384 lines
15 KiB
Go
384 lines
15 KiB
Go
////////////////////////
|
|
// //
|
|
// Indigo //
|
|
// The Miiverse clone //
|
|
// that will end all //
|
|
// other Miiverse //
|
|
// clones, for real //
|
|
// this time. //
|
|
// //
|
|
// Lead Devs: PF2M, //
|
|
// Seth/EnergeticBark //
|
|
// //
|
|
// Developers: Ben, //
|
|
// triangles.py, jod, //
|
|
// & Chance/SRGNation //
|
|
// //
|
|
// Artwork: Spicy & //
|
|
// Inverse & Gnarly //
|
|
// //
|
|
// Marketing: Pip //
|
|
// //
|
|
// Testing: Mippy ♥ //
|
|
// //
|
|
// https://github.com //
|
|
// /PF2M/Indigo //
|
|
// //
|
|
////////////////////////
|
|
|
|
package main
|
|
|
|
// Import dependencies.
|
|
import (
|
|
// Internals
|
|
"database/sql"
|
|
"encoding/json"
|
|
"html/template"
|
|
"log"
|
|
"net"
|
|
"net/http"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
// "user" is already defined in types
|
|
osUser "os/user"
|
|
"strconv"
|
|
|
|
"regexp"
|
|
|
|
// Externals
|
|
"github.com/NYTimes/gziphandler"
|
|
_ "github.com/go-sql-driver/mysql"
|
|
"github.com/gorilla/csrf"
|
|
"github.com/gorilla/mux"
|
|
"github.com/gorilla/websocket"
|
|
"github.com/oschwald/geoip2-golang"
|
|
"github.com/russross/blackfriday/v2"
|
|
)
|
|
|
|
// Initialize some variables.
|
|
var db *sql.DB
|
|
var err error
|
|
var clients = make(map[*websocket.Conn]*wsSession)
|
|
var settings config
|
|
var admin adminConfig
|
|
var youtube *regexp.Regexp
|
|
var spotify *regexp.Regexp
|
|
var soundcloud *regexp.Regexp
|
|
var symbols *regexp.Regexp
|
|
var emotes *regexp.Regexp
|
|
var renderer *blackfriday.HTMLRenderer
|
|
var geoip *geoip2.Reader
|
|
var isGeoIPEnabled bool
|
|
|
|
// Configure the upgrader.
|
|
var upgrader = websocket.Upgrader{
|
|
CheckOrigin: func(r *http.Request) bool {
|
|
// Todo: Add to this if necessary
|
|
return true
|
|
},
|
|
EnableCompression: true,
|
|
}
|
|
|
|
// Define the templates.
|
|
var templates *template.Template
|
|
|
|
// Redirect HTTP requests to HTTPS if properly configured.
|
|
func redirect(w http.ResponseWriter, r *http.Request) {
|
|
http.Redirect(w, r, "https://"+r.Host+r.URL.Path, http.StatusTemporaryRedirect)
|
|
}
|
|
|
|
// Now let's start the main function!
|
|
func main() {
|
|
// Fetch the site's settings from JSON files.
|
|
settings = getSettings()
|
|
adminJSON, err := os.ReadFile("admin.json")
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
err = json.Unmarshal(adminJSON, &admin)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
// Connect to the database.
|
|
db, err = sql.Open("mysql", settings.DB.Username+":"+settings.DB.Password+"@tcp("+settings.DB.Host+")/"+settings.DB.Name+"?parseTime=true&loc=US%2FEastern&charset=utf8mb4,utf8")
|
|
if err != nil {
|
|
log.Printf("[err]: unable to connect to the database...\n")
|
|
log.Printf(" %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Ping the database to make sure we connected properly.
