alps/server.go

271 lines
5.7 KiB
Go
Raw Normal View History

2019-12-02 14:31:00 +00:00
package koushin
import (
2019-12-02 16:24:19 +00:00
"fmt"
2019-12-02 14:31:00 +00:00
"net/http"
2019-12-02 16:24:19 +00:00
"net/url"
2019-12-03 12:07:25 +00:00
"strings"
"sync"
2019-12-02 16:24:19 +00:00
"time"
2019-12-02 14:31:00 +00:00
2019-12-03 10:12:26 +00:00
"github.com/labstack/echo/v4"
2019-12-02 14:31:00 +00:00
)
2019-12-02 16:24:19 +00:00
const cookieName = "koushin_session"
2019-12-11 14:24:39 +00:00
// Server holds all the koushin server state.
2019-12-02 16:24:19 +00:00
type Server struct {
e *echo.Echo
Sessions *SessionManager
2020-01-10 16:00:34 +00:00
mutex sync.RWMutex // used for server reload
plugins []Plugin
luaPlugins []Plugin
2019-12-09 17:16:27 +00:00
2019-12-02 16:24:19 +00:00
imap struct {
2019-12-03 10:12:26 +00:00
host string
tls bool
2019-12-02 16:24:19 +00:00
insecure bool
}
2019-12-03 14:21:59 +00:00
smtp struct {
host string
tls bool
insecure bool
}
defaultTheme string
2019-12-02 16:24:19 +00:00
}
2019-12-03 14:21:59 +00:00
func (s *Server) parseIMAPURL(imapURL string) error {
2019-12-02 16:24:19 +00:00
u, err := url.Parse(imapURL)
if err != nil {
2019-12-03 14:21:59 +00:00
return fmt.Errorf("failed to parse IMAP server URL: %v", err)
2019-12-02 16:24:19 +00:00
}
s.imap.host = u.Host
switch u.Scheme {
case "imap":
// This space is intentionally left blank
case "imaps":
s.imap.tls = true
case "imap+insecure":
s.imap.insecure = true
default:
2019-12-03 14:21:59 +00:00
return fmt.Errorf("unrecognized IMAP URL scheme: %s", u.Scheme)
}
return nil
}
func (s *Server) parseSMTPURL(smtpURL string) error {
u, err := url.Parse(smtpURL)
if err != nil {
return fmt.Errorf("failed to parse SMTP server URL: %v", err)
}
s.smtp.host = u.Host
switch u.Scheme {
case "smtp":
// This space is intentionally left blank
case "smtps":
s.smtp.tls = true
case "smtp+insecure":
s.smtp.insecure = true
default:
return fmt.Errorf("unrecognized SMTP URL scheme: %s", u.Scheme)
2019-12-02 16:24:19 +00:00
}
2019-12-03 14:21:59 +00:00
return nil
}
func (s *Server) load() error {
plugins := append([]Plugin(nil), plugins...)
for _, p := range plugins {
s.e.Logger.Printf("Registered plugin '%v'", p.Name())
}
luaPlugins, err := loadAllLuaPlugins(s.e.Logger)
if err != nil {
return fmt.Errorf("failed to load plugins: %v", err)
}
plugins = append(plugins, luaPlugins...)
renderer := newRenderer(s.e.Logger, s.defaultTheme)
if err := renderer.Load(plugins); err != nil {
return fmt.Errorf("failed to load templates: %v", err)
}
// Once we've loaded plugins and templates from disk (which can take time),
// swap them in the Server struct
s.mutex.Lock()
defer s.mutex.Unlock()
2020-01-10 16:00:34 +00:00
// Close previous Lua plugins
for _, p := range s.luaPlugins {
if err := p.Close(); err != nil {
s.e.Logger.Printf("Failed to unload plugin '%v': %v", p.Name(), err)
}
}
s.plugins = plugins
2020-01-10 16:00:34 +00:00
s.luaPlugins = luaPlugins
s.e.Renderer = renderer
for _, p := range plugins {
p.SetRoutes(s.e.Group(""))
}
return nil
}
// Reload loads Lua plugins and templates from disk.
func (s *Server) Reload() error {
s.e.Logger.Printf("Reloading server")
return s.load()
}
func newServer(e *echo.Echo, options *Options) (*Server, error) {
s := &Server{e: e, defaultTheme: options.Theme}
2019-12-03 14:21:59 +00:00
if err := s.parseIMAPURL(options.IMAPURL); err != nil {
2019-12-03 14:21:59 +00:00
return nil, err
}
2019-12-02 14:31:00 +00:00
if options.SMTPURL != "" {
if err := s.parseSMTPURL(options.SMTPURL); err != nil {
2019-12-03 14:21:59 +00:00
return nil, err
}
}
s.Sessions = newSessionManager(s.dialIMAP, s.dialSMTP)
2019-12-02 16:24:19 +00:00
return s, nil
}
// Context is the context used by HTTP handlers.
