mirror of
				https://github.com/lus/pasty.git
				synced 2023-08-10 21:13:09 +03:00 
			
		
		
		
	Implement API basics
This commit is contained in:
		| @@ -77,7 +77,7 @@ Pasty will be available at http://localhost:8080. | |||||||
| | `PASTY_HASTEBIN_SUPPORT`          | `false`       | `bool`   | Defines whether or not the `POST /documents` endpoint should be enabled, as known from the hastebin servers                | | | `PASTY_HASTEBIN_SUPPORT`          | `false`       | `bool`   | Defines whether or not the `POST /documents` endpoint should be enabled, as known from the hastebin servers                | | ||||||
| | `PASTY_ID_LENGTH`                 | `6`           | `number` | Defines the length of the ID of a paste                                                                                    | | | `PASTY_ID_LENGTH`                 | `6`           | `number` | Defines the length of the ID of a paste                                                                                    | | ||||||
| | `PASTY_MODIFICATION_TOKENS`       | `true`        | `bool`   | Defines whether or not modification tokens should be generated                                                             | | | `PASTY_MODIFICATION_TOKENS`       | `true`        | `bool`   | Defines whether or not modification tokens should be generated                                                             | | ||||||
| | `PASTY_MODIFICATION_TOKEN_MASTER` | ``            | `string` | Defines the master modification token which is authorized to modify every paste (even if modification tokens are disabled) | | | `PASTY_MODIFICATION_TOKEN_MASTER` | `<empty>`     | `string` | Defines the master modification token which is authorized to modify every paste (even if modification tokens are disabled) | | ||||||
| | `PASTY_MODIFICATION_TOKEN_LENGTH` | `12`          | `number` | Defines the length of the modification token of a paste                                                                    | | | `PASTY_MODIFICATION_TOKEN_LENGTH` | `12`          | `number` | Defines the length of the modification token of a paste                                                                    | | ||||||
| | `PASTY_RATE_LIMIT`                | `30-M`        | `string` | Defines the rate limit of the API (see https://github.com/ulule/limiter#usage)                                             | | | `PASTY_RATE_LIMIT`                | `30-M`        | `string` | Defines the rate limit of the API (see https://github.com/ulule/limiter#usage)                                             | | ||||||
| | `PASTY_LENGTH_CAP`                | `50000`       | `number` | Defines the maximum amount of characters a paste is allowed to contain (a value `<= 0` means no limit)                     | | | `PASTY_LENGTH_CAP`                | `50000`       | `number` | Defines the maximum amount of characters a paste is allowed to contain (a value `<= 0` means no limit)                     | | ||||||
|   | |||||||
							
								
								
									
										174
									
								
								internal/web/controllers/v2/pastes.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										174
									