|
|
err = db.Ping()
|
|
if err != nil {
|
|
log.Printf("[err]: unable to ping the database...\n")
|
|
log.Printf(" %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
_, err = db.Exec("SET CHARACTER SET utf8mb4")
|
|
if err != nil {
|
|
log.Printf("[err]: unable to set the character set...\n")
|
|
log.Printf(" %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
_, err = db.Exec("SET collation_connection = utf8mb4_bin")
|
|
if err != nil {
|
|
log.Printf("[err]: unable to set the connection collation...\n")
|
|
log.Printf(" %v\n", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Initialize some regex.
|
|
youtube, _ = regexp.Compile("(?:youtube\\.com/\\S*(?:(?:/e(?:mbed))?/|watch/?\\?(?:\\S*?&?v=))|youtu\\.be/)([a-zA-Z0-9_-]{6,11})")
|
|
spotify, _ = regexp.Compile("(?:embed\\.|open\\.)(?:spotify\\.com/)(?:track/|\\?uri=spotify:track:)((\\w|-){22})")
|
|
soundcloud, _ = regexp.Compile("(soundcloud\\.com|snd\\.sc)(.*)")
|
|
symbols, _ = regexp.Compile("(\\|\\\\|`|\\*|{|}|\\[|\\](|)|\\+|-|!|_|>|\\n|&|:|<)")
|
|
emotes, err = regexp.Compile(":([^ :]+):")
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
// Initialize Markdown renderer.
|
|
renderer = blackfriday.NewHTMLRenderer(blackfriday.HTMLRendererParameters{
|
|
Flags: 2 | 4 | 128,
|
|
})
|
|
|
|
// Initialize GeoIP if a database is present.
|
|
isGeoIPEnabled = false
|
|
if _, err = os.Stat("geoip.mmdb"); err == nil {
|
|
geoip, err = geoip2.Open("geoip.mmdb")
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
defer geoip.Close()
|
|
isGeoIPEnabled = true
|
|
}
|
|
|
|
// Wipe the online statuses of all the users and delete all session keys (necessary after crashes, shutdowns, etc.)
|
|
db.QueryRow("UPDATE users SET online = 0").Scan()
|
|
db.QueryRow("TRUNCATE TABLE sessions").Scan()
|
|
|
|
// Close the database connection after this function exits.
|
|
defer db.Close()
|
|
|
|
// initialize the templates by parsing everything from the views directory recursively
|
|
var tmplFiles []string
|
|
err = filepath.Walk("views", func(path string, info os.FileInfo, err error) error {
|
|
if err != nil {
|
|
return err
|
|
}
|
|
// exclude non-html files
|
|
if !info.IsDir() && filepath.Ext(path) == ".html" {
|
|
// feel free to instead make this directly build the template
|
|
tmplFiles = append(tmplFiles, path)
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
log.Fatal("could not add or find templates (they are stored in views, is this accessible?): ", err)
|
|
}
|
|
|
|
templates = template.Must(template.ParseFiles(tmplFiles...))
|
|
|
|
// make the directory for the local image provider if it doesn't exist
|
|
if settings.ImageHost.Provider == "local" {
|
|
// check if the error is specifically os.IsNotExist
|
|
if _, err := os.Stat(settings.ImageHost.ImageEndpoint); os.IsNotExist(err) {
|
|
// should make it in this working directory
|
|
err = os.MkdirAll(settings.ImageHost.ImageEndpoint, 0755)
|
|
if err != nil {
|
|
log.Println("could not make \""+settings.ImageHost.ImageEndpoint+"\" directory for local image host:", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
// Set up CSRF.
|
|
CSRF := csrf.Protect([]byte(settings.CSRFSecret), csrf.FieldName("csrfmiddlewaretoken"), csrf.Path("/"), csrf.Secure(settings.SSL.Enabled))
|
|
|
|
// Initialize routes.
|
|
r := mux.NewRouter()
|
|
|
|
// functions that don't useLogin or requireLogin,
|
|
// they don't necessarily not access the user
|
|
// but just do it independently, not utilizing the CurrentUser
|
|
|
|
// Index route.
