owl-blogs/user.go

405 lines
9.5 KiB
Go
Raw Permalink Normal View History

2022-08-03 14:55:48 +00:00
package owl
2022-07-20 17:35:31 +00:00
import (
2022-11-06 15:27:35 +00:00
"crypto/sha256"
"encoding/base64"
2022-07-20 17:35:31 +00:00
"fmt"
2022-08-13 16:47:27 +00:00
"net/url"
2022-07-20 17:35:31 +00:00
"os"
"path"
2022-08-17 19:57:55 +00:00
"sort"
2022-07-20 17:35:31 +00:00
"time"
2022-07-27 19:53:56 +00:00
2022-11-03 19:25:53 +00:00
"golang.org/x/crypto/bcrypt"
2022-07-27 19:53:56 +00:00
"gopkg.in/yaml.v2"
2022-07-20 17:35:31 +00:00
)
type User struct {
2022-08-05 20:04:03 +00:00
repo *Repository
2022-07-20 17:35:31 +00:00
name string
}
2022-07-27 19:53:56 +00:00
type UserConfig struct {
2022-11-01 20:35:47 +00:00
Title string `yaml:"title"`
SubTitle string `yaml:"subtitle"`
HeaderColor string `yaml:"header_color"`
AuthorName string `yaml:"author_name"`
Me []UserMe `yaml:"me"`
2022-11-03 19:25:53 +00:00
PassworHash string `yaml:"password_hash"`
2022-11-01 20:35:47 +00:00
}
type UserMe struct {
Name string `yaml:"name"`
Url string `yaml:"url"`
2022-07-27 19:53:56 +00:00
}
2022-11-05 19:12:23 +00:00
type AuthCode struct {
2022-11-06 15:27:35 +00:00
Code string `yaml:"code"`
ClientId string `yaml:"client_id"`
RedirectUri string `yaml:"redirect_uri"`
CodeChallenge string `yaml:"code_challenge"`
CodeChallengeMethod string `yaml:"code_challenge_method"`
Scope string `yaml:"scope"`
2022-11-06 15:27:35 +00:00
Created time.Time `yaml:"created"`
2022-11-05 19:12:23 +00:00
}
2022-11-06 18:38:27 +00:00
type AccessToken struct {
Token string `yaml:"token"`
Scope string `yaml:"scope"`
ClientId string `yaml:"client_id"`
RedirectUri string `yaml:"redirect_uri"`
Created time.Time `yaml:"created"`
ExpiresIn int `yaml:"expires_in"`
2022-11-06 18:38:27 +00:00
}
2022-07-20 17:35:31 +00:00
func (user User) Dir() string {
2022-07-24 14:19:21 +00:00
return path.Join(user.repo.UsersDir(), user.name)
2022-07-20 17:35:31 +00:00
}
2022-08-03 17:41:13 +00:00
func (user User) UrlPath() string {
return user.repo.UserUrlPath(user)
2022-07-23 15:19:47 +00:00
}
2022-08-13 16:47:27 +00:00
func (user User) FullUrl() string {
url, _ := url.JoinPath(user.repo.FullUrl(), user.UrlPath())
return url
}
2022-11-03 20:22:55 +00:00
func (user User) AuthUrl() string {
if user.Config().PassworHash == "" {
return ""
}
url, _ := url.JoinPath(user.FullUrl(), "auth/")
return url
}
2022-11-06 18:38:27 +00:00
func (user User) TokenUrl() string {
url, _ := url.JoinPath(user.AuthUrl(), "token/")
return url
}
2022-11-07 18:44:10 +00:00
func (user User) IndieauthMetadataUrl() string {
2022-11-07 18:50:13 +00:00
url, _ := url.JoinPath(user.FullUrl(), ".well-known/oauth-authorization-server")
2022-11-07 18:44:10 +00:00
return url
}
2022-08-31 18:20:16 +00:00
func (user User) WebmentionUrl() string {
url, _ := url.JoinPath(user.FullUrl(), "webmention/")
return url
}
2022-11-08 20:22:02 +00:00
func (user User) MicropubUrl() string {
url, _ := url.JoinPath(user.FullUrl(), "micropub/")
return url
}
2022-09-10 13:22:18 +00:00
func (user User) MediaUrl() string {
url, _ := url.JoinPath(user.UrlPath(), "media")
return url
}
2022-07-23 15:19:47 +00:00
func (user User) PostDir() string {
