)
}
return http.HandlerFunc(fn)
}
func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
header := r.Header.Get("Authorization")
if header == "" {
s.Logger.Debugw("Request has no auth header.", "req_id", reqID)
next.ServeHTTP(w, r)
return
}
splitHeader := strings.Split(header, "Bearer ")
if len(splitHeader) != 2 { // nolint: gomnd
if len(splitHeader) != 2 {
s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
next.ServeHTTP(w, r)
return
}
token := splitHeader[1]
claims, err := s.Auth.ValidateToken(token)
if err != nil {
s.Logger.Debugw("Request has invalid token.", "req_id", reqID)
next.ServeHTTP(w, r)
return
}
@ -102,7 +71,6 @@ func (s *HTTPServer) MiddlewareAuthentication(next http.Handler) http.Handler {
ctx = context.WithValue(ctx, authCtxAuthLevel, claims.Role)
ctx = context.WithValue(ctx, authCtxClaims, claims)
withCtx := r.WithContext(ctx)
s.Logger.Debugw("Request is authenticated.", "req_id", reqID, "username", claims.Subject, "role", claims.Role)
next.ServeHTTP(w, withCtx)
@ -116,12 +84,10 @@ func UsernameFromRequest(r *http.Request) (string, error) {
if rawUsername == nil {
return "", fmt.Errorf("no username")
}
username, ok := rawUsername.(string)
if !ok {
return "", fmt.Errorf("no username")
}
return username, nil
}
@ -130,12 +96,10 @@ func RoleFromRequest(r *http.Request) (users.Role, error) {
if rawLevel == nil {
return users.RoleUnset, fmt.Errorf("no username")
}
level, ok := rawLevel.(users.Role)
if !ok {
return users.RoleUnset, fmt.Errorf("no username")
}
return level, nil
}
@ -144,11 +108,9 @@ func ClaimsFromRequest(r *http.Request) *gpaste.Claims {
if rawClaims == nil {
return nil
}
claims, ok := rawClaims.(*gpaste.Claims)
if !ok {
return nil
}
return claims
}

2
auth.go
View File

@ -44,7 +44,6 @@ func (as *AuthService) Login(username, password string) (string, error) {
claims.Role = user.Role
token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
signed, err := token.SignedString(as.hmacSecret)
if err != nil {
return "", err
@ -61,7 +60,6 @@ func (as *AuthService) ValidateToken(rawToken string) (*Claims, error) {
if err != nil {
return nil, err
}
if !token.Valid {
return nil, fmt.Errorf("invalid token")
}

