package main import ( "errors" "github.com/gin-gonic/gin" "github.com/ordinary-dev/phoenix/backend" "github.com/ordinary-dev/phoenix/views" "log" "net/http" "strconv" ) func main() { db, err := backend.GetDatabaseConnection() if err != nil { log.Fatal(err) } r := gin.Default() r.LoadHTMLGlob("templates/*") r.Static("/assets", "./assets") // Main page r.GET("/", func(c *gin.Context) { views.RequireAuth(c, db) groups, err := backend.GetGroups(db) if err != nil { views.ShowError(c, err) return } c.HTML(http.StatusOK, "index.html.tmpl", gin.H{ "groups": groups, }) }) // Settings r.GET("/settings", func(c *gin.Context) { views.RequireAuth(c, db) groups, err := backend.GetGroups(db) if err != nil { views.ShowError(c, err) return } c.HTML(http.StatusOK, "settings.html.tmpl", gin.H{ "groups": groups, }) }) // Create new user r.POST("/users", func(c *gin.Context) { // If at least 1 administator exists, require authorization if backend.CountAdmins(db) > 0 { tokenValue, err := c.Cookie("phoenix-token") // Anonymous visitor if err != nil { err = errors.New("At least 1 user exists, you have to sign in first") views.ShowError(c, err) return } err = backend.ValidateToken(db, tokenValue) if err != nil { views.ShowError(c, err) return } } // User is authorized or no user exists. // Try to create a user. username := c.PostForm("username") password := c.PostForm("password") admin, err := backend.CreateAdmin(db, username, password) if err != nil { views.ShowError(c, err) return } // Generate access token. token, err := backend.CreateAccessToken(db, admin.ID) if err != nil { views.ShowError(c, err) return } backend.SetTokenCookie(c, token) // Redirect to homepage. c.Redirect(http.StatusFound, "/") }) // Create new group r.POST("/groups", func(c *gin.Context) { views.RequireAuth(c, db) groupName := c.PostForm("groupName") _, err := backend.CreateGroup(db, groupName) if err != nil { views.ShowError(c, err) return } // Redirect to settings. c.Redirect(http.StatusFound, "/settings") }) // Create new link r.POST("/links", func(c *gin.Context) { views.RequireAuth(c, db) linkName := c.PostForm("linkName") href := c.PostForm("href") groupID, err := strconv.ParseUint(c.PostForm("groupID"), 10, 32) if err != nil { views.ShowError(c, err) return } _, err = backend.CreateLink(db, linkName, href, groupID) if err != nil { views.ShowError(c, err) return } // Redirect to settings. c.Redirect(http.StatusFound, "/settings") }) // Update link r.POST("/links/:id/put", func(c *gin.Context) { views.RequireAuth(c, db) id, err := strconv.ParseUint(c.Param("id"), 10, 64) if err != nil { views.ShowError(c, err) return } linkName := c.PostForm("linkName") href := c.PostForm("href") _, err = backend.UpdateLink(db, id, linkName, href) if err != nil { views.ShowError(c, err) return } // Redirect to settings. c.Redirect(http.StatusFound, "/settings") }) // Delete link r.POST("/links/:id/delete", func(c *gin.Context) { views.RequireAuth(c, db) id, err := strconv.ParseUint(c.Param("id"), 10, 64) if err != nil { views.ShowError(c, err) return } err = backend.DeleteLink(db, id) if err != nil { views.ShowError(c, err) return } // Redirect to settings. c.Redirect(http.StatusFound, "/settings") }) r.POST("/signin", func(c *gin.Context) { // Check credentials. username := c.PostForm("username") password := c.PostForm("password") admin, err := backend.AuthorizeAdmin(db, username, password) if err != nil { views.ShowError(c, err) return } // Generate an access token. token, err := backend.CreateAccessToken(db, admin.ID) if err != nil { views.ShowError(c, err) return } backend.SetTokenCookie(c, token) // Redirect to homepage. c.Redirect(http.StatusFound, "/") }) r.Run() }