//
// Use a type assertion to get it from a echo.Context:
//
// ctx := ectx.(*koushin.Context)
type Context struct {
2019-12-02 16:24:19 +00:00
echo.Context
Server *Server
2019-12-11 14:24:39 +00:00
Session *Session // nil if user isn't logged in
2019-12-02 16:24:19 +00:00
}
var aLongTimeAgo = time.Unix(233431200, 0)
2019-12-11 14:24:39 +00:00
// SetSession sets a cookie for the provided session. Passing a nil session
// unsets the cookie.
func (ctx *Context) SetSession(s *Session) {
2019-12-02 16:24:19 +00:00
cookie := http.Cookie{
2019-12-03 10:12:26 +00:00
Name: cookieName,
2019-12-02 16:24:19 +00:00
HttpOnly: true,
// TODO: domain, secure
}
if s != nil {
cookie.Value = s.token
} else {
2019-12-02 16:24:19 +00:00
cookie.Expires = aLongTimeAgo // unset the cookie
}
ctx.SetCookie(&cookie)
2019-12-02 16:24:19 +00:00
}
func isPublic(path string) bool {
if strings.HasPrefix(path, "/plugins/") {
parts := strings.Split(path, "/")
return len(parts) >= 4 && parts[3] == "assets"
}
return path == "/login" || strings.HasPrefix(path, "/themes/")
}
2020-01-10 16:29:37 +00:00
func redirectToLogin(ctx *Context) error {
path := ctx.Request().URL.Path
to := "/login"
if path != "/" && path != "/login" {
to += "?next=" + url.QueryEscape(ctx.Request().URL.String())
}
return ctx.Redirect(http.StatusFound, to)
}
func handleUnauthenticated(next echo.HandlerFunc, ctx *Context) error {
// Require auth for all requests except /login and assets
if isPublic(ctx.Request().URL.Path) {
return next(ctx)
} else {
return redirectToLogin(ctx)
}
}
type Options struct {
IMAPURL, SMTPURL string
Theme string
}
2019-12-02 16:24:19 +00:00
2019-12-11 14:24:39 +00:00
// New creates a new server.
func New(e *echo.Echo, options *Options) (*Server, error) {
s, err := newServer(e, options)
2019-12-02 16:24:19 +00:00
if err != nil {
return nil, err
}
if err := s.load(); err != nil {
return nil, err
2019-12-09 15:02:12 +00:00
}
2019-12-03 12:17:51 +00:00
e.HTTPErrorHandler = func(err error, c echo.Context) {
code := http.StatusInternalServerError
if he, ok := err.(*echo.HTTPError); ok {
code = he.Code
} else {
c.Logger().Error(err)
}
// TODO: hide internal errors
c.String(code, err.Error())
}
e.Pre(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(ectx echo.Context) error {
s.mutex.RLock()
err := next(ectx)
s.mutex.RUnlock()
return err
}
})
e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(ectx echo.Context) error {
ectx.Response().Header().Set("Content-Security-Policy", "default-src 'self'")
return next(ectx)
}
})
2019-12-02 16:24:19 +00:00
e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(ectx echo.Context) error {
ctx := &Context{Context: ectx, Server: s}
2019-12-09 15:02:12 +00:00
ctx.Set("context", ctx)
2019-12-02 16:24:19 +00:00
cookie, err := ctx.Cookie(cookieName)
if err == http.ErrNoCookie {
2020-01-10 16:29:37 +00:00
return handleUnauthenticated(next, ctx)
2019-12-02 16:24:19 +00:00
} else if err != nil {
return err
}
ctx.Session, err = ctx.Server.Sessions.get(cookie.Value)
if err == errSessionExpired {
ctx.SetSession(nil)
2020-01-10 16:29:37 +00:00
return handleUnauthenticated(next, ctx)
2019-12-02 16:24:19 +00:00
} else if err != nil {
return err
}
ctx.Session.ping()
2019-12-02 16:24:19 +00:00
return next(ctx)
}
})
e.Static("/themes", "themes")
2019-12-02 14:31:00 +00:00
return s, nil
2019-12-02 14:31:00 +00:00
}