func main() {
migration := flag.String("migrate", "", "Run DB migrations: up, down, redo, new [MIGRATION_NAME] and then os.Exit(0)")
flag.Parse()
setLogger()
loadConfig()
connectToDB()
runMigrations(migration)
// Creates a gin router with default middleware:
// logger and recovery (crash-free) middleware
router := gin.Default()
setTemplate(router)
setSessions(router)
router.StaticFS("/uploads", http.Dir(system.GetConfig().Uploads))
router.StaticFS("/public", rice.MustFindBox("public").HTTPBox()) //<3 rice
router.Use(SharedData())
router.GET("/", controllers.HomeGet)
router.NoRoute(controllers.NotFound)
router.NoMethod(controllers.MethodNotAllowed)
if system.GetConfig().SignupEnabled {
router.GET("/signup", controllers.SignUpGet)
router.POST("/signup", controllers.SignUpPost)
}
router.GET("/signin", controllers.SignInGet)
router.POST("/signin", controllers.SignInPost)
router.GET("/logout", controllers.LogoutGet)
router.GET("/pages/:id", controllers.PageGet)
authorized := router.Group("/admin")
authorized.Use(AuthRequired())
authorized.GET("/", admin.AdminGet)
authorized.POST("/upload", admin.UploadPost) //image upload
authorized.GET("/users", admin.UserIndex)
authorized.GET("/new_user", admin.UserNew)
authorized.POST("/new_user", admin.UserCreate)
authorized.GET("/users/:id/edit", admin.UserEdit)
authorized.POST("/users/:id/edit", admin.UserUpdate)
authorized.POST("/users/:id/delete", admin.UserDelete)
authorized.GET("/pages", admin.PageIndex)
authorized.GET("/new_page", admin.PageNew)
authorized.POST("/new_page", admin.PageCreate)
authorized.GET("/pages/:id/edit", admin.PageEdit)
authorized.POST("/pages/:id/edit", admin.PageUpdate)
authorized.POST("/pages/:id/delete", admin.PageDelete)
// Listen and server on 0.0.0.0:8080
router.Run(":8080")
}
//setSessions initializes sessions & csrf middlewares
func setSessions(router *gin.Engine) {
config := system.GetConfig()
//https://github.com/gin-gonic/contrib/tree/master/sessions
store := sessions.NewCookieStore([]byte(config.SessionSecret))
store.Options(sessions.Options{HttpOnly: true, MaxAge: 7 * 86400}) //Also set Secure: true if using SSL, you should though
router.Use(sessions.Sessions("gin-session", store))
//https://github.com/utrack/gin-csrf
router.Use(csrf.Middleware(csrf.Options{
Secret: config.SessionSecret,
ErrorFunc: func(c *gin.Context) {
c.String(400, "CSRF token mismatch")
c.Abort()
},
}))
}
//+++++++++++++ middlewares +++++++++++++++++++++++
//SharedData fills in common data, such as user info, etc...
func SharedData() gin.HandlerFunc {
return func(c *gin.Context) {
session := sessions.Default(c)
if uId := session.Get("UserId"); uId != nil {
user, _ := models.GetUser(uId)
if user.Id != 0 {
c.Set("User", user)
}
}
if system.GetConfig().SignupEnabled {
c.Set("SignupEnabled", true)
}
c.Next()
}
}
func saveFile(fh *multipart.FileHeader, f multipart.File) (string, error) {
fileExt := filepath.Ext(fh.Filename)
newName := fmt.Sprint(time.Now().Unix()) + fileExt //unique file name ;D
uri := "/uploads/" + newName
fullName := filepath.Join(system.GetConfig().Uploads, newName)
file, err := os.OpenFile(fullName, os.O_WRONLY|os.O_CREATE, 0666)
if err != nil {
return "", err
}
defer file.Close()
_, err = io.Copy(file, f)
if err != nil {
return "", err
}
return uri, nil
}
//connectToDB initializes *sqlx.DB handler
func connectToDB() {
models.SetDB(system.GetConfig())
}