2017-07-23 09:20:22 +01:00
|
|
|
/* webserver.go
|
2017-09-21 20:10:16 +01:00
|
|
|
*
|
2017-09-11 19:36:40 +01:00
|
|
|
* This is the webserver handler for Pogo, and handles
|
2017-09-21 20:10:16 +01:00
|
|
|
* all incoming connections, including authentication.
|
2017-09-11 20:12:24 +01:00
|
|
|
*/
|
2017-07-23 09:20:22 +01:00
|
|
|
|
2017-06-14 06:57:02 +01:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2017-09-21 20:10:16 +01:00
|
|
|
"crypto/subtle"
|
2017-06-18 21:57:43 +01:00
|
|
|
"fmt"
|
|
|
|
"io/ioutil"
|
|
|
|
"log"
|
|
|
|
"net/http"
|
2017-06-15 17:21:22 +01:00
|
|
|
|
2017-06-18 21:57:43 +01:00
|
|
|
"github.com/gorilla/mux"
|
2017-07-23 09:20:22 +01:00
|
|
|
"github.com/spf13/viper"
|
2017-06-14 06:57:02 +01:00
|
|
|
)
|
2017-06-18 21:57:43 +01:00
|
|
|
|
2017-09-11 19:46:43 +01:00
|
|
|
// Prints out contents of feed.rss
|
2017-06-15 17:21:22 +01:00
|
|
|
func RssHandler(w http.ResponseWriter, r *http.Request) {
|
2017-06-18 21:57:43 +01:00
|
|
|
w.Header().Set("Content-Type", "application/rss+xml")
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
data, err := ioutil.ReadFile("feed.rss")
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Length", fmt.Sprint(len(data)))
|
|
|
|
fmt.Fprint(w, string(data))
|
2017-06-14 06:57:02 +01:00
|
|
|
}
|
|
|
|
|
2017-07-23 09:20:22 +01:00
|
|
|
// Does the same as above method, only with the JSON feed data
|
2017-06-18 21:57:43 +01:00
|
|
|
func JsonHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
data, err := ioutil.ReadFile("feed.json")
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Length", fmt.Sprint(len(data)))
|
|
|
|
fmt.Fprint(w, string(data))
|
2017-06-15 17:21:22 +01:00
|
|
|
}
|
|
|
|
|
2017-07-23 09:20:22 +01:00
|
|
|
// Serve up homepage
|
2017-06-18 21:57:43 +01:00
|
|
|
func HomeHandler(w http.ResponseWriter, r *http.Request) {
|
2017-09-21 23:10:16 +01:00
|
|
|
data, err := ioutil.ReadFile("assets/index.html")
|
2017-06-18 21:57:43 +01:00
|
|
|
|
|
|
|
if err == nil {
|
|
|
|
w.Write(data)
|
|
|
|
} else {
|
2017-09-07 04:03:24 +01:00
|
|
|
w.WriteHeader(500)
|
2017-09-21 20:10:16 +01:00
|
|
|
w.Write([]byte("Error500 - " + http.StatusText(500)))
|
2017-06-18 21:57:43 +01:00
|
|
|
}
|
2017-06-15 17:21:22 +01:00
|
|
|
}
|
|
|
|
|
2017-07-23 09:20:22 +01:00
|
|
|
// Authenticate user using basic webserver authentication
|
2017-09-11 19:36:40 +01:00
|
|
|
// @TODO: Replace this with a different for of _more secure_
|
|
|
|
// authentication that we can POST to instead.
