Albirew/nyaa-pantsu
Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Code Activité
Ce dépôt a été archivé le 2022-05-07. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
nyaa-pantsu/router/api_handler.go

427 lignes
13 Kio
Go
Brut Vue normale Historique

Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
package router
api upload
2017-05-08 11:18:49 +02:00
import (
"encoding/json"
Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
"html"
api upload
2017-05-08 11:18:49 +02:00
"net/http"
Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
"strconv"
stuff
2017-05-11 05:04:11 +02:00
"strings"
api upload
2017-05-08 11:18:49 +02:00
"time"
finish repo transfer
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/config"
"github.com/NyaaPantsu/nyaa/db"
"github.com/NyaaPantsu/nyaa/model"
"github.com/NyaaPantsu/nyaa/service"
"github.com/NyaaPantsu/nyaa/service/api"
"github.com/NyaaPantsu/nyaa/service/torrent"
Implement HEAD for views (#695) * Implement HEAD for /view/{id} Implement HEAD for the torrent view route by calling GetRawTorrentById. Run gofmt on the file while we are here. * Implement HEAD for /api/view/{id} Implement HEAD in the same way as /view/{id} Also run gofmt on the api_handler.go
2017-05-23 05:18:19 +02:00
"github.com/NyaaPantsu/nyaa/service/upload"
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
"github.com/NyaaPantsu/nyaa/service/user"
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
"github.com/NyaaPantsu/nyaa/service/user/form"
"github.com/NyaaPantsu/nyaa/util/crypto"
finish repo transfer
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/util/log"
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
msg "github.com/NyaaPantsu/nyaa/util/messages"
"github.com/NyaaPantsu/nyaa/util/modelHelper"
add searching via the api
2017-05-25 02:42:35 +02:00
"github.com/NyaaPantsu/nyaa/util/search"
api upload
2017-05-08 11:18:49 +02:00
"github.com/gorilla/mux"
Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
)
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
// APIHandler : Controller for api request on torrent list
func APIHandler(w http.ResponseWriter, r *http.Request) {
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
t := r.URL.Query().Get("t")
if t != "" {
RSSTorznabHandler(w, r)
} else {
vars := mux.Vars(r)
page := vars["page"]
whereParams := serviceBase.WhereParams{}
req := apiService.TorrentsRequest{}
defer r.Body.Close()
search query
2017-05-09 17:09:45 +02:00
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
contentType := r.Header.Get("Content-Type")
if contentType == "application/json" {
d := json.NewDecoder(r.Body)
if err := d.Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
default value bug
2017-05-09 18:54:12 +02:00
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
if req.MaxPerPage == 0 {
New config files (#854) * New config files As decided, config files are parsed at runtime. I decided to go for YAML config files because there can be comments in it. There are 2 files: * config/default_config.yml <= which shouldn't be edited unless we add a config parameter * config/config.yml <= which is the user-defined config. This file shouldn't be commited Changed every call to config.XXX to config.Conf.XXX (look to the new stucture of config in config/types.go) Of course, putting config parameters in config.yml overrides config in config_default.yml. You don't have to put everything in it, just add what you want to override. * Fixing test Replacing conf.New by config.Conf * Fixing call to config.Conf to config.Config{} in test files * Might have fixed testing with this Printf instead of Fatalf * Renaming config.yml in example file * Forbid commiting config.yml * Should be now fixed * Do not need this file anymore
2017-05-31 04:21:57 +02:00
req.MaxPerPage = config.Conf.Navigation.TorrentsPerPage
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
}
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
if req.Page <= 0 {
req.Page = 1
}
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
whereParams = req.ToParams()
} else {
var err error
