-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathhandlers.go
384 lines (333 loc) · 8.92 KB
/
handlers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
/*
Requests handlers for GoPics.
Copyright (c) 2015, Luca Chiricozzi. All rights reserved.
Released under the MIT License.
http://opensource.org/licenses/MIT
*/
package main
import (
"image"
"image/jpeg"
_ "image/png"
"net/http"
"os"
"path/filepath"
"strings"
"time"
"code.google.com/p/go-uuid/uuid"
"github.com/garyburd/redigo/redis"
"github.com/lucachr/gopics/auth"
"github.com/lucachr/gopics/flash"
"github.com/nfnt/resize"
"golang.org/x/crypto/bcrypt"
)
const (
// Max picture sizes
maxPicBytes = 2097152 // 2MB
maxWidth = 800
maxHeight = 600
)
// appHandler is an handler that takes a Page and returns a pointer to an
// appError.
type appHandler func(http.ResponseWriter, *http.Request, *Page) *appError
func (fn appHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// Check for validation error in the form
msg, err := flash.GetCookie(w, r)
switch {
case err == http.ErrNoCookie: // Do nothing
case err != nil:
err := &appError{
Err: err,
Code: http.StatusBadRequest,
}
httpAppError(w, err)
}
p := new(Page)
p.ValError = msg
httpAppError(w, fn(w, r, p))
}
// redisHandler is a request handler that needs a connection to Redis and
// returns a pointer to an appError.
type redisHandler func(http.ResponseWriter, *http.Request, redis.Conn) *appError
func (fn redisHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
conn := pool.Get()
defer conn.Close()
httpAppError(w, fn(w, r, conn))
}
// login sets an auth cookie with the given username and redirect the
// user to her home page.
func login(w http.ResponseWriter, r *http.Request, username string) *appError {
err := auth.SetCookie(w, keyring, username)
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
http.Redirect(w, r, "/"+username, http.StatusSeeOther)
return nil
}
// handleRegistration handles the registration of a new user to GoPics.
func handleRegistration(w http.ResponseWriter, r *http.Request,
conn redis.Conn) *appError {
// Create a new user an get user's detail from the form
usr := new(User)
usr.Name = r.FormValue("name")
usr.Email = r.FormValue("email")
usr.Password = []byte(r.FormValue("password"))
// Validate the user credentials.
err := usr.validate(conn)
switch err.(type) {
case ErrValidation:
return setFlashAndRedirect(w, r, "/register", err.Error())
case nil: // Do nothing
default:
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// Hash the user password
pass, err := bcrypt.GenerateFromPassword(usr.Password,
bcrypt.DefaultCost)
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
usr.Password = pass
// All right, register the new user.
if err = usr.save(conn); err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
return login(w, r, usr.Name)
}
// handleLogin manages the login of the users
func handleLogin(w http.ResponseWriter, r *http.Request,
conn redis.Conn) *appError {
// Get user credential from Redis
usr, err := redisGetUser(conn, r.FormValue("name"))
switch {
case err == redis.ErrNil:
// The user does not exist.
return setFlashAndRedirect(w, r, "/",
"Invalid username or password.")
case err != nil:
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// Check if the submitted password and the user's one match.
err = bcrypt.CompareHashAndPassword(usr.Password,
[]byte(r.FormValue("password")))
switch {
case err == bcrypt.ErrMismatchedHashAndPassword:
// The passwords don't match
return setFlashAndRedirect(w, r, "/",
"Invalid username or password.")
case err != nil:
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// The credentials are ok, go on with login.
return login(w, r, usr.Name)
}
// handleLogut removes the auth cookie and redirect to
// the root URL.
func handleLogout(w http.ResponseWriter, r *http.Request) {
auth.DelCookie(w)
http.Redirect(w, r, "/", http.StatusSeeOther)
}
// handleRoot manages the app root url, if an index page is required,
// it calls the handleIndex function, otherwise, it calls the
// handleTimeline function handling the path after the root URL
// as an username.
