ElnuDev
/
soudan
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support for multiple websites, contents, etc.

Browse Source
main
Elnu 2 years ago
parent 0de8921306
commit 5d70793e2b
10 changed files with 1034 additions and 78 deletions
Show Stats Download Patch File Download Diff File

845
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

2
Cargo.toml
Unescape View File

@ -19,3 +19,5 @@ serde_json = "1"
validator = { version = "0.15.0", features = ["derive"] }
md5 = "0.7.0"
chrono = { version = "0.4.19", features = ["serde"] }
reqwest = "0.11.11"
scraper = "0.13.0"

8
demo/a/index.html
Unescape View File

@ -0,0 +1,8 @@
<meta name="soudan-content-id" content="a">
<link rel="stylesheet" href="https://unpkg.com/sakura.css/css/sakura-dark.css" type="text/css">
<link rel="stylesheet" href="/style.css">
<h1>Page A</h1>
<p>This is Page A.</p>
<div id="soudan"></div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="/soudan.js"></script>

8
demo/b/index.html
Unescape View File

@ -0,0 +1,8 @@
<meta name="soudan-content-id" content="b">
<link rel="stylesheet" href="https://unpkg.com/sakura.css/css/sakura-dark.css" type="text/css">
<link rel="stylesheet" href="/style.css">
<h1>Page B</h1>
<p>This is Page B.</h2>
<div id="soudan"></div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="/soudan.js"></script>

22
demo/index.html
Unescape View File

@ -1,14 +1,10 @@
<meta name="soudan-content-id" content="test">
<link rel="stylesheet" href="https://unpkg.com/sakura.css/css/sakura-dark.css" type="text/css">
<link rel="stylesheet" href="style.css">
<h3>Make a comment</h3>
<form id="commentForm">
<label for="author">Name:</label> <input type="text" id="author" name="author" placeholder="Anonymous">
<label for="email">Email:</label> <input type="email" id="email" name="email">
<label for="text">Comment:</label>
<textarea id="text" name="text" required></textarea>
<input type="submit">
</form>
<h3 id="commentsHeader">Comments</h3>
<div id="comments"></div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="soudan.js"></script>
<link rel="stylesheet" href="/style.css">
<h1>Soudan demo</h1>
<p>Welcome to the Soudan demo!</h1>
<p>Check out the following example pages, each with their own comment section:</p>
<ul>
<li><a href="/a">Page A</a></li>
<li><a href="/b">Page B</a></li>
</ul>

48
demo/soudan.js
Unescape View File

@ -1,24 +1,44 @@
const form = document.getElementById("commentForm");
const commentContainer = document.getElementById("comments");
const commentContainerHeader = document.getElementById("commentsHeader");
document.getElementById("soudan").innerHTML = `<h3>Make a comment</h3>
<form id="soudan-comment-form">
<label for="author">Name:</label> <input type="text" name="author" placeholder="Anonymous">
<label for="email">Email:</label> <input type="email" name="email">
<label for="text">Comment:</label>
<textarea name="text" required></textarea>
<input type="submit">
</form>
<h3 id="soudan-comments-header">Comments</h3>
<div id="soudan-comments"></div>`;
document.write(`<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script>`);
const url = "http://127.0.0.1:8080";
const form = document.getElementById("soudan-comment-form");
const commentContainer = document.getElementById("soudan-comments");
const commentContainerHeader = document.getElementById("soudan-comments-header");
const contentId = document.querySelector("meta[name=\"soudan-content-id\"]").getAttribute("content");
form.addEventListener("submit", e => {
let data = {};
let data = {
url: window.location.href,
comment: { contentId }
};
new FormData(form).forEach((value, key) => {
data[key] = value === "" ? null : value;
data.comment[key] = value === "" ? null : value;
});
var request = new XMLHttpRequest();
request.open("POST", "http:/127.0.0.1:8080");
request.send(JSON.stringify(data));
request.addEventListener("load", () => {
fetch(url, {
method: "POST",
body: JSON.stringify(data),
headers: { "Content-Type": "application/json" }
})
.then(response => {
if (!response.ok) {
return;
}
form.querySelector("textarea").value = "";
reloadComments()
});
request.addEventListener("error", () => alert("Comment posting failed!"));
reloadComments();
})
e.preventDefault();
});
function reloadComments() {
fetch("http://127.0.0.1:8080")
fetch(`${url}/${contentId}`)
.then(response => {
return response.json().then(json => {
return response.ok ? json : Promise.reject(json);
@ -31,7 +51,7 @@ function reloadComments() {
html = "<p>No comments yet! Be the first to make one.</p>";
} else {
comments.forEach(comment => {
html += `<div><img class="avatar" src="https://www.gravatar.com/avatar/${comment.gravatar}"><div><b>${comment.author ? comment.author : "Anonymous"}</b> commented ${moment(new Date(comment.timestamp * 1000)).fromNow()}:<br><div>${comment.text}</div></div></div>`;
html += `<div><img class="soudan-avatar" src="https://www.gravatar.com/avatar/${comment.gravatar}"><div><b>${comment.author ? comment.author : "Anonymous"}</b> commented ${moment(new Date(comment.timestamp * 1000)).fromNow()}:<br><div>${comment.text}</div></div></div>`;
});
}
commentContainer.innerHTML = html;