maxString := r.URL.Query().Get("max")
if maxString != "" {
req.MaxPerPage, err = strconv.Atoi(maxString)
if !log.CheckError(err) {
req.MaxPerPage = config.Conf.Navigation.TorrentsPerPage
}
} else {
req.MaxPerPage = config.Conf.Navigation.TorrentsPerPage
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
}
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
req.Page = 1
if page != "" {
req.Page, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
if req.Page <= 0 {
NotFoundHandler(w, r)
return
}
Fix bug, remove literals (#629) * Use ModeratorDir variable * Rename cookieHelper to cookie_helper for consistency * Use named constant instead of literals * Fix ability to upload when uploads are disabled The old code let people upload under the right conditions when uploads were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is false) * Increase timeout (fixes #517) * Fix inconsistent indentation *.{js, css} (fix #583) * Fix negative page Temporary fix. The issue was that going to a negative page caused the sql query to have a negative offset. This caused an error in the database query. We need to cleanup this code, but this will work for now. * Fix wrong PG_DATA directory due to upgrade to 9.6 * Add server status link to FAQ * Fix failing tests * Clarify group_vars/all and hosts doc * Add a wrapper to protect /mod route * Fix login page not showing form errors
2017-05-20 01:10:16 +02:00
}
default value bug
2017-05-09 18:54:12 +02:00
}
search query
2017-05-09 17:09:45 +02:00
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
torrents, nbTorrents, err := torrentService.GetTorrents(whereParams, req.MaxPerPage, req.MaxPerPage*(req.Page-1))
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
api upload
2017-05-08 11:18:49 +02:00
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
b := model.APIResultJSON{
Fix for API request hidden torrents Usernames were not hidden when doing api request
2017-06-24 10:53:22 +02:00
Torrents: model.APITorrentsToJSON(torrents),
Fix torznab to /api also Torznab can still be accessed to /feed/torznab and also to /api?t=something
2017-06-16 01:30:09 +02:00
}
b.QueryRecordCount = req.MaxPerPage
b.TotalRecordCount = nbTorrents
w.Header().Set("Content-Type", "application/json")
err = json.NewEncoder(w).Encode(b)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
}
}
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
// APIViewHandler : Controller for viewing a torrent by its ID
func APIViewHandler(w http.ResponseWriter, r *http.Request) {
Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
vars := mux.Vars(r)
id := vars["id"]
Golint friendly next (#756) * Gofmt friendly Keeping Go source code in line with what they preconize * Golint Friendly Next So I have made some variables unexported Added comments in every function that I know what it does Removed some deprecated stuff that I was sure of Added a comment on possible deprecated methods "Is it deprecated?" Changed some variable/method name according to golint recommendations * Update filelist.go
2017-05-26 12:12:52 +02:00
torrent, err := torrentService.GetTorrentByID(id)
Add err check from GetTorrentById return in ApiViewHandler (#696) This should give a better response to API users for when something is not found.
2017-05-23 05:18:25 +02:00
if err != nil {
http.Error(w, err.Error(), http.StatusNotFound)
return
}
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
b := torrent.ToJSON()
Separated Routes and handler from Main Everything is in the router folder in different file
2017-05-05 16:39:15 +02:00
w.Header().Set("Content-Type", "application/json")
err = json.NewEncoder(w).Encode(b)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
Hopefully fix memleak
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
Stop using categories & status DB tables Also fixes the incorrect JSON keys in API responses
2017-05-06 23:46:53 +02:00
}
api upload
2017-05-08 11:18:49 +02:00
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
// APIViewHeadHandler : Controller for checking a torrent by its ID
func APIViewHeadHandler(w http.ResponseWriter, r *http.Request) {
