diff --git a/internal/api/client/auth/authorize.go b/internal/api/client/auth/authorize.go index f473579db..7661019db 100644 --- a/internal/api/client/auth/authorize.go +++ b/internal/api/client/auth/authorize.go @@ -38,6 +38,9 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) { l := m.log.WithField("func", "AuthorizeGETHandler") s := sessions.Default(c) + s.Options(sessions.Options{ + MaxAge: 120, // give the user 2 minutes to sign in before expiring their session + }) // UserID will be set in the session by AuthorizePOSTHandler if the caller has already gone through the authentication flow // If it's not set, then we don't know yet who the user is, so we need to redirect them to the sign in page. @@ -117,9 +120,6 @@ func (m *Module) AuthorizePOSTHandler(c *gin.Context) { l := m.log.WithField("func", "AuthorizePOSTHandler") s := sessions.Default(c) - // At this point we know the user has said 'yes' to allowing the application and oauth client - // work for them, so we can set the - // We need to retrieve the original form submitted to the authorizeGEThandler, and // recreate it on the request so that it can be used further by the oauth2 library. // So first fetch all the values from the session. @@ -153,8 +153,13 @@ func (m *Module) AuthorizePOSTHandler(c *gin.Context) { c.JSON(http.StatusBadRequest, gin.H{"error": "session missing userid"}) return } + // we're done with the session so we can clear it now s.Clear() + if err := s.Save(); err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) + return + } // now set the values on the request values := url.Values{} diff --git a/internal/cliactions/server/server.go b/internal/cliactions/server/server.go index 4864dacb4..dfe05f47a 100644 --- a/internal/cliactions/server/server.go +++ b/internal/cliactions/server/server.go @@ -67,6 +67,7 @@ >smodel.Emoji{}, >smodel.Instance{}, >smodel.Notification{}, + >smodel.RouterSession{}, &oauth.Token{}, &oauth.Client{}, } @@ -94,7 +95,7 @@ federatingDB := federatingdb.New(dbService, c, log) - router, err := router.New(c, log) + router, err := router.New(c, dbService, log) if err != nil { return fmt.Errorf("error creating router: %s", err) } diff --git a/internal/cliactions/testrig/testrig.go b/internal/cliactions/testrig/testrig.go index a1d2d7af7..43d2db726 100644 --- a/internal/cliactions/testrig/testrig.go +++ b/internal/cliactions/testrig/testrig.go @@ -44,7 +44,7 @@ c := testrig.NewTestConfig() dbService := testrig.NewTestDB() testrig.StandardDBSetup(dbService) - router := testrig.NewTestRouter() + router := testrig.NewTestRouter(dbService) storageBackend := testrig.NewTestStorage() testrig.StandardStorageSetup(storageBackend, "./testrig/media") diff --git a/internal/gtsmodel/routersession.go b/internal/gtsmodel/routersession.go new file mode 100644 index 000000000..c0f8e1f4d --- /dev/null +++ b/internal/gtsmodel/routersession.go @@ -0,0 +1,26 @@ +/* + GoToSocial + Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +package gtsmodel + +// RouterSession is used to store and retrieve settings for a router session. +type RouterSession struct { + ID string `pg:"type:CHAR(26),pk,notnull"` + Auth []byte `pg:",notnull"` + Crypt []byte `pg:",notnull"` +} diff --git a/internal/router/attach.go b/internal/router/attach.go new file mode 100644 index 000000000..2abfa0e0e --- /dev/null +++ b/internal/router/attach.go @@ -0,0 +1,41 @@ +/* + GoToSocial + Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +package router + +import "github.com/gin-gonic/gin" + +// AttachHandler attaches the given gin.HandlerFunc to the router with the specified method and path. +// If the path is set to ANY, then the handlerfunc will be used for ALL methods at its given path. +func (r *router) AttachHandler(method string, path string, handler gin.HandlerFunc) { + if method == "ANY" { + r.engine.Any(path, handler) + } else { + r.engine.Handle(method, path, handler) + } +} + +// AttachMiddleware attaches a gin middleware to the router that will be used globally +func (r *router) AttachMiddleware(middleware gin.HandlerFunc) { + r.engine.Use(middleware) +} + +// AttachNoRouteHandler attaches