Compare commits

..

16 commits

Author SHA1 Message Date
Ada
d882ecc692
📄 Make repository AGPLv3 2024-02-18 01:47:41 +01:00
Ada
d5fea70587 Merge pull request '♻️ Move code from main to module' (#18) from ada/refactor into main
Reviewed-on: #18
2024-02-11 23:40:12 +00:00
Ada
021e4a731a
♻️ Move code from main to module & clean code 2024-02-12 00:37:51 +01:00
Ada
df2b918801 Merge pull request '💄 Move DELETE logic to specific function' (#16) from ada/backend/refactor-delete into main
Reviewed-on: #16
2024-01-23 21:28:50 +00:00
Ada
b5a19209b2 💄 Move DELETE logic to specific function 2024-01-23 22:28:19 +01:00
Ada
bf516229da Merge pull request 'bump(go-redis): v9.4.0' (#15) from ada/backend/update-redis into main
Reviewed-on: #15
2024-01-23 21:14:52 +00:00
Ada
d6a015489d bump(go-redis): v9.4.0 2024-01-23 22:13:21 +01:00
Ada
3308d5419c Merge pull request ' Plak expiration support' (#14) from ada/backend/expiration into main
Reviewed-on: #14
2024-01-23 21:02:45 +00:00
Ada
d5610eb24c Plak expiration support 2024-01-23 22:00:06 +01:00
Ada
1731efcc28 Merge pull request 'fix(backend): broken utf8 on raw view' (#13) from fix/raw/utf-8 into main
Reviewed-on: #13
2023-11-26 19:10:56 +00:00
Ada
da1d1a1ef2 fix(backend): broken utf8 on raw view 2023-11-26 02:53:24 +01:00
Akinimaginable
83b4f5fe04 Merge pull request 'features' (#12) from features into main
Reviewed-on: #12
2023-11-25 23:10:29 +00:00
hacki
4b53f0e1d9 Remove IDE specific files 2023-11-26 00:08:47 +01:00
hacki
1c086c5afb Added line counter + some return optimization 2023-11-26 00:00:53 +01:00
Akinimaginable
6567a7c0cd Merge pull request 'clean(backend): make one global redis client' (#10) from clean-db into main
Reviewed-on: #10
2023-11-25 18:18:28 +00:00
Akinimaginable
8dc45aeb01 Merge pull request 'clean(backend): Remove duplicate config example' (#9) from clean-env into main
Reviewed-on: #9
2023-11-25 18:16:16 +00:00
27 changed files with 193 additions and 856 deletions

View file

@ -1,25 +0,0 @@
linters:
enable-all: true
disable:
# Deprecated
- varcheck
- ifshort
- interfacer
- maligned
- deadcode
- scopelint
- golint
- structcheck
- exhaustivestruct
- nosnakecase
# Too extremist/unusable
- depguard
- varnamelen
- exhaustruct
- wsl
- contextcheck
- wrapcheck
linters-settings:
lll:
# Too short byt default
line-length: 160

View file

@ -1,32 +0,0 @@
steps:
- name: publish_image
image: woodpeckerci/plugin-docker-buildx
settings:
repo: git.gnous.eu/${CI_REPO_OWNER}/plakken
dockerfile: docker/Dockerfile
platforms: linux/amd64,linux/arm64/v8,linux/arm
registry: https://git.gnous.eu
tag: ${CI_COMMIT}
username:
from_secret: docker_username
password:
from_secret: docker_password
when:
branch: ${CI_REPO_DEFAULT_BRANCH}
event: push
- name: publish_image_tag
image: woodpeckerci/plugin-docker-buildx
settings:
repo: git.gnous.eu/${CI_REPO_OWNER}/plakken
dockerfile: docker/Dockerfile
platforms: linux/amd64,linux/arm64/v8,linux/arm
registry: https://git.gnous.eu
tags:
- ${CI_COMMIT_TAG##v} # Remove v from tag
- stable
username:
from_secret: docker_username
password:
from_secret: docker_password
when:
event: tag

View file

@ -1,11 +0,0 @@
steps:
lint:
image: golang:1.22
commands:
- go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
- golangci-lint run
when:
- event: pull_request
repo: gnouseu/plakken
- event: push
branch: main

View file

@ -1,24 +0,0 @@
steps:
- name: Build
image: golang:1.22
commands:
- go mod download
- CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-w -s" -o plakken-linux-amd64 # Enable static binary, target Linux, remove debug information and strip binary
- CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags "-w -s" -o plakken-linux-arm64
- CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "-w -s" -o plakken-linux-arm
- CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-w -s" -o plakken-windows-amd64.exe
- CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags "-w -s" -o plakken-windows-arm64.exe
- CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "-w -s" -o plakken-windows-arm.exe
when:
event: tag
- name: Release
image: woodpeckerci/plugin-gitea-release
settings:
base_url: https://git.gnous.eu
files:
- "plakken*"
api_key:
from_secret: release_token
target: main
when:
event: tag

