func main() {
m := martini.Classic()
// log before and after a request
m.Use(func(c martini.Context, log *log.Logger) {
log.Println("before a request")
c.Next()
log.Println("after a request")
})
sublime.Route(m)
store := sessions.NewCookieStore([]byte("secret_words_key_xxx"))
m.Use(sessions.Sessions("weiyan_session", store))
m.Get("/set", func(session sessions.Session) string {
session.Set("hello", "world")
return "OK"
})
m.Get("/get", func(session sessions.Session) string {
v := session.Get("hello")
if v == nil {
return ""
}
return v.(string)
})
//m.Use("/admin", auth.Basic("username", "secretpassword"))
m.Use(martini.Static("assets"))
m.Run()
}
func main() {
store := sessions.NewCookieStore([]byte("secret123"))
dbmap = initDb()
m := martini.Classic()
m.Use(render.Renderer())
m.Use(sessions.Sessions("my_session", store))
m.Use(sessionauth.SessionUser(GenerateAnonymousUser))
sessionauth.RedirectUrl = "/new-login"
sessionauth.RedirectParam = "new-next"
m.Get("/", func(r render.Render) {
r.HTML(200, "index", nil)
})
m.Get("/new-login", func(r render.Render) {
r.HTML(200, "login", nil)
})
m.Post("/new-login", binding.Bind(MyUserModel{}), func(session sessions.Session, postedUser MyUserModel, r render.Render, req *http.Request) {
// You should verify credentials against a database or some other mechanism at this point.
// Then you can authenticate this session.
user := MyUserModel{}
err := dbmap.SelectOne(&user, "SELECT * FROM users WHERE username = $1 and password = $2", postedUser.Username, postedUser.Password)
if err != nil {
r.Redirect(sessionauth.RedirectUrl)
return
} else {
err := sessionauth.AuthenticateSession(session, &user)
if err != nil {
r.JSON(500, err)
}
params := req.URL.Query()
redirect := params.Get(sessionauth.RedirectParam)
r.Redirect(redirect)
return
}
})
m.Get("/private", sessionauth.LoginRequired, func(r render.Render, user sessionauth.User) {
r.HTML(200, "private", user.(*MyUserModel))
})
m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
})
m.Run()
}
func TestAuthenticateSession(t *testing.T) {
store := sessions.NewCookieStore([]byte("secret123"))
m := martini.Classic()
m.Use(render.Renderer())
m.Use(sessions.Sessions("my_session", store))
m.Use(SessionUser(NewUser))
m.Get("/setauth", func(session sessions.Session, user User) string {
err := AuthenticateSession(session, user)
if err != nil {
t.Error(err)
}
return "OK"
})
m.Get("/private", LoginRequired, func(session sessions.Session, user User) string {
return "OK"
})
m.Get("/logout", LoginRequired, func(session sessions.Session, user User) string {
Logout(session, user)
return "OK"
})
res := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/private", nil)
m.ServeHTTP(res, req)
if res.Code != 302 {
t.Errorf("Private response should be 302, was %d", res.Code)
}
res1 := httptest.NewRecorder()
req1, _ := http.NewRequest("GET", "/setauth", nil)
req1.Header.Set("Cookie", res.Header().Get("Set-Cookie"))
m.ServeHTTP(res1, req1)
if res1.Code != 200 {
t.Errorf("Setauth response should be 200, was %d", res.Code)
}
res2 := httptest.NewRecorder()
req2, _ := http.NewRequest("GET", "/private", nil)
req2.Header.Set("Cookie", res1.Header().Get("Set-Cookie"))
m.ServeHTTP(res2, req2)
if res2.Code != 200 {
t.Errorf("Authenticated private response should be 200, was %d", res.Code)
}
res3 := httptest.NewRecorder()
req3, _ := http.NewRequest("GET", "/logout", nil)
req3.Header.Set("Cookie", res2.Header().Get("Set-Cookie"))
m.ServeHTTP(res3, req3)
if res3.Code != 302 {
t.Errorf("Logout response should be 302, was %d", res.Code)
}
res4 := httptest.NewRecorder()
req4, _ := http.NewRequest("GET", "/private", nil)
req4.Header.Set("Cookie", res3.Header().Get("Set-Cookie"))
m.ServeHTTP(res4, req4)
if res4.Code != 302 {
t.Errorf("Unauthenticated private response should be 302, was %d", res.Code)
}
}
func Web() {
var config *app.Configuration
config = app.LoadConfiguration()
fmt.Printf("%s is domain", config.Port)
fmt.Printf("Domain: %s", config.Domain)
m := martini.Classic()
f := []template.FuncMap{
template.FuncMap{
"eq": func(a, b string) bool {
return a == b
},
},
template.FuncMap{
"ne": func(a, b string) bool {
return a != b
},
},
}
//m.Use(render.Renderer())
m.Use(render.Renderer(render.Options{
Directory: "templates", // Specify what path to load the templates from.