a gin.HandlerFunc to NoRoute to handle 404's +func (r *router) AttachNoRouteHandler(handler gin.HandlerFunc) { + r.engine.NoRoute(handler) +} diff --git a/internal/router/cors.go b/internal/router/cors.go new file mode 100644 index 000000000..9f8d379dd --- /dev/null +++ b/internal/router/cors.go @@ -0,0 +1,88 @@ +/* + GoToSocial + Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +package router + +import ( + "time" + + "github.com/gin-contrib/cors" + "github.com/gin-gonic/gin" + "github.com/superseriousbusiness/gotosocial/internal/config" +) + +var corsConfig = cors.Config{ + // TODO: make this customizable so instance admins can specify an origin for CORS requests + AllowAllOrigins: true, + + // adds the following: + // "chrome-extension://" + // "safari-extension://" + // "moz-extension://" + // "ms-browser-extension://" + AllowBrowserExtensions: true, + AllowMethods: []string{ + "POST", + "PUT", + "DELETE", + "GET", + "PATCH", + "OPTIONS", + }, + AllowHeaders: []string{ + // basic cors stuff + "Origin", + "Content-Length", + "Content-Type", + + // needed to pass oauth bearer tokens + "Authorization", + + // needed for websocket upgrade requests + "Upgrade", + "Sec-WebSocket-Extensions", + "Sec-WebSocket-Key", + "Sec-WebSocket-Protocol", + "Sec-WebSocket-Version", + "Connection", + }, + AllowWebSockets: true, + ExposeHeaders: []string{ + // needed for accessing next/prev links when making GET timeline requests + "Link", + + // needed so clients can handle rate limits + "X-RateLimit-Reset", + "X-RateLimit-Limit", + "X-RateLimit-Remaining", + "X-Request-Id", + + // websocket stuff + "Connection", + "Sec-WebSocket-Accept", + "Upgrade", + }, + MaxAge: 2 * time.Minute, +} + +// useCors attaches the corsConfig above to the given gin engine +func useCors(cfg *config.Config, engine *gin.Engine) error { + c := cors.New(corsConfig) + engine.Use(c) + return nil +} diff --git a/internal/router/router.go b/internal/router/router.go index 1b8d899fa..a77b7071e 100644 --- a/internal/router/router.go +++ b/internal/router/router.go @@ -20,22 +20,24 @@ import ( "context" - "crypto/rand" "fmt" "net/http" - "os" - "path/filepath" "time" - "github.com/gin-contrib/cors" - "github.com/gin-contrib/sessions" - "github.com/gin-contrib/sessions/memstore" "github.com/gin-gonic/gin" "github.com/sirupsen/logrus" "github.com/superseriousbusiness/gotosocial/internal/config" + "github.com/superseriousbusiness/gotosocial/internal/db" "golang.org/x/crypto/acme/autocert" ) +var ( + readTimeout = 60 * time.Second + writeTimeout = 30 * time.Second + idleTimeout = 30 * time.Second + readHeaderTimeout = 30 * time.Second +) + // Router provides the REST interface for gotosocial, using gin. type Router interface { // Attach a gin handler to the router with the given method and path @@ -96,31 +98,17 @@ func (r *router) Stop(ctx context.Context) error { return r.srv.Shutdown(ctx) } -// AttachHandler attaches the given gin.HandlerFunc to the router with the specified method and path. -// If the path is set to ANY, then the handlerfunc will be used for ALL methods at its given path. -func (r *router) AttachHandler(method string, path string, handler gin.HandlerFunc) { - if method == "ANY" { - r.engine.Any(path, handler) - } else { - r.engine.Handle(method, path, handler) - } -} - -// AttachMiddleware attaches a gin middleware to the router that will be used globally -func (r *router) AttachMiddleware(middleware gin.HandlerFunc) { - r.engine.Use(middleware) -} - -// AttachNoRouteHandler attaches a gin.HandlerFunc to NoRoute to handle 404's -func (r *router) AttachNoRouteHandler(handler gin.HandlerFunc) { - r.engine.NoRoute(handler) -} - // New returns a new Router with the specified configuration, using the given logrus logger. -func New(config *config.Config, logger *logrus.Logger) (Router, error) { - lvl, err := logrus.ParseLevel(config.LogLevel) +// +// The given DB is only used in the New function for parsing config values, and is not otherwise +// pinned to the router. +func New(cfg *config.Config, db db.DB, logger *logrus.Logger) (Router, error) { + + // gin has different log modes; for