summaryrefslogtreecommitdiff
path: root/srv/src
diff options
context:
space:
mode:
Diffstat (limited to 'srv/src')
-rw-r--r--srv/src/api/api.go86
-rw-r--r--srv/src/api/render.go4
-rw-r--r--srv/src/api/tpl/admin-assets.html (renamed from srv/src/api/tpl/admin/assets.html)0
3 files changed, 48 insertions, 42 deletions
diff --git a/srv/src/api/api.go b/srv/src/api/api.go
index 8d54d46..b0948ac 100644
--- a/srv/src/api/api.go
+++ b/srv/src/api/api.go
@@ -152,57 +152,63 @@ func (a *api) handler() http.Handler {
staticHandler = httputil.NewSingleHostReverseProxy(a.params.StaticProxy)
}
- staticHandler = setCSRFMiddleware(staticHandler)
-
// sugar
+
requirePow := func(h http.Handler) http.Handler {
return a.requirePowMiddleware(h)
}
+ postFormMiddleware := func(h http.Handler) http.Handler {
+ h = checkCSRFMiddleware(h)
+ h = postOnlyMiddleware(h)
+ h = logReqMiddleware(h)
+ h = addResponseHeaders(map[string]string{
+ "Cache-Control": "no-store, max-age=0",
+ "Pragma": "no-cache",
+ "Expires": "0",
+ }, h)
+ return h
+ }
+
mux := http.NewServeMux()
mux.Handle("/", staticHandler)
- apiMux := http.NewServeMux()
- apiMux.Handle("/pow/challenge", a.newPowChallengeHandler())
- apiMux.Handle("/pow/check",
- requirePow(
- http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {}),
- ),
- )
-
- apiMux.Handle("/mailinglist/subscribe", requirePow(a.mailingListSubscribeHandler()))
- apiMux.Handle("/mailinglist/finalize", a.mailingListFinalizeHandler())
- apiMux.Handle("/mailinglist/unsubscribe", a.mailingListUnsubscribeHandler())
-
- apiMux.Handle("/chat/global/", http.StripPrefix("/chat/global", newChatHandler(
- a.params.GlobalRoom,
- a.params.UserIDCalculator,
- a.requirePowMiddleware,
- )))
-
- var apiHandler http.Handler = apiMux
- apiHandler = checkCSRFMiddleware(apiHandler)
- apiHandler = postOnlyMiddleware(apiHandler)
- apiHandler = logReqMiddleware(apiHandler)
- apiHandler = addResponseHeaders(map[string]string{
- "Cache-Control": "no-store, max-age=0",
- "Pragma": "no-cache",
- "Expires": "0",
- }, apiHandler)
-
- mux.Handle("/api/", http.StripPrefix("/api", apiHandler))
-
- // TODO need to setCSRFMiddleware on all these rendering endpoints
- mux.Handle("/v2/follow.html", a.renderDumbHandler("follow.html"))
- mux.Handle("/v2/posts/", a.renderPostHandler())
- mux.Handle("/v2/", a.renderIndexHandler())
-
- mux.Handle("/v2/assets/", a.servePostAssetHandler())
-
- mux.Handle("/v2/admin/assets.html", a.renderAdminAssets())
+ {
+ apiMux := http.NewServeMux()
+ apiMux.Handle("/pow/challenge", a.newPowChallengeHandler())
+ apiMux.Handle("/pow/check",
+ requirePow(
+ http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {}),
+ ),
+ )
+
+ apiMux.Handle("/mailinglist/subscribe", requirePow(a.mailingListSubscribeHandler()))
+ apiMux.Handle("/mailinglist/finalize", a.mailingListFinalizeHandler())
+ apiMux.Handle("/mailinglist/unsubscribe", a.mailingListUnsubscribeHandler())
+
+ apiMux.Handle("/chat/global/", http.StripPrefix("/chat/global", newChatHandler(
+ a.params.GlobalRoom,
+ a.params.UserIDCalculator,
+ a.requirePowMiddleware,
+ )))
+
+ mux.Handle("/api/", http.StripPrefix("/api", postFormMiddleware(apiMux)))
+ }
+
+ {
+ v2Mux := http.NewServeMux()
+ v2Mux.Handle("/follow.html", a.renderDumbHandler("follow.html"))
+ v2Mux.Handle("/posts/", a.renderPostHandler())
+ v2Mux.Handle("/assets", a.renderPostAssetsIndexHandler())
+ v2Mux.Handle("/assets/", a.servePostAssetHandler())
+ v2Mux.Handle("/", a.renderIndexHandler())
+
+ mux.Handle("/v2/", http.StripPrefix("/v2", v2Mux))
+ }
var globalHandler http.Handler = mux
+ globalHandler = setCSRFMiddleware(globalHandler)
globalHandler = setLoggerMiddleware(a.params.Logger, globalHandler)
return globalHandler
diff --git a/srv/src/api/render.go b/srv/src/api/render.go
index 8fc2cb6..dfa665f 100644
--- a/srv/src/api/render.go
+++ b/srv/src/api/render.go
@@ -197,9 +197,9 @@ func (a *api) renderDumbHandler(tplName string) http.Handler {
})
}
-func (a *api) renderAdminAssets() http.Handler {
+func (a *api) renderPostAssetsIndexHandler() http.Handler {
- tpl := a.mustParseTpl("admin/assets.html")
+ tpl := a.mustParseTpl("admin-assets.html")
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
diff --git a/srv/src/api/tpl/admin/assets.html b/srv/src/api/tpl/admin-assets.html
index d871a3e..d871a3e 100644
--- a/srv/src/api/tpl/admin/assets.html
+++ b/srv/src/api/tpl/admin-assets.html