Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9492ee9db7 | |||
| 5a18e5728e | |||
| b4843108fc | |||
| 2db4972394 | |||
| c1615a1bcb |
+6
-5
@@ -1,5 +1,6 @@
|
|||||||
target
|
target/
|
||||||
vue/node_modules
|
tests/
|
||||||
vue/dist
|
Dockerfile
|
||||||
.git
|
scripts/
|
||||||
.env
|
migrations/
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +0,0 @@
|
|||||||
DATABASE_URL=postgres://admin:changeme@localhost/rss
|
|
||||||
JWT_SECRET=change-this-to-a-long-random-string
|
|
||||||
FRONTEND_ORIGIN=http://localhost:5173
|
|
||||||
RUST_LOG=info
|
|
||||||
POSTGRES_PASSWORD=changeme
|
|
||||||
@@ -1,7 +1 @@
|
|||||||
/target
|
/target
|
||||||
.env
|
|
||||||
.claude
|
|
||||||
CLAUDE.md
|
|
||||||
LEARNINGS.md
|
|
||||||
PLAN.md
|
|
||||||
/memory
|
|
||||||
|
|||||||
Generated
+1444
-2223
File diff suppressed because it is too large
Load Diff
Executable → Regular
+37
-26
@@ -1,40 +1,51 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "rss-reader"
|
name = "rss-reader"
|
||||||
version = "0.9.1"
|
version = "0.1.0"
|
||||||
edition = "2024"
|
edition = "2021"
|
||||||
|
|
||||||
|
[lib]
|
||||||
|
path = "src/lib.rs"
|
||||||
|
|
||||||
|
[[bin]]
|
||||||
|
path = "src/main.rs"
|
||||||
|
name = "rss-reader"
|
||||||
|
|
||||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
anyhow = "1"
|
reqwest = { version = "0.11", features = ["json", "blocking"] }
|
||||||
reqwest = { version = "0.13", features = ["json", "blocking"] }
|
|
||||||
tokio = { version = "1", features = ["full"] }
|
tokio = { version = "1", features = ["full"] }
|
||||||
rss = { version = "2.0.13" }
|
rss = { version = "2.0.1" }
|
||||||
actix-web = "4.13"
|
actix-web = "4.1.0"
|
||||||
actix-rt = "2.10"
|
actix-rt = "2.7.0"
|
||||||
futures = "0.3.31"
|
futures = "0.3.24"
|
||||||
serde = { version = "1.0.228", features = ["alloc", "derive", "serde_derive"] }
|
serde = { version = "1.0.144", features = ["alloc", "derive", "serde_derive"] }
|
||||||
serde_derive = "1.0.228"
|
serde_derive = "1.0.145"
|
||||||
actix-service = "2.0.3"
|
actix-service = "2.0.2"
|
||||||
diesel = { version = "2.3", features = ["postgres", "chrono"] }
|
diesel = { version = "2.0.2", features = ["postgres", "chrono", "r2d2"] }
|
||||||
diesel_migrations = "2.3"
|
|
||||||
dotenv = "0.15.0"
|
dotenv = "0.15.0"
|
||||||
bcrypt = "0.19"
|
bcrypt = "0.13.0"
|
||||||
uuid = {version = "1.23", features=["serde", "v4"]}
|
uuid = {version = "1.2.1", features=["serde", "v4"]}
|
||||||
jwt = "0.16.0"
|
jwt = "0.16.0"
|
||||||
hmac = "0.12"
|
hmac = "0.12.1"
|
||||||
sha2 = "0.10"
|
sha2 = "0.10.6"
|
||||||
log = "0.4.32"
|
scraper = "0.14.0"
|
||||||
env_logger = "0.11"
|
actix-cors = "0.6.4"
|
||||||
scraper = "0.27"
|
chrono = { version = "0.4.31", features = ["serde"] }
|
||||||
actix-cors = "0.7"
|
dateparser = "0.2.0"
|
||||||
chrono = { version = "0.4.45", features = ["serde"] }
|
tracing-appender = "0.2.3"
|
||||||
dateparser = "0.3"
|
once_cell = "1.19.0"
|
||||||
ammonia = "4.1.2"
|
secrecy = { version = "0.8.0", features = ["serde"] }
|
||||||
actix-governor = "0.10.0"
|
tracing-actix-web = "0.7.10"
|
||||||
|
tracing-subscriber = { version = "0.3.18", features = ["registry", "env-filter"] }
|
||||||
|
tracing-log = "0.2.0"
|
||||||
|
config = "0.14.0"
|
||||||
|
diesel-connection = "4.1.0"
|
||||||
|
tracing = { version = "0.1.40", features = ["log"] }
|
||||||
|
tracing-bunyan-formatter = "0.3.9"
|
||||||
|
|
||||||
[dependencies.serde_json]
|
[dependencies.serde_json]
|
||||||
version = "1.0.150"
|
version = "1.0.86"
|
||||||
default-features = false
|
default-features = false
|
||||||
features = ["alloc"]
|
features = ["alloc"]
|
||||||
|
|
||||||
|
|||||||
+33
-16
@@ -1,24 +1,41 @@
|
|||||||
# --- builder ---
|
FROM lukemathwalker/cargo-chef:latest-rust-1 AS chef
|
||||||
FROM rust:1-slim-bookworm AS builder
|
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
||||||
libpq-dev pkg-config libssl-dev \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
|
RUN apt update && apt install lld clang -y
|
||||||
|
|
||||||
|
FROM chef as planner
|
||||||
COPY . .
|
COPY . .
|
||||||
RUN cargo build --release && \
|
RUN cargo chef prepare --recipe-path recipe.json
|
||||||
cp target/release/rss-reader /usr/local/bin/rss-reader && \
|
|
||||||
rm -rf target
|
|
||||||
|
|
||||||
# --- runtime ---
|
FROM chef as builder
|
||||||
FROM debian:bookworm-slim
|
COPY --from=planner /app/recipe.json recipe.json
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
RUN cargo chef cook --release --recipe-path recipe.json
|
||||||
libpq5 ca-certificates \
|
|
||||||
|
COPY . .
|
||||||
|
RUN cargo build --release --bin rss-reader
|
||||||
|
RUN cargo install diesel_cli --no-default-features --features postgres
|
||||||
|
|
||||||
|
# Runtime stage
|
||||||
|
FROM debian:bookworm-slim AS runtime
|
||||||
|
WORKDIR /app
|
||||||
|
# Install OpenSSL - it is dynamically linked by some of our dependencies
|
||||||
|
# Install ca-certificates - it is needed to verify TLS certificates
|
||||||
|
# when establishing HTTPS connections
|
||||||
|
RUN apt-get update -y \
|
||||||
|
&& apt-get install -y openssl ca-certificates pkg-config\
|
||||||
|
&& apt-get install -y libpq5 \
|
||||||
|
&& apt-get autoremove -y \
|
||||||
|
&& apt-get clean -y \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
COPY --from=builder /usr/local/bin/rss-reader /usr/local/bin/rss-reader
|
# Copy diesel_cli from builder to runtime
|
||||||
|
COPY --from=builder /usr/local/cargo/bin/diesel /usr/local/cargo/bin/diesel
|
||||||
|
|
||||||
|
COPY --from=builder /app/target/release/rss-reader rss-reader
|
||||||
|
|
||||||
EXPOSE 8001
|
EXPOSE 8001
|
||||||
CMD ["rss-reader"]
|
# COPY configuration configuration
|
||||||
|
# ENV APP_ENVIRONMENT production
|
||||||
|
# ENTRYPOINT ["./rss-reader"]
|
||||||
|
ENTRYPOINT ["sh", "-c", "/app/rss-reader && diesel migration run"]
|
||||||
|
|||||||
@@ -1,359 +1,24 @@
|
|||||||
# RSS Reader
|
## RSS-Reader [WIP]
|
||||||
|
|
||||||
A self-hosted RSS reader: a Rust/actix-web + Diesel/PostgreSQL backend with a Vue 3 single-page-app frontend. Sync feeds, read articles, and mark them as read — from your desktop or your phone.
|
# Diesel Setup
|
||||||
|
|
||||||
## Stack
|
setup, first step, or when docker been and DB not found.
|
||||||
|
|
||||||
- **Backend**: Rust, actix-web, Diesel ORM, PostgreSQL, JWT auth
|
`diesel setup`
|
||||||
- **Frontend**: Vue 3, Vite, axios
|
|
||||||
- **Database**: PostgreSQL 18
|
|
||||||
|
|
||||||
---
|
generate table
|
||||||
|
|
||||||
## Development setup
|
`diesel migration generate create_to_do_items`
|
||||||
|
|
||||||
### Prerequisites
|
fill up and down
|
||||||
|
|
||||||
- [Rust](https://rustup.rs/) (stable toolchain)
|
`diesel migration run`
|
||||||
- [Node.js](https://nodejs.org/) 20+ and npm
|
|
||||||
- PostgreSQL (locally, or via Docker — see below)
|
|
||||||
- The Diesel CLI: `cargo install diesel_cli --no-default-features --features postgres`
|
|
||||||
(requires `libpq`; on Debian/Ubuntu: `sudo apt install libpq-dev`)
|
|
||||||
|
|
||||||
### 1. Configure environment variables
|
# docker
|
||||||
|
|
||||||
Copy the example file and fill in your own values:
|
`docker exec -it 59ff8bad10c0 psql -d rss -U admin`
|
||||||
|
|
||||||
```sh
|
|
||||||
cp .env.example .env
|
|
||||||
```
|
|
||||||
|
|
||||||
`.env` is read by both the backend (via `dotenv`) and the `diesel` CLI, and is gitignored — never commit it.
|
# Create user
|
||||||
|
curl -X POST -H "Content-Type: application/json" -d '{"name": "mace", "email": "safemind@posteo.de", "password": "secret"}' http://localhost:8001/api/v1/user/create
|
||||||
|
|
||||||
| Variable | Purpose |
|
|
||||||
|---|---|
|
|
||||||
| `DATABASE_URL` | Postgres connection string, e.g. `postgres://admin:changeme@localhost/rss` |
|
|
||||||
| `JWT_SECRET` | Secret used to sign/verify auth tokens — use a long random string |
|
|
||||||
| `FRONTEND_ORIGIN` | Origin allowed by CORS, e.g. `http://localhost:5173` for the Vite dev server |
|
|
||||||
| `RUST_LOG` | Log level for `env_logger`, e.g. `info` |
|
|
||||||
| `POSTGRES_PASSWORD` | Password for the `admin` Postgres user (used by `docker-compose.yml`) |
|
|
||||||
|
|
||||||
### 2. Start PostgreSQL
|
|
||||||
|
|
||||||
The simplest way during development is to run just the database container:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
docker compose up postgres -d
|
|
||||||
```
|
|
||||||
|
|
||||||
This starts Postgres on `localhost:5432` with the credentials from `.env`. Alternatively, point `DATABASE_URL` at any Postgres instance you already have running.
|
|
||||||
|
|
||||||
### 3. Run database migrations
|
|
||||||
|
|
||||||
Migrations are embedded in the backend binary and also run automatically on startup, but you can apply them manually with the Diesel CLI (useful when generating new migrations during development):
|
|
||||||
|
|
||||||
```sh
|
|
||||||
diesel setup # creates the database and runs existing migrations
|
|
||||||
diesel migration run # applies any pending migrations
|
|
||||||
diesel migration generate <name> # scaffolds a new up.sql/down.sql pair
|
|
||||||
```
|
|
||||||
|
|
||||||
### 4. Run the backend
|
|
||||||
|
|
||||||
```sh
|
|
||||||
cargo run
|
|
||||||
```
|
|
||||||
|
|
||||||
The API listens on `http://0.0.0.0:8001`. Backend logs respect `RUST_LOG`.
|
|
||||||
|
|
||||||
### 5. Run the frontend
|
|
||||||
|
|
||||||
```sh
|
|
||||||
cd vue
|
|
||||||
npm install
|
|
||||||
npm run dev -- --host
|
|
||||||
```
|
|
||||||
|
|
||||||
The Vite dev server runs on `http://localhost:5173` (the `--host` flag also exposes it on your LAN so you can test from a phone) and proxies `/api` requests to `http://localhost:8001` (configured in `vue/vite.config.js`).
|
|
||||||
|
|
||||||
### 6. Try it out
|
|
||||||
|
|
||||||
Create a user, then log in through the UI at `http://localhost:5173`:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
curl -X POST -H "Content-Type: application/json" \
|
|
||||||
-d '{"name": "mace", "email": "you@example.com", "password": "secret1"}' \
|
|
||||||
http://localhost:8001/api/v1/user/create
|
|
||||||
```
|
|
||||||
|
|
||||||
Passwords must be at least 6 characters.
|
|
||||||
|
|
||||||
### Useful commands during development
|
|
||||||
|
|
||||||
```sh
|
|
||||||
# Backend
|
|
||||||
cargo build # compile
|
|
||||||
cargo test # run the test suite (needs a reachable Postgres + DATABASE_URL)
|
|
||||||
cargo clippy # lint
|
|
||||||
cargo fmt # format
|
|
||||||
```
|
|
||||||
|
|
||||||
```sh
|
|
||||||
# Frontend (run from vue/)
|
|
||||||
npm run test # run Vitest component tests
|
|
||||||
npm run lint # eslint
|
|
||||||
npm run format # prettier
|
|
||||||
```
|
|
||||||
|
|
||||||
```sh
|
|
||||||
# Inspect the dockerized database directly
|
|
||||||
docker exec -it rss-postgres psql -d rss -U admin
|
|
||||||
```
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Security notes
|
|
||||||
|
|
||||||
- **Sessions**: login returns a JWT (`token` header) valid for 24 hours. Logging out
|
|
||||||
(`POST /api/v1/auth/logout`, requires the current token) bumps the user's
|
|
||||||
`token_version`, which immediately invalidates *all* outstanding tokens for that
|
|
||||||
account — there's no per-session revocation, so logging out on one device logs out
|
|
||||||
every device.
|
|
||||||
- **Login rate limiting**: `POST /api/v1/auth/login` is limited to a burst of 5 requests
|
|
||||||
per IP, replenishing one every 2 seconds (`actix-governor`).
|
|
||||||
- **Outbound fetches**: feed syncs and the article-reader endpoint only fetch
|
|
||||||
`http`/`https` URLs that resolve to public IP addresses (no loopback/private/
|
|
||||||
link-local, e.g. `127.0.0.1` or the `169.254.169.254` cloud metadata address).
|
|
||||||
Redirects are followed (up to 5 hops), but each redirect target is checked against the
|
|
||||||
same rules before being fetched, so a redirect can't be used to reach an internal
|
|
||||||
address.
|
|
||||||
- **Stored feed content**: `<img>` tags from synced feed content are sanitized
|
|
||||||
(`ammonia`) down to `src`/`alt`/`title` before being stored, since they're later
|
|
||||||
rendered with `v-html` in the frontend.
|
|
||||||
- **If `JWT_SECRET` or `POSTGRES_PASSWORD` are ever leaked** (e.g. committed to git),
|
|
||||||
rotate them in `.env` and restart the backend — rotating `JWT_SECRET` invalidates every
|
|
||||||
outstanding token as a side effect.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Production setup (Docker)
|
|
||||||
|
|
||||||
The whole stack — Postgres, backend, and frontend — runs via Docker Compose. The frontend is built as a static Vue bundle and served by nginx, which also reverse-proxies `/api/` to the backend container.
|
|
||||||
|
|
||||||
### 1. Configure environment variables
|
|
||||||
|
|
||||||
Same as in development — create a root-level `.env` from `.env.example` and fill in **strong, unique** values for `POSTGRES_PASSWORD` and `JWT_SECRET`. Set `FRONTEND_ORIGIN` to the URL the frontend will actually be served from (e.g. `http://<host-ip>:8080` or your domain), since the backend's CORS policy only allows that origin.
|
|
||||||
|
|
||||||
### 2. Build and start everything
|
|
||||||
|
|
||||||
```sh
|
|
||||||
docker compose up --build -d
|
|
||||||
```
|
|
||||||
|
|
||||||
This builds three images and starts them on a shared network:
|
|
||||||
|
|
||||||
- **`postgres`** — PostgreSQL 18, data persisted in the `postgres_data` volume, reachable on `localhost:5432`
|
|
||||||
- **`backend`** — multi-stage build (compiles the Rust binary in a `rust:slim` builder, runs it in a slim `debian` runtime image); runs embedded Diesel migrations automatically on startup; listens on `0.0.0.0:8001`
|
|
||||||
- **`frontend`** — multi-stage build (compiles the Vue app with `node:20-alpine`, serves the static bundle with `nginx:alpine`); listens on `0.0.0.0:8080` and proxies `/api/` to the `backend` service over Docker's internal network
|
|
||||||
|
|
||||||
### 3. Use it
|
|
||||||
|
|
||||||
- From the host machine: `http://localhost:8080`
|
|
||||||
- From another device on the same network (e.g. a phone): `http://<host-LAN-IP>:8080`
|
|
||||||
|
|
||||||
### Operating the stack
|
|
||||||
|
|
||||||
```sh
|
|
||||||
docker compose ps # check container status
|
|
||||||
docker compose logs -f backend # follow backend logs
|
|
||||||
docker compose down # stop everything (keeps the postgres_data volume)
|
|
||||||
docker compose down -v # stop and wipe all data — careful!
|
|
||||||
docker compose up --build -d # rebuild after pulling code changes
|
|
||||||
docker builder prune -af && docker image prune -af # reclaim disk used by old build layers/images
|
|
||||||
```
|
|
||||||
|
|
||||||
> Each `docker compose up --build` leaves the previous build's cache layers and images
|
|
||||||
> behind, which adds up quickly given how much disk `cargo build` needs. Run the prune
|
|
||||||
> command above after each rebuild (or on a cron job) to reclaim that space.
|
|
||||||
|
|
||||||
### Optional: hardened deployment — isolated user + rootless Docker
|
|
||||||
|
|
||||||
Anyone who can run `docker` commands effectively has root on the host (container volume mounts can reach the whole filesystem) — being in the `docker` group is root-equivalent. For a production server, it's worth confining this stack to a dedicated, unprivileged system user running its own **rootless Docker** daemon, instead of using a system-wide install or adding the user to the `docker` group.
|
|
||||||
|
|
||||||
Rootless Docker runs as a completely independent daemon — separate socket and storage (`~/.local/share/docker` vs. `/var/lib/docker`) — so it coexists fine with an existing system-wide Docker install on the same host. Just make sure `DOCKER_HOST`/`PATH` point at the rootless daemon when operating on this stack, and that the ports you publish in step 4 below aren't already in use elsewhere.
|
|
||||||
|
|
||||||
**1. Create the user:**
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo adduser --disabled-password --gecos "" rss-svc
|
|
||||||
```
|
|
||||||
|
|
||||||
> The "normal" rootless Docker setup runs the daemon as a **per-user systemd service** kept alive via `loginctl enable-linger`, which depends on `systemd-logind`/D-Bus. Minimal headless images (DietPi included) often disable or strip those out — and whether re-enabling them survives the distro's own update mechanism is genuinely unclear. Rather than depend on that, the steps below run rootless Docker as an ordinary **system-level** unit with `User=rss-svc` — no logind, no D-Bus, no lingering, nothing that can be reset out from under you.
|
|
||||||
|
|
||||||
**2. Install rootless Docker for that user:**
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo apt install -y uidmap
|
|
||||||
sudo -u rss-svc -H curl -fsSL https://get.docker.com/rootless -o /tmp/install-rootless.sh
|
|
||||||
sudo -u rss-svc -H sh /tmp/install-rootless.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
The installer detects there's no active systemd **user session** for `rss-svc` (we're not logging in interactively), so instead of wiring up a per-user service it falls back to a runtime directory under the user's home — and prints the exact paths to use, e.g.:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
export XDG_RUNTIME_DIR=/home/rss-svc/.docker/run
|
|
||||||
export PATH=/home/rss-svc/bin:$PATH
|
|
||||||
export DOCKER_HOST=unix:///home/rss-svc/.docker/run/docker.sock
|
|
||||||
```
|
|
||||||
|
|
||||||
Use the values **the installer prints for you** (add them to `~/.bashrc` as `rss-svc` — e.g. `sudo -u rss-svc -H bash`) — this is actually convenient for us, since `~/.docker/run` is a regular on-disk directory that persists across reboots without any `tmpfiles`/`RuntimeDirectory=` trickery.
|
|
||||||
|
|
||||||
Now create the system unit at `/etc/systemd/system/docker-rss-svc.service`, pointing `XDG_RUNTIME_DIR` at that same directory:
|
|
||||||
|
|
||||||
```ini
|
|
||||||
[Unit]
|
|
||||||
Description=Rootless Docker daemon (rss-svc)
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
User=rss-svc
|
|
||||||
Group=rss-svc
|
|
||||||
Environment=PATH=/home/rss-svc/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
|
||||||
Environment=XDG_RUNTIME_DIR=/home/rss-svc/.docker/run
|
|
||||||
ExecStart=/home/rss-svc/bin/dockerd-rootless.sh
|
|
||||||
Restart=always
|
|
||||||
RestartSec=2
|
|
||||||
Delegate=yes
|
|
||||||
Type=notify
|
|
||||||
NotifyAccess=all
|
|
||||||
KillMode=mixed
|
|
||||||
TasksMax=infinity
|
|
||||||
LimitNOFILE=1048576
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
```
|
|
||||||
|
|
||||||
Then enable and start it:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo systemctl daemon-reload
|
|
||||||
sudo systemctl enable --now docker-rss-svc
|
|
||||||
```
|
|
||||||
|
|
||||||
Verify it came up (as `rss-svc`, with the `.bashrc` exports loaded):
|
|
||||||
|
|
||||||
```sh
|
|
||||||
docker info
|
|
||||||
```
|
|
||||||
|
|
||||||
> **cgroup driver note**: rootless Docker defaults to the **systemd** cgroup driver, which expects a per-user slice (`user-<uid>.slice`) created by a logind session — something we don't have here by design. If `docker compose up --build` later fails with `open /sys/fs/cgroup/user.slice/user-<uid>.slice/cgroup.controllers: no such file or directory`, switch dockerd to manage cgroups itself instead. As `rss-svc`:
|
|
||||||
> ```sh
|
|
||||||
> mkdir -p ~/.config/docker
|
|
||||||
> cat > ~/.config/docker/daemon.json << 'EOF'
|
|
||||||
> {
|
|
||||||
> "exec-opts": ["native.cgroupdriver=cgroupfs"]
|
|
||||||
> }
|
|
||||||
> EOF
|
|
||||||
> ```
|
|
||||||
> then, as your sudo-capable user, `sudo systemctl restart docker-rss-svc`.
|
|
||||||
|
|
||||||
**Updating rootless Docker:** the daemon and CLI live in `/home/rss-svc/bin` as a private, self-contained copy of the static binaries — entirely decoupled from the system package manager, so `apt upgrade` never touches them. To update, stop the daemon, re-run the same installer (it just re-downloads the current stable bundle for your architecture and overwrites the files in `~/bin` in place), then start it back up:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo systemctl stop docker-rss-svc
|
|
||||||
sudo -u rss-svc -H curl -fsSL https://get.docker.com/rootless -o /tmp/install-rootless.sh
|
|
||||||
sudo -u rss-svc -H sh /tmp/install-rootless.sh
|
|
||||||
sudo systemctl start docker-rss-svc
|
|
||||||
sudo -u rss-svc -H docker info # confirm the new version
|
|
||||||
```
|
|
||||||
|
|
||||||
**3. Deploy the stack as `rss-svc`:**
|
|
||||||
|
|
||||||
```sh
|
|
||||||
git clone <your-repo-url> ~/rss-reader
|
|
||||||
cd ~/rss-reader
|
|
||||||
cp .env.example .env
|
|
||||||
chmod 600 .env
|
|
||||||
```
|
|
||||||
|
|
||||||
Fill in `.env` with strong, unique secrets — `openssl rand -hex 32` is a convenient way to generate `JWT_SECRET`/`POSTGRES_PASSWORD`.
|
|
||||||
|
|
||||||
**4. Bind published ports to localhost only.** The only thing that needs to reach this stack from outside is the reverse proxy below, and it runs on the same host. Edit `docker-compose.yml`:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
postgres:
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:5432:5432"
|
|
||||||
backend:
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:8001:8001"
|
|
||||||
frontend:
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:8080:80"
|
|
||||||
```
|
|
||||||
|
|
||||||
**5. Bring it up:**
|
|
||||||
|
|
||||||
```sh
|
|
||||||
docker compose up --build -d
|
|
||||||
docker builder prune -af && docker image prune -af # reclaim disk used by old build layers/images
|
|
||||||
```
|
|
||||||
|
|
||||||
**6. Firewall** (run as your normal sudo-capable user — not `rss-svc`):
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo ufw allow OpenSSH
|
|
||||||
sudo ufw allow 80/tcp
|
|
||||||
sudo ufw allow 443/tcp
|
|
||||||
sudo ufw enable
|
|
||||||
```
|
|
||||||
|
|
||||||
With this in place: only SSH and HTTPS are reachable from the network, the reverse proxy is the sole entry point into the app, the whole stack runs in its own user/container/network namespaces with no elevated privileges, and secrets live in a `chmod 600` `.env` owned by an account that can't do anything else on the system.
|
|
||||||
|
|
||||||
### Optional: Apache reverse proxy (TLS termination)
|
|
||||||
|
|
||||||
If you want to expose the app under a domain with HTTPS, put Apache in front of the `frontend` container (which keeps listening on `localhost:8080`) and let Apache handle TLS. Enable the required modules first:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo a2enmod proxy proxy_http proxy_wstunnel ssl headers
|
|
||||||
```
|
|
||||||
|
|
||||||
Then a vhost like this proxies everything — including the WebSocket-capable Vite/axios traffic and the `/api/` calls the frontend's nginx already forwards to the backend — to the container:
|
|
||||||
|
|
||||||
```apache
|
|
||||||
<VirtualHost *:443>
|
|
||||||
ServerName rss.example.com
|
|
||||||
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile /etc/letsencrypt/live/rss.example.com/fullchain.pem
|
|
||||||
SSLCertificateKeyFile /etc/letsencrypt/live/rss.example.com/privkey.pem
|
|
||||||
|
|
||||||
ProxyPreserveHost On
|
|
||||||
ProxyPass / http://127.0.0.1:8080/
|
|
||||||
ProxyPassReverse / http://127.0.0.1:8080/
|
|
||||||
|
|
||||||
RequestHeader set X-Forwarded-Proto "https"
|
|
||||||
|
|
||||||
ErrorLog ${APACHE_LOG_DIR}/rss-error.log
|
|
||||||
CustomLog ${APACHE_LOG_DIR}/rss-access.log combined
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
# Redirect plain HTTP to HTTPS
|
|
||||||
<VirtualHost *:80>
|
|
||||||
ServerName rss.example.com
|
|
||||||
Redirect permanent / https://rss.example.com/
|
|
||||||
</VirtualHost>
|
|
||||||
```
|
|
||||||
|
|
||||||
Notes for this setup:
|
|
||||||
|
|
||||||
- Set `FRONTEND_ORIGIN=https://rss.example.com` in your root `.env` so the backend's CORS check allows the proxied origin, then `docker compose up --build -d backend`.
|
|
||||||
- You no longer need to publish port `8080` to the LAN — change the `frontend` service's port mapping in `docker-compose.yml` to `"127.0.0.1:8080:80"` so only Apache (on the same host) can reach it.
|
|
||||||
- Obtain the certificate with `certbot --apache -d rss.example.com` (via the [Certbot](https://certbot.eff.org/) Apache plugin), which can also write the vhost and set up auto-renewal for you.
|
|
||||||
|
|
||||||
### Notes
|
|
||||||
|
|
||||||
- Migrations run automatically at backend startup — no manual `diesel` step needed in production.
|
|
||||||
- Secrets (`POSTGRES_PASSWORD`, `JWT_SECRET`, `FRONTEND_ORIGIN`) come from the root `.env`, which is gitignored and interpolated into `docker-compose.yml` via `${VAR}` — never commit real secrets.
|
|
||||||
- If you need the app reachable from multiple origins (e.g. `localhost:8080` on desktop and `<lan-ip>:8080` on a phone), the current single-origin CORS check (`FRONTEND_ORIGIN`) won't allow both — pick the one you'll actually use, or relax the CORS policy in `src/main.rs` for a self-hosted, trusted-network setup.
|
|
||||||
|
|||||||
@@ -0,0 +1,8 @@
|
|||||||
|
application:
|
||||||
|
port: 8001
|
||||||
|
database:
|
||||||
|
host: "localhost"
|
||||||
|
port: 5432
|
||||||
|
username: "admin"
|
||||||
|
password: "secret+123"
|
||||||
|
database_name: "rss"
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
application:
|
||||||
|
host: 127.0.0.1
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
application:
|
||||||
|
host: 0.0.0.0
|
||||||
+30
-26
@@ -1,40 +1,44 @@
|
|||||||
|
version: "3.7"
|
||||||
services:
|
services:
|
||||||
|
|
||||||
|
# vue-app:
|
||||||
|
# build:
|
||||||
|
# context: ./vue/
|
||||||
|
# dockerfile: Dockerfile
|
||||||
|
# ports:
|
||||||
|
# - "8080:8080" # Adjust the port as needed for your Rust application
|
||||||
|
# networks:
|
||||||
|
# - app-network
|
||||||
|
|
||||||
postgres:
|
postgres:
|
||||||
|
restart: always
|
||||||
container_name: "rss-postgres"
|
container_name: "rss-postgres"
|
||||||
image: "postgres:18"
|
image: "postgres:15"
|
||||||
ports:
|
ports:
|
||||||
- "5432:5432"
|
- "5432:5432"
|
||||||
environment:
|
environment:
|
||||||
- "POSTGRES_USER=admin"
|
- "POSTGRES_USER=admin"
|
||||||
- "POSTGRES_DB=rss"
|
- "POSTGRES_DB=rss"
|
||||||
- "POSTGRES_PASSWORD=${POSTGRES_PASSWORD}"
|
- "POSTGRES_PASSWORD=secret+123"
|
||||||
volumes:
|
volumes:
|
||||||
- postgres_data:/var/lib/postgresql
|
- postgres_data:/var/lib/postgresql/data
|
||||||
|
networks:
|
||||||
|
- app-network
|
||||||
|
|
||||||
backend:
|
# rust-app:
|
||||||
container_name: "rss-backend"
|
# build:
|
||||||
build:
|
# context: . # Specify the path to your Rust application's Dockerfile
|
||||||
context: .
|
# dockerfile: Dockerfile
|
||||||
dockerfile: Dockerfile
|
# ports:
|
||||||
depends_on:
|
# - "8001:8001" # Adjust the port as needed for your Rust application
|
||||||
- postgres
|
# depends_on:
|
||||||
environment:
|
# - postgres
|
||||||
- "DATABASE_URL=postgres://admin:${POSTGRES_PASSWORD}@postgres/rss"
|
# networks:
|
||||||
- "JWT_SECRET=${JWT_SECRET}"
|
# - app-network
|
||||||
- "FRONTEND_ORIGIN=${FRONTEND_ORIGIN}"
|
|
||||||
- "RUST_LOG=${RUST_LOG}"
|
|
||||||
ports:
|
|
||||||
- "0.0.0.0:8001:8001"
|
|
||||||
|
|
||||||
frontend:
|
networks:
|
||||||
container_name: "rss-frontend"
|
app-network:
|
||||||
build:
|
driver: bridge
|
||||||
context: ./vue
|
|
||||||
dockerfile: Dockerfile
|
|
||||||
depends_on:
|
|
||||||
- backend
|
|
||||||
ports:
|
|
||||||
- "0.0.0.0:8080:80"
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
postgres_data:
|
postgres_data:
|
||||||
|
|||||||
Executable
+36
@@ -0,0 +1,36 @@
|
|||||||
|
const loginButton = document.getElementById('loginButton');
|
||||||
|
const username = document.getElementById(
|
||||||
|
'defaultLoginFormUsername');
|
||||||
|
const password = document.getElementById(
|
||||||
|
'defaultLoginFormPassword');
|
||||||
|
const message = document.getElementById("loginMessage");
|
||||||
|
|
||||||
|
|
||||||
|
loginButton.addEventListener("click", () => {
|
||||||
|
let xhr = new XMLHttpRequest();
|
||||||
|
xhr.open("POST", "/api/v1/auth/login", true);
|
||||||
|
xhr.setRequestHeader("Content-Type",
|
||||||
|
"application/json");
|
||||||
|
xhr.onreadystatechange = function () {
|
||||||
|
if (xhr.readyState === 4) {
|
||||||
|
if (xhr.status === 200) {
|
||||||
|
let token = xhr.getResponseHeader("token");
|
||||||
|
localStorage.setItem("user-token", token);
|
||||||
|
console.log("status 200: " + document.location.origin);
|
||||||
|
window.location.replace(
|
||||||
|
document.location.origin);
|
||||||
|
} else {
|
||||||
|
message.innerText =
|
||||||
|
"login failed please try again";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
let data = JSON.stringify({
|
||||||
|
"username": username.value,
|
||||||
|
"password": password.value
|
||||||
|
});
|
||||||
|
|
||||||
|
xhr.send(data);
|
||||||
|
message.innerText = "logging in";
|
||||||
|
|
||||||
|
})
|
||||||
Executable
+59
@@ -0,0 +1,59 @@
|
|||||||
|
if (localStorage.getItem("user-token") == null) {
|
||||||
|
window.location.replace(document.location.origin + "/login");
|
||||||
|
} else {
|
||||||
|
getArticles();
|
||||||
|
}
|
||||||
|
|
||||||
|
function apiCall(url, method) {
|
||||||
|
let xhr = new XMLHttpRequest();
|
||||||
|
xhr.withCredentials = true;
|
||||||
|
|
||||||
|
xhr.addEventListener("readystatechange", function () {
|
||||||
|
if (this.readyState === this.DONE) {
|
||||||
|
if (this.status === 401) {
|
||||||
|
window.location.replace(document.location.origin + "/login/");
|
||||||
|
} else {
|
||||||
|
runRenderProcess(JSON.parse(this.responseText));
|
||||||
|
localStorage.setItem("item-cache-date", new Date());
|
||||||
|
localStorage.setItem("item-cache-data", this.responseText);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
xhr.open(method, "/api/v1" + url);
|
||||||
|
xhr.setRequestHeader("content-type", "application/json");
|
||||||
|
xhr.setRequestHeader("user-token", localStorage.getItem("user-token"));
|
||||||
|
return xhr;
|
||||||
|
}
|
||||||
|
|
||||||
|
function runRenderProcess(data) {
|
||||||
|
params = renderArticle(data["feeds"]);
|
||||||
|
// document.getElementById("mainContainer").innerHtml = params;
|
||||||
|
}
|
||||||
|
function renderArticle(feeds) {
|
||||||
|
let placeholder = "<div>";
|
||||||
|
for (i = 0; i < feeds.length; i++) {
|
||||||
|
let title = feeds[i]["title"];
|
||||||
|
placeholder += '<div class="itemContainer">' + "<p>" + title + "</p>";
|
||||||
|
let items = feeds[i]["items"];
|
||||||
|
|
||||||
|
for (t = 0; t < items.length; t++) {
|
||||||
|
placeholder +=
|
||||||
|
'<div class="article">' +
|
||||||
|
"<h2>" +
|
||||||
|
items[t].title +
|
||||||
|
"</h2>" +
|
||||||
|
"<p>" +
|
||||||
|
items[t].content +
|
||||||
|
"</p>";
|
||||||
|
}
|
||||||
|
|
||||||
|
placeholder += "</div>" + "</div>";
|
||||||
|
}
|
||||||
|
placeholder += "</div>";
|
||||||
|
document.getElementById("mainContainer").innerHTML = placeholder;
|
||||||
|
}
|
||||||
|
|
||||||
|
function getArticles() {
|
||||||
|
let call = apiCall("/article/get", "GET");
|
||||||
|
call.send();
|
||||||
|
}
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
-- This file should undo anything in `up.sql`
|
|
||||||
ALTER TABLE users
|
|
||||||
DROP COLUMN token_version;
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
-- Your SQL goes here
|
|
||||||
ALTER TABLE users
|
|
||||||
ADD COLUMN token_version INTEGER NOT NULL DEFAULT 0;
|
|
||||||
@@ -1,23 +0,0 @@
|
|||||||
use std::future::{ready, Ready};
|
|
||||||
|
|
||||||
use actix_web::dev::Payload;
|
|
||||||
use actix_web::{error::ErrorUnauthorized, Error, FromRequest, HttpMessage, HttpRequest};
|
|
||||||
|
|
||||||
/// The user id of the caller, as established by the auth middleware after
|
|
||||||
/// verifying the `user-token` header. Extracting this (instead of trusting a
|
|
||||||
/// client-supplied `user_id` in the path/body) is the source of truth for
|
|
||||||
/// "who is making this request".
