Convert all but regex routes to endpoints (#59)
This commit is contained in:
@@ -45,7 +45,7 @@ let toAdminDashboard : HttpHandler = redirectToGet "admin/administration"
|
|||||||
module Cache =
|
module Cache =
|
||||||
|
|
||||||
// POST /admin/cache/web-log/{id}/refresh
|
// POST /admin/cache/web-log/{id}/refresh
|
||||||
let refreshWebLog webLogId : HttpHandler = requireAccess Administrator >=> fun next ctx -> task {
|
let refreshWebLog webLogId : HttpHandler = requireAccess Administrator >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
if webLogId = "all" then
|
if webLogId = "all" then
|
||||||
do! WebLogCache.fill data
|
do! WebLogCache.fill data
|
||||||
@@ -68,7 +68,7 @@ module Cache =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/cache/theme/{id}/refresh
|
// POST /admin/cache/theme/{id}/refresh
|
||||||
let refreshTheme themeId : HttpHandler = requireAccess Administrator >=> fun next ctx -> task {
|
let refreshTheme themeId : HttpHandler = requireAccess Administrator >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
if themeId = "all" then
|
if themeId = "all" then
|
||||||
Template.Cache.empty ()
|
Template.Cache.empty ()
|
||||||
@@ -120,7 +120,7 @@ module Category =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/category/save
|
// POST /admin/category/save
|
||||||
let save : HttpHandler = fun next ctx -> task {
|
let save : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let! model = ctx.BindFormAsync<EditCategoryModel>()
|
let! model = ctx.BindFormAsync<EditCategoryModel>()
|
||||||
let category =
|
let category =
|
||||||
@@ -193,7 +193,7 @@ module RedirectRules =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/settings/redirect-rules/[index]
|
// POST /admin/settings/redirect-rules/[index]
|
||||||
let save idx : HttpHandler = fun next ctx -> task {
|
let save idx : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<EditRedirectRuleModel>()
|
let! model = ctx.BindFormAsync<EditRedirectRuleModel>()
|
||||||
let rule = model.ToRule()
|
let rule = model.ToRule()
|
||||||
let rules =
|
let rules =
|
||||||
@@ -208,7 +208,7 @@ module RedirectRules =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/settings/redirect-rules/[index]/up
|
// POST /admin/settings/redirect-rules/[index]/up
|
||||||
let moveUp idx : HttpHandler = fun next ctx -> task {
|
let moveUp idx : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
if idx < 1 || idx >= ctx.WebLog.RedirectRules.Length then
|
if idx < 1 || idx >= ctx.WebLog.RedirectRules.Length then
|
||||||
return! Error.notFound next ctx
|
return! Error.notFound next ctx
|
||||||
else
|
else
|
||||||
@@ -219,7 +219,7 @@ module RedirectRules =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/settings/redirect-rules/[index]/down
|
// POST /admin/settings/redirect-rules/[index]/down
|
||||||
let moveDown idx : HttpHandler = fun next ctx -> task {
|
let moveDown idx : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
if idx < 0 || idx >= ctx.WebLog.RedirectRules.Length - 1 then
|
if idx < 0 || idx >= ctx.WebLog.RedirectRules.Length - 1 then
|
||||||
return! Error.notFound next ctx
|
return! Error.notFound next ctx
|
||||||
else
|
else
|
||||||
@@ -230,7 +230,7 @@ module RedirectRules =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// DELETE /admin/settings/redirect-rules/[index]
|
// DELETE /admin/settings/redirect-rules/[index]
