hmn/src/website/routes.go

package website

import (
	"bytes"
	"context"
	"errors"
	"net/http"
	"strings"

	"git.handmade.network/hmn/hmn/src/auth"
	"git.handmade.network/hmn/hmn/src/db"
	"git.handmade.network/hmn/hmn/src/logging"
	"git.handmade.network/hmn/hmn/src/models"
	"git.handmade.network/hmn/hmn/src/oops"
	"git.handmade.network/hmn/hmn/src/templates"
	"github.com/jackc/pgx/v4/pgxpool"
	"github.com/julienschmidt/httprouter"
)

func NewWebsiteRoutes(conn *pgxpool.Pool) http.Handler {
	router := httprouter.New()
	routes := RouteBuilder{
		Router: router,
		BeforeHandlers: []HMNBeforeHandler{
			func(c *RequestContext) (bool, ResponseData) {
				c.Conn = conn
				return true, ResponseData{}
			},
			// TODO: Add a timeout? We don't want routes hanging forever
		},
		AfterHandlers: []HMNAfterHandler{ErrorLoggingHandler},
	}

	routes.POST("/login", Login)
	routes.GET("/logout", Logout)
	routes.ServeFiles("/public/*filepath", http.Dir("public"))

	mainRoutes := routes
	mainRoutes.BeforeHandlers = append(mainRoutes.BeforeHandlers,
		CommonWebsiteDataWrapper,
	)

	mainRoutes.GET("/", func(c *RequestContext) ResponseData {
		if c.CurrentProject.IsHMN() {
			return Index(c)
		} else {
			// TODO: Return the project landing page
			panic("route not implemented")
		}
	})
	mainRoutes.GET("/feed", Feed)
	mainRoutes.GET("/feed/:page", Feed)

	mainRoutes.GET("/assets/project.css", ProjectCSS)

	router.NotFound = mainRoutes.ChainHandlers(FourOhFour)

	adminRoutes := routes
	adminRoutes.BeforeHandlers = append(adminRoutes.BeforeHandlers,
		func(c *RequestContext) (ok bool, res ResponseData) {
			return false, ResponseData{
				StatusCode: http.StatusUnauthorized,
				Body:       bytes.NewBufferString("No one is allowed!\n"),
			}
		},
	)
	adminRoutes.AfterHandlers = append(adminRoutes.AfterHandlers,
		func(c *RequestContext, res ResponseData) ResponseData {
			res.Body.WriteString("Now go away. Sincerely, the after handler.\n")
			return res
		},
	)

	adminRoutes.GET("/admin", func(c *RequestContext) ResponseData {
		return ResponseData{
			Body: bytes.NewBufferString("Here are all the secrets.\n"),
		}
	})

	return router
}

func getBaseData(c *RequestContext) templates.BaseData {
	var templateUser *templates.User
	if c.CurrentUser != nil {
		templateUser = &templates.User{
			Username:    c.CurrentUser.Username,
			Email:       c.CurrentUser.Email,
			IsSuperuser: c.CurrentUser.IsSuperuser,
			IsStaff:     c.CurrentUser.IsStaff,
		}
	}

	return templates.BaseData{
		Project: templates.ProjectToTemplate(c.CurrentProject),
		User:    templateUser,
		Theme:   "dark",
	}
}

func FetchProjectBySlug(ctx context.Context, conn *pgxpool.Pool, slug string) (*models.Project, error) {
	subdomainProjectRow, err := db.QueryOne(ctx, conn, models.Project{}, "SELECT $columns FROM handmade_project WHERE slug = $1", slug)
	if err == nil {
		subdomainProject := subdomainProjectRow.(models.Project)
		return &subdomainProject, nil
	} else if !errors.Is(err, db.ErrNoMatchingRows) {
		return nil, oops.New(err, "failed to get projects by slug")
	}

	defaultProjectRow, err := db.QueryOne(ctx, conn, models.Project{}, "SELECT $columns FROM handmade_project WHERE id = $1", models.HMNProjectID)
	if err != nil {
		if errors.Is(err, db.ErrNoMatchingRows) {
			return nil, oops.New(nil, "default project didn't exist in the database")
		} else {
			return nil, oops.New(err, "failed to get default project")
		}
	}
	defaultProject := defaultProjectRow.(*models.Project)

	return defaultProject, nil
}

func ProjectCSS(c *RequestContext) ResponseData {
	color := c.URL().Query().Get("color")
	if color == "" {
		return ErrorResponse(http.StatusBadRequest, NewSafeError(nil, "You must provide a 'color' parameter.\n"))
	}

	templateData := struct {
		Color string
		Theme string
	}{
		Color: color,
		Theme: "dark",
	}

