cdricms/latosa-escrima
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a5846d853e6b482aab02aaa7ee3e08c1855ebaf
latosa-escrima/backend/main.go
cdricms 5a5846d853 Added CSRF & YouTube and dark mode
2025-01-22 17:39:03 +01:00

139 lines
4.3 KiB
Go
Raw Blame History

package main
import (
"fmt"
"log"
"net/http"
"os"
"github.com/joho/godotenv"
"github.com/uptrace/bun/extra/bundebug"
_ "github.com/lib/pq"
"fr.latosa-escrima/api"
"fr.latosa-escrima/api/core"
"github.com/gorilla/csrf"
)
var CORS_AllowOrigin string
func handler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "<html><body><h1>Hello, World!</h1></body></html>")
}
func Cors(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Allow all origins (can restrict to specific origins)
w.Header().Set("Access-Control-Allow-Origin", CORS_AllowOrigin)
// Allow certain HTTP methods (you can customize these as needed)
w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, PATCH")
// Allow certain headers (you can add more as needed)
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-CSRF-Token")
w.Header().Set("Access-Control-Allow-Credentials", "true")
// Handle OPTIONS pre-flight request
if r.Method == http.MethodOptions {
return
}
next.ServeHTTP(w, r)
})
}
func main() {
err := godotenv.Load()
if err != nil {
log.Fatalf("Error loading .env file: %v", err)
}
environ := os.Getenv("ENVIRONMENT")
port := os.Getenv("BACKEND_DOCKER_PORT")
hostname := os.Getenv("DATABASE_HOSTNAME")
postgres_port := os.Getenv("POSTGRES_DOCKER_PORT")
CORS_AllowOrigin = os.Getenv("CORS_AllowOrigin")
if environ == "DEV" {
port = os.Getenv("BACKEND_PORT")
hostname = "localhost"
postgres_port = os.Getenv("POSTGRES_PORT")
}
dsn := core.DSN{
Hostname: hostname,
Port: postgres_port,
DBName: os.Getenv("POSTGRES_DB"),
User: os.Getenv("POSTGRES_USER"),
Password: os.Getenv("POSTGRES_PASSWORD"),
}
fmt.Println(dsn.ToString())
core.DB, err = core.InitDatabase(dsn)
if err != nil {
log.Fatal(err)
}
core.DB.AddQueryHook(bundebug.NewQueryHook(bundebug.WithVerbose(true)))
defer core.DB.Close()
CSRFMiddleware := csrf.Protect(
core.CSRF_KEY,
csrf.Secure(environ != "DEV"),
csrf.HttpOnly(true),
)
mux := http.NewServeMux()
core.HandleRoutes(mux, map[string]core.Handler{
"/": {
Handler: handler,
Middlewares: []core.Middleware{api.Methods("get")}},
"/users/login": {
Handler: api.HandleLogin,
Middlewares: []core.Middleware{api.Methods("POST")}},
"/users/me": {
Handler: api.HandleGetMe,
Middlewares: []core.Middleware{api.Methods("GET"), api.AuthJWT}},
"/users": {
Handler: api.HandleGetUsers,
Middlewares: []core.Middleware{api.Methods("GET"), api.AuthJWT}},
"/users/new": {
Handler: api.HandleCreateUser,
Middlewares: []core.Middleware{api.Methods("POST"), api.AuthJWT}},
"/users/{user_uuid}": {
Handler: api.HandleGetUser,
Middlewares: []core.Middleware{api.Methods("GET"), api.AuthJWT}},
"/users/{user_uuid}/delete": {
Handler: api.HandleDeleteUser,
Middlewares: []core.Middleware{api.Methods("DELETE"), api.AuthJWT}},
"/users/{user_uuid}/update": {
Handler: api.HandleUpdateUser,
Middlewares: []core.Middleware{api.Methods("PATCH"), api.AuthJWT}},
// "/users/{user_uuid}/events": {Handler: nil, Middleware: nil},
// "/users/{user_uuid}/events/{event_uuid}": {Handler: nil, Middleware: nil},
// "/users/{user_uuid}/events/{event_uuid}/delete": {Handler: nil, Middleware: nil},
// "/users/{user_uuid}/events/{event_uuid}/update": {Handler: nil, Middleware: nil},
"/blogs/new": {Handler: api.HandleCreateBlog, Middlewares: nil},
"/blogs/{uuid}": {
Handler: api.HandleGetBlog,
Middlewares: []core.Middleware{api.Methods("GET")}},
"/media/upload": {
Handler: api.HandleUploadMedia,
Middlewares: []core.Middleware{api.Methods("POST"), api.AuthJWT}},
"/media/verify": {
Handler: api.HandleVerifyMedia,
Middlewares: []core.Middleware{api.Methods("POST"), api.AuthJWT},
},
"/contact": {
Handler: api.HandleContact,
Middlewares: []core.Middleware{api.Methods("POST"), CSRFMiddleware},
},
"/csrf-token": {
Handler: api.HandleCSRF,
Middlewares: []core.Middleware{api.Methods("GET"), CSRFMiddleware},
},
})
fmt.Printf("Serving on port %s\n", port)
err = http.ListenAndServe(fmt.Sprintf(":%s", port), Cors(mux))
if err != nil {
fmt.Printf("Error starting server: %s\n", err)
}
}
Reference in New Issue View Git Blame Copy Permalink