1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
package main
import (
"log"
"net/http"
"os"
"path"
"path/filepath"
"strconv"
"time"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
"github.com/google/uuid"
"github.com/neonxp/sendsafe/internal/renderer"
"github.com/neonxp/sendsafe/internal/storer"
)
var workDir, _ = os.Getwd()
func main() {
s, err := storer.New(path.Join(workDir, "memos.db"))
if err != nil {
log.Fatal(err)
}
r := chi.NewRouter()
r.Use(middleware.Logger)
r.Use(middleware.Recoverer)
r.Use(middleware.Compress(9))
tpl, err := renderer.New(path.Join(workDir, "templates"))
if err != nil {
log.Fatal(err)
}
r.Get("/", func(rw http.ResponseWriter, _ *http.Request) {
csrf := uuid.NewString()
http.SetCookie(rw, &http.Cookie{
Name: "csrf",
Value: csrf,
Expires: time.Now().Add(30 * time.Minute),
HttpOnly: true,
})
if err := tpl.Render("index.gohtml", renderer.Map{"csrf": csrf}, rw); err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
}
})
r.Post("/save", func(rw http.ResponseWriter, r *http.Request) {
if err := r.ParseForm(); err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
secret := r.FormValue("secret")
days, err := strconv.Atoi(r.FormValue("days"))
if err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
hours, err := strconv.Atoi(r.FormValue("hours"))
if err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
minutes, err := strconv.Atoi(r.FormValue("minutes"))
if err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
pin := r.FormValue("pin")
csrf := r.FormValue("csrf")
csrfCookie, err := r.Cookie("csrf")
if err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
if csrfCookie.Value != csrf {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
ttl := days*24*60 + hours*60 + minutes
id, err := s.Save(secret, pin, ttl)
if err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
return
}
if err := tpl.Render("save.gohtml", renderer.Map{"id": id}, rw); err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
}
})
r.Get("/s/{id}", func(rw http.ResponseWriter, r *http.Request) {
id := chi.URLParam(r, "id")
secret, err := s.Get(id, "")
if err != nil {
log.Println(err)
_ = tpl.Render("notfound.gohtml", nil, rw)
return
}
if err := tpl.Render("memo.gohtml", renderer.Map{"secret": secret}, rw); err != nil {
log.Println(err)
_ = tpl.Render("error.gohtml", nil, rw)
}
})
filesDir := http.Dir(filepath.Join(workDir, "public"))
r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
fs := http.StripPrefix("/", http.FileServer(filesDir))
fs.ServeHTTP(w, r)
})
if err := http.ListenAndServe(":3000", r); err != nil {
log.Fatal(err)
}
}
|