|
|
r.HandleFunc("/", useLogin(index)).Methods("GET")
|
|
|
|
// Auth routes.
|
|
r.HandleFunc("/signup", signup).Methods("GET", "POST")
|
|
r.HandleFunc("/login", login).Methods("GET", "POST")
|
|
r.HandleFunc("/logout", logout).Methods("POST")
|
|
r.HandleFunc("/reset", useLogin(resetPassword)).Methods("GET", "POST").Queries("token", "{token}")
|
|
r.HandleFunc("/reset", useLogin(showResetPassword)).Methods("GET", "POST")
|
|
|
|
// User routes.
|
|
r.HandleFunc("/users", requireLogin(showUserSearch)).Methods("GET").Queries("query", "{username}")
|
|
r.HandleFunc("/users/{username}", useLogin(showUser)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/posts", useLogin(showUserPosts)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/comments", useLogin(showUserComments)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/yeahs", useLogin(showUserYeahs)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/friends", useLogin(showFriends)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/following", useLogin(showFollowing)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/followers", useLogin(showFollowers)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/favorites", useLogin(showFavorites)).Methods("GET")
|
|
r.HandleFunc("/users/{username}/friend_new", requireLogin(newFriendRequest)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/friend_accept", requireLogin(acceptFriendRequest)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/friend_reject", requireLogin(rejectFriendRequest)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/friend_cancel", requireLogin(cancelFriendRequest)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/friend_delete", requireLogin(deleteFriend)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/follow", requireLogin(createFollow)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/unfollow", requireLogin(deleteFollow)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/violators", requireLogin(reportUser)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/block", requireLogin(blockUser)).Methods("POST")
|
|
r.HandleFunc("/users/{username}/unblock", requireLogin(unblockUser)).Methods("POST")
|
|
|
|
// Post routes.
|
|
r.HandleFunc("/posts/{id:[0-9]+}", useLogin(showPost)).Methods("GET")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/yeah", requireLogin(createPostYeah)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/yeahu", requireLogin(deletePostYeah)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/comments", useLogin(showAllComments)).Methods("GET")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/comments", requireLogin(createComment)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/favorite", requireLogin(favoritePost)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/unfavorite", requireLogin(unfavoritePost)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/violations", requireLogin(reportPost)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/vote", requireLogin(voteOnPoll)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/edit", requireLogin(editPost)).Methods("POST")
|
|
r.HandleFunc("/posts/{id:[0-9]+}/delete", requireLogin(deletePost)).Methods("POST")
|
|
|
|
// Comment routes.
|
|
r.HandleFunc("/comments/{id:[0-9]+}", useLogin(showComment)).Methods("GET")
|
|
r.HandleFunc("/comments/{id:[0-9]+}/yeah", requireLogin(createCommentYeah)).Methods("POST")
|
|
r.HandleFunc("/comments/{id:[0-9]+}/yeahu", requireLogin(deleteCommentYeah)).Methods("POST")
|
|
r.HandleFunc("/comments/{id:[0-9]+}/violations", requireLogin(reportComment)).Methods("POST")
|
|
r.HandleFunc("/comments/{id:[0-9]+}/edit", requireLogin(editComment)).Methods("POST")
|
|
r.HandleFunc("/comments/{id:[0-9]+}/delete", requireLogin(deleteComment)).Methods("POST")
|
|
|
|
// Community routes.
