n/napkin
n/napkin
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Cleaned up some stuff, fixed up a very stupid bug, properly used weblit's request header stuff, and setting up first steps for CRUD

Browse source
This commit is contained in:
n* 2025-03-09 20:35:58 -03:00
parent 3adbee7c77
commit f42ce9a00c
15 changed files with 185 additions and 145 deletions
Download patch file Download diff file Expand all files Collapse all files

4
database.lua
View file

@ -169,6 +169,10 @@ do
local author = authors.from_id(id, true) local author = authors.from_id(id, true)
assert(author) assert(author)
if not utils.is_valid_handle(handle) then
return nil, "blog_handle_invalid"
end
local blog = { local blog = {
owner = id, owner = id,
title = title or handle, title = title or handle,

1
database/authors/3137.json Normal file
View file

@ -0,0 +1 @@
{"password":"6dd438e25e6678edab3439227702a588635b377a9a3025d49975cf51c3c042a1","blogs":[],"salt":"3cdb6a02-0da0-4b66-b5d7-6be8cf77fb63","tokens":["29af2735-fe55-42ef-99d5-5eecce6cc0a6"]}

1
database/blogs/tf2sucks.json Normal file
View file

@ -0,0 +1 @@
{"updated_at":1741562219,"description":"minecraft","banner":[],"index":[],"created_at":1741562219,"owner":"3137","title":"makes me sad","handle":"tf2sucks"}

1
database/tokens/29af2735-fe55-42ef-99d5-5eecce6cc0a6.json Normal file
View file

@ -0,0 +1 @@
{"expires":1744189864,"of":"3137","dead":false}

12
deps/weblit-server.lua vendored
View file

@ -106,15 +106,13 @@ local function newServer(run)
local success, err = pcall(function() local success, err = pcall(function()
if req.method ~= "GET" then if req.method ~= "GET" then
local expectedSize
local maxSize = 1024 * 5 -- 5kb local maxSize = 1024 * 5 -- 5kb
req.expectedSize = req.headers["content-length"] or maxSize req.expectedSize = tonumber(req.headers["content-length"] or maxSize)
if expectedSize then
local bodySize = 0 local bodySize = 0
if expectedSize <= maxSize then if req.expectedSize <= maxSize then
local parts = {} local parts = {}
for chunk in read do for chunk in read do
if #chunk == 0 then if #chunk == 0 then
@ -124,17 +122,17 @@ local function newServer(run)
parts[#parts + 1] = chunk parts[#parts + 1] = chunk
bodySize = bodySize + #chunk bodySize = bodySize + #chunk
if bodySize > expectedSize then if bodySize > req.expectedSize then
error("Request body exceeds expected size") error("Request body exceeds expected size")
end end
end end
if bodySize ~= expectedSize then if bodySize ~= req.expectedSize then
error("Request body is not of the expected size") error("Request body is not of the expected size")
end end
req.body = table.concat(parts) req.body = table.concat(parts)
end req.read = nil
end end
end end

1
errors.lua
View file

@ -10,6 +10,7 @@ local errors = {
blog_was_deleted = "blog was deleted :(", blog_was_deleted = "blog was deleted :(",
blog_handle_taken = "blog handle is already taken", blog_handle_taken = "blog handle is already taken",
blog_handle_invalid = "blog handle is invalid!", blog_handle_invalid = "blog handle is invalid!",
blog_already_exists = "blog_already_exists",
post_not_found = "post not found :(", post_not_found = "post not found :(",

