Skip to content

Commit

Permalink
Merge pull request #4 from writeas/patch-filter
Browse files Browse the repository at this point in the history
Prevent certain posts from being made public
  • Loading branch information
thebaer authored Mar 12, 2018
2 parents d924964 + 7893f07 commit ac6eff5
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 8 deletions.
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,9 @@ DB_USER=dbuser DB_PASSWORD=pass DB_DB=htmlhouse PRIVATE_KEY=keys/dev PUBLIC_KEY=
| `STATIC_DIR` | Relative dir where static files are stored | `static` |
| `AUTO_APPROVE` | Automatically approves public posts | false |
| `PREVIEWS_HOST` | Fully-qualified URL (without trailing slash) of screenshot server | None. |
| `ADMIN_PASS` | Password to perform admin functions via API | `uhoh` |
| `BROWSE_ITEMS` | Number of items to show on Browse page | 10 |
| `BLACKLIST_TERMS` | Comma-separated list of terms to prevent a post from being made public | None. |
| `TWITTER_KEY` | Twitter consumer key | `notreal` |
| `TWITTER_SECRET` | Twitter consumer secret | `notreal` |
| `TWITTER_TOKEN` | Twitter access token of the posting Twitter account | `notreal` |
Expand Down
11 changes: 11 additions & 0 deletions config.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ package htmlhouse

import (
"github.com/danryan/env"
"regexp"
"strings"
)

type config struct {
Expand All @@ -23,6 +25,9 @@ type config struct {
AdminPass string `env:"key=ADMIN_PASS default=uhoh"`
BrowseItems int `env:"key=BROWSE_ITEMS default=10"`

BlacklistTerms string `env:"key=BLACKLIST_TERMS"`
BlacklistReg *regexp.Regexp

// Twitter configuration
TwitterConsumerKey string `env:"key=TWITTER_KEY default=notreal"`
TwitterConsumerSecret string `env:"key=TWITTER_SECRET default=notreal"`
Expand All @@ -36,5 +41,11 @@ func newConfig() (*config, error) {
return cfg, err
}

// Process anything
termsReg := `(?i)\b` + cfg.BlacklistTerms + `\b`
termsReg = strings.Replace(termsReg, ",", `\b|\b`, -1)
cfg.BlacklistReg = regexp.MustCompile(termsReg)

// Return result
return cfg, nil
}
7 changes: 6 additions & 1 deletion construction.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"io/ioutil"
"net/http"
"net/url"
"os"
"regexp"
"strconv"
"strings"
Expand Down Expand Up @@ -38,7 +39,7 @@ func createHouse(app *app, w http.ResponseWriter, r *http.Request) error {

resUser := newSessionInfo(houseID)

if public {
if public && passesPublicFilter(app, html) {
go addPublicAccess(app, houseID, html)
}

Expand Down Expand Up @@ -90,6 +91,10 @@ func addPublicAccess(app *app, houseID, html string) error {
data.Set("url", fmt.Sprintf("%s/%s.html", app.cfg.HostName, houseID))

u, err := url.ParseRequestURI(app.cfg.PreviewsHost)
if err != nil {
fmt.Fprintf(os.Stderr, "Error parsing request URI: %v\n", err)
return err
}
u.Path = "/"
urlStr := fmt.Sprintf("%v", u)

Expand Down
10 changes: 10 additions & 0 deletions filter.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
package htmlhouse

func passesPublicFilter(app *app, html string) bool {
if app.cfg.BlacklistTerms == "" {
return true
}

spam := app.cfg.BlacklistReg.MatchString(html)
return !spam
}
21 changes: 16 additions & 5 deletions session.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package htmlhouse

import (
"crypto/rsa"
"fmt"
jwt "github.com/dgrijalva/jwt-go"
"github.com/juju/errgo"
Expand Down Expand Up @@ -30,22 +31,32 @@ func newSessionInfo(houseID string) *sessionInfo {
func newSessionManager(cfg *config) (sessionManager, error) {
mgr := &defaultSessionManager{}

var err error

mgr.signKey, err = ioutil.ReadFile(cfg.PrivateKey)
// Read and parse private key
signBytes, err := ioutil.ReadFile(cfg.PrivateKey)
if err != nil {
return mgr, errgo.Mask(err)
}
mgr.signKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)
if err != nil {
return mgr, errgo.Mask(err)
}

mgr.verifyKey, err = ioutil.ReadFile(cfg.PublicKey)
// Read and parse public key
verifyBytes, err := ioutil.ReadFile(cfg.PublicKey)
if err != nil {
return mgr, errgo.Mask(err)
}
mgr.verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
if err != nil {
return mgr, errgo.Mask(err)
}

return mgr, nil
}

type defaultSessionManager struct {
verifyKey, signKey []byte
verifyKey *rsa.PublicKey
signKey *rsa.PrivateKey
}

func (m *defaultSessionManager) readToken(r *http.Request) (string, error) {
Expand Down
4 changes: 2 additions & 2 deletions templates/editor.html
Original file line number Diff line number Diff line change
Expand Up @@ -125,15 +125,15 @@ <h1>HTMLhouse</h1>
data: {html: editor.getSession().getValue(), public: $publicCheck.checked ? "true" : ""},
success: function(data, status, xhr) {
publishing = false;
{{if .ID}}if (data.meta.code == 200) { {{else}}if (data.meta.code == 201) {
{{if .ID}}if (data.code == 200) { {{else}}if (data.code == 201) {
var houses = JSON.parse(H.get('neighborhood', '[]'));
houses.push({id: data.data.id, token: xhr.getResponseHeader('Authorization')});
H.set('neighborhood', JSON.stringify(houses));{{end}}
justPublished = true;
{{if .ID}}{{else}}H.remove('constructionSite');{{end}}
window.location = '/' + data.data.id + '.html';
} else {
alert(data.meta.error_msg);
alert(data.error_msg);
}
},
error: function(jqXHR, status, error) {
Expand Down

0 comments on commit ac6eff5

Please sign in to comment.