taskcafe/internal/route/route.go

package route

import (
	"net/http"
	"time"

	"github.com/go-chi/chi"
	"github.com/go-chi/chi/middleware"
	"github.com/go-chi/cors"
	"github.com/jmoiron/sqlx"
	log "github.com/sirupsen/logrus"

	"os"
	"path/filepath"

	"github.com/jordanknott/taskcafe/internal/db"
	"github.com/jordanknott/taskcafe/internal/frontend"
	"github.com/jordanknott/taskcafe/internal/graph"
	"github.com/jordanknott/taskcafe/internal/logger"
	"github.com/jordanknott/taskcafe/internal/utils"
)

// FrontendHandler serves an embed React client through chi
type FrontendHandler struct {
	staticPath string
	indexPath  string
}

// IsDir checks if the given file is a directory
func IsDir(f http.File) bool {
	fi, err := f.Stat()
	if err != nil {
		return false
	}
	return fi.IsDir()
}

// ServeHTTP attempts to serve a requested file for the embedded React client
func (h FrontendHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	path, err := filepath.Abs(r.URL.Path)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	f, err := frontend.Frontend.Open(path)
	if os.IsNotExist(err) || IsDir(f) {
		index, err := frontend.Frontend.Open("index.html")
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		http.ServeContent(w, r, "index.html", time.Now(), index)
		return
	} else if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}
	http.ServeContent(w, r, path, time.Now(), f)
}

// TaskcafeHandler contains all the route handlers
type TaskcafeHandler struct {
	repo           db.Repository
	SecurityConfig utils.SecurityConfig
}

// NewRouter creates a new router for chi
func NewRouter(dbConnection *sqlx.DB, emailConfig utils.EmailConfig, securityConfig utils.SecurityConfig) (chi.Router, error) {
	formatter := new(log.TextFormatter)
	formatter.TimestampFormat = "02-01-2006 15:04:05"
	formatter.FullTimestamp = true

	routerLogger := log.New()
	routerLogger.SetLevel(log.InfoLevel)
	routerLogger.Formatter = formatter
	r := chi.NewRouter()
	r.Use(middleware.RequestID)
	r.Use(middleware.RealIP)
	r.Use(logger.NewStructuredLogger(routerLogger))
	r.Use(middleware.Recoverer)
	r.Use(middleware.Timeout(60 * time.Second))

	r.Use(cors.Handler(cors.Options{
		// AllowedOrigins:   []string{"https://foo.com"}, // Use this to allow specific origin hosts
		AllowedOrigins: []string{"https://*", "http://*"},
		// AllowOriginFunc:  func(r *http.Request, origin string) bool { return true },
		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
		AllowedHeaders:   []string{"Accept", "Authorization", "Cookie", "Content-Type", "X-CSRF-Token"},
		ExposedHeaders:   []string{"Link"},
		AllowCredentials: true,
		MaxAge:           300, // Maximum value not ignored by any of major browsers
	}))

	repository := db.NewRepository(dbConnection)
	taskcafeHandler := TaskcafeHandler{*repository, securityConfig}

	var imgServer = http.FileServer(http.Dir("./uploads/"))
	r.Group(func(mux chi.Router) {
		mux.Mount("/auth", authResource{}.Routes(taskcafeHandler))
		mux.Handle("/__graphql", graph.NewPlaygroundHandler("/graphql"))
		mux.Mount("/uploads/", http.StripPrefix("/uploads/", imgServer))
		mux.Post("/auth/confirm", taskcafeHandler.ConfirmUser)
		mux.Post("/auth/register", taskcafeHandler.RegisterUser)
	})
	auth := AuthenticationMiddleware{*repository}
	r.Group(func(mux chi.Router) {
		mux.Use(auth.Middleware)
		mux.Post("/users/me/avatar", taskcafeHandler.ProfileImageUpload)
		mux.Handle("/graphql", graph.NewHandler(*repository, emailConfig))
	})

	frontend := FrontendHandler{staticPath: "build", indexPath: "index.html"}
	r.Handle("/*", frontend)

	return r, nil
}
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`package route`