|
||||||
let delete idx : HttpHandler = fun next ctx -> task {
|
let delete idx : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
||||||
if idx < 0 || idx >= ctx.WebLog.RedirectRules.Length then
|
if idx < 0 || idx >= ctx.WebLog.RedirectRules.Length then
|
||||||
return! Error.notFound next ctx
|
return! Error.notFound next ctx
|
||||||
else
|
else
|
||||||
@@ -265,7 +265,7 @@ module TagMapping =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/settings/tag-mapping/save
|
// POST /admin/settings/tag-mapping/save
|
||||||
let save : HttpHandler = fun next ctx -> task {
|
let save : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let! model = ctx.BindFormAsync<EditTagMapModel>()
|
let! model = ctx.BindFormAsync<EditTagMapModel>()
|
||||||
let tagMap =
|
let tagMap =
|
||||||
@@ -280,7 +280,7 @@ module TagMapping =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// DELETE /admin/settings/tag-mapping/{id}
|
// DELETE /admin/settings/tag-mapping/{id}
|
||||||
let delete tagMapId : HttpHandler = fun next ctx -> task {
|
let delete tagMapId : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
||||||
match! ctx.Data.TagMap.Delete (TagMapId tagMapId) ctx.WebLog.Id with
|
match! ctx.Data.TagMap.Delete (TagMapId tagMapId) ctx.WebLog.Id with
|
||||||
| true -> do! addMessage ctx { UserMessage.Success with Message = "Tag mapping deleted successfully" }
|
| true -> do! addMessage ctx { UserMessage.Success with Message = "Tag mapping deleted successfully" }
|
||||||
| false -> do! addMessage ctx { UserMessage.Error with Message = "Tag mapping not found; nothing deleted" }
|
| false -> do! addMessage ctx { UserMessage.Error with Message = "Tag mapping not found; nothing deleted" }
|
||||||
@@ -383,7 +383,7 @@ module Theme =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/theme/new
|
// POST /admin/theme/new
|
||||||
let save : HttpHandler = requireAccess Administrator >=> fun next ctx -> task {
|
let save : HttpHandler = requireAccess Administrator >=> validateCsrf >=> fun next ctx -> task {
|
||||||
if ctx.Request.HasFormContentType && ctx.Request.Form.Files.Count > 0 then
|
if ctx.Request.HasFormContentType && ctx.Request.Form.Files.Count > 0 then
|
||||||
let themeFile = Seq.head ctx.Request.Form.Files
|
let themeFile = Seq.head ctx.Request.Form.Files
|
||||||
match deriveIdFromFileName themeFile.FileName with
|
match deriveIdFromFileName themeFile.FileName with
|
||||||
@@ -424,7 +424,7 @@ module Theme =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/theme/{id}/delete
|
// POST /admin/theme/{id}/delete
|
||||||
let delete themeId : HttpHandler = requireAccess Administrator >=> fun next ctx -> task {
|
let delete themeId : HttpHandler = requireAccess Administrator >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
match themeId with
|
match themeId with
|
||||||
| "admin" | "default" ->
|
| "admin" | "default" ->
|
||||||
@@ -468,7 +468,7 @@ module WebLog =
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/settings
|
// POST /admin/settings
|
||||||
let saveSettings : HttpHandler = fun next ctx -> task {
|
let saveSettings : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let! model = ctx.BindFormAsync<SettingsModel>()
|
let! model = ctx.BindFormAsync<SettingsModel>()
|
||||||
match! data.WebLog.FindById ctx.WebLog.Id with
|
match! data.WebLog.FindById ctx.WebLog.Id with
|
||||||
|
|||||||
