magnetico/cmd/magneticow/main.go
2018-07-12 10:58:39 +03:00

321 lines
9.1 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package main
import (
"bufio"
"bytes"
"encoding/hex"
"fmt"
"html/template"
"io"
"log"
"net/http"
"os"
"os/signal"
"path"
"regexp"
"sync"
"syscall"
"time"
"github.com/Wessie/appdirs"
"github.com/dustin/go-humanize"
"github.com/gorilla/mux"
"github.com/gorilla/schema"
"github.com/jessevdk/go-flags"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
"golang.org/x/crypto/bcrypt"
"github.com/boramalper/magnetico/pkg/persistence"
)
const N_TORRENTS = 20
// Set a Decoder instance as a package global, because it caches
// meta-data about structs, and an instance can be shared safely.
var decoder = schema.NewDecoder()
var templates map[string]*template.Template
var database persistence.Database
var opts struct{
Addr string
Database string
Credentials map[string][]byte // TODO: encapsulate credentials and mutex for safety
CredentialsRWMutex sync.RWMutex
CredentialsPath string
}
func main() {
loggerLevel := zap.NewAtomicLevel()
// Logging levels: ("debug", "info", "warn", "error", "dpanic", "panic", and "fatal").
logger := zap.New(zapcore.NewCore(
zapcore.NewConsoleEncoder(zap.NewDevelopmentEncoderConfig()),
zapcore.Lock(os.Stderr),
loggerLevel,
))
defer logger.Sync()
zap.ReplaceGlobals(logger)
zap.L().Info("magneticow v0.7.0 has been started.")
zap.L().Info("Copyright (C) 2017 Mert Bora ALPER <bora@boramalper.org>.")
zap.L().Info("Dedicated to Cemile Binay, in whose hands I thrived.")
if err := parseFlags(); err != nil {
zap.L().Error("Error while initializing", zap.Error(err))
return
}
// Reload credentials when you receive SIGHUP
sighupChan := make(chan os.Signal, 1)
signal.Notify(sighupChan, syscall.SIGHUP)
go func() {
for range sighupChan {
opts.CredentialsRWMutex.Lock()
if opts.Credentials == nil {
zap.L().Warn("Ignoring SIGHUP since `no-auth` was supplied")
continue
}
opts.Credentials = make(map[string][]byte) // Clear opts.Credentials
opts.CredentialsRWMutex.Unlock()
if err := loadCred(opts.CredentialsPath); err != nil { // Reload credentials
zap.L().Warn("couldn't load credentials", zap.Error(err))
}
}
}()
router := mux.NewRouter()
router.HandleFunc("/",
BasicAuth(rootHandler, "magneticow"))
router.HandleFunc("/api/v0.1/files/{infohash:[a-f0-9]{40}}",
BasicAuth(apiFilesInfohashHandler, "magneticow"))
router.HandleFunc("/api/v0.1/statistics",
BasicAuth(apiStatisticsHandler, "magneticow"))
router.HandleFunc("/api/v0.1/torrents",
BasicAuth(apiTorrentsHandler, "magneticow"))
router.HandleFunc("/api/v0.1/torrents/{infohash:[a-f0-9]{40}}",
BasicAuth(apiTorrentsInfohashHandler, "magneticow"))
router.HandleFunc("/feed",
BasicAuth(feedHandler, "magneticow"))
router.PathPrefix("/static").HandlerFunc(
BasicAuth(staticHandler, "magneticow"))
router.HandleFunc("/statistics",
BasicAuth(statisticsHandler, "magneticow"))
router.HandleFunc("/torrents",
BasicAuth(torrentsHandler, "magneticow"))
router.HandleFunc("/torrents/{infohash:[a-f0-9]{40}}",
BasicAuth(torrentsInfohashHandler, "magneticow"))
templateFunctions := template.FuncMap{
"add": func(augend int, addends int) int {
return augend + addends
},
"subtract": func(minuend int, subtrahend int) int {
return minuend - subtrahend
},
"bytesToHex": func(bytes []byte) string {
return hex.EncodeToString(bytes)
},
"unixTimeToYearMonthDay": func(s int64) string {
tm := time.Unix(s, 0)
// > Format and Parse use example-based layouts. Usually you’ll use a constant from time
// > for these layouts, but you can also supply custom layouts. Layouts must use the
// > reference time Mon Jan 2 15:04:05 MST 2006 to show the pattern with which to
// > format/parse a given time/string. The example time must be exactly as shown: the
// > year 2006, 15 for the hour, Monday for the day of the week, etc.