Layout: "layout", // Specify a layout template. Layouts can call {{ yield }} to render the current template.
Extensions: []string{".tmpl", ".html"}, // Specify extensions to load for templates.
//Funcs: []template.FuncMap{AppHelpers}, // Specify helper function maps for templates to access.
//Delims: render.Delims{"{[{", "}]}"}, // Sets delimiters to the specified strings.
Charset: "UTF-8", // Sets encoding for json and html content-types.
Funcs: f,
}))
store := sessions.NewCookieStore([]byte(config.CookieSecret))
m.Use(sessions.Sessions("my_session", store))
m.Get("/", func(r render.Render, session sessions.Session) {
type Site struct {
Domain string
VisitCount uint
Env string
BookmarkletURL string
}
BookmarkletURL := "//" + config.Domain + "/javascripts/main.js"
if config.Env == app.PROD {
BookmarkletURL = "//" + config.Domain + "/javascripts/main.js"
}
site := Site{config.Domain, 12, config.Env, BookmarkletURL}
rand := rand.New(rand.NewSource(99))
csrf := fmt.Sprintf("%f", rand.Float64()*1000000)
session.Set("CSRF", csrf)
var msg string
if nil != session.Get("FlashMessage") {
msg = session.Get("FlashMessage").(string)
session.Delete("FlashMessage")
} else {
msg = ""
}
r.HTML(200, "hello", struct {
A, B, CSRF, FlashMessage string
Site Site
}{"Guesis", "bar", csrf, msg, site})
//return "<h1>Hello, world!</h1>"
})
m.Get("/qslider/download", func(r render.Render, session sessions.Session) {
})
m.Post("/qslider/support", func(res http.ResponseWriter, req *http.Request, params martini.Params, session sessions.Session) {
var config *app.Configuration
config = app.LoadConfiguration()
mg_client := mailgun.NewClient(config.MG_API_KEY, config.MG_DOMAIN)
req.ParseForm()
p := req.Form
log.Println(req.Form)
if session.Get("CSRF") == p["csrf"][0] {
message1 := mailgun.Message{
FromName: "QSlider",
FromAddress: "*****@*****.**",
ToAddress: "*****@*****.**",
Subject: "Ticket on qslide.axcoto.com",
Body: "Contact from: " + p["youremail"][0] + " with content: \n<br />" + p["content"][0],
}
fmt.Println("Attempting to send to ", mg_client.Endpoint(message1))
body, err := mg_client.Send(message1)
if err != nil {
fmt.Println("Got an error:", err)
} else {
fmt.Println(body)
session.Set("FlashMessage", "Message sent")
http.Redirect(res, req, "/", 302)
//http.Redirect(res, req, "http://slide.dev", http.StatusTemporaryRedirect)
}
}
})
m.Get("/qslider/tutorial", func(r render.Render) {
})
//m.Run()
cmd := exec.Command("pwd", "> /tmp/101")
//cmd := exec.Command("", "5")
err := cmd.Start()
if err != nil {
log.Fatal(err)
}
log.Printf("Waiting for command to finish...")
