aboutsummaryrefslogtreecommitdiffstats
path: root/web/command
diff options
context:
space:
mode:
Diffstat (limited to 'web/command')
-rw-r--r--web/command/handler/authenticate.go52
-rw-r--r--web/command/handler/create.go4
-rw-r--r--web/command/handler/host.go57
-rw-r--r--web/command/html/authenticate.go43
-rw-r--r--web/command/html/create.go2
-rw-r--r--web/command/html/home.go3
-rw-r--r--web/command/html/host.go52
-rw-r--r--web/command/html/site.go1
-rw-r--r--web/command/middleware/authenticate.go25
9 files changed, 233 insertions, 6 deletions
diff --git a/web/command/handler/authenticate.go b/web/command/handler/authenticate.go
new file mode 100644
index 0000000..1c7d312
--- /dev/null
+++ b/web/command/handler/authenticate.go
@@ -0,0 +1,52 @@
+package handler
+
+import (
+ "crypto/subtle"
+ "fmt"
+ "net/http"
+
+ "github.com/LMBishop/scrapbook/pkg/auth"
+ "github.com/LMBishop/scrapbook/pkg/config"
+ "github.com/LMBishop/scrapbook/web/command/html"
+ . "maragu.dev/gomponents"
+ ghttp "maragu.dev/gomponents/http"
+)
+
+func GetAuthenticate() func(http.ResponseWriter, *http.Request) {
+ return ghttp.Adapt(func(w http.ResponseWriter, r *http.Request) (Node, error) {
+ return html.AuthenticatePage(""), nil
+ })
+}
+
+func PostAuthenticate(mainConfig *config.MainConfig, authenticator *auth.Authenticator) func(http.ResponseWriter, *http.Request) {
+ return func(w http.ResponseWriter, r *http.Request) {
+ err := r.ParseForm()
+ if err != nil {
+ html.AuthenticatePage(err.Error()).Render(w)
+ return
+ }
+
+ token := r.Form.Get("token")
+
+ if len(mainConfig.Command.Secret) == 0 || subtle.ConstantTimeCompare([]byte(token), []byte(mainConfig.Command.Secret)) != 1 {
+ html.AuthenticatePage("The secret key is incorrect").Render(w)
+ return
+ }
+
+ jwt, err := authenticator.NewJwt()
+ if err != nil {
+ html.AuthenticatePage(fmt.Errorf("Failed to create jwt: %w", err).Error()).Render(w)
+ return
+ }
+
+ http.SetCookie(w, &http.Cookie{
+ Name: "session",
+ Value: jwt,
+
+ Secure: true,
+ SameSite: http.SameSiteStrictMode,
+ HttpOnly: true,
+ })
+ http.Redirect(w, r, "/", 302)
+ }
+}
diff --git a/web/command/handler/create.go b/web/command/handler/create.go
index 21c6b1a..46c7779 100644
--- a/web/command/handler/create.go
+++ b/web/command/handler/create.go
@@ -36,10 +36,6 @@ func PostCreate(mainConfig *config.MainConfig, index *index.SiteIndex) func(http
return html.CreatePage("", "A name must be specified", formValues), nil
}
- if host == "" {
- return html.CreatePage("", "A host must be specified", formValues), nil
- }
-
site, err := site.CreateNewSite(name, path.Join(constants.SysDataDir, "sites"), host)
if err != nil {
diff --git a/web/command/handler/host.go b/web/command/handler/host.go
new file mode 100644
index 0000000..05b4ca6
--- /dev/null
+++ b/web/command/handler/host.go
@@ -0,0 +1,57 @@
+package handler
+
+import (
+ "fmt"
+ "net/http"
+ "path"
+
+ "github.com/LMBishop/scrapbook/pkg/config"
+ "github.com/LMBishop/scrapbook/pkg/index"
+ "github.com/LMBishop/scrapbook/web/command/html"
+ . "maragu.dev/gomponents"
+ ghttp "maragu.dev/gomponents/http"
+)
+
+func GetHost(index *index.SiteIndex) func(http.ResponseWriter, *http.Request) {
+ return ghttp.Adapt(func(w http.ResponseWriter, r *http.Request) (Node, error) {
+ siteName := r.PathValue("site")
+ if siteName == "" {
+ return html.ErrorPage("Unknown site: " + siteName), nil
+ }
+ site := index.GetSite(siteName)
+ if site == nil {
+ return html.ErrorPage("Unknown site: " + siteName), nil
+ }
+
+ return html.HostPage("", "", siteName, site.SiteConfig.Host), nil
+ })
+}
+
+func PostHost(mainConfig *config.MainConfig, index *index.SiteIndex) func(http.ResponseWriter, *http.Request) {
+ return ghttp.Adapt(func(w http.ResponseWriter, r *http.Request) (Node, error) {
+ siteName := r.PathValue("site")
+ if siteName == "" {
+ return html.ErrorPage("Unknown site: " + siteName), nil
+ }
+ site := index.GetSite(siteName)
+ if site == nil {
+ return html.ErrorPage("Unknown site: " + siteName), nil
+ }
+
+ err := r.ParseForm()
+ if err != nil {
+ return html.HostPage("", fmt.Errorf("Could not parse form: %w", err).Error(), siteName, site.SiteConfig.Host), nil
+ }
+
+ host := r.FormValue("host")
+
+ site.SiteConfig.Host = host
+ index.UpdateSiteIndexes()
+ err = config.WriteSiteConfig(path.Join(site.Path, "site.toml"), site.SiteConfig)
+ if err != nil {