func handleRoot(w http.ResponseWriter, r *http.Request, p *Page) *appError {
path := r.URL.Path[len("/"):]
if path == "" || strings.Contains(path, "index") {
return handleIndex(w, r, p)
}
return handleTimeline(w, r, p, path)
}
// handleIndex manages the index page
func handleIndex(w http.ResponseWriter, r *http.Request, p *Page) *appError {
// Check if an user is logged
username, err := auth.GetCookie(r, keyring)
switch {
case err == http.ErrNoCookie: //Do nothing
case err != nil:
return &appError{
Err: err,
Code: http.StatusBadRequest,
}
case username != "":
// If an user is found, redirect she to her home
http.Redirect(w, r, "/"+username, http.StatusSeeOther)
return nil
}
// Render the index
p.Title = pageTitle + "Welcome!"
return renderTemplate(w, "index", p)
}
// handleRegister manages the sign up page
func handleRegister(w http.ResponseWriter, r *http.Request, p *Page) *appError {
// Display the page
p.Title = pageTitle + "Sign Up"
return renderTemplate(w, "register", p)
}
// handleTimeLine manages the users' timelines
func handleTimeline(w http.ResponseWriter, r *http.Request, p *Page,
username string) *appError {
conn := pool.Get()
defer conn.Close()
// Get user's data from Redis
usr, err := redisGetUser(conn, username)
switch {
case err == redis.ErrNil:
http.NotFound(w, r)
return nil
case err != nil:
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// Create the timeline of the user.
usr.Posts, err = redisGetPosts(conn, userTimeline+usr.Name)
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// If an user is logged, get her name.
logName, err := auth.GetCookie(r, keyring)
if err != nil && err != http.ErrNoCookie {
return &appError{
Err: err,
Code: http.StatusBadRequest,
}
}
// Set the page data and display it
p.Title = pageTitle + username
p.User = usr
p.LoggedUser = logName
return renderTemplate(w, "timeline", p)
}
// handlePost manages posts submission.
func handlePost(w http.ResponseWriter, r *http.Request,
conn redis.Conn) *appError {
var img image.Image
// Get the username from the auth cookie
username, err := auth.GetCookie(r, keyring)
if err != nil {
return &appError{
Err: err,
Code: http.StatusBadRequest,
}
}
// Check the content lenght
switch {
case r.ContentLength == -1:
return &appError{
Err: ErrInvalidLength,
Code: http.StatusLengthRequired,
}
case r.ContentLength > maxPicBytes:
return &appError{
Err: ErrInvalidLength,
Code: http.StatusRequestEntityTooLarge,
}
}
// Read only the first maxPicBytes of the request's body
r.Body = http.MaxBytesReader(w, r.Body, maxPicBytes)
// Try to get the content of the form picture field
f, _, err := r.FormFile("picture")
if err != nil {
return &appError{
Err: err,
Code: http.StatusBadRequest,
}
}
// Try to decode the content of f as an image
src, _, err := image.Decode(f)
if err != nil {
return &appError{
Err: err,
Code: http.StatusUnsupportedMediaType,
}
}
// Get the ratio d of the image
bound := src.Bounds()
x, y := bound.Max.X, bound.Max.Y
d := float32(x) / float32(y)
// Check the image sizes
if x > maxWidth || y > maxHeight {
if x > y {
img = resize.Resize(uint(maxWidth), uint(1/d*maxWidth),
src, resize.Lanczos3)
} else {
img = resize.Resize(uint(d*maxHeight), uint(maxHeight),
src, resize.Lanczos3)
}
} else {
img = resize.Resize(uint(x), uint(y), src, resize.Lanczos3)
}
// The image name is generated as an uuid
picName := uuid.New() + ".jpeg"
path := append(mediaPath, picName)
// Create a new file
dst, err := os.Create(filepath.Join(path...))
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
defer dst.Close()
// Write the image in the file
err = jpeg.Encode(dst, img, nil)
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// Build the post
p := new(Post)
p.Name = picName
p.Text = r.FormValue("text")
p.Time = time.Now().Format(timeLayout)
// Get the author data from Redis
usr, err := redisGetUser(conn, username)
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// Add the author data
p.AuthorName = usr.Name
p.AuthorPicURL = usr.PicURL
// Create the post and add it to the user timeline
conn.Send("MULTI")
conn.Send("HMSET", redisFlat(postTag+p.Name, p)...)
conn.Send("ZADD", userTimeline+usr.Name, unixTimeNow(), p.Name)
_, err = conn.Do("EXEC")
if err != nil {
return &appError{
Err: err,
Code: http.StatusInternalServerError,
}
}
// All right, redirect to the home.
http.Redirect(w, r, "/"+usr.Name, http.StatusSeeOther)
return nil
}