View file

@ -1,28 +0,0 @@
# Build
FROM golang:1.22 AS build
LABEL authors="gnousEU"
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY main.go ./
COPY internal/ ./internal
COPY static/ ./static
COPY templates/ ./templates
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags "-w -s" # Enable static binary, target Linux, remove debug information and strip binary
# Copy to our image
FROM gcr.io/distroless/static-debian12:nonroot
WORKDIR /app
COPY --from=build /build/plakken ./
ENV PLAKKEN_LISTEN ":3000"
EXPOSE 3000/tcp
ENTRYPOINT ["/app/plakken"]

View file

@ -1,31 +0,0 @@
version: "3"
networks:
plakken:
external: false
services:
server:
build:
context: ../
dockerfile: docker/Dockerfile
restart: always
container_name: plakken
networks:
- plakken
ports:
- "3000:3000"
environment:
- PLAKKEN_REDIS_ADDRESS=redis:6379
- POSTGRES_PASSWORD=gitea
- PLAKKEN_REDIS_DB=0
- PLAKKEN_URL_LENGTH=5
depends_on:
- redis
redis:
image: redis:7-alpine
restart: always
healthcheck:
test: [ "CMD", "redis-cli", "ping" ]
networks:
- plakken

View file

@ -1,36 +0,0 @@
version: "3"
networks:
plakken:
external: false
volumes:
redis:
driver: local
services:
server:
image: git.gnous.eu/gnouseu/plakken:latest
restart: always
container_name: plakken
read_only: true
networks:
- plakken
ports:
- "3000:3000"
environment:
- PLAKKEN_REDIS_ADDRESS=redis:6379
- POSTGRES_PASSWORD=gitea
- PLAKKEN_REDIS_DB=0
- PLAKKEN_URL_LENGTH=5
depends_on:
- redis
redis:
image: redis:7-alpine
restart: always
healthcheck:
test: [ "CMD", "redis-cli", "ping" ]
networks:
- plakken
volumes:
- redis:/data

7
go.mod
View file

@ -3,12 +3,11 @@ module git.gnous.eu/gnouseu/plakken
go 1.22
require (
github.com/redis/go-redis/v9 v9.5.1
golang.org/x/crypto v0.22.0
github.com/joho/godotenv v1.5.1
github.com/redis/go-redis/v9 v9.4.0
)
require (
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
golang.org/x/sys v0.19.0 // indirect
)

14
go.sum
View file

@ -2,13 +2,11 @@ github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/redis/go-redis/v9 v9.5.1 h1:H1X4D3yHPaYrkL5X06Wh6xNVM/pX0Ft4RV0vMGvLBh8=
github.com/redis/go-redis/v9 v9.5.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M=
golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/redis/go-redis/v9 v9.4.0 h1:Yzoz33UZw9I/mFhx4MNrB6Fk+XHO1VukNcCa1+lwyKk=
github.com/redis/go-redis/v9 v9.4.0/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M=

View file

@ -5,21 +5,26 @@ import (
"os"
"strconv"
"git.gnous.eu/gnouseu/plakken/internal/constant"
"github.com/joho/godotenv"
)
// InitConfig Structure for program initialisation.
// InitConfig Structure for program initialisation
type InitConfig struct {
ListenAddress string
RedisAddress string
RedisUser string
RedisPassword string
RedisDB int
URLLength uint8
UrlLength uint8
}
// GetConfig Initialise configuration form .env.
// GetConfig Initialise configuration form .env
func GetConfig() InitConfig {
err := godotenv.Load()
if err != nil {
log.Fatalf("Error loading .env file: %v", err)
}
listenAddress := os.Getenv("PLAKKEN_LISTEN")
redisAddress := os.Getenv("PLAKKEN_REDIS_ADDRESS")
db := os.Getenv("PLAKKEN_REDIS_DB")
@ -39,7 +44,7 @@ func GetConfig() InitConfig {
log.Fatal("Invalid PLAKKEN_URL_LENGTH")
}
if urlLength > constant.MaxURLLength {
if urlLength > 255 {
log.Fatal("PLAKKEN_URL_LENGTH cannot be greater than 255")
}
@ -49,6 +54,6 @@ func GetConfig() InitConfig {
RedisUser: os.Getenv("PLAKKEN_REDIS_USER"),
RedisPassword: os.Getenv("PLAKKEN_REDIS_PASSWORD"),
RedisDB: redisDB,
URLLength: uint8(urlLength),
UrlLength: uint8(urlLength),
}
}

View file

@ -3,16 +3,5 @@ package constant
import "time"
const (
HTTPTimeout = 3 * time.Second
ExpirationCurlCreate = 604800 * time.Second // Second in one week
TokenLength = 32
ArgonSaltSize = 16
ArgonMemory = 64 * 1024
ArgonThreads = 4
ArgonKeyLength = 32
ArgonIterations = 2
MaxURLLength = 255
SecondsInDay = 86400
SecondsInHour = 3600
SecondsInMinute = 60
HTTPTimeout = 3 * time.Second
)

