Daniel Legt
26619bacbc
- Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
199 lines
4.9 KiB
Go
199 lines
4.9 KiB
Go
package handlers
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"encoding/hex"
|
|
"net/http"
|
|
"time"
|
|
|
|
"warpbox.dev/backend/libs/services"
|
|
"warpbox.dev/backend/libs/web"
|
|
)
|
|
|
|
const adminCookieName = "warpbox_admin"
|
|
|
|
type adminPageData struct {
|
|
Stats services.AdminStats
|
|
Boxes []adminBoxView
|
|
Error string
|
|
}
|
|
|
|
type adminBoxView struct {
|
|
ID string
|
|
CreatedAt string
|
|
ExpiresAt string
|
|
FileCount int
|
|
TotalSizeLabel string
|
|
DownloadCount int
|
|
MaxDownloads int
|
|
Protected bool
|
|
Expired bool
|
|
}
|
|
|
|
func (a *App) AdminLogin(w http.ResponseWriter, r *http.Request) {
|
|
if a.isAdmin(r) {
|
|
http.Redirect(w, r, "/admin", http.StatusSeeOther)
|
|
return
|
|
}
|
|
a.renderAdminLogin(w, http.StatusOK, "")
|
|
}
|
|
|
|
func (a *App) AdminLoginPost(w http.ResponseWriter, r *http.Request) {
|
|
if err := r.ParseForm(); err != nil {
|
|
a.renderAdminLogin(w, http.StatusBadRequest, "Unable to read login form.")
|
|
return
|
|
}
|
|
if a.cfg.AdminToken == "" || r.FormValue("token") != a.cfg.AdminToken {
|
|
a.logger.Warn("admin login failed", "source", "admin", "severity", "warn", "code", 4301)
|
|
a.renderAdminLogin(w, http.StatusUnauthorized, "Invalid admin token.")
|
|
return
|
|
}
|
|
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: adminCookieName,
|
|
Value: adminCookieValue(a.cfg.AdminToken),
|
|
Path: "/admin",
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteLaxMode,
|
|
Secure: r.TLS != nil,
|
|
Expires: time.Now().Add(12 * time.Hour),
|
|
})
|
|
a.logger.Info("admin login", "source", "admin", "severity", "user_activity", "code", 2301)
|
|
http.Redirect(w, r, "/admin", http.StatusSeeOther)
|
|
}
|
|
|
|
func (a *App) AdminLogout(w http.ResponseWriter, r *http.Request) {
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: adminCookieName,
|
|
Value: "",
|
|
Path: "/admin",
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteLaxMode,
|
|
MaxAge: -1,
|
|
})
|
|
http.Redirect(w, r, "/admin/login", http.StatusSeeOther)
|
|
}
|
|
|
|
func (a *App) AdminDashboard(w http.ResponseWriter, r *http.Request) {
|
|
if !a.requireAdmin(w, r) {
|
|
return
|
|
}
|
|
|
|
stats, err := a.uploadService.AdminStats()
|
|
if err != nil {
|
|
http.Error(w, "unable to load admin stats", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
boxes, err := a.adminBoxes(8)
|
|
if err != nil {
|
|
http.Error(w, "unable to load recent boxes", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
a.renderer.Render(w, http.StatusOK, "admin.html", web.PageData{
|
|
Title: "Admin overview",
|
|
Description: "Warpbox admin overview.",
|
|
Data: adminPageData{
|
|
Stats: stats,
|
|
Boxes: boxes,
|
|
},
|
|
})
|
|
}
|
|
|
|
func (a *App) AdminFiles(w http.ResponseWriter, r *http.Request) {
|
|
if !a.requireAdmin(w, r) {
|
|
return
|
|
}
|
|
|
|
stats, err := a.uploadService.AdminStats()
|
|
if err != nil {
|
|
http.Error(w, "unable to load admin stats", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
boxes, err := a.adminBoxes(100)
|
|
if err != nil {
|
|
http.Error(w, "unable to load boxes", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
a.renderer.Render(w, http.StatusOK, "admin.html", web.PageData{
|
|
Title: "Admin files",
|
|
Description: "Manage Warpbox uploads.",
|
|
Data: adminPageData{
|
|
Stats: stats,
|
|
Boxes: boxes,
|
|
},
|
|
})
|
|
}
|
|
|
|
func (a *App) AdminDeleteBox(w http.ResponseWriter, r *http.Request) {
|
|
if !a.requireAdmin(w, r) {
|
|
return
|
|
}
|
|
|
|
boxID := r.PathValue("boxID")
|
|
if err := a.uploadService.DeleteBox(boxID); err != nil {
|
|
a.logger.Warn("admin delete failed", "source", "admin", "severity", "warn", "code", 4302, "box_id", boxID, "error", err.Error())
|
|
http.Error(w, "unable to delete box", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
http.Redirect(w, r, "/admin/files", http.StatusSeeOther)
|
|
}
|
|
|
|
func (a *App) renderAdminLogin(w http.ResponseWriter, status int, message string) {
|
|
a.renderer.Render(w, status, "admin_login.html", web.PageData{
|
|
Title: "Admin login",
|
|
Description: "Sign in to the Warpbox admin console.",
|
|
Data: adminPageData{
|
|
Error: message,
|
|
},
|
|
})
|
|
}
|
|
|
|
func (a *App) adminBoxes(limit int) ([]adminBoxView, error) {
|
|
boxes, err := a.uploadService.AdminBoxes(limit)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
rows := make([]adminBoxView, 0, len(boxes))
|
|
for _, box := range boxes {
|
|
rows = append(rows, adminBoxView{
|
|
ID: box.ID,
|
|
CreatedAt: box.CreatedAt.Format("Jan 2 15:04"),
|
|
ExpiresAt: box.ExpiresAt.Format("Jan 2 15:04"),
|
|
FileCount: box.FileCount,
|
|
TotalSizeLabel: box.TotalSizeLabel,
|
|
DownloadCount: box.DownloadCount,
|
|
MaxDownloads: box.MaxDownloads,
|
|
Protected: box.Protected,
|
|
Expired: box.Expired,
|
|
})
|
|
}
|
|
return rows, nil
|
|
}
|
|
|
|
func (a *App) requireAdmin(w http.ResponseWriter, r *http.Request) bool {
|
|
if a.isAdmin(r) {
|
|
return true
|
|
}
|
|
http.Redirect(w, r, "/admin/login", http.StatusSeeOther)
|
|
return false
|
|
}
|
|
|
|
func (a *App) isAdmin(r *http.Request) bool {
|
|
if a.cfg.AdminToken == "" {
|
|
return false
|
|
}
|
|
cookie, err := r.Cookie(adminCookieName)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
return cookie.Value == adminCookieValue(a.cfg.AdminToken)
|
|
}
|
|
|
|
func adminCookieValue(token string) string {
|
|
sum := sha256.Sum256([]byte("warpbox-admin:" + token))
|
|
return hex.EncodeToString(sum[:])
|
|
}
|