2022-06-02 23:53:32 +03:00
|
|
|
package routes
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/hex"
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
"github.com/JustKato/FreePad/lib/controllers"
|
|
|
|
"github.com/JustKato/FreePad/lib/helper"
|
2022-06-03 22:56:19 +03:00
|
|
|
"github.com/JustKato/FreePad/lib/objects"
|
2022-06-02 23:53:32 +03:00
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
|
|
|
"crypto/sha512"
|
|
|
|
)
|
|
|
|
|
|
|
|
var adminLoginToken string = ""
|
|
|
|
|
|
|
|
func AdminRoutes(router *gin.RouterGroup) {
|
|
|
|
|
|
|
|
adminLoginToken = helper.GetAdminToken()
|
|
|
|
|
|
|
|
// Apply the admin middleware for identification
|
|
|
|
controllers.AdminMiddleware(router)
|
|
|
|
|
|
|
|
// Admin login route
|
|
|
|
router.GET("/login", func(ctx *gin.Context) {
|
|
|
|
ctx.HTML(200, "admin_login.html", gin.H{
|
|
|
|
"title": "Login Login",
|
|
|
|
"domain_base": helper.GetDomainBase(),
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
router.POST("/login", func(ctx *gin.Context) {
|
|
|
|
|
|
|
|
// Get the value of the admin token
|
|
|
|
adminToken := ctx.PostForm("admin-token")
|
|
|
|
|
|
|
|
// Check if the input admin token matches our admin token
|
|
|
|
if adminLoginToken != "" && adminLoginToken == adminToken {
|
|
|
|
|
|
|
|
sha512Hasher := sha512.New()
|
|
|
|
sha512Hasher.Write([]byte(adminToken))
|
|
|
|
|
|
|
|
// Set the cookie to be an admin
|
|
|
|
hashHexToken := sha512Hasher.Sum(nil)
|
|
|
|
hashToken := hex.EncodeToString(hashHexToken)
|
|
|
|
|
|
|
|
// Set the cookie
|
|
|
|
ctx.SetCookie("admin_token", hashToken, 60*60, "/", helper.GetDomainBase(), true, true)
|
|
|
|
|
|
|
|
ctx.Request.Method = "GET"
|
|
|
|
|
|
|
|
// Redirect the user to the admin page
|
2022-06-03 22:56:19 +03:00
|
|
|
ctx.Redirect(http.StatusFound, "/admin/view")
|
2022-06-02 23:53:32 +03:00
|
|
|
return
|
|
|
|
} else {
|
|
|
|
ctx.Request.Method = "GET"
|
|
|
|
|
|
|
|
// Redirect the user to the admin page
|
2022-06-03 22:56:19 +03:00
|
|
|
ctx.Redirect(http.StatusFound, "/admin/login?fail")
|
2022-06-02 23:53:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
})
|
|
|
|
|
2022-06-03 22:59:44 +03:00
|
|
|
router.GET("/delete/:padname", func(ctx *gin.Context) {
|
2022-06-03 23:15:20 +03:00
|
|
|
// Get the pad name that we bout' to delete
|
|
|
|
padName := ctx.Param("padname")
|
2022-06-03 22:59:44 +03:00
|
|
|
|
2022-06-03 23:15:20 +03:00
|
|
|
// Try and get the pad, check if valid
|
|
|
|
pad := objects.GetPost(padName, false)
|
|
|
|
|
|
|
|
// Delete the pad
|
|
|
|
err := pad.Delete()
|
|
|
|
fmt.Println(err)
|
|
|
|
|
|
|
|
// Redirect the user to the admin page
|
|
|
|
ctx.Redirect(http.StatusFound, "/admin/view")
|
2022-06-03 22:59:44 +03:00
|
|
|
})
|
|
|
|
|
2022-06-02 23:53:32 +03:00
|
|
|
// Admin view route
|
2022-06-03 22:56:19 +03:00
|
|
|
router.GET("/view", func(ctx *gin.Context) {
|
2022-06-02 23:53:32 +03:00
|
|
|
|
2022-06-03 22:56:19 +03:00
|
|
|
// Get all of the pads as a listing
|
|
|
|
padList := objects.GetAllPosts()
|
|
|
|
|
|
|
|
ctx.HTML(200, "admin_view.html", gin.H{
|
|
|
|
"title": "Admin",
|
|
|
|
"padList": padList,
|
|
|
|
"domain_base": helper.GetDomainBase(),
|
2022-06-02 23:53:32 +03:00
|
|
|
})
|
2022-06-03 22:56:19 +03:00
|
|
|
|
2022-06-02 23:53:32 +03:00
|
|
|
})
|
|
|
|
|
|
|
|
}
|