	var res ResponseData
	res.Headers().Add("Content-Type", "text/css")
	err := res.WriteTemplate("project.css", templateData)
	if err != nil {
		return ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to generate project CSS"))
	}

	return res
}

func FourOhFour(c *RequestContext) ResponseData {
	return ResponseData{
		StatusCode: http.StatusNotFound,
		Body:       bytes.NewBufferString("go away\n"),
	}
}

func ErrorLoggingHandler(c *RequestContext, res ResponseData) ResponseData {
	for _, err := range res.Errors {
		c.Logger.Error().Err(err).Msg("error occurred during request")
	}

	return res
}

func CommonWebsiteDataWrapper(c *RequestContext) (bool, ResponseData) {
	// get project
	{
		slug := ""
		hostParts := strings.SplitN(c.Req.Host, ".", 3)
		if len(hostParts) >= 3 {
			slug = hostParts[0]
		}

		dbProject, err := FetchProjectBySlug(c.Context(), c.Conn, slug)
		if err != nil {
			return false, ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch current project"))
		}

		c.CurrentProject = dbProject
	}

	sessionCookie, err := c.Req.Cookie(auth.SessionCookieName)
	if err == nil {
		user, err := getCurrentUser(c, sessionCookie.Value)
		if err != nil {
			return false, ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to get current user"))
		}

		c.CurrentUser = user
	}
	// http.ErrNoCookie is the only error Cookie ever returns, so no further handling to do here.

	return true, ResponseData{}
}

// Given a session id, fetches user data from the database. Will return nil if
// the user cannot be found, and will only return an error if it's serious.
func getCurrentUser(c *RequestContext, sessionId string) (*models.User, error) {
	session, err := auth.GetSession(c.Context(), c.Conn, sessionId)
	if err != nil {
		if errors.Is(err, auth.ErrNoSession) {
			return nil, nil
		} else {
			return nil, oops.New(err, "failed to get current session")
		}
	}

	userRow, err := db.QueryOne(c.Context(), c.Conn, models.User{}, "SELECT $columns FROM auth_user WHERE username = $1", session.Username)
	if err != nil {
		if errors.Is(err, db.ErrNoMatchingRows) {
			logging.Debug().Str("username", session.Username).Msg("returning no current user for this request because the user for the session couldn't be found")
			return nil, nil // user was deleted or something
		} else {
			return nil, oops.New(err, "failed to get user for session")
		}
	}
	user := userRow.(*models.User)

	return user, nil
}
Start migrating templates 2021-03-14 20:49:58 +00:00			`package website`

			`import (`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`"bytes"`
Start migrating templates 2021-03-14 20:49:58 +00:00			`"context"`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`"errors"`
Start migrating templates 2021-03-14 20:49:58 +00:00			`"net/http"`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`"strings"`
Start migrating templates 2021-03-14 20:49:58 +00:00
Initial implementation of password-checking 2021-03-22 03:07:18 +00:00			`"git.handmade.network/hmn/hmn/src/auth"`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`"git.handmade.network/hmn/hmn/src/db"`
Initial implementation of password-checking 2021-03-22 03:07:18 +00:00			`"git.handmade.network/hmn/hmn/src/logging"`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`"git.handmade.network/hmn/hmn/src/models"`
			`"git.handmade.network/hmn/hmn/src/oops"`
Start migrating templates 2021-03-14 20:49:58 +00:00			`"git.handmade.network/hmn/hmn/src/templates"`
			`"github.com/jackc/pgx/v4/pgxpool"`
			`"github.com/julienschmidt/httprouter"`
			`)`

			`func NewWebsiteRoutes(conn *pgxpool.Pool) http.Handler {`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`router := httprouter.New()`
			`routes := RouteBuilder{`
			`Router: router,`
			`BeforeHandlers: []HMNBeforeHandler{`
			`func(c *RequestContext) (bool, ResponseData) {`
			`c.Conn = conn`
			`return true, ResponseData{}`
			`},`
Some kind of arbitrary checkpoint I am in the middle of: - porting the landing page - making some db changes to help with that - deleting the member and memberextended tables Mainly the last one. Doing so requires us to update all the other tables that currently point at member and memberextended so that the foreign keys will point directly to users. The big thing that we still have yet to do is links, and actually copying data from the member and memberextended tables to users. 2021-04-11 21:46:06 +00:00			`// TODO: Add a timeout? We don't want routes hanging forever`
Initial implementation of password-checking 2021-03-22 03:07:18 +00:00			`},`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`AfterHandlers: []HMNAfterHandler{ErrorLoggingHandler},`
Start migrating templates 2021-03-14 20:49:58 +00:00			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`routes.POST("/login", Login)`
			`routes.GET("/logout", Logout)`
			`routes.ServeFiles("/public/*filepath", http.Dir("public"))`

