MVP, no mod tools or anything but it works

http/admin/handler.go

@@ -0,0 +1,119 @@
+package admin
+
+import (
+	"bytes"
+	"github.com/GeertJohan/go.rice"
+	"github.com/icza/session"
+	"github.com/pressly/chi"
+	"github.com/tidwall/buntdb"
+	"go.rls.moe/nyx/http/errw"
+	"go.rls.moe/nyx/http/middle"
+	"go.rls.moe/nyx/resources"
+	"html/template"
+	"net/http"
+	"time"
+)
+
+var riceConf = rice.Config{
+	LocateOrder: []rice.LocateMethod{
+		rice.LocateWorkingDirectory,
+		rice.LocateEmbedded,
+		rice.LocateAppended,
+	},
+}
+
+var box = riceConf.MustFindBox("http/admin/res/")
+
+var (
+	panelTmpl = template.New("admin/panel")
+	loginTmpl = template.New("admin/login")
+)
+
+func init() {
+	var err error
+	panelTmpl, err = panelTmpl.Parse(box.MustString("panel.html"))
+	if err != nil {
+		panic(err)
+	}
+	loginTmpl, err = loginTmpl.Parse(box.MustString("index.html"))
+	if err != nil {
+		panic(err)
+	}
+}
+
+// Router sets up the Administration Panel
+// It **must** be setup on the /admin/ basepath
+func Router(r chi.Router) {
+	r.Get("/", serveLogin)
+	r.Get("/index.html", serveLogin)
+	r.Get("/panel.html", servePanel)
+	r.Post("/new_board.sh", handleNewBoard)
+	r.Post("/login.sh", handleLogin)
+	r.Post("/logout.sh", handleLogout)
+}
+
+func serveLogin(w http.ResponseWriter, r *http.Request) {
+	dat := bytes.NewBuffer([]byte{})
+	err := loginTmpl.Execute(dat, middle.GetBaseCtx(r))
+	if err != nil {
+		errw.ErrorWriter(err, w, r)
+		return
+	}
+	http.ServeContent(w, r, "index.html", time.Now(),
+		bytes.NewReader(dat.Bytes()))
+}
+
+func servePanel(w http.ResponseWriter, r *http.Request) {
+	sess := middle.GetSession(r)
+	if sess == nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		w.Write([]byte("Unauthorized"))
+		return
+	}
+	dat := bytes.NewBuffer([]byte{})
+	err := panelTmpl.Execute(dat, middle.GetBaseCtx(r))
+	if err != nil {
+		errw.ErrorWriter(err, w, r)
+		return
+	}
+	http.ServeContent(w, r, "panel.html", time.Now(),
+		bytes.NewReader(dat.Bytes()))
+}
+
+func handleLogout(w http.ResponseWriter, r *http.Request) {
+	sess := middle.GetSession(r)
+	if sess == nil {
+		http.Redirect(w, r, "/admin/index.html", http.StatusSeeOther)
+	}
+	session.Remove(sess, w)
+	http.Redirect(w, r, "/admin/index.html", http.StatusSeeOther)
+}
+func handleLogin(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		errw.ErrorWriter(err, w, r)
+	}
+	db := middle.GetDB(r)
+
+	var admin = &resources.AdminPass{}
+	err = db.View(func(tx *buntdb.Tx) error {
+		var err error
+		admin, err = resources.GetAdmin(tx, r.FormValue("id"))
+		return err
+	})
+	if err != nil {
+		err = errw.MakeErrorWithTitle("Access Denied", "User or Password Invalid")
+		errw.ErrorWriter(err, w, r)
+	}
+	err = admin.VerifyLogin(r.FormValue("pass"))
+	if err != nil {
+		err = errw.MakeErrorWithTitle("Access Denied", "User or Password Invalid")
+		errw.ErrorWriter(err, w, r)
+	}
+	sess := session.NewSessionOptions(&session.SessOptions{
+		CAttrs: map[string]interface{}{"mode": "admin"},
+	})
+	session.Add(sess, w)
+
+	http.Redirect(w, r, "/admin/panel.html", http.StatusSeeOther)
+}