								
								internal/web/controllers/v2/pastes.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,174 @@ | |||||||
|  | package v2 | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"encoding/json" | ||||||
|  | 	"strings" | ||||||
|  | 	"time" | ||||||
|  |  | ||||||
|  | 	"github.com/fasthttp/router" | ||||||
|  | 	"github.com/lus/pasty/internal/config" | ||||||
|  | 	"github.com/lus/pasty/internal/shared" | ||||||
|  | 	"github.com/lus/pasty/internal/storage" | ||||||
|  | 	"github.com/lus/pasty/internal/utils" | ||||||
|  | 	limitFasthttp "github.com/ulule/limiter/v3/drivers/middleware/fasthttp" | ||||||
|  | 	"github.com/valyala/fasthttp" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // InitializePastesController initializes the '/v2/pastes/*' controller | ||||||
|  | func InitializePastesController(group *router.Group, rateLimiterMiddleware *limitFasthttp.Middleware) { | ||||||
|  | 	// moms spaghetti | ||||||
|  | 	group.GET("/{id}", rateLimiterMiddleware.Handle(middlewareInjectPaste(endpointGetPaste))) | ||||||
|  | 	group.POST("/", rateLimiterMiddleware.Handle(endpointCreatePaste)) | ||||||
|  | 	group.DELETE("/{id}", rateLimiterMiddleware.Handle(middlewareInjectPaste(middlewareValidateModificationToken(endpointDeletePaste)))) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // middlewareInjectPaste retrieves and injects the paste with the specified ID | ||||||
|  | func middlewareInjectPaste(next fasthttp.RequestHandler) fasthttp.RequestHandler { | ||||||
|  | 	return func(ctx *fasthttp.RequestCtx) { | ||||||
|  | 		pasteID := ctx.UserValue("id").(string) | ||||||
|  |  | ||||||
|  | 		paste, err := storage.Current.Get(pasteID) | ||||||
|  | 		if err != nil { | ||||||
|  | 			ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 			ctx.SetBodyString(err.Error()) | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  | 		if paste == nil { | ||||||
|  | 			ctx.SetStatusCode(fasthttp.StatusNotFound) | ||||||
|  | 			ctx.SetBodyString("paste not found") | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		ctx.SetUserValue("_paste", paste) | ||||||
|  |  | ||||||
|  | 		next(ctx) | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // middlewareValidateModificationToken extracts and validates a given modification token for an injected paste | ||||||
|  | func middlewareValidateModificationToken(next fasthttp.RequestHandler) fasthttp.RequestHandler { | ||||||
|  | 	return func(ctx *fasthttp.RequestCtx) { | ||||||
|  | 		paste := ctx.UserValue("_paste").(*shared.Paste) | ||||||
|  |  | ||||||
|  | 		authHeaderSplit := strings.SplitN(string(ctx.Request.Header.Peek("Authorization")), " ", 2) | ||||||
|  | 		if len(authHeaderSplit) < 2 || authHeaderSplit[0] != "Bearer" { | ||||||
|  | 			ctx.SetStatusCode(fasthttp.StatusUnauthorized) | ||||||
|  | 			ctx.SetBodyString("unauthorized") | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		modificationToken := authHeaderSplit[1] | ||||||
|  | 		if config.Current.ModificationTokenMaster != "" && modificationToken == config.Current.ModificationTokenMaster { | ||||||
|  | 			next(ctx) | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  | 		valid := paste.CheckModificationToken(modificationToken) | ||||||
|  | 		if !valid { | ||||||
|  | 			ctx.SetStatusCode(fasthttp.StatusUnauthorized) | ||||||
|  | 			ctx.SetBodyString("unauthorized") | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		next(ctx) | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // endpointGetPaste handles the 'GET /v2/pastes/{id}' endpoint | ||||||
|  | func endpointGetPaste(ctx *fasthttp.RequestCtx) { | ||||||
|  | 	paste := ctx.UserValue("_paste").(*shared.Paste) | ||||||
|  | 	paste.DeletionToken = "" | ||||||
|  | 	paste.ModificationToken = "" | ||||||
|  |  | ||||||
|  | 	jsonData, err := json.Marshal(paste) | ||||||
|  | 	if err != nil { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 		ctx.SetBodyString(err.Error()) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	ctx.SetBody(jsonData) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | type endpointCreatePastePayload struct { | ||||||
|  | 	Content string `json:"content"` | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // endpointCreatePaste handles the 'POST /v2/pastes' endpoint | ||||||
|  | func endpointCreatePaste(ctx *fasthttp.RequestCtx) { | ||||||
|  | 	// Read, parse and validate the request payload | ||||||
|  | 	payload := new(endpointCreatePastePayload) | ||||||
|  | 	if err := json.Unmarshal(ctx.PostBody(), payload); err != nil { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 		ctx.SetBodyString(err.Error()) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	if payload.Content == "" { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusBadRequest) | ||||||
