feat: use api with open_id instead of webhooks

2025-03-03 16:53:30 +08:00 · 2022-07-05 22:04:17 +08:00 · 2022-07-05 22:04:17 +08:00 · 592e037f21
commit 592e037f21
parent c6695121f0
2 changed files with 18 additions and 229 deletions
--- a/server/basic_auth.go
+++ b/server/basic_auth.go
@ -54,11 +54,28 @@ func removeUserSession(c echo.Context) error {
 // Use session to store user.id.
 func BasicAuthMiddleware(s *Server, next echo.HandlerFunc) echo.HandlerFunc {
 	return func(c echo.Context) error {
-		// Skips auth
+		// Skip auth for some paths.
 		if common.HasPrefixes(c.Path(), "/api/auth", "/api/ping", "/api/status") {
 			return next(c)
 		}

+		// If there is openId in query string and related user is found, then skip auth.
+		openID := c.QueryParam("openId")
+		if openID != "" {
+			userFind := &api.UserFind{
+				OpenID: &openID,
+			}
+			user, err := s.Store.FindUser(userFind)
+			if err != nil {
+				return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by open_id").SetInternal(err)
+			}
+			if user != nil {
+				// Stores userID into context.
+				c.Set(getUserIDContextKey(), user.ID)
+				return next(c)
+			}
+		}
+
 		sess, err := session.Get("session", c)
 		if err != nil {
 			return echo.NewHTTPError(http.StatusUnauthorized, "Missing session").SetInternal(err)
--- a/server/webhook.go
+++ b/server/webhook.go
@ -1,11 +1,8 @@
 package server

 import (
-	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"net/http"
-	"regexp"
 	"strconv"

 	"github.com/usememos/memos/api"
@ -18,231 +15,6 @@ func (s *Server) registerWebhookRoutes(g *echo.Group) {
 		return c.HTML(http.StatusOK, "<strong>Hello, World!</strong>")
 	})