30
client/client.go
View File

@ -18,11 +18,9 @@ import (
"github.com/kirsle/configdir"
)
const defaultTimeout = 10 * time.Second
type Client struct {
BaseURL string `json:"baseUrl"`
AuthToken string `json:"authToken"`
BaseURL string `json:"base_url"`
AuthToken string `json:"auth_token"`
httpClient http.Client
}
@ -31,7 +29,6 @@ func (c *Client) WriteConfigToWriter(w io.Writer) error {
encoder := json.NewEncoder(w)
return encoder.Encode(c)
}
func (c *Client) WriteConfig() error {
dir := configdir.LocalConfig("gpaste")
// Ensure dir exists
@ -39,9 +36,7 @@ func (c *Client) WriteConfig() error {
if err != nil {
return err
}
path := filepath.Join(dir, "client.json")
f, err := os.Create(path)
if err != nil {
return err
@ -54,7 +49,6 @@ func (c *Client) WriteConfig() error {
func (c *Client) LoadConfig() error {
dir := configdir.LocalCache("gpaste")
path := filepath.Join(dir, "client.json")
f, err := os.Open(path)
if err != nil {
return err
@ -72,7 +66,7 @@ func (c *Client) LoadConfigFromReader(r io.Reader) error {
func (c *Client) Login(ctx context.Context, username, password string) error {
url := fmt.Sprintf("%s/api/login", c.BaseURL)
// TODO: Change timeout
ctx, cancel := context.WithTimeout(ctx, defaultTimeout)
ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
defer cancel()
body := new(bytes.Buffer)
@ -80,12 +74,10 @@ func (c *Client) Login(ctx context.Context, username, password string) error {
Username: username,
Password: password,
}
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
return fmt.Errorf("error encoding response: %w", err)
}
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
if err != nil {
return fmt.Errorf("error creating request: %w", err)
@ -107,7 +99,6 @@ func (c *Client) Login(ctx context.Context, username, password string) error {
if err := decoder.Decode(&responseData); err != nil {
return fmt.Errorf("unable to parse response: %s", err)
}
c.AuthToken = responseData.Token
return nil
@ -121,7 +112,6 @@ func (c *Client) UserCreate(ctx context.Context, username, password string) erro
Username: username,
Password: password,
}
encoder := json.NewEncoder(body)
if err := encoder.Encode(requestData); err != nil {
return fmt.Errorf("error encoding response: %w", err)
@ -169,11 +159,14 @@ func (c *Client) Download(ctx context.Context, id string) (io.ReadCloser, error)
return resp.Body, nil
}
func (c *Client) Upload(ctx context.Context, files ...*files.File) (*api.ResponseAPIFilePost, error) {
func (c *Client) Upload(ctx context.Context, files ...*files.File) ([]api.ResponseAPIFilePost, error) {
url := fmt.Sprintf("%s/api/file", c.BaseURL)
client := &http.Client{}
// TODO: Change timeout
ctx, cancel := context.WithTimeout(ctx, 10*time.Minute)
defer cancel()
// TODO: Improve buffering
buf := &bytes.Buffer{}
mw := multipart.NewWriter(buf)
@ -183,21 +176,16 @@ func (c *Client) Upload(ctx context.Context, files ...*files.File) (*api.Respons
if err != nil {
return nil, err
}
if _, err := io.Copy(fw, file.Body); err != nil {
return nil, err
}
file.Body.Close()
}
mw.Close()
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, buf)
if err != nil {
return nil, err
}
req.Header.Add("Content-Type", mw.FormDataContentType())
resp, err := client.Do(req)
@ -206,7 +194,7 @@ func (c *Client) Upload(ctx context.Context, files ...*files.File) (*api.Respons
}
defer resp.Body.Close()
var expectedResp *api.ResponseAPIFilePost
var expectedResp []api.ResponseAPIFilePost
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&expectedResp); err != nil {
@ -225,12 +213,10 @@ func (c *Client) Delete(ctx context.Context, id string) error {
}
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AuthToken))
resp, err := c.httpClient.Do(req)
if err != nil {
return fmt.Errorf("unable to perform request: %s", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return fmt.Errorf("got non-ok response from server: %s", resp.Status)

6
client/client_test.go
View File

@ -120,7 +120,7 @@ func TestClient(t *testing.T) {
t.Fatalf("Error uploading: %s", err)
}
retrieved, err := srv.Files.Get(resp.Files[0].ID)
retrieved, err := srv.Files.Get(resp[0].ID)
if err != nil {
t.Fatalf("Error getting uploaded file from store: %s", err)
}
@ -166,7 +166,7 @@ func TestClient(t *testing.T) {
})
t.Run("Save", func(t *testing.T) {
c := client.Client{BaseURL: "http://example.org/gpaste", AuthToken: "tokenpls"}
expectedConfig := "{\"baseUrl\":\"http://example.org/gpaste\",\"authToken\":\"tokenpls\"}\n"
expectedConfig := "{\"base_url\":\"http://example.org/gpaste\",\"auth_token\":\"tokenpls\"}\n"
buf := new(bytes.Buffer)
err := c.WriteConfigToWriter(buf)
if err != nil {
@ -179,7 +179,7 @@ func TestClient(t *testing.T) {
})
t.Run("Load", func(t *testing.T) {
c := client.Client{}
config := "{\"baseUrl\":\"http://pasta.example.org\",\"authToken\":\"tokenpls\"}\n"
config := "{\"base_url\":\"http://pasta.example.org\",\"auth_token\":\"tokenpls\"}\n"
expectedClient := client.Client{BaseURL: "http://pasta.example.org", AuthToken: "tokenpls"}
sr := strings.NewReader(config)
if err := c.LoadConfigFromReader(sr); err != nil {

