lets-go:6.2 middleware

This commit is contained in:
tamsin johnson 2024-01-25 15:43:07 -08:00
parent 3deb2022b8
commit 8678a04350
8 changed files with 51 additions and 13 deletions

View File

@ -22,9 +22,8 @@ func (app *application) home(w http.ResponseWriter, r *http.Request) {
return
}
data := templateData{
Snippets: snippets,
}
data := app.newTemplateData(r)
data.Snippets = snippets
app.render(w, r, http.StatusOK, "home.tmpl", data)
}
@ -47,9 +46,8 @@ func (app *application) snippetView(w http.ResponseWriter, r *http.Request) {
return
}
data := templateData{
Snippet: snippet,
}
data := app.newTemplateData(r)
data.Snippet = snippet
app.render(w, r, http.StatusOK, "view.tmpl", data)
}

View File

@ -6,8 +6,17 @@ import (
"log/slog"
"net/http"
"runtime/debug"
"time"
)
// newTemplateData ...
func (app *application )newTemplateData(r *http.Request) templateData {
return templateData{
CurrentYear: time.Now().Year(),
}
}
// render ...
func (app *application) render(w http.ResponseWriter, r *http.Request, status int, page string, data templateData) {
ts, ok := app.templateCache[page]

View File

@ -0,0 +1,18 @@
package main
import (
"net/http"
)
func secureHeaders(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Security-Policy",
"default-src 'self'; style-src 'self' fonts.googleapis.com; font-src fonts.gstatic.com")
w.Header().Set("Referrer-Policy", "origin-when-cross-origin")
w.Header().Set("X-Content-Type-Options", "nosniff")
w.Header().Set("X-Frame-Options", "deny")
w.Header().Set("X-XSS-Protection", "0")
next.ServeHTTP(w, r)
})
}

View File

@ -5,7 +5,7 @@ import (
)
// routes ...
func (app *application) routes() *http.ServeMux {
func (app *application) routes() http.Handler {
mux := http.NewServeMux()
// setup server for static files
@ -16,5 +16,5 @@ func (app *application) routes() *http.ServeMux {
mux.HandleFunc("/snippet/view", app.snippetView)
mux.HandleFunc("/snippet/create", app.snippetCreate)
return mux
return secureHeaders(mux)
}

View File

@ -3,15 +3,26 @@ package main
import (
"html/template"
"path/filepath"
"time"
"snippetbox.chaosfem.tw/internal/models"
)
type templateData struct {
CurrentYear int
Snippet models.Snippet
Snippets []models.Snippet
}
// humanDate ...
func humanDate(t time.Time) string {
return t.Format("02 Jan 2006 at 15:04")
}
var functions = template.FuncMap{
"humanDate": humanDate,
}
// newTemplateCache ...
func newTemplateCache() (map[string]*template.Template, error) {
cache := map[string]*template.Template{}
@ -24,7 +35,7 @@ func newTemplateCache() (map[string]*template.Template, error) {
for _, page := range pages {
name := filepath.Base(page)
ts, err := template.ParseFiles("./ui/html/base.tmpl")
ts, err := template.New(name).Funcs(functions).ParseFiles("./ui/html/base.tmpl")
if err != nil {
return nil, err
}

View File

@ -16,7 +16,9 @@
<main>
{{template "main" .}}
</main>
<footer>Powered by <a href="https://golang.org">Go</a></footer>
<footer>
Powered by <a href="https://golang.org">Go</a> in {{.CurrentYear}}
</footer>
<script src="/static/js/main.js" type="text/javascript"></script>
</body>
</html>

View File

@ -12,7 +12,7 @@
{{range .Snippets}}
<tr>
<td><a href='/snippet/view?id={{.ID}}'>{{.Title}}</td>
<td>{{.Created}}</td>
<td>{{humanDate .Created}}</td>
<td>{{.ID}}</td>
</tr>
{{else}}

View File

@ -10,8 +10,8 @@
<pre><code>{{.Content}}</code></pre>
<div class="metadata">
<time>Created: {{.Created}}</time>
<time>Expires: {{.Expires}}</time>
<time>Created: {{humanDate .Created}}</time>
<time>Expires: {{humanDate .Expires}}</time>
</div>
</div>
{{end}}