View file

@ -5,7 +5,6 @@ import (
"log"
"time"
"git.gnous.eu/gnouseu/plakken/internal/secret"
"github.com/redis/go-redis/v9"
)
@ -13,9 +12,9 @@ type DBConfig struct {
DB *redis.Client
}
var ctx = context.Background() //nolint:gochecknoglobals
var ctx = context.Background()
// InitDB initialise redis connection settings.
// InitDB initialise redis connection settings
func InitDB(addr string, user string, password string, db int) *redis.Options {
DBConfig := &redis.Options{
Addr: addr,
@ -27,21 +26,10 @@ func InitDB(addr string, user string, password string, db int) *redis.Options {
return DBConfig
}
// ConnectDB make new database connection.
// ConnectDB make new database connection
func ConnectDB(dbConfig *redis.Options) *redis.Client {
localDB := redis.NewClient(dbConfig)
return localDB
}
// Ping test connection to Redis database.
func Ping(db *redis.Client) error {
status := db.Ping(ctx)
if status.String() != "ping: PONG" {
return &pingError{}
}
return nil
localDb := redis.NewClient(dbConfig)
return localDb
}
func (config DBConfig) InsertPaste(key string, content string, secret string, ttl time.Duration) {
@ -67,17 +55,10 @@ func (config DBConfig) InsertPaste(key string, content string, secret string, tt
}
}
func (config DBConfig) URLExist(url string) bool {
func (config DBConfig) UrlExist(url string) bool {
return config.DB.Exists(ctx, url).Val() == 1
}
func (config DBConfig) VerifySecret(url string, token string) (bool, error) {
storedHash := config.DB.HGet(ctx, url, "secret").Val()
result, err := secret.VerifyPassword(token, storedHash)
if err != nil {
return false, err
}
return result, nil
func (config DBConfig) VerifySecret(url string, secret string) bool {
return secret == config.DB.HGet(ctx, url, "secret").Val()
}

View file

@ -1,7 +0,0 @@
package database
type pingError struct{}
func (m *pingError) Error() string {
return "Connection to redis not work"
}

View file

@ -0,0 +1,51 @@
package httpServer
import (
"log"
"net/http"
"git.gnous.eu/gnouseu/plakken/internal/constant"
"git.gnous.eu/gnouseu/plakken/internal/web/plak"
"git.gnous.eu/gnouseu/plakken/internal/web/static"
"github.com/redis/go-redis/v9"
)
type ServerConfig struct {
HTTPServer *http.Server
UrlLength uint8
DB *redis.Client
}
// Configure HTTP router
func (config ServerConfig) router(_ http.ResponseWriter, _ *http.Request) {
WebConfig := plak.WebConfig{
DB: config.DB,
UrlLength: config.UrlLength,
}
http.HandleFunc("GET /{$}", static.Home)
http.HandleFunc("GET /{key}/{settings...}", WebConfig.View)
http.HandleFunc("GET /static/{file}", static.ServeStatic)
http.HandleFunc("POST /{$}", WebConfig.Create)
http.HandleFunc("DELETE /{key}", WebConfig.Delete)
}
// Config Configure HTTP server
func Config(listenAddress string) *http.Server {
server := &http.Server{
Addr: listenAddress,
ReadTimeout: constant.HTTPTimeout,
WriteTimeout: constant.HTTPTimeout,
}
return server
}
// Server Start HTTP server
func (config ServerConfig) Server() {
log.Println("Listening on " + config.HTTPServer.Addr)
http.HandleFunc("/", config.router)
log.Fatal(config.HTTPServer.ListenAndServe())
}

View file

@ -1,67 +0,0 @@
package httpserver
import (
"embed"
"log"
"net/http"
"git.gnous.eu/gnouseu/plakken/internal/constant"
"git.gnous.eu/gnouseu/plakken/internal/web/plak"
"github.com/redis/go-redis/v9"
)
type ServerConfig struct {
HTTPServer *http.Server
URLLength uint8
DB *redis.Client
Static embed.FS
Templates embed.FS
}
func (config ServerConfig) home(w http.ResponseWriter, _ *http.Request) {
index, err := config.Static.ReadFile("static/index.html")
if err != nil {
log.Println(err)
}
_, err = w.Write(index)
if err != nil {
log.Println(err)
}
}
// Configure HTTP router.
func (config ServerConfig) router() {
WebConfig := plak.WebConfig{
DB: config.DB,
URLLength: config.URLLength,
Templates: config.Templates,
}
staticFiles := http.FS(config.Static)
http.HandleFunc("GET /{$}", config.home)
http.Handle("GET /static/{file}", http.FileServer(staticFiles))
http.HandleFunc("GET /{key}/{settings...}", WebConfig.View)
http.HandleFunc("POST /{$}", WebConfig.CurlCreate)
http.HandleFunc("POST /create/{$}", WebConfig.PostCreate)
http.HandleFunc("DELETE /{key}", WebConfig.DeleteRequest)
}
// Config Configure HTTP server.
func Config(listenAddress string) *http.Server {
server := &http.Server{
Addr: listenAddress,
ReadTimeout: constant.HTTPTimeout,
WriteTimeout: constant.HTTPTimeout,
}
return server
}
// Server Start HTTP server.
func (config ServerConfig) Server() {
log.Println("Listening on " + config.HTTPServer.Addr)
config.router()
log.Fatal(config.HTTPServer.ListenAndServe())
}