28
cmd/client/actions/actions.go
View File

@ -15,34 +15,27 @@ import (
"golang.org/x/term"
)
const defaultTimeout = 10 * time.Second
func ActionUpload(c *cli.Context) error {
clnt := client.Client{
BaseURL: c.String("url"),
}
for _, arg := range c.Args().Slice() {
f, err := os.Open(arg)
if err != nil {
return err
}
defer f.Close()
file := &files.File{
OriginalFilename: arg,
Body: f,
}
resp, err := clnt.Upload(c.Context, file)
if err != nil {
errmsg := fmt.Sprintf("Error uploading file: %s", err)
return cli.Exit(errmsg, 1)
}
fmt.Printf("Uploaded file %s - %s", file.OriginalFilename, resp.Files[0].URL)
fmt.Printf("Uploaded file %s - %s", file.OriginalFilename, resp[0].URL)
}
return nil
}
@ -50,19 +43,15 @@ func ActionDelete(c *cli.Context) error {
clnt := client.Client{
BaseURL: c.String("url"),
}
for _, arg := range c.Args().Slice() {
ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
ctx, cancel := context.WithTimeout(c.Context, 5*time.Second)
defer cancel()
if err := clnt.Delete(ctx, arg); err != nil {
fmt.Printf("Error deleting file %s\n", arg)
fmt.Printf("%s\n", err)
}
fmt.Printf("Deleted %s\n", arg)
}
return nil
}
@ -71,7 +60,6 @@ func ActionLogin(c *cli.Context) error {
if username == "" {
return cli.Exit("USERNAME not supplied.", 1)
}
password, err := readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
@ -84,7 +72,6 @@ func ActionLogin(c *cli.Context) error {
errmsg := fmt.Sprintf("Error logging in: %s", err)
return cli.Exit(errmsg, 1)
}
if err := clnt.WriteConfig(); err != nil {
errMsg := fmt.Sprintf("Failed to write config: %s", err)
return cli.Exit(errMsg, 1)
@ -98,9 +85,7 @@ func ActionLogin(c *cli.Context) error {
func ActionUserCreate(c *cli.Context) error {
// TODO: Needs to supply auth token to actually work
fmt.Println("Need to be logged in to create user")
username := readString("Enter username: ")
password, err := readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
@ -109,8 +94,7 @@ func ActionUserCreate(c *cli.Context) error {
clnt := client.Client{
BaseURL: c.String("url"),
}
ctx, cancel := context.WithTimeout(c.Context, defaultTimeout)
ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
defer cancel()
if err := clnt.Login(ctx, username, password); err != nil {
@ -119,9 +103,7 @@ func ActionUserCreate(c *cli.Context) error {
}
fmt.Println("User to create:")
username = readString("Enter username: ")
password, err = readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
@ -139,24 +121,20 @@ func ActionUserCreate(c *cli.Context) error {
func readPassword() (string, error) {
fmt.Print("Enter Password: ")
bytePassword, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", err
}
password := string(bytePassword)
return strings.TrimSpace(password), nil
}
func readString(prompt string) string {
fmt.Print(prompt)
scanner := bufio.NewScanner(os.Stdin)
for scanner.Scan() {
return scanner.Text()
}
return ""
}