|
|
r.HandleFunc("/communities/all", useLogin(showAllCommunities)).Methods("GET")
|
|
r.HandleFunc("/communities/recent", requireLogin(showRecentCommunities)).Methods("GET")
|
|
r.HandleFunc("/communities/search", useLogin(showCommunitySearch)).Methods("GET").Queries("query", "{search}")
|
|
r.HandleFunc("/communities/{id:[0-9]+}", useLogin(showCommunity)).Methods("GET")
|
|
r.HandleFunc("/communities/{id:[0-9]+}/hot", useLogin(showPopularPosts)).Methods("GET")
|
|
r.HandleFunc("/communities/{id:[0-9]+}/posts", requireLogin(createPost)).Methods("POST")
|
|
r.HandleFunc("/communities/{id:[0-9]+}/favorite", requireLogin(addCommunityFavorite)).Methods("POST")
|
|
r.HandleFunc("/communities/{id:[0-9]+}/unfavorite", requireLogin(deleteCommunityFavorite)).Methods("POST")
|
|
|
|
// Activiy Feed route.
|
|
r.HandleFunc("/activity", requireLogin(showActivityFeed)).Methods("GET")
|
|
|
|
// Message routes.
|
|
r.HandleFunc("/messages", requireLogin(showMessages)).Methods("GET")
|
|
r.HandleFunc("/messages", requireLogin(sendMessage)).Methods("POST")
|
|
r.HandleFunc("/messages/{id:[0-9]+}/delete", requireLogin(deleteMessage)).Methods("POST")
|
|
r.HandleFunc("/messages/{username}", requireLogin(showConversation)).Methods("GET")
|
|
r.HandleFunc("/conversations/{id:[0-9]+}", requireLogin(showGroupChat)).Methods("GET")
|
|
r.HandleFunc("/conversations/create", requireLogin(showCreateGroupChat)).Methods("GET")
|
|
r.HandleFunc("/conversations/create", requireLogin(createGroupChat)).Methods("POST")
|
|
r.HandleFunc("/conversations/{id:[0-9]+}/edit", requireLogin(showEditGroupChat)).Methods("GET")
|
|
r.HandleFunc("/conversations/{id:[0-9]+}/edit", requireLogin(editGroupChat)).Methods("POST")
|
|
r.HandleFunc("/conversations/{id:[0-9]+}/leave", requireLogin(leaveGroupChat)).Methods("POST")
|
|
r.HandleFunc("/conversations/{id:[0-9]+}/delete", requireLogin(deleteGroupChat)).Methods("POST")
|
|
|
|
// Notification routes.
|
|
r.HandleFunc("/check_update.json", requireLogin(getNotificationCounts)).Methods("GET")
|
|
r.HandleFunc("/notifications", requireLogin(showNotifications)).Methods("GET")
|
|
r.HandleFunc("/notifications/friend_requests", requireLogin(showFriendRequests)).Methods("GET")
|
|
|
|
// Settings routes.
|
|
r.HandleFunc("/settings/profile", requireLogin(showProfileSettings)).Methods("GET")
|
|
r.HandleFunc("/settings/profile", requireLogin(editProfileSettings)).Methods("POST")
|
|
r.HandleFunc("/region", requireLogin(getRegion)).Methods("POST")
|
|
r.HandleFunc("/miis", getMii).Methods("POST")
|
|
r.HandleFunc("/migrate/{id:[0-9]+}", requireLogin(migratePosts)).Methods("POST")
|
|
r.HandleFunc("/rollback/{id:[0-9]+}", requireLogin(rollbackImport)).Methods("POST")
|
|
r.HandleFunc("/settings/account", requireLogin(showAccountSettings)).Methods("GET")
|
|
r.HandleFunc("/settings/account", requireLogin(editAccountSettings)).Methods("POST")
|
|
r.HandleFunc("/blocked", requireLogin(showBlocked)).Methods("GET")
|
|
|
|
// Help page routes.
|
|
r.HandleFunc("/help/rules", useLogin(showRulesPage)).Methods("GET")
|
|
r.HandleFunc("/help/faq", useLogin(showFAQPage)).Methods("GET")
|
|
r.HandleFunc("/help/legal", useLogin(showLegalPage)).Methods("GET")
|
|
r.HandleFunc("/help/contact", useLogin(showContactPage)).Methods("GET")
|
|
|
|
// Image upload route.