http/admin/newboard.go

@@ -0,0 +1,58 @@
+package admin
+
+import (
+	"errors"
+	"github.com/tidwall/buntdb"
+	"go.rls.moe/nyx/http/errw"
+	"go.rls.moe/nyx/http/middle"
+	"go.rls.moe/nyx/resources"
+	"net/http"
+)
+
+func handleNewBoard(w http.ResponseWriter, r *http.Request) {
+	sess := middle.GetSession(r)
+	if sess == nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		w.Write([]byte("Unauthorized"))
+		return
+	}
+	if sess.CAttr("mode") != "admin" {
+		w.WriteHeader(http.StatusUnauthorized)
+		w.Write([]byte("Unauthorized"))
+		return
+	}
+
+	err := r.ParseForm()
+	if err != nil {
+		errw.ErrorWriter(err, w, r)
+	}
+	db := middle.GetDB(r)
+
+	var board = &resources.Board{}
+
+	board.ShortName = r.FormValue("shortname")
+	board.LongName = r.FormValue("longname")
+
+	if board.ShortName == "" {
+		errw.ErrorWriter(errors.New("Need shortname"), w, r)
+		return
+	}
+
+	if board.ShortName == "admin" && board.ShortName == "@" {
+		errw.ErrorWriter(errors.New("No"), w, r)
+	}
+
+	if board.LongName == "" && len(board.LongName) < 5 {
+		errw.ErrorWriter(errors.New("Need 5 characters for long name"), w, r)
+		return
+	}
+
+	if err = db.Update(func(tx *buntdb.Tx) error {
+		return resources.NewBoard(tx, r.Host, board)
+	}); err != nil {
+		errw.ErrorWriter(err, w, r)
+		return
+	}
+
+	http.Redirect(w, r, "/admin/panel.html", http.StatusSeeOther)
+}

http/admin/res/index.html

@@ -0,0 +1,41 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>{{.Config.Site.Title}} Admin Login</title>
+    <link rel="stylesheet" href="/@/style.css">
+    <link rel="stylesheet" href="/@/custom.css">
+    <link rel="stylesheet" href="/@/admin.css">
+</head>
+<body>
+    <div class="admin login">
+        <form action="/admin/login.sh" method="POST">
+            <input
+                type="hidden"
+                name="csrf_token"
+                value="{{ .CSRFToken }}" />
+            <div class="admin form row">
+                <input
+                        class="admin form input"
+                        type="text"
+                        name="id"
+                        placeholder="admin id"
+                        minlength="3"/>
+            </div>
+            <div class="admin form row">
+                <input
+                        class="admin form input"
+                        type="password"
+                        name="pass"
+                        placeholder="password"
+                        minlength="3"/>
+            </div>
+            <div class="admin form row">
+                <input class="admin form input halfsize" type="submit" value="Login"/>
+                <input class="admin form input halfsize" type="reset" value="Reset"/>
+            </div>
+        </form>
+    </div>
+</body>
+</html>

http/admin/res/panel.html

@@ -0,0 +1,57 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>{{.Config.Site.Title}} Admin Panel</title>
+    <link rel="stylesheet" href="/@/style.css">
+    <link rel="stylesheet" href="/@/custom.css">
+    <link rel="stylesheet" href="/@/admin.css">
+</head>
+<body>
+<div class="welcome">
+    Welcome {{.Admin.Id}}<br>
+    <form class="form logout" method="POST" action="/admin/logout.sh">
+        <input
+                type="hidden"
+                name="csrf_token"
+                value="{{ .CSRFToken }}" />
+        <input type="submit" value="Logout" />
+    </form>
+</div>
+<div class="panel boardmgr">
+    <form method="POST" action="/admin/new_board.sh">
+        <input
+                type="hidden"
+                name="csrf_token"
+                value="{{ .CSRFToken }}" />
+        <input type="text" placeholder="shortname" name="shortname"/>
+        <input type="text" placeholder="longname" name="longname"/>
+        <input type="submit" value="Create Board" />
+        <input type="reset" value="Reset" />
+    </form>
+</div>
+<div class="panel remover post">
+    <form method="POST" action="/admin/rem_post.sh">
+        <input
+                type="hidden"
+                name="csrf_token"
+                value="{{ .CSRFToken }}" />
+        <input type="text" placeholder="post id" name="post id"/>
+        <input type="submit" value="Remove Post" />
+        <input type="reset" value="Reset" />
+    </form>
+</div>
+<div class="panel remover thread">
+    <form method="POST" action="/admin/rem_thread.sh">
+        <input
+                type="hidden"
+                name="csrf_token"
+                value="{{ .CSRFToken }}" />
+        <input type="text" placeholder="thread id" name="thread id"/>
+        <input type="submit" value="Remove thread" />
+        <input type="reset" value="Reset" />
+    </form>
+</div>
+</body>
+</html>