4
demo/style.css
Unescape View File

@ -1,8 +1,8 @@
#comments > div {
#soudan-comments > div {
display: flex;
gap: 0.5em;
}
#comments .avatar {
.soudan-avatar {
border-radius: 100%;
width: 80px;
height: 80px;

3
src/comment.rs
Unescape View File

@ -3,8 +3,8 @@ use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize, Serializer};
use validator::Validate;
// Master comment type that is stored in database
#[derive(Serialize, Deserialize, Validate)]
#[serde(rename_all = "camelCase")]
pub struct Comment {
#[serde(skip_serializing_if = "Option::is_none")]
pub author: Option<String>, // None is Anonymous
@ -19,6 +19,7 @@ pub struct Comment {
#[serde(with = "ts_seconds_option")]
#[serde(skip_serializing_if = "Option::is_none")]
pub timestamp: Option<DateTime<Utc>>,
pub content_id: String,
}
fn serialize_gravatar<S>(email: &Option<String>, s: S) -> Result<S::Ok, S::Error>

12
src/database.rs
Unescape View File

@ -17,22 +17,24 @@ impl Database {
email TEXT,
author TEXT,
text TEXT NOT NULL,
timestamp DATETIME DEFAULT CURRENT_TIMESTAMP
timestamp DATETIME DEFAULT CURRENT_TIMESTAMP,
content_id TEXT NOT NULL
)",
params![],
)?;
Ok(Self { conn })
}
pub fn get_comments(&self) -> Result<Vec<Comment>> {
pub fn get_comments(&self, content_id: &str) -> Result<Vec<Comment>> {
self.conn
.prepare("SELECT author, email, text, timestamp FROM comment ORDER BY timestamp DESC")?
.prepare(&format!("SELECT author, email, text, timestamp FROM comment WHERE content_id='{content_id}' ORDER BY timestamp DESC"))?
.query_map([], |row| {
Ok(Comment {
author: row.get(0)?,
email: row.get(1)?,
text: row.get(2)?,
timestamp: row.get(3)?,
content_id: content_id.to_owned(),
})
})?
.collect()
@ -40,8 +42,8 @@ impl Database {
pub fn create_comment(&self, comment: &Comment) -> Result<()> {
self.conn.execute(
"INSERT INTO comment (author, email, text) VALUES (?1, ?2, ?3)",
params![&comment.author, &comment.email, &comment.text],
"INSERT INTO comment (author, email, text, content_id) VALUES (?1, ?2, ?3, ?4)",
params![&comment.author, &comment.email, &comment.text, &comment.content_id],
)?;
Ok(())
}