|
|
||||||
#[derive(Clone, Copy)]
|
|
||||||
pub struct AuthUser(pub i32);
|
|
||||||
|
|
||||||
impl FromRequest for AuthUser {
|
|
||||||
type Error = Error;
|
|
||||||
type Future = Ready<Result<Self, Self::Error>>;
|
|
||||||
|
|
||||||
fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future {
|
|
||||||
match req.extensions().get::<AuthUser>() {
|
|
||||||
Some(auth_user) => ready(Ok(*auth_user)),
|
|
||||||
None => ready(Err(ErrorUnauthorized("missing authenticated user"))),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+16
-71
@@ -2,72 +2,41 @@ extern crate hmac;
|
|||||||
extern crate jwt;
|
extern crate jwt;
|
||||||
extern crate sha2;
|
extern crate sha2;
|
||||||
|
|
||||||
use std::env;
|
use std::collections::BTreeMap;
|
||||||
|
|
||||||
use actix_web::HttpRequest;
|
use actix_web::HttpRequest;
|
||||||
use chrono::{Duration, Utc};
|
|
||||||
use dotenv::dotenv;
|
|
||||||
use hmac::{Hmac, Mac};
|
use hmac::{Hmac, Mac};
|
||||||
use jwt::{Header, SignWithKey, Token, VerifyWithKey};
|
use jwt::{Header, SignWithKey, Token, VerifyWithKey};
|
||||||
use serde::{Deserialize, Serialize};
|
|
||||||
use sha2::Sha256;
|
use sha2::Sha256;
|
||||||
|
|
||||||
/// How long a freshly issued token remains valid for.
|
|
||||||
const TOKEN_LIFETIME_HOURS: i64 = 730;
|
|
||||||
|
|
||||||
pub struct JwtToken {
|
pub struct JwtToken {
|
||||||
pub user_id: i32,
|
pub user_id: i32,
|
||||||
pub token_version: i32,
|
pub body: String,
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
|
||||||
struct Claims {
|
|
||||||
user_id: i32,
|
|
||||||
/// Must match `users.token_version` for the token to be accepted; bumping
|
|
||||||
/// the column (e.g. on logout) revokes every token issued before that point.
|
|
||||||
tv: i32,
|
|
||||||
/// Unix timestamp after which the token is rejected, independent of signature validity.
|
|
||||||
exp: i64,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type HmacSha256 = Hmac<Sha256>;
|
type HmacSha256 = Hmac<Sha256>;
|
||||||
|
|
||||||
fn signing_key() -> HmacSha256 {
|
|
||||||
dotenv().ok();
|
|
||||||
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
|
||||||
// HMAC-SHA256 accepts a key of any length, so this cannot fail.
|
|
||||||
HmacSha256::new_from_slice(secret.as_bytes()).expect("HMAC accepts a key of any length")
|
|
||||||
}
|
|
||||||
|
|
||||||
impl JwtToken {
|
impl JwtToken {
|
||||||
pub fn encode(user_id: i32, token_version: i32) -> String {
|
pub fn encode(user_id: i32) -> String {
|
||||||
let key: HmacSha256 = signing_key();
|
let key: HmacSha256 = HmacSha256::new_from_slice(b"secret").unwrap();
|
||||||
let claims = Claims {
|
let mut claims = BTreeMap::new();
|
||||||
user_id,
|
claims.insert("user_id", user_id);
|
||||||
tv: token_version,
|
claims.sign_with_key(&key).unwrap()
|
||||||
exp: (Utc::now() + Duration::hours(TOKEN_LIFETIME_HOURS)).timestamp(),
|
|
||||||
};
|
|
||||||
// Signing claims with a valid HMAC key cannot fail.
|
|
||||||
claims
|
|
||||||
.sign_with_key(&key)
|
|
||||||
.expect("signing claims with a valid HMAC key cannot fail")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn decode(encoded_token: String) -> Result<JwtToken, &'static str> {
|
pub fn decode(encoded_token: String) -> Result<JwtToken, &'static str> {
|
||||||
let key: HmacSha256 = signing_key();
|
let key: HmacSha256 = HmacSha256::new_from_slice(b"secret").unwrap();
|
||||||
let token_str: &str = encoded_token.as_str();
|
let token_str: &str = encoded_token.as_str();
|
||||||
let token: Result<Token<Header, Claims, jwt::Verified>, jwt::Error> =
|
let token: Result<Token<Header, BTreeMap<String, i32>, jwt::Verified>, jwt::Error> =
|
||||||
VerifyWithKey::verify_with_key(token_str, &key);
|
VerifyWithKey::verify_with_key(token_str, &key);
|
||||||
|
|
||||||
match token {
|
match token {
|
||||||
Ok(token) => {
|
Ok(token) => {
|
||||||
|
let _header = token.header();
|
||||||
let claims = token.claims();
|
let claims = token.claims();
|
||||||
if claims.exp < Utc::now().timestamp() {
|
|
||||||
return Err("token has expired");
|
|
||||||
}
|
|
||||||
Ok(JwtToken {
|
Ok(JwtToken {
|
||||||
user_id: claims.user_id,
|
user_id: claims["user_id"],
|
||||||
token_version: claims.tv,
|
body: encoded_token,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
Err(_err) => Err("could not decode token"),
|
Err(_err) => Err("could not decode token"),
|
||||||
@@ -77,10 +46,7 @@ impl JwtToken {
|
|||||||
#[allow(dead_code)]
|
#[allow(dead_code)]
|
||||||
pub fn decode_from_request(request: HttpRequest) -> Result<JwtToken, &'static str> {
|
pub fn decode_from_request(request: HttpRequest) -> Result<JwtToken, &'static str> {
|
||||||
match request.headers().get("user-token") {
|
match request.headers().get("user-token") {
|
||||||
Some(token) => match token.to_str() {
|
Some(token) => JwtToken::decode(String::from(token.to_str().unwrap())),
|
||||||
Ok(token_str) => JwtToken::decode(String::from(token_str)),
|
|
||||||
Err(_) => Err("token header is not valid text"),
|
|
||||||
},
|
|
||||||
None => Err("There is no token"),
|
None => Err("There is no token"),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -89,19 +55,14 @@ impl JwtToken {
|
|||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod jwt_test {
|
mod jwt_test {
|
||||||
use actix_web::{http::header, test};
|
use actix_web::{http::header, test};
|
||||||
use chrono::{Duration, Utc};
|
|
||||||
use hmac::Hmac;
|
|
||||||
use jwt::SignWithKey;
|
|
||||||
use sha2::Sha256;
|
|
||||||
|
|
||||||
use super::{Claims, JwtToken};
|
use super::JwtToken;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
async fn encode_decode() {
|
async fn encode_decode() {
|
||||||
let encoded_token: String = JwtToken::encode(32, 0);
|
let encoded_token: String = JwtToken::encode(32);
|
||||||
let decoded_token: JwtToken = JwtToken::decode(encoded_token).unwrap();
|
let decoded_token: JwtToken = JwtToken::decode(encoded_token).unwrap();
|
||||||
assert_eq!(32, decoded_token.user_id);
|
assert_eq!(32, decoded_token.user_id);
|
||||||
assert_eq!(0, decoded_token.token_version);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
@@ -114,25 +75,9 @@ mod jwt_test {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
|
||||||
async fn decode_expired_token() {
|
|
||||||
let key: Hmac<Sha256> = super::signing_key();
|
|
||||||
let claims = Claims {
|
|
||||||
user_id: 32,
|
|
||||||
tv: 0,
|
|
||||||
exp: (Utc::now() - Duration::hours(1)).timestamp(),
|
|
||||||
};
|
|
||||||
let expired_token: String = claims.sign_with_key(&key).unwrap();
|
|
||||||
|
|
||||||
match JwtToken::decode(expired_token) {
|
|
||||||
Err(message) => assert_eq!(message, "token has expired"),
|
|
||||||
_ => panic!("Expired token should not be accepted."),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
#[actix_web::test]
|
||||||
async fn decode_from_request_with_correct_token() {
|
async fn decode_from_request_with_correct_token() {
|
||||||
let encoded_token: String = JwtToken::encode(32, 0);
|
let encoded_token: String = JwtToken::encode(32);
|
||||||
let request = test::TestRequest::default()
|
let request = test::TestRequest::default()
|
||||||
.insert_header(header::ContentType::json())
|
.insert_header(header::ContentType::json())
|
||||||
.insert_header(("user-token", encoded_token))
|
.insert_header(("user-token", encoded_token))
|
||||||
|
|||||||
+10
-15
@@ -1,13 +1,13 @@
|
|||||||
use actix_web::dev::ServiceRequest;
|
use actix_web::dev::ServiceRequest;
|
||||||
pub mod extractor;
|
|
||||||
pub mod jwt;
|
pub mod jwt;
|
||||||
pub mod processes;
|
pub mod processes;
|
||||||
use crate::auth::processes::check_token;
|
use crate::auth::processes::check_password;
|
||||||
use crate::auth::processes::extract_header_token;
|
use crate::auth::processes::extract_header_token;
|
||||||
|
|
||||||
pub fn process_token(request: &ServiceRequest) -> Result<i32, &'static str> {
|
#[tracing::instrument(name = "Process token")]
|
||||||
|
pub fn process_token(request: &ServiceRequest) -> Result<String, &'static str> {
|
||||||
match extract_header_token(request) {
|
match extract_header_token(request) {
|
||||||
Ok(token) => check_token(token),
|
Ok(token) => check_password(token),
|
||||||
Err(message) => Err(message),
|
Err(message) => Err(message),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -17,24 +17,19 @@ mod mod_test {
|
|||||||
|
|
||||||
use actix_web::test::TestRequest;
|
use actix_web::test::TestRequest;
|
||||||
|
|
||||||
use super::process_token;
|
use super::{jwt::JwtToken, process_token};
|
||||||
use crate::auth::jwt::JwtToken;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::test_helpers::{delete_user, insert_user};
|
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn process_token_test() {
|
fn process_token_test() {
|
||||||
let mut connection = establish_connection();
|
let token = JwtToken::encode(32);
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
|
|
||||||
let token = JwtToken::encode(user.id, user.token_version);
|
|
||||||
let request = TestRequest::delete()
|
let request = TestRequest::delete()
|
||||||
.insert_header(("user-token", token))
|
.insert_header(("user-token", token))
|
||||||
.to_srv_request();
|
.to_srv_request();
|
||||||
|
|
||||||
assert_eq!(Ok(user.id), process_token(&request));
|
match process_token(&request) {
|
||||||
|
Ok(message) => assert_eq!("passed", message),
|
||||||
delete_user(&mut connection, user.id);
|
Err(_) => panic!("process token failed"),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[actix_web::test]
|
#[actix_web::test]
|
||||||
|
|||||||
+25
-57
@@ -1,33 +1,20 @@
|
|||||||
use super::jwt;
|
use super::jwt;
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::models::user::rss_user::User;
|
|
||||||
use crate::schema::users;
|
|
||||||
use actix_web::dev::ServiceRequest;
|
use actix_web::dev::ServiceRequest;
|
||||||
use diesel::prelude::*;
|
use secrecy::{ExposeSecret, Secret};
|
||||||
|
|
||||||
/// Decodes the token and confirms it hasn't been revoked, i.e. its `token_version`
|
pub fn check_password(password: Secret<String>) -> Result<String, &'static str> {
|
||||||
/// still matches the one stored on the user (bumped on logout / password change).
|
match jwt::JwtToken::decode(password.expose_secret().to_string()) {
|
||||||
pub fn check_token(token: String) -> Result<i32, &'static str> {
|
Ok(_token) => Ok(String::from("passed")),
|
||||||
let decoded = jwt::JwtToken::decode(token)?;
|
Err(message) => Err(message),
|
||||||
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user: User = users::table
|
|
||||||
.find(decoded.user_id)
|
|
||||||
.first(&mut connection)
|
|
||||||
.map_err(|_| "could not decode token")?;
|
|
||||||
|
|
||||||
if user.token_version != decoded.token_version {
|
|
||||||
return Err("token has been revoked");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(decoded.user_id)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn extract_header_token(request: &ServiceRequest) -> Result<String, &'static str> {
|
#[tracing::instrument(name = "Extract Header Token")]
|
||||||
|
pub fn extract_header_token(request: &ServiceRequest) -> Result<Secret<String>, &'static str> {
|
||||||
match request.headers().get("user-token") {
|
match request.headers().get("user-token") {
|
||||||
Some(token) => match token.to_str() {
|
Some(token) => match token.to_str() {
|
||||||
Ok(processed_token) => Ok(String::from(processed_token)),
|
Ok(processed_password) => Ok(Secret::new(String::from(processed_password))),
|
||||||
Err(_) => Err("there was an error processing token"),
|
Err(_processed_password) => Err("there was an error processing token"),
|
||||||
},
|
},
|
||||||
None => Err("there is no token"),
|
None => Err("there is no token"),
|
||||||
}
|
}
|
||||||
@@ -36,51 +23,32 @@ pub fn extract_header_token(request: &ServiceRequest) -> Result<String, &'static
|
|||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod processes_test {
|
mod processes_test {
|
||||||
use actix_web::test::TestRequest;
|
use actix_web::test::TestRequest;
|
||||||
use diesel::prelude::*;
|
use secrecy::{ExposeSecret, Secret};
|
||||||
|
|
||||||
use crate::auth::jwt::JwtToken;
|
use crate::auth::jwt::JwtToken;
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::test_helpers::{delete_user, insert_user};
|
|
||||||
|
|
||||||
use super::check_token;
|
use super::check_password;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn check_correct_token() {
|
fn check_correct_password() {
|
||||||
let mut connection = establish_connection();
|
let password_string: Secret<String> = Secret::new(JwtToken::encode(32));
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
|
|
||||||
let token: String = JwtToken::encode(user.id, user.token_version);
|
let result = check_password(password_string);
|
||||||
|
|
||||||
let result = check_token(token);
|
match result {
|
||||||
|
Ok(check) => assert_eq!("passed", check),
|
||||||
assert_eq!(Ok(user.id), result);
|
_ => panic!("Check correct password failed."),
|
||||||
|
}
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn revoked_token_is_rejected() {
|
fn incorrect_check_password() {
|
||||||
let mut connection = establish_connection();
|
let password: Secret<String> = Secret::new(String::from("test"));
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
|
|
||||||
// Token signed with the user's current version, then the version is bumped
|
match check_password(password) {
|
||||||
// (as logout would do), which must invalidate the previously issued token.
|
Err(message) => assert_eq!("could not decode token", message),
|
||||||
let token: String = JwtToken::encode(user.id, user.token_version);
|
_ => panic!("check password should not be able to be decoded"),
|
||||||
diesel::update(crate::schema::users::table.find(user.id))
|
}
|
||||||
.set(crate::schema::users::token_version.eq(user.token_version + 1))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
assert_eq!(Err("token has been revoked"), check_token(token));
|
|
||||||
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn incorrect_check_token() {
|
|
||||||
let token: String = String::from("test");
|
|
||||||
|
|
||||||
assert_eq!(Err("could not decode token"), check_token(token));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
@@ -90,7 +58,7 @@ mod processes_test {
|
|||||||
.to_srv_request();
|
.to_srv_request();
|
||||||
|
|
||||||
match super::extract_header_token(&request) {
|
match super::extract_header_token(&request) {
|
||||||
Ok(processed_password) => assert_eq!("token", processed_password),
|
Ok(processed_password) => assert_eq!("token", processed_password.expose_secret()),
|
||||||
_ => panic!("failed extract_header_token"),
|
_ => panic!("failed extract_header_token"),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,118 @@
|
|||||||
|
use config::{Config, ConfigError};
|
||||||
|
use secrecy::{ExposeSecret, Secret};
|
||||||
|
|
||||||
|
#[derive(serde::Deserialize, Debug)]
|
||||||
|
pub struct Settings {
|
||||||
|
pub database: DatabaseSettings,
|
||||||
|
pub application: ApplicationSettings,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(serde::Deserialize, Debug)]
|
||||||
|
pub struct ApplicationSettings {
|
||||||
|
pub port: u16,
|
||||||
|
pub host: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(serde::Deserialize, Debug)]
|
||||||
|
pub struct DatabaseSettings {
|
||||||
|
pub username: String,
|
||||||
|
pub password: Secret<String>,
|
||||||
|
pub port: u16,
|
||||||
|
pub host: String,
|
||||||
|
pub database_name: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl TryFrom<Config> for Settings {
|
||||||
|
type Error = ConfigError;
|
||||||
|
|
||||||
|
fn try_from(builder: config::Config) -> Result<Self, Self::Error> {
|
||||||
|
// Extract values from the builder and construct Settings
|
||||||
|
let database = builder.get::<DatabaseSettings>("database")?;
|
||||||
|
let application = builder.get::<ApplicationSettings>("application")?;
|
||||||
|
|
||||||
|
Ok(Settings {
|
||||||
|
database,
|
||||||
|
application,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl DatabaseSettings {
|
||||||
|
pub fn connection_string(&self) -> Secret<String> {
|
||||||
|
Secret::new(format!(
|
||||||
|
"postgres://{}:{}@{}:{}/{}",
|
||||||
|
self.username,
|
||||||
|
self.password.expose_secret(),
|
||||||
|
self.host,
|
||||||
|
self.port,
|
||||||
|
self.database_name
|
||||||
|
))
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn connection_string_without_db(&self) -> Secret<String> {
|
||||||
|
Secret::new(format!(
|
||||||
|
"postgres://{}:{}@{}:{}",
|
||||||
|
self.username,
|
||||||
|
self.password.expose_secret(),
|
||||||
|
self.host,
|
||||||
|
self.port
|
||||||
|
))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn get_configuration() -> Result<Settings, ConfigError> {
|
||||||
|
let base_path = std::env::current_dir().expect("Failed to determine the current directory.");
|
||||||
|
let configuration_directory = base_path.join("configuration");
|
||||||
|
|
||||||
|
// Detect the running environment
|
||||||
|
// Default to `local`
|
||||||
|
let environment: Environment = std::env::var("APP_ENVIRONMENT")
|
||||||
|
.unwrap_or_else(|_| "local".into())
|
||||||
|
.try_into()
|
||||||
|
.expect("Failed to parse APP_ENVIRONMENT.");
|
||||||
|
|
||||||
|
let environment_filename = format!("{}.yaml", environment.as_str());
|
||||||
|
// Initialise our configuration reader
|
||||||
|
let settings = config::Config::builder()
|
||||||
|
// Add configuration values from a file named `configuration.yaml`.
|
||||||
|
.add_source(config::File::from(
|
||||||
|
configuration_directory.join("base.yaml"),
|
||||||
|
))
|
||||||
|
.add_source(config::File::from(
|
||||||
|
configuration_directory.join(environment_filename),
|
||||||
|
))
|
||||||
|
.build()?;
|
||||||
|
// Try to convert the configuration values it read into
|
||||||
|
// our Settings type
|
||||||
|
settings.try_deserialize::<Settings>()
|
||||||
|
}
|
||||||
|
|
||||||
|
pub enum Environment {
|
||||||
|
Local,
|
||||||
|
Production,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Environment {
|
||||||
|
pub fn as_str(&self) -> &'static str {
|
||||||
|
match self {
|
||||||
|
Environment::Local => "local",
|
||||||
|
Environment::Production => "production",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl TryFrom<String> for Environment {
|
||||||
|
type Error = String;
|
||||||
|
|
||||||
|
fn try_from(s: String) -> Result<Self, Self::Error> {
|
||||||
|
match s.to_lowercase().as_str() {
|
||||||
|
"local" => Ok(Self::Local),
|
||||||
|
"production" => Ok(Self::Production),
|
||||||
|
other => Err(format!(
|
||||||
|
"{} is not a supported environement. \
|
||||||
|
Use either 'local' or 'production'.",
|
||||||
|
other
|
||||||
|
)),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,9 @@
|
|||||||
|
application:
|
||||||
|
port: 8000
|
||||||
|
host: 127.0.0.1
|
||||||
|
database:
|
||||||
|
host: "127.0.0.1"
|
||||||
|
port: 5432
|
||||||
|
username: "postgres"
|
||||||
|
password: "password"
|
||||||
|
database_name: "newsletter"
|
||||||
+9
-18
@@ -1,21 +1,12 @@
|
|||||||
use diesel::pg::PgConnection;
|
use diesel::pg::PgConnection;
|
||||||
use diesel::prelude::*;
|
use diesel::r2d2::{ConnectionManager, Pool};
|
||||||
use diesel_migrations::{embed_migrations, EmbeddedMigrations, MigrationHarness};
|
|
||||||
use dotenv::dotenv;
|
|
||||||
use std::env;
|
|
||||||
|
|
||||||
pub const MIGRATIONS: EmbeddedMigrations = embed_migrations!("migrations");
|
pub fn get_connection_pool(url: &str) -> Pool<ConnectionManager<PgConnection>> {
|
||||||
|
let manager = ConnectionManager::<PgConnection>::new(url);
|
||||||
pub fn establish_connection() -> PgConnection {
|
// Refer to the `r2d2` documentation for more methods to use
|
||||||
dotenv().ok();
|
// when building a connection pool
|
||||||
|
Pool::builder()
|
||||||
let database_url = env::var("DATABASE_URL").expect("DATABASE_URL must be set");
|
.test_on_check_out(true)
|
||||||
PgConnection::establish(&database_url)
|
.build(manager)
|
||||||
.unwrap_or_else(|e| panic!("Error connecting to database {}: {}", database_url, e))
|
.expect("Could not build connection pool")
|
||||||
}
|
|
||||||
|
|
||||||
pub fn run_migrations(connection: &mut PgConnection) {
|
|
||||||
connection
|
|
||||||
.run_pending_migrations(MIGRATIONS)
|
|
||||||
.expect("Failed to run database migrations");
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,34 +0,0 @@
|
|||||||
use actix_web::{HttpResponse, ResponseError};
|
|
||||||
use std::fmt;
|
|
||||||
|
|
||||||
/// Wraps any error so it can be returned with `?` from request handlers.
|
|
||||||
/// Always surfaces as a 500 to the client; the real error is logged.
|
|
||||||
pub struct AppError(anyhow::Error);
|
|
||||||
|
|
||||||
impl fmt::Debug for AppError {
|
|
||||||
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
|
||||||
fmt::Debug::fmt(&self.0, f)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl fmt::Display for AppError {
|
|
||||||
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
|
||||||
fmt::Display::fmt(&self.0, f)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl ResponseError for AppError {
|
|
||||||
fn error_response(&self) -> HttpResponse {
|
|
||||||
log::error!("Unhandled error: {:?}", self.0);
|
|
||||||
HttpResponse::InternalServerError().finish()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl<E> From<E> for AppError
|
|
||||||
where
|
|
||||||
E: Into<anyhow::Error>,
|
|
||||||
{
|
|
||||||
fn from(err: E) -> Self {
|
|
||||||
AppError(err.into())
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{HttpResponse, Responder};
|
use actix_web::{HttpResponse, Responder};
|
||||||
|
use reqwest::StatusCode;
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
|
||||||
use crate::reader::structs::feed::FeedAggregate;
|
use crate::reader::structs::feed::FeedAggregate;
|
||||||
@@ -13,12 +13,7 @@ impl Responder for Articles {
|
|||||||
type Body = String;
|
type Body = String;
|
||||||
|
|
||||||
fn respond_to(self, _req: &actix_web::HttpRequest) -> actix_web::HttpResponse<Self::Body> {
|
fn respond_to(self, _req: &actix_web::HttpRequest) -> actix_web::HttpResponse<Self::Body> {
|
||||||
match serde_json::to_string(&self) {
|
let body = serde_json::to_string(&self).unwrap();
|
||||||
Ok(body) => HttpResponse::with_body(StatusCode::OK, body),
|
HttpResponse::with_body(StatusCode::OK, body)
|
||||||
Err(err) => {
|
|
||||||
log::error!("Failed to serialize response: {}", err);
|
|
||||||
HttpResponse::with_body(StatusCode::INTERNAL_SERVER_ERROR, String::new())
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,29 +0,0 @@
|
|||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{HttpResponse, Responder};
|
|
||||||
use serde::Serialize;
|
|
||||||
|
|
||||||
#[derive(Serialize)]
|
|
||||||
pub struct FeedInfo {
|
|
||||||
pub id: i32,
|
|
||||||
pub title: String,
|
|
||||||
pub url: String,
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Serialize)]
|
|
||||||
pub struct FeedInfoList {
|
|
||||||
pub feeds: Vec<FeedInfo>,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl Responder for FeedInfoList {
|
|
||||||
type Body = String;
|
|
||||||
|
|
||||||
fn respond_to(self, _req: &actix_web::HttpRequest) -> actix_web::HttpResponse<Self::Body> {
|
|
||||||
match serde_json::to_string(&self) {
|
|
||||||
Ok(body) => HttpResponse::with_body(StatusCode::OK, body),
|
|
||||||
Err(err) => {
|
|
||||||
log::error!("Failed to serialize response: {}", err);
|
|
||||||
HttpResponse::with_body(StatusCode::INTERNAL_SERVER_ERROR, String::new())
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
pub mod articles;
|
pub mod articles;
|
||||||
pub mod feed_info;
|
|
||||||
pub mod login;
|
pub mod login;
|
||||||
pub mod new_feed;
|
pub mod new_feed;
|
||||||
|
pub mod new_feed_item;
|
||||||
pub mod new_user;
|
pub mod new_user;
|
||||||
pub mod read_feed_item;
|
pub mod read_feed_item;
|
||||||
pub mod readable;
|
pub mod readable;
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
pub struct NewFeedSchema {
|
pub struct NewFeedSchema {
|
||||||
pub title: String,
|
pub title: String,
|
||||||
pub url: String,
|
pub url: String,
|
||||||
|
|||||||
@@ -0,0 +1,9 @@
|
|||||||
|
use serde::Deserialize;
|
||||||
|
|
||||||
|
#[derive(Deserialize)]
|
||||||
|
pub struct NewFeedItemSchema {
|
||||||
|
pub content: String,
|
||||||
|
pub feed_id: i32,
|
||||||
|
pub url: String,
|
||||||
|
pub title: String,
|
||||||
|
}
|
||||||
@@ -1,6 +1,6 @@
|
|||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
pub struct NewUserSchema {
|
pub struct NewUserSchema {
|
||||||
pub name: String,
|
pub name: String,
|
||||||
pub email: String,
|
pub email: String,
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
use serde_derive::Deserialize;
|
use serde_derive::Deserialize;
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
pub struct ReadItem {
|
pub struct ReadItem {
|
||||||
pub id: i32,
|
pub id: i32,
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{HttpResponse, Responder};
|
use actix_web::{HttpResponse, Responder};
|
||||||
|
use reqwest::StatusCode;
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
|
||||||
#[derive(Serialize)]
|
#[derive(Serialize)]
|
||||||
@@ -11,12 +11,7 @@ impl Responder for Readable {
|
|||||||
type Body = String;
|
type Body = String;
|
||||||
|
|
||||||
fn respond_to(self, _req: &actix_web::HttpRequest) -> actix_web::HttpResponse<Self::Body> {
|
fn respond_to(self, _req: &actix_web::HttpRequest) -> actix_web::HttpResponse<Self::Body> {
|
||||||
match serde_json::to_string(&self) {
|
let body = serde_json::to_string(&self).unwrap();
|
||||||
Ok(body) => HttpResponse::with_body(StatusCode::OK, body),
|
HttpResponse::with_body(StatusCode::OK, body)
|
||||||
Err(err) => {
|
|
||||||
log::error!("Failed to serialize response: {}", err);
|
|
||||||
HttpResponse::with_body(StatusCode::INTERNAL_SERVER_ERROR, String::new())
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
pub struct UrlJson {
|
pub struct UrlJson {
|
||||||
pub url: String,
|
pub url: String,
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
use serde_derive::Deserialize;
|
use serde_derive::Deserialize;
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize, Debug)]
|
||||||
pub struct JsonUser {
|
pub struct JsonUser {
|
||||||
pub user_id: i32,
|
pub user_id: i32,
|
||||||
}
|
}
|
||||||
|
|||||||
+13
@@ -0,0 +1,13 @@
|
|||||||
|
extern crate diesel;
|
||||||
|
extern crate dotenv;
|
||||||
|
|
||||||
|
pub mod auth;
|
||||||
|
pub mod configuration;
|
||||||
|
pub mod database;
|
||||||
|
pub mod json_serialization;
|
||||||
|
pub mod models;
|
||||||
|
pub mod reader;
|
||||||
|
pub mod schema;
|
||||||
|
pub mod startup;
|
||||||
|
pub mod telemetry;
|
||||||
|
pub mod views;
|
||||||
+23
-77
@@ -1,86 +1,32 @@
|
|||||||
extern crate diesel;
|
use std::net::TcpListener;
|
||||||
extern crate dotenv;
|
|
||||||
|
|
||||||
use actix_cors::Cors;
|
use diesel::{
|
||||||
use actix_service::Service;
|
r2d2::{ConnectionManager, Pool},
|
||||||
use actix_web::{App, HttpMessage, HttpResponse, HttpServer};
|
PgConnection,
|
||||||
use dotenv::dotenv;
|
};
|
||||||
use futures::future::{ok, Either};
|
use rss_reader::{
|
||||||
use std::env;
|
configuration::get_configuration,
|
||||||
mod auth;
|
database::get_connection_pool,
|
||||||
mod database;
|
startup::run,
|
||||||
mod error;
|
telemetry::{get_subscriber, init_subscriber},
|
||||||
mod json_serialization;
|
};
|
||||||
mod models;
|
use secrecy::ExposeSecret;
|
||||||
mod reader;
|
|
||||||
mod schema;
|
|
||||||
#[cfg(test)]
|
|
||||||
mod test_helpers;
|
|
||||||
mod views;
|
|
||||||
|
|
||||||
#[actix_rt::main]
|
#[actix_rt::main]
|
||||||
async fn main() -> std::io::Result<()> {
|
async fn main() -> std::io::Result<()> {
|
||||||
dotenv().ok();
|
let subscriber = get_subscriber("zero2prod".into(), "info".into(), std::io::stdout);
|
||||||
env_logger::init();
|
init_subscriber(subscriber);
|
||||||
|
|
||||||
database::run_migrations(&mut database::establish_connection());
|
let configuration = get_configuration().expect("Failed to read configuration.");
|
||||||
|
|
||||||
let frontend_origin =
|
let connection_pool: Pool<ConnectionManager<PgConnection>> =
|
||||||
env::var("FRONTEND_ORIGIN").unwrap_or_else(|_| String::from("http://localhost:5173"));
|
get_connection_pool(configuration.database.connection_string().expose_secret());
|
||||||
|
|
||||||
HttpServer::new(move || {
|
let address = format!(
|
||||||
let cors = Cors::default()
|
"{}:{}",
|
||||||
.allowed_origin(&frontend_origin)
|
configuration.application.host, configuration.application.port
|
||||||
.allow_any_method()
|
);
|
||||||
.allow_any_header()
|
|
||||||
.supports_credentials();
|
|
||||||
|
|
||||||
App::new()
|
let listener = TcpListener::bind(address)?;
|
||||||
.wrap_fn(|req, srv| {
|
run(listener, connection_pool)?.await
|
||||||
let request_url: String = String::from(req.uri().path());
|
|
||||||
|
|
||||||
log::info!("Request Url: {}", request_url);
|
|
||||||
|
|
||||||
// Only these endpoints are reachable without a valid token. Everything
|
|
||||||
// else (in particular all `/article/*` endpoints) requires one.
|
|
||||||
let is_public = matches!(
|
|
||||||
request_url.as_str(),
|
|
||||||
"/api/v1/auth/login" | "/api/v1/user/create"
|
|
||||||
);
|
|
||||||
|
|
||||||
let passed = if is_public {
|
|
||||||
true
|
|
||||||
} else {
|
|
||||||
match auth::process_token(&req) {
|
|
||||||
Ok(user_id) => {
|
|
||||||
log::info!("Authenticated user {} for {}", user_id, request_url);
|
|
||||||
req.extensions_mut().insert(auth::extractor::AuthUser(user_id));
|
|
||||||
true
|
|
||||||
}
|
|
||||||
Err(message) => {
|
|
||||||
log::warn!("Rejected request to {}: {}", request_url, message);
|
|
||||||
false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
let end_result = match passed {
|
|
||||||
true => Either::Left(srv.call(req)),
|
|
||||||
false => Either::Right(ok(req.into_response(
|
|
||||||
HttpResponse::Unauthorized().finish().map_into_boxed_body(),
|
|
||||||
))),
|
|
||||||
};
|
|
||||||
|
|
||||||
async move {
|
|
||||||
let result = end_result.await?;
|
|
||||||
log::info!("{} -> {}", request_url, &result.status());
|
|
||||||
Ok(result)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
.wrap(cors)
|
|
||||||
.configure(views::views_factory)
|
|
||||||
})
|
|
||||||
.bind("0.0.0.0:8001")?
|
|
||||||
.run()
|
|
||||||
.await
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,23 +2,11 @@ extern crate bcrypt;
|
|||||||
|
|
||||||
use bcrypt::{hash, DEFAULT_COST};
|
use bcrypt::{hash, DEFAULT_COST};
|
||||||
use diesel::Insertable;
|
use diesel::Insertable;
|
||||||
|
use secrecy::{ExposeSecret, Secret};
|
||||||
use uuid::Uuid;
|
use uuid::Uuid;
|
||||||
|
|
||||||
use crate::schema::users;
|
use crate::schema::users;
|
||||||
|
|
||||||
pub const MIN_PASSWORD_LENGTH: usize = 6;
|
|
||||||
|
|
||||||
/// Rejects empty/trivial passwords. Kept as a standalone function so callers
|
|
||||||
/// (e.g. the user-creation handler) can return a `400` for this case
|
|
||||||
/// specifically, rather than the `500` that `NewUser::new`'s `anyhow::Result`
|
|
||||||
/// would otherwise map to.
|
|
||||||
pub fn validate_password(password: &str) -> Result<(), &'static str> {
|
|
||||||
if password.trim().len() < MIN_PASSWORD_LENGTH {
|
|
||||||
return Err("password must be at least 6 characters long");
|
|
||||||
}
|
|
||||||
Ok(())
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Insertable, Clone)]
|
#[derive(Insertable, Clone)]
|
||||||
#[diesel(table_name=users)]
|
#[diesel(table_name=users)]
|
||||||
pub struct NewUser {
|
pub struct NewUser {
|
||||||
@@ -29,15 +17,15 @@ pub struct NewUser {
|
|||||||
}
|
}
|
||||||
|
|
||||||
impl NewUser {
|
impl NewUser {
|
||||||
pub fn new(username: String, email: String, password: String) -> anyhow::Result<NewUser> {
|
pub fn new(username: String, email: String, password: Secret<String>) -> NewUser {
|
||||||
validate_password(&password).map_err(anyhow::Error::msg)?;
|
let hashed_password: String =
|
||||||
let hashed_password: String = hash(password.as_str(), DEFAULT_COST)?;
|
hash(password.expose_secret().as_str(), DEFAULT_COST).unwrap();
|
||||||
let uuid = Uuid::new_v4();
|
let uuid = Uuid::new_v4();
|
||||||
Ok(NewUser {
|
NewUser {
|
||||||
username,
|
username,
|
||||||
email,
|
email,
|
||||||
password: hashed_password,
|
password: hashed_password,
|
||||||
unique_id: uuid.to_string(),
|
unique_id: uuid.to_string(),
|
||||||
})
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -14,11 +14,10 @@ pub struct User {
|
|||||||
pub email: String,
|
pub email: String,
|
||||||
pub password: String,
|
pub password: String,
|
||||||
pub unique_id: String,
|
pub unique_id: String,
|
||||||
pub token_version: i32,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
impl User {
|
impl User {
|
||||||
pub fn verify(self, password: String) -> anyhow::Result<bool> {
|
pub fn verify(self, password: String) -> bool {
|
||||||
Ok(verify(password.as_str(), &self.password)?)