@@ -416,7 +416,7 @@ let generate (feedType: FeedType) postCount : HttpHandler = fun next ctx -> back
|
|||||||
// ~~ FEED ADMINISTRATION ~~
|
// ~~ FEED ADMINISTRATION ~~
|
||||||
|
|
||||||
// POST /admin/settings/rss
|
// POST /admin/settings/rss
|
||||||
let saveSettings : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
let saveSettings : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let! model = ctx.BindFormAsync<EditRssModel>()
|
let! model = ctx.BindFormAsync<EditRssModel>()
|
||||||
match! data.WebLog.FindById ctx.WebLog.Id with
|
match! data.WebLog.FindById ctx.WebLog.Id with
|
||||||
@@ -457,7 +457,7 @@ let editCustomFeed feedId : HttpHandler = requireAccess WebLogAdmin >=> fun next
|
|||||||
| None -> Error.notFound next ctx
|
| None -> Error.notFound next ctx
|
||||||
|
|
||||||
// POST /admin/settings/rss/save
|
// POST /admin/settings/rss/save
|
||||||
let saveCustomFeed : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
let saveCustomFeed : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
match! data.WebLog.FindById ctx.WebLog.Id with
|
match! data.WebLog.FindById ctx.WebLog.Id with
|
||||||
| Some webLog ->
|
| Some webLog ->
|
||||||
|
|||||||
@@ -62,7 +62,7 @@ let editPermalinks pgId : HttpHandler = requireAccess Author >=> fun next ctx ->
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/page/permalinks
|
// POST /admin/page/permalinks
|
||||||
let savePermalinks : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let savePermalinks : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<ManagePermalinksModel>()
|
let! model = ctx.BindFormAsync<ManagePermalinksModel>()
|
||||||
let pageId = PageId model.Id
|
let pageId = PageId model.Id
|
||||||
match! ctx.Data.Page.FindById pageId ctx.WebLog.Id with
|
match! ctx.Data.Page.FindById pageId ctx.WebLog.Id with
|
||||||
@@ -121,7 +121,7 @@ let previewRevision (pgId, revDate) : HttpHandler = requireAccess Author >=> fun
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/page/{id}/revision/{revision-date}/restore
|
// POST /admin/page/{id}/revision/{revision-date}/restore
|
||||||
let restoreRevision (pgId, revDate) : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let restoreRevision (pgId, revDate) : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
match! findPageRevision pgId revDate ctx with
|
match! findPageRevision pgId revDate ctx with
|
||||||
| Some pg, Some rev when canEdit pg.AuthorId ctx ->
|
| Some pg, Some rev when canEdit pg.AuthorId ctx ->
|
||||||
do! ctx.Data.Page.Update
|
do! ctx.Data.Page.Update
|
||||||
@@ -148,7 +148,7 @@ let deleteRevision (pgId, revDate) : HttpHandler = requireAccess Author >=> fun
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/page/save
|
// POST /admin/page/save
|
||||||
let save : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let save : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<EditPageModel>()
|
let! model = ctx.BindFormAsync<EditPageModel>()
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let now = Noda.now ()
|
let now = Noda.now ()
|
||||||
|
|||||||
@@ -98,7 +98,7 @@ open Giraffe
|
|||||||
|
|
||||||
// GET /page/{pageNbr}[/]
|
// GET /page/{pageNbr}[/]
|
||||||
let pageOfPosts pageNbr : HttpHandler = fun next ctx -> task {
|
let pageOfPosts pageNbr : HttpHandler = fun next ctx -> task {
|
||||||
if ctx.Request.Path.Value.EndsWith "/" then
|
