2018-04-28 04:32:08 +03:00
|
|
|
package server
|
2017-03-22 05:46:05 +03:00
|
|
|
|
|
|
|
import (
|
2017-03-22 17:09:09 +03:00
|
|
|
"encoding/base32"
|
2017-03-22 05:46:05 +03:00
|
|
|
"encoding/binary"
|
|
|
|
"encoding/hex"
|
|
|
|
"math/rand"
|
2018-04-01 04:31:26 +03:00
|
|
|
"net/http"
|
2017-03-22 06:51:52 +03:00
|
|
|
"os"
|
2018-04-01 04:31:26 +03:00
|
|
|
"path"
|
2017-03-22 05:46:05 +03:00
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
|
2017-03-22 17:09:09 +03:00
|
|
|
"github.com/microcosm-cc/bluemonday"
|
2019-07-05 16:45:52 +03:00
|
|
|
"github.com/russross/blackfriday/v2"
|
2017-03-22 17:09:09 +03:00
|
|
|
"github.com/shurcooL/github_flavored_markdown"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
2017-03-22 05:46:05 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
var animals []string
|
|
|
|
var adjectives []string
|
|
|
|
var aboutPageText string
|
2018-01-18 12:50:55 +03:00
|
|
|
var allowInsecureHtml bool
|
2017-03-22 05:46:05 +03:00
|
|
|
|
|
|
|
func init() {
|
|
|
|
rand.Seed(time.Now().Unix())
|
2017-03-22 22:03:00 +03:00
|
|
|
animalsText, _ := Asset("static/text/animals")
|
2017-03-22 05:46:05 +03:00
|
|
|
animals = strings.Split(string(animalsText), ",")
|
2017-03-22 22:03:00 +03:00
|
|
|
adjectivesText, _ := Asset("static/text/adjectives")
|
2017-03-22 05:46:05 +03:00
|
|
|
adjectives = strings.Split(string(adjectivesText), "\n")
|
2017-03-22 22:19:00 +03:00
|
|
|
}
|
|
|
|
|
2017-03-22 05:46:05 +03:00
|
|
|
func randomAnimal() string {
|
|
|
|
return strings.Replace(strings.Title(animals[rand.Intn(len(animals)-1)]), " ", "", -1)
|
|
|
|
}
|
|
|
|
|
|
|
|
func randomAdjective() string {
|
|
|
|
return strings.Replace(strings.Title(adjectives[rand.Intn(len(adjectives)-1)]), " ", "", -1)
|
|
|
|
}
|
|
|
|
|
|
|
|
func randomAlliterateCombo() (combo string) {
|
|
|
|
combo = ""
|
|
|
|
// generate random alliteration thats not been used
|
|
|
|
for {
|
|
|
|
animal := randomAnimal()
|
|
|
|
adjective := randomAdjective()
|
2017-03-24 16:14:34 +03:00
|
|
|
if animal[0] == adjective[0] && len(animal)+len(adjective) < 18 { //&& stringInSlice(strings.ToLower(adjective+animal), takenNames) == false {
|
2017-03-22 05:46:05 +03:00
|
|
|
combo = adjective + animal
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// is there a string in a slice?
|
|
|
|
func stringInSlice(s string, strings []string) bool {
|
|
|
|
for _, k := range strings {
|
|
|
|
if s == k {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
// itob returns an 8-byte big endian representation of v.
|
|
|
|
func itob(v int) []byte {
|
|
|
|
b := make([]byte, 8)
|
|
|
|
binary.BigEndian.PutUint64(b, uint64(v))
|
|
|
|
return b
|
|
|
|
}
|
|
|
|
|
|
|
|
func contentType(filename string) string {
|
|
|
|
switch {
|
|
|
|
case strings.Contains(filename, ".css"):
|
|
|
|
return "text/css"
|
|
|
|
case strings.Contains(filename, ".jpg"):
|
|
|
|
return "image/jpeg"
|
|
|
|
case strings.Contains(filename, ".png"):
|
|
|
|
return "image/png"
|
|
|
|
case strings.Contains(filename, ".js"):
|
|
|
|
return "application/javascript"
|
2017-10-15 16:49:40 +03:00
|
|
|
case strings.Contains(filename, ".xml"):
|
|
|
|
return "application/xml"
|
2017-03-22 05:46:05 +03:00
|
|
|
}
|
|
|
|
return "text/html"
|
|
|
|
}
|
|
|
|
|
2018-04-28 12:29:35 +03:00
|
|
|
func (s *Site) sniffContentType(name string) (string, error) {
|
|
|
|
file, err := os.Open(path.Join(s.PathToData, name))
|
2018-04-01 04:31:26 +03:00
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
|
|
|
|
}
|
|
|
|
defer file.Close()
|
|
|
|
|
|
|
|
// Only the first 512 bytes are used to sniff the content type.
|
|
|
|
buffer := make([]byte, 512)
|
|
|
|
_, err = file.Read(buffer)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Always returns a valid content-type and "application/octet-stream" if no others seemed to match.
|
|
|
|
return http.DetectContentType(buffer), nil
|
|
|
|
}
|
|
|
|
|
2017-03-22 05:46:05 +03:00
|
|
|
var src = rand.NewSource(time.Now().UnixNano())
|
|
|
|
|
|
|
|
const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
|
|
|
const (
|
|
|
|
letterIdxBits = 6 // 6 bits to represent a letter index
|
|
|
|
letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
|
|
|
|
letterIdxMax = 63 / letterIdxBits // # of letter indices fitting in 63 bits
|
|
|
|
)
|
|
|
|
|
|
|
|
// RandStringBytesMaskImprSrc prints a random string
|
|
|
|
func RandStringBytesMaskImprSrc(n int) string {
|
|
|
|
b := make([]byte, n)
|
|
|
|
// A src.Int63() generates 63 random bits, enough for letterIdxMax characters!