err = cmd.Wait()
http.ListenAndServe(fmt.Sprintf(":%s", config.Port), m)
//http.ListenAndServe(":10005", m)
}
func main() {
//Change secret123 to something more secure and store session in backend instead of cookie
store := sessions.NewCookieStore([]byte("secret123"))
dbmap = initDb()
defer dbmap.Db.Close()
err := dbmap.TruncateTables()
checkErr(err, "TruncateTables failed")
u1 := newUser("*****@*****.**", "pass", "Bob", false)
//insert rows
err = dbmap.Insert(&u1)
checkErr(err, "Insert failed")
//create two posts, assign to user 1 above
p1 := newPost("Post 1", "Lorem ipsum lorem ipsum", 1)
p2 := newPost("Post 2", "This is my second post", 1)
// insert rows
err = dbmap.Insert(&p1, &p2)
checkErr(err, "Insert failed")
m := martini.Classic()
m.Use(render.Renderer(render.Options{
Directory: "templates",
Layout: "layout",
Funcs: []template.FuncMap{
{
"formatTime": func(args ...interface{}) string {
t1 := time.Unix(args[0].(int64), 0)
return t1.Format(time.Stamp)
},
},
},
}))
m.Use(sessions.Sessions("my_session", store))
m.Use(sessionauth.SessionUser(GenerateAnonymousUser))
sessionauth.RedirectUrl = "/login"
sessionauth.RedirectParam = "next"
//ROUTES
m.Get("/register", func(r render.Render, user sessionauth.User) {
//redirect to homepage if already authenticated
if user.IsAuthenticated() {
r.Redirect("/")
} else {
r.HTML(200, "register", nil)
}
})
m.Get("/login", func(r render.Render, user sessionauth.User) {
//redirect to homepage if already authenticated
if user.IsAuthenticated() {
r.Redirect("/")
} else {
r.HTML(200, "login", nil)
}
})
m.Post("/login", binding.Form(User{}), func(session sessions.Session, postedUser User, r render.Render, ferr binding.Errors, req *http.Request) {
log.Println(ferr)
//Example of server side error validation for the client side form
if ferr.Count() > 0 {
newmap := map[string]interface{}{"metatitle": "Registration", "errormessage": "Error with Form Submission"}
r.HTML(200, "login", newmap)
} else {
user := User{}
//check login credentails with DataBase
err := dbmap.SelectOne(&user, "SELECT * FROM users WHERE email = ? and password = ?", postedUser.Email, postedUser.Password)
if err != nil {
r.Redirect(sessionauth.RedirectUrl)
return
} else {
err := sessionauth.AuthenticateSession(session, &user)
if err != nil {
r.JSON(500, err)
}
params := req.URL.Query()
redirect := params.Get(sessionauth.RedirectParam)
r.Redirect(redirect)
return
}
}
})
m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
sessionauth.Logout(session, user)
r.Redirect("/")
})
m.Get("/", func(r render.Render, authuser sessionauth.User) {
var posts []Post
_, err = dbmap.Select(&posts, "select * from posts order by post_id")
checkErr(err, "Select failed")
newmap := map[string]interface{}{"metatitle": "HomePage", "authuser": authuser, "posts": posts}
r.HTML(200, "posts", newmap)
})
m.Get("/users", func(r render.Render, authuser sessionauth.User) {
var users []User
_, err = dbmap.Select(&users, "select * from users order by id")
checkErr(err, "Select failed")
newmap := map[string]interface{}{"metatitle": "Users listing", "authuser": authuser, "users": users}
r.HTML(200, "users", newmap)
})
m.Get("/users/:id", sessionauth.LoginRequired, func(args martini.Params, r render.Render, authuser sessionauth.User) {
var user User
err = dbmap.SelectOne(&user, "select * from users where id=?", args["id"])
//simple error check
if err != nil {
newmap := map[string]interface{}{"metatitle": "404 Error", "message": "User not found"}
r.HTML(404, "error", newmap)
} else {
var posts []Post
_, err = dbmap.Select(&posts, "select * from posts where UserId=?", args["id"])
checkErr(err, "Select failed")
newmap := map[string]interface{}{"metatitle": user.Name + " profile page", "authuser": authuser, "user": user, "posts": posts}
r.HTML(200, "user", newmap)
}
})
m.Post("/users", binding.Form(User{}), func(session sessions.Session, user User, ferr binding.Errors, r render.Render) {
//Example of server side error validation for the client side form
if ferr.Count() > 0 {
fmt.Println(ferr)
newmap := map[string]interface{}{"metatitle": "Registration", "errormessage": "Error with Form Submission"}
r.HTML(200, "register", newmap)
} else {
u := newUser(user.Email, user.Password, user.Name, user.authenticated)