if pageNbr <> 1 && ctx.Request.Path.Value.EndsWith "/" then
|
||||||
return! redirectTo true (ctx.WebLog.RelativeUrl(Permalink $"page/{pageNbr}")) next ctx
|
return! redirectTo true (ctx.WebLog.RelativeUrl(Permalink $"page/{pageNbr}")) next ctx
|
||||||
else
|
else
|
||||||
let count = ctx.WebLog.PostsPerPage
|
let count = ctx.WebLog.PostsPerPage
|
||||||
@@ -310,7 +310,7 @@ let editPermalinks postId : HttpHandler = requireAccess Author >=> fun next ctx
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/post/permalinks
|
// POST /admin/post/permalinks
|
||||||
let savePermalinks : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let savePermalinks : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<ManagePermalinksModel>()
|
let! model = ctx.BindFormAsync<ManagePermalinksModel>()
|
||||||
let postId = PostId model.Id
|
let postId = PostId model.Id
|
||||||
match! ctx.Data.Post.FindById postId ctx.WebLog.Id with
|
match! ctx.Data.Post.FindById postId ctx.WebLog.Id with
|
||||||
@@ -370,7 +370,7 @@ let previewRevision (postId, revDate) : HttpHandler = requireAccess Author >=> f
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/post/{id}/revision/{revision-date}/restore
|
// POST /admin/post/{id}/revision/{revision-date}/restore
|
||||||
let restoreRevision (postId, revDate) : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let restoreRevision (postId, revDate) : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
match! findPostRevision postId revDate ctx with
|
match! findPostRevision postId revDate ctx with
|
||||||
| Some post, Some rev when canEdit post.AuthorId ctx ->
|
| Some post, Some rev when canEdit post.AuthorId ctx ->
|
||||||
do! ctx.Data.Post.Update
|
do! ctx.Data.Post.Update
|
||||||
@@ -431,7 +431,7 @@ let editChapter (postId, index) : HttpHandler = requireAccess Author >=> fun nex
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/post/{id}/chapter/{idx}
|
// POST /admin/post/{id}/chapter/{idx}
|
||||||
let saveChapter (postId, index) : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let saveChapter (postId, index) : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
match! data.Post.FindFullById (PostId postId) ctx.WebLog.Id with
|
match! data.Post.FindFullById (PostId postId) ctx.WebLog.Id with
|
||||||
| Some post
|
| Some post
|
||||||
@@ -483,7 +483,7 @@ let deleteChapter (postId, index) : HttpHandler = requireAccess Author >=> fun n
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/post/save
|
// POST /admin/post/save
|
||||||
let save : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let save : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<EditPostModel>()
|
let! model = ctx.BindFormAsync<EditPostModel>()
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let tryPost =
|
let tryPost =
|
||||||
|
|||||||
@@ -20,6 +20,7 @@ module CatchAll =
|
|||||||
let await it = (Async.AwaitTask >> Async.RunSynchronously) it
|
let await it = (Async.AwaitTask >> Async.RunSynchronously) it
|
||||||
seq {
|
seq {
|
||||||
// Static file
|
// Static file
|
||||||
|
// TODO: static file middleware may take care of this now that we're setting the path base
|
||||||
debug (fun () -> $"Considering URL {textLink}")
|
debug (fun () -> $"Considering URL {textLink}")
|
||||||
let staticFileName =
|
let staticFileName =
|
||||||
[ ctx.GetWebHostEnvironment().ContentRootPath
|