View file

@ -1,161 +0,0 @@
// Package secret implement all crypto utils like password hashing and secret generation
package secret
import (
"bytes"
"crypto/rand"
"encoding/base64"
"encoding/hex"
"fmt"
"strconv"
"strings"
"git.gnous.eu/gnouseu/plakken/internal/constant"
"golang.org/x/crypto/argon2"
)
type argon2idHash struct {
salt []byte
hash []byte
}
// Argon2id config.
type config struct {
saltLength uint8
memory uint32
threads uint8
keyLength uint32
iterations uint32
}
// generateSecret for password hashing or token generation.
func generateSecret(length uint8) ([]byte, error) {
secret := make([]byte, length)
_, err := rand.Read(secret)
if err != nil {
return nil, err
}
return secret, err
}
// GenerateToken generate hexadecimal token.
func GenerateToken() (string, error) {
secret, err := generateSecret(constant.TokenLength)
if err != nil {
return "", err
}
token := hex.EncodeToString(secret)
return token, nil
}
// generateArgon2ID Generate an argon2id hash from source string and specified salt.
func (config config) generateArgon2ID(source string, salt []byte) []byte {
hash := argon2.IDKey([]byte(source), salt, config.iterations, config.memory, config.threads, config.keyLength)
return hash
}
// Password hash a source string with argon2id, return properly encoded hash.
func Password(password string) (string, error) {
config := config{
saltLength: constant.ArgonSaltSize,
memory: constant.ArgonMemory,
threads: constant.ArgonThreads,
keyLength: constant.ArgonKeyLength,
iterations: constant.ArgonIterations,
}
salt, err := generateSecret(config.saltLength)
if err != nil {
return "", err
}
hash := config.generateArgon2ID(password, salt)
base64Hash := base64.RawStdEncoding.EncodeToString(hash)
base64Salt := base64.RawStdEncoding.EncodeToString(salt)
formatted := fmt.Sprintf("$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s", argon2.Version, config.memory, config.iterations, config.threads, base64Salt, base64Hash)
return formatted, nil
}
// VerifyPassword check is source password and stored password is similar, take password and a properly encoded hash.
func VerifyPassword(password string, hash string) (bool, error) {
argon2Hash, config, err := parseHash(hash)
if err != nil {
return false, err
}
result := config.generateArgon2ID(password, argon2Hash.salt)
return bytes.Equal(result, argon2Hash.hash), nil
}
// parseHash parse existing encoded argon2id string.
func parseHash(source string) (argon2idHash, config, error) {
separateItem := strings.Split(source, "$")
if len(separateItem) != 6 { //nolint:gomnd
return argon2idHash{}, config{}, &parseError{message: "Hash format is not valid"}
}
if separateItem[1] != "argon2id" {
return argon2idHash{}, config{}, &parseError{message: "Algorithm is not valid"}
}
separateParam := strings.Split(separateItem[3], ",")
if len(separateParam) != 3 { //nolint:gomnd
return argon2idHash{}, config{}, &parseError{message: "Hash config is not valid"}
}
salt, err := base64.RawStdEncoding.Strict().DecodeString(separateItem[4])
if err != nil {
return argon2idHash{}, config{}, err
}
var hash []byte
hash, err = base64.RawStdEncoding.Strict().DecodeString(separateItem[5])
if err != nil {
return argon2idHash{}, config{}, err
}
saltLength := uint8(len(salt))
keyLength := uint32(len(hash))
var memory int
memory, err = strconv.Atoi(strings.ReplaceAll(separateParam[0], "m=", ""))
if err != nil {
return argon2idHash{}, config{}, err
}
var iterations int
iterations, err = strconv.Atoi(strings.ReplaceAll(separateParam[1], "t=", ""))
if err != nil {
return argon2idHash{}, config{}, err
}
var threads int
threads, err = strconv.Atoi(strings.ReplaceAll(separateParam[2], "p=", ""))
if err != nil {
return argon2idHash{}, config{}, err
}
argon2idStruct := argon2idHash{
salt: salt,
hash: hash,
}
hashConfig := config{
saltLength: saltLength,
memory: uint32(memory),
threads: uint8(threads),
iterations: uint32(iterations),
keyLength: keyLength,
}
return argon2idStruct, hashConfig, nil
}

View file

@ -1,9 +0,0 @@
package secret
type parseError struct {
message string
}
func (m *parseError) Error() string {
return "parseHash: " + m.message
}

View file

@ -1,17 +1,17 @@
package utils
type parseIntBeforeSeparatorError struct {
message string
type ParseIntBeforeSeparatorError struct {
Message string
}
func (m *parseIntBeforeSeparatorError) Error() string {
return "parseIntBeforeSeparator: " + m.message
func (m *ParseIntBeforeSeparatorError) Error() string {
return "parseIntBeforeSeparator: " + m.Message
}
type ParseExpirationError struct {
message string
Message string
}
func (m *ParseExpirationError) Error() string {
return "parseIntBeforeSeparator: " + m.message
return "parseIntBeforeSeparator: " + m.Message
}

