-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.go
139 lines (127 loc) · 5.62 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
package main
import (
"log"
"server/auth"
"server/config"
"server/db"
"server/processing"
"server/utils"
"server/web"
"strings"
"time"
"server/handlers"
"server/models"
"server/storage"
"github.com/gin-contrib/cors"
"github.com/gin-contrib/gzip"
"github.com/gin-contrib/sessions"
gormsessions "github.com/gin-contrib/sessions/gorm"
"github.com/gin-gonic/autotls"
"github.com/gin-gonic/gin"
)
const (
sessionStoreKey = "this is a long key" // TODO: convert to env variable
sessionCookieName = "token"
sessionExpirationTime = 365 * 86400 // 1 year
)
func main() {
db.Init()
models.Init()
storage.Init()
processing.Init()
go processing.StartProcessing()
// if !config.DEBUG_MODE {
// gin.SetMode(gin.ReleaseMode)
// }
router := gin.Default()
_ = router.SetTrustedProxies([]string{})
if config.DEBUG_MODE {
router.Use(utils.ErrorLogMiddleware)
}
router.Use(cors.New(cors.Config{
AllowOrigins: []string{"*"},
AllowMethods: []string{"PUT", "POST", "DELETE"},
AllowHeaders: []string{"Origin"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
// AllowOriginFunc: func(origin string) bool {
// return strings.HasSuffix(origin, ".circled.me") || strings.HasSuffix(origin, ".circled.me/")
// },
MaxAge: 30 * 24 * time.Hour,
}))
// HTML templates
router.LoadHTMLGlob("templates/*.tmpl")
cookieStore := gormsessions.NewStore(db.Instance, true, []byte(sessionStoreKey))
cookieStore.Options(sessions.Options{MaxAge: sessionExpirationTime})
router.Use(sessions.Sessions(sessionCookieName, cookieStore))
if !config.DEBUG_MODE {
router.Use(gzip.Gzip(gzip.DefaultCompression, gzip.WithExcludedPaths([]string{"/asset/fetch"})))
}
router.Use((&utils.CacheRouter{CacheTime: utils.CacheNoCache}).Handler()) // No cache by default, individual end-points can override that
// Custom Auth Router
authRouter := &auth.Router{Base: router}
// Backup handlers
authRouter.POST("/backup/check", handlers.BackupCheck, models.PermissionPhotoUpload, models.PermissionPhotoBackup)
authRouter.PUT("/backup/upload", handlers.BackupUpload, models.PermissionPhotoUpload)
authRouter.POST("/backup/meta-data", handlers.BackupMetaData, models.PermissionPhotoUpload)
authRouter.POST("/backup/confirm", handlers.BackupConfirm, models.PermissionPhotoUpload)
// Bucket handlers
authRouter.GET("/bucket/list", handlers.BucketList, models.PermissionAdmin)
authRouter.POST("/bucket/save", handlers.BucketSave, models.PermissionAdmin)
// User info handlers
router.POST("/user/login", handlers.UserLogin)
authRouter.POST("/user/save", handlers.UserSave, models.PermissionAdmin)
authRouter.POST("/user/delete", handlers.UserDelete) // PermissionAdmin or own account check (in handler)
authRouter.POST("/user/reinvite", handlers.UserReInvite, models.PermissionAdmin)
authRouter.GET("/user/status", handlers.UserGetStatus)
authRouter.GET("/user/list", handlers.UserList)
authRouter.POST("/user/logout", handlers.UserLogout)
// Asset handlers
authRouter.GET("/asset/list", handlers.AssetList, models.PermissionPhotoUpload)
authRouter.GET("/asset/tags", handlers.TagList, models.PermissionPhotoUpload)
authRouter.GET("/asset/fetch", handlers.AssetFetch) // Auth checks are done inside the handler
authRouter.POST("/asset/delete", handlers.AssetDelete, models.PermissionPhotoUpload) // TODO: S3 Delete done?
authRouter.POST("/asset/favourite", handlers.AssetFavourite)
authRouter.POST("/asset/unfavourite", handlers.AssetUnfavourite)
// Album handlers
authRouter.GET("/album/list", handlers.AlbumList)
authRouter.POST("/album/create", handlers.AlbumCreate, models.PermissionPhotoUpload)
authRouter.POST("/album/save", handlers.AlbumSave, models.PermissionPhotoUpload) // TODO: Check hero saved?
authRouter.POST("/album/delete", handlers.AlbumDelete, models.PermissionPhotoUpload)
authRouter.POST("/album/add", handlers.AlbumAddAssets, models.PermissionPhotoUpload)
authRouter.POST("/album/remove", handlers.AlbumRemoveAsset, models.PermissionPhotoUpload)
authRouter.GET("/album/assets", handlers.AlbumAssets)
authRouter.GET("/album/share", handlers.AlbumShare)
authRouter.POST("/album/contributor", handlers.AlbumContributorSave, models.PermissionPhotoUpload) // DEPRECATED
authRouter.GET("/album/contributors", handlers.AlbumContributorsGet, models.PermissionPhotoUpload)
authRouter.POST("/album/contributors", handlers.AlbumContributorsSave, models.PermissionPhotoUpload)
// Upload Request
authRouter.GET("/upload/share", handlers.UploadShare, models.PermissionPhotoUpload)
// Moment handlers
authRouter.GET("/moment/list", handlers.MomentList, models.PermissionPhotoUpload)
authRouter.GET("/moment/assets", handlers.MomentAssets, models.PermissionPhotoUpload)
// Group handlers
authRouter.GET("/group/list", handlers.GroupList)
authRouter.POST("/group/create", handlers.GroupCreate)
authRouter.POST("/group/save", handlers.GroupSave)
authRouter.POST("/group/delete", handlers.GroupDelete)
// WebSocket handler
authRouter.GET("/ws", handlers.WebSocket)
// Web albums
router.GET("/w/album/:token/", web.AlbumView)
router.GET("/w/album/:token/asset", web.AlbumAssetView)
// Web file uploads
router.GET("/w/upload/:token/", web.UploadRequestView)
router.GET("/w/upload/:token/new-url/", web.UploadRequestNewURL)
router.POST("/w/upload/:token/confirm/", web.UploadRequestConfirm)
router.PUT("/w/upload/:token/", web.UploadRequestProcess)
// Misc
router.GET("/robots.txt", web.DisallowRobots)
var err error
if config.TLS_DOMAINS != "" {
err = autotls.Run(router, strings.Split(config.TLS_DOMAINS, ",")...)
} else {
err = router.Run(config.BIND_ADDRESS)
}
log.Fatalf("Server stopped: %v", err)
}