[ ctx.GetWebHostEnvironment().ContentRootPath
|
||||||
@@ -113,91 +114,21 @@ module Asset =
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/// The primary myWebLog router
|
/// Router to deal with regex routes and routes served by pages, posts, and feeds
|
||||||
let router : HttpHandler = choose [
|
let regexRouter: HttpHandler = choose [
|
||||||
subRoute "/admin" (requireUser >=> choose [
|
DELETE >=> routexp "/admin/upload/disk/(.*)" Upload.deleteFromDisk
|
||||||
POST >=> validateCsrf >=> choose [
|
GET_HEAD >=> choose [
|
||||||
subRoute "/cache" (choose [
|
routexp "/category/(.*)" Post.pageOfCategorizedPosts
|
||||||
routef "/theme/%s/refresh" Admin.Cache.refreshTheme
|
routexp "/tag/(.*)" Post.pageOfTaggedPosts
|
||||||
routef "/web-log/%s/refresh" Admin.Cache.refreshWebLog
|
routexp "/themes/(.*)" Asset.serve
|
||||||
])
|
routexp "/upload/(.*)" Upload.serve
|
||||||
subRoute "/category" (requireAccess WebLogAdmin >=> choose [
|
CatchAll.route
|
||||||
route "/save" >=> Admin.Category.save
|
|
||||||
routef "/%s/delete" Admin.Category.delete
|
|
||||||
])
|
|
||||||
route "/my-info" >=> User.saveMyInfo
|
|
||||||
subRoute "/page" (choose [
|
|
||||||
route "/save" >=> Page.save
|
|
||||||
route "/permalinks" >=> Page.savePermalinks
|
|
||||||
routef "/%s/revision/%s/restore" Page.restoreRevision
|
|
||||||
])
|
|
||||||
subRoute "/post" (choose [
|
|
||||||
route "/save" >=> Post.save
|
|
||||||
route "/permalinks" >=> Post.savePermalinks
|
|
||||||
routef "/%s/chapter/%i" Post.saveChapter
|
|
||||||
routef "/%s/revision/%s/restore" Post.restoreRevision
|
|
||||||
])
|
|
||||||
subRoute "/settings" (requireAccess WebLogAdmin >=> choose [
|
|
||||||
route "" >=> Admin.WebLog.saveSettings
|
|
||||||
subRoute "/rss" (choose [
|
|
||||||
route "" >=> Feed.saveSettings
|
|
||||||
route "/save" >=> Feed.saveCustomFeed
|
|
||||||
])
|
|
||||||
subRoute "/redirect-rules" (choose [
|
|
||||||
routef "/%i" Admin.RedirectRules.save
|
|
||||||
routef "/%i/up" Admin.RedirectRules.moveUp
|
|
||||||
routef "/%i/down" Admin.RedirectRules.moveDown
|
|
||||||
])
|
|
||||||
route "/tag-mapping/save" >=> Admin.TagMapping.save
|
|
||||||
route "/user/save" >=> User.save
|
|
||||||
])
|
|
||||||
subRoute "/theme" (choose [
|
|
||||||
route "/new" >=> Admin.Theme.save
|
|
||||||
routef "/%s/delete" Admin.Theme.delete
|
|
||||||
])
|
|
||||||
route "/upload/save" >=> Upload.save
|
|
||||||
]
|
]
|
||||||
DELETE >=> choose [
|
|
||||||
routef "/category/%s" Admin.Category.delete
|
|
||||||
subRoute "/page" (choose [
|
|
||||||
routef "/%s" Page.delete
|
|
||||||
routef "/%s/revision/%s" Page.deleteRevision
|
|
||||||
routef "/%s/revisions" Page.purgeRevisions
|
|
||||||
])
|
|
||||||
subRoute "/post" (choose [
|
|
||||||
routef "/%s" Post.delete
|
|
||||||
routef "/%s/chapter/%i" Post.deleteChapter
|
|
||||||
routef "/%s/revision/%s" Post.deleteRevision
|
|
||||||
routef "/%s/revisions" Post.purgeRevisions
|
|
||||||
])
|
|
||||||
subRoute "/settings" (requireAccess WebLogAdmin >=> choose [
|
|
||||||
routef "/redirect-rules/%i" Admin.RedirectRules.delete
|
|
||||||
routef "/rss/%s" Feed.deleteCustomFeed
|
|
||||||
routef "/tag-mapping/%s" Admin.TagMapping.delete
|
|
||||||
routef "/user/%s" User.delete
|
|
||||||
])
|
|
||||||
subRoute "/upload" (requireAccess WebLogAdmin >=> choose [
|
|
||||||
routexp "/disk/(.*)" Upload.deleteFromDisk