View file

@ -1,34 +1,47 @@
package utils
import (
"crypto/rand"
"encoding/hex"
"log"
mathrand "math/rand/v2"
"regexp"
mathrand "math/rand"
"strconv"
"strings"
"git.gnous.eu/gnouseu/plakken/internal/constant"
)
// GenerateURL generate random string for plak url.
func GenerateURL(length uint8) string {
// GenerateUrl generate random string for plak url
func GenerateUrl(length uint8) string {
listChars := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
b := make([]rune, length)
for i := range b {
b[i] = listChars[mathrand.IntN(len(listChars))]
b[i] = listChars[mathrand.Intn(len(listChars))]
}
return string(b)
}
// CheckCharRedundant verify is a character is redundant in a string.
// GenerateSecret generate random secret (32 bytes hexadecimal)
func GenerateSecret() string {
key := make([]byte, 32)
_, err := rand.Read(key)
if err != nil {
log.Printf("Failed to generate secret")
}
return hex.EncodeToString(key)
}
// CheckCharRedundant verify is a character is redundant in a string
func CheckCharRedundant(source string, char string) bool { // Verify if a char is redundant
return strings.Count(source, char) > 1
if strings.Count(source, char) > 1 {
return true
}
return false
}
func parseIntBeforeSeparator(source *string, sep string) (int, error) { // return 0 & error if error, only accept positive number
if CheckCharRedundant(*source, sep) {
return 0, &parseIntBeforeSeparatorError{message: *source + ": cannot parse value as int"}
return 0, &ParseIntBeforeSeparatorError{Message: *source + ": cannot parse value as int"}
}
var value int
var err error
@ -36,24 +49,22 @@ func parseIntBeforeSeparator(source *string, sep string) (int, error) { // retur
value, err = strconv.Atoi(strings.Split(*source, sep)[0])
if err != nil {
log.Println(err)
return 0, &parseIntBeforeSeparatorError{message: *source + ": cannot parse value as int"}
return 0, &ParseIntBeforeSeparatorError{Message: *source + ": cannot parse value as int"}
}
if value < 0 { // Only positive value is correct
return 0, &parseIntBeforeSeparatorError{message: *source + ": format only take positive value"}
return 0, &ParseIntBeforeSeparatorError{Message: *source + ": format only take positive value"}
}
if value > 99 { //nolint:gomnd
return 0, &parseIntBeforeSeparatorError{message: *source + ": Format only take two number"}
if value > 99 {
return 0, &ParseIntBeforeSeparatorError{Message: *source + ": Format only take two number"}
}
*source = strings.Join(strings.Split(*source, sep)[1:], "")
}
return value, nil
}
// ParseExpiration Parse "1d1h1m1s" duration format. Return 0 & error if error.
// ParseExpiration Parse "1d1h1m1s" duration format. Return 0 & error if error
func ParseExpiration(source string) (int, error) {
var expiration int
var tempOutput int
@ -65,44 +76,29 @@ func ParseExpiration(source string) (int, error) {
source = strings.ToLower(source)
tempOutput, err = parseIntBeforeSeparator(&source, "d")
expiration = tempOutput * constant.SecondsInDay
expiration = tempOutput * 86400
if err != nil {
log.Println(err)
return 0, &ParseExpirationError{message: "Invalid syntax"}
return 0, &ParseExpirationError{Message: "Invalid syntax"}
}
tempOutput, err = parseIntBeforeSeparator(&source, "h")
expiration += tempOutput * constant.SecondsInHour
expiration += tempOutput * 3600
if err != nil {
log.Println(err)
return 0, &ParseExpirationError{message: "Invalid syntax"}
return 0, &ParseExpirationError{Message: "Invalid syntax"}
}
tempOutput, err = parseIntBeforeSeparator(&source, "m")
expiration += tempOutput * constant.SecondsInMinute
expiration += tempOutput * 60
if err != nil {
log.Println(err)
return 0, &ParseExpirationError{message: "Invalid syntax"}
return 0, &ParseExpirationError{Message: "Invalid syntax"}
}
tempOutput, err = parseIntBeforeSeparator(&source, "s")
expiration += tempOutput * 1
if err != nil {
log.Println(err)
return 0, &ParseExpirationError{message: "Invalid syntax"}
return 0, &ParseExpirationError{Message: "Invalid syntax"}
}
return expiration, nil
}
// ValidKey Verify if a key is valid (only letter, number, - and _).
func ValidKey(key string) bool {
result, err := regexp.MatchString("^[a-zA-Z0-9_.-]*$", key)
if err != nil {
return false
}
log.Println(key, result)
return result
}

View file

@ -1,18 +1,10 @@
package plak
type deletePlakError struct {
name string
err error
type DeletePlakError struct {
Name string
Err error
}
func (m *deletePlakError) Error() string {
return "Cannot delete: " + m.name + " : " + m.err.Error()
}
type createError struct {
message string
}
func (m *createError) Error() string {
return "create: cannot create plak: " + m.message
func (m *DeletePlakError) Error() string {
return "Cannot delete: " + m.Name + " : " + m.Err.Error()
}

