commit 17b5884c2c600e5bbaae0bbb6bf6c3b2afb380d2
parent 9b9ea31941b46afa492c0bc14182f64ad7056a15
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Sat, 3 Dec 2022 20:34:26 -0500
cleanup routes
Diffstat:
1 file changed, 24 insertions(+), 23 deletions(-)
diff --git a/pkg/web/web.go b/pkg/web/web.go
@@ -67,29 +67,6 @@ func getMainServer() echo.HandlerFunc {
e.Use(middlewares.AprilFoolMiddleware())
e.GET("/", handlers.HomeHandler, middlewares.CircuitRateLimitMiddleware(15*time.Second, 4, true))
e.POST("/", handlers.HomeHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
- e.GET("/login", handlers.LoginHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/login", handlers.LoginHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.GET("/login/:loginToken", handlers.LoginAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/login/:loginToken", handlers.LoginAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
- e.GET("/sessions/gpg-two-factor", handlers.SessionsGpgTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/sessions/gpg-two-factor", handlers.SessionsGpgTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
- e.GET("/sessions/gpg-sign-two-factor", handlers.SessionsGpgSignTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/sessions/gpg-sign-two-factor", handlers.SessionsGpgSignTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
- e.GET("/sessions/two-factor", handlers.SessionsTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/sessions/two-factor", handlers.SessionsTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
- e.GET("/sessions/two-factor/recovery", handlers.SessionsTwoFactorRecoveryHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/sessions/two-factor/recovery", handlers.SessionsTwoFactorRecoveryHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
- e.GET("/signup", handlers.SignupHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false), middlewares.NoAuthMiddleware)
- e.POST("/signup", handlers.SignupHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.GET("/public/css/:signupToken/signup.css", handlers.SignupCss, middlewares.CircuitRateLimitMiddleware(15*time.Second, 4, false))
- e.GET("/public/img/:signupToken/:signal/:data", handlers.SignalCss, middlewares.CircuitRateLimitMiddleware(15*time.Second, 4, false))
- e.GET("/signup/invitation", handlers.SignupInvitationHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false), middlewares.NoAuthMiddleware)
- e.GET("/signup/invitation/:invitationToken", handlers.SignupInvitationHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false), middlewares.NoAuthMiddleware)
- e.POST("/signup/invitation/:invitationToken", handlers.SignupInvitationHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false), middlewares.NoAuthMiddleware)
- e.GET("/signup/:signupToken", handlers.SignupAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false), middlewares.NoAuthMiddleware)
- e.POST("/signup/:signupToken", handlers.SignupAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
- e.GET("/forgot-password", handlers.ForgotPasswordHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false), middlewares.NoAuthMiddleware)
- e.POST("/forgot-password", handlers.ForgotPasswordHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false), middlewares.NoAuthMiddleware)
e.GET("/bhcli", handlers.BhcliHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
e.GET("/torchess", handlers.TorchessHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
e.GET("/captcha-help", handlers.CaptchaHelpHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
@@ -100,6 +77,30 @@ func getMainServer() echo.HandlerFunc {
e.POST("/chat/:roomName", handlers.ChatHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
e.GET("/bhc", handlers.BHCHandler, middlewares.CircuitRateLimitMiddleware(5*time.Second, 4, true))
e.POST("/bhc", handlers.BHCHandler, middlewares.CircuitRateLimitMiddleware(5*time.Second, 4, true))
+ e.GET("/public/css/:signupToken/signup.css", handlers.SignupCss, middlewares.CircuitRateLimitMiddleware(15*time.Second, 4, false))
+ e.GET("/public/img/:signupToken/:signal/:data", handlers.SignalCss, middlewares.CircuitRateLimitMiddleware(15*time.Second, 4, false))
+ noAuthGroup := e.Group("", middlewares.NoAuthMiddleware)
+ noAuthGroup.GET("/login", handlers.LoginHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/login", handlers.LoginHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.GET("/login/:loginToken", handlers.LoginAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/login/:loginToken", handlers.LoginAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
+ noAuthGroup.GET("/sessions/gpg-two-factor", handlers.SessionsGpgTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/sessions/gpg-two-factor", handlers.SessionsGpgTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
+ noAuthGroup.GET("/sessions/gpg-sign-two-factor", handlers.SessionsGpgSignTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/sessions/gpg-sign-two-factor", handlers.SessionsGpgSignTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
+ noAuthGroup.GET("/sessions/two-factor", handlers.SessionsTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/sessions/two-factor", handlers.SessionsTwoFactorHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
+ noAuthGroup.GET("/sessions/two-factor/recovery", handlers.SessionsTwoFactorRecoveryHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/sessions/two-factor/recovery", handlers.SessionsTwoFactorRecoveryHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
+ noAuthGroup.GET("/signup", handlers.SignupHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
+ noAuthGroup.POST("/signup", handlers.SignupHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.GET("/signup/invitation", handlers.SignupInvitationHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
+ noAuthGroup.GET("/signup/invitation/:invitationToken", handlers.SignupInvitationHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
+ noAuthGroup.POST("/signup/invitation/:invitationToken", handlers.SignupInvitationHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
+ noAuthGroup.GET("/signup/:signupToken", handlers.SignupAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 5, false))
+ noAuthGroup.POST("/signup/:signupToken", handlers.SignupAttackHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
+ noAuthGroup.GET("/forgot-password", handlers.ForgotPasswordHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 4, false))
+ noAuthGroup.POST("/forgot-password", handlers.ForgotPasswordHandler, middlewares.CircuitRateLimitMiddleware(1*time.Second, 2, false))
maybeAuthGroup := e.Group("", middlewares.MaybeAuthMiddleware)
maybeAuthGroup.GET("/u/:username", handlers.PublicUserProfileHandler, middlewares.GenericRateLimitMiddleware(time.Second, 2))
maybeAuthGroup.GET("/u/:username/pgp", handlers.PublicUserProfilePGPHandler, middlewares.GenericRateLimitMiddleware(time.Second, 2))