			`import (`
			`"net/http"`
			`"time"`

			`"github.com/go-chi/chi"`
			`"github.com/go-chi/chi/middleware"`
refactor: replace refresh & access token with auth token only changes authentication to no longer use a refresh token & access token for accessing protected endpoints. Instead only an auth token is used. Before the login flow was: Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) -> protected endpoint request (attach access token as Authorization header) -> access token expires in 15 minutes, so use refresh token to obtain new one when that happens now it looks like this: Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont request (token sent) the reasoning for using the refresh + access token was to reduce DB calls, but in the end I don't think its worth the hassle. 2021-04-29 04:32:19 +02:00			`"github.com/go-chi/cors"`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`"github.com/jmoiron/sqlx"`
			`log "github.com/sirupsen/logrus"`

feat: add pre-commit hooks & refactor code to pass linting 2020-08-21 01:11:24 +02:00			`"os"`
			`"path/filepath"`

chore: rename Citadel to Taskcafe 2020-08-07 03:50:35 +02:00			`"github.com/jordanknott/taskcafe/internal/db"`
			`"github.com/jordanknott/taskcafe/internal/frontend"`
			`"github.com/jordanknott/taskcafe/internal/graph"`
			`"github.com/jordanknott/taskcafe/internal/logger"`
feat: smtp server for sending email can now be set by config 2020-12-23 23:44:13 +01:00			`"github.com/jordanknott/taskcafe/internal/utils"`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`)`

feat: add pre-commit hooks & refactor code to pass linting 2020-08-21 01:11:24 +02:00			`// FrontendHandler serves an embed React client through chi`
feature: add web & migrate commands 2020-07-16 01:20:08 +02:00			`type FrontendHandler struct {`
			`staticPath string`
			`indexPath string`
			`}`

feat: add pre-commit hooks & refactor code to pass linting 2020-08-21 01:11:24 +02:00			`// IsDir checks if the given file is a directory`
feature: add web & migrate commands 2020-07-16 01:20:08 +02:00			`func IsDir(f http.File) bool {`
			`fi, err := f.Stat()`
			`if err != nil {`
			`return false`
			`}`
			`return fi.IsDir()`
			`}`

feat: add pre-commit hooks & refactor code to pass linting 2020-08-21 01:11:24 +02:00			`// ServeHTTP attempts to serve a requested file for the embedded React client`
feature: add web & migrate commands 2020-07-16 01:20:08 +02:00			`func (h FrontendHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {`
			`path, err := filepath.Abs(r.URL.Path)`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusBadRequest)`
			`return`
			`}`

			`f, err := frontend.Frontend.Open(path)`
			`if os.IsNotExist(err) \|\| IsDir(f) {`
			`index, err := frontend.Frontend.Open("index.html")`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`http.ServeContent(w, r, "index.html", time.Now(), index)`
			`return`
			`} else if err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`http.ServeContent(w, r, path, time.Now(), f)`
			`}`

feat: add pre-commit hooks & refactor code to pass linting 2020-08-21 01:11:24 +02:00			`// TaskcafeHandler contains all the route handlers`
chore: rename Citadel to Taskcafe 2020-08-07 03:50:35 +02:00			`type TaskcafeHandler struct {`
feat: allow access token expiration to be set in the config 2020-12-31 04:10:34 +01:00			`repo db.Repository`
			`SecurityConfig utils.SecurityConfig`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`}`

feat: add pre-commit hooks & refactor code to pass linting 2020-08-21 01:11:24 +02:00			`// NewRouter creates a new router for chi`
feat: allow access token expiration to be set in the config 2020-12-31 04:10:34 +01:00			`func NewRouter(dbConnection *sqlx.DB, emailConfig utils.EmailConfig, securityConfig utils.SecurityConfig) (chi.Router, error) {`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`formatter := new(log.TextFormatter)`
			`formatter.TimestampFormat = "02-01-2006 15:04:05"`
			`formatter.FullTimestamp = true`

