func Recovery(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc) { defer func() { if rec := recover(); rec != nil { log.Printf("error: %#v", rec) eye.Handle404(rw, r) } }() next(rw, r) }
func main() { mux := routes.New() mux.Get("/", func(rw http.ResponseWriter, r *http.Request) { var images []string rows, err := Db.DB().Query("SELECT uuid FROM images WHERE deleted_at IS NULL ORDER BY id DESC LIMIT 18") if err != nil { eye.HandleError(rw, r, err) return } defer rows.Close() for rows.Next() { var name string if err := rows.Scan(&name); err != nil { eye.HandleError(rw, r, err) return } images = append(images, name) } eye.DoTemplate("index", rw, r, images) }) mux.Get("/login", func(rw http.ResponseWriter, r *http.Request) { tok := csrf.SetToken(r) eye.DoTemplate("users/login", rw, r, tok) }) mux.Post("/login", func(rw http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { panic(err) } sess := sessions.GetSession(r) tok := r.PostForm.Get("token") if !csrf.CheckToken(tok, r) { eye.HandleError(rw, r, errors.New("Invalid CSRF token")) return } user, err := models.Login(r.PostForm) if err != nil { if err == models.ErrBadPassword { err = errors.New("invalid password") } eye.HandleError(rw, r, err) return } sess.Set("uid", user.UUID) sess.AddFlash("Welcome, " + user.DisplayName) http.Redirect(rw, r, "/", http.StatusMovedPermanently) }) mux.Get("/logout", func(rw http.ResponseWriter, r *http.Request) { sess := sessions.GetSession(r) sess.Clear() sess.AddFlash("You are no longer logged in.") http.Redirect(rw, r, "/", http.StatusMovedPermanently) }) mux.Get("/register", func(rw http.ResponseWriter, r *http.Request) { tok := csrf.SetToken(r) eye.DoTemplate("users/register", rw, r, tok) }) mux.Post("/register", func(rw http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { panic(err) } sess := sessions.GetSession(r) tok := r.PostForm.Get("token") if !csrf.CheckToken(tok, r) { eye.HandleError(rw, r, errors.New("Invalid CSRF token")) return } u, err := models.NewUser(r.PostForm) if err != nil { eye.HandleError(rw, r, err) } sess.Set("uid", u.UUID) sess.AddFlash("Welcome, " + u.DisplayName) http.Redirect(rw, r, "/", http.StatusMovedPermanently) }) mux.Get("/images/upload", func(rw http.ResponseWriter, r *http.Request) { if r.Header.Get("x-sb-uid") != "" { tok := csrf.SetToken(r) eye.DoTemplate("images/upload", rw, r, tok) } else { s := sessions.GetSession(r) s.AddFlash("You need to be logged in to do that") } }) mux.Post("/images/upload", func(rw http.ResponseWriter, r *http.Request) { err := r.ParseMultipartForm(10000000) // 10 MB if err != nil { eye.HandleError(rw, r, err) return } user := context.Get(r, "user").(*models.User) i, err := models.NewImage(r, user) if err != nil { eye.HandleError(rw, r, err) return } http.Redirect(rw, r, "/images/"+i.UUID, 301) }) mux.Get("/images/:id", func(rw http.ResponseWriter, r *http.Request) { params := r.URL.Query() imgID := params.Get(":id") if len(imgID) != 36 { eye.Handle404(rw, r) return } img := &models.Image{} q := Db.Where("uuid = ?", imgID).First(img) if q.Error != nil { eye.HandleError(rw, r, q.Error) return } user := &models.User{} q = Db.Where("id = ?", img.PosterID).First(user) if q.Error != nil { eye.HandleError(rw, r, q.Error) return } eye.DoTemplate("images/view", rw, r, struct { Image *models.Image User *models.User }{ Image: img, User: user, }) }) mux.Get("/images/:id/delete", func(rw http.ResponseWriter, r *http.Request) { params := r.URL.Query() imgID := params.Get(":id") if len(imgID) != 36 { eye.Handle404(rw, r) return } user := context.Get(r, "user").(*models.User) img := &models.Image{} q := Db.Where("uuid = ?", imgID).First(img) if q.Error != nil { eye.HandleError(rw, r, q.Error) return } s := sessions.GetSession(r) // TODO: *User.Can("textrole") if eye.Can(user.Role, "canhide") { Db.Delete(img) s.AddFlash("Deleted image " + img.UUID) } else { s.AddFlash("You do not have the deletion permission.") } http.Redirect(rw, r, "/", 301) }) // Test code goes here if Config.Site.Testing { mux.Get("/____error____", func(rw http.ResponseWriter, r *http.Request) { eye.HandleError(rw, r, errors.New("test error")) }) } n := negroni.Classic() n.Use(sessions.Sessions("stevenbooru", CookieStore)) n.UseFunc(mcontext.ClearContextOnExit) n.UseFunc(recovery.Recovery) n.Use(&users.Middleware{}) middleware.Inject(n) n.UseHandler(mux) n.Run(fmt.Sprintf("%s:%s", Config.HTTP.Bindhost, Config.HTTP.Port)) }