Implement HEAD for views (#695) * Implement HEAD for /view/{id} Implement HEAD for the torrent view route by calling GetRawTorrentById. Run gofmt on the file while we are here. * Implement HEAD for /api/view/{id} Implement HEAD in the same way as /view/{id} Also run gofmt on the api_handler.go
2017-05-23 05:18:19 +02:00
vars := mux.Vars(r)
id, err := strconv.ParseInt(vars["id"], 10, 32)
Hopefully fix memleak
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
Implement HEAD for views (#695) * Implement HEAD for /view/{id} Implement HEAD for the torrent view route by calling GetRawTorrentById. Run gofmt on the file while we are here. * Implement HEAD for /api/view/{id} Implement HEAD in the same way as /view/{id} Also run gofmt on the api_handler.go
2017-05-23 05:18:19 +02:00
if err != nil {
return
}
Golint friendly next (#756) * Gofmt friendly Keeping Go source code in line with what they preconize * Golint Friendly Next So I have made some variables unexported Added comments in every function that I know what it does Removed some deprecated stuff that I was sure of Added a comment on possible deprecated methods "Is it deprecated?" Changed some variable/method name according to golint recommendations * Update filelist.go
2017-05-26 12:12:52 +02:00
_, err = torrentService.GetRawTorrentByID(uint(id))
Implement HEAD for views (#695) * Implement HEAD for /view/{id} Implement HEAD for the torrent view route by calling GetRawTorrentById. Run gofmt on the file while we are here. * Implement HEAD for /api/view/{id} Implement HEAD in the same way as /view/{id} Also run gofmt on the api_handler.go
2017-05-23 05:18:19 +02:00
if err != nil {
NotFoundHandler(w, r)
return
}
w.Write(nil)
}
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
// APIUploadHandler : Controller for uploading a torrent with api
func APIUploadHandler(w http.ResponseWriter, r *http.Request) {
Update apiHandler.go
2017-05-18 15:37:44 +02:00
token := r.Header.Get("Authorization")
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
username := r.FormValue("username")
user, _, _, _, err := userService.RetrieveUserByAPITokenAndName(token, username)
messages := msg.GetMessages(r)
Hopefully fix memleak
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
Fix bug, remove literals (#629) * Use ModeratorDir variable * Rename cookieHelper to cookie_helper for consistency * Use named constant instead of literals * Fix ability to upload when uploads are disabled The old code let people upload under the right conditions when uploads were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is false) * Increase timeout (fixes #517) * Fix inconsistent indentation *.{js, css} (fix #583) * Fix negative page Temporary fix. The issue was that going to a negative page caused the sql query to have a negative offset. This caused an error in the database query. We need to cleanup this code, but this will work for now. * Fix wrong PG_DATA directory due to upgrade to 9.6 * Add server status link to FAQ * Fix failing tests * Clarify group_vars/all and hosts doc * Add a wrapper to protect /mod route * Fix login page not showing form errors
2017-05-20 01:10:16 +02:00
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
if err != nil {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.AddError("errors", "Error API token doesn't exist")
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
Fix bug, remove literals (#629) * Use ModeratorDir variable * Rename cookieHelper to cookie_helper for consistency * Use named constant instead of literals * Fix ability to upload when uploads are disabled The old code let people upload under the right conditions when uploads were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is false) * Increase timeout (fixes #517) * Fix inconsistent indentation *.{js, css} (fix #583) * Fix negative page Temporary fix. The issue was that going to a negative page caused the sql query to have a negative offset. This caused an error in the database query. We need to cleanup this code, but this will work for now. * Fix wrong PG_DATA directory due to upgrade to 9.6 * Add server status link to FAQ * Fix failing tests * Clarify group_vars/all and hosts doc * Add a wrapper to protect /mod route * Fix login page not showing form errors
