ntfy/server/server_middleware.go

package server

import (
	"net/http"

	"heckel.io/ntfy/util"
)

type contextKey int

const (
	contextRateVisitor contextKey = iota + 2586
	contextTopic
	contextMatrixPushKey
)

func (s *Server) limitRequests(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if util.ContainsIP(s.config.VisitorRequestExemptIPAddrs, v.ip) {
			return next(w, r, v)
		} else if !v.RequestAllowed() {
			return errHTTPTooManyRequestsLimitRequests
		}
		return next(w, r, v)
	}
}

// limitRequestsWithTopic limits requests with a topic and stores the rate-limiting-subscriber and topic into request.Context
func (s *Server) limitRequestsWithTopic(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		t, err := s.topicFromPath(r.URL.Path)
		if err != nil {
			return err
		}
		vrate := v
		if rateVisitor := t.RateVisitor(); rateVisitor != nil {
			vrate = rateVisitor
		}
		r = withContext(r, map[contextKey]any{
			contextRateVisitor: vrate,
			contextTopic:       t,
		})
		if util.ContainsIP(s.config.VisitorRequestExemptIPAddrs, v.ip) {
			return next(w, r, v)
		} else if !vrate.RequestAllowed() {
			return errHTTPTooManyRequestsLimitRequests
		}
		return next(w, r, v)
	}
}

func (s *Server) ensureWebEnabled(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if s.config.WebRoot == "" {
			return errHTTPNotFound
		}
		return next(w, r, v)
	}
}

func (s *Server) ensureWebPushEnabled(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if s.config.WebRoot == "" || s.config.WebPushPublicKey == "" {
			return errHTTPNotFound
		}
		return next(w, r, v)
	}
}

func (s *Server) ensureUserManager(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if s.userManager == nil {
			return errHTTPNotFound
		}
		return next(w, r, v)
	}
}

func (s *Server) ensureUser(next handleFunc) handleFunc {
	return s.ensureUserManager(func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if v.User() == nil {
			return errHTTPUnauthorized
		}
		return next(w, r, v)
	})
}

func (s *Server) ensureAdmin(next handleFunc) handleFunc {
	return s.ensureUserManager(func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if !v.User().IsAdmin() {
			return errHTTPUnauthorized
		}
		return next(w, r, v)
	})
}

func (s *Server) ensureCallsEnabled(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if s.config.TwilioAccount == "" || s.userManager == nil {
			return errHTTPNotFound
		}
		return next(w, r, v)
	}
}

func (s *Server) ensurePaymentsEnabled(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if s.config.StripeSecretKey == "" || s.stripe == nil {
			return errHTTPNotFound
		}
		return next(w, r, v)
	}
}

func (s *Server) ensureStripeCustomer(next handleFunc) handleFunc {
	return s.ensureUser(func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		if v.User().Billing.StripeCustomerID == "" {
			return errHTTPBadRequestNotAPaidUser
		}
		return next(w, r, v)
	})
}

func (s *Server) withAccountSync(next handleFunc) handleFunc {
	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
		err := next(w, r, v)
		if err == nil {
			s.publishSyncEventAsync(v)
		}
		return err
	}
}
publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`package server`

			`import (`
			`"net/http"`
limitRequestsWithTopic 2023-02-22 05:40:15 +01:00
			`"heckel.io/ntfy/util"`
publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`)`

Polish a little 2023-02-23 04:26:43 +01:00			`type contextKey int`

			`const (`
			`contextRateVisitor contextKey = iota + 2586`
			`contextTopic`
Works 2023-03-04 04:22:07 +01:00			`contextMatrixPushKey`
Polish a little 2023-02-23 04:26:43 +01:00			`)`

Auth rate limiter 2023-02-08 21:20:44 +01:00			`func (s *Server) limitRequests(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
			`if util.ContainsIP(s.config.VisitorRequestExemptIPAddrs, v.ip) {`
			`return next(w, r, v)`
			`} else if !v.RequestAllowed() {`
			`return errHTTPTooManyRequestsLimitRequests`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