			`mainRoutes := routes`
			`mainRoutes.BeforeHandlers = append(mainRoutes.BeforeHandlers,`
			`CommonWebsiteDataWrapper,`
			`)`

Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`mainRoutes.GET("/", func(c *RequestContext) ResponseData {`
Make progress on the landing page 2021-04-22 23:02:50 +00:00			`if c.CurrentProject.IsHMN() {`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`return Index(c)`
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`} else {`
			`// TODO: Return the project landing page`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`panic("route not implemented")`
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`}`
			`})`
Get the feed largely complete 2021-04-25 19:33:22 +00:00			`mainRoutes.GET("/feed", Feed)`
			`mainRoutes.GET("/feed/:page", Feed)`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`mainRoutes.GET("/assets/project.css", ProjectCSS)`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`router.NotFound = mainRoutes.ChainHandlers(FourOhFour)`
Initial implementation of password-checking 2021-03-22 03:07:18 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`adminRoutes := routes`
			`adminRoutes.BeforeHandlers = append(adminRoutes.BeforeHandlers,`
			`func(c *RequestContext) (ok bool, res ResponseData) {`
			`return false, ResponseData{`
			`StatusCode: http.StatusUnauthorized,`
			`Body: bytes.NewBufferString("No one is allowed!\n"),`
			`}`
			`},`
			`)`
			`adminRoutes.AfterHandlers = append(adminRoutes.AfterHandlers,`
			`func(c *RequestContext, res ResponseData) ResponseData {`
			`res.Body.WriteString("Now go away. Sincerely, the after handler.\n")`
			`return res`
			`},`
			`)`
Start migrating templates 2021-03-14 20:49:58 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`adminRoutes.GET("/admin", func(c *RequestContext) ResponseData {`
			`return ResponseData{`
			`Body: bytes.NewBufferString("Here are all the secrets.\n"),`
			`}`
			`})`
Get a 404 route working 2021-03-31 04:20:50 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`return router`
Start migrating templates 2021-03-14 20:49:58 +00:00			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`func getBaseData(c *RequestContext) templates.BaseData {`
Get login working 2021-03-27 21:10:11 +00:00			`var templateUser *templates.User`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`if c.CurrentUser != nil {`
Get login working 2021-03-27 21:10:11 +00:00			`templateUser = &templates.User{`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`Username: c.CurrentUser.Username,`
			`Email: c.CurrentUser.Email,`
			`IsSuperuser: c.CurrentUser.IsSuperuser,`
			`IsStaff: c.CurrentUser.IsStaff,`
Get login working 2021-03-27 21:10:11 +00:00			`}`
			`}`

Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`return templates.BaseData{`
Some kind of arbitrary checkpoint I am in the middle of: - porting the landing page - making some db changes to help with that - deleting the member and memberextended tables Mainly the last one. Doing so requires us to update all the other tables that currently point at member and memberextended so that the foreign keys will point directly to users. The big thing that we still have yet to do is links, and actually copying data from the member and memberextended tables to users. 2021-04-11 21:46:06 +00:00			`Project: templates.ProjectToTemplate(c.CurrentProject),`
			`User: templateUser,`
			`Theme: "dark",`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`}`
			`}`

			`func FetchProjectBySlug(ctx context.Context, conn pgxpool.Pool, slug string) (models.Project, error) {`
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`subdomainProjectRow, err := db.QueryOne(ctx, conn, models.Project{}, "SELECT $columns FROM handmade_project WHERE slug = $1", slug)`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`if err == nil {`
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`subdomainProject := subdomainProjectRow.(models.Project)`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`return &subdomainProject, nil`
			`} else if !errors.Is(err, db.ErrNoMatchingRows) {`
			`return nil, oops.New(err, "failed to get projects by slug")`
			`}`

Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`defaultProjectRow, err := db.QueryOne(ctx, conn, models.Project{}, "SELECT $columns FROM handmade_project WHERE id = $1", models.HMNProjectID)`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`if err != nil {`
			`if errors.Is(err, db.ErrNoMatchingRows) {`
			`return nil, oops.New(nil, "default project didn't exist in the database")`
			`} else {`
			`return nil, oops.New(err, "failed to get default project")`
			`}`
			`}`
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`defaultProject := defaultProjectRow.(*models.Project)`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`return defaultProject, nil`
Start migrating templates 2021-03-14 20:49:58 +00:00			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`func ProjectCSS(c *RequestContext) ResponseData {`
Add custom request context thing 2021-03-18 02:14:06 +00:00			`color := c.URL().Query().Get("color")`
Start migrating templates 2021-03-14 20:49:58 +00:00			`if color == "" {`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`return ErrorResponse(http.StatusBadRequest, NewSafeError(nil, "You must provide a 'color' parameter.\n"))`
Start migrating templates 2021-03-14 20:49:58 +00:00			`}`