152
main.lua
View file

@ -1,6 +1,6 @@
local weblit = require('weblit') local weblit = require('weblit')
local cookie = require('weblit-cookie') local cookie = require('weblit-cookie')
local multipart = require('weblit-multipart') --local multipart = require('weblit-multipart')
local timer = require("timer") local timer = require("timer")
local radon = require("radon") local radon = require("radon")
@ -9,6 +9,9 @@ local database = require("./database")
local errors = require("./errors") local errors = require("./errors")
local utils = require("./utils") local utils = require("./utils")
local blogs = require("blogs")
local authors = require("authors")
local templater = function(template, rate) local templater = function(template, rate)
return function(req, res) return function(req, res)
@ -55,24 +58,147 @@ weblit.app
weblit.static("database/media") weblit.static("database/media")
) )
.route( --.route(
{ path = "/media", method = "POST" }, -- { path = "/media", method = "POST" },
multipart { writeTo = "database/media" } -- multipart { writeTo = "database/media" }
) --)
-- TODO: CLONE ALL OF THIS AS A REST API EVENTUALLY, -- TODO: CLONE ALL OF THIS AS A REST API EVENTUALLY,
.route({ path = "/signup" }, templater("signup")) .route({ path = "/signup" }, templater("signup"))
.route({ path = "/signup2" }, templater("signup2", 3000)) .route({ path = "/signup2" }, templater("signup2", 3000))
.route({ path = "/login" }, templater("login"))
.route({ path = "/login2" }, templater("login2", 3000))
.route({ path = "/logout" }, templater("logout", 3000))
-- LOGIN ------------------------
.route({ path = "/login", method = "GET" }, templater("login"))
.route({ path = "/login" }, function(req, res)
local token = req.cookies.auth_token
local form = req.form
local data = {
request = req,
response = res
}
if (not token) and form and form.id and form.password then
if form.id:sub(1, 1) == "@" then
local blog = blogs.from_handle(form.id:sub(2))
if not blog then
return errors.handle(data, "blog_not_found", "/login")
end
form.id = blog.owner
end
token = authors.auth(form.id, form.password)
if not token then
return errors.handle(data, "wrong_credentials", "/login")
end
res.setCookie(
"auth_token", token, {
Path = "/", SameSite = "Strict"
}
)
req.cookies.auth_token = token
end
res.code = 302
res.headers["Location"] = "/"
return ""
end)
.route({ path = "/logout" }, function(req, res)
res.clearCookie("auth_token")
res.headers["Location"] = "/"
res.code = 302
end)
-- BLOGS ------------------------
.route({ path = "/new-blog" }, templater("new-blog")) .route({ path = "/new-blog" }, templater("new-blog"))
.route({ path = "/new-blog2" }, templater("new-blog2", 2000))
.route({ path = "/@:blog" }, templater("blog")) .route({ path = "/@" }, function(req, res)
.route({ path = "/@:blog/:post" }, templater("post")) local form = req.form
.route({ path = "/p/:path" }, function(req, res)
if not (form and form.handle) then
res.code = 302
res.headers["Location"] = "/"
return
end
local handle = form.handle
local data = {
request = req,
response = res
}
local prev = req.headers["referer"] or "/"
if #handle == 0 then
return errors.handle(data, "blog_handle_invalid", prev)
end
if req.method ~= "POST" then
local blog = blogs.from_handle(handle)
if not blog then
return errors.handle(data, "blog_not_found", prev)
end
end
res.code = 307
res.headers["Location"] = "/@" .. handle
end)
.route({ path = "/@:blog:", method = "GET" }, templater("blog"))
.route({ path = "/@:blog:", method = "POST" }, function(req, res)
local form = req.form
if not form then
res.headers["Location"] = "/"
res.code = 302
return
end
local data = {
request = req,
response = res
}
local token = req.cookies.auth_token
if not token then
return errors.handle(data, "not_logged_in", "/login")
end
local author_id = authors.id_from_token(token)
if not author_id then
return errors.handle(data, "invalid_token", "/login")
end
local blog = req.params.blog
if not (blog and utils.is_valid_handle(blog)) then
return errors.handle(data, "blog_handle_invalid", "/new-blog")
end
local ok, err = blogs.new_blog(
author_id,
blog,
form.title,
form.about
)
if not ok then
return errors.handle(data, err, "/new-blog")
end
res.code = 302
res.headers["Location"] = "/@" .. blog
end)
-- POSTS ------------------------
.route({ path = "/@:blog:/:post:" }, templater("post"))
.route({ path = "/p/:path:", method = "GET" }, function(req, res)
local path = req.params.path local path = req.params.path
if #path == 0 then if #path == 0 then
res.code = 301 res.code = 301
@ -90,7 +216,7 @@ weblit.app
return return
end end
return error_handler({ return errors.handle({
request = req, request = req,
response = res response = res
}, "post_not_found", "/") }, "post_not_found", "/")