			`routerLogger := log.New()`
			`routerLogger.SetLevel(log.InfoLevel)`
			`routerLogger.Formatter = formatter`
			`r := chi.NewRouter()`
			`r.Use(middleware.RequestID)`
			`r.Use(middleware.RealIP)`
			`r.Use(logger.NewStructuredLogger(routerLogger))`
			`r.Use(middleware.Recoverer)`
			`r.Use(middleware.Timeout(60 * time.Second))`

refactor: replace refresh & access token with auth token only changes authentication to no longer use a refresh token & access token for accessing protected endpoints. Instead only an auth token is used. Before the login flow was: Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) -> protected endpoint request (attach access token as Authorization header) -> access token expires in 15 minutes, so use refresh token to obtain new one when that happens now it looks like this: Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont request (token sent) the reasoning for using the refresh + access token was to reduce DB calls, but in the end I don't think its worth the hassle. 2021-04-29 04:32:19 +02:00			`r.Use(cors.Handler(cors.Options{`
			`// AllowedOrigins: []string{"https://foo.com"}, // Use this to allow specific origin hosts`
			`AllowedOrigins: []string{"https://", "http://"},`
			`// AllowOriginFunc: func(r *http.Request, origin string) bool { return true },`
			`AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},`
			`AllowedHeaders: []string{"Accept", "Authorization", "Cookie", "Content-Type", "X-CSRF-Token"},`
			`ExposedHeaders: []string{"Link"},`
			`AllowCredentials: true,`
			`MaxAge: 300, // Maximum value not ignored by any of major browsers`
			`}))`

cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`repository := db.NewRepository(dbConnection)`
feat: allow access token expiration to be set in the config 2020-12-31 04:10:34 +01:00			`taskcafeHandler := TaskcafeHandler{*repository, securityConfig}`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00
			`var imgServer = http.FileServer(http.Dir("./uploads/"))`
			`r.Group(func(mux chi.Router) {`
chore: rename Citadel to Taskcafe 2020-08-07 03:50:35 +02:00			`mux.Mount("/auth", authResource{}.Routes(taskcafeHandler))`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`mux.Handle("/__graphql", graph.NewPlaygroundHandler("/graphql"))`
			`mux.Mount("/uploads/", http.StripPrefix("/uploads/", imgServer))`
feat: redesign project sharing & initial registration redesigned the project sharing popup to be a multi select dropdown that populates the options by using the input as a fuzzy search filter on the current users & invited users. users can now also be directly invited by email from the project share window. if invited this way, then the user will receive an email that sends them to a registration page, then a confirmation page. the initial registration was always redone so that it uses a similar system to the above in that it now will accept the first registered user if there are no other accounts (besides 'system'). 2020-10-21 01:52:09 +02:00			`mux.Post("/auth/confirm", taskcafeHandler.ConfirmUser)`
			`mux.Post("/auth/register", taskcafeHandler.RegisterUser)`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`})`
refactor: replace refresh & access token with auth token only changes authentication to no longer use a refresh token & access token for accessing protected endpoints. Instead only an auth token is used. Before the login flow was: Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) -> protected endpoint request (attach access token as Authorization header) -> access token expires in 15 minutes, so use refresh token to obtain new one when that happens now it looks like this: Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont request (token sent) the reasoning for using the refresh + access token was to reduce DB calls, but in the end I don't think its worth the hassle. 2021-04-29 04:32:19 +02:00			`auth := AuthenticationMiddleware{*repository}`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`r.Group(func(mux chi.Router) {`
fix: secret key is no longer hard coded the secret key for signing JWT tokens is now read from server.secret. if that does not exist, then a random UUID v4 is generated and used instead. a log warning is also shown. 2020-09-13 01:03:17 +02:00			`mux.Use(auth.Middleware)`
chore: rename Citadel to Taskcafe 2020-08-07 03:50:35 +02:00			`mux.Post("/users/me/avatar", taskcafeHandler.ProfileImageUpload)`
feat: smtp server for sending email can now be set by config 2020-12-23 23:44:13 +01:00			`mux.Handle("/graphql", graph.NewHandler(*repository, emailConfig))`
cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`})`

feature: add web & migrate commands 2020-07-16 01:20:08 +02:00			`frontend := FrontendHandler{staticPath: "build", indexPath: "index.html"}`
			`r.Handle("/*", frontend)`

cleanup: refactor api architecture & add user roles 2020-07-05 01:02:57 +02:00			`return r, nil`
			`}`