surtur
882b7dfd28
All checks were successful
continuous-integration/drone/push Build is passing
* log details about unauthorised access * return semantically correct 403 (instead of 401) on unauthorised access * allow read-only admin access to "hibp breach details" endpoint
74 lines
1.7 KiB
Go
74 lines
1.7 KiB
Go
// Copyright 2023 wanderer <a_mirre at utb dot cz>
|
|
// SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/labstack/echo-contrib/session"
|
|
"github.com/labstack/echo/v4"
|
|
)
|
|
|
|
const unauthorisedAccess = "Unauthorised access detected"
|
|
|
|
func Index() echo.HandlerFunc {
|
|
return func(c echo.Context) error {
|
|
defer addHeaders(c)
|
|
|
|
if sess, _ := session.Get(setting.SessionCookieName(), c); sess != nil {
|
|
if uname, ok := sess.Values["username"].(string); ok {
|
|
if uname != "" {
|
|
return c.Redirect(http.StatusFound, "/home")
|
|
}
|
|
}
|
|
}
|
|
|
|
csrf := c.Get("csrf").(string)
|
|
p := newPage()
|
|
|
|
p.Title = "Welcome!"
|
|
p.Current = "home"
|
|
p.CSRF = csrf
|
|
|
|
err := c.Render(
|
|
http.StatusOK,
|
|
"index.tmpl",
|
|
p,
|
|
)
|
|
if err != nil {
|
|
c.Logger().Errorf("error: %q", err)
|
|
|
|
return renderErrorPage(
|
|
c,
|
|
http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError),
|
|
err.Error(),
|
|
)
|
|
}
|
|
|
|
return err
|
|
}
|
|
}
|
|
|
|
func Healthz() echo.HandlerFunc {
|
|
// TODO: have this respond with some kind of internal state that gets
|
|
// read-locked when returning.
|
|
return func(c echo.Context) error {
|
|
return c.JSON(http.StatusOK, struct{ Status string }{Status: "OK"})
|
|
}
|
|
}
|
|
|
|
func addHeaders(c echo.Context) {
|
|
c.Response().Header().Set("Cross-Origin-Opener-Policy", "same-origin")
|
|
}
|
|
|
|
// experimental global redirect handler?
|
|
// http.HandleFunc("/redirect", func(w http.ResponseWriter, r *http.Request) {
|
|
// loc, err := url.QueryUnescape(r.URL.Query().Get("loc"))
|
|
// if err != nil {
|
|
// http.Error(w, fmt.Sprintf("invalid redirect: %q", r.URL.Query().Get("loc")), http.StatusBadRequest)
|
|
// return
|
|
// }
|
|
// http.Redirect(w, r, loc, http.StatusFound)
|
|
// })
|