2017-05-20 01:10:16 +02:00
if !uploadService.IsUploadEnabled(user) {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.AddError("errors", "Error uploads are disabled")
api upload
2017-05-08 11:18:49 +02:00
}
Fix bug, remove literals (#629) * Use ModeratorDir variable * Rename cookieHelper to cookie_helper for consistency * Use named constant instead of literals * Fix ability to upload when uploads are disabled The old code let people upload under the right conditions when uploads were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is false) * Increase timeout (fixes #517) * Fix inconsistent indentation *.{js, css} (fix #583) * Fix negative page Temporary fix. The issue was that going to a negative page caused the sql query to have a negative offset. This caused an error in the database query. We need to cleanup this code, but this will work for now. * Fix wrong PG_DATA directory due to upgrade to 9.6 * Add server status link to FAQ * Fix failing tests * Clarify group_vars/all and hosts doc * Add a wrapper to protect /mod route * Fix login page not showing form errors
2017-05-20 01:10:16 +02:00
stuff
2017-05-11 05:04:11 +02:00
if user.ID == 0 {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.ImportFromError("errors", apiService.ErrAPIKey)
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
Add website link and remake flag to api (#797)
2017-05-28 06:22:39 +02:00
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
if !messages.HasErrors() {
upload := apiService.TorrentRequest{}
contentType := r.Header.Get("Content-Type")
if contentType != "application/json" && !strings.HasPrefix(contentType, "multipart/form-data") && r.Header.Get("Content-Type") != "application/x-www-form-urlencoded" {
// TODO What should we do here ? upload is empty so we shouldn't
// create a torrent from it
messages.AddError("errors", "Please provide either of Content-Type: application/json header or multipart/form-data")
}
// As long as the right content-type is sent, formValue is smart enough to parse it
err = upload.ExtractInfo(r)
if err != nil {
messages.ImportFromError("errors", err)
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
Elasticsearch integration (WIP) (#730) * Update mapping to be similar to TorrentJSON * Implement ES search for TorrentParam * Add seeders/leechers/completed to es index * Fix filter, use analyzer * Use ES for the search route * Add upload_id filtering with ES * Create/update ES index on torrent upload/update * Delete from ES index on Delete * Use ES everywhere, fallback to postgres query Use Elasticsearch to search the index whenever a call to searchByQuery is made. Big cleanup needed, but _it werks_. * Only fetch ids from ES, nothing else * Use ColumnUpdate instead of Save * Add FIXME/info to search * Template needs []TorrentJSON not []Torrent
2017-05-26 01:48:14 +02:00
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
if !messages.HasErrors() {
status := model.TorrentStatusNormal
if upload.Remake { // overrides trusted
status = model.TorrentStatusRemake
} else if user.IsTrusted() {
status = model.TorrentStatusTrusted
}
err = torrentService.ExistOrDelete(upload.Infohash, user)
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
if err != nil {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.ImportFromError("errors", err)
}
if !messages.HasErrors() {
torrent := model.Torrent{
Name: upload.Name,
Category: upload.CategoryID,
SubCategory: upload.SubCategoryID,
Status: status,
Hidden: upload.Hidden,
Hash: upload.Infohash,
Date: time.Now(),
Filesize: upload.Filesize,
Description: upload.Description,
WebsiteLink: upload.WebsiteLink,
UploaderID: user.ID}
torrent.ParseTrackers(upload.Trackers)
db.ORM.Create(&torrent)
if db.ElasticSearchClient != nil {
err := torrent.AddToESIndex(db.ElasticSearchClient)
if err == nil {
log.Infof("Successfully added torrent to ES index.")