|
|
r.HandleFunc("/upload", uploadImage).Methods("POST")
|
|
|
|
// Admin routes.
|
|
r.HandleFunc("/admin", requireLogin(showAdminDashboard)).Methods("GET")
|
|
r.HandleFunc("/reports/{id:[0-9]+}/ignore", requireLogin(reportIgnore)).Methods("POST")
|
|
r.HandleFunc("/admin/manage", requireLogin(showAdminManagerList)).Methods("GET")
|
|
r.HandleFunc("/admin/manage/bantemp", requireLogin(adminBanUser)).Methods("POST")
|
|
r.HandleFunc("/admin/manage/unbantemp", requireLogin(adminUnbanUser)).Methods("POST")
|
|
//r.HandleFunc("/admin/manage/{table}", requireLogin(showAdminManager)).Methods("GET")
|
|
//r.HandleFunc("/admin/manage/{table}/{id:[0-9]+}", requireLogin(showAdminEditor)).Methods("GET", "POST")
|
|
r.HandleFunc("/admin/settings", requireLogin(showAdminSettings)).Methods("GET", "POST")
|
|
r.HandleFunc("/admin/audit_log", requireLogin(showAdminAuditLog)).Methods("GET")
|
|
|
|
// Websocket route.
|
|
r.HandleFunc("/ws", requireLogin(handleConnections)).Methods("GET")
|
|
|
|
// Add a 404 page.
|
|
r.NotFoundHandler = useLogin(handle404)
|
|
|
|
// Serve static assets.
|
|
r.PathPrefix("/assets/").Handler(http.StripPrefix("/assets/", http.FileServer(http.Dir("assets"))))
|
|
// serve images as /images even though this can be changed
|
|
r.PathPrefix("/images/").Handler(http.StripPrefix("/images/", http.FileServer(http.Dir("images"))))
|
|
|
|
if !settings.CSRFProtectDisable {
|
|
r.Use(CSRF)
|
|
}
|
|
if settings.GzipEnabled {
|
|
r.Use(gziphandler.GzipHandler)
|
|
}
|
|
|
|
// Tell the http server to handle routing with the router we just made.
|
|
http.Handle("/", r)
|
|
// Tell the person who started this that we are starting the server.
|
|
log.Printf("listening on " + settings.Port)
|
|
|
|
// Start the server.
|
|
if settings.ListenSocket {
|
|
// remove tha socket first or else
|
|
os.Remove(settings.Port)
|
|
|
|
unixListener, err := net.Listen("unix", settings.Port)
|
|
if err != nil {
|
|
log.Fatal("cannot listen on unix socket: ", err)
|
|
}
|
|
|
|
// set socket owner but only if the value is not blank
|
|
if settings.SocketOwner != "" {
|
|
socketUser, err := osUser.Lookup(settings.SocketOwner)
|
|
if err != nil {
|
|
log.Fatal("could not look up user so that we can change the owner of the unix socket so that we can listen on it:\n", err)
|
|
}
|
|
// should probably handle errors here
|
|
uidInt, _ := strconv.Atoi(socketUser.Uid)
|
|
gidInt, _ := strconv.Atoi(socketUser.Gid)
|
|
err = os.Chown(settings.Port, uidInt, gidInt)
|
|
if err != nil {
|
|
log.Fatal("could not change socket owner", err)
|
|
}
|
|
}
|
|
|
|
err = http.Serve(unixListener, nil) // Just serve HTTP requests.
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
} else {
|
|
if settings.SSL.Enabled && settings.Port != ":80" {
|
|
go http.ListenAndServe(":80", http.HandlerFunc(redirect)) // Redirect HTTP requests to the HTTPS site.
|
|
err = http.ListenAndServeTLS(settings.Port, settings.SSL.Certificate, settings.SSL.Key, nil)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
} else {
|
|
log.Fatal(http.ListenAndServe(settings.Port, nil))
|
|
}
|
|
}
|
|
}
|