|
return verify(password.as_str(), &self.password).unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+16
-76
@@ -1,19 +1,23 @@
|
|||||||
use actix_web::{web, HttpResponse};
|
use actix_web::{web, HttpResponse};
|
||||||
use diesel::RunQueryDsl;
|
use diesel::{
|
||||||
|
r2d2::{ConnectionManager, Pool},
|
||||||
|
PgConnection, RunQueryDsl,
|
||||||
|
};
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
auth::extractor::AuthUser, database::establish_connection,
|
|
||||||
json_serialization::new_feed::NewFeedSchema, models::feed::new_feed::NewFeed, schema::feed,
|
json_serialization::new_feed::NewFeedSchema, models::feed::new_feed::NewFeed, schema::feed,
|
||||||
};
|
};
|
||||||
|
|
||||||
use super::feeds;
|
use super::feeds;
|
||||||
|
|
||||||
pub async fn add(new_feed: web::Json<NewFeedSchema>, auth_user: AuthUser) -> HttpResponse {
|
#[tracing::instrument(name = "Add new feed", skip(pool))]
|
||||||
if auth_user.0 != new_feed.user_id {
|
pub async fn add(
|
||||||
return HttpResponse::Forbidden().finish();
|
new_feed: web::Json<NewFeedSchema>,
|
||||||
}
|
pool: web::Data<Pool<ConnectionManager<PgConnection>>>,
|
||||||
|
) -> HttpResponse {
|
||||||
|
let pool_arc = pool.get_ref().clone();
|
||||||
|
let mut connection = pool_arc.get().expect("Failed to get database connection");
|
||||||
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let title: String = new_feed.title.clone();
|
let title: String = new_feed.title.clone();
|
||||||
let url: String = new_feed.url.clone();
|
let url: String = new_feed.url.clone();
|
||||||
let user_id: i32 = new_feed.user_id;
|
let user_id: i32 = new_feed.user_id;
|
||||||
@@ -21,14 +25,12 @@ pub async fn add(new_feed: web::Json<NewFeedSchema>, auth_user: AuthUser) -> Htt
|
|||||||
let result = feeds::get_feed(&url).await;
|
let result = feeds::get_feed(&url).await;
|
||||||
match result {
|
match result {
|
||||||
Ok(channel) => {
|
Ok(channel) => {
|
||||||
log::info!("valid channel");
|
|
||||||
if channel.items.is_empty() {
|
if channel.items.is_empty() {
|
||||||
return HttpResponse::ServiceUnavailable().finish();
|
return HttpResponse::ServiceUnavailable().await.unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Err(e) => {
|
Err(_) => {
|
||||||
log::error!("{:?}", e);
|
return HttpResponse::NotFound().await.unwrap();
|
||||||
return HttpResponse::NotFound().finish();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -39,69 +41,7 @@ pub async fn add(new_feed: web::Json<NewFeedSchema>, auth_user: AuthUser) -> Htt
|
|||||||
.execute(&mut connection);
|
.execute(&mut connection);
|
||||||
|
|
||||||
match insert_result {
|
match insert_result {
|
||||||
Ok(_) => HttpResponse::Created().finish(),
|
Ok(_) => HttpResponse::Created().await.unwrap(),
|
||||||
Err(e) => {
|
Err(_) => HttpResponse::Conflict().await.unwrap(),
|
||||||
log::error!("{e}");
|
|
||||||
HttpResponse::Conflict().finish()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_service::Service;
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App, HttpMessage};
|
|
||||||
|
|
||||||
use super::add;
|
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::test_helpers::unique_suffix;
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn add_fails_for_unfetchable_feed_url() {
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(1));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/add", web::post().to(add)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/add")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"title": "Bad feed",
|
|
||||||
"url": format!("not-a-valid-url-{}", unique_suffix()),
|
|
||||||
"user_id": 1
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NOT_FOUND, resp.status());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn add_rejects_feed_for_another_user() {
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(1));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/add", web::post().to(add)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/add")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"title": "Someone else's feed",
|
|
||||||
"url": format!("https://example.test/feed/{}", unique_suffix()),
|
|
||||||
"user_id": 2
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::FORBIDDEN, resp.status());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,183 +0,0 @@
|
|||||||
use actix_web::{web, HttpResponse};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
|
|
||||||
use crate::{
|
|
||||||
auth::extractor::AuthUser,
|
|
||||||
database::establish_connection,
|
|
||||||
schema::{feed, feed_item},
|
|
||||||
};
|
|
||||||
|
|
||||||
pub async fn delete_feed(path: web::Path<i32>, auth_user: AuthUser) -> HttpResponse {
|
|
||||||
let feed_id = path.into_inner();
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
|
|
||||||
let owner: Option<i32> = feed::table
|
|
||||||
.find(feed_id)
|
|
||||||
.select(feed::user_id)
|
|
||||||
.first(&mut connection)
|
|
||||||
.optional()
|
|
||||||
.unwrap_or(None);
|
|
||||||
|
|
||||||
// Treat "doesn't exist" and "not yours" the same, so callers can't probe
|
|
||||||
// for other users' feed ids.
|
|
||||||
if owner != Some(auth_user.0) {
|
|
||||||
return HttpResponse::NotFound().finish();
|
|
||||||
}
|
|
||||||
|
|
||||||
diesel::delete(feed_item::table.filter(feed_item::feed_id.eq(feed_id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
|
|
||||||
diesel::delete(feed::table.filter(feed::id.eq(feed_id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
|
|
||||||
HttpResponse::NoContent().finish()
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_service::Service;
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App, HttpMessage};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
|
|
||||||
use super::delete_feed;
|
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::schema::{feed, feed_item};
|
|
||||||
use crate::test_helpers::{
|
|
||||||
delete_feed as cleanup_feed, delete_user, insert_feed, insert_feed_item, insert_user,
|
|
||||||
};
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn delete_feed_removes_feed_and_items() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
let f = insert_feed(&mut connection, user.id);
|
|
||||||
let item = insert_feed_item(&mut connection, f.id, false);
|
|
||||||
|
|
||||||
let user_id = user.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feed/{feed_id}", web::delete().to(delete_feed)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::delete()
|
|
||||||
.uri(&format!("/feed/{}", f.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NO_CONTENT, resp.status());
|
|
||||||
|
|
||||||
let feed_exists: i64 = feed::table
|
|
||||||
.filter(feed::id.eq(f.id))
|
|
||||||
.count()
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert_eq!(0, feed_exists);
|
|
||||||
|
|
||||||
let item_exists: i64 = feed_item::table
|
|
||||||
.filter(feed_item::id.eq(item.id))
|
|
||||||
.count()
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert_eq!(0, item_exists);
|
|
||||||
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn delete_feed_returns_404_for_nonexistent_feed() {
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(1));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feed/{feed_id}", web::delete().to(delete_feed)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::delete()
|
|
||||||
.uri("/feed/999999999")
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NOT_FOUND, resp.status());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn delete_feed_does_not_affect_other_feeds() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
let feed_a = insert_feed(&mut connection, user.id);
|
|
||||||
let feed_b = insert_feed(&mut connection, user.id);
|
|
||||||
|
|
||||||
let user_id = user.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feed/{feed_id}", web::delete().to(delete_feed)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::delete()
|
|
||||||
.uri(&format!("/feed/{}", feed_a.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NO_CONTENT, resp.status());
|
|
||||||
|
|
||||||
let feed_b_exists: i64 = feed::table
|
|
||||||
.filter(feed::id.eq(feed_b.id))
|
|
||||||
.count()
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert_eq!(1, feed_b_exists);
|
|
||||||
|
|
||||||
cleanup_feed(&mut connection, feed_b.id);
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn delete_feed_rejects_other_users_feed() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user_a = insert_user(&mut connection, "secret");
|
|
||||||
let user_b = insert_user(&mut connection, "secret");
|
|
||||||
let feed_b = insert_feed(&mut connection, user_b.id);
|
|
||||||
|
|
||||||
let user_a_id = user_a.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_a_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feed/{feed_id}", web::delete().to(delete_feed)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::delete()
|
|
||||||
.uri(&format!("/feed/{}", feed_b.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NOT_FOUND, resp.status());
|
|
||||||
|
|
||||||
let feed_b_exists: i64 = feed::table
|
|
||||||
.filter(feed::id.eq(feed_b.id))
|
|
||||||
.count()
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert_eq!(1, feed_b_exists);
|
|
||||||
|
|
||||||
cleanup_feed(&mut connection, feed_b.id);
|
|
||||||
delete_user(&mut connection, user_a.id);
|
|
||||||
delete_user(&mut connection, user_b.id);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+5
-6
@@ -1,11 +1,10 @@
|
|||||||
|
use std::error::Error;
|
||||||
|
|
||||||
use rss::Channel;
|
use rss::Channel;
|
||||||
|
|
||||||
use super::net::safe_fetch;
|
#[tracing::instrument(name = "Get Channel Feed")]
|
||||||
use crate::error::AppError;
|
pub async fn get_feed(feed: &str) -> Result<Channel, Box<dyn Error>> {
|
||||||
|
let content = reqwest::get(feed).await?.bytes().await?;
|
||||||
pub async fn get_feed(feed: &str) -> Result<Channel, AppError> {
|
|
||||||
let content = safe_fetch(feed).await?.bytes().await?;
|
|
||||||
let channel = Channel::read_from(&content[..])?;
|
let channel = Channel::read_from(&content[..])?;
|
||||||
log::debug!("{:?}", channel);
|
|
||||||
Ok(channel)
|
Ok(channel)
|
||||||
}
|
}
|
||||||
|
|||||||
+44
-122
@@ -1,159 +1,81 @@
|
|||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::error::AppError;
|
|
||||||
use crate::json_serialization::user::JsonUser;
|
use crate::json_serialization::user::JsonUser;
|
||||||
use crate::models::feed::rss_feed::Feed;
|
use crate::models::feed::rss_feed::Feed;
|
||||||
use crate::models::feed_item::rss_feed_item::FeedItem;
|
use crate::models::feed_item::rss_feed_item::FeedItem;
|
||||||
use crate::reader::structs::feed::FeedAggregate;
|
use crate::reader::structs::feed::FeedAggregate;
|
||||||
use crate::schema::feed_item::{feed_id, id, read};
|
use crate::schema::feed_item::{feed_id, id, read};
|
||||||
use crate::{
|
use crate::{
|
||||||
database::establish_connection,
|
|
||||||
json_serialization::articles::Articles,
|
json_serialization::articles::Articles,
|
||||||
schema::feed::{self, user_id},
|
schema::feed::{self, user_id},
|
||||||
schema::feed_item,
|
schema::feed_item,
|
||||||
};
|
};
|
||||||
use actix_web::{web, HttpRequest, HttpResponse, Responder};
|
use actix_web::{web, HttpRequest, Responder};
|
||||||
use chrono::Local;
|
use chrono::Local;
|
||||||
use diesel::prelude::*;
|
use diesel::r2d2::{ConnectionManager, Pool};
|
||||||
|
use diesel::{prelude::*, r2d2};
|
||||||
|
|
||||||
use super::structs::article::Article;
|
use super::structs::article::Article;
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "Get feeds", skip(pool))]
|
||||||
pub async fn get(
|
pub async fn get(
|
||||||
path: web::Path<JsonUser>,
|
path: web::Path<JsonUser>,
|
||||||
req: HttpRequest,
|
req: HttpRequest,
|
||||||
auth_user: AuthUser,
|
pool: web::Data<Pool<ConnectionManager<PgConnection>>>,
|
||||||
) -> Result<HttpResponse, AppError> {
|
) -> impl Responder {
|
||||||
let request = req.clone();
|
let request = req.clone();
|
||||||
let req_user_id = path.user_id;
|
let req_user_id = path.user_id;
|
||||||
log::info!("Received user_id: {}", req_user_id);
|
// Clone the Arc containing the connection pool
|
||||||
|
let pool_arc = pool.get_ref().clone();
|
||||||
|
// Acquire a connection from the pool
|
||||||
|
let mut connection = pool_arc.get().expect("Failed to get database connection");
|
||||||
|
|
||||||
if auth_user.0 != req_user_id {
|
|
||||||
return Ok(HttpResponse::Forbidden().finish());
|
|
||||||
}
|
|
||||||
|
|
||||||
let mut connection: diesel::PgConnection = establish_connection();
|
|
||||||
let feeds: Vec<Feed> = feed::table
|
let feeds: Vec<Feed> = feed::table
|
||||||
.filter(user_id.eq(req_user_id))
|
.filter(user_id.eq(req_user_id))
|
||||||
.load::<Feed>(&mut connection)?;
|
.load::<Feed>(&mut connection)
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
let mut feed_aggregates: Vec<FeedAggregate> = Vec::new();
|
let mut feed_aggregates: Vec<FeedAggregate> = Vec::new();
|
||||||
for feed in feeds {
|
for feed in feeds {
|
||||||
let existing_item: Vec<FeedItem> = feed_item::table
|
feed_aggregates.push(get_feed_aggregate(feed, &mut connection))
|
||||||
.filter(feed_id.eq(feed.id))
|
|
||||||
.filter(read.eq(false))
|
|
||||||
.order(id.asc())
|
|
||||||
.load(&mut connection)?;
|
|
||||||
|
|
||||||
log::info!(
|
|
||||||
"Load {} feed items for feed: {}",
|
|
||||||
existing_item.len(),
|
|
||||||
feed.url
|
|
||||||
);
|
|
||||||
|
|
||||||
let article_list: Vec<Article> = existing_item
|
|
||||||
.into_iter()
|
|
||||||
.map(|feed_item: FeedItem| {
|
|
||||||
let time: String = match feed_item.created_ts {
|
|
||||||
Some(r) => r.to_string(),
|
|
||||||
None => Local::now().naive_local().to_string(),
|
|
||||||
};
|
|
||||||
Article {
|
|
||||||
title: feed_item.title,
|
|
||||||
content: feed_item.content,
|
|
||||||
url: feed_item.url,
|
|
||||||
timestamp: time,
|
|
||||||
id: feed_item.id,
|
|
||||||
}
|
|
||||||
})
|
|
||||||
.collect();
|
|
||||||
|
|
||||||
log::info!("article list with {} items generated.", article_list.len());
|
|
||||||
|
|
||||||
feed_aggregates.push(FeedAggregate {
|
|
||||||
title: feed.title,
|
|
||||||
items: article_list,
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
let articles: Articles = Articles {
|
let articles: Articles = Articles {
|
||||||
feeds: feed_aggregates,
|
feeds: feed_aggregates,
|
||||||
};
|
};
|
||||||
|
|
||||||
Ok(articles.respond_to(&request).map_into_boxed_body())
|
articles.respond_to(&request)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[tracing::instrument(name = "Get feed aggregate", skip(connection))]
|
||||||
mod tests {
|
pub fn get_feed_aggregate(
|
||||||
use actix_service::Service;
|
feed: Feed,
|
||||||
use actix_web::http::StatusCode;
|
connection: &mut r2d2::PooledConnection<ConnectionManager<PgConnection>>,
|
||||||
use actix_web::{test, web, App, HttpMessage};
|
) -> FeedAggregate {
|
||||||
|
let existing_item: Vec<FeedItem> = feed_item::table
|
||||||
|
.filter(feed_id.eq(feed.id))
|
||||||
|
.filter(read.eq(false))
|
||||||
|
.order(id.asc())
|
||||||
|
.load(connection)
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
use super::get;
|
let article_list: Vec<Article> = existing_item
|
||||||
use crate::auth::extractor::AuthUser;
|
.into_iter()
|
||||||
use crate::database::establish_connection;
|
.map(|feed_item: FeedItem| {
|
||||||
use crate::test_helpers::{
|
let time: String = match feed_item.created_ts {
|
||||||
delete_feed, delete_feed_item, delete_user, insert_feed, insert_feed_item, insert_user,
|
Some(r) => r.to_string(),
|
||||||
};
|
None => Local::now().naive_local().to_string(),
|
||||||
|
};
|
||||||
|
Article {
|
||||||
|
title: feed_item.title,
|
||||||
|
content: feed_item.content,
|
||||||
|
url: feed_item.url,
|
||||||
|
timestamp: time,
|
||||||
|
id: feed_item.id,
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.collect();
|
||||||
|
|
||||||
#[actix_web::test]
|
FeedAggregate {
|
||||||
async fn get_returns_only_unread_items() {
|
title: feed.title,
|
||||||
let mut connection = establish_connection();
|
items: article_list,
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
let feed = insert_feed(&mut connection, user.id);
|
|
||||||
let unread = insert_feed_item(&mut connection, feed.id, false);
|
|
||||||
let read = insert_feed_item(&mut connection, feed.id, true);
|
|
||||||
|
|
||||||
let user_id = user.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/get/{user_id}", web::get().to(get)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::get()
|
|
||||||
.uri(&format!("/get/{}", user.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::OK, resp.status());
|
|
||||||
|
|
||||||
let body = test::read_body(resp).await;
|
|
||||||
let body_str = String::from_utf8(body.to_vec()).unwrap();
|
|
||||||
|
|
||||||
assert!(body_str.contains(&unread.title));
|
|
||||||
assert!(!body_str.contains(&read.title));
|
|
||||||
|
|
||||||
delete_feed_item(&mut connection, unread.id);
|
|
||||||
delete_feed_item(&mut connection, read.id);
|
|
||||||
delete_feed(&mut connection, feed.id);
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn get_rejects_requests_for_another_user() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user_a = insert_user(&mut connection, "secret");
|
|
||||||
let user_b = insert_user(&mut connection, "secret");
|
|
||||||
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_a.id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/get/{user_id}", web::get().to(get)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::get()
|
|
||||||
.uri(&format!("/get/{}", user_b.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::FORBIDDEN, resp.status());
|
|
||||||
|
|
||||||
delete_user(&mut connection, user_a.id);
|
|
||||||
delete_user(&mut connection, user_b.id);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,139 +0,0 @@
|
|||||||
use actix_web::{web, HttpRequest, HttpResponse, Responder};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
|
|
||||||
use crate::{
|
|
||||||
auth::extractor::AuthUser,
|
|
||||||
database::establish_connection,
|
|
||||||
error::AppError,
|
|
||||||
json_serialization::feed_info::{FeedInfo, FeedInfoList},
|
|
||||||
json_serialization::user::JsonUser,
|
|
||||||
schema::feed::{self, user_id},
|
|
||||||
};
|
|
||||||
|
|
||||||
pub async fn list_feeds(
|
|
||||||
path: web::Path<JsonUser>,
|
|
||||||
req: HttpRequest,
|
|
||||||
auth_user: AuthUser,
|
|
||||||
) -> Result<HttpResponse, AppError> {
|
|
||||||
let request = req.clone();
|
|
||||||
let req_user_id = path.user_id;
|
|
||||||
|
|
||||||
if auth_user.0 != req_user_id {
|
|
||||||
return Ok(HttpResponse::Forbidden().finish());
|
|
||||||
}
|
|
||||||
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let feeds = feed::table
|
|
||||||
.filter(user_id.eq(req_user_id))
|
|
||||||
.select((feed::id, feed::title, feed::url))
|
|
||||||
.load::<(i32, String, String)>(&mut connection)?;
|
|
||||||
|
|
||||||
let feed_list: Vec<FeedInfo> = feeds
|
|
||||||
.into_iter()
|
|
||||||
.map(|(id, title, url)| FeedInfo { id, title, url })
|
|
||||||
.collect();
|
|
||||||
|
|
||||||
Ok(FeedInfoList { feeds: feed_list }
|
|
||||||
.respond_to(&request)
|
|
||||||
.map_into_boxed_body())
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_service::Service;
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App, HttpMessage};
|
|
||||||
|
|
||||||
use super::list_feeds;
|
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::test_helpers::{delete_feed, delete_user, insert_feed, insert_user};
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn list_feeds_returns_feeds_for_user() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
let feed = insert_feed(&mut connection, user.id);
|
|
||||||
|
|
||||||
let user_id = user.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feeds/{user_id}", web::get().to(list_feeds)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::get()
|
|
||||||
.uri(&format!("/feeds/{}", user.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::OK, resp.status());
|
|
||||||
let body = test::read_body(resp).await;
|
|
||||||
let body_str = String::from_utf8(body.to_vec()).unwrap();
|
|
||||||
assert!(body_str.contains(&feed.title));
|
|
||||||
assert!(body_str.contains(&feed.url));
|
|
||||||
|
|
||||||
delete_feed(&mut connection, feed.id);
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn list_feeds_returns_empty_list_for_user_with_no_feeds() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
|
|
||||||
let user_id = user.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feeds/{user_id}", web::get().to(list_feeds)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::get()
|
|
||||||
.uri(&format!("/feeds/{}", user.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::OK, resp.status());
|
|
||||||
let body = test::read_body(resp).await;
|
|
||||||
let body_str = String::from_utf8(body.to_vec()).unwrap();
|
|
||||||
assert!(body_str.contains("\"feeds\":[]"));
|
|
||||||
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn list_feeds_rejects_requests_for_another_user() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user_a = insert_user(&mut connection, "secret");
|
|
||||||
let user_b = insert_user(&mut connection, "secret");
|
|
||||||
let feed_b = insert_feed(&mut connection, user_b.id);
|
|
||||||
|
|
||||||
let user_a_id = user_a.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_a_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/feeds/{user_id}", web::get().to(list_feeds)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::get()
|
|
||||||
.uri(&format!("/feeds/{}", user_b.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::FORBIDDEN, resp.status());
|
|
||||||
|
|
||||||
delete_feed(&mut connection, feed_b.id);
|
|
||||||
delete_user(&mut connection, user_a.id);
|
|
||||||
delete_user(&mut connection, user_b.id);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+22
-135
@@ -1,149 +1,36 @@
|
|||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::error::AppError;
|
|
||||||
use crate::schema::feed_item::{id, read};
|
use crate::schema::feed_item::{id, read};
|
||||||
use crate::{
|
use crate::{
|
||||||
database::establish_connection,
|
json_serialization::read_feed_item::ReadItem, models::feed_item::rss_feed_item::FeedItem,
|
||||||
json_serialization::read_feed_item::ReadItem,
|
schema::feed_item,
|
||||||
models::feed_item::rss_feed_item::FeedItem,
|
|
||||||
schema::{feed, feed_item},
|
|
||||||
};
|
};
|
||||||
use actix_web::{web, HttpRequest, HttpResponse, Responder};
|
use actix_web::{web, HttpRequest, HttpResponse};
|
||||||
use diesel::RunQueryDsl;
|
use diesel::r2d2::{ConnectionManager, Pool};
|
||||||
use diesel::{ExpressionMethods, OptionalExtension, QueryDsl};
|
use diesel::{ExpressionMethods, QueryDsl};
|
||||||
|
use diesel::{PgConnection, RunQueryDsl};
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "Mark as read", skip(pool))]
|
||||||
pub async fn mark_read(
|
pub async fn mark_read(
|
||||||
_req: HttpRequest,
|
_req: HttpRequest,
|
||||||
path: web::Path<ReadItem>,
|
path: web::Path<ReadItem>,
|
||||||
auth_user: AuthUser,
|
pool: web::Data<Pool<ConnectionManager<PgConnection>>>,
|
||||||
) -> Result<impl Responder, AppError> {
|
) -> HttpResponse {
|
||||||
let mut connection = establish_connection();
|
let pool_arc = pool.get_ref().clone();
|
||||||
log::info!("Id: {}", path.id);
|
let mut connection = pool_arc.get().expect("Failed to get database connection");
|
||||||
|
|
||||||
// Join through to `feed` so we can confirm the item belongs to the caller
|
let feed_items: Vec<FeedItem> = feed_item::table
|
||||||
// before mutating it. "Doesn't exist" and "not yours" both return 404.
|
|
||||||
let owned_item: Option<(FeedItem, i32)> = feed_item::table
|
|
||||||
.inner_join(feed::table)
|
|
||||||
.filter(id.eq(path.id))
|
.filter(id.eq(path.id))
|
||||||
.select((feed_item::all_columns, feed::user_id))
|
.load::<FeedItem>(&mut connection)
|
||||||
.first(&mut connection)
|
.unwrap();
|
||||||
.optional()?;
|
|
||||||
|
|
||||||
let feed_item = match owned_item {
|
if feed_items.len() != 1 {
|
||||||
Some((feed_item, owner_id)) if owner_id == auth_user.0 => feed_item,
|
return HttpResponse::NotFound().await.unwrap();
|
||||||
_ => return Ok(HttpResponse::NotFound().finish()),
|
}
|
||||||
};
|
|
||||||
|
|
||||||
let result = diesel::update(&feed_item)
|
let feed_item: &FeedItem = feed_items.first().unwrap();
|
||||||
|
|
||||||
|
let _result: Result<usize, diesel::result::Error> = diesel::update(feed_item)
|
||||||
.set(read.eq(true))
|
.set(read.eq(true))
|
||||||
.execute(&mut connection)?;
|
.execute(&mut connection);
|
||||||
|
|
||||||
log::info!("Mark as read: {:?}", result);
|
HttpResponse::Ok().await.unwrap()
|
||||||
|
|
||||||
Ok(HttpResponse::Ok().finish())
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_service::Service;
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App, HttpMessage};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
|
|
||||||
use super::mark_read;
|
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::models::feed_item::rss_feed_item::FeedItem;
|
|
||||||
use crate::schema::feed_item;
|
|
||||||
use crate::test_helpers::{
|
|
||||||
delete_feed, delete_feed_item, delete_user, insert_feed, insert_feed_item, insert_user,
|
|
||||||
};
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn mark_read_flips_the_read_flag() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
let feed = insert_feed(&mut connection, user.id);
|
|
||||||
let item = insert_feed_item(&mut connection, feed.id, false);
|
|
||||||
|
|
||||||
let user_id = user.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/read/{id}", web::put().to(mark_read)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::put()
|
|
||||||
.uri(&format!("/read/{}", item.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::OK, resp.status());
|
|
||||||
|
|
||||||
let updated: FeedItem = feed_item::table
|
|
||||||
.find(item.id)
|
|
||||||
.first(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert!(updated.read);
|
|
||||||
|
|
||||||
delete_feed_item(&mut connection, item.id);
|
|
||||||
delete_feed(&mut connection, feed.id);
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn mark_read_returns_not_found_for_unknown_id() {
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(1));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/read/{id}", web::put().to(mark_read)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::put().uri("/read/999999999").to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NOT_FOUND, resp.status());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn mark_read_rejects_other_users_item() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user_a = insert_user(&mut connection, "secret");
|
|
||||||
let user_b = insert_user(&mut connection, "secret");
|
|
||||||
let feed_b = insert_feed(&mut connection, user_b.id);
|
|
||||||
let item_b = insert_feed_item(&mut connection, feed_b.id, false);
|
|
||||||
|
|
||||||
let user_a_id = user_a.id;
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_a_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/read/{id}", web::put().to(mark_read)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::put()
|
|
||||||
.uri(&format!("/read/{}", item_b.id))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NOT_FOUND, resp.status());
|
|
||||||
|
|
||||||
let updated: FeedItem = feed_item::table
|
|
||||||
.find(item_b.id)
|
|
||||||
.first(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert!(!updated.read);
|
|
||||||
|
|
||||||
delete_feed_item(&mut connection, item_b.id);
|
|
||||||
delete_feed(&mut connection, feed_b.id);
|
|
||||||
delete_user(&mut connection, user_a.id);
|
|
||||||
delete_user(&mut connection, user_b.id);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,12 +2,9 @@ use actix_web::web;
|
|||||||
|
|
||||||
use crate::views::path::Path;
|
use crate::views::path::Path;
|
||||||
mod add;
|
mod add;
|
||||||
mod delete_feed;
|
|
||||||
pub mod feeds;
|
pub mod feeds;
|
||||||
mod get;
|
mod get;
|
||||||
mod list_feeds;
|
|
||||||
mod mark_read;
|
mod mark_read;
|
||||||
pub mod net;
|
|
||||||
mod read;
|
mod read;
|
||||||
mod scraper;
|
mod scraper;
|
||||||
pub mod structs;
|
pub mod structs;
|
||||||
@@ -22,14 +19,6 @@ pub fn feed_factory(app: &mut web::ServiceConfig) {
|
|||||||
&base_path.define(String::from("/get/{user_id}")),
|
&base_path.define(String::from("/get/{user_id}")),
|
||||||
web::get().to(get::get),
|
web::get().to(get::get),
|
||||||
);
|
);
|
||||||
app.route(
|
|
||||||
&base_path.define(String::from("/feeds/{user_id}")),
|
|
||||||
web::get().to(list_feeds::list_feeds),
|
|
||||||
);
|
|
||||||
app.route(
|
|
||||||
&base_path.define(String::from("/feed/{feed_id}")),
|
|
||||||
web::delete().to(delete_feed::delete_feed),
|
|
||||||
);
|
|
||||||
app.route(
|
app.route(
|
||||||
&base_path.define(String::from("/add")),
|
&base_path.define(String::from("/add")),
|
||||||
web::post().to(add::add),
|
web::post().to(add::add),
|
||||||
|
|||||||
@@ -1,145 +0,0 @@
|
|||||||
use std::net::IpAddr;
|
|
||||||
|
|
||||||
use anyhow::bail;
|
|
||||||
use reqwest::{redirect::Policy, Client, Response, Url};
|
|
||||||
use tokio::net::lookup_host;
|
|
||||||
|
|
||||||
use crate::error::AppError;
|
|
||||||
|
|
||||||
// Outbound requests for feed/article URLs are driven by user input (feed URLs,
|
|
||||||
// "read" links). Without these checks a user could point the server at
|
|
||||||
// internal services or cloud metadata endpoints (e.g. http://169.254.169.254/)
|
|
||||||
// and have it fetch them on their behalf (SSRF).
|
|
||||||
pub async fn safe_fetch(url: &str) -> Result<Response, AppError> {
|
|
||||||
safe_fetch_inner(url).await.map_err(AppError::from)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Redirects are validated and followed manually (rather than via
|
|
||||||
// `redirect::Policy::default()`) so each hop's resolved address is checked
|
|
||||||
// against `is_globally_routable` before it's fetched — otherwise an allowed
|
|
||||||
// host could redirect to an internal address and bypass the checks below.
|
|
||||||
const MAX_REDIRECTS: u8 = 5;
|
|
||||||
|
|
||||||
async fn safe_fetch_inner(url: &str) -> anyhow::Result<Response> {
|
|
||||||
let client = Client::builder().redirect(Policy::none()).build()?;
|
|
||||||
|
|
||||||
let mut current = Url::parse(url)?;
|
|
||||||
for _ in 0..=MAX_REDIRECTS {
|
|
||||||
check_url_is_safe(¤t).await?;
|
|
||||||
|
|
||||||
let response = client.get(current.clone()).send().await?;
|
|
||||||
|
|
||||||
if response.status().is_redirection() {
|
|
||||||
let location = response
|
|
||||||
.headers()
|
|
||||||
.get(reqwest::header::LOCATION)
|
|
||||||
.ok_or_else(|| {
|
|
||||||
anyhow::anyhow!("redirect response from {} has no Location header", current)
|
|
||||||
})?
|
|
||||||
.to_str()?;
|
|
||||||
current = current.join(location)?;
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
return Ok(response);
|
|
||||||
}
|
|
||||||
|
|
||||||
bail!("refusing to fetch {}: too many redirects", url);
|
|
||||||
}
|
|
||||||
|
|
||||||
async fn check_url_is_safe(url: &Url) -> anyhow::Result<()> {
|
|
||||||
if url.scheme() != "http" && url.scheme() != "https" {
|
|
||||||
bail!("refusing to fetch {}: unsupported URL scheme", url);
|
|
||||||
}
|
|
||||||
|
|
||||||
let host = url
|
|
||||||
.host_str()
|
|
||||||
.ok_or_else(|| anyhow::anyhow!("refusing to fetch {}: URL has no host", url))?;
|
|
||||||
let port = url.port_or_known_default().unwrap_or(80);
|
|
||||||
|
|
||||||
let mut resolved_any = false;
|
|
||||||
for addr in lookup_host((host, port)).await? {
|
|
||||||
resolved_any = true;
|
|
||||||
if !is_globally_routable(addr.ip()) {
|
|
||||||
bail!(
|
|
||||||
"refusing to fetch {}: resolves to non-public address {}",
|
|
||||||
url,
|
|
||||||
addr.ip()
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if !resolved_any {
|
|
||||||
bail!("refusing to fetch {}: host did not resolve to any address", url);
|
|
||||||
}
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
|
||||||
|
|
||||||
fn is_globally_routable(ip: IpAddr) -> bool {
|
|
||||||
match ip {
|
|
||||||
IpAddr::V4(v4) => {
|
|
||||||
!(v4.is_private()
|
|
||||||
|| v4.is_loopback()
|
|
||||||
|| v4.is_link_local()
|
|
||||||
|| v4.is_unspecified()
|
|
||||||
|| v4.is_broadcast()
|
|
||||||
|| v4.is_multicast())
|
|
||||||
}
|
|
||||||
IpAddr::V6(v6) => {
|
|
||||||
if let Some(v4) = v6.to_ipv4_mapped() {
|
|
||||||
return is_globally_routable(IpAddr::V4(v4));
|
|
||||||
}
|
|
||||||
|
|
||||||
let segments = v6.segments();
|
|
||||||
let is_unique_local = (segments[0] & 0xfe00) == 0xfc00; // fc00::/7
|
|
||||||
let is_unicast_link_local = (segments[0] & 0xffc0) == 0xfe80; // fe80::/10
|
|
||||||
|
|
||||||
!(v6.is_loopback()
|
|
||||||
|| v6.is_unspecified()
|
|
||||||
|| v6.is_multicast()
|
|
||||||
|| is_unique_local
|
|
||||||
|| is_unicast_link_local)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use super::*;
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn rejects_loopback_and_private_addresses() {
|
|
||||||
assert!(!is_globally_routable("127.0.0.1".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("10.0.0.5".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("192.168.1.1".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("169.254.169.254".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("::1".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("fc00::1".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("fe80::1".parse().unwrap()));
|
|
||||||
assert!(!is_globally_routable("::ffff:127.0.0.1".parse().unwrap()));
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn allows_public_addresses() {
|
|
||||||
assert!(is_globally_routable("93.184.216.34".parse().unwrap()));
|
|
||||||
assert!(is_globally_routable("2606:2800:220:1:248:1893:25c8:1946".parse().unwrap()));
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn rejects_unsupported_schemes() {
|
|
||||||
let result = safe_fetch("ftp://example.test/file").await;
|
|
||||||
assert!(result.is_err());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn rejects_loopback_urls() {
|
|
||||||
let result = safe_fetch("http://127.0.0.1:8001/").await;
|
|
||||||
assert!(result.is_err());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn rejects_link_local_metadata_url() {
|
|
||||||
let result = safe_fetch("http://169.254.169.254/latest/meta-data/").await;
|
|
||||||
assert!(result.is_err());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+2
-4
@@ -4,15 +4,13 @@ use crate::json_serialization::{readable::Readable, url::UrlJson};
|
|||||||
|
|
||||||
use super::scraper::content::do_throttled_request;
|
use super::scraper::content::do_throttled_request;
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "Read Feed")]
|
||||||
pub async fn read(_req: HttpRequest, data: web::Json<UrlJson>) -> impl Responder {
|
pub async fn read(_req: HttpRequest, data: web::Json<UrlJson>) -> impl Responder {
|
||||||
let result = do_throttled_request(&data.url);
|
let result = do_throttled_request(&data.url);
|
||||||
|
|
||||||
let content = match result.await {
|
let content = match result.await {
|
||||||
Ok(cont) => cont,
|
Ok(cont) => cont,
|
||||||
Err(e) => {
|
Err(e) => e.to_string(),
|
||||||
log::error!("Could not scrap url {}", data.url);
|
|
||||||
e.to_string()
|
|
||||||
}
|
|
||||||
};
|
};
|
||||||
|
|
||||||
Readable { content }
|
Readable { content }
|
||||||
|
|||||||
@@ -1,9 +1,8 @@
|
|||||||
use super::super::net::safe_fetch;
|
use reqwest::Error;
|
||||||
use crate::error::AppError;
|
|
||||||
|
|
||||||
// Do a request for the given URL, with a minimum time between requests
|
// Do a request for the given URL, with a minimum time between requests
|
||||||
// to avoid overloading the server.
