pasty/internal/web/controllers/v1/pastes.go

package v1

import (
	"encoding/json"
	"time"

	"github.com/fasthttp/router"
	"github.com/lus/pasty/internal/config"
	"github.com/lus/pasty/internal/shared"
	"github.com/lus/pasty/internal/storage"
	"github.com/lus/pasty/internal/utils"
	limitFasthttp "github.com/ulule/limiter/v3/drivers/middleware/fasthttp"
	"github.com/valyala/fasthttp"
)

// InitializePastesController initializes the '/v1/pastes/*' controller
func InitializePastesController(group *router.Group, rateLimiterMiddleware *limitFasthttp.Middleware) {
	group.GET("/{id}", rateLimiterMiddleware.Handle(v1GetPaste))
	group.POST("", rateLimiterMiddleware.Handle(v1PostPaste))
	group.DELETE("/{id}", rateLimiterMiddleware.Handle(v1DeletePaste))
}

// v1GetPaste handles the 'GET /v1/pastes/{id}' endpoint
func v1GetPaste(ctx *fasthttp.RequestCtx) {
	// Read the ID
	id := ctx.UserValue("id").(string)

	// Retrieve the paste
	paste, err := storage.Current.Get(id)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}
	if paste == nil {
		ctx.SetStatusCode(fasthttp.StatusNotFound)
		ctx.SetBodyString("paste not found")
		return
	}
	legacyPaste := legacyFromModern(paste)
	legacyPaste.DeletionToken = ""

	// Respond with the paste
	jsonData, err := json.Marshal(legacyPaste)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}
	ctx.SetBody(jsonData)
}

// v1PostPaste handles the 'POST /v1/pastes' endpoint
func v1PostPaste(ctx *fasthttp.RequestCtx) {
	// Check content length before reading body into memory
	if config.Current.LengthCap > 0 &&
		ctx.Request.Header.ContentLength() > config.Current.LengthCap {
		ctx.SetStatusCode(fasthttp.StatusBadRequest)
		ctx.SetBodyString("request body length overflow")
		return
	}

	// Unmarshal the body
	values := make(map[string]string)
	err := json.Unmarshal(ctx.PostBody(), &values)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusBadRequest)
		ctx.SetBodyString("invalid request body")
		return
	}

	// Validate the content of the paste
	if values["content"] == "" {
		ctx.SetStatusCode(fasthttp.StatusBadRequest)
		ctx.SetBodyString("missing 'content' field")
		return
	}

	// Acquire the paste ID
	id, err := storage.AcquireID()
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}

	// Create the paste object
	paste := &shared.Paste{
		ID:      id,
		Content: values["content"],
		Created: time.Now().Unix(),
	}

	// Set a modification token
	modificationToken := ""
	if config.Current.ModificationTokens {
		modificationToken = utils.RandomString(config.Current.ModificationTokenCharacters, config.Current.ModificationTokenLength)
		paste.ModificationToken = modificationToken

		err = paste.HashModificationToken()
		if err != nil {
			ctx.SetStatusCode(fasthttp.StatusInternalServerError)
			ctx.SetBodyString(err.Error())
			return
		}
	}

	// Save the paste
	err = storage.Current.Save(paste)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}

	// Respond with the paste
	pasteCopy := legacyFromModern(paste)
	pasteCopy.DeletionToken = modificationToken
	jsonData, err := json.Marshal(pasteCopy)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}
	ctx.SetBody(jsonData)
}

// v1DeletePaste handles the 'DELETE /v1/pastes/{id}'
func v1DeletePaste(ctx *fasthttp.RequestCtx) {
	// Read the ID
	id := ctx.UserValue("id").(string)

	// Unmarshal the body
	values := make(map[string]string)
	err := json.Unmarshal(ctx.PostBody(), &values)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusBadRequest)
		ctx.SetBodyString("invalid request body")
		return
	}

	// Validate the modification token of the paste
	modificationToken := values["deletionToken"]
	if modificationToken == "" {
		ctx.SetStatusCode(fasthttp.StatusBadRequest)
		ctx.SetBodyString("missing 'deletionToken' field")
		return
	}

	// Retrieve the paste
	paste, err := storage.Current.Get(id)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}
	if paste == nil {
		ctx.SetStatusCode(fasthttp.StatusNotFound)
		ctx.SetBodyString("paste not found")
		return
	}