return path.Join(user.Dir(), "public")
}
2022-07-27 19:53:56 +00:00
func (user User) MetaDir() string {
return path.Join(user.Dir(), "meta")
}
2022-09-10 13:22:18 +00:00
func (user User) MediaDir() string {
return path.Join(user.Dir(), "media")
}
2022-07-27 19:53:56 +00:00
func (user User) ConfigFile() string {
return path.Join(user.MetaDir(), "config.yml")
}
2022-11-05 19:12:23 +00:00
func (user User) AuthCodesFile() string {
return path.Join(user.MetaDir(), "auth_codes.yml")
2022-11-05 19:12:23 +00:00
}
2022-11-06 18:38:27 +00:00
func (user User) AccessTokensFile() string {
return path.Join(user.MetaDir(), "access_tokens.yml")
}
2022-07-20 17:35:31 +00:00
func (user User) Name() string {
return user.name
}
2022-09-10 13:22:18 +00:00
func (user User) AvatarUrl() string {
for _, ext := range []string{".jpg", ".jpeg", ".png", ".gif"} {
if fileExists(path.Join(user.MediaDir(), "avatar"+ext)) {
url, _ := url.JoinPath(user.MediaUrl(), "avatar"+ext)
return url
}
}
return ""
}
2022-11-01 20:14:03 +00:00
func (user User) FaviconUrl() string {
for _, ext := range []string{".jpg", ".jpeg", ".png", ".gif", ".ico"} {
if fileExists(path.Join(user.MediaDir(), "favicon"+ext)) {
url, _ := url.JoinPath(user.MediaUrl(), "favicon"+ext)
return url
}
}
return ""
}
2022-08-21 10:27:28 +00:00
func (user User) Posts() ([]*Post, error) {
2022-08-03 16:03:10 +00:00
postFiles := listDir(path.Join(user.Dir(), "public"))
2022-08-21 10:27:28 +00:00
posts := make([]*Post, 0)
2022-07-23 15:19:47 +00:00
for _, id := range postFiles {
2022-08-03 16:03:10 +00:00
// if is a directory and has index.md, add to posts
if dirExists(path.Join(user.Dir(), "public", id)) {
if fileExists(path.Join(user.Dir(), "public", id, "index.md")) {
2022-08-17 19:57:55 +00:00
post, _ := user.GetPost(id)
2022-10-13 19:03:16 +00:00
posts = append(posts, post)
2022-08-03 16:03:10 +00:00
}
2022-07-23 15:19:47 +00:00
}
}
2022-08-17 19:57:55 +00:00
2022-08-20 20:35:51 +00:00
// remove drafts
2022-08-22 06:06:46 +00:00
n := 0
for _, post := range posts {
meta := post.Meta()
2022-08-22 06:06:46 +00:00
if !meta.Draft {
posts[n] = post
n++
2022-08-20 20:35:51 +00:00
}
}
2022-08-22 06:06:46 +00:00
posts = posts[:n]
2022-08-20 20:35:51 +00:00
type PostWithDate struct {
2022-08-21 10:27:28 +00:00
post *Post
date time.Time
}
2022-08-17 19:57:55 +00:00
postDates := make([]PostWithDate, len(posts))
for i, post := range posts {
meta := post.Meta()
2022-09-11 15:25:26 +00:00
postDates[i] = PostWithDate{post: post, date: meta.Date}
}
// sort posts by date
sort.Slice(postDates, func(i, j int) bool {
return postDates[i].date.After(postDates[j].date)
2022-08-17 19:57:55 +00:00
})
for i, post := range postDates {
posts[i] = post.post
}
2022-07-23 15:19:47 +00:00
return posts, nil
2022-07-21 17:44:07 +00:00
}
2022-10-13 19:03:16 +00:00
func (user User) GetPost(id string) (*Post, error) {
// check if posts index.md exists
if !fileExists(path.Join(user.Dir(), "public", id, "index.md")) {
2022-10-13 19:03:16 +00:00
return &Post{}, fmt.Errorf("post %s does not exist", id)
}
2022-08-05 20:04:03 +00:00
post := Post{user: &user, id: id}
// post.loadMeta()
meta := post.Meta()
title := meta.Title
2022-07-21 17:44:07 +00:00