150
src/main.rs
Unescape View File

@ -1,63 +1,161 @@
mod comment;
use actix_cors::Cors;
mod comment; use actix_cors::Cors;
pub use comment::*;
mod database;
pub use database::Database;
use actix_web::{get, post, web, App, HttpResponse, HttpServer, Responder};
use std::{env, sync::Mutex};
use actix_web::{get, post, web, App, HttpResponse, HttpRequest, HttpServer, Responder};
use std::{env, sync::{Mutex, MutexGuard}};
use validator::Validate;
use scraper::{Html, Selector};
use std::collections::HashMap;
use serde::Deserialize;
struct AppState {
db: Mutex<Database>,
databases: HashMap<String, Mutex<Database>>,
}
#[get("/")]
async fn get_comments(data: web::Data<AppState>) -> impl Responder {
let db = match data.db.lock() {
Ok(db) => db,
Err(_) => return HttpResponse::InternalServerError().into(),
fn get_db<'a>(data: &'a web::Data<AppState>, request: &HttpRequest) -> Result<MutexGuard<'a, Database>, HttpResponse> {
// all the .into() are converting from HttpResponseBuilder to HttpResponse
let origin = match request.head().headers().get("Origin") {
Some(origin) => match origin.to_str() {
Ok(origin) => origin,
Err(_) => return Err(HttpResponse::BadRequest().into()),
}
None => return Err(HttpResponse::BadRequest().into()),
};
HttpResponse::Ok().json(&db.get_comments().unwrap())
match data.databases.get(origin) {
Some(database) => Ok(match database.lock() {
Ok(database) => database,
Err(_) => return Err(HttpResponse::InternalServerError().into()),
}),
None => return Err(HttpResponse::BadRequest().into()),
}
}
#[get("/{content_id}")]
async fn get_comments(data: web::Data<AppState>, request: HttpRequest, content_id: web::Path<String>) -> impl Responder {
let database = match get_db(&data, &request) {
Ok(database) => database,
Err(response) => return response,
};
HttpResponse::Ok().json(database.get_comments(&content_id).unwrap())
}
#[derive(Deserialize)]
struct PostCommentsRequest {
url: String,
comment: Comment,
}
#[post("/")]
async fn post_comment(data: web::Data<AppState>, bytes: web::Bytes) -> impl Responder {
async fn post_comment(data: web::Data<AppState>, request: HttpRequest, bytes: web::Bytes) -> impl Responder {
match String::from_utf8(bytes.to_vec()) {
Ok(text) => {
let db = match data.db.lock() {
Ok(db) => db,
Err(_) => return HttpResponse::InternalServerError(),
};
let comment: Comment = match serde_json::from_str(&text) {
Ok(comment) => comment,
Err(_) => return HttpResponse::BadRequest(),
let PostCommentsRequest { url, comment } = match serde_json::from_str(&text) {
Ok(req) => req,
Err(_) => return HttpResponse::BadRequest().into(),
};
if comment.validate().is_err() {
return HttpResponse::BadRequest();
return HttpResponse::BadRequest().into();
}
let origin = match request.head().headers().get("Origin") {
Some(origin) => match origin.to_str() {
Ok(origin) => origin,
// If the Origin is not valid ASCII, it is a bad request not sent from a browser
Err(_) => return HttpResponse::BadRequest().into(),
},
// If there is no Origin header, it is a bad request not sent from a browser
None => return HttpResponse::BadRequest().into(),
};
// Check to see if provided URL is in scope.
// This is to prevent malicious requests that try to get server to fetch external websites.
// (requires loop because "labels on blocks are unstable")
// https://github.com/rust-lang/rust/issues/48594
'outer: loop {
for site_root in data.databases.keys() {
if site_root.starts_with(origin) && url.starts_with(site_root) {
break 'outer;
}
}
return HttpResponse::BadRequest().into();
}
db.create_comment(&comment).unwrap();
HttpResponse::Ok()
match get_page_data(&url).await {
Ok(page_data_option) => match page_data_option {
Some(page_data) => if page_data.content_id != comment.content_id {
return HttpResponse::BadRequest().into();
},
None => return HttpResponse::BadRequest().into(),
},
Err(_) => return HttpResponse::InternalServerError().into(),
};
let database = match get_db(&data, &request) {
Ok(database) => database,
Err(response) => return response,
};
database.create_comment(&comment).unwrap();
HttpResponse::Ok().into()
}
Err(_) => HttpResponse::BadRequest().into(),
}
}
// Contains all page details stored in meta tags.
// Currently, only content_id, but this is wrapped in this struct
// to make adding other meta tags, such as locked comments, in the future
struct PageData {
content_id: String,
}
async fn get_page_data(url: &str) -> Result<Option<PageData>, reqwest::Error> {
let response = reqwest::get(url).await?;
if !response.status().is_success() {
return Ok(None);
}
let content = response.text_with_charset("utf-8").await?;
let document = Html::parse_document(&content);
let get_meta = |name: &str| -> Option<String> {
let selector = Selector::parse(&format!("meta[name=\"{}\"]", name)).unwrap();
match document.select(&selector).next() {
Some(element) => match element.value().attr("content") {
Some(value) => Some(value.to_owned()),
None => return None,
},
None => return None,
}
};
return Ok(Some(PageData {
content_id: match get_meta("soudan-content-id") {
Some(id) => id,
None => return Ok(None),
},
}))
}
#[actix_web::main]
async fn main() -> Result<(), std::io::Error> {
let mut domains = Vec::new();
let testing = {
let mut testing = false;
for argument in env::args() {
let mut args = env::args();
args.next(); // Skip first, will be executable name
for argument in args {
if argument == "--testing" || argument == "-t" {
testing = true;
break;
} else {
domains.push(argument);
}
}
testing
};
let db = Database::new(testing).unwrap();
let state = web::Data::new(AppState { db: Mutex::new(db) });
if domains.len() == 0 {
panic!("At least one domain is required!");
}
let mut databases = HashMap::new();
for domain in domains.iter() {
databases.insert(domain.to_owned(), Mutex::new(Database::new(testing).unwrap()));
}
let state = web::Data::new(AppState { databases });
HttpServer::new(move || {
App::new()
.service(get_comments)

Write Preview
Loading…
Cancel
Save