limitRequestsWithTopic 2023-02-22 05:40:15 +01:00			`// limitRequestsWithTopic limits requests with a topic and stores the rate-limiting-subscriber and topic into request.Context`
			`func (s *Server) limitRequestsWithTopic(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
			`t, err := s.topicFromPath(r.URL.Path)`
			`if err != nil {`
			`return err`
			`}`
Add test, fails 2023-02-23 03:00:56 +01:00			`vrate := v`
Working test 2023-02-23 03:33:18 +01:00			`if rateVisitor := t.RateVisitor(); rateVisitor != nil {`
			`vrate = rateVisitor`
limitRequestsWithTopic 2023-02-22 05:40:15 +01:00			`}`
Polish a little 2023-02-23 04:26:43 +01:00			`r = withContext(r, map[contextKey]any{`
			`contextRateVisitor: vrate,`
			`contextTopic: t,`
			`})`
limitRequestsWithTopic 2023-02-22 05:40:15 +01:00			`if util.ContainsIP(s.config.VisitorRequestExemptIPAddrs, v.ip) {`
			`return next(w, r, v)`
Add test, fails 2023-02-23 03:00:56 +01:00			`} else if !vrate.RequestAllowed() {`
limitRequestsWithTopic 2023-02-22 05:40:15 +01:00			`return errHTTPTooManyRequestsLimitRequests`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`func (s *Server) ensureWebEnabled(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
Remove old homepage 2023-05-01 17:58:49 +02:00			`if s.config.WebRoot == "" {`
publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`return errHTTPNotFound`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

Add PWA, service worker and Web Push - Use new notification request/opt-in flow for push - Implement unsubscribing - Implement muting - Implement emojis in title - Add iOS specific PWA warning - Don’t use websockets when web push is enabled - Fix duplicate notifications - Implement default web push setting - Implement changing subscription type - Implement web push subscription refresh - Implement web push notification click 2023-05-24 21:36:01 +02:00			`func (s *Server) ensureWebPushEnabled(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
Disable PWA (manifest) when web push is disabled 2023-06-24 20:11:10 +02:00			`if s.config.WebRoot == "" \|\| s.config.WebPushPublicKey == "" {`
Add PWA, service worker and Web Push - Use new notification request/opt-in flow for push - Implement unsubscribing - Implement muting - Implement emojis in title - Add iOS specific PWA warning - Don’t use websockets when web push is enabled - Fix duplicate notifications - Implement default web push setting - Implement changing subscription type - Implement web push subscription refresh - Implement web push notification click 2023-05-24 21:36:01 +02:00			`return errHTTPNotFound`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`func (s *Server) ensureUserManager(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
			`if s.userManager == nil {`
			`return errHTTPNotFound`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

			`func (s *Server) ensureUser(next handleFunc) handleFunc {`
			`return s.ensureUserManager(func(w http.ResponseWriter, r http.Request, v visitor) error {`
No more v.user races 2023-01-29 02:43:06 +01:00			`if v.User() == nil {`
publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`return errHTTPUnauthorized`
			`}`
			`return next(w, r, v)`
			`})`
			`}`

WIP: Access API 2023-05-13 20:39:31 +02:00			`func (s *Server) ensureAdmin(next handleFunc) handleFunc {`
			`return s.ensureUserManager(func(w http.ResponseWriter, r http.Request, v visitor) error {`
			`if !v.User().IsAdmin() {`
			`return errHTTPUnauthorized`
			`}`
			`return next(w, r, v)`
			`})`
			`}`

Cont'd Twilio stuff 2023-05-16 20:15:58 +02:00			`func (s *Server) ensureCallsEnabled(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
The last one 2023-05-17 17:19:48 +02:00			`if s.config.TwilioAccount == "" \|\| s.userManager == nil {`
Cont'd Twilio stuff 2023-05-16 20:15:58 +02:00			`return errHTTPNotFound`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`func (s *Server) ensurePaymentsEnabled(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
Allow mocking the Stripe API 2023-01-19 05:01:26 +01:00			`if s.config.StripeSecretKey == "" \|\| s.stripe == nil {`
publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`return errHTTPNotFound`
			`}`
			`return next(w, r, v)`
			`}`
			`}`

			`func (s *Server) ensureStripeCustomer(next handleFunc) handleFunc {`
			`return s.ensureUser(func(w http.ResponseWriter, r http.Request, v visitor) error {`
No more v.user races 2023-01-29 02:43:06 +01:00			`if v.User().Billing.StripeCustomerID == "" {`
publishSyncEvent, Stripe endpoint changes 2023-01-16 22:35:37 +01:00			`return errHTTPBadRequestNotAPaidUser`
			`}`
			`return next(w, r, v)`
			`})`
			`}`

			`func (s *Server) withAccountSync(next handleFunc) handleFunc {`
			`return func(w http.ResponseWriter, r http.Request, v visitor) error {`
			`err := next(w, r, v)`
			`if err == nil {`
			`s.publishSyncEventAsync(v)`
			`}`
			`return err`
			`}`
			`}`