2
cmd/client/client.go
View File

@ -64,5 +64,5 @@ func main() {
},
}
_ = app.Run(os.Args)
app.Run(os.Args)
}

104
cmd/server/actions/actions.go
View File

@ -6,15 +6,11 @@ import (
"net/http"
"os"
"os/signal"
"path/filepath"
"strings"
"time"
"git.t-juice.club/torjus/gpaste"
"git.t-juice.club/torjus/gpaste/api"
"git.t-juice.club/torjus/gpaste/files"
"git.t-juice.club/torjus/gpaste/users"
"github.com/google/uuid"
"github.com/urfave/cli/v2"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
@ -26,11 +22,8 @@ func ActionServe(c *cli.Context) error {
configPath = c.String("config")
}
var (
cfg *gpaste.ServerConfig
r io.ReadCloser
)
var cfg *gpaste.ServerConfig
var r io.ReadCloser
r, err := os.Open(configPath)
if err != nil {
cfg = &gpaste.ServerConfig{
@ -59,72 +52,28 @@ func ActionServe(c *cli.Context) error {
// Setup contexts for clean shutdown
rootCtx, rootCancel := signal.NotifyContext(context.Background(), os.Interrupt)
defer rootCancel()
httpCtx, httpCancel := context.WithCancel(rootCtx)
defer httpCancel()
httpShutdownCtx, httpShutdownCancel := context.WithCancel(context.Background())
defer httpShutdownCancel()
// Setup stores
// Files
fileStore, fileClose, err := getFileStore(cfg)
if err != nil {
return err
}
defer fileClose() // nolint: errcheck
// Users
userStore, userClose, err := getUserStore(cfg)
if err != nil {
return err
}
defer userClose() // nolint: errcheck
if userList, err := userStore.List(); err != nil {
serverLogger.Panicw("Error checking userstore for users.", "error", err)
} else if len(userList) < 1 {
admin := users.User{
Username: "admin",
Role: users.RoleAdmin,
}
password := uuid.NewString()
if err := admin.SetPassword(password); err != nil {
serverLogger.DPanic("Error setting admin-user password.", "error", err)
}
serverLogger.Warnw("Created admin-user.", "username", admin.Username, "password", password)
}
// Auth
auth := gpaste.NewAuthService(userStore, []byte(cfg.SigningSecret))
go func() {
srv := api.NewHTTPServer(cfg)
srv.Users = userStore
srv.Files = fileStore
srv.Addr = cfg.ListenAddr
srv.Logger = serverLogger
srv.AccessLogger = accessLogger
srv.Auth = auth
// Wait for cancel
go func() {
<-httpCtx.Done()
timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second) // nolint: gomnd
timeoutCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
_ = srv.Shutdown(timeoutCtx)
srv.Shutdown(timeoutCtx)
}()
serverLogger.Infow("Starting HTTP server.", "addr", cfg.ListenAddr)
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
serverLogger.Errorw("Error during shutdown.", "error", err)
}
serverLogger.Infow("HTTP server shutdown complete.", "addr", cfg.ListenAddr)
httpShutdownCancel()
}()
@ -168,48 +117,3 @@ func getRootLogger(level string) *zap.SugaredLogger {
return rootLogger.Sugar()
}
// nolint: ireturn
func getUserStore(cfg *gpaste.ServerConfig) (users.UserStore, func() error, error) {
closer := func() error { return nil }
switch cfg.Store.Type {
case "memory":
return users.NewMemoryUserStore(), closer, nil
case "fs":
path := filepath.Join(cfg.Store.FS.Dir, "gpaste-users.db")
bs, err := users.NewBoltUserStore(path)
if err != nil {
return nil, closer, cli.Exit("error setting up user store", 1)
}
return bs, bs.Close, nil
default:
return nil, closer, cli.Exit("no userstore configured", 1)
}
}
// nolint: ireturn
func getFileStore(cfg *gpaste.ServerConfig) (files.FileStore, func() error, error) {
closer := func() error { return nil }
switch cfg.Store.Type {
case "memory":
return files.NewMemoryFileStore(), closer, nil
case "fs":
var err error
s, err := files.NewFSFileStore(cfg.Store.FS.Dir)
if err != nil {
return nil, closer, cli.Exit("error setting up filestore", 1)
}
return s, closer, nil
default:
return nil, closer, cli.Exit("No store configured", 1)
}
}

2
cmd/server/server.go
View File

@ -29,5 +29,5 @@ func main() {
Action: actions.ActionServe,
}
_ = app.Run(os.Args)
app.Run(os.Args)
}

1
config.go
View File

@ -33,7 +33,6 @@ func ServerConfigFromReader(r io.Reader) (*ServerConfig, error) {
FS: &ServerStoreFSStoreConfig{},
},
}
if err := decoder.Decode(&c); err != nil {
return nil, fmt.Errorf("error decoding server config: %w", err)
}