post.title = fmt.Sprint(title)
2022-10-13 19:03:16 +00:00
return &post, nil
2022-07-20 19:12:18 +00:00
}
2022-11-08 20:22:02 +00:00
func (user User) CreateNewPostFull(meta PostMeta, content string) (*Post, error) {
2022-11-19 15:08:48 +00:00
slugHint := meta.Title
if slugHint == "" {
slugHint = "note"
}
folder_name := toDirectoryName(slugHint)
2022-07-20 17:35:31 +00:00
post_dir := path.Join(user.Dir(), "public", folder_name)
// if post already exists, add -n to the end of the name
i := 0
for {
if dirExists(post_dir) {
i++
2022-11-19 15:08:48 +00:00
folder_name = toDirectoryName(fmt.Sprintf("%s-%d", slugHint, i))
2022-07-20 17:35:31 +00:00
post_dir = path.Join(user.Dir(), "public", folder_name)
} else {
break
}
}
2022-11-19 15:08:48 +00:00
post := Post{user: &user, id: folder_name, title: slugHint}
2022-07-21 17:44:07 +00:00
initial_content := ""
initial_content += "---\n"
2022-09-11 15:25:26 +00:00
// write meta
meta_bytes, err := yaml.Marshal(meta)
if err != nil {
2022-10-13 19:03:16 +00:00
return &Post{}, err
2022-09-11 15:25:26 +00:00
}
initial_content += string(meta_bytes)
2022-07-21 17:44:07 +00:00
initial_content += "---\n"
initial_content += "\n"
2022-11-08 20:22:02 +00:00
initial_content += content
2022-07-20 17:35:31 +00:00
// create post file
os.Mkdir(post_dir, 0755)
2022-07-21 17:02:37 +00:00
os.WriteFile(post.ContentFile(), []byte(initial_content), 0644)
2022-08-01 17:50:29 +00:00
// create media dir
os.Mkdir(post.MediaDir(), 0755)
2022-10-13 19:03:16 +00:00
return &post, nil
2022-07-20 17:35:31 +00:00
}
2022-07-21 17:44:07 +00:00
2022-11-08 20:22:02 +00:00
func (user User) CreateNewPost(title string, draft bool) (*Post, error) {
meta := PostMeta{
Title: title,
Date: time.Now(),
Aliases: []string{},
Draft: draft,
}
return user.CreateNewPostFull(meta, title)
}
2022-07-21 17:44:07 +00:00
func (user User) Template() (string, error) {
// load base.html
path := path.Join(user.Dir(), "meta", "base.html")
2022-10-13 19:00:28 +00:00
base_html, err := os.ReadFile(path)
2022-07-21 17:44:07 +00:00
if err != nil {
return "", err
}
return string(base_html), nil
}
2022-07-27 19:53:56 +00:00
2022-11-03 19:25:53 +00:00
func (user User) Config() UserConfig {
meta := UserConfig{}
2022-11-03 19:25:53 +00:00
loadFromYaml(user.ConfigFile(), &meta)
return meta
2022-07-27 19:53:56 +00:00
}
func (user User) SetConfig(new_config UserConfig) error {
return saveToYaml(user.ConfigFile(), new_config)
2022-07-27 19:53:56 +00:00
}
2022-08-06 17:38:13 +00:00
func (user User) PostAliases() (map[string]*Post, error) {
post_aliases := make(map[string]*Post)
posts, err := user.Posts()
if err != nil {
return post_aliases, err
}
2022-08-17 19:57:55 +00:00
for _, post := range posts {
2022-08-06 17:38:13 +00:00
if err != nil {
return post_aliases, err
}
for _, alias := range post.Aliases() {
2022-08-21 10:27:28 +00:00
post_aliases[alias] = post
2022-08-06 17:38:13 +00:00
}
}
return post_aliases, nil
}
2022-11-03 19:25:53 +00:00
func (user User) ResetPassword(password string) error {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 10)
if err != nil {
return err
}
config := user.Config()
config.PassworHash = string(bytes)
return user.SetConfig(config)