|
// to avoid overloading the server.
|
||||||
pub async fn do_throttled_request(url: &str) -> Result<String, AppError> {
|
pub async fn do_throttled_request(url: &str) -> Result<String, Error> {
|
||||||
let response = safe_fetch(url).await?;
|
let response = reqwest::get(url).await?;
|
||||||
Ok(response.text().await?)
|
response.text().await
|
||||||
}
|
}
|
||||||
|
|||||||
+62
-496
@@ -1,561 +1,127 @@
|
|||||||
use super::feeds;
|
use super::feeds;
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::error::AppError;
|
|
||||||
use crate::json_serialization::user::JsonUser;
|
use crate::json_serialization::user::JsonUser;
|
||||||
use crate::models::feed::rss_feed::Feed;
|
use crate::models::feed::rss_feed::Feed;
|
||||||
use crate::models::feed_item::new_feed_item::NewFeedItem;
|
use crate::models::feed_item::new_feed_item::NewFeedItem;
|
||||||
use crate::models::feed_item::rss_feed_item::FeedItem;
|
use crate::models::feed_item::rss_feed_item::FeedItem;
|
||||||
use crate::schema::feed_item::{feed_id, title};
|
use crate::schema::feed_item::{feed_id, title};
|
||||||
use crate::{
|
use crate::schema::{
|
||||||
database::establish_connection,
|
feed::{self, user_id},
|
||||||
schema::{
|
feed_item,
|
||||||
feed::{self, user_id},
|
|
||||||
feed_item,
|
|
||||||
},
|
|
||||||
};
|
};
|
||||||
use actix_web::{web, HttpRequest, HttpResponse};
|
use actix_web::{web, HttpRequest, HttpResponse};
|
||||||
use chrono::{DateTime, Local, NaiveDateTime};
|
use chrono::{DateTime, Local, NaiveDateTime};
|
||||||
use dateparser::parse;
|
use dateparser::parse;
|
||||||
use diesel::prelude::*;
|
use diesel::prelude::*;
|
||||||
|
use diesel::r2d2::{ConnectionManager, Pool};
|
||||||
use rss::Item;
|
use rss::Item;
|
||||||
use scraper::{Html, Selector};
|
use scraper::{Html, Selector};
|
||||||
use std::collections::{HashMap, HashSet};
|
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "Get Date")]
|
||||||
fn get_date(date_str: &str) -> Result<NaiveDateTime, chrono::ParseError> {
|
fn get_date(date_str: &str) -> Result<NaiveDateTime, chrono::ParseError> {
|
||||||
if let Ok(result) = parse(date_str) {
|
// let format_string = "%a, %d %b %Y %H:%M:%S %z";
|
||||||
log::info!("Date: {:?}", result);
|
let format_string = "%Y-%m-%dT%H:%M:%S%Z";
|
||||||
return Ok(result.with_timezone(&Local).naive_local());
|
|
||||||
}
|
|
||||||
|
|
||||||
DateTime::parse_from_rfc2822(date_str).map(|dt| dt.with_timezone(&Local).naive_local())
|
let result = parse(date_str).unwrap();
|
||||||
}
|
|
||||||
|
|
||||||
// Some feeds (e.g. Deutsche Welle) embed responsive-image templates such as
|
match NaiveDateTime::parse_from_str(&result.to_string(), format_string) {
|
||||||
// `src="https://example.com/img_${formatId}.jpg"` that their own frontend
|
Ok(r) => Ok(r),
|
||||||
// JavaScript fills in before loading — verbatim, they 404. Skip those and
|
Err(_) => {
|
||||||
// pick the first <img> with a real, directly loadable URL instead.
|
let datetime = DateTime::parse_from_rfc2822(date_str);
|
||||||
fn image_src_is_resolvable(element: &scraper::ElementRef) -> bool {
|
match datetime {
|
||||||
match element.value().attr("src") {
|
Ok(r) => NaiveDateTime::parse_from_str(&r.to_rfc3339(), format_string),
|
||||||
Some(src) => !src.contains('{') && !src.to_lowercase().contains("%7b"),
|
Err(_) => match DateTime::parse_from_rfc2822(date_str) {
|
||||||
None => false,
|
Ok(r) => NaiveDateTime::parse_from_str(&r.to_rfc3339(), format_string),
|
||||||
}
|
Err(e) => Err(e),
|
||||||
}
|
},
|
||||||
|
|
||||||
fn escape_html_attr(value: &str) -> String {
|
|
||||||
value
|
|
||||||
.replace('&', "&")
|
|
||||||
.replace('"', """)
|
|
||||||
.replace('<', "<")
|
|
||||||
.replace('>', ">")
|
|
||||||
}
|
|
||||||
|
|
||||||
// Feed-supplied `<img>` markup is rendered as-is (via `v-html`) in the frontend,
|
|
||||||
// so strip everything except a harmless image tag before it's stored — in
|
|
||||||
// particular event handlers like `onerror`/`onload` that a malicious feed
|
|
||||||
// could use for XSS.
|
|
||||||
fn sanitize_img_html(html: &str) -> String {
|
|
||||||
let allowed_attributes = HashSet::from(["src", "alt", "title"]);
|
|
||||||
|
|
||||||
ammonia::Builder::default()
|
|
||||||
.tags(HashSet::from(["img"]))
|
|
||||||
.tag_attributes(HashMap::from([("img", allowed_attributes)]))
|
|
||||||
.clean(html)
|
|
||||||
.to_string()
|
|
||||||
}
|
|
||||||
|
|
||||||
// Some feeds (e.g. Deutsche Welle) don't embed an <img> in the item content at
|
|
||||||
// all — they carry the article image as an RSS <enclosure> instead. Build an
|
|
||||||
// <img> tag from it so those feeds get a preview image too.
|
|
||||||
fn enclosure_image_html(item: &Item) -> Option<String> {
|
|
||||||
let enclosure = item.enclosure()?;
|
|
||||||
if !enclosure.mime_type().to_lowercase().starts_with("image/") {
|
|
||||||
return None;
|
|
||||||
}
|
|
||||||
Some(format!(
|
|
||||||
r#"<img src="{}">"#,
|
|
||||||
escape_html_attr(enclosure.url())
|
|
||||||
))
|
|
||||||
}
|
|
||||||
|
|
||||||
fn create_feed_item(item: Item, feed: &Feed, connection: &mut PgConnection) -> anyhow::Result<()> {
|
|
||||||
// Items without a title or link are malformed/unusable — skip them rather
|
|
||||||
// than failing the whole sync over one bad entry from an external feed.
|
|
||||||
let Some(item_title) = item.title.clone() else {
|
|
||||||
log::warn!("Skipping feed item without a title.");
|
|
||||||
return Ok(());
|
|
||||||
};
|
|
||||||
if item.link.is_none() {
|
|
||||||
log::warn!("Skipping feed item without a link: {}", item_title);
|
|
||||||
return Ok(());
|
|
||||||
}
|
|
||||||
log::info!("Create feed item: {}", item_title);
|
|
||||||
|
|
||||||
// Items without a pub_date are treated as current (inserted unconditionally)
|
|
||||||
// — feeds that don't publish dates are typically small/curated enough that
|
|
||||||
// this is fine.
|
|
||||||
let mut time: NaiveDateTime = Local::now().naive_local();
|
|
||||||
if let Some(pub_date) = item.pub_date() {
|
|
||||||
time = match get_date(pub_date) {
|
|
||||||
Ok(date) => date,
|
|
||||||
Err(err) => {
|
|
||||||
log::error!("could not parse pub date: {}", err);
|
|
||||||
time
|
|
||||||
}
|
}
|
||||||
};
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
let base_content: &str = item.content().or(item.description()).unwrap_or_default();
|
#[tracing::instrument(name = "Create Feed Item", skip(connection))]
|
||||||
|
fn create_feed_item(item: Item, feed: &Feed, connection: &mut PgConnection) {
|
||||||
|
let item_title = item.title.clone().unwrap();
|
||||||
|
|
||||||
|
let base_content: &str = match item.content() {
|
||||||
|
Some(c) => c,
|
||||||
|
None => match item.description() {
|
||||||
|
Some(c) => c,
|
||||||
|
None => "",
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
let frag = Html::parse_fragment(base_content);
|
let frag = Html::parse_fragment(base_content);
|
||||||
let mut content = "".to_string();
|
let mut content = "".to_string();
|
||||||
|
let frag_clone = frag.clone();
|
||||||
|
frag.tree.into_iter().for_each(|node| {
|
||||||
|
let selector_img = Selector::parse("img").unwrap();
|
||||||
|
|
||||||
// Some feeds (e.g. Stuttgarter Nachrichten) embed a social-sharing widget
|
for element in frag_clone.select(&selector_img) {
|
||||||
// (WhatsApp/Email/Facebook/... links plus a "Link kopiert" tooltip) in the
|
if !content.starts_with("<img") {
|
||||||
// article content. It's not part of the article and isn't present in the
|
content.push_str(&element.html());
|
||||||
// scraped/readable edition either, so skip its text when flattening below.
|
content.push_str("<br>")
|
||||||
let selector_social_bar =
|
|
||||||
Selector::parse("#article-social-bar").expect("\"#article-social-bar\" is a valid CSS selector");
|
|
||||||
let excluded_node_ids: std::collections::HashSet<_> = frag
|
|
||||||
.select(&selector_social_bar)
|
|
||||||
.flat_map(|el| el.descendants().map(|node| node.id()))
|
|
||||||
.collect();
|
|
||||||
|
|
||||||
let selector_img = Selector::parse("img").expect("\"img\" is a valid CSS selector");
|
|
||||||
match frag.select(&selector_img).find(image_src_is_resolvable) {
|
|
||||||
Some(image) => {
|
|
||||||
content.push_str(&sanitize_img_html(&image.html()));
|
|
||||||
content.push_str("<br>");
|
|
||||||
}
|
|
||||||
None => {
|
|
||||||
if let Some(image_html) = enclosure_image_html(&item) {
|
|
||||||
content.push_str(&sanitize_img_html(&image_html));
|
|
||||||
content.push_str("<br>");
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
if let scraper::node::Node::Text(text) = node {
|
||||||
|
|
||||||
for node in frag.tree.nodes() {
|
|
||||||
if excluded_node_ids.contains(&node.id()) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if let scraper::node::Node::Text(text) = node.value() {
|
|
||||||
content.push_str(&text.text);
|
content.push_str(&text.text);
|
||||||
}
|
}
|
||||||
}
|
});
|
||||||
|
|
||||||
let existing_item: Vec<FeedItem> = feed_item::table
|
let existing_item: Vec<FeedItem> = feed_item::table
|
||||||
.filter(feed_id.eq(feed.id))
|
.filter(feed_id.eq(feed.id))
|
||||||
.filter(title.eq(&item_title))
|
.filter(title.eq(&item_title))
|
||||||
.load(connection)?;
|
.load(connection)
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
if existing_item.is_empty() {
|
if existing_item.is_empty() {
|
||||||
|
let mut time: NaiveDateTime = Local::now().naive_local();
|
||||||
|
if item.pub_date().is_some() {
|
||||||
|
time = match get_date(item.pub_date().unwrap()) {
|
||||||
|
Ok(date) => date,
|
||||||
|
Err(_err) => time,
|
||||||
|
};
|
||||||
|
}
|
||||||
let new_feed_item = NewFeedItem::new(
|
let new_feed_item = NewFeedItem::new(
|
||||||
feed.id,
|
feed.id,
|
||||||
content.clone(),
|
content.clone(),
|
||||||
item_title.clone(),
|
item_title.clone(),
|
||||||
item.link.expect("checked above"),
|
item.link.unwrap(),
|
||||||
Some(time),
|
Some(time),
|
||||||
);
|
);
|
||||||
let insert_result = diesel::insert_into(feed_item::table)
|
let _insert_result = diesel::insert_into(feed_item::table)
|
||||||
.values(&new_feed_item)
|
.values(&new_feed_item)
|
||||||
.execute(connection);
|
.execute(connection);
|
||||||
|
|
||||||
log::info!("Insert Result: {:?}", insert_result);
|
|
||||||
} else {
|
|
||||||
log::info!("Item {} already exists.", item_title);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "sync", skip(pool))]
|
||||||
pub async fn sync(
|
pub async fn sync(
|
||||||
_req: HttpRequest,
|
_req: HttpRequest,
|
||||||
data: web::Json<JsonUser>,
|
data: web::Json<JsonUser>,
|
||||||
auth_user: AuthUser,
|
pool: web::Data<Pool<ConnectionManager<PgConnection>>>,
|
||||||
) -> Result<HttpResponse, AppError> {
|
) -> HttpResponse {
|
||||||
|
let pool_arc = pool.get_ref().clone();
|
||||||
|
let mut connection = pool_arc.get().expect("Failed to get database connection");
|
||||||
|
|
||||||
let req_user_id: i32 = data.user_id;
|
let req_user_id: i32 = data.user_id;
|
||||||
|
|
||||||
if auth_user.0 != req_user_id {
|
|
||||||
return Ok(HttpResponse::Forbidden().finish());
|
|
||||||
}
|
|
||||||
|
|
||||||
let mut connection: diesel::PgConnection = establish_connection();
|
|
||||||
|
|
||||||
let feeds: Vec<Feed> = feed::table
|
let feeds: Vec<Feed> = feed::table
|
||||||
.filter(user_id.eq(req_user_id))
|
.filter(user_id.eq(req_user_id))
|
||||||
.load::<Feed>(&mut connection)?;
|
.load::<Feed>(&mut connection)
|
||||||
|
.unwrap();
|
||||||
log::info!("Found {} feeds to sync.", feeds.len());
|
|
||||||
|
|
||||||
for feed in feeds {
|
for feed in feeds {
|
||||||
log::info!("Try to get url: {}", feed.url);
|
|
||||||
let result = feeds::get_feed(&feed.url).await;
|
let result = feeds::get_feed(&feed.url).await;
|
||||||
|
|
||||||
match result {
|
match result {
|
||||||
Ok(channel) => {
|
Ok(channel) => {
|
||||||
for item in channel.into_items() {
|
for item in channel.into_items() {
|
||||||
log::info!("{:?}", item);
|
create_feed_item(item, &feed, &mut connection);
|
||||||
if let Err(e) = create_feed_item(item, &feed, &mut connection) {
|
|
||||||
log::error!("Could not create feed item for {}: {:?}", feed.url, e);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Err(e) => log::error!("Could not get channel {}. Error: {}", feed.url, e),
|
Err(_e) => return HttpResponse::InternalServerError().await.unwrap(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(HttpResponse::Ok().finish())
|
HttpResponse::Ok().await.unwrap()
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use crate::models::feed::new_feed::NewFeed;
|
|
||||||
use crate::models::user::new_user::NewUser;
|
|
||||||
use crate::models::user::rss_user::User;
|
|
||||||
use crate::schema::users;
|
|
||||||
use crate::test_helpers::unique_suffix;
|
|
||||||
use chrono::Duration;
|
|
||||||
|
|
||||||
use super::*;
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn get_date_parses_iso8601_dates() {
|
|
||||||
assert!(get_date("2024-01-01T12:00:00Z").is_ok());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn get_date_parses_rfc2822_dates() {
|
|
||||||
assert!(get_date("Tue, 03 Jun 2025 10:00:00 GMT").is_ok());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn get_date_returns_err_for_unparseable_dates() {
|
|
||||||
assert!(get_date("not-a-date").is_err());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn create_feed_item_skips_template_placeholder_images() {
|
|
||||||
let html = Html::parse_fragment(
|
|
||||||
r#"<img src="https://example.test/img_${formatId}.jpg"><p>placeholder</p>
|
|
||||||
<img src="https://example.test/real.jpg"><p>real image</p>"#,
|
|
||||||
);
|
|
||||||
let selector = Selector::parse("img").unwrap();
|
|
||||||
|
|
||||||
let chosen = html
|
|
||||||
.select(&selector)
|
|
||||||
.find(image_src_is_resolvable)
|
|
||||||
.expect("should find a resolvable image");
|
|
||||||
|
|
||||||
assert_eq!(
|
|
||||||
Some("https://example.test/real.jpg"),
|
|
||||||
chosen.value().attr("src")
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn create_feed_item_finds_no_image_when_all_are_templated() {
|
|
||||||
let html = Html::parse_fragment(r#"<img src="https://example.test/img_${formatId}.jpg">"#);
|
|
||||||
let selector = Selector::parse("img").unwrap();
|
|
||||||
|
|
||||||
assert!(html.select(&selector).find(image_src_is_resolvable).is_none());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn enclosure_image_html_builds_img_for_image_enclosures() {
|
|
||||||
let mut item = Item::default();
|
|
||||||
item.set_enclosure(rss::Enclosure {
|
|
||||||
url: "https://static.dw.com/image/73880499_302.jpg".to_string(),
|
|
||||||
length: "2000".to_string(),
|
|
||||||
mime_type: "image/jpeg".to_string(),
|
|
||||||
});
|
|
||||||
|
|
||||||
assert_eq!(
|
|
||||||
Some(r#"<img src="https://static.dw.com/image/73880499_302.jpg">"#.to_string()),
|
|
||||||
enclosure_image_html(&item)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn enclosure_image_html_ignores_non_image_enclosures() {
|
|
||||||
let mut item = Item::default();
|
|
||||||
item.set_enclosure(rss::Enclosure {
|
|
||||||
url: "https://example.test/episode.mp3".to_string(),
|
|
||||||
length: "2000".to_string(),
|
|
||||||
mime_type: "audio/mpeg".to_string(),
|
|
||||||
});
|
|
||||||
|
|
||||||
assert_eq!(None, enclosure_image_html(&item));
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn enclosure_image_html_escapes_url_attribute() {
|
|
||||||
let mut item = Item::default();
|
|
||||||
item.set_enclosure(rss::Enclosure {
|
|
||||||
url: "https://example.test/img.jpg?a=1&b=\"x\"".to_string(),
|
|
||||||
length: "2000".to_string(),
|
|
||||||
mime_type: "image/jpeg".to_string(),
|
|
||||||
});
|
|
||||||
|
|
||||||
assert_eq!(
|
|
||||||
Some(r#"<img src="https://example.test/img.jpg?a=1&b="x"">"#.to_string()),
|
|
||||||
enclosure_image_html(&item)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn sanitize_img_html_strips_event_handlers() {
|
|
||||||
let sanitized = sanitize_img_html(r#"<img src="x" onerror="alert(1)">"#);
|
|
||||||
|
|
||||||
assert!(!sanitized.contains("onerror"));
|
|
||||||
assert!(!sanitized.contains("alert"));
|
|
||||||
assert!(sanitized.contains(r#"src="x""#));
|
|
||||||
}
|
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn sanitize_img_html_keeps_only_allowed_attributes() {
|
|
||||||
let sanitized = sanitize_img_html(
|
|
||||||
r#"<img src="https://example.test/img.jpg" alt="desc" title="t" style="display:none" class="evil">"#,
|
|
||||||
);
|
|
||||||
|
|
||||||
assert!(sanitized.contains(r#"src="https://example.test/img.jpg""#));
|
|
||||||
assert!(sanitized.contains(r#"alt="desc""#));
|
|
||||||
assert!(sanitized.contains(r#"title="t""#));
|
|
||||||
assert!(!sanitized.contains("style"));
|
|
||||||
assert!(!sanitized.contains("class"));
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_feed_item_inserts_articles_older_than_two_weeks() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
|
|
||||||
let new_user = NewUser::new(
|
|
||||||
format!("age_test_{suffix}"),
|
|
||||||
format!("age_{suffix}@example.test"),
|
|
||||||
"secret".to_string(),
|
|
||||||
)
|
|
||||||
.unwrap();
|
|
||||||
let user: User = diesel::insert_into(users::table)
|
|
||||||
.values(&new_user)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let new_feed = NewFeed::new(
|
|
||||||
format!("Age test feed {suffix}"),
|
|
||||||
format!("https://example.test/feed/{suffix}"),
|
|
||||||
user.id,
|
|
||||||
);
|
|
||||||
let feed: Feed = diesel::insert_into(feed::table)
|
|
||||||
.values(&new_feed)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
// Item with a pub_date 20 days ago — should still be inserted, since
|
|
||||||
// infrequently-updated feeds (or infrequent syncs) must not lose
|
|
||||||
// articles the user hasn't seen yet.
|
|
||||||
let old_date = (Local::now() - Duration::days(20))
|
|
||||||
.format("%a, %d %b %Y %H:%M:%S %z")
|
|
||||||
.to_string();
|
|
||||||
let mut old_item = Item::default();
|
|
||||||
old_item.set_title(Some(format!("Old article {suffix}")));
|
|
||||||
old_item.set_link(Some(format!("https://example.test/old/{suffix}")));
|
|
||||||
old_item.set_pub_date(Some(old_date));
|
|
||||||
old_item.set_content(Some("<p>old</p>".to_string()));
|
|
||||||
|
|
||||||
// Item without a pub_date — treated as current, should be inserted.
|
|
||||||
let mut fresh_item = Item::default();
|
|
||||||
fresh_item.set_title(Some(format!("Fresh article {suffix}")));
|
|
||||||
fresh_item.set_link(Some(format!("https://example.test/fresh/{suffix}")));
|
|
||||||
fresh_item.set_content(Some("<p>fresh</p>".to_string()));
|
|
||||||
|
|
||||||
create_feed_item(old_item, &feed, &mut connection).unwrap();
|
|
||||||
create_feed_item(fresh_item, &feed, &mut connection).unwrap();
|
|
||||||
|
|
||||||
let items: Vec<FeedItem> = feed_item::table
|
|
||||||
.filter(feed_id.eq(feed.id))
|
|
||||||
.load(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
assert_eq!(2, items.len(), "both old and fresh items should be inserted");
|
|
||||||
|
|
||||||
diesel::delete(feed_item::table.filter(feed_id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(feed::table.filter(feed::id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(users::table.filter(users::id.eq(user.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_feed_item_does_not_duplicate_existing_items() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
|
|
||||||
let new_user = NewUser::new(
|
|
||||||
format!("sync_test_{suffix}"),
|
|
||||||
format!("sync_{suffix}@example.test"),
|
|
||||||
"secret".to_string(),
|
|
||||||
)
|
|
||||||
.unwrap();
|
|
||||||
let user: User = diesel::insert_into(users::table)
|
|
||||||
.values(&new_user)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let new_feed = NewFeed::new(
|
|
||||||
format!("Sync test feed {suffix}"),
|
|
||||||
format!("https://example.test/feed/{suffix}"),
|
|
||||||
user.id,
|
|
||||||
);
|
|
||||||
let feed: Feed = diesel::insert_into(feed::table)
|
|
||||||
.values(&new_feed)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let mut item = Item::default();
|
|
||||||
item.set_title(Some(format!("Sync test article {suffix}")));
|
|
||||||
item.set_link(Some(format!("https://example.test/article/{suffix}")));
|
|
||||||
item.set_content(Some("<p>Hello world</p>".to_string()));
|
|
||||||
|
|
||||||
create_feed_item(item.clone(), &feed, &mut connection).unwrap();
|
|
||||||
create_feed_item(item, &feed, &mut connection).unwrap();
|
|
||||||
|
|
||||||
let items: Vec<FeedItem> = feed_item::table
|
|
||||||
.filter(feed_id.eq(feed.id))
|
|
||||||
.load(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert_eq!(1, items.len(), "duplicate feed items should not be created");
|
|
||||||
|
|
||||||
diesel::delete(feed_item::table.filter(feed_id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(feed::table.filter(feed::id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(users::table.filter(users::id.eq(user.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_feed_item_strips_onerror_from_feed_image() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
|
|
||||||
let new_user = NewUser::new(
|
|
||||||
format!("xss_test_{suffix}"),
|
|
||||||
format!("xss_{suffix}@example.test"),
|
|
||||||
"secret".to_string(),
|
|
||||||
)
|
|
||||||
.unwrap();
|
|
||||||
let user: User = diesel::insert_into(users::table)
|
|
||||||
.values(&new_user)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let new_feed = NewFeed::new(
|
|
||||||
format!("XSS test feed {suffix}"),
|
|
||||||
format!("https://example.test/feed/{suffix}"),
|
|
||||||
user.id,
|
|
||||||
);
|
|
||||||
let feed: Feed = diesel::insert_into(feed::table)
|
|
||||||
.values(&new_feed)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let mut item = Item::default();
|
|
||||||
item.set_title(Some(format!("XSS article {suffix}")));
|
|
||||||
item.set_link(Some(format!("https://example.test/xss/{suffix}")));
|
|
||||||
item.set_content(Some(
|
|
||||||
r#"<img src="https://example.test/real.jpg" onerror="alert(1)"><p>text</p>"#
|
|
||||||
.to_string(),
|
|
||||||
));
|
|
||||||
|
|
||||||
create_feed_item(item, &feed, &mut connection).unwrap();
|
|
||||||
|
|
||||||
let stored: FeedItem = feed_item::table
|
|
||||||
.filter(feed_id.eq(feed.id))
|
|
||||||
.first(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
assert!(!stored.content.contains("onerror"));
|
|
||||||
assert!(!stored.content.contains("alert"));
|
|
||||||
assert!(stored.content.contains(r#"src="https://example.test/real.jpg""#));
|
|
||||||
|
|
||||||
diesel::delete(feed_item::table.filter(feed_id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(feed::table.filter(feed::id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(users::table.filter(users::id.eq(user.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_feed_item_strips_social_sharing_widget() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
|
|
||||||
let new_user = NewUser::new(
|
|
||||||
format!("social_bar_test_{suffix}"),
|
|
||||||
format!("social_bar_{suffix}@example.test"),
|
|
||||||
"secret".to_string(),
|
|
||||||
)
|
|
||||||
.unwrap();
|
|
||||||
let user: User = diesel::insert_into(users::table)
|
|
||||||
.values(&new_user)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let new_feed = NewFeed::new(
|
|
||||||
format!("Social bar test feed {suffix}"),
|
|
||||||
format!("https://example.test/feed/{suffix}"),
|
|
||||||
user.id,
|
|
||||||
);
|
|
||||||
let feed: Feed = diesel::insert_into(feed::table)
|
|
||||||
.values(&new_feed)
|
|
||||||
.get_result(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let mut item = Item::default();
|
|
||||||
item.set_title(Some(format!("Social bar article {suffix}")));
|
|
||||||
item.set_link(Some(format!("https://example.test/article/{suffix}")));
|
|
||||||
item.set_content(Some(
|
|
||||||
r#"<p>Article text</p>
|
|
||||||
<div id="article-social-bar" data-noprint="true">
|
|
||||||
<ul>
|
|
||||||
<li><a id="whatsapp" href="whatsapp://send?text=foo"> </a></li>
|
|
||||||
<li><a id="link_copy" onclick="copyToClipboard()"> </a>
|
|
||||||
<p>Link kopiert</p>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</div>"#
|
|
||||||
.to_string(),
|
|
||||||
));
|
|
||||||
|
|
||||||
create_feed_item(item, &feed, &mut connection).unwrap();
|
|
||||||
|
|
||||||
let items: Vec<FeedItem> = feed_item::table
|
|
||||||
.filter(feed_id.eq(feed.id))
|
|
||||||
.load(&mut connection)
|
|
||||||
.unwrap();
|
|
||||||
assert_eq!(1, items.len());
|
|
||||||
assert!(items[0].content.contains("Article text"));
|
|
||||||
assert!(!items[0].content.contains("Link kopiert"));
|
|
||||||
|
|
||||||
diesel::delete(feed_item::table.filter(feed_id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(feed::table.filter(feed::id.eq(feed.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
diesel::delete(users::table.filter(users::id.eq(user.id)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -28,7 +28,6 @@ diesel::table! {
|
|||||||
email -> Varchar,
|
email -> Varchar,
|
||||||
password -> Varchar,
|
password -> Varchar,
|
||||||
unique_id -> Varchar,
|
unique_id -> Varchar,
|
||||||
token_version -> Int4,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,56 @@
|
|||||||
|
use std::net::TcpListener;
|
||||||
|
|
||||||
|
use actix_service::Service;
|
||||||
|
use actix_web::web;
|
||||||
|
use actix_web::{dev::Server, App, HttpResponse, HttpServer};
|
||||||
|
use diesel::r2d2::{ConnectionManager, Pool};
|
||||||
|
use diesel::PgConnection;
|
||||||
|
use futures::future::{ok, Either};
|
||||||
|
|
||||||
|
use crate::auth;
|
||||||
|
use crate::views;
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "Run application", skip(connection, listener))]
|
||||||
|
pub fn run(
|
||||||
|
listener: TcpListener,
|
||||||
|
connection: Pool<ConnectionManager<PgConnection>>,
|
||||||
|
) -> Result<Server, std::io::Error> {
|
||||||
|
let wrapper = web::Data::new(connection);
|
||||||
|
let server = HttpServer::new(move || {
|
||||||
|
App::new()
|
||||||
|
.wrap_fn(|req, srv| {
|
||||||
|
let mut passed: bool;
|
||||||
|
|
||||||
|
if req.path().contains("/article/") {
|
||||||
|
match auth::process_token(&req) {
|
||||||
|
Ok(_token) => passed = true,
|
||||||
|
Err(_message) => passed = false,
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
passed = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if req.path().contains("user/create") {
|
||||||
|
passed = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
let end_result = match passed {
|
||||||
|
true => Either::Left(srv.call(req)),
|
||||||
|
false => Either::Right(ok(req.into_response(
|
||||||
|
HttpResponse::Unauthorized().finish().map_into_boxed_body(),
|
||||||
|
))),
|
||||||
|
};
|
||||||
|
|
||||||
|
async move {
|
||||||
|
let result = end_result.await?;
|
||||||
|
Ok(result)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.app_data(wrapper.clone())
|
||||||
|
.configure(views::views_factory)
|
||||||
|
})
|
||||||
|
.listen(listener)?
|
||||||
|
.run();
|
||||||
|
|
||||||
|
Ok(server)
|
||||||
|
}
|
||||||
@@ -0,0 +1,27 @@
|
|||||||
|
use tracing::{dispatcher::set_global_default, Subscriber};
|
||||||
|
use tracing_bunyan_formatter::{BunyanFormattingLayer, JsonStorageLayer};
|
||||||
|
use tracing_log::LogTracer;
|
||||||
|
use tracing_subscriber::{fmt::MakeWriter, layer::SubscriberExt, EnvFilter, Registry};
|
||||||
|
|
||||||
|
pub fn get_subscriber<Sink>(
|
||||||
|
name: String,
|
||||||
|
env_filter: String,
|
||||||
|
sink: Sink,
|
||||||
|
) -> impl Subscriber + Send + Sync
|
||||||
|
where
|
||||||
|
Sink: for<'a> MakeWriter<'a> + Send + Sync + 'static,
|
||||||
|
{
|
||||||
|
let env_filter =
|
||||||
|
EnvFilter::try_from_default_env().unwrap_or_else(|_| EnvFilter::new(env_filter));
|
||||||
|
let formatting_layer = BunyanFormattingLayer::new(name, sink);
|
||||||
|
|
||||||
|
Registry::default()
|
||||||
|
.with(env_filter)
|
||||||
|
.with(JsonStorageLayer)
|
||||||
|
.with(formatting_layer)
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn init_subscriber(subscriber: impl Subscriber + Send + Sync) {
|
||||||
|
LogTracer::init().expect("Failed to set logger.");
|
||||||
|
set_global_default(subscriber.into()).expect("Failed to set subscriber.");
|
||||||
|
}
|
||||||
@@ -1,92 +0,0 @@
|
|||||||
#![cfg(test)]
|
|
||||||
|
|
||||||
use diesel::prelude::*;
|
|
||||||
use uuid::Uuid;
|
|
||||||
|
|
||||||
use crate::models::feed::new_feed::NewFeed;
|
|
||||||
use crate::models::feed::rss_feed::Feed;
|
|
||||||
use crate::models::feed_item::new_feed_item::NewFeedItem;
|
|
||||||
use crate::models::feed_item::rss_feed_item::FeedItem;
|
|
||||||
use crate::models::user::new_user::NewUser;
|
|
||||||
use crate::models::user::rss_user::User;
|
|
||||||
use crate::schema::{feed, feed_item, users};
|
|
||||||
|
|
||||||
// Test fixtures are written through the same models/schema as the app and
|
|
||||||
// cleaned up explicitly afterwards (rather than wrapped in a rolled-back
|
|
||||||
// transaction), because every handler opens its own DB connection via
|
|
||||||
// `establish_connection`, so a transaction held by the test would not be
|
|
||||||
// visible to the handler under test. Random suffixes keep parallel test runs
|
|
||||||
// from colliding on the unique username/email/url constraints.