|
2017-07-15 16:06:37 +01:00
|
|
|
/*
|
|
|
|
* Code from stackoverflow by user Timmmm
|
|
|
|
* https://stackoverflow.com/questions/21936332/idiomatic-way-of-requiring-http-basic-auth-in-go/39591234#39591234
|
2017-09-11 20:12:24 +01:00
|
|
|
*/
|
2017-09-21 20:10:16 +01:00
|
|
|
func BasicAuth(handler http.HandlerFunc) http.HandlerFunc {
|
|
|
|
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
username := viper.GetString("AdminUsername")
|
|
|
|
password := viper.GetString("AdminPassword")
|
|
|
|
realm := "Login to Pogo admin interface"
|
|
|
|
user, pass, ok := r.BasicAuth()
|
|
|
|
|
|
|
|
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(password)) != 1 {
|
|
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
|
|
|
|
w.WriteHeader(401)
|
|
|
|
w.Write([]byte("Unauthorised.\n"))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
handler(w, r)
|
|
|
|
}
|
2017-07-15 16:06:37 +01:00
|
|
|
}
|
|
|
|
|
2017-07-23 09:20:22 +01:00
|
|
|
// Handler for serving up admin page
|
2017-07-15 16:06:37 +01:00
|
|
|
func AdminHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
data, err := ioutil.ReadFile("assets/admin.html")
|
|
|
|
|
|
|
|
if err == nil {
|
|
|
|
w.Write(data)
|
|
|
|
} else {
|
2017-09-07 04:03:24 +01:00
|
|
|
w.WriteHeader(500)
|
|
|
|
w.Write([]byte("500 Something went wrong - " + http.StatusText(500)))
|
2017-07-15 16:06:37 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-07-23 09:20:22 +01:00
|
|
|
// Main function that defines routes
|
2017-06-14 06:57:02 +01:00
|
|
|
func main() {
|
2017-07-23 09:20:22 +01:00
|
|
|
viper.SetConfigName("config")
|
|
|
|
viper.AddConfigPath(".")
|
|
|
|
err := viper.ReadInConfig() // Find and read the config file
|
2017-09-21 20:10:16 +01:00
|
|
|
if err != nil { // Handle errors reading the config file
|
2017-07-23 09:20:22 +01:00
|
|
|
panic(fmt.Errorf("Fatal error config file: %s \n", err))
|
|
|
|
}
|
|
|
|
|
|
|
|
// Start the watch() function in generate_rss.go, which
|
2017-09-21 20:10:16 +01:00
|
|
|
// watches for file changes and regenerates the feed
|
2017-06-18 21:57:43 +01:00
|
|
|
go watch()
|
2017-07-23 09:20:22 +01:00
|
|
|
|
|
|
|
// Define routes
|
2017-06-18 21:57:43 +01:00
|
|
|
r := mux.NewRouter()
|
2017-07-23 09:20:22 +01:00
|
|
|
|
|
|
|
// "Static" paths
|
2017-06-18 21:57:43 +01:00
|
|
|
r.PathPrefix("/assets/").Handler(http.StripPrefix("/assets/", http.FileServer(http.Dir("assets/static"))))
|
|
|
|
r.PathPrefix("/download/").Handler(http.StripPrefix("/download/", http.FileServer(http.Dir("podcasts"))))
|
2017-07-23 09:20:22 +01:00
|
|
|
|
|
|
|
// Paths that require specific handlers
|
|
|
|
http.Handle("/", r) // Pass everything to gorilla mux
|
2017-06-18 21:57:43 +01:00
|
|
|
r.HandleFunc("/", HomeHandler)
|
|
|
|
r.HandleFunc("/rss", RssHandler)
|
|
|
|
r.HandleFunc("/json", JsonHandler)
|
2017-09-07 04:02:14 +01:00
|
|
|
|
|
|
|
// Authenticated endpoints should be passed to BasicAuth()
|
|
|
|
// first
|
|
|
|
r.HandleFunc("/admin", BasicAuth(AdminHandler))
|
|
|
|
r.HandleFunc("/admin/publish", BasicAuth(CreateEpisode))
|
|
|
|
r.HandleFunc("/admin/delete", BasicAuth(RemoveEpisode))
|
|
|
|
r.HandleFunc("/admin/css", BasicAuth(CustomCss))
|
2017-07-23 09:20:22 +01:00
|
|
|
|
2017-09-21 23:10:16 +01:00
|
|
|
r.HandleFunc("/setup", ServeSetup)
|
|
|
|
|
2017-07-23 09:20:22 +01:00
|
|
|
// We're live!
|
2017-09-11 19:36:40 +01:00
|
|
|
fmt.Println("Listening on port :8000")
|
2017-06-18 21:57:43 +01:00
|
|
|
log.Fatal(http.ListenAndServe(":8000", r))
|
|
|
|
}
|