} else {
log.Errorf("Unable to add torrent to ES index: %s", err)
}
} else {
log.Errorf("Unable to create elasticsearch client: %s", err)
}
messages.AddInfoT("infos", "torrent_uploaded")
torrentService.NewTorrentEvent(Router, user, &torrent)
// add filelist to files db, if we have one
if len(upload.FileList) > 0 {
for _, uploadedFile := range upload.FileList {
file := model.File{TorrentID: torrent.ID, Filesize: upload.Filesize}
err := file.SetPath(uploadedFile.Path)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
db.ORM.Create(&file)
}
}
apiResponseHandler(w, r, torrent.ToJSON())
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
return
Elasticsearch integration (WIP) (#730) * Update mapping to be similar to TorrentJSON * Implement ES search for TorrentParam * Add seeders/leechers/completed to es index * Fix filter, use analyzer * Use ES for the search route * Add upload_id filtering with ES * Create/update ES index on torrent upload/update * Delete from ES index on Delete * Use ES everywhere, fallback to postgres query Use Elasticsearch to search the index whenever a call to searchByQuery is made. Big cleanup needed, but _it werks_. * Only fetch ids from ES, nothing else * Use ColumnUpdate instead of Save * Add FIXME/info to search * Template needs []TorrentJSON not []Torrent
2017-05-26 01:48:14 +02:00
}
}
applied akuma dup fix
2017-05-11 05:25:41 +02:00
}
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
apiResponseHandler(w, r)
api upload
2017-05-08 11:18:49 +02:00
}
upload changes
2017-05-09 19:37:39 +02:00
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
// APIUpdateHandler : Controller for updating a torrent with api
Cleanups and fixes (#623) * Keep naming consistent * Remove execute bit from files * Default to DefaultLanguage (without passing it to the func) * Remove commented code * Use Content-Type to get language json * Lines of 400 characters is dumb * Update new repo in README * Remove useless script since we fallback to a defaultlang * Fix fallback language panic * Fix uninitialized MaxPerPage when not in querystr The issue was that the req.MaxPerPage was not set (default to 0) when the query string didn't include "max". This makes the server query the whole db since the resulting limit is 0. * Fix creating empty torrents (only worked once) * Lines of 400 characters is still dumb
2017-05-19 04:55:59 +02:00
// FIXME Impossible to update a torrent uploaded by user 0
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
func APIUpdateHandler(w http.ResponseWriter, r *http.Request) {
Update apiHandler.go
2017-05-18 15:37:44 +02:00
token := r.Header.Get("Authorization")
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
username := r.FormValue("username")
user, _, _, _, err := userService.RetrieveUserByAPITokenAndName(token, username)
Hopefully fix memleak
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages := msg.GetMessages(r)
Fix bug, remove literals (#629) * Use ModeratorDir variable * Rename cookieHelper to cookie_helper for consistency * Use named constant instead of literals * Fix ability to upload when uploads are disabled The old code let people upload under the right conditions when uploads were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is false) * Increase timeout (fixes #517) * Fix inconsistent indentation *.{js, css} (fix #583) * Fix negative page Temporary fix. The issue was that going to a negative page caused the sql query to have a negative offset. This caused an error in the database query. We need to cleanup this code, but this will work for now. * Fix wrong PG_DATA directory due to upgrade to 9.6 * Add server status link to FAQ * Fix failing tests * Clarify group_vars/all and hosts doc * Add a wrapper to protect /mod route * Fix login page not showing form errors
2017-05-20 01:10:16 +02:00
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
if err != nil {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.AddError("errors", "Error API token doesn't exist")
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
Fix bug, remove literals (#629) * Use ModeratorDir variable * Rename cookieHelper to cookie_helper for consistency * Use named constant instead of literals * Fix ability to upload when uploads are disabled The old code let people upload under the right conditions when uploads were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is false) * Increase timeout (fixes #517) * Fix inconsistent indentation *.{js, css} (fix #583) * Fix negative page Temporary fix. The issue was that going to a negative page caused the sql query to have a negative offset. This caused an error in the database query. We need to cleanup this code, but this will work for now. * Fix wrong PG_DATA directory due to upgrade to 9.6 * Add server status link to FAQ * Fix failing tests * Clarify group_vars/all and hosts doc * Add a wrapper to protect /mod route * Fix login page not showing form errors