8
static/baseline.css
View file

@ -18,7 +18,7 @@ body {
"Helvetica Neue", "Helvetica Neue",
sans-serif; sans-serif;
gap: 40px; gap: 30px;
display: flex; display: flex;
flex-direction: column; flex-direction: column;
} }
@ -149,7 +149,11 @@ section > h1 {
display: flex; display: flex;
justify-content: space-between; justify-content: space-between;
align-items: center; align-items: center;
height: 1em; height: 2em;
}
/* TODO: RENAME THIS ._. */
.sub-body {
} }
.top-navigator-actions { .top-navigator-actions {

2
template/login.lua
View file

@ -26,7 +26,7 @@ return function(data)
section { section {
form { form {
action = "/login2", action = "/login",
method = "POST", method = "POST",
class = "gapped-row", class = "gapped-row",

41
template/login2.lua
View file

@ -1,41 +0,0 @@
---@diagnostic disable:undefined-global
local wrapper = require "template.wrapper"
local phosphor = require "template.phosphor"
local authors = require "authors"
local blogs = require "blogs"
local utils = require "./utils"
local errors = require "./errors"
return function(data)
local token = data.request.cookies.auth_token
local form = data.request.form
if (not token) and form and form.id and form.password then
if form.id:sub(1, 1) == "@" then
local blog = blog.from_handle(form.id:sub(2))
if blog then
form.id = blog.owner
else
return errors.handle(data, "blog_not_found", "/login")
end
end
token = authors.auth(form.id, form.password)
if not token then
return errors.handle(data, "wrong_credentials", "/login")
end
data.response.setCookie(
"auth_token", token, {
Path = "/", SameSite = "Strict"
}
)
data.request.cookies.auth_token = token
end
data.response.code = 302
data.response.headers["Location"] = "/"
return ""
end

7
template/logout.lua
View file

@ -1,7 +0,0 @@
return function(data)
-- destroy the auth token cookie, and redirect to /
data.response.clearCookie("auth_token")
data.response.headers["Location"] = "/"
data.response.code = 302
end

2
template/new-blog.lua
View file

@ -45,7 +45,7 @@ return function(data)
section { section {
form { form {
method = "post", method = "post",
action = "/new-blog2", action = "/@",
class = "gapped-column", class = "gapped-column",

49
template/new-blog2.lua
View file

@ -1,49 +0,0 @@
local logout = require "template.logout"
local authors = require "authors"
local blogs = require "blogs"
local utils = require "./utils"
local errors = require "./errors"
return function(data)
local token = data.request.cookies.auth_token
if not token then
return errors.handle(data, "not_logged_in", "/login")
end
local author_id = authors.id_from_token(token)
if not author_id then
return errors.handle(data, "invalid_token", "/login")
end
local form = data.request.form
if not (form and form.handle) then
data.response.code = 302
data.response.headers["Location"] = "/new-blog"
return ""
end
print("@line: " .. debug.getinfo(1).currentline)
if not utils.is_valid_handle(form.handle) then
return errors.handle(data, "blog_handle_invalid", "/new-blog")
end
print("@line: " .. debug.getinfo(1).currentline)
print("file: " .. debug.getinfo(1).source)
local ok, err = blogs.new_blog(
author_id,
form.handle,
form.title,
form.about
)
if not ok then
return errors.handle(data, err, "/new-blog")
end
print("@line: " .. debug.getinfo(1).currentline)
print("file: " .. debug.getinfo(1).source)
data.response.code = 302
data.response.headers["Location"] = "/@" .. form.handle
print("Creator's intention.")
end

6
template/wrapper.lua
View file

@ -125,6 +125,12 @@ return function(data)
loader.style.display = null; loader.style.display = null;
} }
}); });
window.addEventListener("pageshow", (event) => {
if (event.persisted) {
loader.style.display = "none";
}
});
]], ]],
card, card,

15
utils.lua
View file

@ -112,16 +112,11 @@ utils.is_valid_password = function(password)
end end
utils.forms = function(req, res, go) utils.forms = function(req, res, go)
req.content_type = nil if
req.headers["content-type"] ==
for _, header in ipairs(req.headers) do "application/x-www-form-urlencoded"
local t = header[1] then
if t == "Content-Type" then print("joey", req.body, req.read)
req.content_type = header[2]
end
end
if req.content_type == "application/x-www-form-urlencoded" then
req.form = utils.parse_form(req.body) req.form = utils.parse_form(req.body)
end end