|
|
||||||
routef "/%s" Upload.deleteFromDb
|
|
||||||
])
|
|
||||||
]
|
|
||||||
])
|
|
||||||
GET_HEAD >=> routexp "/category/(.*)" Post.pageOfCategorizedPosts
|
|
||||||
GET_HEAD >=> routexp "/tag/(.*)" Post.pageOfTaggedPosts
|
|
||||||
GET_HEAD >=> routexp "/themes/(.*)" Asset.serve
|
|
||||||
GET_HEAD >=> routexp "/upload/(.*)" Upload.serve
|
|
||||||
subRoute "/user" (choose [
|
|
||||||
POST >=> validateCsrf >=> choose [
|
|
||||||
route "/log-on" >=> User.doLogOn
|
|
||||||
]
|
|
||||||
])
|
|
||||||
GET_HEAD >=> CatchAll.route
|
|
||||||
//Error.notFound
|
|
||||||
]
|
]
|
||||||
|
|
||||||
open Giraffe.EndpointRouting
|
open Giraffe.EndpointRouting
|
||||||
|
|
||||||
/// Endpoint-routed handler to deal with sub-routes
|
/// The primary myWebLog routes / endpoints
|
||||||
let endpoints = [
|
let endpoints = [
|
||||||
GET_HEAD [ route "/" Post.home ]
|
GET_HEAD [ route "/" Post.home ]
|
||||||
subRoute "/admin" [
|
subRoute "/admin" [
|
||||||
@@ -252,13 +183,73 @@ let endpoints = [
|
|||||||
route "/new" Upload.showNew
|
route "/new" Upload.showNew
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
|
POST [
|
||||||
|
subRoute "/cache" [
|
||||||
|
routef "/theme/%s/refresh" Admin.Cache.refreshTheme
|
||||||
|
routef "/web-log/%s/refresh" Admin.Cache.refreshWebLog
|
||||||
|
]
|
||||||
|
route "/category/save" Admin.Category.save
|
||||||
|
route "/my-info" User.saveMyInfo
|
||||||
|
subRoute "/page" [
|
||||||
|
route "/save" Page.save
|
||||||
|
route "/permalinks" Page.savePermalinks
|
||||||
|
routef "/%s/revision/%s/restore" Page.restoreRevision
|
||||||
|
]
|
||||||
|
subRoute "/post" [
|
||||||
|
route "/save" Post.save
|
||||||
|
route "/permalinks" Post.savePermalinks
|
||||||
|
routef "/%s/chapter/%i" Post.saveChapter
|
||||||
|
routef "/%s/revision/%s/restore" Post.restoreRevision
|
||||||
|
]
|
||||||
|
subRoute "/settings" [
|
||||||
|
route "" Admin.WebLog.saveSettings
|
||||||
|
subRoute "/rss" [
|
||||||
|
route "" Feed.saveSettings
|
||||||
|
route "/save" Feed.saveCustomFeed
|
||||||
|
]
|
||||||
|
subRoute "/redirect-rules" [
|
||||||
|
routef "/%i" Admin.RedirectRules.save
|
||||||
|
routef "/%i/up" Admin.RedirectRules.moveUp
|
||||||
|
routef "/%i/down" Admin.RedirectRules.moveDown
|
||||||
|
]
|
||||||
|
route "/tag-mapping/save" Admin.TagMapping.save
|
||||||
|
route "/user/save" User.save
|
||||||
|
]
|
||||||
|
subRoute "/theme" [
|
||||||
|
route "/new" Admin.Theme.save
|
||||||
|
routef "/%s/delete" Admin.Theme.delete
|
||||||
|
]
|
||||||
|
route "/upload/save" Upload.save
|
||||||
|
]
|
||||||
|
DELETE [
|
||||||
|
routef "/category/%s" Admin.Category.delete
|
||||||
|
subRoute "/page" [
|
||||||
|
routef "/%s" Page.delete
|
||||||
|
routef "/%s/revision/%s" Page.deleteRevision
|
||||||
|
routef "/%s/revisions" Page.purgeRevisions
|
||||||
|
]
|
||||||
|
subRoute "/post" [
|
||||||
|
routef "/%s" Post.delete
|
||||||
|
routef "/%s/chapter/%i" Post.deleteChapter
|
||||||
|
routef "/%s/revision/%s" Post.deleteRevision
|
||||||
|
routef "/%s/revisions" Post.purgeRevisions
|
||||||
|
]
|
||||||
|
subRoute "/settings" [
|
||||||
|
routef "/redirect-rules/%i" Admin.RedirectRules.delete
|
||||||
|
routef "/rss/%s" Feed.deleteCustomFeed
|
||||||
|
routef "/tag-mapping/%s" Admin.TagMapping.delete
|
||||||
|
routef "/user/%s" User.delete
|
||||||
|
]
|
||||||
|