|
|
||||||
|
|
||||||
pub fn unique_suffix() -> String {
|
|
||||||
Uuid::new_v4().to_string()
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn insert_user(connection: &mut PgConnection, password: &str) -> User {
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
let new_user = NewUser::new(
|
|
||||||
format!("test_user_{suffix}"),
|
|
||||||
format!("test_{suffix}@example.test"),
|
|
||||||
password.to_string(),
|
|
||||||
)
|
|
||||||
.expect("failed to hash test user password");
|
|
||||||
diesel::insert_into(users::table)
|
|
||||||
.values(&new_user)
|
|
||||||
.get_result(connection)
|
|
||||||
.expect("failed to insert test user")
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn delete_user(connection: &mut PgConnection, user_id: i32) {
|
|
||||||
diesel::delete(users::table.filter(users::id.eq(user_id)))
|
|
||||||
.execute(connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn insert_feed(connection: &mut PgConnection, owner_id: i32) -> Feed {
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
let new_feed = NewFeed::new(
|
|
||||||
format!("Test feed {suffix}"),
|
|
||||||
format!("https://example.test/feed/{suffix}"),
|
|
||||||
owner_id,
|
|
||||||
);
|
|
||||||
diesel::insert_into(feed::table)
|
|
||||||
.values(&new_feed)
|
|
||||||
.get_result(connection)
|
|
||||||
.expect("failed to insert test feed")
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn delete_feed(connection: &mut PgConnection, id: i32) {
|
|
||||||
diesel::delete(feed::table.filter(feed::id.eq(id)))
|
|
||||||
.execute(connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn insert_feed_item(connection: &mut PgConnection, owning_feed_id: i32, read: bool) -> FeedItem {
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
let new_item = NewFeedItem::new(
|
|
||||||
owning_feed_id,
|
|
||||||
format!("Content {suffix}"),
|
|
||||||
format!("Title {suffix}"),
|
|
||||||
format!("https://example.test/article/{suffix}"),
|
|
||||||
None,
|
|
||||||
);
|
|
||||||
let item: FeedItem = diesel::insert_into(feed_item::table)
|
|
||||||
.values(&new_item)
|
|
||||||
.get_result(connection)
|
|
||||||
.expect("failed to insert test feed item");
|
|
||||||
|
|
||||||
if read {
|
|
||||||
diesel::update(&item)
|
|
||||||
.set(feed_item::read.eq(true))
|
|
||||||
.execute(connection)
|
|
||||||
.expect("failed to mark test feed item as read");
|
|
||||||
}
|
|
||||||
|
|
||||||
item
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn delete_feed_item(connection: &mut PgConnection, id: i32) {
|
|
||||||
diesel::delete(feed_item::table.filter(feed_item::id.eq(id)))
|
|
||||||
.execute(connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
+18
-84
@@ -1,110 +1,44 @@
|
|||||||
use crate::database::establish_connection;
|
|
||||||
use crate::diesel;
|
use crate::diesel;
|
||||||
use crate::error::AppError;
|
|
||||||
use crate::json_serialization::login::Login;
|
use crate::json_serialization::login::Login;
|
||||||
use crate::models::user::rss_user::User;
|
use crate::models::user::rss_user::User;
|
||||||
use crate::schema::users;
|
use crate::schema::users;
|
||||||
use crate::{auth::jwt::JwtToken, schema::users::username};
|
use crate::{auth::jwt::JwtToken, schema::users::username};
|
||||||
use actix_web::{web, HttpResponse};
|
use actix_web::{web, HttpResponse};
|
||||||
use diesel::prelude::*;
|
use diesel::prelude::*;
|
||||||
|
use diesel::r2d2::{ConnectionManager, Pool};
|
||||||
|
|
||||||
|
pub async fn login(
|
||||||
|
credentials: web::Json<Login>,
|
||||||
|
pool: web::Data<Pool<ConnectionManager<PgConnection>>>,
|
||||||
|
) -> HttpResponse {
|
||||||
|
let pool_arc = pool.get_ref().clone();
|
||||||
|
let mut connection = pool_arc.get().expect("Failed to get database connection");
|
||||||
|
|
||||||
pub async fn login(credentials: web::Json<Login>) -> Result<HttpResponse, AppError> {
|
|
||||||
let username_cred: String = credentials.username.clone();
|
let username_cred: String = credentials.username.clone();
|
||||||
let password: String = credentials.password.clone();
|
let password: String = credentials.password.clone();
|
||||||
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
|
|
||||||
let users: Vec<User> = users::table
|
let users: Vec<User> = users::table
|
||||||
.filter(username.eq(username_cred.as_str()))
|
.filter(username.eq(username_cred.as_str()))
|
||||||
.load::<User>(&mut connection)?;
|
.load::<User>(&mut connection)
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
if users.is_empty() {
|
if users.is_empty() {
|
||||||
return Ok(HttpResponse::NotFound().finish());
|
return HttpResponse::NotFound().await.unwrap();
|
||||||
} else if users.len() > 1 {
|
} else if users.len() > 1 {
|
||||||
log::error!(
|
return HttpResponse::Conflict().await.unwrap();
|
||||||
"multiple user have the usernam: {}",
|
|
||||||
credentials.username.clone()
|
|
||||||
);
|
|
||||||
return Ok(HttpResponse::Conflict().finish());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
let user: &User = &users[0];
|
let user: &User = &users[0];
|
||||||
|
|
||||||
match user.clone().verify(password)? {
|
match user.clone().verify(password) {
|
||||||
true => {
|
true => {
|
||||||
log::info!("verified password successfully for user {}", user.id);
|
let token: String = JwtToken::encode(user.clone().id);
|
||||||
let token: String = JwtToken::encode(user.id, user.token_version);
|
HttpResponse::Ok()
|
||||||
Ok(HttpResponse::Ok()
|
|
||||||
.insert_header(("token", token))
|
.insert_header(("token", token))
|
||||||
.insert_header(("user_id", user.id))
|
.insert_header(("user_id", user.id))
|
||||||
.finish())
|
.await
|
||||||
|
.unwrap()
|
||||||
}
|
}
|
||||||
false => Ok(HttpResponse::Unauthorized().finish()),
|
false => HttpResponse::Unauthorized().await.unwrap(),
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App};
|
|
||||||
|
|
||||||
use super::login;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::test_helpers::{delete_user, insert_user, unique_suffix};
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn login_succeeds_with_correct_credentials() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "correct-password");
|
|
||||||
|
|
||||||
let app = test::init_service(App::new().route("/login", web::post().to(login))).await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/login")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"username": user.username,
|
|
||||||
"password": "correct-password"
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::OK, resp.status());
|
|
||||||
assert!(resp.headers().contains_key("token"));
|
|
||||||
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn login_fails_with_wrong_password() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "correct-password");
|
|
||||||
|
|
||||||
let app = test::init_service(App::new().route("/login", web::post().to(login))).await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/login")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"username": user.username,
|
|
||||||
"password": "wrong-password"
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::UNAUTHORIZED, resp.status());
|
|
||||||
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn login_fails_for_unknown_user() {
|
|
||||||
let app = test::init_service(App::new().route("/login", web::post().to(login))).await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/login")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"username": format!("does-not-exist-{}", unique_suffix()),
|
|
||||||
"password": "whatever"
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::NOT_FOUND, resp.status());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,62 +1,3 @@
|
|||||||
use actix_web::HttpResponse;
|
pub async fn logout() -> String {
|
||||||
use diesel::prelude::*;
|
"logout view".to_string()
|
||||||
|
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::error::AppError;
|
|
||||||
use crate::schema::users;
|
|
||||||
|
|
||||||
/// Invalidates every token previously issued for this user by bumping
|
|
||||||
/// `token_version` — the auth middleware rejects tokens whose `tv` claim no
|
|
||||||
/// longer matches the stored value.
|
|
||||||
pub async fn logout(auth_user: AuthUser) -> Result<HttpResponse, AppError> {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
|
|
||||||
diesel::update(users::table.find(auth_user.0))
|
|
||||||
.set(users::token_version.eq(users::token_version + 1))
|
|
||||||
.execute(&mut connection)?;
|
|
||||||
|
|
||||||
Ok(HttpResponse::Ok().finish())
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_service::Service;
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App, HttpMessage};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
|
|
||||||
use super::logout;
|
|
||||||
use crate::auth::extractor::AuthUser;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::models::user::rss_user::User;
|
|
||||||
use crate::schema::users;
|
|
||||||
use crate::test_helpers::{delete_user, insert_user};
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn logout_bumps_token_version() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
let user_id = user.id;
|
|
||||||
let initial_version = user.token_version;
|
|
||||||
|
|
||||||
let app = test::init_service(
|
|
||||||
App::new()
|
|
||||||
.wrap_fn(move |req, srv| {
|
|
||||||
req.extensions_mut().insert(AuthUser(user_id));
|
|
||||||
srv.call(req)
|
|
||||||
})
|
|
||||||
.route("/logout", web::post().to(logout)),
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
let req = test::TestRequest::post().uri("/logout").to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::OK, resp.status());
|
|
||||||
|
|
||||||
let updated: User = users::table.find(user_id).first(&mut connection).unwrap();
|
|
||||||
assert_eq!(initial_version + 1, updated.token_version);
|
|
||||||
|
|
||||||
delete_user(&mut connection, user_id);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
+3
-14
@@ -1,4 +1,3 @@
|
|||||||
use actix_governor::{Governor, GovernorConfigBuilder};
|
|
||||||
use actix_web::web;
|
use actix_web::web;
|
||||||
use actix_web::web::ServiceConfig;
|
use actix_web::web::ServiceConfig;
|
||||||
|
|
||||||
@@ -13,19 +12,9 @@ pub fn auth_factory(app: &mut ServiceConfig) {
|
|||||||
backend: true,
|
backend: true,
|
||||||
};
|
};
|
||||||
|
|
||||||
// Login is the only unauthenticated endpoint that checks a password, so
|
app.route(
|
||||||
// it's the only one worth rate-limiting against brute-force/credential
|
&base_path.define(String::from("/login")),
|
||||||
// stuffing. One request every 2s with a burst of 5 per IP.
|
web::post().to(login::login),
|
||||||
let login_rate_limit = GovernorConfigBuilder::default()
|
|
||||||
.seconds_per_request(2)
|
|
||||||
.burst_size(5)
|
|
||||||
.finish()
|
|
||||||
.expect("valid governor rate-limit config");
|
|
||||||
|
|
||||||
app.service(
|
|
||||||
web::resource(base_path.define(String::from("/login")))
|
|
||||||
.wrap(Governor::new(&login_rate_limit))
|
|
||||||
.route(web::post().to(login::login)),
|
|
||||||
);
|
);
|
||||||
app.route(
|
app.route(
|
||||||
&base_path.define(String::from("/logout")),
|
&base_path.define(String::from("/logout")),
|
||||||
|
|||||||
+19
-91
@@ -1,106 +1,34 @@
|
|||||||
use crate::database::establish_connection;
|
|
||||||
use crate::diesel;
|
use crate::diesel;
|
||||||
use crate::error::AppError;
|
|
||||||
use crate::json_serialization::new_user::NewUserSchema;
|
use crate::json_serialization::new_user::NewUserSchema;
|
||||||
use crate::models::user::new_user::{validate_password, NewUser};
|
use crate::models::user::new_user::NewUser;
|
||||||
use crate::schema::users;
|
use crate::schema::users;
|
||||||
use actix_web::{web, HttpResponse};
|
use actix_web::{web, HttpResponse};
|
||||||
use diesel::prelude::*;
|
use diesel::{
|
||||||
|
prelude::*,
|
||||||
|
r2d2::{ConnectionManager, Pool},
|
||||||
|
};
|
||||||
|
use secrecy::Secret;
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "Create new User", skip(pool))]
|
||||||
|
pub async fn create(
|
||||||
|
new_user: web::Json<NewUserSchema>,
|
||||||
|
pool: web::Data<Pool<ConnectionManager<PgConnection>>>,
|
||||||
|
) -> HttpResponse {
|
||||||
|
let pool_arc = pool.get_ref().clone();
|
||||||
|
let mut connection = pool_arc.get().expect("Failed to get database connection");
|
||||||
|
|
||||||
pub async fn create(new_user: web::Json<NewUserSchema>) -> Result<HttpResponse, AppError> {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let name: String = new_user.name.clone();
|
let name: String = new_user.name.clone();
|
||||||
let email: String = new_user.email.clone();
|
let email: String = new_user.email.clone();
|
||||||
let new_password: String = new_user.password.clone();
|
let new_password: Secret<String> = Secret::new(new_user.password.clone());
|
||||||
|
|
||||||
if let Err(message) = validate_password(&new_password) {
|
let new_user = NewUser::new(name, email, new_password);
|
||||||
return Ok(HttpResponse::BadRequest().body(message));
|
|
||||||
}
|
|
||||||
|
|
||||||
let new_user = NewUser::new(name, email, new_password)?;
|
|
||||||
|
|
||||||
let insert_result = diesel::insert_into(users::table)
|
let insert_result = diesel::insert_into(users::table)
|
||||||
.values(&new_user)
|
.values(&new_user)
|
||||||
.execute(&mut connection);
|
.execute(&mut connection);
|
||||||
|
|
||||||
Ok(match insert_result {
|
match insert_result {
|
||||||
Ok(_) => HttpResponse::Created().finish(),
|
Ok(_) => HttpResponse::Created().await.unwrap(),
|
||||||
Err(_) => HttpResponse::Conflict().finish(),
|
Err(_) => HttpResponse::Conflict().await.unwrap(),
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
#[cfg(test)]
|
|
||||||
mod tests {
|
|
||||||
use actix_web::http::StatusCode;
|
|
||||||
use actix_web::{test, web, App};
|
|
||||||
use diesel::prelude::*;
|
|
||||||
|
|
||||||
use super::create;
|
|
||||||
use crate::database::establish_connection;
|
|
||||||
use crate::schema::users;
|
|
||||||
use crate::test_helpers::{delete_user, insert_user, unique_suffix};
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_succeeds_for_new_user() {
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
let username = format!("new_user_{suffix}");
|
|
||||||
let email = format!("new_{suffix}@example.test");
|
|
||||||
|
|
||||||
let app = test::init_service(App::new().route("/create", web::post().to(create))).await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/create")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"name": username,
|
|
||||||
"email": email,
|
|
||||||
"password": "secret"
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::CREATED, resp.status());
|
|
||||||
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
diesel::delete(users::table.filter(users::username.eq(&username)))
|
|
||||||
.execute(&mut connection)
|
|
||||||
.ok();
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_fails_for_short_password() {
|
|
||||||
let suffix = unique_suffix();
|
|
||||||
|
|
||||||
let app = test::init_service(App::new().route("/create", web::post().to(create))).await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/create")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"name": format!("short_pw_{suffix}"),
|
|
||||||
"email": format!("short_{suffix}@example.test"),
|
|
||||||
"password": "abc"
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::BAD_REQUEST, resp.status());
|
|
||||||
}
|
|
||||||
|
|
||||||
#[actix_web::test]
|
|
||||||
async fn create_fails_for_duplicate_user() {
|
|
||||||
let mut connection = establish_connection();
|
|
||||||
let user = insert_user(&mut connection, "secret");
|
|
||||||
|
|
||||||
let app = test::init_service(App::new().route("/create", web::post().to(create))).await;
|
|
||||||
let req = test::TestRequest::post()
|
|
||||||
.uri("/create")
|
|
||||||
.set_json(serde_json::json!({
|
|
||||||
"name": user.username,
|
|
||||||
"email": user.email,
|
|
||||||
"password": "secret"
|
|
||||||
}))
|
|
||||||
.to_request();
|
|
||||||
let resp = test::call_service(&app, req).await;
|
|
||||||
|
|
||||||
assert_eq!(StatusCode::CONFLICT, resp.status());
|
|
||||||
|
|
||||||
delete_user(&mut connection, user.id);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Executable
+12
@@ -0,0 +1,12 @@
|
|||||||
|
.header {
|
||||||
|
background: #034f84;
|
||||||
|
margin-bottom: 0.3rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
.header p {
|
||||||
|
color: white;
|
||||||
|
display: inline-block;
|
||||||
|
margin: 0.5rem;
|
||||||
|
margin-right: 0.4rem;
|
||||||
|
margin-left: 0.4rem;
|
||||||
|
}
|
||||||
Executable
+4
@@ -0,0 +1,4 @@
|
|||||||
|
<div class="header">
|
||||||
|
<p>complete tasks: </p><p id="completeNum"></p>
|
||||||
|
<p>pending tasks: </p><p id="pendingNum"></p>
|
||||||
|
</div>
|
||||||
Executable
+51
@@ -0,0 +1,51 @@
|
|||||||
|
<html>
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<meta charSet="UTF-8" />
|
||||||
|
<meta name="viewport" content="width=device-width,
|
||||||
|
initial-scale=1.0" />
|
||||||
|
<meta name="description" content="This is a simple to do app" />
|
||||||
|
<meta httpEquiv="X-UA-Compatiable" content="ie=edge" />
|
||||||
|
<title>Login</title>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<style>
|
||||||
|
{{BASE_CSS}}
|
||||||
|
{{CSS}}
|
||||||
|
|
||||||
|
.loginButtonStyle {
|
||||||
|
display: inline-block;
|
||||||
|
background: #f7786b;
|
||||||
|
border: none;
|
||||||
|
padding: 0.5rem;
|
||||||
|
padding-left: 2rem;
|
||||||
|
padding-right: 2rem;
|
||||||
|
color: white;
|
||||||
|
}
|
||||||
|
|
||||||
|
.loginButtonStyle:hover {
|
||||||
|
background: #f7686b;
|
||||||
|
color: black;
|
||||||
|
}
|
||||||
|
|
||||||
|
</style>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<div class="mainContainer">
|
||||||
|
<h2 class="ContainerTitle" style="text-align:center;">Login</h2>
|
||||||
|
<p id="loginMessage" class="FeedbackMessage" style="text-align:center;"></p>
|
||||||
|
<form style="text-align:center;" action="submit">
|
||||||
|
<input type="text" value="" placeholder="Username" class="formInputContainer"
|
||||||
|
id="defaultLoginFormUsername"><br>
|
||||||
|
<p></p>
|
||||||
|
<input type="password" value="" placeholder="Password" class="formInputContainer"
|
||||||
|
id="defaultLoginFormPassword"><br><br>
|
||||||
|
<input type="button" value="Submit" class="loginButtonStyle" id="loginButton" style="text-align:center;">
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
<script>
|
||||||
|
{{JAVASCRIPT}}
|
||||||
|
</script>
|
||||||
|
|
||||||
|
</html>
|
||||||
Executable
+26
@@ -0,0 +1,26 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8" />
|
||||||
|
<meta
|
||||||
|
name="viewport"
|
||||||
|
content="width=device-width,
|
||||||
|
initial-scale=1.0"
|
||||||
|
/>
|
||||||
|
<meta httpEquiv="X-UA-Compatible" content="ie=edge" />
|
||||||
|
<meta name="description" content="This is a simple to do app" />
|
||||||
|
<title>ToDo App</title>
|
||||||
|
</head>
|
||||||
|
<style>
|
||||||
|
BASE_CSS
|
||||||
|
CSS
|
||||||
|
HEADER_CSS
|
||||||
|
</style>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<div id="mainContainer" class="mainContainer"></div>
|
||||||
|
</body>
|
||||||
|
<script>
|
||||||
|
JAVASCRIPT;
|
||||||
|
</script>
|
||||||
|
</html>
|
||||||
@@ -1,2 +0,0 @@
|
|||||||
node_modules
|
|
||||||
dist
|
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
VITE_API_BASE_URL=http://localhost:8001
|
||||||
|
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
VITE_API_BASE_URL=http://rust-app:8001
|
||||||
|
|
||||||
+17
-11
@@ -1,16 +1,22 @@
|
|||||||
# --- builder ---
|
FROM node:lts-alpine
|
||||||
FROM node:20-alpine AS builder
|
|
||||||
|
|
||||||
|
# install simple http server for serving static content
|
||||||
|
RUN npm install -g http-server
|
||||||
|
|
||||||
|
# make the 'app' folder the current working directory
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY package.json package-lock.json ./
|
|
||||||
RUN npm ci
|
# copy both 'package.json' and 'package-lock.json' (if available)
|
||||||
|
COPY package*.json ./
|
||||||
|
|
||||||
|
# install project dependencies
|
||||||
|
RUN npm install
|
||||||
|
|
||||||
|
# copy project files and folders to the current working directory (i.e. 'app' folder)
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
|
# build app for production with minification
|
||||||
RUN npm run build
|
RUN npm run build
|
||||||
|
|
||||||
# --- runtime ---
|
EXPOSE 8080
|
||||||
FROM nginx:alpine
|
CMD [ "http-server", "dist" ]
|
||||||
|
|
||||||
COPY --from=builder /app/dist /usr/share/nginx/html
|
|
||||||
COPY nginx.conf /etc/nginx/conf.d/default.conf
|
|
||||||
|
|
||||||
EXPOSE 80
|
|
||||||
|
|||||||
+1
-5
@@ -3,13 +3,9 @@
|
|||||||
|
|
||||||
<head>
|
<head>
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
<link rel="icon" type="image/svg+xml" href="/favicon.svg">
|
<link rel="icon" href="/favicon.ico">
|
||||||
<link rel="alternate icon" href="/favicon.ico">
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
<title>RSS-Reader</title>
|
<title>RSS-Reader</title>
|
||||||
<link rel="preconnect" href="https://fonts.googleapis.com">
|
|
||||||
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
|
||||||
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,400;0,700;1,400&family=Playfair+Display:wght@400;700&family=Raleway:wght@400;700&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,700;1,8..60,400&display=swap" rel="stylesheet">
|
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
<body>
|
<body>
|
||||||
|
|||||||
@@ -1,19 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_name _;
|
|
||||||
|
|
||||||
root /usr/share/nginx/html;
|
|
||||||
index index.html;
|
|
||||||
|
|
||||||
location /api/ {
|
|
||||||
proxy_pass http://backend:8001/api/;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.html;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Generated
+570
-2902
File diff suppressed because it is too large
Load Diff
+10
-12
@@ -6,26 +6,24 @@
|
|||||||
"dev": "vite",
|
"dev": "vite",
|
||||||
"build": "vite build",
|
"build": "vite build",
|
||||||
"preview": "vite preview",
|
"preview": "vite preview",
|
||||||
"test": "vitest run",
|
|
||||||
"lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs --fix --ignore-path .gitignore",
|
"lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs --fix --ignore-path .gitignore",
|
||||||
"format": "prettier --write src/"
|
"format": "prettier --write src/"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@mozilla/readability": "^0.6.0",
|
"@mozilla/readability": "^0.4.4",
|
||||||
"axios": "^1.17.0",
|
"axios": "^1.5.0",
|
||||||
"vue": "^3.5.35",
|
"vue": "^3.3.4",
|
||||||
"vue-router": "^5.1.0"
|
"vue-router": "^4.2.4",
|
||||||
|
"vue-sessionstorage": "^1.0.0"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@rushstack/eslint-patch": "^1.16.1",
|
"@rushstack/eslint-patch": "^1.3.2",
|
||||||
"@vitejs/plugin-vue": "^6.0.7",
|
"@vitejs/plugin-vue": "^4.3.1",
|
||||||
"@vue/eslint-config-prettier": "^8.0.0",
|
"@vue/eslint-config-prettier": "^8.0.0",
|
||||||
"@vue/test-utils": "^2.4.11",
|
"dotenv": "^16.4.5",
|
||||||
"eslint": "^8.46.0",
|
"eslint": "^8.46.0",
|
||||||
"eslint-plugin-vue": "^9.16.1",
|
"eslint-plugin-vue": "^9.16.1",
|
||||||
"jsdom": "^29.1.1",
|
"prettier": "^3.0.0",
|
||||||
"prettier": "^3.8.3",
|
"vite": "^4.4.9"
|
||||||
"vite": "^8.0.16",
|
|
||||||
"vitest": "^4.1.8"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Binary file not shown.
|
Before Width: | Height: | Size: 15 KiB After Width: | Height: | Size: 4.2 KiB |
@@ -1,6 +0,0 @@
|
|||||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64">
|
|
||||||
<rect width="64" height="64" rx="14" fill="#1a8f5e"/>
|
|
||||||
<circle cx="20" cy="44" r="6" fill="#ffffff"/>
|
|
||||||
<path d="M14 28a22 22 0 0 1 22 22h-8a14 14 0 0 0-14-14z" fill="#ffffff"/>
|
|
||||||
<path d="M14 14a36 36 0 0 1 36 36h-8a28 28 0 0 0-28-28z" fill="#ffffff"/>
|
|
||||||
</svg>
|
|
||||||
|
Before Width: | Height: | Size: 325 B |
+72
-9
@@ -1,15 +1,78 @@
|
|||||||
<script setup>
|
<script setup>
|
||||||
import { onMounted } from 'vue'
|
import { RouterLink, RouterView } from 'vue-router'
|
||||||
import { RouterView, useRoute } from 'vue-router'
|
|
||||||
import AppNav from './components/AppNav.vue'
|
|
||||||
import { useSettings } from './composables/useSettings.js'
|
|
||||||
|
|
||||||
const route = useRoute()
|
|
||||||
const { applySettings } = useSettings()
|
|
||||||
onMounted(applySettings)
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<template>
|
<template>
|
||||||
<AppNav v-if="route.meta.requiresAuth" />
|
<!-- <header> -->
|
||||||
|
<!-- <div class="wrapper"> -->
|
||||||
|
<!-- <nav> -->
|
||||||
|
<!-- <p onclick="$refs.sync">Sync</p> -->
|
||||||
|
<!-- <p>Login</p> -->
|
||||||
|
<!-- <RouterLink to="/">Home</RouterLink> -->
|
||||||
|
<!-- <RouterLink to="/about">About</RouterLink> -->
|
||||||
|
<!-- <RouterLink to="/feeds">Feeds</RouterLink> -->
|
||||||
|
<!-- </nav> -->
|
||||||
|
<!-- </div> -->
|
||||||
|
<!-- </header> -->
|
||||||
|
|
||||||
<RouterView />
|
<RouterView />
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
|
<style>
|
||||||
|
header {
|
||||||
|
line-height: 1.5;
|
||||||
|
max-height: 100vh;
|
||||||
|
}
|
||||||
|
|
||||||
|
.logo {
|
||||||
|
display: block;
|
||||||
|
margin: 0 auto 2rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
nav {
|
||||||
|
width: 100%;
|
||||||
|
font-size: 12px;
|
||||||
|
text-align: center;
|
||||||
|
margin-top: 2rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
nav p.router-link-exact-active {
|
||||||
|
color: var(--color-text);
|
||||||
|
}
|
||||||
|
|
||||||
|
nav p.router-link-exact-active:hover {
|
||||||
|
background-color: transparent;
|
||||||
|
}
|
||||||
|
|
||||||
|
nav p {
|
||||||
|
display: inline-block;
|
||||||
|
padding: 0 1rem;
|
||||||
|
border-left: 1px solid var(--color-border);
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
|
||||||
|
nav p:first-of-type {
|
||||||
|
border: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (min-width: 1024px) {
|
||||||
|
header {
|
||||||
|
place-items: center;
|
||||||
|
padding-right: calc(var(--section-gap) / 2);
|
||||||
|
}
|
||||||
|
|
||||||
|
.logo {
|
||||||
|
margin: 0 2rem 0 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
nav {
|
||||||
|
text-align: left;
|
||||||
|
margin-left: -1rem;
|
||||||
|
font-size: 1rem;
|
||||||
|
|
||||||
|
padding: 1rem 0;
|
||||||
|
margin-top: 1rem;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
|||||||
+1
-20
@@ -23,11 +23,6 @@
|
|||||||
|
|
||||||
/* semantic color variables for this project */
|
/* semantic color variables for this project */
|
||||||
:root {
|
:root {
|
||||||
--headline-font-family: Glook, 'Courier New';
|
|
||||||
--content-font-family: Merriweather, Georgia, 'Times New Roman', Times, serif;
|
|
||||||
--headline-font-size-scale: 1;
|
|
||||||
--content-font-size-scale: 1;
|
|
||||||
|
|
||||||
--color-background: var(--vt-c-white);
|
--color-background: var(--vt-c-white);
|
||||||
--color-background-soft: var(--vt-c-white-soft);
|
--color-background-soft: var(--vt-c-white-soft);
|
||||||
--color-background-mute: var(--vt-c-white-mute);
|
--color-background-mute: var(--vt-c-white-mute);
|
||||||
@@ -38,13 +33,6 @@
|
|||||||
--color-heading: var(--vt-c-text-light-1);
|
--color-heading: var(--vt-c-text-light-1);
|
||||||
--color-text: var(--vt-c-text-light-1);
|
--color-text: var(--vt-c-text-light-1);
|
||||||
|
|
||||||
--color-accent: hsla(160, 100%, 37%, 1);
|
|
||||||
--color-accent-hover: hsla(160, 100%, 37%, 0.2);
|
|
||||||
--color-accent-2: hsla(200, 90%, 45%, 1);
|
|
||||||
--color-accent-2-hover: hsla(200, 90%, 35%, 1);
|
|
||||||
--color-info: #3498db;
|
|
||||||
--color-info-text: white;
|
|
||||||
|
|
||||||
--section-gap: 160px;
|
--section-gap: 160px;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -59,9 +47,6 @@
|
|||||||
|
|
||||||
--color-heading: var(--vt-c-text-dark-1);
|
--color-heading: var(--vt-c-text-dark-1);
|
||||||
--color-text: var(--vt-c-text-dark-2);
|
--color-text: var(--vt-c-text-dark-2);
|
||||||
|
|
||||||
--color-accent-2: hsla(200, 90%, 65%, 1);
|
|
||||||
--color-accent-2-hover: hsla(200, 90%, 75%, 1);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -75,17 +60,13 @@
|
|||||||
|
|
||||||
body {
|
body {
|
||||||
min-height: 100vh;
|
min-height: 100vh;
|
||||||
/* Full-bleed article images use a `100vw`-based breakout, which can be
|
|
||||||
wider than the visible content area (scrollbar) and would otherwise
|
|
||||||
introduce a horizontal scrollbar. */
|
|
||||||
overflow-x: hidden;
|
|
||||||
color: var(--color-text);
|
color: var(--color-text);
|
||||||
background: var(--color-background);
|
background: var(--color-background);
|
||||||
transition: color 0.5s, background-color 0.5s;
|
transition: color 0.5s, background-color 0.5s;
|
||||||
line-height: 1.6;
|
line-height: 1.6;
|
||||||
font-family: Inter, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu,
|
font-family: Inter, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu,
|
||||||
Cantarell, 'Fira Sans', 'Droid Sans', 'Helvetica Neue', sans-serif;
|
Cantarell, 'Fira Sans', 'Droid Sans', 'Helvetica Neue', sans-serif;
|
||||||
font-size: clamp(14px, 2.5vw, 16px);
|
font-size: 15px;
|
||||||
text-rendering: optimizeLegibility;
|
text-rendering: optimizeLegibility;
|
||||||
-webkit-font-smoothing: antialiased;
|
-webkit-font-smoothing: antialiased;
|
||||||
-moz-osx-font-smoothing: grayscale;
|
-moz-osx-font-smoothing: grayscale;
|
||||||
|
|||||||
+66
-71
@@ -3,8 +3,7 @@
|
|||||||
#app {
|
#app {
|
||||||
max-width: 1280px;
|
max-width: 1280px;
|
||||||
margin: 0 auto;
|
margin: 0 auto;
|
||||||
padding: 0.5rem;
|
padding: 2rem;
|
||||||
padding-top: var(--app-nav-height, 4.5rem);
|
|
||||||
|
|
||||||
font-weight: normal;
|
font-weight: normal;
|
||||||
}
|
}
|
||||||
@@ -12,106 +11,102 @@
|
|||||||
a,
|
a,
|
||||||
.green {
|
.green {
|
||||||
text-decoration: none;
|
text-decoration: none;
|
||||||
color: var(--color-accent);
|
color: hsla(160, 100%, 37%, 1);
|
||||||
transition: 0.4s;
|
transition: 0.4s;
|
||||||
}
|
}
|
||||||
.feed-actions {
|
|
||||||
display: flex;
|
|
||||||
flex-wrap: wrap;
|
|
||||||
gap: 0.75rem;
|
|
||||||
margin-bottom: 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-actions p {
|
|
||||||
display: inline-flex;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: center;