// https://gobyexample.com/time-formatting-parsing
// Why you gotta be so weird Go?
return tm.Format("02/01/2006")
},
"humanizeSize": func(s uint64) string {
return humanize.IBytes(s)
},
"humanizeSizeF": func(s int64) string {
if s < 0 {
return ""
}
return humanize.IBytes(uint64(s))
},
"comma": func(s uint) string {
return humanize.Comma(int64(s))
},
}
templates = make(map[string]*template.Template)
templates["feed"] = template.Must(template.New("feed").Funcs(templateFunctions).Parse(string(mustAsset("templates/feed.xml"))))
templates["homepage"] = template.Must(template.New("homepage").Funcs(templateFunctions).Parse(string(mustAsset("templates/homepage.html"))))
templates["torrent"] = template.Must(template.New("torrent").Funcs(templateFunctions).Parse(string(mustAsset("templates/torrent.html"))))
var err error
database, err = persistence.MakeDatabase(opts.Database, logger)
if err != nil {
panic(err.Error())
}
decoder.IgnoreUnknownKeys(false)
decoder.ZeroEmpty(true)
zap.L().Info("magneticow is ready to serve!")
err = http.ListenAndServe(opts.Addr, router)
if err != nil {
zap.L().Error("ListenAndServe error", zap.Error(err))
}
}
// TODO: I think there is a standard lib. function for this
func respondError(w http.ResponseWriter, statusCode int, format string, a ...interface{}) {
w.WriteHeader(statusCode)
w.Write([]byte(fmt.Sprintf(format, a...)))
}
func mustAsset(name string) []byte {
data, err := Asset(name)
if err != nil {
log.Panicf("Could NOT access the requested resource `%s`: %s (please inform us, this is a BUG!)", name, err.Error())
}
return data
}
func parseFlags() error {
var cmdFlags struct {
Addr string `short:"a" long:"addr" description:"Address (host:port) to serve on" default:":8080"`
Database string `short:"d" long:"database" description:"URL of the (magneticod) database"`
Cred string `short:"c" long:"credentials" description:"Path to the credentials file"`
NoAuth bool ` long:"no-auth" description:"Disables authorisation"`
}
if _, err := flags.Parse(&cmdFlags); err != nil {
return err
}
if cmdFlags.Cred != "" && cmdFlags.NoAuth {
return fmt.Errorf("`credentials` and `no-auth` cannot be supplied together")
}
opts.Addr = cmdFlags.Addr
if cmdFlags.Database == "" {
opts.Database = "sqlite3://" + path.Join(
appdirs.UserDataDir("magneticod", "", "", false),
"database.sqlite3",
)
}
if cmdFlags.Cred == "" && !cmdFlags.NoAuth {
opts.CredentialsPath = path.Join(
appdirs.UserConfigDir("magneticow", "", "", false),
"credentials",
)
} else {
opts.CredentialsPath = cmdFlags.Cred
}
fmt.Printf("%v credpath %s\n", cmdFlags.NoAuth, opts.CredentialsPath)
if opts.CredentialsPath != "" {
opts.Credentials = make(map[string][]byte)
if err := loadCred(opts.CredentialsPath); err != nil {
return err
}
} else {
opts.Credentials = nil
}
return nil
}
func loadCred(cred string) error {
file, err := os.Open(cred)
if err != nil {
return err
}
opts.CredentialsRWMutex.Lock()
defer opts.CredentialsRWMutex.Unlock()
reader := bufio.NewReader(file)
for lineno := 1; true; lineno++ {
line, err := reader.ReadBytes('\n')
if err != nil {
if err == io.EOF {
break;
}
return fmt.Errorf("error while reading line %d: %s", lineno, err.Error())
}
line = line[:len(line) - 1] // strip '\n'
/* The following regex checks if the line satisfies the following conditions:
*
* <USERNAME>:<BCRYPT HASH>
*
* where
* <USERNAME> must start with a small-case a-z character, might contain non-consecutive
* underscores in-between, and consists of small-case a-z characters and digits 0-9.
*
* <BCRYPT HASH> is the output of the well-known bcrypt function.
*/
re := regexp.MustCompile(`^[a-z](?:_?[a-z0-9])*:\$2[aby]?\$\d{1,2}\$[./A-Za-z0-9]{53}$`)
if !re.Match(line) {
return fmt.Errorf("on line %d: format should be: <USERNAME>:<BCRYPT HASH>", lineno)
}
tokens := bytes.Split(line, []byte(":"))
opts.Credentials[string(tokens[0])] = tokens[1]
}
return nil
}
// BasicAuth wraps a handler requiring HTTP basic auth for it using the given
// username and password and the specified realm, which shouldn't contain quotes.
//
// Most web browser display a dialog with something like:
//
// The website says: "<realm>"
//
// Which is really stupid so you may want to set the realm to a message rather than
// an actual realm.
//
// Source: https://stackoverflow.com/a/39591234/4466589
func BasicAuth(handler http.HandlerFunc, realm string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
username, password, ok := r.BasicAuth()
if !ok { // No credentials provided
authenticate(w, realm)
return
}
opts.CredentialsRWMutex.RLock()
hashedPassword, ok := opts.Credentials[username]
opts.CredentialsRWMutex.RUnlock()
if !ok { // User not found
authenticate(w, realm)
return
}
if err := bcrypt.CompareHashAndPassword(hashedPassword, []byte(password)); err != nil { // Wrong password
authenticate(w, realm)
return
}
handler(w, r)
}
}
func authenticate(w http.ResponseWriter, realm string) {
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
w.WriteHeader(401)
if _, err := w.Write([]byte("Unauthorised.\n")); err != nil {
panic(err.Error())
}
}