|  | 		ctx.SetBodyString("missing paste content") | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	if config.Current.LengthCap > 0 && len(payload.Content) > config.Current.LengthCap { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusBadRequest) | ||||||
|  | 		ctx.SetBodyString("too large paste content") | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Acquire a new paste ID | ||||||
|  | 	id, err := storage.AcquireID() | ||||||
|  | 	if err != nil { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 		ctx.SetBodyString(err.Error()) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Prepare the paste object | ||||||
|  | 	paste := &shared.Paste{ | ||||||
|  | 		ID:         id, | ||||||
|  | 		Content:    payload.Content, | ||||||
|  | 		Created:    time.Now().Unix(), | ||||||
|  | 		AutoDelete: config.Current.AutoDelete.Enabled, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Create a new modification token if enabled | ||||||
|  | 	modificationToken := "" | ||||||
|  | 	if config.Current.ModificationTokens { | ||||||
|  | 		modificationToken = utils.RandomString(config.Current.ModificationTokenLength) | ||||||
|  | 		paste.ModificationToken = modificationToken | ||||||
|  |  | ||||||
|  | 		err = paste.HashModificationToken() | ||||||
|  | 		if err != nil { | ||||||
|  | 			ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 			ctx.SetBodyString(err.Error()) | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Save the paste | ||||||
|  | 	err = storage.Current.Save(paste) | ||||||
|  | 	if err != nil { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 		ctx.SetBodyString(err.Error()) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Respond with the paste | ||||||
|  | 	pasteCopy := *paste | ||||||
|  | 	pasteCopy.ModificationToken = modificationToken | ||||||
|  | 	jsonData, err := json.Marshal(pasteCopy) | ||||||
|  | 	if err != nil { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 		ctx.SetBodyString(err.Error()) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	ctx.SetStatusCode(fasthttp.StatusCreated) | ||||||
|  | 	ctx.SetBody(jsonData) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // endpointDeletePaste handles the 'DELETE /v2/pastes/{id}' endpoint | ||||||
|  | func endpointDeletePaste(ctx *fasthttp.RequestCtx) { | ||||||
|  | 	paste := ctx.UserValue("_paste").(*shared.Paste) | ||||||
|  | 	if err := storage.Current.Delete(paste.ID); err != nil { | ||||||
|  | 		ctx.SetStatusCode(fasthttp.StatusInternalServerError) | ||||||
|  | 		ctx.SetBodyString(err.Error()) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | } | ||||||
| @@ -10,6 +10,7 @@ import ( | |||||||
| 	"github.com/lus/pasty/internal/static" | 	"github.com/lus/pasty/internal/static" | ||||||
| 	"github.com/lus/pasty/internal/storage" | 	"github.com/lus/pasty/internal/storage" | ||||||
| 	v1 "github.com/lus/pasty/internal/web/controllers/v1" | 	v1 "github.com/lus/pasty/internal/web/controllers/v1" | ||||||
|  | 	v2 "github.com/lus/pasty/internal/web/controllers/v2" | ||||||
| 	"github.com/ulule/limiter/v3" | 	"github.com/ulule/limiter/v3" | ||||||
| 	limitFasthttp "github.com/ulule/limiter/v3/drivers/middleware/fasthttp" | 	limitFasthttp "github.com/ulule/limiter/v3/drivers/middleware/fasthttp" | ||||||
| 	"github.com/ulule/limiter/v3/drivers/store/memory" | 	"github.com/ulule/limiter/v3/drivers/store/memory" | ||||||
| @@ -67,6 +68,18 @@ func Serve() error { | |||||||
| 			}) | 			}) | ||||||
| 			v1.InitializePastesController(v1Route.Group("/pastes"), rateLimiterMiddleware) | 			v1.InitializePastesController(v1Route.Group("/pastes"), rateLimiterMiddleware) | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | 		v2Route := apiRoute.Group("/v2") | ||||||
|  | 		{ | ||||||
|  | 			v2Route.GET("/info", func(ctx *fasthttp.RequestCtx) { | ||||||
|  | 				jsonData, _ := json.Marshal(map[string]interface{}{ | ||||||
|  | 					"version":            static.Version, | ||||||
|  | 					"modificationTokens": config.Current.ModificationTokens, | ||||||
|  | 				}) | ||||||
|  | 				ctx.SetBody(jsonData) | ||||||
|  | 			}) | ||||||
|  | 			v2.InitializePastesController(v2Route.Group("/pastes"), rateLimiterMiddleware) | ||||||
|  | 		} | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	// Route the hastebin documents route if hastebin support is enabled | 	// Route the hastebin documents route if hastebin support is enabled | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Lukas Schulte Pelkum
					Lukas Schulte Pelkum