err = dbmap.Insert(&u)
checkErr(err, "Insert failed")
//create the session and redirect always to homepage
err := sessionauth.AuthenticateSession(session, &u)
if err != nil {
r.JSON(500, err)
}
r.Redirect("/")
}
})
m.Put("/users/:id", binding.Bind(User{}), func(args martini.Params, user User, r render.Render, authuser sessionauth.User) {
//convert string to int64 so you can match the struct (passing userid via ajax does not work as it comes in as a string)
f, _ := strconv.ParseInt(args["id"], 0, 64)
//only allow the authenticated user to update his user attributes
if authuser.UniqueId() == f {
//specify the user id
user.Id = f
count, err := dbmap.Update(&user)
checkErr(err, "Update failed")
log.Println("Rows updated:", count)
if count == 1 {
newmap := map[string]interface{}{"responseText": "success"}
r.JSON(200, newmap)
} else {
newmap := map[string]interface{}{"responseText": "error"}
r.JSON(400, newmap)
}
} else {
newmap := map[string]interface{}{"responseText": "You are not allowed to update this resource."}
r.JSON(403, newmap)
}
})
m.Delete("/users/:id", func(args martini.Params, r render.Render, authuser sessionauth.User) {
//convert id from string to int64
f, _ := strconv.ParseInt(args["id"], 0, 64)
//only allow the authenticated user to delete him or her
if authuser.UniqueId() == f {
_, err = dbmap.Exec("delete from users where id=?", args["id"])
checkErr(err, "Delete failed")
if err == nil {
newmap := map[string]interface{}{"responseText": "success"}
r.JSON(200, newmap)
//if you delete yourself, Ajax should redirec you
} else {
newmap := map[string]interface{}{"responseText": "error"}
r.JSON(400, newmap)
}
} else {
newmap := map[string]interface{}{"responseText": "You are not allowed to delete this resource."}
r.JSON(403, newmap)
}
})
m.Post("/posts", sessionauth.LoginRequired, binding.Bind(Post{}), func(post Post, r render.Render, authuser sessionauth.User) {
//convert to int64
f := authuser.UniqueId().(int64)
p1 := newPost(post.Title, post.Body, f)
err = dbmap.Insert(&p1)
checkErr(err, "Insert failed")
r.Redirect("/")
})
m.Get("/posts/:id", func(args martini.Params, r render.Render, authuser sessionauth.User) {
var post Post
err = dbmap.SelectOne(&post, "select * from posts where post_id=?", args["id"])
//simple error check
if err != nil {
newmap := map[string]interface{}{"metatitle": "404 Error", "message": "This is not found"}
r.HTML(404, "error", newmap)
} else {
newmap := map[string]interface{}{"metatitle": post.Title + " more custom", "authuser": authuser, "post": post}
r.HTML(200, "post", newmap)
}
})
m.Get("/p/:str", func(args martini.Params, r render.Render, authuser sessionauth.User) {
var post Post
err = dbmap.SelectOne(&post, "select * from posts where url=?", args["str"])
//simple error check
if err != nil {
newmap := map[string]interface{}{"metatitle": "404 Error", "message": "This is not found"}
r.HTML(404, "error", newmap)
} else {
newmap := map[string]interface{}{"metatitle": post.Title + " more custom", "authuser": authuser, "post": post}
r.HTML(200, "post", newmap)
}
})
m.Put("/posts/:id", binding.Bind(Post{}), func(args martini.Params, post Post, r render.Render, authuser sessionauth.User) {
var newTitle = post.Title
var newBody = post.Body
err = dbmap.SelectOne(&post, "select * from posts where post_id=?", args["id"])
//simple database error check
if err != nil {
newmap := map[string]interface{}{"message": "Something went wrong."}
r.JSON(400, newmap)
} else {
//owner check
if authuser.UniqueId() == post.UserId {
post.Title = newTitle
post.Body = newBody
count, err := dbmap.Update(&post)
checkErr(err, "Update failed")
if count == 1 {
newmap := map[string]interface{}{"responseText": "success"}
r.JSON(200, newmap)
} else {
newmap := map[string]interface{}{"responseText": "error"}
r.JSON(400, newmap)
}
} else {
newmap := map[string]interface{}{"responseText": "You are not allowed to modify this resource."}
r.JSON(403, newmap)
}
}
})
m.Delete("/posts/:id", func(args martini.Params, r render.Render, authuser sessionauth.User) {
//retrieve the post to check the real owner
var post Post
err = dbmap.SelectOne(&post, "select * from posts where post_id=?", args["id"])
//simple DB error check