View file

@ -2,198 +2,87 @@ package plak
import (
"context"
"embed"
"html/template"
"io"
"log"
"net/http"
"time"
"git.gnous.eu/gnouseu/plakken/internal/constant"
"git.gnous.eu/gnouseu/plakken/internal/database"
"git.gnous.eu/gnouseu/plakken/internal/secret"
"git.gnous.eu/gnouseu/plakken/internal/utils"
"github.com/redis/go-redis/v9"
"html/template"
)
var ctx = context.Background() //nolint:gochecknoglobals
var ctx = context.Background()
type WebConfig struct {
DB *redis.Client
URLLength uint8
Templates embed.FS
UrlLength uint8
}
// plak "Object" for plak.
type plak struct {
// Plak "Object" for plak
type Plak struct {
Key string
Content string
Expiration time.Duration
DB *redis.Client
}
// create a plak.
func (plak plak) create() (string, error) {
dbConf := database.DBConfig{
DB: plak.DB,
}
token, err := secret.GenerateToken()
if err != nil {
return "", err
}
if dbConf.URLExist(plak.Key) {
return "", &createError{message: "key already exist"}
}
var hashedSecret string
hashedSecret, err = secret.Password(token)
if err != nil {
return "", err
}
dbConf.InsertPaste(plak.Key, plak.Content, hashedSecret, plak.Expiration)
return token, nil
}
// PostCreate manage POST request for create plak.
func (config WebConfig) PostCreate(w http.ResponseWriter, r *http.Request) {
// Create manage POST request for create Plak
func (config WebConfig) Create(w http.ResponseWriter, r *http.Request) {
content := r.FormValue("content")
if content == "" {
w.WriteHeader(http.StatusBadRequest)
return
}
filename := r.FormValue("filename")
var key string
if len(filename) == 0 {
key = utils.GenerateURL(config.URLLength)
} else {
if !utils.ValidKey(filename) {
w.WriteHeader(http.StatusBadRequest)
return
}
key = filename
}
plak := plak{
Key: key,
Content: content,
DB: config.DB,
dbConf := database.DBConfig{
DB: config.DB,
}
secret := utils.GenerateSecret()
key := utils.GenerateUrl(config.UrlLength)
rawExpiration := r.FormValue("exp")
expiration, err := utils.ParseExpiration(rawExpiration)
if err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
if expiration == 0 {
plak.Expiration = -1
w.WriteHeader(http.StatusBadRequest)
} else if expiration == 0 {
dbConf.InsertPaste(key, content, secret, -1)
} else {
plak.Expiration = time.Duration(expiration * int(time.Second))
dbConf.InsertPaste(key, content, secret, time.Duration(expiration*int(time.Second)))
}
_, err = plak.create()
if err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
http.Redirect(w, r, "/"+key, http.StatusSeeOther)
http.Redirect(w, r, key, http.StatusSeeOther)
}
// CurlCreate PostCreate plak with minimum param, ideal for curl. Force 7 day expiration.
func (config WebConfig) CurlCreate(w http.ResponseWriter, r *http.Request) {
if r.ContentLength == 0 {
w.WriteHeader(http.StatusBadRequest)
return
}
content, _ := io.ReadAll(r.Body)
err := r.Body.Close()
if err != nil {
log.Println(err)
}
key := utils.GenerateURL(config.URLLength)
plak := plak{
Key: key,
Content: string(content),
Expiration: constant.ExpirationCurlCreate,
DB: config.DB,
}
var token string
token, err = plak.create()
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
var baseURL string
if r.TLS == nil {
baseURL = "http://" + r.Host + "/" + key
} else {
baseURL = "https://" + r.Host + "/" + key
}
message := baseURL + "\n" + "Delete with : 'curl -X DELETE " + baseURL + "?secret\\=" + token + "'" + "\n"
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
_, err = io.WriteString(w, message)
if err != nil {
log.Println(err)
}
}
// View for plak.
// View for plak
func (config WebConfig) View(w http.ResponseWriter, r *http.Request) {
dbConf := database.DBConfig{
DB: config.DB,
}
var currentPlak plak
var plak Plak
key := r.PathValue("key")
//nolint:nestif
if dbConf.URLExist(key) {
currentPlak = plak{
if dbConf.UrlExist(key) {
plak = Plak{
Key: key,
DB: config.DB,
}
currentPlak = currentPlak.getContent()
plak = plak.GetContent()
if r.PathValue("settings") == "raw" {
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
_, err := io.WriteString(w, currentPlak.Content)
_, err := io.WriteString(w, plak.Content)
if err != nil {
log.Println(err)
}
} else {
t, err := template.ParseFS(config.Templates, "templates/paste.html")
t, err := template.ParseFiles("templates/paste.html")
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Println(err)
return
}
err = t.Execute(w, currentPlak)
err = t.Execute(w, plak)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Println(err)
return
}
}
} else {
@ -201,61 +90,45 @@ func (config WebConfig) View(w http.ResponseWriter, r *http.Request) {
}
}
// DeleteRequest manage plak deletion endpoint.
func (config WebConfig) DeleteRequest(w http.ResponseWriter, r *http.Request) {
// Delete manage plak deletion endpoint
func (config WebConfig) Delete(w http.ResponseWriter, r *http.Request) {
dbConf := database.DBConfig{
DB: config.DB,
}
key := r.PathValue("key")
var valid bool
//nolint:nestif
if dbConf.URLExist(key) {
var err error
token := r.URL.Query().Get("secret")
valid, err = dbConf.VerifySecret(key, token)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Println(err)
}
if valid {
plak := plak{
if dbConf.UrlExist(key) {
secret := r.URL.Query().Get("secret")
if dbConf.VerifySecret(key, secret) {
plak := Plak{
Key: key,
DB: config.DB,
}
err := plak.delete()
err := plak.deletePlak()
if err != nil {
log.Println(err)
}
w.WriteHeader(http.StatusNoContent)
} else {
w.WriteHeader(http.StatusForbidden)
}
return
}
w.WriteHeader(http.StatusNotFound)
}
// delete DeleteRequest plak from database.
func (plak plak) delete() error {
// deletePlak Delete plak from database
func (plak Plak) deletePlak() error {
err := plak.DB.Del(ctx, plak.Key).Err()
if err != nil {
log.Println(err)
return &deletePlakError{name: plak.Key, err: err}
return &DeletePlakError{Name: plak.Key, Err: err}
}
return nil
}
// getContent get plak content.
func (plak plak) getContent() plak {
// GetContent get plak content
func (plak Plak) GetContent() Plak {
plak.Content = plak.DB.HGet(ctx, plak.Key, "content").Val()
return plak
}