|
|
|
|
for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
|
|
|
|
if remain == 0 {
|
|
|
|
cache, remain = src.Int63(), letterIdxMax
|
|
|
|
}
|
|
|
|
if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
|
|
|
|
b[i] = letterBytes[idx]
|
|
|
|
i--
|
|
|
|
}
|
|
|
|
cache >>= letterIdxBits
|
|
|
|
remain--
|
|
|
|
}
|
|
|
|
|
|
|
|
return string(b)
|
|
|
|
}
|
|
|
|
|
|
|
|
// HashPassword generates a bcrypt hash of the password using work factor 14.
|
|
|
|
// https://github.com/gtank/cryptopasta/blob/master/hash.go
|
|
|
|
func HashPassword(password string) string {
|
|
|
|
hash, _ := bcrypt.GenerateFromPassword([]byte(password), 14)
|
|
|
|
return hex.EncodeToString(hash)
|
|
|
|
}
|
|
|
|
|
|
|
|
// CheckPassword securely compares a bcrypt hashed password with its possible
|
|
|
|
// plaintext equivalent. Returns nil on success, or an error on failure.
|
|
|
|
// https://github.com/gtank/cryptopasta/blob/master/hash.go
|
|
|
|
func CheckPasswordHash(password, hashedString string) error {
|
|
|
|
hash, err := hex.DecodeString(hashedString)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return bcrypt.CompareHashAndPassword(hash, []byte(password))
|
|
|
|
}
|
|
|
|
|
2017-03-22 06:51:52 +03:00
|
|
|
// exists returns whether the given file or directory exists or not
|
|
|
|
func exists(path string) bool {
|
|
|
|
_, err := os.Stat(path)
|
2018-04-28 04:32:08 +03:00
|
|
|
return !os.IsNotExist(err)
|
2017-03-22 06:51:52 +03:00
|
|
|
}
|
2017-03-22 17:09:09 +03:00
|
|
|
|
|
|
|
func MarkdownToHtml(s string) string {
|
2019-07-05 16:45:52 +03:00
|
|
|
unsafe := blackfriday.Run([]byte(s))
|
2018-01-18 12:50:55 +03:00
|
|
|
if allowInsecureHtml {
|
|
|
|
return string(unsafe)
|
|
|
|
}
|
|
|
|
|
2017-03-22 17:09:09 +03:00
|
|
|
pClean := bluemonday.UGCPolicy()
|
|
|
|
pClean.AllowElements("img")
|
2018-02-18 23:04:23 +03:00
|
|
|
pClean.AllowElements("center")
|
2017-03-22 17:09:09 +03:00
|
|
|
pClean.AllowAttrs("alt").OnElements("img")
|
|
|
|
pClean.AllowAttrs("src").OnElements("img")
|
|
|
|
pClean.AllowAttrs("class").OnElements("a")
|
|
|
|
pClean.AllowAttrs("href").OnElements("a")
|
|
|
|
pClean.AllowAttrs("id").OnElements("a")
|
|
|
|
pClean.AllowDataURIImages()
|
|
|
|
html := pClean.SanitizeBytes(unsafe)
|
|
|
|
return string(html)
|
|
|
|
}
|
|
|
|
|
|
|
|
func GithubMarkdownToHTML(s string) string {
|
|
|
|
return string(github_flavored_markdown.Markdown([]byte(s)))
|
|
|
|
}
|
2018-02-16 02:50:32 +03:00
|
|
|
|
2017-03-22 17:09:09 +03:00
|
|
|
func encodeToBase32(s string) string {
|
2018-02-16 02:50:32 +03:00
|
|
|
return encodeBytesToBase32([]byte(s))
|
|
|
|
}
|
|
|
|
|
|
|
|
func encodeBytesToBase32(s []byte) string {
|
|
|
|
return base32.StdEncoding.EncodeToString(s)
|
2017-03-22 17:09:09 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func decodeFromBase32(s string) (s2 string, err error) {
|
|
|
|
bString, err := base32.StdEncoding.DecodeString(s)
|
|
|
|
s2 = string(bString)
|
|
|
|
return
|
|
|
|
}
|
2017-03-24 15:25:59 +03:00
|
|
|
|
|
|
|
func reverseSliceInt64(s []int64) []int64 {
|
|
|
|
for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 {
|
|
|
|
s[i], s[j] = s[j], s[i]
|
|
|
|
}
|
|
|
|
return s
|
|
|
|
}
|
2017-03-24 16:09:41 +03:00
|
|
|
|
2017-03-24 15:25:59 +03:00
|
|
|
func reverseSliceString(s []string) []string {
|
|
|
|
for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 {
|
|
|
|
s[i], s[j] = s[j], s[i]
|
|
|
|
}
|
|
|
|
return s
|
|
|
|
}
|
2017-03-24 16:09:41 +03:00
|
|
|
|
|
|
|
func reverseSliceInt(s []int) []int {
|
|
|
|
for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 {
|
|
|
|
s[i], s[j] = s[j], s[i]
|
|
|
|
}
|
|
|
|
return s
|
|
|
|
}
|