routef "/upload/%s" Upload.deleteFromDb
|
||||||
|
]
|
||||||
]
|
]
|
||||||
subRoute "/user" [
|
subRoute "/user" [
|
||||||
GET_HEAD [ route "/log-on" (User.logOn None) ]
|
GET_HEAD [ route "/log-on" (User.logOn None) ]
|
||||||
POST [
|
POST [
|
||||||
route "/log-off" User.logOff
|
route "/log-off" User.logOff
|
||||||
|
route "/log-on" User.doLogOn
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
GET_HEAD [ routef "/page/%i" Post.pageOfPosts ]
|
GET_HEAD [ routef "/page/%i" Post.pageOfPosts ]
|
||||||
route "{**url}" router
|
route "{**url}" regexRouter
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -128,7 +128,7 @@ let showNew : HttpHandler = requireAccess Author >=> fun next ctx ->
|
|||||||
adminPage "Upload a File" next ctx Views.WebLog.uploadNew
|
adminPage "Upload a File" next ctx Views.WebLog.uploadNew
|
||||||
|
|
||||||
// POST /admin/upload/save
|
// POST /admin/upload/save
|
||||||
let save : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let save : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
if ctx.Request.HasFormContentType && ctx.Request.Form.Files.Count > 0 then
|
if ctx.Request.HasFormContentType && ctx.Request.Form.Files.Count > 0 then
|
||||||
let upload = Seq.head ctx.Request.Form.Files
|
let upload = Seq.head ctx.Request.Form.Files
|
||||||
let fileName = String.Concat (makeSlug (Path.GetFileNameWithoutExtension upload.FileName),
|
let fileName = String.Concat (makeSlug (Path.GetFileNameWithoutExtension upload.FileName),
|
||||||
@@ -163,7 +163,7 @@ let save : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// DELETE /admin/upload/{id}
|
// DELETE /admin/upload/{id}
|
||||||
let deleteFromDb upId : HttpHandler = fun next ctx -> task {
|
let deleteFromDb upId : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
||||||
match! ctx.Data.Upload.Delete (UploadId upId) ctx.WebLog.Id with
|
match! ctx.Data.Upload.Delete (UploadId upId) ctx.WebLog.Id with
|
||||||
| Ok fileName ->
|
| Ok fileName ->
|
||||||
do! addMessage ctx { UserMessage.Success with Message = $"{fileName} deleted successfully" }
|
do! addMessage ctx { UserMessage.Success with Message = $"{fileName} deleted successfully" }
|
||||||
@@ -183,7 +183,7 @@ let removeEmptyDirectories (webLog: WebLog) (filePath: string) =
|
|||||||
else finished <- true
|
else finished <- true
|
||||||
|
|
||||||
// DELETE /admin/upload/disk/{**path}
|
// DELETE /admin/upload/disk/{**path}
|
||||||
let deleteFromDisk urlParts : HttpHandler = fun next ctx -> task {
|
let deleteFromDisk urlParts : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
||||||
let filePath = urlParts |> Seq.skip 1 |> Seq.head
|
let filePath = urlParts |> Seq.skip 1 |> Seq.head
|
||||||
let path = Path.Combine(uploadDir, ctx.WebLog.Slug, filePath)
|
let path = Path.Combine(uploadDir, ctx.WebLog.Slug, filePath)
|
||||||
if File.Exists path then
|
if File.Exists path then
|
||||||
|
|||||||
@@ -43,7 +43,7 @@ open Microsoft.AspNetCore.Authentication
|
|||||||
open Microsoft.AspNetCore.Authentication.Cookies
|
open Microsoft.AspNetCore.Authentication.Cookies
|
||||||
|
|
||||||
// POST /user/log-on
|
// POST /user/log-on
|
||||||
let doLogOn : HttpHandler = fun next ctx -> task {
|
let doLogOn : HttpHandler = validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<LogOnModel>()
|
let! model = ctx.BindFormAsync<LogOnModel>()