8
files/filestore.go
View File

@ -7,13 +7,13 @@ import (
type File struct {
ID string `json:"id"`
OriginalFilename string `json:"originalFilename"`
MaxViews uint `json:"maxViews"`
ExpiresOn time.Time `json:"expiresOn"`
OriginalFilename string `json:"original_filename"`
MaxViews uint `json:"max_views"`
ExpiresOn time.Time `json:"expires_on"`
Body io.ReadCloser
FileSize int64 `json:"fileSize"`
FileSize int64 `json:"file_size"`
}
type FileStore interface {

17
files/filestore_fs.go
View File

@ -23,7 +23,6 @@ func NewFSFileStore(dir string) (*FSFileStore, error) {
return s, err
}
func (s *FSFileStore) Store(f *File) error {
defer f.Body.Close()
@ -35,7 +34,6 @@ func (s *FSFileStore) Store(f *File) error {
}
path := filepath.Join(s.dir, f.ID)
dst, err := os.Create(path)
if err != nil {
return err
@ -46,15 +44,12 @@ func (s *FSFileStore) Store(f *File) error {
if err != nil {
return err
}
s.metadata[f.ID] = metadata
s.metadata[f.ID].FileSize = n
if err := s.writeMetadata(); err != nil {
delete(s.metadata, f.ID)
return err
}
return nil
}
@ -65,14 +60,11 @@ func (s *FSFileStore) Get(id string) (*File, error) {
}
path := filepath.Join(s.dir, id)
f, err := os.Open(path)
if err != nil {
return nil, err
}
metadata.Body = f
return metadata, nil
}
@ -81,24 +73,20 @@ func (s *FSFileStore) Delete(id string) error {
if err := os.Remove(path); err != nil {
return err
}
delete(s.metadata, id)
return nil
}
func (s *FSFileStore) List() ([]string, error) {
results := make([]string, 0, len(s.metadata))
var results []string
for k := range s.metadata {
results = append(results, k)
}
return results, nil
}
func (s *FSFileStore) writeMetadata() error {
path := filepath.Join(s.dir, "metadata.json")
f, err := os.Create(path)
if err != nil {
return err
@ -109,13 +97,11 @@ func (s *FSFileStore) writeMetadata() error {
if err := encoder.Encode(s.metadata); err != nil {
return err
}
return nil
}
func (s *FSFileStore) readMetadata() error {
path := filepath.Join(s.dir, "metadata.json")
f, err := os.Open(path)
if err != nil {
// TODO: Handle errors better
@ -127,6 +113,5 @@ func (s *FSFileStore) readMetadata() error {
if err := decoder.Decode(&s.metadata); err != nil {
return err
}
return nil
}

9
files/filestore_fs_test.go
View File

@ -7,23 +7,20 @@ import (
)
func TestFSFileStore(t *testing.T) {
newFunc := func() files.FileStore {
dir := t.TempDir()
s, err := files.NewFSFileStore(dir)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
return s
}
RunFilestoreTest(newFunc, t)
RunFilestoreTest(s, t)
persistentDir := t.TempDir()
persistentFunc := func() files.FileStore {
newFunc := func() files.FileStore {
s, err := files.NewFSFileStore(persistentDir)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
return s
}
RunPersistentFilestoreTest(persistentFunc, t)
RunPersistentFilestoreTest(newFunc, t)
}