	// Check if the modification token is correct
	if (config.Current.ModificationTokenMaster == "" || modificationToken != config.Current.ModificationTokenMaster) && !paste.CheckModificationToken(modificationToken) {
		ctx.SetStatusCode(fasthttp.StatusForbidden)
		ctx.SetBodyString("invalid deletion token")
		return
	}

	// Delete the paste
	err = storage.Current.Delete(paste.ID)
	if err != nil {
		ctx.SetStatusCode(fasthttp.StatusInternalServerError)
		ctx.SetBodyString(err.Error())
		return
	}

	// Respond with 'ok'
	ctx.SetBodyString("ok")
}
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00			`package v1`

			`import (`
			`"encoding/json"`
Rework project structure 2021-04-15 21:15:42 +03:00			`"time"`
Bump to Go 1.16 2021-04-15 20:26:17 +03:00
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00			`"github.com/fasthttp/router"`
Rework project structure 2021-04-15 21:15:42 +03:00			`"github.com/lus/pasty/internal/config"`
			`"github.com/lus/pasty/internal/shared"`
Bump to Go 1.16 2021-04-15 20:26:17 +03:00			`"github.com/lus/pasty/internal/storage"`
Rework project structure 2021-04-15 21:15:42 +03:00			`"github.com/lus/pasty/internal/utils"`
Implement rate limiting 2020-08-24 00:07:07 +03:00			`limitFasthttp "github.com/ulule/limiter/v3/drivers/middleware/fasthttp"`
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00			`"github.com/valyala/fasthttp"`
			`)`

			`// InitializePastesController initializes the '/v1/pastes/*' controller`
Implement rate limiting 2020-08-24 00:07:07 +03:00			`func InitializePastesController(group router.Group, rateLimiterMiddleware limitFasthttp.Middleware) {`
			`group.GET("/{id}", rateLimiterMiddleware.Handle(v1GetPaste))`
			`group.POST("", rateLimiterMiddleware.Handle(v1PostPaste))`
			`group.DELETE("/{id}", rateLimiterMiddleware.Handle(v1DeletePaste))`
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00			`}`

			`// v1GetPaste handles the 'GET /v1/pastes/{id}' endpoint`
			`func v1GetPaste(ctx *fasthttp.RequestCtx) {`
Switch from snowflake to random string ID system 2020-08-24 21:22:53 +03:00			`// Read the ID`
			`id := ctx.UserValue("id").(string)`
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00
			`// Retrieve the paste`
			`paste, err := storage.Current.Get(id)`
			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`
			`if paste == nil {`
			`ctx.SetStatusCode(fasthttp.StatusNotFound)`
			`ctx.SetBodyString("paste not found")`
			`return`
			`}`
Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`legacyPaste := legacyFromModern(paste)`
			`legacyPaste.DeletionToken = ""`
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00
			`// Respond with the paste`
Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`jsonData, err := json.Marshal(legacyPaste)`
Implement basic web server structure and get paste endpoint 2020-08-23 01:32:46 +03:00			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`
			`ctx.SetBody(jsonData)`
			`}`
Implement paste creation endpoint 2020-08-23 01:40:20 +03:00
			`// v1PostPaste handles the 'POST /v1/pastes' endpoint`
			`func v1PostPaste(ctx *fasthttp.RequestCtx) {`
Add content length cap for paste creation endpoint (#8) * add content length cap * add development docker compose stack * Fix paste creation error notification data * Add length cap to hastebin endpoint as well * Mention length cap in Readme Co-authored-by: Lukas Schulte Pelkum <kbrt@protonmail.com> 2021-05-23 21:55:16 +03:00			`// Check content length before reading body into memory`
			`if config.Current.LengthCap > 0 &&`
			`ctx.Request.Header.ContentLength() > config.Current.LengthCap {`
			`ctx.SetStatusCode(fasthttp.StatusBadRequest)`
			`ctx.SetBodyString("request body length overflow")`
			`return`
			`}`

Implement paste creation endpoint 2020-08-23 01:40:20 +03:00			`// Unmarshal the body`
			`values := make(map[string]string)`
			`err := json.Unmarshal(ctx.PostBody(), &values)`
			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusBadRequest)`
			`ctx.SetBodyString("invalid request body")`
			`return`
			`}`

			`// Validate the content of the paste`
			`if values["content"] == "" {`
			`ctx.SetStatusCode(fasthttp.StatusBadRequest)`
			`ctx.SetBodyString("missing 'content' field")`
			`return`
			`}`

Switch from snowflake to random string ID system 2020-08-24 21:22:53 +03:00			`// Acquire the paste ID`
			`id, err := storage.AcquireID()`
			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`