			`templateData := struct {`
			`Color string`
			`Theme string`
			`}{`
			`Color: color,`
			`Theme: "dark",`
			`}`

Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`var res ResponseData`
			`res.Headers().Add("Content-Type", "text/css")`
			`err := res.WriteTemplate("project.css", templateData)`
Start migrating templates 2021-03-14 20:49:58 +00:00			`if err != nil {`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`return ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to generate project CSS"))`
Start migrating templates 2021-03-14 20:49:58 +00:00			`}`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00
			`return res`
Start migrating templates 2021-03-14 20:49:58 +00:00			`}`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`func FourOhFour(c *RequestContext) ResponseData {`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`return ResponseData{`
			`StatusCode: http.StatusNotFound,`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`Body: bytes.NewBufferString("go away\n"),`
Rework request handling It's a lot simpler now, control flow is easier to work with in handlers, and HMNHandler now natively implements http.Handler, simplifying our 404 setup by completely removing the need for MakeStdHandler. 2021-04-06 03:30:11 +00:00			`}`
Get a 404 route working 2021-03-31 04:20:50 +00:00			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`func ErrorLoggingHandler(c *RequestContext, res ResponseData) ResponseData {`
			`for _, err := range res.Errors {`
			`c.Logger.Error().Err(err).Msg("error occurred during request")`
Initial implementation of password-checking 2021-03-22 03:07:18 +00:00			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`return res`
			`}`
Get login working 2021-03-27 21:10:11 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`func CommonWebsiteDataWrapper(c *RequestContext) (bool, ResponseData) {`
			`// get project`
			`{`
			`slug := ""`
			`hostParts := strings.SplitN(c.Req.Host, ".", 3)`
			`if len(hostParts) >= 3 {`
			`slug = hostParts[0]`
			`}`
Get login working 2021-03-27 21:10:11 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`dbProject, err := FetchProjectBySlug(c.Context(), c.Conn, slug)`
			`if err != nil {`
			`return false, ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch current project"))`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`c.CurrentProject = dbProject`
			`}`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`sessionCookie, err := c.Req.Cookie(auth.SessionCookieName)`
			`if err == nil {`
Remove code references to members 2021-04-17 00:01:13 +00:00			`user, err := getCurrentUser(c, sessionCookie.Value)`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`if err != nil {`
Remove code references to members 2021-04-17 00:01:13 +00:00			`return false, ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to get current user"))`
Get login working 2021-03-27 21:10:11 +00:00			`}`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`c.CurrentUser = user`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`}`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`// http.ErrNoCookie is the only error Cookie ever returns, so no further handling to do here.`

			`return true, ResponseData{}`
Rework DB query stuff, use for projects 2021-03-21 20:38:37 +00:00			`}`
Get login working 2021-03-27 21:10:11 +00:00
Remove code references to members 2021-04-17 00:01:13 +00:00			`// Given a session id, fetches user data from the database. Will return nil if`
			`// the user cannot be found, and will only return an error if it's serious.`
			`func getCurrentUser(c RequestContext, sessionId string) (models.User, error) {`
Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`session, err := auth.GetSession(c.Context(), c.Conn, sessionId)`
Get login working 2021-03-27 21:10:11 +00:00			`if err != nil {`
			`if errors.Is(err, auth.ErrNoSession) {`
			`return nil, nil`
			`} else {`
			`return nil, oops.New(err, "failed to get current session")`
			`}`
			`}`

Further clean up the request handling after talking with Asaf 2021-04-06 05:06:19 +00:00			`userRow, err := db.QueryOne(c.Context(), c.Conn, models.User{}, "SELECT $columns FROM auth_user WHERE username = $1", session.Username)`
Get login working 2021-03-27 21:10:11 +00:00			`if err != nil {`
			`if errors.Is(err, db.ErrNoMatchingRows) {`
			`logging.Debug().Str("username", session.Username).Msg("returning no current user for this request because the user for the session couldn't be found")`
			`return nil, nil // user was deleted or something`
			`} else {`
			`return nil, oops.New(err, "failed to get user for session")`
			`}`
			`}`
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`user := userRow.(*models.User)`
Get login working 2021-03-27 21:10:11 +00:00
Start porting landing page; rework db layer a bit 2021-03-31 03:55:19 +00:00			`return user, nil`
Get login working 2021-03-27 21:10:11 +00:00			`}`