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0.5rem 1rem;
|
|
||||||
margin: 0;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 4px;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-actions p:hover {
|
|
||||||
border-color: var(--color-border-hover);
|
|
||||||
}
|
|
||||||
|
|
||||||
.message {
|
.message {
|
||||||
background-color: var(--color-info);
|
background-color: #3498db;
|
||||||
color: var(--color-info-text);
|
color: white;
|
||||||
padding: 10px;
|
padding: 10px;
|
||||||
border-radius: 4px;
|
border-radius: 4px;
|
||||||
position: fixed;
|
position: fixed;
|
||||||
top: 10px;
|
top: 10px;
|
||||||
left: 50%;
|
left: 50%;
|
||||||
transform: translateX(-50%);
|
transform: translateX(-50%);
|
||||||
max-width: min(90vw, 28rem);
|
|
||||||
overflow-wrap: break-word;
|
|
||||||
z-index: 9999;
|
z-index: 9999;
|
||||||
}
|
}
|
||||||
|
|
||||||
@media (hover: hover) {
|
@media (hover: hover) {
|
||||||
a:hover {
|
a:hover {
|
||||||
background-color: var(--color-accent-hover);
|
background-color: hsla(160, 100%, 37%, 0.2);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
.feed-source {
|
|
||||||
margin: 0;
|
|
||||||
padding: 1em 1em 0;
|
|
||||||
font-size: clamp(0.75rem, 2vw, 0.85rem);
|
|
||||||
font-weight: 600;
|
|
||||||
letter-spacing: 0.05em;
|
|
||||||
text-transform: uppercase;
|
|
||||||
color: var(--color-accent);
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-title {
|
.feed-title {
|
||||||
cursor: pointer;
|
cursor: pointer;
|
||||||
font-family: var(--headline-font-family);
|
font-family: 'Courier New';
|
||||||
font-size: calc(clamp(1.4rem, 5vw, 2rem) * var(--headline-font-size-scale));
|
font-size: 22px;
|
||||||
font-weight: bold;
|
|
||||||
color: var(--color-accent-2);
|
|
||||||
border-bottom: 1px solid #ccc;
|
border-bottom: 1px solid #ccc;
|
||||||
padding: 0.25em 1em 1em;
|
padding: 1em;
|
||||||
min-height: 44px;
|
|
||||||
transition: color 0.2s;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-title:hover {
|
|
||||||
color: var(--color-accent-2-hover);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
.feed-content {
|
.feed-content {
|
||||||
font-family: var(--content-font-family);
|
font-family: Georgia, 'Times New Roman', Times, serif;
|
||||||
font-size: calc(clamp(1rem, 3.5vw, 1.25rem) * var(--content-font-size-scale));
|
font-size: 20px;
|
||||||
padding: 0 1em 1em;
|
padding: 1em;
|
||||||
overflow-wrap: break-word;
|
display: flex;
|
||||||
}
|
flex-direction: column;
|
||||||
|
align-items: left;
|
||||||
.feed-content img {
|
text-align: left;
|
||||||
max-width: 100%;
|
|
||||||
height: auto;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
.feed-content p {
|
.feed-content p {
|
||||||
padding: 0.5em 0;
|
padding: 1em;
|
||||||
}
|
}
|
||||||
|
|
||||||
.feed-content h3 {
|
.feed-content h2,
|
||||||
padding: 0.5em 0;
|
h3,
|
||||||
font-size: calc(clamp(1rem, 3vw, 1.3rem) * var(--headline-font-size-scale));
|
h4,
|
||||||
|
h5,
|
||||||
|
h6 {
|
||||||
|
padding: 1em;
|
||||||
|
font-size: 21px;
|
||||||
font-weight: bold;
|
font-weight: bold;
|
||||||
}
|
}
|
||||||
|
|
||||||
h3 {
|
|
||||||
font-size: clamp(0.85rem, 2.5vw, 1rem);
|
.feed-content img {
|
||||||
|
max-width: 100%;
|
||||||
|
margin-bottom: 10px;
|
||||||
|
/* Adjust spacing between image and text */
|
||||||
}
|
}
|
||||||
|
|
||||||
@media (min-width: 768px) {
|
h3 {
|
||||||
#app {
|
font-size: 14px;
|
||||||
padding: 0.75rem;
|
}
|
||||||
padding-top: var(--app-nav-height, 4.5rem);
|
|
||||||
}
|
|
||||||
|
.form-group {
|
||||||
|
margin-bottom: 15px;
|
||||||
|
}
|
||||||
|
|
||||||
|
label {
|
||||||
|
display: block;
|
||||||
|
margin-bottom: 5px;
|
||||||
|
}
|
||||||
|
|
||||||
|
input[type="text"],
|
||||||
|
input[type="password"] {
|
||||||
|
/* width: 100%; */
|
||||||
|
padding: 8px;
|
||||||
|
border: 1px solid #ccc;
|
||||||
|
border-radius: 4px;
|
||||||
|
}
|
||||||
|
|
||||||
|
button {
|
||||||
|
background-color: #4CAF50;
|
||||||
|
color: white;
|
||||||
|
padding: 10px 20px;
|
||||||
|
border: none;
|
||||||
|
border-radius: 4px;
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
|
||||||
|
button:hover {
|
||||||
|
background-color: #45a049;
|
||||||
|
}
|
||||||
|
|
||||||
|
.error {
|
||||||
|
color: red;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,11 +1,6 @@
|
|||||||
|
|
||||||
input {
|
input {
|
||||||
display: block;
|
margin: 15px;
|
||||||
width: 100%;
|
|
||||||
min-height: 44px;
|
|
||||||
margin: 0.5rem 0 1rem;
|
|
||||||
padding: 0.5rem;
|
|
||||||
font-size: 1rem;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
.modal-mask {
|
.modal-mask {
|
||||||
@@ -21,13 +16,10 @@ input {
|
|||||||
}
|
}
|
||||||
|
|
||||||
.modal-container {
|
.modal-container {
|
||||||
width: clamp(280px, 90vw, 420px);
|
width: 300px;
|
||||||
max-height: 90vh;
|
|
||||||
overflow-y: auto;
|
|
||||||
margin: auto;
|
margin: auto;
|
||||||
padding: 20px 30px;
|
padding: 20px 30px;
|
||||||
background-color: var(--color-background-soft);
|
background-color: #fff;
|
||||||
color: var(--color-text);
|
|
||||||
border-radius: 2px;
|
border-radius: 2px;
|
||||||
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.33);
|
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.33);
|
||||||
transition: all 0.3s ease;
|
transition: all 0.3s ease;
|
||||||
@@ -35,26 +27,15 @@ input {
|
|||||||
|
|
||||||
.modal-header h3 {
|
.modal-header h3 {
|
||||||
margin-top: 0;
|
margin-top: 0;
|
||||||
color: var(--color-heading);
|
color: #42b983;
|
||||||
}
|
}
|
||||||
|
|
||||||
.modal-body {
|
.modal-body {
|
||||||
margin: 20px 0;
|
margin: 20px 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
.modal-footer {
|
.modal-default-button {
|
||||||
display: flex;
|
float: right;
|
||||||
flex-wrap: wrap;
|
|
||||||
gap: 0.5rem;
|
|
||||||
margin-top: 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.modal-footer button {
|
|
||||||
flex: 1 1 auto;
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0.5rem 1rem;
|
|
||||||
font-size: 1rem;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -1,133 +0,0 @@
|
|||||||
<script setup>
|
|
||||||
import { ref, onMounted } from 'vue'
|
|
||||||
import axios from 'axios'
|
|
||||||
|
|
||||||
const feeds = ref([])
|
|
||||||
const error = ref('')
|
|
||||||
|
|
||||||
function authHeaders() {
|
|
||||||
return {
|
|
||||||
headers: {
|
|
||||||
'Content-Type': 'application/json',
|
|
||||||
'user-token': localStorage.getItem('user-token'),
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function loadFeeds() {
|
|
||||||
const userId = localStorage.getItem('user-id')
|
|
||||||
try {
|
|
||||||
const response = await axios.get(`/api/v1/article/feeds/${userId}`, authHeaders())
|
|
||||||
feeds.value = response.data.feeds
|
|
||||||
} catch (e) {
|
|
||||||
error.value = 'Failed to load feeds.'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function deleteFeed(feedId) {
|
|
||||||
if (!window.confirm('Delete this feed and all its articles?')) return
|
|
||||||
try {
|
|
||||||
await axios.delete(`/api/v1/article/feed/${feedId}`, authHeaders())
|
|
||||||
feeds.value = feeds.value.filter(f => f.id !== feedId)
|
|
||||||
} catch (e) {
|
|
||||||
error.value = 'Failed to delete feed.'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
onMounted(loadFeeds)
|
|
||||||
</script>
|
|
||||||
|
|
||||||
<template>
|
|
||||||
<div class="admin">
|
|
||||||
<h1 class="admin__heading">Admin</h1>
|
|
||||||
<p v-if="error" class="admin__error">{{ error }}</p>
|
|
||||||
<p v-else-if="feeds.length === 0" class="admin__empty">No feeds added yet.</p>
|
|
||||||
<ul v-else class="admin__list">
|
|
||||||
<li v-for="feed in feeds" :key="feed.id" class="admin__item">
|
|
||||||
<div class="admin__item-info">
|
|
||||||
<span class="admin__item-title">{{ feed.title }}</span>
|
|
||||||
<a :href="feed.url" class="admin__item-url" target="_blank" rel="noopener">{{ feed.url }}</a>
|
|
||||||
</div>
|
|
||||||
<button class="admin__delete" type="button" @click="deleteFeed(feed.id)">Delete</button>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</div>
|
|
||||||
</template>
|
|
||||||
|
|
||||||
<style scoped>
|
|
||||||
.admin {
|
|
||||||
padding: 1.5rem 1rem;
|
|
||||||
max-width: 720px;
|
|
||||||
margin: 0 auto;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__heading {
|
|
||||||
font-size: 1.25rem;
|
|
||||||
font-weight: bold;
|
|
||||||
margin-bottom: 1.25rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__error,
|
|
||||||
.admin__empty {
|
|
||||||
opacity: 0.6;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__list {
|
|
||||||
list-style: none;
|
|
||||||
padding: 0;
|
|
||||||
margin: 0;
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
gap: 0.75rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__item {
|
|
||||||
display: flex;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: space-between;
|
|
||||||
gap: 1rem;
|
|
||||||
padding: 0.75rem 1rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 6px;
|
|
||||||
background: var(--color-background-soft);
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__item-info {
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
gap: 0.2rem;
|
|
||||||
min-width: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__item-title {
|
|
||||||
font-weight: 600;
|
|
||||||
white-space: nowrap;
|
|
||||||
overflow: hidden;
|
|
||||||
text-overflow: ellipsis;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__item-url {
|
|
||||||
font-size: 0.8rem;
|
|
||||||
opacity: 0.6;
|
|
||||||
white-space: nowrap;
|
|
||||||
overflow: hidden;
|
|
||||||
text-overflow: ellipsis;
|
|
||||||
color: inherit;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__delete {
|
|
||||||
flex-shrink: 0;
|
|
||||||
min-height: 36px;
|
|
||||||
padding: 0.3rem 0.9rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 4px;
|
|
||||||
background: transparent;
|
|
||||||
color: var(--color-text);
|
|
||||||
font: inherit;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
.admin__delete:hover {
|
|
||||||
border-color: var(--color-border-hover);
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
@@ -1,158 +0,0 @@
|
|||||||
<script setup>
|
|
||||||
import { useSettings } from '../composables/useSettings.js'
|
|
||||||
|
|
||||||
const {
|
|
||||||
headlineSizeScale,
|
|
||||||
contentSizeScale,
|
|
||||||
headlineFontKey,
|
|
||||||
contentFontKey,
|
|
||||||
SIZE_STEPS,
|
|
||||||
SIZE_LABELS,
|
|
||||||
HEADLINE_FONT_OPTIONS,
|
|
||||||
CONTENT_FONT_OPTIONS,
|
|
||||||
setHeadlineSize,
|
|
||||||
setContentSize,
|
|
||||||
setHeadlineFont,
|
|
||||||
setContentFont,
|
|
||||||
} = useSettings()
|
|
||||||
</script>
|
|
||||||
|
|
||||||
<template>
|
|
||||||
<div class="settings">
|
|
||||||
<h1 class="settings__heading">Typography</h1>
|
|
||||||
|
|
||||||
<section class="settings__section">
|
|
||||||
<h2 class="settings__section-title">Headline Size</h2>
|
|
||||||
<div class="settings__strip">
|
|
||||||
<button
|
|
||||||
v-for="(step, i) in SIZE_STEPS"
|
|
||||||
:key="step"
|
|
||||||
class="settings__btn"
|
|
||||||
:class="{ 'settings__btn--active': headlineSizeScale === step }"
|
|
||||||
type="button"
|
|
||||||
@click="setHeadlineSize(step)"
|
|
||||||
>{{ SIZE_LABELS[i] }}</button>
|
|
||||||
</div>
|
|
||||||
</section>
|
|
||||||
|
|
||||||
<section class="settings__section">
|
|
||||||
<h2 class="settings__section-title">Article Text Size</h2>
|
|
||||||
<div class="settings__strip">
|
|
||||||
<button
|
|
||||||
v-for="(step, i) in SIZE_STEPS"
|
|
||||||
:key="step"
|
|
||||||
class="settings__btn"
|
|
||||||
:class="{ 'settings__btn--active': contentSizeScale === step }"
|
|
||||||
type="button"
|
|
||||||
@click="setContentSize(step)"
|
|
||||||
>{{ SIZE_LABELS[i] }}</button>
|
|
||||||
</div>
|
|
||||||
</section>
|
|
||||||
|
|
||||||
<section class="settings__section">
|
|
||||||
<h2 class="settings__section-title">Headline Font</h2>
|
|
||||||
<select
|
|
||||||
class="settings__select"
|
|
||||||
:value="headlineFontKey"
|
|
||||||
@change="setHeadlineFont($event.target.value)"
|
|
||||||
>
|
|
||||||
<option
|
|
||||||
v-for="opt in HEADLINE_FONT_OPTIONS"
|
|
||||||
:key="opt.key"
|
|
||||||
:value="opt.key"
|
|
||||||
>{{ opt.label }}</option>
|
|
||||||
</select>
|
|
||||||
</section>
|
|
||||||
|
|
||||||
<section class="settings__section">
|
|
||||||
<h2 class="settings__section-title">Article Text Font</h2>
|
|
||||||
<select
|
|
||||||
class="settings__select"
|
|
||||||
:value="contentFontKey"
|
|
||||||
@change="setContentFont($event.target.value)"
|
|
||||||
>
|
|
||||||
<option
|
|
||||||
v-for="opt in CONTENT_FONT_OPTIONS"
|
|
||||||
:key="opt.key"
|
|
||||||
:value="opt.key"
|
|
||||||
>{{ opt.label }}</option>
|
|
||||||
</select>
|
|
||||||
</section>
|
|
||||||
</div>
|
|
||||||
</template>
|
|
||||||
|
|
||||||
<style scoped>
|
|
||||||
.settings {
|
|
||||||
padding: 1.5rem 1rem 0.5rem;
|
|
||||||
max-width: 720px;
|
|
||||||
margin: 0 auto;
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__heading {
|
|
||||||
font-size: 1.25rem;
|
|
||||||
font-weight: bold;
|
|
||||||
margin-bottom: 1.25rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__section {
|
|
||||||
margin-bottom: 1.25rem;
|
|
||||||
padding: 0.75rem 1rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 6px;
|
|
||||||
background: var(--color-background-soft);
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__section-title {
|
|
||||||
font-size: 0.8rem;
|
|
||||||
font-weight: 600;
|
|
||||||
text-transform: uppercase;
|
|
||||||
letter-spacing: 0.05em;
|
|
||||||
opacity: 0.6;
|
|
||||||
margin-bottom: 0.6rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__strip {
|
|
||||||
display: flex;
|
|
||||||
gap: 0.5rem;
|
|
||||||
flex-wrap: wrap;
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__btn {
|
|
||||||
min-height: 36px;
|
|
||||||
padding: 0.3rem 0.9rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 4px;
|
|
||||||
background: transparent;
|
|
||||||
color: var(--color-text);
|
|
||||||
font: inherit;
|
|
||||||
cursor: pointer;
|
|
||||||
transition: border-color 0.15s, background 0.15s;
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__btn:hover {
|
|
||||||
border-color: var(--color-border-hover);
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__btn--active {
|
|
||||||
border-color: var(--color-accent);
|
|
||||||
background: var(--color-accent-hover);
|
|
||||||
color: var(--color-text);
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__select {
|
|
||||||
width: 100%;
|
|
||||||
min-height: 36px;
|
|
||||||
padding: 0.3rem 0.6rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 4px;
|
|
||||||
background: var(--color-background);
|
|
||||||
color: var(--color-text);
|
|
||||||
font: inherit;
|
|
||||||
cursor: pointer;
|
|
||||||
appearance: auto;
|
|
||||||
}
|
|
||||||
|
|
||||||
.settings__select:hover {
|
|
||||||
border-color: var(--color-border-hover);
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
@@ -1,234 +0,0 @@
|
|||||||
<script setup>
|
|
||||||
import { ref, computed, onMounted } from 'vue'
|
|
||||||
import { RouterLink, useRouter, useRoute } from 'vue-router'
|
|
||||||
import { useFeeds, logout as logoutSession } from '@/composables/useFeeds'
|
|
||||||
import Modal from './modal/AddUrl.vue'
|
|
||||||
|
|
||||||
const router = useRouter()
|
|
||||||
const route = useRoute()
|
|
||||||
const { sync, showModal, viewMode, toggleViewMode, layout, toggleLayout, markAllRead, feeds } = useFeeds()
|
|
||||||
|
|
||||||
const headerRef = ref(null)
|
|
||||||
|
|
||||||
onMounted(() => {
|
|
||||||
const h = headerRef.value?.getBoundingClientRect().height ?? 0
|
|
||||||
document.documentElement.style.setProperty('--app-nav-height', `${h}px`)
|
|
||||||
})
|
|
||||||
|
|
||||||
const onFeedsPage = computed(() => route.path === '/feeds')
|
|
||||||
|
|
||||||
const unreadCount = computed(() => feeds.value.filter(f => !f.read).length)
|
|
||||||
|
|
||||||
const menuOpen = ref(false)
|
|
||||||
|
|
||||||
function toggleMenu() {
|
|
||||||
menuOpen.value = !menuOpen.value
|
|
||||||
}
|
|
||||||
|
|
||||||
function closeMenu() {
|
|
||||||
menuOpen.value = false
|
|
||||||
}
|
|
||||||
|
|
||||||
async function logout() {
|
|
||||||
await logoutSession()
|
|
||||||
closeMenu()
|
|
||||||
router.push({ name: 'login' })
|
|
||||||
}
|
|
||||||
|
|
||||||
function handleSync() {
|
|
||||||
sync()
|
|
||||||
closeMenu()
|
|
||||||
}
|
|
||||||
|
|
||||||
function handleMarkAllRead() {
|
|
||||||
markAllRead()
|
|
||||||
closeMenu()
|
|
||||||
}
|
|
||||||
|
|
||||||
function openAddModal() {
|
|
||||||
showModal.value = true
|
|
||||||
closeMenu()
|
|
||||||
}
|
|
||||||
|
|
||||||
function handleToggleViewMode() {
|
|
||||||
toggleViewMode()
|
|
||||||
closeMenu()
|
|
||||||
}
|
|
||||||
|
|
||||||
function handleToggleLayout() {
|
|
||||||
toggleLayout()
|
|
||||||
closeMenu()
|
|
||||||
}
|
|
||||||
</script>
|
|
||||||
|
|
||||||
<template>
|
|
||||||
<header ref="headerRef" class="app-nav">
|
|
||||||
<div class="app-nav__wrapper">
|
|
||||||
<span class="app-nav__title">RSS Reader<span v-if="unreadCount" class="app-nav__unread"> ({{ unreadCount }})</span></span>
|
|
||||||
<button
|
|
||||||
class="app-nav__hamburger"
|
|
||||||
type="button"
|
|
||||||
:aria-expanded="menuOpen"
|
|
||||||
aria-controls="app-nav-menu"
|
|
||||||
:aria-label="menuOpen ? 'Close menu' : 'Open menu'"
|
|
||||||
@click="toggleMenu"
|
|
||||||
>
|
|
||||||
<span class="app-nav__hamburger-icon" aria-hidden="true">
|
|
||||||
<span></span><span></span><span></span>
|
|
||||||
</span>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<Transition name="app-nav-menu">
|
|
||||||
<nav
|
|
||||||
v-if="menuOpen"
|
|
||||||
id="app-nav-menu"
|
|
||||||
class="app-nav__menu"
|
|
||||||
@click.self="closeMenu"
|
|
||||||
>
|
|
||||||
<div class="app-nav__menu-panel">
|
|
||||||
<RouterLink to="/feeds" class="app-nav__menu-item" @click="closeMenu">Feeds</RouterLink>
|
|
||||||
<template v-if="onFeedsPage">
|
|
||||||
<button class="app-nav__menu-item" type="button" @click="handleToggleViewMode">
|
|
||||||
{{ viewMode === 'list' ? 'Article view' : 'List view' }}
|
|
||||||
</button>
|
|
||||||
<button v-if="viewMode === 'list'" class="app-nav__menu-item" type="button" @click="handleToggleLayout">
|
|
||||||
{{ layout === 'list' ? 'Card layout' : 'List layout' }}
|
|
||||||
</button>
|
|
||||||
<button class="app-nav__menu-item" type="button" @click="handleMarkAllRead">Mark all as read</button>
|
|
||||||
</template>
|
|
||||||
<button class="app-nav__menu-item" type="button" @click="handleSync">Sync</button>
|
|
||||||
<button class="app-nav__menu-item" type="button" @click="openAddModal">Add RSS</button>
|
|
||||||
<RouterLink to="/admin" class="app-nav__menu-item" @click="closeMenu">Admin</RouterLink>
|
|
||||||
<button class="app-nav__menu-item app-nav__logout" type="button" @click="logout">Logout</button>
|
|
||||||
</div>
|
|
||||||
</nav>
|
|
||||||
</Transition>
|
|
||||||
|
|
||||||
<Teleport to="body">
|
|
||||||
<Modal :show="showModal" @close="showModal = false">
|
|
||||||
<template #header>
|
|
||||||
<h3>Add RSS Feed</h3>
|
|
||||||
</template>
|
|
||||||
</Modal>
|
|
||||||
</Teleport>
|
|
||||||
</header>
|
|
||||||
</template>
|
|
||||||
|
|
||||||
<style scoped>
|
|
||||||
.app-nav {
|
|
||||||
position: fixed;
|
|
||||||
top: 0;
|
|
||||||
left: 0;
|
|
||||||
right: 0;
|
|
||||||
z-index: 20;
|
|
||||||
background: var(--color-background);
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__wrapper {
|
|
||||||
display: flex;
|
|
||||||
flex-wrap: wrap;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: space-between;
|
|
||||||
gap: 0.5rem;
|
|
||||||
padding: 0.75rem 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__title {
|
|
||||||
font-weight: bold;
|
|
||||||
font-size: clamp(1.1rem, 4vw, 1.4rem);
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__unread {
|
|
||||||
font-weight: normal;
|
|
||||||
opacity: 0.6;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__hamburger {
|
|
||||||
display: inline-flex;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: center;
|
|
||||||
min-height: 44px;
|
|
||||||
min-width: 44px;
|
|
||||||
padding: 0.5rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 4px;
|
|
||||||
background: transparent;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__hamburger-icon {
|
|
||||||
display: inline-flex;
|
|
||||||
flex-direction: column;
|
|
||||||
justify-content: space-between;
|
|
||||||
width: 22px;
|
|
||||||
height: 16px;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__hamburger-icon span {
|
|
||||||
display: block;
|
|
||||||
height: 2px;
|
|
||||||
border-radius: 1px;
|
|
||||||
background: var(--color-text);
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__menu {
|
|
||||||
position: absolute;
|
|
||||||
inset: 100% 0 auto 0;
|
|
||||||
z-index: 30;
|
|
||||||
display: flex;
|
|
||||||
justify-content: flex-end;
|
|
||||||
padding: 0 1rem 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__menu-panel {
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
gap: 0.5rem;
|
|
||||||
width: clamp(220px, 60vw, 280px);
|
|
||||||
padding: 0.75rem;
|
|
||||||
background: var(--color-background-soft);
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 6px;
|
|
||||||
box-shadow: 0 4px 16px rgba(0, 0, 0, 0.2);
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__menu-item {
|
|
||||||
display: inline-flex;
|
|
||||||
align-items: center;
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0.5rem 0.9rem;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 4px;
|
|
||||||
background: transparent;
|
|
||||||
color: var(--color-text);
|
|
||||||
text-decoration: none;
|
|
||||||
font: inherit;
|
|
||||||
text-align: left;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__menu-item:hover {
|
|
||||||
border-color: var(--color-border-hover);
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav__menu-item.router-link-exact-active {
|
|
||||||
font-weight: bold;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav-menu-enter-active,
|
|
||||||
.app-nav-menu-leave-active {
|
|
||||||
transition: opacity 0.2s ease;
|
|
||||||
}
|
|
||||||
|
|
||||||
.app-nav-menu-enter-from,
|
|
||||||
.app-nav-menu-leave-to {
|
|
||||||
opacity: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
@media (min-width: 768px) {
|
|
||||||
.app-nav__wrapper {
|
|
||||||
padding: 1rem 2rem;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
@@ -0,0 +1,44 @@
|
|||||||
|
<script setup>
|
||||||
|
defineProps({
|
||||||
|
msg: {
|
||||||
|
type: String,
|
||||||
|
required: true
|
||||||
|
}
|
||||||
|
})
|
||||||
|
</script>
|
||||||
|
|
||||||
|
<template>
|
||||||
|
<div class="greetings">
|
||||||
|
<h1 class="green">{{ msg }}</h1>
|
||||||
|
<h3>
|
||||||
|
You’ve successfully created a project with
|
||||||
|
<a href="https://vitejs.dev/" target="_blank" rel="noopener">Vite</a> +
|
||||||
|
<a href="https://vuejs.org/" target="_blank" rel="noopener">Vue 3</a>.
|
||||||
|
</h3>
|
||||||
|
</div>
|
||||||
|
</template>
|
||||||
|
|
||||||
|
<style scoped>
|
||||||
|
h1 {
|
||||||
|
font-weight: 500;
|
||||||
|
font-size: 2.6rem;
|
||||||
|
position: relative;
|
||||||
|
top: -10px;
|
||||||
|
}
|
||||||
|
|
||||||
|
h3 {
|
||||||
|
font-size: 1.2rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
.greetings h1,
|
||||||
|
.greetings h3 {
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (min-width: 1024px) {
|
||||||
|
.greetings h1,
|
||||||
|
.greetings h3 {
|
||||||
|
text-align: left;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</style>
|
||||||
@@ -2,40 +2,57 @@
|
|||||||
import axios from 'axios'
|
import axios from 'axios'
|
||||||
import { ref } from 'vue'
|
import { ref } from 'vue'
|
||||||
import { useRouter } from 'vue-router';
|
import { useRouter } from 'vue-router';
|
||||||
|
|
||||||
const username = ref('')
|
const username = ref('')
|
||||||
const password = ref('')
|
const password = ref('')
|
||||||
const error = ref('')
|
|
||||||
const router = useRouter()
|
const router = useRouter()
|
||||||
|
|
||||||
async function login() {
|
async function login() {
|
||||||
error.value = ''
|
|
||||||
|
|
||||||
|
const loginData = {
|
||||||
|
"username": username.value,
|
||||||
|
"password": password.value,
|
||||||
|
}
|
||||||
|
const jsonData = JSON.stringify(loginData)
|
||||||
|
console.log('test')
|
||||||
try {
|
try {
|
||||||
const response = await axios.post('/api/v1/auth/login', {
|
const response = await axios.post('login/rss', jsonData, {
|
||||||
username: username.value,
|
|
||||||
password: password.value,
|
|
||||||
}, {
|
|
||||||
headers: {
|
headers: {
|
||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json', // Set the content type to JSON
|
||||||
|
'crossDomain': true,
|
||||||
|
'Access-Control-Allow-Origin': '*',
|
||||||
|
'Access-Control-Allow-Credentials': true,
|
||||||
|
'strict-origin-when-cross-origin': false
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Handle the response data here
|
||||||
|
console.log('Response:', response.data);
|
||||||
|
|
||||||
|
// You can also access the HTTP status code
|
||||||
|
console.log('HTTP Status Code:', response.status);
|
||||||
|
|
||||||
if (response.status == 200) {
|
if (response.status == 200) {
|
||||||
localStorage.setItem("user-token", response.headers.token)
|
let token = response.headers.token
|
||||||
localStorage.setItem("user-id", response.headers.user_id)
|
let user_id = response.headers.user_id
|
||||||
|
localStorage.setItem("user-token", token)
|
||||||
|
localStorage.setItem("user-id", user_id)
|
||||||
|
sessionStorage.setItem("user-id", user_id)
|
||||||
|
sessionStorage.setItem("user-token", token)
|
||||||
router.push({ name: 'feeds' })
|
router.push({ name: 'feeds' })
|
||||||
}
|
}
|
||||||
} catch (err) {
|
// Handle success
|
||||||
console.error('Login failed:', err)
|
} catch (error) {
|
||||||
error.value = 'Login failed. Please check your username and password.'
|
// Handle any errors here
|
||||||
|
console.error('Error:', error);
|
||||||
}
|
}
|
||||||
|
// Implement your login logic here (e.g., send a request to your backend)
|
||||||
|
// If login is successful, you can redirect the user to the dashboard:
|
||||||
}
|
}
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<template>
|
<template>
|
||||||
<div class="login-page">
|
<div>
|
||||||
<h1>Login</h1>
|
<h1>Login Page</h1>
|
||||||
<form @submit.prevent="login">
|
<form @submit.prevent="login">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="username">Username/Email:</label>
|
<label for="username">Username/Email:</label>
|
||||||
@@ -45,39 +62,7 @@ async function login() {
|
|||||||
<label for="password">Password:</label>
|
<label for="password">Password:</label>
|
||||||
<input v-model="password" type="password" id="password" name="password" required />
|
<input v-model="password" type="password" id="password" name="password" required />
|
||||||
</div>
|
</div>
|
||||||
<p v-if="error" class="login-error">{{ error }}</p>
|
|
||||||
<button type="submit">Login</button>
|
<button type="submit">Login</button>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<style scoped>
|
|
||||||
.login-page {
|
|
||||||
max-width: 420px;
|
|
||||||
margin: 2rem auto;
|
|
||||||
padding: 0 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.form-group {
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
margin-bottom: 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.form-group input {
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0.5rem;
|
|
||||||
font-size: 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.login-page button {
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0.5rem 1.5rem;
|
|
||||||
font-size: 1rem;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
.login-error {
|
|
||||||
color: #c0392b;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
|
|||||||
+160
-452
@@ -1,483 +1,191 @@
|
|||||||
<script setup>
|
<script setup>
|
||||||
import { onMounted, computed, nextTick, watch } from 'vue';
|
import { ref, unref, onMounted, nextTick } from 'vue';
|
||||||
import { useFeeds } from '@/composables/useFeeds';
|
import axios from 'axios';
|
||||||
|
import { Readability } from '@mozilla/readability';
|
||||||
|
import Modal from './modal/AddUrl.vue';
|
||||||
|
|
||||||
const {
|
const showMessage = ref(false)
|
||||||
feeds,
|
const feeds = ref([]);
|
||||||
showMessage,
|
const message = ref('')
|
||||||
message,
|
const showModal = ref(false)
|
||||||
viewMode,
|
|
||||||
currentIndex,
|
|
||||||
layout,
|
|
||||||
nextArticle,
|
|
||||||
prevArticle,
|
|
||||||
fetchData,
|
|
||||||
sync,
|
|
||||||
getReadable,
|
|
||||||
setInitialLoad,
|
|
||||||
showMessageForXSeconds,
|
|
||||||
} = useFeeds()
|
|
||||||
|
|
||||||
const unreadCount = computed(() => feeds.value.filter(f => !f.read).length)
|
async function getReadable(feed, index) {
|
||||||
|
try {
|
||||||
|
const response = await axios.post("feeds/read", {
|
||||||
|
url: feed.url
|
||||||
|
},
|
||||||
|
{
|
||||||
|
headers: {
|
||||||
|
'Content-Type': 'application/json',
|
||||||
|
'user-token': localStorage.getItem("user-token")
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
const shareLabel = navigator.share ? 'Share' : 'Copy link'
|
const doc = new DOMParser().parseFromString(response.data.content, 'text/html');
|
||||||
|
const article = new Readability(doc).parse();
|
||||||
function scrollToNextArticle() {
|
feeds.value[index].content = article.content;
|
||||||
const articles = document.querySelectorAll('#article .observe')
|
} catch (error) {
|
||||||
const threshold = window.scrollY + 1
|
console.error('Error fetching data:', error)
|
||||||
for (const el of articles) {
|
showMessageForXSeconds(error, 5)
|
||||||
if (el.offsetTop > threshold) {
|
|
||||||
el.scrollIntoView({ behavior: 'smooth', block: 'start' })
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Small images (icons, logos, ...) look bad stretched to the full-bleed
|
async function markRead(id) {
|
||||||
// width used for readable article images — leave them at their natural size
|
try {
|
||||||
// instead. Intrinsic size is only known once the image has loaded, so check
|
const response = await axios.put("feeds/read/" + id,
|
||||||
// on load (or immediately if it's already cached/complete).