-	g.POST("/:openId/memo", func(c echo.Context) error {
-		openID := c.Param("openId")
-		userFind := &api.UserFind{
-			OpenID: &openID,
-		}
-		user, err := s.Store.FindUser(userFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by open_id").SetInternal(err)
-		}
-		if user == nil {
-			return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("User openId not found: %s", openID))
-		}
-
-		memoCreate := &api.MemoCreate{
-			CreatorID: user.ID,
-		}
-		if err := json.NewDecoder(c.Request().Body).Decode(memoCreate); err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, "Malformatted post memo request by open api").SetInternal(err)
-		}
-
-		memo, err := s.Store.CreateMemo(memoCreate)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create memo").SetInternal(err)
-		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(memo)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode memo response").SetInternal(err)
-		}
-		return nil
-	})
-
-	g.PATCH("/:openId/memo/:memoId", func(c echo.Context) error {
-		openID := c.Param("openId")
-		userFind := &api.UserFind{
-			OpenID: &openID,
-		}
-		user, err := s.Store.FindUser(userFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by open_id").SetInternal(err)
-		}
-		if user == nil {
-			return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("User openId not found: %s", openID))
-		}
-
-		memoID, err := strconv.Atoi(c.Param("memoId"))
-		if err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("memoId is not a number: %s", c.Param("memoId"))).SetInternal(err)
-		}
-
-		memoPatch := &api.MemoPatch{
-			ID: memoID,
-		}
-		if err := json.NewDecoder(c.Request().Body).Decode(memoPatch); err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, "Malformatted patch memo request by open api").SetInternal(err)
-		}
-
-		memo, err := s.Store.PatchMemo(memoPatch)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to patch memo").SetInternal(err)
-		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(memo)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode memo response").SetInternal(err)
-		}
-		return nil
-	})
-
-	g.GET("/:openId/memo", func(c echo.Context) error {
-		openID := c.Param("openId")
-		userFind := &api.UserFind{
-			OpenID: &openID,
-		}
-		user, err := s.Store.FindUser(userFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by open_id").SetInternal(err)
-		}
-		if user == nil {
-			return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("Not found user with openid: %s", openID))
-		}
-
-		memoFind := &api.MemoFind{
-			CreatorID: &user.ID,
-		}
-		rowStatus := api.RowStatus(c.QueryParam("rowStatus"))
-		if rowStatus != "" {
-			memoFind.RowStatus = &rowStatus
-		}
-		pinnedStr := c.QueryParam("pinned")
-		if pinnedStr != "" {
-			pinned := pinnedStr == "true"
-			memoFind.Pinned = &pinned
-		}
-		tag := c.QueryParam("tag")
-		if tag != "" {
-			contentSearch := tag + " "
-			memoFind.ContentSearch = &contentSearch
-		}
-		if limit, err := strconv.Atoi(c.QueryParam("limit")); err == nil {
-			memoFind.Limit = limit
-		}
-		if offset, err := strconv.Atoi(c.QueryParam("offset")); err == nil {
-			memoFind.Offset = offset
-		}
-
-		list, err := s.Store.FindMemoList(memoFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch memo list").SetInternal(err)
-		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(list)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode memo list response").SetInternal(err)
-		}
-		return nil
-	})
-
-	g.POST("/:openId/resource", func(c echo.Context) error {
-		openID := c.Param("openId")
-		userFind := &api.UserFind{
-			OpenID: &openID,
-		}
-		user, err := s.Store.FindUser(userFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by open_id").SetInternal(err)
-		}
-		if user == nil {
-			return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("User openId not found: %s", openID))
-		}
-
-		if err := c.Request().ParseMultipartForm(64 << 20); err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, "Upload file overload max size").SetInternal(err)
-		}
-
-		file, err := c.FormFile("file")
-		if err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, "Upload file not found").SetInternal(err)
-		}
-
-		filename := file.Filename
-		filetype := file.Header.Get("Content-Type")
-		size := file.Size
-		src, err := file.Open()
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to open file").SetInternal(err)
-		}
-		defer src.Close()
-
-		fileBytes, err := ioutil.ReadAll(src)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to read file").SetInternal(err)
-		}
-
-		resourceCreate := &api.ResourceCreate{
-			Filename:  filename,
-			Type:      filetype,
-			Size:      size,
-			Blob:      fileBytes,
-			CreatorID: user.ID,
-		}
-
-		resource, err := s.Store.CreateResource(resourceCreate)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create resource").SetInternal(err)
-		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(resource)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode resource response").SetInternal(err)
-		}
-		return nil
-	})
-
-	g.GET("/:openId/tag", func(c echo.Context) error {
-		openID := c.Param("openId")
-		userFind := &api.UserFind{
-			OpenID: &openID,
-		}
-		user, err := s.Store.FindUser(userFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by open_id").SetInternal(err)
-		}
-		if user == nil {
-			return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("User openId not found: %s", openID))
-		}
-
-		contentSearch := "#"
-		normalRowStatus := api.Normal
-		memoFind := api.MemoFind{
-			CreatorID:     &user.ID,
-			ContentSearch: &contentSearch,
-			RowStatus:     &normalRowStatus,
-		}
-
-		memoList, err := s.Store.FindMemoList(&memoFind)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find memo list").SetInternal(err)
-		}
-
-		tagMapSet := make(map[string]bool)
-
-		r, err := regexp.Compile("#(.+?) ")
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to compile regexp").SetInternal(err)
-		}
-		for _, memo := range memoList {
-			for _, rawTag := range r.FindAllString(memo.Content, -1) {
-				tag := r.ReplaceAllString(rawTag, "$1")
-				tagMapSet[tag] = true
-			}
-		}
-
-		tagList := []string{}
-		for tag := range tagMapSet {
-			tagList = append(tagList, tag)
-		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(tagList)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode tags response").SetInternal(err)
-		}
-		return nil
-	})
-
 	g.GET("/r/:resourceId/:filename", func(c echo.Context) error {
 		resourceID, err := strconv.Atoi(c.Param("resourceId"))
 		if err != nil {