2017-05-20 01:10:16 +02:00
if !uploadService.IsUploadEnabled(user) {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.AddError("errors", "Error uploads are disabled")
update
2017-05-09 20:54:50 +02:00
}
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
if user.ID == 0 {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.ImportFromError("errors", apiService.ErrAPIKey)
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
update
2017-05-09 20:54:50 +02:00
contentType := r.Header.Get("Content-Type")
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
if contentType != "application/json" && !strings.HasPrefix(contentType, "multipart/form-data") && r.Header.Get("Content-Type") != "application/x-www-form-urlencoded" {
// TODO What should we do here ? upload is empty so we shouldn't
// create a torrent from it
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.AddError("errors", "Please provide either of Content-Type: application/json header or multipart/form-data")
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
update := apiService.UpdateRequest{}
err = update.Update.ExtractEditInfo(r)
if err != nil {
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
messages.ImportFromError("errors", err)
New upload API (#897) * New upload API (WIP) * update * Last fix * Adding changes from update.go to api.go * fix bracket * fix import
2017-06-05 15:19:25 +02:00
}
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
if !messages.HasErrors() {
torrent := model.Torrent{}
db.ORM.Where("torrent_id = ?", r.FormValue("id")).First(&torrent)
if torrent.ID == 0 {
messages.ImportFromError("errors", apiService.ErrTorrentID)
}
if torrent.UploaderID != 0 && torrent.UploaderID != user.ID { //&& user.Status != mod
messages.ImportFromError("errors", apiService.ErrRights)
}
update.UpdateTorrent(&torrent, user)
activity log for users (#1002) List Torrent delete log Torrent edit log Comment delete log And every other logged activities Can be filtered out by a filter tag ("edit" or "delete" supported) Pages navigation Can be accessed by /activities Added some translation string Fixed hidden username on api request Fixed comments username on modpanel New Activity model New Activity handler New Activity Service Fixed some updating issue for ES when moderating torrents Be aware deleting torrents and comments return the model now!
2017-06-15 04:44:46 +02:00
torrentService.UpdateTorrent(&torrent)
update
2017-05-09 20:54:50 +02:00
}
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
apiResponseHandler(w, r)
token werks
2017-05-09 19:58:35 +02:00
}
Golint friendly (#747) * Making the code Golint friendly * No exported variables when not needed * Same for functions * Simplifying Templates variables with a form basic template variable and a modelList basic template variable * Adapted templates to new template variables * use of .Models instead of model list * use of .Form instead of modelform * Small fix * Small fix 2 Forgot $.Form * Reverting templateDir as a var
2017-05-25 21:54:58 +02:00
// APISearchHandler : Controller for searching with api
func APISearchHandler(w http.ResponseWriter, r *http.Request) {
add searching via the api
2017-05-25 02:42:35 +02:00
vars := mux.Vars(r)
page := vars["page"]
Hopefully fix memleak
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
add searching via the api
2017-05-25 02:42:35 +02:00
// db params url
var err error
pagenum := 1
if page != "" {
pagenum, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
if pagenum <= 0 {
NotFoundHandler(w, r)
return
}
}
Fix the fact that we didn't have uploader name on api search
2017-06-10 19:46:04 +02:00
_, torrents, _, err := search.SearchByQueryWithUser(r, pagenum)
add searching via the api
2017-05-25 02:42:35 +02:00
if err != nil {
Fix both error message + HTML showing on home page Also remove util.SendError since it's not very useful.
2017-06-06 16:22:26 +02:00
http.Error(w, err.Error(), http.StatusInternalServerError)
add searching via the api
2017-05-25 02:42:35 +02:00
return
}
Fix for API request hidden torrents Usernames were not hidden when doing api request
2017-06-24 10:53:22 +02:00
b := model.APITorrentsToJSON(torrents)
add searching via the api
2017-05-25 02:42:35 +02:00
