FreePad/lib/routes/routes_admin.go

96 lines
2.1 KiB
Go
Raw Normal View History

package routes
import (
"encoding/hex"
"fmt"
"net/http"
"github.com/JustKato/FreePad/lib/controllers"
"github.com/JustKato/FreePad/lib/helper"
"github.com/JustKato/FreePad/lib/objects"
"github.com/gin-gonic/gin"
"crypto/sha512"
)
var adminLoginToken string = ""
func AdminRoutes(router *gin.RouterGroup) {
adminLoginToken = helper.GetAdminToken()
// Apply the admin middleware for identification
controllers.AdminMiddleware(router)
// Admin login route
router.GET("/login", func(ctx *gin.Context) {
ctx.HTML(200, "admin_login.html", gin.H{
"title": "Login Login",
"domain_base": helper.GetDomainBase(),
})
})
router.POST("/login", func(ctx *gin.Context) {
// Get the value of the admin token
adminToken := ctx.PostForm("admin-token")
// Check if the input admin token matches our admin token
if adminLoginToken != "" && adminLoginToken == adminToken {
sha512Hasher := sha512.New()
sha512Hasher.Write([]byte(adminToken))
// Set the cookie to be an admin
hashHexToken := sha512Hasher.Sum(nil)
hashToken := hex.EncodeToString(hashHexToken)
// Set the cookie
ctx.SetCookie("admin_token", hashToken, 60*60, "/", helper.GetDomainBase(), true, true)
ctx.Request.Method = "GET"
// Redirect the user to the admin page
ctx.Redirect(http.StatusFound, "/admin/view")
return
} else {
ctx.Request.Method = "GET"
// Redirect the user to the admin page
ctx.Redirect(http.StatusFound, "/admin/login?fail")
return
}
})
2022-06-03 22:59:44 +03:00
router.GET("/delete/:padname", func(ctx *gin.Context) {
2022-06-03 23:15:20 +03:00
// Get the pad name that we bout' to delete
padName := ctx.Param("padname")
2022-06-03 22:59:44 +03:00
2022-06-03 23:15:20 +03:00
// Try and get the pad, check if valid
pad := objects.GetPost(padName, false)
// Delete the pad
err := pad.Delete()
fmt.Println(err)
// Redirect the user to the admin page
ctx.Redirect(http.StatusFound, "/admin/view")
2022-06-03 22:59:44 +03:00
})
// Admin view route
router.GET("/view", func(ctx *gin.Context) {
// Get all of the pads as a listing
padList := objects.GetAllPosts()
ctx.HTML(200, "admin_view.html", gin.H{
"title": "Admin",
"padList": padList,
"domain_base": helper.GetDomainBase(),
})
})
}