lavender/web/web.go

113 lines
2.7 KiB
Go
Raw Normal View History

2024-11-28 00:16:07 +00:00
package web
import (
"embed"
"errors"
"github.com/1f349/lavender/logger"
"github.com/1f349/lavender/utils"
"github.com/1f349/overlapfs"
2025-01-10 00:37:43 +00:00
"html"
2024-11-28 00:16:07 +00:00
"html/template"
"io"
"io/fs"
"net/http"
"os"
"path/filepath"
"strings"
)
var (
//go:embed dist
webBuild embed.FS
webCombinedDir fs.FS
pageTemplates *template.Template
loadOnce utils.Once[error]
)
func LoadPages(wd string) error {
return loadOnce.Do(func() (err error) {
2025-01-10 00:37:43 +00:00
webCombinedDir = webBuild
2024-11-28 00:16:07 +00:00
if wd != "" {
webDir := filepath.Join(wd, "web")
err = os.Mkdir(webDir, os.ModePerm)
if err != nil && !errors.Is(err, fs.ErrExist) {
return err
}
wdFs := os.DirFS(webDir)
webCombinedDir = overlapfs.OverlapFS{A: webBuild, B: wdFs}
}
2025-01-10 00:37:43 +00:00
// TODO(melon): figure this out layer
webCombinedDir = webBuild
2024-11-28 00:16:07 +00:00
pageTemplates, err = template.New("web").Delims("[[", "]]").Funcs(template.FuncMap{
2025-01-10 00:37:43 +00:00
"emailHide": utils.EmailHide,
"renderOptionTag": renderOptionTag,
"renderCheckboxTag": renderCheckboxTag,
}).ParseFS(webCombinedDir, "dist/*.html")
2024-11-28 00:16:07 +00:00
return err
})
}
2025-01-10 00:37:43 +00:00
func renderOptionTag(value, display string, selectedValue string) template.HTML {
var selectedParam string
if value == selectedValue {
selectedParam = " selected"
}
return template.HTML("<option value=\"" + html.EscapeString(value) + "\"" + selectedParam + ">" + html.EscapeString(display) + "</option>")
}
func renderCheckboxTag(name, id string, checked bool) template.HTML {
var checkedParam string
if checked {
checkedParam = " checked"
}
return template.HTML("<input type=\"checkbox\" name=\"" + html.EscapeString(name) + "\" id=\"" + html.EscapeString(id) + "\"" + checkedParam + " />")
2024-12-09 18:40:18 +00:00
}
2024-11-28 00:16:07 +00:00
func RenderPageTemplate(wr io.Writer, name string, data any) {
2025-01-10 00:37:43 +00:00
p := name + ".html"
2024-12-09 18:40:18 +00:00
err := pageTemplates.ExecuteTemplate(wr, p, data)
2024-11-28 00:16:07 +00:00
if err != nil {
logger.Logger.Warn("Failed to render page", "name", name, "err", err)
}
}
func RenderWebAsset(rw http.ResponseWriter, req *http.Request, name string) {
2024-11-28 00:16:07 +00:00
// Disallow paths containing ".." - directory traversal is a security issue.
if containsDotDot(name) {
http.Error(rw, "400 Bad Request", http.StatusBadRequest)
}
2024-11-28 00:16:07 +00:00
// Disallow paths ending in ".html" - these should only be processed by HTML
// template.
if strings.HasSuffix(name, ".html") {
2024-11-28 00:16:07 +00:00
http.Error(rw, "404 Not Found", http.StatusNotFound)
return
}
// Enjoy the power of Go stdlib
http.ServeFileFS(rw, req, webCombinedDir, name)
}
// Go stdlib net/http/fs.go (containsDotDot)
func containsDotDot(v string) bool {
if !strings.Contains(v, "..") {
return false
}
for _, ent := range strings.FieldsFunc(v, isSlashRune) {
if ent == ".." {
return true
}
}
return false
}
// Go stdlib net/http/fs.go (isSlashRune)
func isSlashRune(r rune) bool { return r == '/' || r == '\\' }