2021-03-23 08:43:44 +00:00
|
|
|
package goscrobble
|
|
|
|
|
|
|
|
|
|
import (
|
2021-03-24 10:07:46 +00:00
|
|
|
"encoding/json"
|
2021-03-25 05:15:01 +00:00
|
|
|
"errors"
|
2021-03-23 08:43:44 +00:00
|
|
|
"fmt"
|
|
|
|
|
"log"
|
|
|
|
|
"net/http"
|
2021-03-24 03:29:35 +00:00
|
|
|
"os"
|
|
|
|
|
"path/filepath"
|
2021-03-23 08:43:44 +00:00
|
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
|
)
|
|
|
|
|
|
2021-03-24 09:28:05 +00:00
|
|
|
// spaHandler - Handles Single Page Applications (React)
|
2021-03-24 03:29:35 +00:00
|
|
|
type spaHandler struct {
|
|
|
|
|
staticPath string
|
|
|
|
|
indexPath string
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-25 05:15:01 +00:00
|
|
|
type jsonResponse struct {
|
|
|
|
|
Err string `json:"error"`
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-24 09:28:05 +00:00
|
|
|
// HandleRequests - Boot HTTP!
|
2021-03-23 08:43:44 +00:00
|
|
|
func HandleRequests() {
|
2021-03-24 09:28:05 +00:00
|
|
|
// Create a new router
|
2021-03-24 10:07:46 +00:00
|
|
|
r := mux.NewRouter().StrictSlash(true)
|
2021-03-24 03:29:35 +00:00
|
|
|
|
2021-03-24 10:07:46 +00:00
|
|
|
v1 := r.PathPrefix("/api/v1").Subrouter()
|
2021-03-24 03:29:35 +00:00
|
|
|
|
2021-03-25 05:15:01 +00:00
|
|
|
// Static Token for /ingress
|
|
|
|
|
v1.HandleFunc("/ingress/jellyfin", tokenMiddleware(serveEndpoint))
|
2021-03-24 09:28:05 +00:00
|
|
|
|
2021-03-25 05:15:01 +00:00
|
|
|
// JWT Auth
|
|
|
|
|
v1.HandleFunc("/profile/{id}", jwtMiddleware(serveEndpoint))
|
|
|
|
|
|
|
|
|
|
// No Auth
|
2021-03-24 10:07:46 +00:00
|
|
|
v1.HandleFunc("/register", serveEndpoint).Methods("POST")
|
|
|
|
|
v1.HandleFunc("/login", serveEndpoint).Methods("POST")
|
|
|
|
|
v1.HandleFunc("/logout", serveEndpoint).Methods("POST")
|
|
|
|
|
|
2021-03-25 05:15:01 +00:00
|
|
|
// This just prevents it serving frontend stuff over /api
|
2021-03-24 10:07:46 +00:00
|
|
|
r.PathPrefix("/api")
|
2021-03-24 09:28:05 +00:00
|
|
|
|
|
|
|
|
// SERVE FRONTEND - NO AUTH
|
2021-03-24 04:24:53 +00:00
|
|
|
spa := spaHandler{staticPath: "web/build", indexPath: "index.html"}
|
2021-03-24 10:07:46 +00:00
|
|
|
r.PathPrefix("/").Handler(spa)
|
2021-03-24 03:29:35 +00:00
|
|
|
|
2021-03-24 09:28:05 +00:00
|
|
|
// Serve it up!
|
2021-03-24 10:07:46 +00:00
|
|
|
log.Fatal(http.ListenAndServe(":42069", r))
|
2021-03-23 08:43:44 +00:00
|
|
|
}
|
|
|
|
|
|
2021-03-25 05:15:01 +00:00
|
|
|
// MIDDLEWARE
|
|
|
|
|
|
|
|
|
|
// tokenMiddleware - Validates token to a user
|
|
|
|
|
func tokenMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
|
|
|
return func(res http.ResponseWriter, req *http.Request) {
|
|
|
|
|
jr := jsonResponse{
|
|
|
|
|
Err: "Invalid API Token",
|
|
|
|
|
}
|
|
|
|
|
js, _ := json.Marshal(&jr)
|
|
|
|
|
err := errors.New(string(js))
|
|
|
|
|
http.Error(res, err.Error(), http.StatusUnauthorized)
|
|
|
|
|
return
|
|
|
|
|
// next(res, req)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// jwtMiddleware - Validates middleware to a user
|
|
|
|
|
func jwtMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
|
|
|
return func(res http.ResponseWriter, req *http.Request) {
|
|
|
|
|
jr := jsonResponse{
|
|
|
|
|
Err: "Invalid JWT Token",
|
|
|
|
|
}
|
|
|
|
|
js, _ := json.Marshal(&jr)
|
|
|
|
|
err := errors.New(string(js))
|
|
|
|
|
http.Error(res, err.Error(), http.StatusUnauthorized)
|
|
|
|
|
return
|
|
|
|
|
// next(res, req)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ENDPOINT HANDLING
|
|
|
|
|
|
|
|
|
|
// serveEndpoint - API stuffs
|
2021-03-23 08:43:44 +00:00
|
|
|
func serveEndpoint(w http.ResponseWriter, r *http.Request) {
|
2021-03-24 10:07:46 +00:00
|
|
|
var jsonInput map[string]interface{}
|
|
|
|
|
decoder := json.NewDecoder(r.Body)
|
|
|
|
|
err := decoder.Decode(&jsonInput)
|
|
|
|
|
if err != nil {
|
|
|
|
|
// If we can't decode. Lets tell them nicely.
|
|
|
|
|
http.Error(w, "{\"error\":\"Invalid JSON\"}", http.StatusBadRequest)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Lets trick 'em for now ;) ;)
|
2021-03-23 08:43:44 +00:00
|
|
|
fmt.Fprintf(w, "{}")
|
|
|
|
|
}
|
2021-03-24 03:29:35 +00:00
|
|
|
|
2021-03-25 05:15:01 +00:00
|
|
|
// FRONTEND HANDLING
|
|
|
|
|
|
2021-03-24 10:07:46 +00:00
|
|
|
// ServerHTTP - Frontend server
|
2021-03-24 03:29:35 +00:00
|
|
|
func (h spaHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
2021-03-24 09:28:05 +00:00
|
|
|
// Get the absolute path to prevent directory traversal
|
2021-03-24 03:29:35 +00:00
|
|
|
path, err := filepath.Abs(r.URL.Path)
|
|
|
|
|
if err != nil {
|
2021-03-24 09:28:05 +00:00
|
|
|
// If we failed to get the absolute path respond with a 400 bad request and return
|
2021-03-24 03:29:35 +00:00
|
|
|
http.Error(w, err.Error(), http.StatusBadRequest)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// prepend the path with the path to the static directory
|
|
|
|
|
path = filepath.Join(h.staticPath, path)
|
|
|
|
|
|
|
|
|
|
// check whether a file exists at the given path
|
|
|
|
|
_, err = os.Stat(path)
|
|
|
|
|
if os.IsNotExist(err) {
|
|
|
|
|
// file does not exist, serve index.html
|
|
|
|
|
http.ServeFile(w, r, filepath.Join(h.staticPath, h.indexPath))
|
|
|
|
|
return
|
|
|
|
|
} else if err != nil {
|
|
|
|
|
// if we got an error (that wasn't that the file doesn't exist) stating the
|
|
|
|
|
// file, return a 500 internal server error and stop
|
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// otherwise, use http.FileServer to serve the static dir
|
|
|
|
|
http.FileServer(http.Dir(h.staticPath)).ServeHTTP(w, r)
|
|
|
|
|
}
|