View file

@ -0,0 +1,15 @@
package static
import (
"net/http"
)
// ServeStatic Serve static file from static
func ServeStatic(w http.ResponseWriter, r *http.Request) {
http.ServeFile(w, r, "./static/"+r.PathValue("file")) // TODO: vérifier si c'est safe
}
// Home Serve index.html
func Home(w http.ResponseWriter, r *http.Request) {
http.ServeFile(w, r, "./static/index.html")
}

24
main.go
View file

@ -1,36 +1,20 @@
package main
import (
"embed"
"log"
"git.gnous.eu/gnouseu/plakken/internal/config"
"git.gnous.eu/gnouseu/plakken/internal/database"
"git.gnous.eu/gnouseu/plakken/internal/httpserver"
)
var (
//go:embed templates
templates embed.FS
//go:embed static
static embed.FS
"git.gnous.eu/gnouseu/plakken/internal/httpServer"
)
func main() {
initConfig := config.GetConfig()
dbConfig := database.InitDB(initConfig.RedisAddress, initConfig.RedisUser, initConfig.RedisPassword, initConfig.RedisDB)
db := database.ConnectDB(dbConfig)
err := database.Ping(db)
if err != nil {
log.Fatal(err)
}
serverConfig := httpserver.ServerConfig{
HTTPServer: httpserver.Config(initConfig.ListenAddress),
URLLength: initConfig.URLLength,
serverConfig := httpServer.ServerConfig{
HTTPServer: httpServer.Config(initConfig.ListenAddress),
UrlLength: initConfig.UrlLength,
DB: db,
Static: static,
Templates: templates,
}
serverConfig.Server()

View file

@ -1,3 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json"
}

View file

@ -11,7 +11,7 @@
<link href="/static/style.css" rel="stylesheet">
</head>
<body>
<form action="/create/" method="post">
<form method="post">
<div>
<label for="lines"></label>
<textarea id="lines" readonly wrap="hard">1</textarea>

View file

@ -1,58 +0,0 @@
package secret_test
import (
"fmt"
"regexp"
"testing"
"git.gnous.eu/gnouseu/plakken/internal/constant"
"git.gnous.eu/gnouseu/plakken/internal/secret"
"golang.org/x/crypto/argon2"
)
func TestSecret(t *testing.T) {
t.Parallel()
testPasswordFormat(t)
testVerifyPassword(t)
testVerifyPasswordInvalid(t)
}
func testPasswordFormat(t *testing.T) {
t.Helper()
regex := fmt.Sprintf("\\$argon2id\\$v=%d\\$m=%d,t=%d,p=%d\\$[A-Za-z0-9+/]*\\$[A-Za-z0-9+/]*$", argon2.Version, constant.ArgonMemory, constant.ArgonIterations, constant.ArgonThreads) //nolint:lll
got, err := secret.Password("Password!")
if err != nil {
t.Fatal(err)
}
result, _ := regexp.MatchString(regex, got)
if !result {
t.Fatal("Error in Password, format is not valid "+": ", got)
}
}
func testVerifyPassword(t *testing.T) {
t.Helper()
result, err := secret.VerifyPassword("Password!", "$argon2id$v=19$m=65536,t=2,p=4$A+t5YGpyy1BHCbvk/LP1xQ$eNuUj6B2ZqXlGi6KEqep39a7N4nysUIojuPXye+Ypp0") //nolint:lll
if err != nil {
t.Fatal(err)
}
if !result {
t.Fatal("Error in VerifyPassword, got:", result, "want: ", true)
}
}
func testVerifyPasswordInvalid(t *testing.T) {
t.Helper()
result, err := secret.VerifyPassword("notsamepassword", "$argon2id$v=19$m=65536,t=2,p=4$A+t5YGpyy1BHCbvk/LP1xQ$eNuUj6B2ZqXlGi6KEqep39a7N4nysUIojuPXye+Ypp0") //nolint:lll
if err != nil {
t.Fatal(err)
}
if result {
t.Fatal("Error in VerifyPassword, got:", result, "want: ", false)
}
}