|
null,
|
||||||
const SMALL_IMAGE_THRESHOLD = 200
|
{
|
||||||
|
headers: {
|
||||||
function markSmallImages() {
|
'Content-Type': 'application/json',
|
||||||
document.querySelectorAll('.article-feature__content--readable img, .feed-content--readable img').forEach(img => {
|
'user-token': localStorage.getItem("user-token")
|
||||||
const checkSize = () => {
|
}
|
||||||
if (img.naturalWidth && img.naturalWidth <= SMALL_IMAGE_THRESHOLD) {
|
|
||||||
img.classList.add('article-feature__image--small')
|
|
||||||
}
|
}
|
||||||
|
)
|
||||||
|
console.log(response.status)
|
||||||
|
} catch (error) {
|
||||||
|
console.log(error)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function showMessageForXSeconds(text, seconds) {
|
||||||
|
message.value = text;
|
||||||
|
showMessage.value = true;
|
||||||
|
|
||||||
|
// Set a timeout to hide the message after x seconds
|
||||||
|
setTimeout(() => {
|
||||||
|
showMessage.value = false;
|
||||||
|
message.value = '';
|
||||||
|
}, seconds * 1000); // Convert seconds to milliseconds
|
||||||
|
}
|
||||||
|
|
||||||
|
const fetchData = async () => {
|
||||||
|
const user_id = localStorage.getItem("user-id")
|
||||||
|
try {
|
||||||
|
const response = await axios.get("feeds/get/" + user_id, {
|
||||||
|
headers: {
|
||||||
|
'Content-Type': 'application/json',
|
||||||
|
'user-token': localStorage.getItem("user-token")
|
||||||
|
}
|
||||||
|
});
|
||||||
|
const sortedItems = response.data.feeds.flatMap(feed => feed.items)
|
||||||
|
.sort((a, b) => new Date(b.timestamp) - new Date(a.timestamp));
|
||||||
|
|
||||||
|
feeds.value.push(...sortedItems);
|
||||||
|
await nextTick();
|
||||||
|
setupIntersectionObserver();
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error fetching data:', error)
|
||||||
|
showMessageForXSeconds(error, 5)
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
async function sync() {
|
||||||
|
try {
|
||||||
|
const response = await axios.post('feeds/sync', {
|
||||||
|
user_id: parseInt(localStorage.getItem("user-id"))
|
||||||
|
},
|
||||||
|
{
|
||||||
|
headers: {
|
||||||
|
'Content-Type': 'application/json',
|
||||||
|
'user-token': localStorage.getItem("user-token")
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
if (response.status == 200) {
|
||||||
|
showMessageForXSeconds('Sync successful.', 5)
|
||||||
}
|
}
|
||||||
if (img.complete) {
|
fetchData();
|
||||||
checkSize()
|
} catch (error) {
|
||||||
} else {
|
console.error('Error sync', error)
|
||||||
img.addEventListener('load', checkSize, { once: true })
|
showMessageForXSeconds(error, 5)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
let observer; // Declare observer outside the setup function
|
||||||
|
|
||||||
|
function setupIntersectionObserver() {
|
||||||
|
observer = new IntersectionObserver(handleIntersection, {
|
||||||
|
root: null, // Use the viewport as the root
|
||||||
|
rootMargin: '0px',
|
||||||
|
// threshold: 0.5, // Fire the callback when at least 50% of the element is visible
|
||||||
|
});
|
||||||
|
|
||||||
|
const observedDivs = document.querySelectorAll(".observe");
|
||||||
|
if (observedDivs.length > 0) {
|
||||||
|
observedDivs.forEach(observedDiv => {
|
||||||
|
observer.observe(observedDiv);
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
async function handleIntersection(entries) {
|
||||||
|
// The callback function for when the target element enters or exits the viewport
|
||||||
|
entries.forEach(entry => {
|
||||||
|
if (entry.isIntersecting) {
|
||||||
|
console.log('Element is in sight');
|
||||||
|
} else if (initialLoad === true) {
|
||||||
|
console.log(entry.isIntersecting)
|
||||||
|
// Element is out of sight
|
||||||
|
if (entry.isVisible === false && entry.boundingClientRect.y < 0) {
|
||||||
|
console.log('Element is out of sight ' + entry.intersectionRatio);
|
||||||
|
//console.log(feeds.value[entry.target.id])
|
||||||
|
markRead(feeds.value[entry.target.id].id).await
|
||||||
|
removeFeed(entry.target.id)
|
||||||
|
document.getElementById(0).scrollIntoView()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
watch(() => feeds.value[currentIndex.value]?.content, async () => {
|
function removeFeed(index) {
|
||||||
await nextTick()
|
const array = unref(feeds);
|
||||||
markSmallImages()
|
array.splice(index, 1);
|
||||||
})
|
|
||||||
|
|
||||||
async function loadReadable(feed, index) {
|
|
||||||
await getReadable(feed, index)
|
|
||||||
await nextTick()
|
|
||||||
markSmallImages()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async function shareUrl(url) {
|
let initialLoad = false
|
||||||
if (navigator.share) {
|
onMounted(() => {
|
||||||
await navigator.share({ url })
|
initialLoad = false
|
||||||
} else {
|
fetchData().await
|
||||||
await navigator.clipboard.writeText(url)
|
|
||||||
showMessageForXSeconds('Link copied.', 2)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
onMounted(async () => {
|
|
||||||
setInitialLoad(false)
|
|
||||||
await fetchData()
|
|
||||||
sync(true)
|
|
||||||
setTimeout(function () {
|
setTimeout(function () {
|
||||||
setInitialLoad(true)
|
initialLoad = true
|
||||||
console.log('set to true')
|
console.log('set to true')
|
||||||
}, 2000);
|
}, 2000);
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<template>
|
<template>
|
||||||
|
<header>
|
||||||
|
<div class="wrapper">
|
||||||
|
<nav>
|
||||||
|
<p @click="sync">Sync</p>
|
||||||
|
<!-- <p @click="updateShow(true)">Add RSS</p> -->
|
||||||
|
<p @click="showModal = true">Add RSS</p>
|
||||||
|
<!-- <RouterLink to="/">Home</RouterLink> -->
|
||||||
|
<!-- <RouterLink to="/about">About</RouterLink> -->
|
||||||
|
<!-- <RouterLink to="/feeds">Feeds</RouterLink> -->
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
|
</header>
|
||||||
|
<Teleport to="body">
|
||||||
|
<!-- use the modal component, pass in the prop -->
|
||||||
|
<modal :show="showModal" @close="showModal = false">
|
||||||
|
<template #header>
|
||||||
|
<h3>Add RSS Feed</h3>
|
||||||
|
</template>
|
||||||
|
</modal>
|
||||||
|
</Teleport>
|
||||||
<div>
|
<div>
|
||||||
|
<h1>Feeds</h1> <!-- <button @click="sync">{{ buttonText }}</button> -->
|
||||||
<div v-if="showMessage" class="message">{{ message }}</div>
|
<div v-if="showMessage" class="message">{{ message }}</div>
|
||||||
|
<div id='article' class='article'>
|
||||||
<div v-if="viewMode === 'list'" id='article' class='article' :class="{ 'article--cards': layout === 'cards' }">
|
<p v-if="feeds.length == 0">No unread articles.</p>
|
||||||
<div v-if="feeds.length == 0" class="empty-state">
|
<template v-for="( feed, index ) in feeds ">
|
||||||
<svg class="empty-state__icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true">
|
|
||||||
<circle cx="12" cy="12" r="10"/>
|
|
||||||
<polyline points="7 12.5 10.5 16 17 9"/>
|
|
||||||
</svg>
|
|
||||||
<p class="empty-state__label">All caught up</p>
|
|
||||||
</div>
|
|
||||||
<template v-for="( feed, index ) in feeds " :key="feed.id">
|
|
||||||
<div v-bind:id="index" class="observe">
|
<div v-bind:id="index" class="observe">
|
||||||
<p class="feed-source">{{ feed.feedTitle }}</p>
|
<h2 @click="getReadable(feed, index)" class="feed-title">{{ feed.title }}</h2>
|
||||||
<h2 @click="loadReadable(feed, index)" class="feed-title">{{ feed.title }}</h2>
|
|
||||||
<h3>{{ feed.timestamp }}</h3>
|
<h3>{{ feed.timestamp }}</h3>
|
||||||
<p class="feed-original-link">
|
<p class="feed-content" v-html='feed.content'></p>
|
||||||
<a :href="feed.url" target="_blank" rel="noopener noreferrer">Read original article ↗</a>
|
|
||||||
<button type="button" class="feed-share-btn" :title="shareLabel" @click="shareUrl(feed.url)" :aria-label="shareLabel">
|
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M4 12v8a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2v-8"/><polyline points="16 6 12 2 8 6"/><line x1="12" y1="2" x2="12" y2="15"/></svg>
|
|
||||||
</button>
|
|
||||||
</p>
|
|
||||||
<p class="feed-content" :class="{ 'feed-content--readable': feed.readable }" v-html='feed.content'></p>
|
|
||||||
</div>
|
</div>
|
||||||
</template>
|
</template>
|
||||||
<button
|
|
||||||
v-if="feeds.length"
|
|
||||||
type="button"
|
|
||||||
class="article-nav__btn list-skip-btn"
|
|
||||||
aria-label="Skip to next article"
|
|
||||||
@click="scrollToNextArticle"
|
|
||||||
>↓</button>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div v-else class="article-single">
|
|
||||||
<div v-if="feeds.length == 0" class="empty-state">
|
|
||||||
<svg class="empty-state__icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true">
|
|
||||||
<circle cx="12" cy="12" r="10"/>
|
|
||||||
<polyline points="7 12.5 10.5 16 17 9"/>
|
|
||||||
</svg>
|
|
||||||
<p class="empty-state__label">All caught up</p>
|
|
||||||
</div>
|
|
||||||
<template v-else>
|
|
||||||
<article class="article-feature">
|
|
||||||
<p class="article-feature__source">{{ feeds[currentIndex].feedTitle }}</p>
|
|
||||||
<h2 @click="loadReadable(feeds[currentIndex], currentIndex)" class="article-feature__title">{{ feeds[currentIndex].title }}</h2>
|
|
||||||
<h3 class="article-feature__meta">{{ feeds[currentIndex].timestamp }}</h3>
|
|
||||||
<p class="feed-original-link">
|
|
||||||
<a :href="feeds[currentIndex].url" target="_blank" rel="noopener noreferrer">Read original article ↗</a>
|
|
||||||
<button type="button" class="feed-share-btn" :title="shareLabel" @click="shareUrl(feeds[currentIndex].url)">{{ shareLabel }}</button>
|
|
||||||
</p>
|
|
||||||
<p class="article-feature__content" :class="{ 'article-feature__content--readable': feeds[currentIndex].readable }" v-html="feeds[currentIndex].content"></p>
|
|
||||||
</article>
|
|
||||||
</template>
|
|
||||||
|
|
||||||
<div class="article-nav">
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
class="article-nav__btn"
|
|
||||||
:disabled="currentIndex === 0"
|
|
||||||
aria-label="Previous article"
|
|
||||||
@click="prevArticle"
|
|
||||||
>↑</button>
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
class="article-nav__btn"
|
|
||||||
:disabled="feeds.length === 0 || currentIndex === feeds.length - 1"
|
|
||||||
aria-label="Next article"
|
|
||||||
@click="nextArticle"
|
|
||||||
>↓</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<style scoped>
|
|
||||||
.list-skip-btn {
|
|
||||||
position: fixed;
|
|
||||||
right: 1rem;
|
|
||||||
bottom: 1.5rem;
|
|
||||||
z-index: 20;
|
|
||||||
}
|
|
||||||
|
|
||||||
.observe {
|
|
||||||
scroll-margin-top: var(--app-nav-height, 4.5rem);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Plain vertical stack of bordered "cards" — deliberately not flex/grid, and
|
|
||||||
with no truncation/max-height: normal block flow lets each card grow to fit
|
|
||||||
its own full content (images included), with no cross-element interaction. */
|
|
||||||
.empty-state {
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
align-items: center;
|
|
||||||
padding: 4rem 1rem;
|
|
||||||
gap: 1rem;
|
|
||||||
opacity: 0.4;
|
|
||||||
}
|
|
||||||
|
|
||||||
.empty-state__icon {
|
|
||||||
width: 64px;
|
|
||||||
height: 64px;
|
|
||||||
}
|
|
||||||
|
|
||||||
.empty-state__label {
|
|
||||||
font-size: 1.1rem;
|
|
||||||
margin: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article--cards .observe {
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
border-radius: 8px;
|
|
||||||
overflow: hidden;
|
|
||||||
background: var(--color-background-soft);
|
|
||||||
}
|
|
||||||
|
|
||||||
.article--cards .observe + .observe {
|
|
||||||
margin-top: 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article--cards .feed-title {
|
|
||||||
border-bottom: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article--cards h3 {
|
|
||||||
margin: 0;
|
|
||||||
padding: 0 1em 0.5em;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* `v-html` content isn't part of the component's render output, so it never
|
|
||||||
gets the scoped `data-v-*` attribute — `:deep()` is required for this rule
|
|
||||||
to actually reach the injected <img> tags (without it, the selector silently
|
|
||||||
never matches). Cap the height so a large article photo reads as a tidy
|
|
||||||
preview thumbnail; the card itself is left to grow to whatever height its
|
|
||||||
content (image included) naturally needs — no clamping, no max-height. */
|
|
||||||
.article--cards .feed-content :deep(img) {
|
|
||||||
max-height: 220px;
|
|
||||||
width: auto;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-content--readable :deep(img),
|
|
||||||
.feed-content--readable :deep(video) {
|
|
||||||
display: block;
|
|
||||||
width: 100vw;
|
|
||||||
max-width: 100vw;
|
|
||||||
height: auto;
|
|
||||||
margin-top: 1.5em;
|
|
||||||
margin-bottom: 1.5em;
|
|
||||||
margin-left: 50%;
|
|
||||||
transform: translateX(-50%);
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-content--readable :deep(img.article-feature__image--small) {
|
|
||||||
display: block;
|
|
||||||
width: auto;
|
|
||||||
max-width: 100%;
|
|
||||||
margin: 1.5em auto;
|
|
||||||
transform: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
@media (min-width: 720px) {
|
|
||||||
.feed-content--readable :deep(img),
|
|
||||||
.feed-content--readable :deep(video) {
|
|
||||||
display: block;
|
|
||||||
width: auto;
|
|
||||||
max-width: 100%;
|
|
||||||
height: auto;
|
|
||||||
margin: 1.5em auto;
|
|
||||||
transform: none;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-original-link {
|
|
||||||
display: flex;
|
|
||||||
flex-wrap: wrap;
|
|
||||||
align-items: center;
|
|
||||||
gap: 0.5rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-original-link a {
|
|
||||||
display: inline-flex;
|
|
||||||
align-items: center;
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0.25em 1em;
|
|
||||||
color: var(--color-accent);
|
|
||||||
text-decoration: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-original-link a:hover {
|
|
||||||
text-decoration: underline;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-share-btn {
|
|
||||||
display: inline-flex;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: center;
|
|
||||||
min-width: 44px;
|
|
||||||
min-height: 44px;
|
|
||||||
padding: 0;
|
|
||||||
border: none;
|
|
||||||
background: transparent;
|
|
||||||
color: var(--color-text);
|
|
||||||
opacity: 0.45;
|
|
||||||
cursor: pointer;
|
|
||||||
transition: opacity 0.15s;
|
|
||||||
}
|
|
||||||
|
|
||||||
.feed-share-btn:hover {
|
|
||||||
opacity: 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-single {
|
|
||||||
position: relative;
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
align-items: center;
|
|
||||||
padding-bottom: 5rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature {
|
|
||||||
width: 100%;
|
|
||||||
max-width: 720px;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__source {
|
|
||||||
margin: 0 0 0.5em;
|
|
||||||
padding: 0 1rem;
|
|
||||||
font-size: clamp(0.75rem, 2vw, 0.85rem);
|
|
||||||
font-weight: 600;
|
|
||||||
letter-spacing: 0.05em;
|
|
||||||
text-transform: uppercase;
|
|
||||||
color: var(--color-accent);
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__title {
|
|
||||||
cursor: pointer;
|
|
||||||
margin: 0;
|
|
||||||
padding: 0 1rem;
|
|
||||||
font-family: var(--headline-font-family);
|
|
||||||
font-size: calc(clamp(1.4rem, 5vw, 2rem) * var(--headline-font-size-scale));
|
|
||||||
font-weight: bold;
|
|
||||||
line-height: 1.15;
|
|
||||||
color: var(--color-accent-2);
|
|
||||||
transition: color 0.2s;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__title:hover {
|
|
||||||
color: var(--color-accent-2-hover);
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__meta {
|
|
||||||
margin: 0.75em 0 1.5em;
|
|
||||||
padding: 0 1rem 1.5em;
|
|
||||||
font-size: clamp(0.85rem, 2.5vw, 1rem);
|
|
||||||
font-weight: normal;
|
|
||||||
opacity: 0.55;
|
|
||||||
border-bottom: 1px solid var(--color-border);
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature .feed-original-link {
|
|
||||||
margin-bottom: 1.5em;
|
|
||||||
padding: 0 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content {
|
|
||||||
padding: 0 1rem;
|
|
||||||
font-family: var(--content-font-family);
|
|
||||||
font-size: calc(clamp(1rem, 3.5vw, 1.25rem) * var(--content-font-size-scale));
|
|
||||||
line-height: 1.75;
|
|
||||||
overflow-wrap: break-word;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(p) {
|
|
||||||
padding: 0.5em 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(h3) {
|
|
||||||
padding: 0.5em 0;
|
|
||||||
font-size: calc(clamp(1rem, 3vw, 1.3rem) * var(--headline-font-size-scale));
|
|
||||||
font-weight: bold;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(img),
|
|
||||||
.article-feature__content :deep(video) {
|
|
||||||
max-width: 100%;
|
|
||||||
height: auto;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content--readable :deep(img),
|
|
||||||
.article-feature__content--readable :deep(video) {
|
|
||||||
display: block;
|
|
||||||
width: 100vw;
|
|
||||||
max-width: 100vw;
|
|
||||||
height: auto;
|
|
||||||
margin-top: 1.5em;
|
|
||||||
margin-bottom: 1.5em;
|
|
||||||
margin-left: 50%;
|
|
||||||
transform: translateX(-50%);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Small images (icons, logos, ...) keep their natural size instead of being
|
|
||||||
stretched to the full-bleed width. */
|
|
||||||
.article-feature__content--readable :deep(img.article-feature__image--small) {
|
|
||||||
display: block;
|
|
||||||
width: auto;
|
|
||||||
max-width: 100%;
|
|
||||||
margin: 1.5em auto;
|
|
||||||
transform: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* On desktop the viewport is much wider than the article column, so the
|
|
||||||
full-bleed 100vw treatment above would blow images up far beyond their
|
|
||||||
natural resolution. Keep them at natural size, centered in the text. */
|
|
||||||
@media (min-width: 720px) {
|
|
||||||
.article-feature__content--readable :deep(img),
|
|
||||||
.article-feature__content--readable :deep(video) {
|
|
||||||
display: block;
|
|
||||||
width: auto;
|
|
||||||
max-width: 100%;
|
|
||||||
height: auto;
|
|
||||||
margin: 1.5em auto;
|
|
||||||
transform: none;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(a) {
|
|
||||||
color: var(--color-accent);
|
|
||||||
text-decoration-color: var(--color-accent-hover);
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(blockquote) {
|
|
||||||
margin: 1.5em 0;
|
|
||||||
padding: 1em 0;
|
|
||||||
border-top: 1px solid var(--color-border);
|
|
||||||
border-bottom: 1px solid var(--color-border);
|
|
||||||
font-family: var(--content-font-family);
|
|
||||||
font-size: 1.25em;
|
|
||||||
font-style: italic;
|
|
||||||
text-align: center;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(pre) {
|
|
||||||
overflow-x: auto;
|
|
||||||
padding: 1em;
|
|
||||||
background: var(--color-background-soft);
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(code) {
|
|
||||||
font-family: 'Courier New', monospace;
|
|
||||||
font-size: 0.9em;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-feature__content :deep(figcaption) {
|
|
||||||
margin-top: 0.5em;
|
|
||||||
font-size: 0.85em;
|
|
||||||
text-align: center;
|
|
||||||
opacity: 0.65;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-nav {
|
|
||||||
position: fixed;
|
|
||||||
right: 1rem;
|
|
||||||
bottom: 1.5rem;
|
|
||||||
z-index: 20;
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
gap: 0.75rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-nav__btn {
|
|
||||||
min-width: 56px;
|
|
||||||
min-height: 56px;
|
|
||||||
border-radius: 50%;
|
|
||||||
border: 1px solid var(--color-border);
|
|
||||||
background: var(--color-background-soft);
|
|
||||||
color: var(--color-text);
|
|
||||||
font-size: 1.5rem;
|
|
||||||
line-height: 1;
|
|
||||||
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.25);
|
|
||||||
cursor: pointer;
|
|
||||||
opacity: 0.55;
|
|
||||||
transition: opacity 0.15s, border-color 0.15s;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-nav__btn:hover:not(:disabled),
|
|
||||||
.article-nav__btn:focus-visible {
|
|
||||||
border-color: var(--color-border-hover);
|
|
||||||
opacity: 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
.article-nav__btn:disabled {
|
|
||||||
opacity: 0.4;
|
|
||||||
cursor: not-allowed;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
|
|||||||
@@ -0,0 +1,86 @@
|
|||||||
|
<script setup>
|
||||||
|
import WelcomeItem from './WelcomeItem.vue'
|
||||||
|
import DocumentationIcon from './icons/IconDocumentation.vue'
|
||||||
|
import ToolingIcon from './icons/IconTooling.vue'
|
||||||
|
import EcosystemIcon from './icons/IconEcosystem.vue'
|
||||||
|
import CommunityIcon from './icons/IconCommunity.vue'
|
||||||
|
import SupportIcon from './icons/IconSupport.vue'
|
||||||
|
</script>
|
||||||
|
|
||||||
|
<template>
|
||||||
|
<WelcomeItem>
|
||||||
|
<template #icon>
|
||||||
|
<DocumentationIcon />
|
||||||
|
</template>
|
||||||
|
<template #heading>Documentation</template>
|
||||||
|
|
||||||
|
Vue’s
|
||||||
|
<a href="https://vuejs.org/" target="_blank" rel="noopener">official documentation</a>
|
||||||
|
provides you with all information you need to get started.
|
||||||
|
</WelcomeItem>
|
||||||
|
|
||||||
|
<WelcomeItem>
|
||||||
|
<template #icon>
|
||||||
|
<ToolingIcon />
|
||||||
|
</template>
|
||||||
|
<template #heading>Tooling</template>
|
||||||
|
|
||||||
|
This project is served and bundled with
|
||||||
|
<a href="https://vitejs.dev/guide/features.html" target="_blank" rel="noopener">Vite</a>. The
|
||||||
|
recommended IDE setup is
|
||||||
|
<a href="https://code.visualstudio.com/" target="_blank" rel="noopener">VSCode</a> +
|
||||||
|
<a href="https://github.com/johnsoncodehk/volar" target="_blank" rel="noopener">Volar</a>. If
|
||||||
|
you need to test your components and web pages, check out
|
||||||
|
<a href="https://www.cypress.io/" target="_blank" rel="noopener">Cypress</a> and
|
||||||
|
<a href="https://on.cypress.io/component" target="_blank">Cypress Component Testing</a>.
|
||||||
|
|
||||||
|
<br />
|
||||||
|
|
||||||
|
More instructions are available in <code>README.md</code>.
|
||||||
|
</WelcomeItem>
|
||||||
|
|
||||||
|
<WelcomeItem>
|
||||||
|
<template #icon>
|
||||||
|
<EcosystemIcon />
|
||||||
|
</template>
|
||||||
|
<template #heading>Ecosystem</template>
|
||||||
|
|
||||||
|
Get official tools and libraries for your project:
|
||||||
|
<a href="https://pinia.vuejs.org/" target="_blank" rel="noopener">Pinia</a>,
|
||||||
|
<a href="https://router.vuejs.org/" target="_blank" rel="noopener">Vue Router</a>,
|
||||||
|
<a href="https://test-utils.vuejs.org/" target="_blank" rel="noopener">Vue Test Utils</a>, and
|
||||||
|
<a href="https://github.com/vuejs/devtools" target="_blank" rel="noopener">Vue Dev Tools</a>. If
|
||||||
|
you need more resources, we suggest paying
|
||||||
|
<a href="https://github.com/vuejs/awesome-vue" target="_blank" rel="noopener">Awesome Vue</a>
|
||||||
|
a visit.
|
||||||
|
</WelcomeItem>
|
||||||
|
|
||||||
|
<WelcomeItem>
|
||||||
|
<template #icon>
|
||||||
|
<CommunityIcon />
|
||||||
|
</template>
|
||||||
|
<template #heading>Community</template>
|
||||||
|
|
||||||
|
Got stuck? Ask your question on
|
||||||
|
<a href="https://chat.vuejs.org" target="_blank" rel="noopener">Vue Land</a>, our official
|
||||||
|
Discord server, or
|
||||||
|
<a href="https://stackoverflow.com/questions/tagged/vue.js" target="_blank" rel="noopener"
|
||||||
|
>StackOverflow</a
|
||||||
|
>. You should also subscribe to
|
||||||
|
<a href="https://news.vuejs.org" target="_blank" rel="noopener">our mailing list</a> and follow
|
||||||
|
the official
|
||||||
|
<a href="https://twitter.com/vuejs" target="_blank" rel="noopener">@vuejs</a>
|
||||||
|
twitter account for latest news in the Vue world.
|
||||||
|
</WelcomeItem>
|
||||||
|
|
||||||
|
<WelcomeItem>
|
||||||
|
<template #icon>
|
||||||
|
<SupportIcon />
|
||||||
|
</template>
|
||||||
|
<template #heading>Support Vue</template>
|
||||||
|
|
||||||
|
As an independent project, Vue relies on community backing for its sustainability. You can help
|
||||||
|
us by
|
||||||
|
<a href="https://vuejs.org/sponsor/" target="_blank" rel="noopener">becoming a sponsor</a>.
|
||||||
|
</WelcomeItem>
|
||||||
|
</template>
|
||||||
@@ -0,0 +1,86 @@
|
|||||||
|
<template>
|
||||||
|
<div class="item">
|
||||||
|
<i>
|
||||||
|
<slot name="icon"></slot>
|
||||||
|
</i>
|
||||||
|
<div class="details">
|
||||||
|
<h3>
|
||||||
|
<slot name="heading"></slot>
|
||||||
|
</h3>
|
||||||
|
<slot></slot>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</template>
|
||||||
|
|
||||||
|
<style scoped>
|
||||||
|
.item {
|
||||||
|
margin-top: 2rem;
|
||||||
|
display: flex;
|
||||||
|
position: relative;
|
||||||
|
}
|
||||||
|
|
||||||
|
.details {
|
||||||
|
flex: 1;
|
||||||
|
margin-left: 1rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
i {
|
||||||
|
display: flex;
|
||||||
|
place-items: center;
|
||||||
|
place-content: center;
|
||||||
|
width: 32px;
|
||||||
|
height: 32px;
|
||||||
|
color: var(--color-text);
|
||||||
|
}
|
||||||
|
|
||||||
|
h3 {
|
||||||
|
font-size: 1.2rem;
|
||||||
|
font-weight: 500;
|
||||||
|
margin-bottom: 0.4rem;
|
||||||
|
color: var(--color-heading);
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (min-width: 1024px) {
|
||||||
|
.item {
|
||||||
|
margin-top: 0;
|
||||||
|
padding: 0.4rem 0 1rem calc(var(--section-gap) / 2);
|
||||||
|
}
|
||||||
|
|
||||||
|
i {
|
||||||
|
top: calc(50% - 25px);
|
||||||
|
left: -26px;
|
||||||
|
position: absolute;
|
||||||
|
border: 1px solid var(--color-border);
|
||||||
|
background: var(--color-background);
|
||||||
|
border-radius: 8px;
|
||||||
|
width: 50px;
|
||||||
|
height: 50px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.item:before {
|
||||||
|
content: ' ';
|
||||||
|
border-left: 1px solid var(--color-border);
|
||||||
|
position: absolute;
|
||||||
|
left: 0;
|
||||||
|
bottom: calc(50% + 25px);
|
||||||
|
height: calc(50% - 25px);
|
||||||
|
}
|
||||||
|
|
||||||
|
.item:after {
|
||||||
|
content: ' ';
|
||||||
|
border-left: 1px solid var(--color-border);
|
||||||
|
position: absolute;
|
||||||
|
left: 0;
|
||||||
|
top: calc(50% + 25px);
|
||||||
|
height: calc(50% - 25px);
|
||||||
|
}
|
||||||
|
|
||||||
|
.item:first-of-type:before {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.item:last-of-type:after {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</style>
|
||||||
@@ -1,211 +0,0 @@
|
|||||||
import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|
||||||
import { mount, flushPromises } from '@vue/test-utils'
|
|
||||||
import { createRouter, createWebHistory } from 'vue-router'
|
|
||||||
import axios from 'axios'
|
|
||||||
import AppNav from '../AppNav.vue'
|
|
||||||
import { useFeeds } from '../../composables/useFeeds'
|
|
||||||
|
|
||||||
vi.mock('axios')
|
|
||||||
|
|
||||||
// jsdom does not implement IntersectionObserver, but AppNav sets one up on mount
|
|
||||||
// to track whether the list view's title is scrolled into view.
|
|
||||||
class FakeIntersectionObserver {
|
|
||||||
observe() {}
|
|
||||||
unobserve() {}
|
|
||||||
disconnect() {}
|
|
||||||
}
|
|
||||||
vi.stubGlobal('IntersectionObserver', FakeIntersectionObserver)
|
|
||||||
|
|
||||||
describe('AppNav', () => {
|
|
||||||
let router
|
|
||||||
|
|
||||||
beforeEach(async () => {
|
|
||||||
localStorage.setItem('user-token', 'abc123')
|
|
||||||
localStorage.setItem('user-id', '7')
|
|
||||||
vi.clearAllMocks()
|
|
||||||
|
|
||||||
const { feeds, showMessage, message, showModal, viewMode, currentIndex, layout } = useFeeds()
|
|
||||||
feeds.value = []
|
|
||||||
showMessage.value = false
|
|
||||||
message.value = ''
|
|
||||||
showModal.value = false
|
|
||||||
viewMode.value = 'list'
|
|
||||||
currentIndex.value = 0
|
|
||||||
layout.value = 'list'
|
|
||||||
|
|
||||||
router = createRouter({
|
|
||||||
history: createWebHistory(),
|
|
||||||
routes: [
|
|
||||||
{ path: '/login', name: 'login', component: { template: '<div />' } },
|
|
||||||
{ path: '/feeds', name: 'feeds', component: { template: '<div />' } },
|
|
||||||
],
|
|
||||||
})
|
|
||||||
router.push('/feeds')
|
|
||||||
await router.isReady()
|
|
||||||
})
|
|
||||||
|
|
||||||
async function mountWithMenuOpen() {
|
|
||||||
const wrapper = mount(AppNav, { global: { plugins: [router] } })
|
|
||||||
await wrapper.find('.app-nav__hamburger').trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
return wrapper
|
|
||||||
}
|
|
||||||
|
|
||||||
it('toggles the menu open and closed via the hamburger button', async () => {
|
|
||||||
const wrapper = mount(AppNav, { global: { plugins: [router] } })
|
|
||||||
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(false)
|
|
||||||
|
|
||||||
await wrapper.find('.app-nav__hamburger').trigger('click')
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(true)
|
|
||||||
|
|
||||||
await wrapper.find('.app-nav__hamburger').trigger('click')
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(false)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('clears stored credentials and redirects to login on logout', async () => {
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
|
|
||||||
await wrapper.find('.app-nav__logout').trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(localStorage.getItem('user-token')).toBeNull()
|
|
||||||
expect(localStorage.getItem('user-id')).toBeNull()
|
|
||||||
expect(router.currentRoute.value.name).toBe('login')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('triggers a sync from the menu', async () => {
|
|
||||||
axios.get.mockResolvedValue({ data: { feeds: [] } })
|
|
||||||
axios.post.mockResolvedValueOnce({ status: 200 })
|
|
||||||
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
|
|
||||||
const syncButton = wrapper.findAll('.app-nav__menu-item').find(el => el.text() === 'Sync')
|
|
||||||
await syncButton.trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(axios.post).toHaveBeenCalledWith(
|
|
||||||
'/api/v1/article/sync',
|
|
||||||
{ user_id: 7 },
|
|
||||||
expect.anything(),
|
|
||||||
)
|
|
||||||
// Menu auto-closes after an action
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(false)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('opens the add-feed modal from the menu', async () => {
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
const { showModal } = useFeeds()
|
|
||||||
|
|
||||||
const addButton = wrapper.findAll('.app-nav__menu-item').find(el => el.text() === 'Add RSS')
|
|
||||||
await addButton.trigger('click')
|
|
||||||
|
|
||||||
expect(showModal.value).toBe(true)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('switches the view mode from the menu and closes it', async () => {
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
const { viewMode } = useFeeds()
|
|
||||||
|
|
||||||
const viewButton = wrapper.findAll('.app-nav__menu-item').find(el => el.text() === 'Article view')
|
|
||||||
await viewButton.trigger('click')
|
|
||||||
|
|
||||||
expect(viewMode.value).toBe('article')
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(false)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('switches the list layout from the menu and closes it', async () => {
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
const { layout } = useFeeds()
|
|
||||||
|
|
||||||
const layoutButton = wrapper.findAll('.app-nav__menu-item').find(el => el.text() === 'Card layout')
|
|
||||||
await layoutButton.trigger('click')
|
|
||||||
|
|
||||||
expect(layout.value).toBe('cards')
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(false)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('hides the layout toggle while in article view', async () => {
|
|
||||||
const { viewMode } = useFeeds()
|
|
||||||
viewMode.value = 'article'
|
|
||||||
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
|
|
||||||
expect(wrapper.findAll('.app-nav__menu-item').find(el => el.text().includes('layout'))).toBeUndefined()
|
|
||||||
})
|
|
||||||
|
|
||||||
it('marks all articles as read from the menu after confirmation', async () => {
|
|
||||||
const { feeds } = useFeeds()
|
|
||||||
feeds.value = [
|
|
||||||
{ id: 1, title: 'Article one', content: '', url: 'https://example.test/1', timestamp: '2026-01-01' },
|
|
||||||
{ id: 2, title: 'Article two', content: '', url: 'https://example.test/2', timestamp: '2026-01-02' },
|
|
||||||
]
|
|
||||||
axios.put.mockResolvedValue({ status: 200 })
|
|
||||||
const confirmSpy = vi.spyOn(window, 'confirm').mockReturnValue(true)
|
|
||||||
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
const markAllButton = wrapper.findAll('.app-nav__menu-item').find(el => el.text() === 'Mark all as read')
|
|
||||||
await markAllButton.trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(confirmSpy).toHaveBeenCalled()
|
|
||||||
expect(axios.put).toHaveBeenCalledWith('/api/v1/article/read/1', null, expect.anything())
|
|
||||||
expect(axios.put).toHaveBeenCalledWith('/api/v1/article/read/2', null, expect.anything())
|
|
||||||
expect(feeds.value).toHaveLength(0)
|
|
||||||
expect(wrapper.find('.app-nav__menu').exists()).toBe(false)
|
|
||||||
|
|
||||||
confirmSpy.mockRestore()
|
|
||||||
})
|
|
||||||
|
|
||||||
it('shows the unread count in the title when there are articles', async () => {
|
|
||||||
const { feeds } = useFeeds()
|
|
||||||
feeds.value = [
|
|
||||||
{ id: 1, title: 'Article one', content: '', url: 'https://example.test/1', timestamp: '2026-01-01' },
|
|
||||||
{ id: 2, title: 'Article two', content: '', url: 'https://example.test/2', timestamp: '2026-01-02' },
|
|
||||||
]
|
|
||||||
|
|
||||||
const wrapper = mount(AppNav, { global: { plugins: [router] } })
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.app-nav__title').text()).toContain('(2)')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('excludes already-read articles from the counter while in article view', async () => {
|
|
||||||
const { feeds } = useFeeds()
|
|
||||||
feeds.value = [
|
|
||||||
{ id: 1, title: 'Article one', read: true, content: '', url: 'https://example.test/1', timestamp: '2026-01-01' },
|
|
||||||
{ id: 2, title: 'Article two', read: false, content: '', url: 'https://example.test/2', timestamp: '2026-01-02' },
|
|
||||||
]
|
|
||||||
|
|
||||||
const wrapper = mount(AppNav, { global: { plugins: [router] } })
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.app-nav__title').text()).toContain('(1)')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('hides the unread count when there are no articles', async () => {
|
|
||||||
const wrapper = mount(AppNav, { global: { plugins: [router] } })
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.app-nav__unread').exists()).toBe(false)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('does not mark articles as read when the confirmation is dismissed', async () => {
|
|
||||||
const { feeds } = useFeeds()
|
|
||||||
feeds.value = [
|
|
||||||
{ id: 1, title: 'Article one', content: '', url: 'https://example.test/1', timestamp: '2026-01-01' },
|
|
||||||
]
|
|
||||||
const confirmSpy = vi.spyOn(window, 'confirm').mockReturnValue(false)
|
|
||||||
|
|
||||||
const wrapper = await mountWithMenuOpen()
|
|
||||||
const markAllButton = wrapper.findAll('.app-nav__menu-item').find(el => el.text() === 'Mark all as read')
|
|
||||||
await markAllButton.trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(confirmSpy).toHaveBeenCalled()
|
|
||||||
expect(axios.put).not.toHaveBeenCalled()
|
|
||||||
expect(feeds.value).toHaveLength(1)
|
|
||||||
|
|
||||||
confirmSpy.mockRestore()
|
|
||||||
})
|
|
||||||
})
|
|
||||||
@@ -1,62 +0,0 @@
|
|||||||
import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|
||||||
import { mount, flushPromises } from '@vue/test-utils'
|
|
||||||
import { createRouter, createWebHistory } from 'vue-router'
|
|
||||||
import axios from 'axios'
|
|
||||||
import LoginPage from '../LoginPage.vue'
|
|
||||||
|
|
||||||
vi.mock('axios')
|
|
||||||
|
|
||||||
describe('LoginPage', () => {
|
|
||||||
let router
|
|
||||||
|
|
||||||
beforeEach(async () => {
|
|
||||||
localStorage.clear()
|
|
||||||
vi.clearAllMocks()
|
|
||||||
|
|
||||||
router = createRouter({
|
|
||||||
history: createWebHistory(),
|
|
||||||
routes: [
|
|
||||||
{ path: '/login', name: 'login', component: { template: '<div />' } },
|
|
||||||
{ path: '/feeds', name: 'feeds', component: { template: '<div />' } },
|
|
||||||
],
|
|
||||||
})
|
|
||||||
router.push('/login')
|
|
||||||
await router.isReady()
|
|
||||||
})
|
|
||||||
|
|
||||||
it('stores the token and redirects to feeds on successful login', async () => {
|
|
||||||
axios.post.mockResolvedValueOnce({
|
|
||||||
status: 200,
|
|
||||||
headers: { token: 'abc123', user_id: '7' },
|
|
||||||
})
|
|
||||||
|
|
||||||
const wrapper = mount(LoginPage, { global: { plugins: [router] } })
|
|
||||||
await wrapper.find('#username').setValue('alice')
|
|
||||||
await wrapper.find('#password').setValue('secret')
|
|
||||||
await wrapper.find('form').trigger('submit.prevent')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(axios.post).toHaveBeenCalledWith(
|
|
||||||
'/api/v1/auth/login',
|
|
||||||
{ username: 'alice', password: 'secret' },
|
|
||||||
expect.anything(),
|
|
||||||
)
|
|
||||||
expect(localStorage.getItem('user-token')).toBe('abc123')
|
|
||||||
expect(localStorage.getItem('user-id')).toBe('7')
|
|
||||||
expect(router.currentRoute.value.name).toBe('feeds')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('shows an error message and does not redirect when login fails', async () => {
|
|
||||||
axios.post.mockRejectedValueOnce(new Error('Request failed'))
|
|
||||||
|
|
||||||
const wrapper = mount(LoginPage, { global: { plugins: [router] } })
|
|
||||||
await wrapper.find('#username').setValue('alice')
|
|
||||||
await wrapper.find('#password').setValue('wrong')
|
|
||||||
await wrapper.find('form').trigger('submit.prevent')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.text()).toContain('Login failed')
|
|
||||||
expect(localStorage.getItem('user-token')).toBeNull()
|
|
||||||
expect(router.currentRoute.value.name).toBe('login')
|
|
||||||
})
|
|
||||||
})
|
|
||||||
@@ -1,348 +0,0 @@
|
|||||||
import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|
||||||
import { mount, flushPromises } from '@vue/test-utils'
|
|
||||||
import axios from 'axios'
|
|
||||||
import RssFeeds from '../RssFeeds.vue'
|
|
||||||
import { useFeeds } from '../../composables/useFeeds'
|
|
||||||
|
|
||||||
vi.mock('axios')
|
|
||||||
|
|
||||||
// jsdom does not implement IntersectionObserver, but the component sets one up
|
|
||||||
// once the feed list has rendered.
|
|
||||||
class FakeIntersectionObserver {
|
|
||||||
observe() {}
|
|
||||||
unobserve() {}
|
|
||||||
disconnect() {}
|
|
||||||
}
|
|
||||||
vi.stubGlobal('IntersectionObserver', FakeIntersectionObserver)
|
|
||||||
|
|
||||||
describe('RssFeeds', () => {
|
|
||||||
beforeEach(() => {
|
|
||||||
localStorage.setItem('user-token', 'test-token')
|
|
||||||
localStorage.setItem('user-id', '7')
|
|
||||||
vi.clearAllMocks()
|
|
||||||
|
|
||||||
// useFeeds() returns module-level singleton refs shared across the whole
|
|
||||||
// app (and this spec file) — reset them so state doesn't leak between tests.
|
|
||||||
const { feeds, showMessage, message, showModal, viewMode, currentIndex, layout } = useFeeds()
|
|
||||||
feeds.value = []
|
|
||||||
showMessage.value = false
|
|
||||||
message.value = ''
|
|
||||||
showModal.value = false
|
|
||||||
viewMode.value = 'list'
|
|
||||||
currentIndex.value = 0
|
|
||||||
layout.value = 'list'
|
|
||||||
})
|
|
||||||
|
|
||||||
it('fetches the current user articles and shows the empty state', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({ data: { feeds: [] } })
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(axios.get).toHaveBeenCalledWith('/api/v1/article/get/7', expect.anything())
|
|
||||||
expect(wrapper.text()).toContain('All caught up')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('renders the fetched feed items', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<p>hello</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-01-01',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.text()).toContain('Article one')
|
|
||||||
expect(wrapper.text()).toContain('My Feed')
|
|
||||||
expect(wrapper.text()).not.toContain('All caught up')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('renders the list as cards when the card layout is selected', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<p>hello</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-01-01',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
const { layout } = useFeeds()
|
|
||||||
layout.value = 'cards'
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.article').classes()).toContain('article--cards')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('shows the full article content in cards with no truncation, growing the card to fit', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<img src="https://example.test/photo.jpg" alt="photo"><br>short summary',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-01-01',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
// axios.post is also hit by the sync triggered on mount, so branch on the
|
|
||||||
// URL rather than relying on call order via `mockResolvedValueOnce`.
|
|
||||||
axios.post.mockImplementation((url) => {
|
|
||||||
if (url === '/api/v1/article/sync') {
|
|
||||||
return Promise.resolve({ status: 200 })
|
|
||||||
}
|
|
||||||
return Promise.resolve({ data: { content: '<html><body><article><p>full text</p></article></body></html>' } })
|
|
||||||
})
|
|
||||||
|
|
||||||
const { layout } = useFeeds()
|
|
||||||
layout.value = 'cards'
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
// Preview images are shown (not hidden/truncated) and the snippet isn't clamped.