w.Header().Set("Content-Type", "application/json")
err = json.NewEncoder(w).Encode(b)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}
API update completely functionnal for app usage (#987) The api has been tested and works as intended. Now users do not have to go on the website to get back their token, they just have to register. Torrents show the right stats and username on api request when search is done User model when converted to JSON gives us the apitoken and md5 hash of email (for gravatar) Verification on upload is done by token and username instead of token only Errors are now given in json format in the api Global api response handler for less code redundancy and same response pattern Moved user auth check in cookie_helper to user.go Fixed bug with CSRF prevention in /api Added translation strings
2017-06-13 08:01:57 +02:00
// APILoginHandler : Login with API
// This is not an OAuth api like and shouldn't be used for anything except getting the API Token in order to not store a password
func APILoginHandler(w http.ResponseWriter, r *http.Request) {
b := form.LoginForm{}
messages := msg.GetMessages(r)
contentType := r.Header.Get("Content-type")
if !strings.HasPrefix(contentType, "application/json") && !strings.HasPrefix(contentType, "multipart/form-data") && !strings.HasPrefix(contentType, "application/x-www-form-urlencoded") {
// TODO What should we do here ? upload is empty so we shouldn't
// create a torrent from it
messages.AddError("errors", "Please provide either of Content-Type: application/json header or multipart/form-data")
}
if strings.HasPrefix(contentType, "multipart/form-data") || strings.HasPrefix(contentType, "application/x-www-form-urlencoded") {
modelHelper.BindValueForm(&b, r)
} else {
decoder := json.NewDecoder(r.Body)
err := decoder.Decode(&b)
if err != nil {
messages.ImportFromError("errors", err)
}
}
defer r.Body.Close()
modelHelper.ValidateForm(&b, messages)
if !messages.HasErrors() {
user, _, errorUser := userService.CreateUserAuthenticationAPI(r, &b)
if errorUser == nil {
messages.AddInfo("infos", "Logged")
apiResponseHandler(w, r, user.ToJSON())
return
}
messages.ImportFromError("errors", errorUser)
}
apiResponseHandler(w, r)
}
// APIRefreshTokenHandler : Refresh Token with API
func APIRefreshTokenHandler(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
username := r.FormValue("username")
user, _, _, _, err := userService.RetrieveUserByAPITokenAndName(token, username)
defer r.Body.Close()
messages := msg.GetMessages(r)
if err != nil {
messages.AddError("errors", "Error API token doesn't exist")
}
if !messages.HasErrors() {
user.APIToken, _ = crypto.GenerateRandomToken32()
user.APITokenExpiry = time.Unix(0, 0)
_, errorUser := userService.UpdateRawUser(user)
if errorUser == nil {
messages.AddInfoT("infos", "profile_updated")
apiResponseHandler(w, r, user.ToJSON())
return
}
messages.ImportFromError("errors", errorUser)
}
apiResponseHandler(w, r)
}
// APICheckTokenHandler : Check Token with API
func APICheckTokenHandler(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
username := r.FormValue("username")
user, _, _, _, err := userService.RetrieveUserByAPITokenAndName(token, username)
defer r.Body.Close()
messages := msg.GetMessages(r)
if err != nil {
messages.AddError("errors", "Error API token doesn't exist")
} else {
messages.AddInfo("infos", "Logged")
}
apiResponseHandler(w, r, user.ToJSON())
}
// This function is the global response for every simple Post Request API
// Please use it. Responses are of the type:
// {ok: bool, [errors | infos]: ArrayOfString [, data: ArrayOfObjects, all_errors: ArrayOfObjects]}
// To send errors or infos, you just need to use the Messages Util
func apiResponseHandler(w http.ResponseWriter, r *http.Request, obj ...interface{}) {
messages := msg.GetMessages(r)
var apiJSON []byte
w.Header().Set("Content-Type", "application/json")
if !messages.HasErrors() {
mapOk := map[string]interface{}{"ok": true, "infos": messages.GetInfos("infos")}
if len(obj) > 0 {
mapOk["data"] = obj
if len(obj) == 1 {
mapOk["data"] = obj[0]
}
}
apiJSON, _ = json.Marshal(mapOk)
} else { // We need to show error messages
mapNotOk := map[string]interface{}{"ok": false, "errors": messages.GetErrors("errors"), "all_errors": messages.GetAllErrors()}
if len(obj) > 0 {
mapNotOk["data"] = obj
if len(obj) == 1 {
mapNotOk["data"] = obj[0]
}
}
if len(messages.GetAllErrors()) > 0 && len(messages.GetErrors("errors")) == 0 {
mapNotOk["errors"] = "errors"
}
apiJSON, _ = json.Marshal(mapNotOk)
}
w.Write(apiJSON)
}
Copier le lien permanent