116 lines
3.3 KiB
Go
116 lines
3.3 KiB
Go
/*
|
|
Copyright 2017-2022 CAcert Inc.
|
|
SPDX-License-Identifier: Apache-2.0
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package main
|
|
|
|
import (
|
|
"io/fs"
|
|
"net/http"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
"github.com/go-chi/chi/v5/middleware"
|
|
"github.com/vearutop/statigz"
|
|
"github.com/vearutop/statigz/brotli"
|
|
|
|
"git.cacert.org/cacert-boardvoting/ui"
|
|
)
|
|
|
|
func (app *application) routes() http.Handler {
|
|
staticDir, _ := fs.Sub(ui.Files, "static")
|
|
|
|
staticData, ok := staticDir.(fs.ReadDirFS)
|
|
if !ok {
|
|
app.errorLog.Fatal("could not use uiStaticDir as fs.ReadDirFS")
|
|
}
|
|
|
|
fileServer := statigz.FileServer(staticData, brotli.AddEncoding, statigz.EncodeOnInit)
|
|
|
|
router := chi.NewRouter()
|
|
|
|
router.Use(middleware.RealIP)
|
|
router.Use(middleware.RequestLogger(&middleware.DefaultLogFormatter{Logger: app.infoLog}))
|
|
router.Use(middleware.Recoverer)
|
|
router.Use(secureHeaders)
|
|
|
|
router.NotFound(func(w http.ResponseWriter, _ *http.Request) { app.notFound(w) })
|
|
|
|
router.Get(
|
|
"/",
|
|
http.RedirectHandler("/motions/", http.StatusMovedPermanently).ServeHTTP,
|
|
)
|
|
router.Get(
|
|
"/favicon.ico",
|
|
http.RedirectHandler("/static/images/favicon.ico", http.StatusMovedPermanently).ServeHTTP,
|
|
)
|
|
router.Get("/static/*", http.StripPrefix("/static", fileServer).ServeHTTP)
|
|
|
|
router.Group(func(r chi.Router) {
|
|
r.Use(app.sessionManager.LoadAndSave, app.tryAuthenticate)
|
|
|
|
r.Get("/motions/", app.motionList)
|
|
r.Get("/motions/{tag}", app.motionDetails)
|
|
|
|
r.Group(func(r chi.Router) {
|
|
r.Use(app.userCanEditVote, noSurf)
|
|
|
|
r.Get("/newmotion/", app.newMotionForm)
|
|
r.Post("/newmotion/", app.newMotionSubmit)
|
|
|
|
r.Route("/motions/{tag}", func(r chi.Router) {
|
|
r.Get("/edit", app.editMotionForm)
|
|
r.Post("/edit", app.editMotionSubmit)
|
|
r.Get("/withdraw", app.withdrawMotionForm)
|
|
r.Post("/withdraw", app.withdrawMotionSubmit)
|
|
})
|
|
})
|
|
|
|
r.Group(func(r chi.Router) {
|
|
r.Use(app.userCanVote, noSurf)
|
|
|
|
r.Get("/vote/{tag}/{choice}", app.voteForm)
|
|
r.Post("/vote/{tag}/{choice}", app.voteSubmit)
|
|
r.Get("/proxy/{tag}", app.proxyVoteForm)
|
|
r.Post("/proxy/{tag}", app.proxyVoteSubmit)
|
|
})
|
|
|
|
r.Group(func(r chi.Router) {
|
|
r.Use(app.canManageUsers, noSurf)
|
|
|
|
r.Get("/users/", app.userList)
|
|
r.Get("/new-user/", app.newUserForm)
|
|
r.Post("/new-user/", app.newUserSubmit)
|
|
|
|
r.Route("/users/{id}", func(r chi.Router) {
|
|
r.Get("/", app.editUserForm)
|
|
r.Post("/", app.editUserSubmit)
|
|
r.Get("/add-mail", app.userAddEmailForm)
|
|
r.Post("/add-mail", app.userAddEmailSubmit)
|
|
r.Get("/mail/{address}/delete", app.userDeleteEmailForm)
|
|
r.Post("/mail/{address}/delete", app.userDeleteEmailSubmit)
|
|
r.Get("/delete", app.deleteUserForm)
|
|
r.Post("/delete", app.deleteUserSubmit)
|
|
})
|
|
|
|
r.Get("/voters/", app.chooseVotersForm)
|
|
r.Post("/voters/", app.chooseVotersSubmit)
|
|
})
|
|
})
|
|
|
|
router.Get("/health", app.healthCheck)
|
|
|
|
return router
|
|
}
|