func main() {
mux := http.NewServeMux()
mux.Handle("/", routes.Router())
admin.Admin.MountTo("/admin", mux)
admin.Widgets.WidgetSettingResource.IndexAttrs("Name")
api.API.MountTo("/api", mux)
admin.Filebox.MountTo("/downloads", mux)
for _, path := range []string{"system", "javascripts", "stylesheets", "images"} {
mux.Handle(fmt.Sprintf("/%s/", path), http.FileServer(http.Dir("public")))
}
fmt.Printf("Listening on: %v\n", config.Config.Port)
skipCheck := func(h http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.URL.Path, "/auth") {
r = csrf.UnsafeSkipCheck(r)
}
h.ServeHTTP(w, r)
}
return http.HandlerFunc(fn)
}
handler := csrf.Protect([]byte("3693f371bf91487c99286a777811bd4e"), csrf.Secure(false))(mux)
if err := http.ListenAndServe(fmt.Sprintf(":%d", config.Config.Port), skipCheck(handler)); err != nil {
panic(err)
}
}
func CSRFExceptions(handler http.Handler) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
for _, prefix := range CSRFExemptPrefixes {
if strings.HasPrefix(r.URL.Path, prefix) {
r = csrf.UnsafeSkipCheck(r)
break
}
}
handler.ServeHTTP(w, r)
}
}