}
2022-11-03 19:29:16 +00:00
func (user User) VerifyPassword(password string) bool {
err := bcrypt.CompareHashAndPassword(
[]byte(user.Config().PassworHash), []byte(password),
)
return err == nil
}
2022-11-05 19:12:23 +00:00
func (user User) getAuthCodes() []AuthCode {
codes := make([]AuthCode, 0)
loadFromYaml(user.AuthCodesFile(), &codes)
return codes
}
func (user User) addAuthCode(code AuthCode) error {
codes := user.getAuthCodes()
codes = append(codes, code)
return saveToYaml(user.AuthCodesFile(), codes)
}
2022-11-06 15:27:35 +00:00
func (user User) GenerateAuthCode(
client_id string, redirect_uri string,
code_challenge string, code_challenge_method string,
scope string,
2022-11-06 15:27:35 +00:00
) (string, error) {
2022-11-05 19:12:23 +00:00
// generate code
2022-11-05 20:17:31 +00:00
code := GenerateRandomString(32)
2022-11-05 19:12:23 +00:00
return code, user.addAuthCode(AuthCode{
2022-11-06 15:27:35 +00:00
Code: code,
ClientId: client_id,
RedirectUri: redirect_uri,
CodeChallenge: code_challenge,
CodeChallengeMethod: code_challenge_method,
Scope: scope,
2022-11-06 15:27:35 +00:00
Created: time.Now(),
2022-11-05 19:12:23 +00:00
})
}
2022-11-06 15:27:35 +00:00
func (user User) VerifyAuthCode(
code string, client_id string, redirect_uri string, code_verifier string,
) (bool, AuthCode) {
2022-11-05 19:12:23 +00:00
codes := user.getAuthCodes()
for _, c := range codes {
if c.Code == code && c.ClientId == client_id && c.RedirectUri == redirect_uri {
2022-11-06 15:27:35 +00:00
if c.CodeChallengeMethod == "plain" {
return c.CodeChallenge == code_verifier, c
2022-11-06 15:27:35 +00:00
} else if c.CodeChallengeMethod == "S256" {
// hash code_verifier
hash := sha256.Sum256([]byte(code_verifier))
return c.CodeChallenge == base64.RawURLEncoding.EncodeToString(hash[:]), c
2022-11-06 15:27:35 +00:00
} else if c.CodeChallengeMethod == "" {
2022-11-07 18:53:32 +00:00
// Check age of code
// A maximum lifetime of 10 minutes is recommended ( https://indieauth.spec.indieweb.org/#authorization-response)
if time.Since(c.Created) < 10*time.Minute {
return true, c
}
2022-11-06 15:27:35 +00:00
}
2022-11-05 19:12:23 +00:00
}
}
return false, AuthCode{}
2022-11-05 19:12:23 +00:00
}
2022-11-06 18:38:27 +00:00
func (user User) getAccessTokens() []AccessToken {
codes := make([]AccessToken, 0)
loadFromYaml(user.AccessTokensFile(), &codes)
return codes
}
func (user User) addAccessToken(code AccessToken) error {
codes := user.getAccessTokens()
codes = append(codes, code)
return saveToYaml(user.AccessTokensFile(), codes)
}
func (user User) GenerateAccessToken(authCode AuthCode) (string, int, error) {
2022-11-06 18:38:27 +00:00
// generate code
token := GenerateRandomString(32)
duration := 24 * 60 * 60
return token, duration, user.addAccessToken(AccessToken{
Token: token,
ClientId: authCode.ClientId,
RedirectUri: authCode.RedirectUri,
Scope: authCode.Scope,
ExpiresIn: duration,
Created: time.Now(),
2022-11-06 18:38:27 +00:00
})
}
2022-11-08 20:22:02 +00:00
func (user User) ValidateAccessToken(token string) (bool, AccessToken) {
tokens := user.getAccessTokens()
for _, t := range tokens {
if t.Token == token {
return true, t
}
}
return false, AccessToken{}
}