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let! tryUser = data.WebLogUser.FindByEmail (model.EmailAddress.ToLowerInvariant()) ctx.WebLog.Id
|
let! tryUser = data.WebLogUser.FindByEmail (model.EmailAddress.ToLowerInvariant()) ctx.WebLog.Id
|
||||||
@@ -111,7 +111,7 @@ let edit usrId : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> tas
|
|||||||
}
|
}
|
||||||
|
|
||||||
// DELETE /admin/settings/user/{id}
|
// DELETE /admin/settings/user/{id}
|
||||||
let delete userId : HttpHandler = fun next ctx -> task {
|
let delete userId : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
match! data.WebLogUser.FindById (WebLogUserId userId) ctx.WebLog.Id with
|
match! data.WebLogUser.FindById (WebLogUserId userId) ctx.WebLog.Id with
|
||||||
| Some user ->
|
| Some user ->
|
||||||
@@ -144,7 +144,7 @@ let myInfo : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/my-info
|
// POST /admin/my-info
|
||||||
let saveMyInfo : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
let saveMyInfo : HttpHandler = requireAccess Author >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<EditMyInfoModel>()
|
let! model = ctx.BindFormAsync<EditMyInfoModel>()
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
match! data.WebLogUser.FindById ctx.UserId ctx.WebLog.Id with
|
match! data.WebLogUser.FindById ctx.UserId ctx.WebLog.Id with
|
||||||
@@ -172,7 +172,7 @@ let saveMyInfo : HttpHandler = requireAccess Author >=> fun next ctx -> task {
|
|||||||
#nowarn "3511"
|
#nowarn "3511"
|
||||||
|
|
||||||
// POST /admin/settings/user/save
|
// POST /admin/settings/user/save
|
||||||
let save : HttpHandler = requireAccess WebLogAdmin >=> fun next ctx -> task {
|
let save : HttpHandler = requireAccess WebLogAdmin >=> validateCsrf >=> fun next ctx -> task {
|
||||||
let! model = ctx.BindFormAsync<EditUserModel>()
|
let! model = ctx.BindFormAsync<EditUserModel>()
|
||||||
let data = ctx.Data
|
let data = ctx.Data
|
||||||
let tryUser =
|
let tryUser =
|
||||||
|
|||||||
@@ -235,15 +235,16 @@ let main args =
|
|||||||
let _ = app.UseForwardedHeaders()
|
let _ = app.UseForwardedHeaders()
|
||||||
|
|
||||||
(app.Services.GetRequiredService<IConfiguration>().GetSection "CanonicalDomains").Value
|
(app.Services.GetRequiredService<IConfiguration>().GetSection "CanonicalDomains").Value
|
||||||
|> (isNull >> not)
|
|> isNotNull
|
||||||
|> function true -> app.UseCanonicalDomains() |> ignore | false -> ()
|
|> function true -> app.UseCanonicalDomains() |> ignore | false -> ()
|
||||||
|
|
||||||
let _ = app.UseCookiePolicy(CookiePolicyOptions (MinimumSameSitePolicy = SameSiteMode.Strict))
|
let _ = app.UseCookiePolicy(CookiePolicyOptions (MinimumSameSitePolicy = SameSiteMode.Strict))
|
||||||
let _ = app.UseMiddleware<WebLogMiddleware>()
|
let _ = app.UseMiddleware<WebLogMiddleware>()
|
||||||
let _ = app.UseMiddleware<RedirectRuleMiddleware>()
|
let _ = app.UseMiddleware<RedirectRuleMiddleware>()
|
||||||
let _ = app.UseAuthentication()
|
let _ = app.UseAuthentication()
|
||||||
let _ = app.UseStaticFiles()
|
|
||||||
let _ = app.UseRouting()
|
let _ = app.UseRouting()
|
||||||
|
let _ = app.UseStaticFiles()
|
||||||
|
//let _ = app.MapStaticAssets()
|
||||||
let _ = app.UseSession()
|
let _ = app.UseSession()
|
||||||
let _ = app.UseGiraffe Handlers.Routes.endpoints
|
let _ = app.UseGiraffe Handlers.Routes.endpoints
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user