16
files/filestore_memory.go
View File

@ -29,6 +29,7 @@ func NewMemoryFileStore() *MemoryFileStore {
}
func (s *MemoryFileStore) Store(f *File) error {
data := &fileData{
ID: f.ID,
MaxViews: f.MaxViews,
@ -44,7 +45,6 @@ func (s *MemoryFileStore) Store(f *File) error {
defer s.lock.Unlock()
s.data[f.ID] = data
return err
}
@ -56,17 +56,11 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
if !ok {
return nil, fmt.Errorf("no such item")
}
body := new(bytes.Buffer)
if _, err := body.Write(fd.Body.Bytes()); err != nil {
return nil, err
}
f := &File{
ID: fd.ID,
MaxViews: fd.MaxViews,
ExpiresOn: fd.ExpiresOn,
Body: io.NopCloser(body),
Body: io.NopCloser(&fd.Body),
FileSize: fd.FileSize,
}
@ -76,21 +70,17 @@ func (s *MemoryFileStore) Get(id string) (*File, error) {
func (s *MemoryFileStore) Delete(id string) error {
s.lock.Lock()
defer s.lock.Unlock()
delete(s.data, id)
return nil
}
func (s *MemoryFileStore) List() ([]string, error) {
ids := make([]string, 0, len(s.data))
var ids []string
s.lock.RLock()
defer s.lock.RUnlock()
for id := range s.data {
ids = append(ids, id)
}
return ids, nil
}

6
files/filestore_memory_test.go
View File

@ -7,9 +7,7 @@ import (
)
func TestMemoryFileStore(t *testing.T) {
newFunc := func() files.FileStore {
return files.NewMemoryFileStore()
}
s := files.NewMemoryFileStore()
RunFilestoreTest(newFunc, t)
RunFilestoreTest(s, t)
}

54
files/filestore_test.go
View File

@ -12,11 +12,8 @@ import (
"github.com/google/uuid"
)
var ignoreBody = cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
func RunFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
func RunFilestoreTest(s files.FileStore, t *testing.T) {
t.Run("Basic", func(t *testing.T) {
s := newStoreFunc()
// Create
dataString := "TEST_LOL_OMG"
id := uuid.Must(uuid.NewRandom()).String()
@ -61,6 +58,7 @@ func RunFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
FileSize: int64(len(dataString)),
}
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
if diff := cmp.Diff(retrieved, expected, ignoreBody); diff != "" {
t.Errorf("File comparison failed: %s", diff)
}
@ -90,54 +88,9 @@ func RunFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
t.Fatalf("List after delete has wrong length: %d", len(ids))
}
})
t.Run("MultipleGet", func(t *testing.T) {
s := newStoreFunc()
fileContents := "multiple get test !"
body := io.NopCloser(strings.NewReader(fileContents))
file := &files.File{
ID: uuid.NewString(),
OriginalFilename: "multiple.txt",
MaxViews: 999,
ExpiresOn: time.Now().Add(1 * time.Hour),
Body: body,
FileSize: int64(len(fileContents)),
}
if err := s.Store(file); err != nil {
t.Fatalf("Error storing file: %s", err)
}
first, err := s.Get(file.ID)
if err != nil {
t.Errorf("Error retrieving first file: %s", err)
}
firstBody := new(bytes.Buffer)
io.Copy(firstBody, first.Body)
first.Body.Close()
if diff := cmp.Diff(firstBody.String(), fileContents); diff != "" {
t.Fatalf("File contents mismatch: %s", diff)
}
second, err := s.Get(file.ID)
if err != nil {
t.Errorf("Error retrieving first file: %s", err)
}
secondBody := new(bytes.Buffer)
io.Copy(secondBody, second.Body)
first.Body.Close()
if diff := cmp.Diff(secondBody.String(), fileContents); diff != "" {
t.Fatalf("File contents mismatch: %s", diff)
}
})
}
func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.T) {
t.Run("Basics", func(t *testing.T) {
s := newStoreFunc()
files := []struct {
@ -180,6 +133,7 @@ func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.
t.Fatalf("Unable to retrieve file: %s", err)
}
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
if !cmp.Equal(retrieved, f.File, ignoreBody) {
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
}
@ -201,6 +155,7 @@ func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.
t.Fatalf("Unable to retrieve file: %s", err)
}
ignoreBody := cmp.FilterPath(func(p cmp.Path) bool { return p.String() == "Body" }, cmp.Ignore())
if !cmp.Equal(retrieved, f.File, ignoreBody) {
t.Errorf("Mismatch: %s", cmp.Diff(retrieved, f.File))
}
@ -213,5 +168,4 @@ func RunPersistentFilestoreTest(newStoreFunc func() files.FileStore, t *testing.
t.Fatalf("Data does not match. %s", cmp.Diff(buf.String(), f.ExpectedData))
}
}
})
}