if err != nil {
newmap := map[string]interface{}{"message": "Something went wrong."}
r.JSON(400, newmap)
} else {
//owner check
if authuser.UniqueId() == post.UserId {
//delete it
_, err := dbmap.Delete(&post)
checkErr(err, "Delete failed")
newmap := map[string]interface{}{"responseText": "success"}
r.JSON(200, newmap)
} else {
newmap := map[string]interface{}{"responseText": "You are not allowed to delete this resource."}
r.JSON(403, newmap)
}
}
})
m.Run()
}
func main() {
m := martini.Classic()
store := sessions.NewCookieStore([]byte("battle_answers"))
m.Use(sessions.Sessions("my_battle_answers_session", store))
m.Use(DB())
m.Use(render.Renderer(render.Options{
Directory: "templates",
Layout: "layout",
Funcs: []template.FuncMap{
{
"addInClass": func(args ...interface{}) string {
var i int
var className string
i = args[0].(int)
if i == 0 {
className = " in"
} else {
className = ""
}
return className
},
"addSelected": func(args ...interface{}) string {
var lastGameIdSearched string
selectedString := ""
lastGameIdSearched = args[1].(string)
if args[0] == bson.ObjectIdHex(lastGameIdSearched) {
selectedString = "selected"
}
return selectedString
},
"addActiveClass": func(args ...interface{}) string {
className := ""
for _, path := range args[1:] {
if path == args[0] {
className = "active"
break
}
}
return className
},
},
},
}))
m.Get("/", func(r render.Render, db *mgo.Database, req *http.Request) {
templateData := map[string]interface{}{"metatitle": "Battle Answers", "currentPath": req.URL.Path}
r.HTML(200, "index", templateData)
})
m.Get("/games", controllers.GamesIndex)
m.Get("/games/new", controllers.GamesNew)
m.Post("/games", binding.Form(controllers.GameForm{}), controllers.GamesCreate)
m.Get("/battle_answers", controllers.BattleAnswersIndex)
m.Get("/battle_answers/new", controllers.BattleAnswersNew)
m.Post("/battle_answers", binding.Form(controllers.BattleAnswerForm{}), controllers.BattleAnswersCreate)
m.Get("/search_answers", controllers.SearchAnswersIndex)
m.Get("/search_answers/new", controllers.SearchAnswersNew)
m.Post("/search_answers", binding.Form(controllers.SearchAnswerForm{}), controllers.SearchAnswersCreate)
m.Run()
}
func (s *Server) Init() {
s.readConfig()
store := sessions.NewCookieStore([]byte(s.Config2.Secret))
store.Options(sessions.Options{
Path: "/",
Domain: "",
MaxAge: 86400 * 7,
})
//start Runner...
if s.Config2.Crawl {
runner = &Runner{s}
go runner.Start()
}
cache = NewCache(s.Config2.Cachesize, s.Config2.Cachefree, true)
i404, _ = ioutil.ReadFile("templates/static/images/404.jpg")
m := martini.New()
m.Map(s)
m.Use(martini.Recovery())
m.Use(martini.Static("templates/static"))
m.Use(sessions.Sessions("top-kek", store))
r := martini.NewRouter()
r.Get("/", Auth, func(w http.ResponseWriter, r *http.Request) {
http.ServeFile(w, r, "templates/index.html")
})
r.Get("/db/events/:offset/:tags/:name", Auth, GetReleaseWithTagAndName)
r.Get("/db/event/:checksum/link", Auth, LinkFollow)
r.Get("/db/event/:checksum/image", Auth, ServeImage)
r.Get("/db/event/:checksum/score/:score", Auth, LinkFollow)
r.Get("/log", Auth, func(w http.ResponseWriter, r *http.Request) {
http.ServeFile(w, r, "templates/log.html")
})
r.Get("/log/cache", Auth, func() string {
return fmt.Sprintf("{ \"count\": %v, \"size\": %v }", cache.GetSize(), cache.GetSizeInMb())
})
r.Get("/log/:offset/", Auth, GetLogs)
r.Get("/log/:offset/:level", Auth, GetLogsWithLevel)
r.Post("/log/clearlogs", Auth, func(server *Server) string {
server.LogDB.Exec("drop table log")
server.LogDB.AddTableWithName(mydb.Log{}, "log").SetKeys(true, "Uid")
server.LogDB.CreateTablesIfNotExists()
server.LogDB.Exec("vacuum")
return ""
})
r.Get("/key/:key", func(res http.ResponseWriter, req *http.Request, server *Server, session sessions.Session, parms martini.Params) {
key := parms["key"]
if key == server.Config2.Key {
log.Info("Login success from %v", req.RemoteAddr)
session.Set("login", true)
http.Redirect(res, req, "/", http.StatusFound)
} else {
log.Info("Login fail from %v", req.RemoteAddr)
http.Error(res, "forbidden", http.StatusForbidden)
}
})
m.Action(r.Handle)
log.Info("listening on %v:%v", s.Config2.Host, s.Config2.Port)
http.ListenAndServe(s.Config2.Host+":"+s.Config2.Port, m)
}
