commit dbb2e367b2b65a7d7f9e00f0b0fb81f6fd55d339
parent 78fd8018460a0a643a0975a61ebdda29904f6e16
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Sat, 28 Jan 2023 22:05:27 -0800
cleanup
Diffstat:
3 files changed, 23 insertions(+), 34 deletions(-)
diff --git a/pkg/web/handlers/api/v1/handlers.go b/pkg/web/handlers/api/v1/handlers.go
@@ -527,21 +527,14 @@ func ChessHandler(c echo.Context) error {
}
func WerewolfHandler(c echo.Context) error {
- authUser := c.Get("authUser").(*database.User)
roomName := "werewolf"
- message := c.Request().PostFormValue("message")
+ origMessage := c.Request().PostFormValue("message")
redirectURL := "/api/v1/chat/messages/" + roomName
- room, _, err := dutils.GetRoomAndKey(c, roomName)
+ room, roomKey, err := dutils.GetRoomAndKey(c, roomName)
if err != nil {
return c.Redirect(http.StatusFound, redirectURL+"?error="+err.Error()+"&errorTs="+utils.FormatInt64(time.Now().Unix()))
}
- cmd := &Command{
- room: room,
- message: message,
- authUser: authUser,
- fromUserID: authUser.ID,
- redirectQP: url.Values{},
- }
+ cmd := NewCommand(c, origMessage, room, roomKey)
WWInstance.InterceptMsg(cmd)
if cmd.err != nil {
return c.Redirect(http.StatusFound, redirectURL+"?error="+cmd.err.Error()+"&errorTs="+utils.FormatInt64(time.Now().Unix()))
diff --git a/pkg/web/handlers/api/v1/topBarHandler.go b/pkg/web/handlers/api/v1/topBarHandler.go
@@ -260,21 +260,10 @@ func ChatTopBarHandler(c echo.Context) error {
return c.Render(http.StatusOK, "chat-top-bar", data)
}
- data.Message = ""
origMessage := c.Request().PostFormValue("message")
- cmd := &Command{
- redirectQP: redirectQP,
- dataMessage: data.Message,
- origMessage: origMessage,
- message: origMessage,
- room: room,
- roomKey: roomKey,
- authUser: authUser,
- fromUserID: authUser.ID,
- hellbanMsg: authUser.IsHellbanned,
- c: c,
- }
+ cmd := NewCommand(c, origMessage, room, roomKey)
+ cmd.redirectQP = redirectQP
type Interceptor interface {
InterceptMsg(*Command)
@@ -405,6 +394,21 @@ type Command struct {
skipInboxes bool
}
+func NewCommand(c echo.Context, origMessage string, room database.ChatRoom, roomKey string) *Command {
+ authUser := c.Get("authUser").(*database.User)
+ return &Command{
+ c: c,
+ authUser: authUser,
+ fromUserID: authUser.ID,
+ hellbanMsg: authUser.IsHellbanned,
+ redirectQP: url.Values{},
+ origMessage: origMessage,
+ message: origMessage,
+ room: room,
+ roomKey: roomKey,
+ }
+}
+
func (c *Command) redirectURL() string {
return fmt.Sprintf("/api/v1/chat/top-bar/%s?%s", c.room.Name, c.redirectQP.Encode())
}
diff --git a/pkg/web/middlewares/middlewares.go b/pkg/web/middlewares/middlewares.go
@@ -173,19 +173,11 @@ func CSRFMiddleware() echo.MiddlewareFunc {
SameSite: http.SameSiteLaxMode,
Skipper: func(c echo.Context) bool {
apiKey := c.Request().Header.Get("DKF_API_KEY")
- if (apiKey != "" && strings.HasPrefix(c.Path(), "/api/v1/")) ||
+ return (apiKey != "" && strings.HasPrefix(c.Path(), "/api/v1/")) ||
c.Path() == "/api/v1/battleship" ||
c.Path() == "/api/v1/chess" ||
- c.Path() == "/api/v1/werewolf" {
- return true
- }
- if c.Path() == "/chess/:key" {
- return true
- }
- if strings.HasPrefix(c.Path(), "/api/v1/chat/top-bar/:roomName") && c.Param("roomName") == "werewolf" {
- return true
- }
- return false
+ c.Path() == "/api/v1/werewolf" ||
+ c.Path() == "/chess/:key"
},
}
return CSRFWithConfig(csrfConfig)