10
go.mod
View File

@ -2,17 +2,19 @@ module git.t-juice.club/torjus/gpaste
go 1.17
require github.com/google/uuid v1.3.0
require github.com/go-chi/chi/v5 v5.0.7
require (
github.com/go-chi/chi/v5 v5.0.7
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/google/go-cmp v0.5.7
github.com/google/uuid v1.3.0
github.com/google/go-cmp v0.5.6
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
github.com/pelletier/go-toml v1.9.4
github.com/urfave/cli/v2 v2.3.0
go.etcd.io/bbolt v1.3.6
go.uber.org/zap v1.20.0
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
)

8
go.sum
View File

@ -11,8 +11,8 @@ github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8=
github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f h1:dKccXx7xA56UNqOcFIbuqFjAWPVtP688j5QMgmo6OHU=
@ -51,8 +51,8 @@ go.uber.org/zap v1.20.0 h1:N4oPlghZwYG55MlU6LXk/Zp00FVNE9X9wrYO8CEs4lc=
go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8 h1:kACShD3qhmr/3rLmg1yXyt+N4HcwutKyPRB93s54TIU=
golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce h1:Roh6XWxHFKrPgC/EQhVubSAGQ6Ozk6IdxHSzt1mR0EI=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=

4
users/user.go
View File

@ -16,7 +16,7 @@ const (
type User struct {
Username string `json:"username"`
HashedPassword []byte `json:"hashedPassword"`
HashedPassword []byte `json:"hashed_password"`
Role Role `json:"role"`
}
@ -38,8 +38,6 @@ func (u *User) SetPassword(password string) error {
if err != nil {
return err
}
u.HashedPassword = hashed
return nil
}

6
users/userstore_bolt.go
View File

@ -15,7 +15,7 @@ type BoltUserStore struct {
}
func NewBoltUserStore(path string) (*BoltUserStore, error) {
db, err := bbolt.Open(path, 0o666, nil) // nolint: gomnd
db, err := bbolt.Open(path, 0666, nil)
if err != nil {
return nil, err
}
@ -36,7 +36,6 @@ func (s *BoltUserStore) Close() error {
func (s *BoltUserStore) Get(username string) (*User, error) {
var user User
err := s.db.View(func(tx *bbolt.Tx) error {
bkt := tx.Bucket(keyUsers)
rawUser := bkt.Get([]byte(username))
@ -48,7 +47,6 @@ func (s *BoltUserStore) Get(username string) (*User, error) {
if err != nil {
return nil, err
}
return &user, nil
}
@ -71,7 +69,6 @@ func (s *BoltUserStore) Delete(username string) error {
return bkt.Delete([]byte(username))
})
}
func (s *BoltUserStore) List() ([]string, error) {
var ids []string
@ -89,6 +86,5 @@ func (s *BoltUserStore) List() ([]string, error) {
if err != nil {
return nil, err
}
return ids, nil
}

10
users/userstore_memory.go
View File

@ -15,13 +15,10 @@ type MemoryUserStore struct {
func NewMemoryUserStore() *MemoryUserStore {
return &MemoryUserStore{users: make(map[string]*User)}
}
func (s *MemoryUserStore) Get(username string) (*User, error) {
s.lock.Lock()
defer s.lock.Unlock()
user, ok := s.users[username]
if !ok {
return nil, fmt.Errorf("no such user: %s", username)
}
@ -32,26 +29,21 @@ func (s *MemoryUserStore) Get(username string) (*User, error) {
func (s *MemoryUserStore) Store(user *User) error {
s.lock.Lock()
defer s.lock.Unlock()
s.users[user.Username] = user
return nil
}
func (s *MemoryUserStore) Delete(username string) error {
s.lock.Lock()
defer s.lock.Unlock()
delete(s.users, username)
return nil
}
func (s *MemoryUserStore) List() ([]string, error) {
s.lock.Lock()
defer s.lock.Unlock()
ids := make([]string, 0, len(s.users))
var ids []string
for k := range s.users {
ids = append(ids, k)
}