View file

@ -7,25 +7,7 @@ import (
"git.gnous.eu/gnouseu/plakken/internal/utils"
)
func TestUtils(t *testing.T) {
t.Parallel()
testCheckCharNotRedundantTrue(t)
testCheckCharNotRedundantFalse(t)
testParseExpirationFull(t)
testParseExpirationMissing(t)
testParseExpirationWithCaps(t)
testParseExpirationNull(t)
testParseExpirationNegative(t)
testParseExpirationInvalid(t)
testParseExpirationInvalidRedundant(t)
testParseExpirationInvalidTooHigh(t)
testValidKey(t)
testInValidKey(t)
}
func testCheckCharNotRedundantTrue(t *testing.T) { // Test CheckCharRedundant with redundant char
t.Helper()
func TestCheckCharNotRedundantTrue(t *testing.T) { // Test CheckCharRedundant with redundant char
want := true
got := utils.CheckCharRedundant("2d1h3md4h7s", "h")
if got != want {
@ -33,8 +15,7 @@ func testCheckCharNotRedundantTrue(t *testing.T) { // Test CheckCharRedundant wi
}
}
func testCheckCharNotRedundantFalse(t *testing.T) { // Test CheckCharRedundant with not redundant char
t.Helper()
func TestCheckCharNotRedundantFalse(t *testing.T) { // Test CheckCharRedundant with not redundant char
want := false
got := utils.CheckCharRedundant("2d1h3m47s", "h")
if got != want {
@ -42,8 +23,7 @@ func testCheckCharNotRedundantFalse(t *testing.T) { // Test CheckCharRedundant w
}
}
func testParseExpirationFull(t *testing.T) { // test parseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationFull(t *testing.T) { // test parseExpirationFull with all valid separator
result, _ := utils.ParseExpiration("2d1h3m47s")
correctValue := 176627
if result != correctValue {
@ -51,8 +31,7 @@ func testParseExpirationFull(t *testing.T) { // test parseExpirationFull with al
}
}
func testParseExpirationMissing(t *testing.T) { // test parseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationMissing(t *testing.T) { // test parseExpirationFull with all valid separator
result, _ := utils.ParseExpiration("1h47s")
correctValue := 3647
if result != correctValue {
@ -60,8 +39,7 @@ func testParseExpirationMissing(t *testing.T) { // test parseExpirationFull with
}
}
func testParseExpirationWithCaps(t *testing.T) { // test parseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationWithCaps(t *testing.T) { // test parseExpirationFull with all valid separator
result, _ := utils.ParseExpiration("2D1h3M47s")
correctValue := 176627
if result != correctValue {
@ -69,8 +47,7 @@ func testParseExpirationWithCaps(t *testing.T) { // test parseExpirationFull wit
}
}
func testParseExpirationNull(t *testing.T) { // test ParseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationNull(t *testing.T) { // test ParseExpirationFull with all valid separator
result, _ := utils.ParseExpiration("0")
correctValue := 0
if result != correctValue {
@ -78,8 +55,7 @@ func testParseExpirationNull(t *testing.T) { // test ParseExpirationFull with al
}
}
func testParseExpirationNegative(t *testing.T) { // test ParseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationNegative(t *testing.T) { // test ParseExpirationFull with all valid separator
_, got := utils.ParseExpiration("-42h1m4s")
want := &utils.ParseExpirationError{}
if !errors.As(got, &want) {
@ -87,49 +63,19 @@ func testParseExpirationNegative(t *testing.T) { // test ParseExpirationFull wit
}
}
func testParseExpirationInvalid(t *testing.T) { // test ParseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationInvalid(t *testing.T) { // test ParseExpirationFull with all valid separator
_, got := utils.ParseExpiration("8h42h1m1d4s")
want := &utils.ParseExpirationError{}
if !errors.As(got, &want) {
t.Fatal("Error in ParseExpirationFull, want : ", want, "got : ", got)
}
}
func testParseExpirationInvalidRedundant(t *testing.T) { // test ParseExpirationFull with all valid separator
t.Helper()
func TestParseExpirationInvalidRedundant(t *testing.T) { // test ParseExpirationFull with all valid separator
_, got := utils.ParseExpiration("8h42h1m1h4s")
want := &utils.ParseExpirationError{}
if !errors.As(got, &want) {
t.Fatal("Error in ParseExpirationFull, want : ", want, "got : ", got)
}
}
func testParseExpirationInvalidTooHigh(t *testing.T) { // test ParseExpirationFull with all valid separator
t.Helper()
_, got := utils.ParseExpiration("2d1h3m130s")
want := &utils.ParseExpirationError{}
if !errors.As(got, &want) {
t.Fatal("Error in ParseExpirationFull, want : ", want, "got : ", got)
}
}
func testValidKey(t *testing.T) { // test ValidKey with a valid key
t.Helper()
got := utils.ValidKey("ab_a-C42")
want := true
if got != want {
t.Fatal("Error in ValidKey, want : ", want, "got : ", got)
}
}
func testInValidKey(t *testing.T) { // test ValidKey with invalid key
t.Helper()
got := utils.ValidKey("ab_?a-C42")
want := false
if got != want {
t.Fatal("Error in ValidKey, want : ", want, "got : ", got)
}
}