+ return html.HostPage("", fmt.Errorf("Failed to persist flags: %w", err).Error(), siteName, host), nil
+ }
+
+ return html.HostPage(fmt.Sprintf("Successfully set host for %s to '%s'", siteName, host), "", siteName, host), nil
+ })
+}
diff --git a/web/command/html/authenticate.go b/web/command/html/authenticate.go
new file mode 100644
index 0000000..27a2321
--- /dev/null
+++ b/web/command/html/authenticate.go
@@ -0,0 +1,43 @@
+package html
+
+import (
+ . "maragu.dev/gomponents"
+ . "maragu.dev/gomponents/html"
+)
+
+func AuthenticatePage(err string) Node {
+ return page("Authenticate",
+ H1(Text("Welcome to scrapbook")),
+
+ If(err != "", alertError(err)),
+
+ Form(
+ Action("/authenticate"),
+ Method("post"),
+
+ FieldSet(
+ Legend(Text("Authentication")),
+ Label(
+ For("token"),
+ Text("Secret key"),
+ ),
+ Input(
+ ID("token"),
+ Name("token"),
+ ),
+ Span(
+ Class("form-help"),
+ Text("Enter the secret key to continue."),
+ ),
+ ),
+
+ Div(
+ Class("control-group group-right"),
+ Input(
+ Type("submit"),
+ Value("Submit"),
+ ),
+ ),
+ ),
+ )
+}
diff --git a/web/command/html/create.go b/web/command/html/create.go
index a0b77d1..8b76776 100644
--- a/web/command/html/create.go
+++ b/web/command/html/create.go
@@ -56,7 +56,7 @@ func CreatePage(success, err string, formValues CreatePageForm) Node {
),
Span(
Class("form-help"),
- Text("The fully qualified domain name for which this site is to be served on."),
+ Text("The fully qualified domain name for which this site is to be served on. If this site is not to be served by scrapbook, leave blank."),
),
),
diff --git a/web/command/html/home.go b/web/command/html/home.go
index 490b2b8..b9d585c 100644
--- a/web/command/html/home.go
+++ b/web/command/html/home.go
@@ -38,7 +38,8 @@ func HomePage(siteIndex *index.SiteIndex) Node {
Span(
Class("name"),
Span(Text(site.Name)),
- Span(Text(fmt.Sprintf("on %s", site.SiteConfig.Host))),
+ If(site.SiteConfig.Host == "", Span(Text("no host"))),
+ If(site.SiteConfig.Host != "", Span(Text(fmt.Sprintf("on %s", site.SiteConfig.Host)))),
),
Span(
Class("status"),
diff --git a/web/command/html/host.go b/web/command/html/host.go
new file mode 100644
index 0000000..36f0e6b
--- /dev/null
+++ b/web/command/html/host.go
@@ -0,0 +1,52 @@
+package html
+
+import (
+ "fmt"
+
+ . "maragu.dev/gomponents"
+ . "maragu.dev/gomponents/html"
+)
+
+func HostPage(success, err, siteName, hostValue string) Node {
+ return page("Change host for "+siteName,
+ H1(Text("Change host for "+siteName)),
+
+ If(success != "", Group{
+ alertSuccess(success),
+ Div(
+ Class("control-group group-right"),
+ navButton("OK", fmt.Sprintf("/site/%s/", siteName)),
+ ),
+ }),
+
+ If(success == "", Group{
+ If(err != "", alertError(err)),
+
+ Form(
+ Method("post"),
+
+ FieldSet(
+ Legend(Text("Host")),
+ Input(
+ ID("host"),
+ Name("host"),
+ Value(hostValue),
+ ),
+ Span(
+ Class("form-help"),
+ Text("The fully qualified domain name for which this site is to be served on. If this site is not to be served by scrapbook, leave blank."),
+ ),
+ ),
+
+ Div(
+ Class("control-group group-right"),
+ navButton("Go back", fmt.Sprintf("/site/%s/", siteName)),
+ Input(
+ Type("submit"),
+ Value("Submit"),
+ ),
+ ),
+ ),
+ }),
+ )
+}
diff --git a/web/command/html/site.go b/web/command/html/site.go
index 7616e6b..7da9dc0 100644
--- a/web/command/html/site.go
+++ b/web/command/html/site.go
@@ -26,6 +26,7 @@ func SitePage(mainConfig *config.MainConfig, site *site.Site) Node {
navButton("Upload new version", "upload"),
navButton("Set flags", "flags"),
+ navButton("Change host", "host"),
navButton("Delete site", "delete"),
),
),
diff --git a/web/command/middleware/authenticate.go b/web/command/middleware/authenticate.go
new file mode 100644
index 0000000..08e3552
--- /dev/null
+++ b/web/command/middleware/authenticate.go
@@ -0,0 +1,25 @@
+package middleware
+
+import (
+ "net/http"
+
+ "github.com/LMBishop/scrapbook/pkg/auth"
+)
+
+func MustAuthenticate(authenticator *auth.Authenticator, next http.HandlerFunc) http.HandlerFunc {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ jwt, err := r.Cookie("session")
+ if err != nil {
+ http.Redirect(w, r, "/authenticate", 302)
+ return
+ }
+
+ err = authenticator.VerifyJwt(jwt.Value)
+ if err != nil {
+ http.Redirect(w, r, "/authenticate", 302)
+ return
+ }
+
+ next.ServeHTTP(w, r)
+ })
+}
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-25 05:24:35 +0000