Compare commits

..

No commits in common. "b15a85131fb4cc320b35380523a58a1f7cdf33b0" and "68b485c36f1dc7ff24a82ce1115c734de66b7bc4" have entirely different histories.

5 changed files with 23 additions and 85 deletions

View File

@ -6,10 +6,9 @@ import (
"strings" "strings"
"time" "time"
"code.chrissexton.org/cws/cabinet/db"
"github.com/jmoiron/sqlx" "github.com/jmoiron/sqlx"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
"code.chrissexton.org/cws/cabinet/db"
) )
type Entry struct { type Entry struct {
@ -95,49 +94,27 @@ func GetByID(db *db.Database, id int64) (Entry, error) {
return e, e.populateTags() return e, e.populateTags()
} }
func SearchByTag(db *db.Database, query string, tags []string) ([]*Entry, error) { func Search(db *db.Database, query string) ([]*Entry, error) {
entries := []*Entry{} entries := []*Entry{}
query = fmt.Sprintf("%%%s%%", query) log.Debug().Str("query", query).Msg("searching")
log.Debug().Str("tag query", query).Int("len(tags)", len(tags)).Msg("searching") if query != "" {
q := `select * from entries where content like ? order by updated desc`
if len(tags) > 0 { err := db.Select(&entries, q, "%"+query+"%")
q := `select e.*
from entries e
inner join tags t
on e.id=t.entry_id
where
t.name in (?)
AND content like ?
order by updated desc`
q, args, err := sqlx.In(q, tags, query)
if err != nil {
return nil, err
}
err = db.Select(&entries, q, args...)
if err != nil { if err != nil {
return nil, err return nil, err
} }
} else { } else {
q := `select e.* q := `select * from entries order by updated desc`
from entries e err := db.Select(&entries, q)
where
content like ?
order by updated desc`
err := db.Select(&entries, q, query)
if err != nil { if err != nil {
return nil, err return nil, err
} }
} }
for _, e := range entries { for _, e := range entries {
e.db = db e.db = db
e.Title = e.GenerateTitle() e.Title = e.GenerateTitle()
e.populateTags() e.populateTags()
} }
return entries, nil return entries, nil
} }
@ -300,12 +277,3 @@ func (e *Entry) Create() error {
tx.Commit() tx.Commit()
return nil return nil
} }
func (e *Entry) HasTag(tag string) bool {
for _, t := range e.Tags {
if strings.ToLower(tag) == strings.ToLower(t) {
return true
}
}
return false
}

View File

@ -33,15 +33,6 @@
components: { components: {
Error Error
}, },
created() {
if (!this.$store.state.key) {
let key = this.$cookies.get('key')
if (key) {
this.$store.commit('setKey', key)
return
}
}
},
methods: { methods: {
newFile: function() { newFile: function() {
this.$store.dispatch('newFile') this.$store.dispatch('newFile')

View File

@ -80,6 +80,11 @@ export default {
// because it has not been created yet when this guard is called! // because it has not been created yet when this guard is called!
next(vm => { next(vm => {
if (!vm.$store.state.key) { if (!vm.$store.state.key) {
let key = vm.$cookies.get('key')
if (key) {
vm.$store.commit('setKey', key)
return
}
vm.$router.push({name: "login", params: {returnTo: vm.$route.path}}) vm.$router.push({name: "login", params: {returnTo: vm.$route.path}})
} }
}) })

View File

@ -111,17 +111,12 @@ func (web *Web) newEntry(w http.ResponseWriter, r *http.Request) {
func (web *Web) allEntries(w http.ResponseWriter, r *http.Request) { func (web *Web) allEntries(w http.ResponseWriter, r *http.Request) {
query := "" query := ""
tags := []string{}
if !web.AuthCheck(r) {
tags = append(tags, "public")
}
items, ok := r.URL.Query()["query"] items, ok := r.URL.Query()["query"]
if ok { if ok {
query = items[0] query = items[0]
} }
entries, err := entry.SearchByTag(web.db, query, tags) entries, err := entry.Search(web.db, query)
if err != nil { if err != nil {
log.Error().Msgf("Error querying: %w", err)
w.WriteHeader(500) w.WriteHeader(500)
fmt.Fprint(w, err) fmt.Fprint(w, err)
return return
@ -148,12 +143,6 @@ func (web *Web) getEntry(w http.ResponseWriter, r *http.Request) {
return return
} }
if !web.AuthCheck(r) && !entry.HasTag("public") {
w.WriteHeader(401)
fmt.Fprint(w, "not allowed")
return
}
resp, err := json.Marshal(entry) resp, err := json.Marshal(entry)
if err != nil { if err != nil {
w.WriteHeader(500) w.WriteHeader(500)

View File

@ -38,42 +38,27 @@ func New(addr string, db *db.Database, static http.FileSystem) *Web {
} }
type AuthMiddleware struct { type AuthMiddleware struct {
web *Web db *db.Database
db *db.Database
}
func NewAuthMiddleware(web *Web) AuthMiddleware {
return AuthMiddleware{
web: web,
db: web.db,
}
} }
func (aw *AuthMiddleware) Middleware(next http.Handler) http.Handler { func (aw *AuthMiddleware) Middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if aw.web.AuthCheck(r) { key := r.Header.Get("X-Auth-Key")
next.ServeHTTP(w, r) u, err := auth.GetByKey(aw.db, key)
if key == "" || err != nil {
w.WriteHeader(401)
fmt.Fprint(w, "invalid login")
return return
} }
w.WriteHeader(401) log.Debug().Msgf("This shit is authed to user %s!", u.Name)
fmt.Fprint(w, "invalid login") next.ServeHTTP(w, r)
}) })
} }
func (web *Web) AuthCheck(r *http.Request) bool {
key := r.Header.Get("X-Auth-Key")
u, err := auth.GetByKey(web.db, key)
if key == "" || err != nil {
return false
}
log.Debug().Msgf("This shit is authed to user %s!", u.Name)
return true
}
func (web *Web) routeSetup() http.Handler { func (web *Web) routeSetup() http.Handler {
r := mux.NewRouter() r := mux.NewRouter()
api := r.PathPrefix("/v1/").Subrouter() api := r.PathPrefix("/v1/").Subrouter()
auth := NewAuthMiddleware(web) auth := AuthMiddleware{web.db}
authedApi := r.PathPrefix("/v1/").Subrouter() authedApi := r.PathPrefix("/v1/").Subrouter()
authedApi.Use(auth.Middleware) authedApi.Use(auth.Middleware)