convenience, we match the gin log mode to + // whatever log mode has been set for logrus + lvl, err := logrus.ParseLevel(cfg.LogLevel) if err != nil { - return nil, fmt.Errorf("couldn't parse log level %s to set router level: %s", config.LogLevel, err) + return nil, fmt.Errorf("couldn't parse log level %s to set router level: %s", cfg.LogLevel, err) } switch lvl { case logrus.TraceLevel, logrus.DebugLevel: @@ -131,52 +119,43 @@ func New(config *config.Config, logger *logrus.Logger) (Router, error) { // create the actual engine here -- this is the core request routing handler for gts engine := gin.Default() - engine.Use(cors.New(cors.Config{ - AllowAllOrigins: true, - AllowBrowserExtensions: true, - AllowMethods: []string{"POST", "PUT", "DELETE", "GET", "PATCH", "OPTIONS"}, - AllowHeaders: []string{"Origin", "Content-Length", "Content-Type", "Authorization", "Upgrade", "Sec-WebSocket-Extensions", "Sec-WebSocket-Key", "Sec-WebSocket-Protocol", "Sec-WebSocket-Version", "Connection"}, - AllowWebSockets: true, - ExposeHeaders: []string{"Link", "X-RateLimit-Reset", "X-RateLimit-Limit", " X-RateLimit-Remaining", "X-Request-Id", "Connection", "Sec-WebSocket-Accept", "Upgrade"}, - MaxAge: 2 * time.Minute, - })) engine.MaxMultipartMemory = 8 << 20 // 8 MiB - // create a new session store middleware - store, err := sessionStore() - if err != nil { - return nil, fmt.Errorf("error creating session store: %s", err) + // enable cors on the engine + if err := useCors(cfg, engine); err != nil { + return nil, err } - engine.Use(sessions.Sessions("gotosocial-session", store)) - // load html templates for use by the router - cwd, err := os.Getwd() - if err != nil { - return nil, fmt.Errorf("error getting current working directory: %s", err) + // load templates onto the engine + if err := loadTemplates(cfg, engine); err != nil { + return nil, err } - tmPath := filepath.Join(cwd, fmt.Sprintf("%s*", config.TemplateConfig.BaseDir)) - logger.Debugf("loading templates from %s", tmPath) - engine.LoadHTMLGlob(tmPath) - // create the actual http server here + // enable session store middleware on the engine + if err := useSession(cfg, db, engine); err != nil { + return nil, err + } + + // create the http server here, passing the gin engine as handler s := &http.Server{ Handler: engine, - ReadTimeout: 60 * time.Second, - WriteTimeout: 30 * time.Second, - IdleTimeout: 30 * time.Second, - ReadHeaderTimeout: 30 * time.Second, + ReadTimeout: readTimeout, + WriteTimeout: writeTimeout, + IdleTimeout: idleTimeout, + ReadHeaderTimeout: readHeaderTimeout, } - var m *autocert.Manager // We need to spawn the underlying server slightly differently depending on whether lets encrypt is enabled or not. // In either case, the gin engine will still be used for routing requests. - if config.LetsEncryptConfig.Enabled { + + var m *autocert.Manager + if cfg.LetsEncryptConfig.Enabled { // le IS enabled, so roll up an autocert manager for handling letsencrypt requests m = &autocert.Manager{ Prompt: autocert.AcceptTOS, - HostPolicy: autocert.HostWhitelist(config.Host), - Cache: autocert.DirCache(config.LetsEncryptConfig.CertDir), - Email: config.LetsEncryptConfig.EmailAddress, + HostPolicy: autocert.HostWhitelist(cfg.Host), + Cache: autocert.DirCache(cfg.LetsEncryptConfig.CertDir), + Email: cfg.LetsEncryptConfig.EmailAddress, } // and create an HTTPS server s.Addr = ":https" @@ -190,27 +169,11 @@ func New(config *config.Config, logger *logrus.Logger) (Router, error) { logger: logger, engine: engine, srv: s, - config: config, + config: cfg, certManager: m, }, nil } -// sessionStore returns a new session store with a random auth and encryption key. -// This means that cookies using the store will be reset if gotosocial is restarted! -func sessionStore() (memstore.Store, error) { - auth := make([]byte, 32) - crypt := make([]byte, 32) - - if _, err := rand.Read(auth); err != nil { - return nil, err - } - if _, err := rand.Read(crypt); err != nil { - return nil, err - } - - return memstore.NewStore(auth, crypt), nil -} - func httpsRedirect(w http.ResponseWriter, req *http.Request) { target := "https://" + req.Host + req.URL.Path diff --git a/internal/router/session.go b/internal/router/session.go new file mode 100644 index 000000000..a1ac09d28 --- /dev/null +++ b/internal/router/session.go @@ -0,0 +1,100 @@ +/* + GoToSocial + Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +package router + +import ( + "crypto/rand" + "errors" + "fmt" + + "github.com/gin-contrib/sessions" + "github.com/gin-contrib/sessions/memstore" + "github.com/gin-gonic/gin" + "github.com/superseriousbusiness/gotosocial/internal/config" + "github.com/superseriousbusiness/gotosocial/internal/db" + "github.com/superseriousbusiness/gotosocial/internal/gtsmodel" + "github.com/superseriousbusiness/gotosocial/internal/id" +) + +func useSession(cfg *config.Config, dbService db.DB, engine *gin.Engine) error { + // check if we have a saved router session already + routerSessions := []*gtsmodel.RouterSession{} + if err := dbService.GetAll(&routerSessions); err != nil { + if _, ok := err.(db.ErrNoEntries); !ok { + // proper error occurred + return err + } + } + + var rs *gtsmodel.RouterSession + if len(routerSessions) == 1 { + // we have a router session stored + rs = routerSessions[0] + } else if len(routerSessions) == 0 { + // we have no router sessions so we need to create a new one + var err error + rs, err = routerSession(dbService) + if err != nil { + return fmt.Errorf("error creating new router session: %s", err) + } + } else { + // we should only have one router session stored ever + return errors.New("we had more than one router session in the db") + } + + if rs == nil { + return errors.New("error getting or creating router session: router session was nil") + } + + store := memstore.NewStore(rs.Auth, rs.Crypt) + sessionName := fmt.Sprintf("gotosocial-%s", cfg.Host) + engine.Use(sessions.Sessions(sessionName, store)) + return nil +} + +// routerSession generates a new router session with random auth and crypt bytes, +// puts it in the database for persistence, and returns it for use. +func routerSession(dbService db.DB) (*gtsmodel.RouterSession, error) { + auth := make([]byte, 32) + crypt := make([]byte, 32) + + if _, err := rand.Read(auth); err != nil { + return nil, err + } + if _, err := rand.Read(crypt); err != nil { + return nil, err + } + + rid, err := id.NewULID() + if err != nil { + return nil, err + } + + rs := >smodel.RouterSession{ + ID: rid, + Auth: auth, + Crypt: crypt, + } + + if err := dbService.Put(rs); err != nil { + return nil, err + } + + return rs, nil +} diff --git a/internal/router/template.go b/internal/router/template.go new file mode 100644 index 000000000..cd1eb11db --- /dev/null +++ b/internal/router/template.go @@ -0,0 +1,23 @@ +package router + +import ( + "fmt" + "os" + "path/filepath" + + "github.com/gin-gonic/gin" + "github.com/superseriousbusiness/gotosocial/internal/config" +) + +// loadTemplates loads html templates for use by the given engine +func loadTemplates(cfg *config.Config, engine *gin.Engine) error { + cwd, err := os.Getwd() + if err != nil { + return fmt.Errorf("error getting current working directory: %s", err) + } + + tmPath := filepath.Join(cwd, fmt.Sprintf("%s*", cfg.TemplateConfig.BaseDir)) + + engine.LoadHTMLGlob(tmPath) + return nil +} diff --git a/testrig/db.go b/testrig/db.go index 5fa019adc..01cf93934 100644 --- a/testrig/db.go +++ b/testrig/db.go @@ -47,6 +47,7 @@ >smodel.Emoji{}, >smodel.Instance{}, >smodel.Notification{}, + >smodel.RouterSession{}, &oauth.Token{}, &oauth.Client{}, } diff --git a/testrig/router.go b/testrig/router.go index 83ce7b602..5770191ea 100644 --- a/testrig/router.go +++ b/testrig/router.go @@ -18,11 +18,14 @@ package testrig -import "github.com/superseriousbusiness/gotosocial/internal/router" +import ( + "github.com/superseriousbusiness/gotosocial/internal/db" + "github.com/superseriousbusiness/gotosocial/internal/router" +) // NewTestRouter returns a Router suitable for testing -func NewTestRouter() router.Router { - r, err := router.New(NewTestConfig(), NewTestLog()) +func NewTestRouter(db db.DB) router.Router { + r, err := router.New(NewTestConfig(), db, NewTestLog()) if err != nil { panic(err) }