Implement paste creation endpoint 2020-08-23 01:40:20 +03:00			`// Create the paste object`
Rework project structure 2021-04-15 21:15:42 +03:00			`paste := &shared.Paste{`
Remove the paste-specific autoDelete field 2021-07-30 22:51:33 +03:00			`ID: id,`
			`Content: values["content"],`
			`Created: time.Now().Unix(),`
Implement paste creation endpoint 2020-08-23 01:40:20 +03:00			`}`

Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`// Set a modification token`
			`modificationToken := ""`
			`if config.Current.ModificationTokens {`
Add option to define ID and modification token generation characters (#17) 2021-07-24 18:00:29 +03:00			`modificationToken = utils.RandomString(config.Current.ModificationTokenCharacters, config.Current.ModificationTokenLength)`
Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`paste.ModificationToken = modificationToken`
Implement deletion token toggle & master 2021-04-20 17:38:00 +03:00
Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`err = paste.HashModificationToken()`
Implement deletion token toggle & master 2021-04-20 17:38:00 +03:00			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`
Implement deletion token hashing 2020-08-23 17:06:40 +03:00			`}`

Implement paste deletion endpoint 2020-08-23 01:45:30 +03:00			`// Save the paste`
			`err = storage.Current.Save(paste)`
			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`

Implement paste creation endpoint 2020-08-23 01:40:20 +03:00			`// Respond with the paste`
Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`pasteCopy := legacyFromModern(paste)`
			`pasteCopy.DeletionToken = modificationToken`
Implement deletion token hashing 2020-08-23 17:06:40 +03:00			`jsonData, err := json.Marshal(pasteCopy)`
Implement paste creation endpoint 2020-08-23 01:40:20 +03:00			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`
			`ctx.SetBody(jsonData)`
			`}`
Implement paste deletion endpoint 2020-08-23 01:45:30 +03:00
			`// v1DeletePaste handles the 'DELETE /v1/pastes/{id}'`
			`func v1DeletePaste(ctx *fasthttp.RequestCtx) {`
Switch from snowflake to random string ID system 2020-08-24 21:22:53 +03:00			`// Read the ID`
			`id := ctx.UserValue("id").(string)`
Implement paste deletion endpoint 2020-08-23 01:45:30 +03:00
			`// Unmarshal the body`
			`values := make(map[string]string)`
Switch from snowflake to random string ID system 2020-08-24 21:22:53 +03:00			`err := json.Unmarshal(ctx.PostBody(), &values)`
Implement paste deletion endpoint 2020-08-23 01:45:30 +03:00			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusBadRequest)`
			`ctx.SetBodyString("invalid request body")`
			`return`
			`}`

Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`// Validate the modification token of the paste`
			`modificationToken := values["deletionToken"]`
			`if modificationToken == "" {`
Implement paste deletion endpoint 2020-08-23 01:45:30 +03:00			`ctx.SetStatusCode(fasthttp.StatusBadRequest)`
			`ctx.SetBodyString("missing 'deletionToken' field")`
			`return`
			`}`

			`// Retrieve the paste`
			`paste, err := storage.Current.Get(id)`
			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`
			`if paste == nil {`
			`ctx.SetStatusCode(fasthttp.StatusNotFound)`
			`ctx.SetBodyString("paste not found")`
			`return`
			`}`

Implement API v2 (#13) * Add documentation notice * Rename the deletion token to modification token * Implement API basics * Implement paste modification endpoint (#10) * Implement paste metadata * Implement report webhook support * Document API * Document paste entity * Update syntax highlighting types (js -> jsonc) * Update migrator 2021-07-22 23:26:21 +03:00			`// Check if the modification token is correct`
			`if (config.Current.ModificationTokenMaster == "" \|\| modificationToken != config.Current.ModificationTokenMaster) && !paste.CheckModificationToken(modificationToken) {`
Implement paste deletion endpoint 2020-08-23 01:45:30 +03:00			`ctx.SetStatusCode(fasthttp.StatusForbidden)`
			`ctx.SetBodyString("invalid deletion token")`
			`return`
			`}`

			`// Delete the paste`
			`err = storage.Current.Delete(paste.ID)`
			`if err != nil {`
			`ctx.SetStatusCode(fasthttp.StatusInternalServerError)`
			`ctx.SetBodyString(err.Error())`
			`return`
			`}`

			`// Respond with 'ok'`
			`ctx.SetBodyString("ok")`
			`}`