|
|
||||||
expect(wrapper.find('.feed-content img').exists()).toBe(true)
|
|
||||||
expect(wrapper.find('.feed-content').classes()).not.toContain('feed-content--clamped')
|
|
||||||
expect(wrapper.text()).toContain('short summary')
|
|
||||||
|
|
||||||
await wrapper.find('.feed-title').trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.text()).toContain('full text')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('sorts articles by date across feeds, newest first', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'Old Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Older article',
|
|
||||||
content: '<p>old</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-01-01 10:00:00',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
{
|
|
||||||
title: 'New Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 2,
|
|
||||||
title: 'Newer article',
|
|
||||||
content: '<p>new</p>',
|
|
||||||
url: 'https://example.test/2',
|
|
||||||
timestamp: '2026-02-01 10:00:00',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
const titles = wrapper.findAll('.feed-title').map(el => el.text())
|
|
||||||
expect(titles).toEqual(['Newer article', 'Older article'])
|
|
||||||
})
|
|
||||||
|
|
||||||
it('keeps a link to the original article visible after the readable version is loaded', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<p>short summary</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-01-01',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
// axios.post is also hit by the sync triggered on mount, so branch on the
|
|
||||||
// URL rather than relying on call order via `mockResolvedValueOnce`.
|
|
||||||
axios.post.mockImplementation((url) => {
|
|
||||||
if (url === '/api/v1/article/sync') {
|
|
||||||
return Promise.resolve({ status: 200 })
|
|
||||||
}
|
|
||||||
return Promise.resolve({ data: { content: '<html><body><article><p>full text</p></article></body></html>' } })
|
|
||||||
})
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
const link = wrapper.find('.feed-original-link a')
|
|
||||||
expect(link.exists()).toBe(true)
|
|
||||||
expect(link.attributes('href')).toBe('https://example.test/1')
|
|
||||||
expect(link.attributes('target')).toBe('_blank')
|
|
||||||
|
|
||||||
await wrapper.find('.feed-title').trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
const linkAfter = wrapper.find('.feed-original-link a')
|
|
||||||
expect(linkAfter.exists()).toBe(true)
|
|
||||||
expect(linkAfter.attributes('href')).toBe('https://example.test/1')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('switches to article view and navigates between articles', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<p>one</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-02-01 10:00:00',
|
|
||||||
},
|
|
||||||
{
|
|
||||||
id: 2,
|
|
||||||
title: 'Article two',
|
|
||||||
content: '<p>two</p>',
|
|
||||||
url: 'https://example.test/2',
|
|
||||||
timestamp: '2026-01-01 10:00:00',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
axios.put.mockResolvedValue({ status: 200 })
|
|
||||||
axios.post.mockResolvedValue({ data: { content: '<html><body><article><p>full text</p></article></body></html>' } })
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
// The view-toggle button now lives in AppNav's hamburger menu, not here —
|
|
||||||
// switch modes directly through the shared composable, as AppNav would.
|
|
||||||
useFeeds().toggleViewMode()
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.article-single .article-feature__title').text()).toBe('Article one')
|
|
||||||
// Same as in list view: the readable content is loaded on demand by
|
|
||||||
// clicking the headline, not fetched automatically on entering the view.
|
|
||||||
// (axios.post is also hit by the sync triggered on mount.)
|
|
||||||
expect(axios.post).not.toHaveBeenCalledWith('/api/v1/article/read', expect.anything(), expect.anything())
|
|
||||||
expect(wrapper.find('.article-single .feed-original-link a').exists()).toBe(true)
|
|
||||||
|
|
||||||
await wrapper.find('.article-single .article-feature__title').trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(axios.post).toHaveBeenCalledWith('/api/v1/article/read', { url: 'https://example.test/1' }, expect.anything())
|
|
||||||
expect(wrapper.find('.article-single .feed-original-link a').exists()).toBe(true)
|
|
||||||
|
|
||||||
expect(wrapper.findAll('.article-nav__btn')[0].attributes('disabled')).toBeDefined()
|
|
||||||
|
|
||||||
await wrapper.findAll('.article-nav__btn')[1].trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.article-single .article-feature__title').text()).toBe('Article two')
|
|
||||||
expect(wrapper.findAll('.article-nav__btn')[1].attributes('disabled')).toBeDefined()
|
|
||||||
|
|
||||||
await wrapper.findAll('.article-nav__btn')[0].trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.find('.article-single .article-feature__title').text()).toBe('Article one')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('drops articles read while paging through article view once back in the list', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<p>one</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-03-01 10:00:00',
|
|
||||||
},
|
|
||||||
{
|
|
||||||
id: 2,
|
|
||||||
title: 'Article two',
|
|
||||||
content: '<p>two</p>',
|
|
||||||
url: 'https://example.test/2',
|
|
||||||
timestamp: '2026-02-01 10:00:00',
|
|
||||||
},
|
|
||||||
{
|
|
||||||
id: 3,
|
|
||||||
title: 'Article three',
|
|
||||||
content: '<p>three</p>',
|
|
||||||
url: 'https://example.test/3',
|
|
||||||
timestamp: '2026-01-01 10:00:00',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
axios.put.mockResolvedValue({ status: 200 })
|
|
||||||
|
|
||||||
const wrapper = mount(RssFeeds)
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
const { toggleViewMode, leaveArticleView } = useFeeds()
|
|
||||||
|
|
||||||
// Enter article view (marks "Article one" read), page forward to "Article
|
|
||||||
// two" (marks it read too), then leave without visiting "Article three".
|
|
||||||
toggleViewMode()
|
|
||||||
await flushPromises()
|
|
||||||
await wrapper.findAll('.article-nav__btn')[1].trigger('click')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
leaveArticleView()
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
const titles = wrapper.findAll('.feed-title').map(el => el.text())
|
|
||||||
expect(titles).toEqual(['Article three'])
|
|
||||||
})
|
|
||||||
})
|
|
||||||
@@ -0,0 +1,7 @@
|
|||||||
|
<template>
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor">
|
||||||
|
<path
|
||||||
|
d="M15 4a1 1 0 1 0 0 2V4zm0 11v-1a1 1 0 0 0-1 1h1zm0 4l-.707.707A1 1 0 0 0 16 19h-1zm-4-4l.707-.707A1 1 0 0 0 11 14v1zm-4.707-1.293a1 1 0 0 0-1.414 1.414l1.414-1.414zm-.707.707l-.707-.707.707.707zM9 11v-1a1 1 0 0 0-.707.293L9 11zm-4 0h1a1 1 0 0 0-1-1v1zm0 4H4a1 1 0 0 0 1.707.707L5 15zm10-9h2V4h-2v2zm2 0a1 1 0 0 1 1 1h2a3 3 0 0 0-3-3v2zm1 1v6h2V7h-2zm0 6a1 1 0 0 1-1 1v2a3 3 0 0 0 3-3h-2zm-1 1h-2v2h2v-2zm-3 1v4h2v-4h-2zm1.707 3.293l-4-4-1.414 1.414 4 4 1.414-1.414zM11 14H7v2h4v-2zm-4 0c-.276 0-.525-.111-.707-.293l-1.414 1.414C5.42 15.663 6.172 16 7 16v-2zm-.707 1.121l3.414-3.414-1.414-1.414-3.414 3.414 1.414 1.414zM9 12h4v-2H9v2zm4 0a3 3 0 0 0 3-3h-2a1 1 0 0 1-1 1v2zm3-3V3h-2v6h2zm0-6a3 3 0 0 0-3-3v2a1 1 0 0 1 1 1h2zm-3-3H3v2h10V0zM3 0a3 3 0 0 0-3 3h2a1 1 0 0 1 1-1V0zM0 3v6h2V3H0zm0 6a3 3 0 0 0 3 3v-2a1 1 0 0 1-1-1H0zm3 3h2v-2H3v2zm1-1v4h2v-4H4zm1.707 4.707l.586-.586-1.414-1.414-.586.586 1.414 1.414z"
|
||||||
|
/>
|
||||||
|
</svg>
|
||||||
|
</template>
|
||||||
@@ -0,0 +1,7 @@
|
|||||||
|
<template>
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" width="20" height="17" fill="currentColor">
|
||||||
|
<path
|
||||||
|
d="M11 2.253a1 1 0 1 0-2 0h2zm-2 13a1 1 0 1 0 2 0H9zm.447-12.167a1 1 0 1 0 1.107-1.666L9.447 3.086zM1 2.253L.447 1.42A1 1 0 0 0 0 2.253h1zm0 13H0a1 1 0 0 0 1.553.833L1 15.253zm8.447.833a1 1 0 1 0 1.107-1.666l-1.107 1.666zm0-14.666a1 1 0 1 0 1.107 1.666L9.447 1.42zM19 2.253h1a1 1 0 0 0-.447-.833L19 2.253zm0 13l-.553.833A1 1 0 0 0 20 15.253h-1zm-9.553-.833a1 1 0 1 0 1.107 1.666L9.447 14.42zM9 2.253v13h2v-13H9zm1.553-.833C9.203.523 7.42 0 5.5 0v2c1.572 0 2.961.431 3.947 1.086l1.107-1.666zM5.5 0C3.58 0 1.797.523.447 1.42l1.107 1.666C2.539 2.431 3.928 2 5.5 2V0zM0 2.253v13h2v-13H0zm1.553 13.833C2.539 15.431 3.928 15 5.5 15v-2c-1.92 0-3.703.523-5.053 1.42l1.107 1.666zM5.5 15c1.572 0 2.961.431 3.947 1.086l1.107-1.666C9.203 13.523 7.42 13 5.5 13v2zm5.053-11.914C11.539 2.431 12.928 2 14.5 2V0c-1.92 0-3.703.523-5.053 1.42l1.107 1.666zM14.5 2c1.573 0 2.961.431 3.947 1.086l1.107-1.666C18.203.523 16.421 0 14.5 0v2zm3.5.253v13h2v-13h-2zm1.553 12.167C18.203 13.523 16.421 13 14.5 13v2c1.573 0 2.961.431 3.947 1.086l1.107-1.666zM14.5 13c-1.92 0-3.703.523-5.053 1.42l1.107 1.666C11.539 15.431 12.928 15 14.5 15v-2z"
|
||||||
|
/>
|
||||||
|
</svg>
|
||||||
|
</template>
|
||||||
@@ -0,0 +1,7 @@
|
|||||||
|
<template>
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" width="18" height="20" fill="currentColor">
|
||||||
|
<path
|
||||||
|
d="M11.447 8.894a1 1 0 1 0-.894-1.789l.894 1.789zm-2.894-.789a1 1 0 1 0 .894 1.789l-.894-1.789zm0 1.789a1 1 0 1 0 .894-1.789l-.894 1.789zM7.447 7.106a1 1 0 1 0-.894 1.789l.894-1.789zM10 9a1 1 0 1 0-2 0h2zm-2 2.5a1 1 0 1 0 2 0H8zm9.447-5.606a1 1 0 1 0-.894-1.789l.894 1.789zm-2.894-.789a1 1 0 1 0 .894 1.789l-.894-1.789zm2 .789a1 1 0 1 0 .894-1.789l-.894 1.789zm-1.106-2.789a1 1 0 1 0-.894 1.789l.894-1.789zM18 5a1 1 0 1 0-2 0h2zm-2 2.5a1 1 0 1 0 2 0h-2zm-5.447-4.606a1 1 0 1 0 .894-1.789l-.894 1.789zM9 1l.447-.894a1 1 0 0 0-.894 0L9 1zm-2.447.106a1 1 0 1 0 .894 1.789l-.894-1.789zm-6 3a1 1 0 1 0 .894 1.789L.553 4.106zm2.894.789a1 1 0 1 0-.894-1.789l.894 1.789zm-2-.789a1 1 0 1 0-.894 1.789l.894-1.789zm1.106 2.789a1 1 0 1 0 .894-1.789l-.894 1.789zM2 5a1 1 0 1 0-2 0h2zM0 7.5a1 1 0 1 0 2 0H0zm8.553 12.394a1 1 0 1 0 .894-1.789l-.894 1.789zm-1.106-2.789a1 1 0 1 0-.894 1.789l.894-1.789zm1.106 1a1 1 0 1 0 .894 1.789l-.894-1.789zm2.894.789a1 1 0 1 0-.894-1.789l.894 1.789zM8 19a1 1 0 1 0 2 0H8zm2-2.5a1 1 0 1 0-2 0h2zm-7.447.394a1 1 0 1 0 .894-1.789l-.894 1.789zM1 15H0a1 1 0 0 0 .553.894L1 15zm1-2.5a1 1 0 1 0-2 0h2zm12.553 2.606a1 1 0 1 0 .894 1.789l-.894-1.789zM17 15l.447.894A1 1 0 0 0 18 15h-1zm1-2.5a1 1 0 1 0-2 0h2zm-7.447-5.394l-2 1 .894 1.789 2-1-.894-1.789zm-1.106 1l-2-1-.894 1.789 2 1 .894-1.789zM8 9v2.5h2V9H8zm8.553-4.894l-2 1 .894 1.789 2-1-.894-1.789zm.894 0l-2-1-.894 1.789 2 1 .894-1.789zM16 5v2.5h2V5h-2zm-4.553-3.894l-2-1-.894 1.789 2 1 .894-1.789zm-2.894-1l-2 1 .894 1.789 2-1L8.553.106zM1.447 5.894l2-1-.894-1.789-2 1 .894 1.789zm-.894 0l2 1 .894-1.789-2-1-.894 1.789zM0 5v2.5h2V5H0zm9.447 13.106l-2-1-.894 1.789 2 1 .894-1.789zm0 1.789l2-1-.894-1.789-2 1 .894 1.789zM10 19v-2.5H8V19h2zm-6.553-3.894l-2-1-.894 1.789 2 1 .894-1.789zM2 15v-2.5H0V15h2zm13.447 1.894l2-1-.894-1.789-2 1 .894 1.789zM18 15v-2.5h-2V15h2z"
|
||||||
|
/>
|
||||||
|
</svg>
|
||||||
|
</template>
|
||||||
@@ -0,0 +1,7 @@
|
|||||||
|
<template>
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor">
|
||||||
|
<path
|
||||||
|
d="M10 3.22l-.61-.6a5.5 5.5 0 0 0-7.666.105 5.5 5.5 0 0 0-.114 7.665L10 18.78l8.39-8.4a5.5 5.5 0 0 0-.114-7.665 5.5 5.5 0 0 0-7.666-.105l-.61.61z"
|
||||||
|
/>
|
||||||
|
</svg>
|
||||||
|
</template>
|
||||||
@@ -0,0 +1,19 @@
|
|||||||
|
<!-- This icon is from <https://github.com/Templarian/MaterialDesign>, distributed under Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0) license-->
|
||||||
|
<template>
|
||||||
|
<svg
|
||||||
|
xmlns="http://www.w3.org/2000/svg"
|
||||||
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||||
|
aria-hidden="true"
|
||||||
|
role="img"
|
||||||
|
class="iconify iconify--mdi"
|
||||||
|
width="24"
|
||||||
|
height="24"
|
||||||
|
preserveAspectRatio="xMidYMid meet"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
>
|
||||||
|
<path
|
||||||
|
d="M20 18v-4h-3v1h-2v-1H9v1H7v-1H4v4h16M6.33 8l-1.74 4H7v-1h2v1h6v-1h2v1h2.41l-1.74-4H6.33M9 5v1h6V5H9m12.84 7.61c.1.22.16.48.16.8V18c0 .53-.21 1-.6 1.41c-.4.4-.85.59-1.4.59H4c-.55 0-1-.19-1.4-.59C2.21 19 2 18.53 2 18v-4.59c0-.32.06-.58.16-.8L4.5 7.22C4.84 6.41 5.45 6 6.33 6H7V5c0-.55.18-1 .57-1.41C7.96 3.2 8.44 3 9 3h6c.56 0 1.04.2 1.43.59c.39.41.57.86.57 1.41v1h.67c.88 0 1.49.41 1.83 1.22l2.34 5.39z"
|
||||||
|
fill="currentColor"
|
||||||
|
></path>
|
||||||
|
</svg>
|
||||||
|
</template>
|
||||||
@@ -15,7 +15,7 @@ async function save() {
|
|||||||
submitted.value = true;
|
submitted.value = true;
|
||||||
console.log('saved ' + url.value)
|
console.log('saved ' + url.value)
|
||||||
try {
|
try {
|
||||||
const response = await axios.post("/api/v1/article/add", {
|
const response = await axios.post("feeds/add", {
|
||||||
url: url.value,
|
url: url.value,
|
||||||
title: title.value,
|
title: title.value,
|
||||||
user_id: parseInt(localStorage.getItem("user-id"))
|
user_id: parseInt(localStorage.getItem("user-id"))
|
||||||
@@ -44,7 +44,7 @@ async function save() {
|
|||||||
<div class="modal-header">
|
<div class="modal-header">
|
||||||
<slot name="header">Add RSS Feed</slot>
|
<slot name="header">Add RSS Feed</slot>
|
||||||
</div>
|
</div>
|
||||||
<form @submit.prevent="save">
|
<form @submit.prevent="submitForm">
|
||||||
<label for="name">URL:</label>
|
<label for="name">URL:</label>
|
||||||
<input v-model="url" id="url" type="text" required />
|
<input v-model="url" id="url" type="text" required />
|
||||||
<label for="name">Title:</label>
|
<label for="name">Title:</label>
|
||||||
@@ -56,7 +56,7 @@ async function save() {
|
|||||||
|
|
||||||
<div class="modal-footer">
|
<div class="modal-footer">
|
||||||
<slot name="footer">
|
<slot name="footer">
|
||||||
<button type="submit">Save</button>
|
<button type="submit" @click="save">Save</button>
|
||||||
<button class="modal-default-button" @click="$emit('close')">Close</button>
|
<button class="modal-default-button" @click="$emit('close')">Close</button>
|
||||||
</slot>
|
</slot>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@@ -1,43 +0,0 @@
|
|||||||
import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|
||||||
import { mount, flushPromises } from '@vue/test-utils'
|
|
||||||
import axios from 'axios'
|
|
||||||
import AddUrl from '../AddUrl.vue'
|
|
||||||
|
|
||||||
vi.mock('axios')
|
|
||||||
|
|
||||||
describe('AddUrl', () => {
|
|
||||||
beforeEach(() => {
|
|
||||||
localStorage.setItem('user-token', 'test-token')
|
|
||||||
localStorage.setItem('user-id', '7')
|
|
||||||
vi.clearAllMocks()
|
|
||||||
})
|
|
||||||
|
|
||||||
it('posts the entered url and title and shows a success message', async () => {
|
|
||||||
axios.post.mockResolvedValueOnce({ status: 201 })
|
|
||||||
|
|
||||||
const wrapper = mount(AddUrl, { props: { show: true } })
|
|
||||||
await wrapper.find('#url').setValue('https://example.test/feed.xml')
|
|
||||||
await wrapper.find('#title').setValue('Example feed')
|
|
||||||
await wrapper.find('form').trigger('submit')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(axios.post).toHaveBeenCalledWith(
|
|
||||||
'/api/v1/article/add',
|
|
||||||
{ url: 'https://example.test/feed.xml', title: 'Example feed', user_id: 7 },
|
|
||||||
expect.anything(),
|
|
||||||
)
|
|
||||||
expect(wrapper.text()).toContain('saved successfully')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('surfaces the error message when the request fails', async () => {
|
|
||||||
axios.post.mockRejectedValueOnce({ message: 'Network Error' })
|
|
||||||
|
|
||||||
const wrapper = mount(AddUrl, { props: { show: true } })
|
|
||||||
await wrapper.find('#url').setValue('https://example.test/feed.xml')
|
|
||||||
await wrapper.find('#title').setValue('Example feed')
|
|
||||||
await wrapper.find('form').trigger('submit')
|
|
||||||
await flushPromises()
|
|
||||||
|
|
||||||
expect(wrapper.text()).toContain('Network Error')
|
|
||||||
})
|
|
||||||
})
|
|
||||||
@@ -1,248 +0,0 @@
|
|||||||
import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|
||||||
import axios from 'axios'
|
|
||||||
import { useFeeds } from '../useFeeds'
|
|
||||||
|
|
||||||
vi.mock('axios')
|
|
||||||
|
|
||||||
class FakeIntersectionObserver {
|
|
||||||
observe() {}
|
|
||||||
unobserve() {}
|
|
||||||
disconnect() {}
|
|
||||||
}
|
|
||||||
vi.stubGlobal('IntersectionObserver', FakeIntersectionObserver)
|
|
||||||
|
|
||||||
describe('useFeeds', () => {
|
|
||||||
const { feeds, showMessage, message, showModal, fetchData, sync, getReadable, setInitialLoad, handleIntersection } = useFeeds()
|
|
||||||
|
|
||||||
beforeEach(() => {
|
|
||||||
localStorage.setItem('user-token', 'test-token')
|
|
||||||
localStorage.setItem('user-id', '7')
|
|
||||||
vi.clearAllMocks()
|
|
||||||
|
|
||||||
feeds.value = []
|
|
||||||
showMessage.value = false
|
|
||||||
message.value = ''
|
|
||||||
showModal.value = false
|
|
||||||
})
|
|
||||||
|
|
||||||
it('fetches and flattens articles for the current user', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'My Feed',
|
|
||||||
items: [
|
|
||||||
{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
content: '<p>hello</p>',
|
|
||||||
url: 'https://example.test/1',
|
|
||||||
timestamp: '2026-01-01 10:00:00',
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await fetchData()
|
|
||||||
|
|
||||||
expect(axios.get).toHaveBeenCalledWith('/api/v1/article/get/7', expect.anything())
|
|
||||||
expect(feeds.value).toHaveLength(1)
|
|
||||||
expect(feeds.value[0]).toMatchObject({ title: 'Article one', feedTitle: 'My Feed' })
|
|
||||||
})
|
|
||||||
|
|
||||||
it('sorts articles by timestamp across feeds, newest first', async () => {
|
|
||||||
axios.get.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
feeds: [
|
|
||||||
{
|
|
||||||
title: 'Old Feed',
|
|
||||||
items: [
|
|
||||||
{ id: 1, title: 'Older article', content: '', url: 'https://example.test/1', timestamp: '2026-01-01 10:00:00' },
|
|
||||||
],
|
|
||||||
},
|
|
||||||
{
|
|
||||||
title: 'New Feed',
|
|
||||||
items: [
|
|
||||||
{ id: 2, title: 'Newer article', content: '', url: 'https://example.test/2', timestamp: '2026-02-01 10:00:00' },
|
|
||||||
],
|
|
||||||
},
|
|
||||||
],
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await fetchData()
|
|
||||||
|
|
||||||
expect(feeds.value.map(f => f.title)).toEqual(['Newer article', 'Older article'])
|
|
||||||
})
|
|
||||||
|
|
||||||
it('syncs feeds for the current user and refetches', async () => {
|
|
||||||
axios.post.mockResolvedValueOnce({ status: 200 })
|
|
||||||
axios.get.mockResolvedValue({ data: { feeds: [] } })
|
|
||||||
|
|
||||||
await sync()
|
|
||||||
|
|
||||||
expect(axios.post).toHaveBeenCalledWith(
|
|
||||||
'/api/v1/article/sync',
|
|
||||||
{ user_id: 7 },
|
|
||||||
expect.anything(),
|
|
||||||
)
|
|
||||||
expect(axios.get).toHaveBeenCalledWith('/api/v1/article/get/7', expect.anything())
|
|
||||||
})
|
|
||||||
|
|
||||||
it('marks the correct articles read when several scroll out of view in one batch', async () => {
|
|
||||||
feeds.value = [
|
|
||||||
{ id: 101, title: 'First' },
|
|
||||||
{ id: 102, title: 'Second' },
|
|
||||||
{ id: 103, title: 'Third' },
|
|
||||||
]
|
|
||||||
setInitialLoad(true)
|
|
||||||
axios.put.mockResolvedValue({ status: 200 })
|
|
||||||
|
|
||||||
// Both the first and second articles scrolled above the viewport in the
|
|
||||||
// same IntersectionObserver callback — their `target.id` reflects their
|
|
||||||
// original render-time indices (0 and 1).
|
|
||||||
await handleIntersection([
|
|
||||||
{ isIntersecting: false, boundingClientRect: { y: -10 }, target: { id: '0' } },
|
|
||||||
{ isIntersecting: false, boundingClientRect: { y: -5 }, target: { id: '1' } },
|
|
||||||
])
|
|
||||||
|
|
||||||
expect(axios.put).toHaveBeenCalledWith('/api/v1/article/read/101', null, expect.anything())
|
|
||||||
expect(axios.put).toHaveBeenCalledWith('/api/v1/article/read/102', null, expect.anything())
|
|
||||||
expect(axios.put).not.toHaveBeenCalledWith('/api/v1/article/read/103', null, expect.anything())
|
|
||||||
expect(feeds.value).toEqual([{ id: 103, title: 'Third' }])
|
|
||||||
|
|
||||||
setInitialLoad(false)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('strips leftover embedded-video placeholder headings', async () => {
|
|
||||||
feeds.value = [{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
url: 'https://www.dw.com/en/article-one/a-1',
|
|
||||||
content: '',
|
|
||||||
}]
|
|
||||||
axios.post.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
content: `<html><body><article>
|
|
||||||
<h2 aria-label="Eingebettetes Video — Iran-Krieg belastet Wirtschaft und Märkte in Deutschland">
|
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20"><g fill-rule="evenodd"><path d="M14.114 7.599H13.5l.002 4.706h.601l4.582 3.25-.005-11.11zM11.084 4.444l-9.007.002-1.336.797.002 9.514 1.334.793 9.007.006 1.509-.799-.004-9.516z"></path></g></svg>
|
|
||||||
Iran-Krieg belastet Wirtschaft und Märkte in Deutschland
|
|
||||||
</h2>
|
|
||||||
<p>some article text long enough for readability to keep the paragraph as the main content body, padded with extra words to pass the content-length heuristics used by Mozilla Readability when scoring candidate nodes.</p>
|
|
||||||
</article></body></html>`,
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await getReadable(feeds.value[0], 0)
|
|
||||||
|
|
||||||
expect(feeds.value[0].content).not.toContain('Eingebettetes Video')
|
|
||||||
expect(feeds.value[0].content).not.toContain('<svg')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('strips leftover embedded-audio placeholder headings', async () => {
|
|
||||||
feeds.value = [{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
url: 'https://www.dw.com/en/article-one/a-1',
|
|
||||||
content: '',
|
|
||||||
}]
|
|
||||||
axios.post.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
content: `<html><body><article>
|
|
||||||
<h2 aria-label="Eingebetteter Audio-Beitrag — Der Gender Pay Gap existiert noch immer">
|
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20"><g fill-rule="evenodd"><path d="M14.114 7.599H13.5l.002 4.706h.601l4.582 3.25-.005-11.11zM11.084 4.444l-9.007.002-1.336.797.002 9.514 1.334.793 9.007.006 1.509-.799-.004-9.516z"></path></g></svg>
|
|
||||||
Der Gender Pay Gap existiert noch immer
|
|
||||||
</h2>
|
|
||||||
<p>some article text long enough for readability to keep the paragraph as the main content body, padded with extra words to pass the content-length heuristics used by Mozilla Readability when scoring candidate nodes.</p>
|
|
||||||
</article></body></html>`,
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await getReadable(feeds.value[0], 0)
|
|
||||||
|
|
||||||
expect(feeds.value[0].content).not.toContain('Eingebetteter Audio-Beitrag')
|
|
||||||
expect(feeds.value[0].content).not.toContain('<svg')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('resolves Deutsche-Welle-style templated image URLs from data-format/data-url', async () => {
|
|
||||||
feeds.value = [{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
url: 'https://www.dw.com/en/article-one/a-1',
|
|
||||||
content: '',
|
|
||||||
}]
|
|
||||||
axios.post.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
content: `<html><body><article>
|
|
||||||
<img data-format="MASTER_LANDSCAPE" data-id="76212061"
|
|
||||||
data-url="https://static.dw.com/image/76212061_\${formatId}.jpg"
|
|
||||||
data-aspect-ratio="16/9" alt="Merz and Trump"
|
|
||||||
src="https://static.dw.com/image/76212061_$%7BformatId%7D.jpg">
|
|
||||||
<p>some article text long enough for readability to keep the image and paragraph together in the parsed output, padded with extra words to pass the content-length heuristics used by Mozilla Readability when scoring candidate nodes for the main article body.</p>
|
|
||||||
</article></body></html>`,
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await getReadable(feeds.value[0], 0)
|
|
||||||
|
|
||||||
// "MASTER_LANDSCAPE" is a symbolic name from DW's CMS, not a valid value
|
|
||||||
// for the CDN's numeric `formatId` — it must be mapped to "6" or the
|
|
||||||
// resulting URL 400s and the image fails to load.
|
|
||||||
expect(feeds.value[0].content).toContain('src="https://static.dw.com/image/76212061_6.jpg"')
|
|
||||||
// The rendered `src` is what matters — `data-url` retaining the raw
|
|
||||||
// template is harmless since browsers don't load images from data-* attrs.
|
|
||||||
expect(feeds.value[0].content).not.toMatch(/src="[^"]*(\$\{|%7[bB])/)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('resolves templated images regardless of the placeholder name and scrubs other lazy-load attributes', async () => {
|
|
||||||
feeds.value = [{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
url: 'https://www.dw.com/en/article-one/a-1',
|
|
||||||
content: '',
|
|
||||||
}]
|
|
||||||
axios.post.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
content: `<html><body><article>
|
|
||||||
<img data-format="MASTER_LANDSCAPE" data-id="76212061"
|
|
||||||
data-url="https://static.dw.com/image/76212061_\${size}.jpg"
|
|
||||||
data-src="https://static.dw.com/image/76212061_\${size}.jpg"
|
|
||||||
alt="Merz and Trump" src="data:image/gif;base64,placeholder">
|
|
||||||
<p>some article text long enough for readability to keep the image and paragraph together in the parsed output, padded with extra words to pass the content-length heuristics used by Mozilla Readability when scoring candidate nodes for the main article body.</p>
|
|
||||||
</article></body></html>`,
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await getReadable(feeds.value[0], 0)
|
|
||||||
|
|
||||||
// `${size}` isn't the hardcoded `${formatId}` placeholder, but `data-format`
|
|
||||||
// is still the right substitution — and lazy-load attributes like `data-src`
|
|
||||||
// (which Readability may promote into `src`) must be cleaned too, not just
|
|
||||||
// `data-url`, so a stale template can't resurface in the rendered output.
|
|
||||||
expect(feeds.value[0].content).not.toMatch(/src="[^"]*(\$\{|%7[bB])/)
|
|
||||||
})
|
|
||||||
|
|
||||||
it('drops unresolvable templated images instead of leaving a broken src', async () => {
|
|
||||||
feeds.value = [{
|
|
||||||
id: 1,
|
|
||||||
title: 'Article one',
|
|
||||||
url: 'https://example.test/article-one',
|
|
||||||
content: '',
|
|
||||||
}]
|
|
||||||
axios.post.mockResolvedValueOnce({
|
|
||||||
data: {
|
|
||||||
content: `<html><body><article>
|
|
||||||
<img data-url="https://example.test/img_\${size}.jpg" src="https://example.test/img_%7Bsize%7D.jpg">
|
|
||||||
<p>some article text long enough for readability to keep the paragraph as the main content body, padded with extra words to pass the content-length heuristics used by Mozilla Readability when scoring candidate nodes.</p>
|
|
||||||
</article></body></html>`,
|
|
||||||
},
|
|
||||||
})
|
|
||||||
|
|
||||||
await getReadable(feeds.value[0], 0)
|
|
||||||
|
|
||||||
expect(feeds.value[0].content).not.toContain('%7Bsize%7D')
|
|
||||||
expect(feeds.value[0].content).not.toContain('<img')
|
|
||||||
})
|
|
||||||
})
|
|
||||||
@@ -1,381 +0,0 @@
|
|||||||
import { ref, nextTick } from 'vue';
|
|
||||||
import axios from 'axios';
|
|
||||||
import { Readability } from '@mozilla/readability';
|
|
||||||
|
|
||||||
// Module-level state — declared outside useFeeds() so every caller shares the
|
|
||||||
// same singleton refs (a Pinia-free "store" for the feed list and its UI state).
|
|
||||||
const showMessage = ref(false)
|
|
||||||
const feeds = ref([]);
|
|
||||||
const message = ref('')
|
|
||||||
const showModal = ref(false)
|
|
||||||
const viewMode = ref('list') // 'list' | 'article' — toggled from the hamburger menu
|
|
||||||
const currentIndex = ref(0)
|
|
||||||
const layout = ref(localStorage.getItem('layout') || 'list') // 'list' | 'cards' — list-view display style, toggled from the hamburger menu
|
|
||||||
|
|
||||||
let observer; // Declare observer outside the setup function
|
|
||||||
let initialLoad = false
|
|
||||||
|
|
||||||
export function authHeaders() {
|
|
||||||
return {
|
|
||||||
headers: {
|
|
||||||
'Content-Type': 'application/json',
|
|
||||||
'user-token': localStorage.getItem("user-token")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Tells the server to revoke the current token (bumps token_version, so any
|
|
||||||
// other outstanding tokens for this account are invalidated too) before
|
|
||||||
// clearing the local session. Best-effort: if the request fails (e.g. the
|
|
||||||
// token already expired) the local session is cleared regardless.
|
|
||||||
export async function logout() {
|
|
||||||
try {
|
|
||||||
await axios.post('/api/v1/auth/logout', null, authHeaders())
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error logging out', error)
|
|
||||||
}
|
|
||||||
localStorage.removeItem('user-token')
|
|
||||||
localStorage.removeItem('user-id')
|
|
||||||
}
|
|
||||||
|
|
||||||
// Some feeds (e.g. Deutsche Welle) ship <img> tags whose `src` and various
|
|
||||||
// lazy-load attributes (`data-url`, `data-src`, `srcset`, ...) contain an
|
|
||||||
// unresolved `${placeholderName}` template — or its URL-encoded `%7B...%7D`
|
|
||||||
// form — that their own frontend fills in from the sibling `data-format`
|
|
||||||
// attribute before loading; verbatim they 404. Resolve every such attribute
|
|
||||||
// the same way (so Readability's own lazy-image handling can't resurrect a
|
|
||||||
// stale template into `src`), preferring `data-url` as the source of truth
|
|
||||||
// for `src`, and drop the <img> entirely if a template still remains.
|
|
||||||
const TEMPLATE_PATTERN = /\$\{[^}]+\}|%7[bB][^%]*%7[dD]/
|
|
||||||
const TEMPLATE_PATTERN_GLOBAL = /\$\{[^}]+\}|%7[bB][^%]*%7[dD]/g
|
|
||||||
|
|
||||||
// `data-format` holds a symbolic name from DW's CMS (e.g. "MASTER_LANDSCAPE"),
|
|
||||||
// but their image CDN only accepts numeric format ids in the URL — the
|
|
||||||
// template's `${formatId}` literally means a number. Substituting the
|
|
||||||
// symbolic name verbatim produces a 400 (image fails to load). DW generates
|
|
||||||
// the same fixed set of numeric variants for every image, so map the
|
|
||||||
// symbolic names we've seen to their numeric equivalent.
|
|
||||||
const DW_FORMAT_IDS = {
|
|
||||||
MASTER_LANDSCAPE: '6', // 940x529, 16:9 — matches DW's `16/9` aspect ratio
|
|
||||||
}
|
|
||||||
|
|
||||||
function resolveTemplatedImage(img) {
|
|
||||||
const rawFormat = img.getAttribute('data-format')
|
|
||||||
const format = rawFormat && (DW_FORMAT_IDS[rawFormat] ?? (/^\d+$/.test(rawFormat) ? rawFormat : null))
|
|
||||||
const dataUrl = img.getAttribute('data-url')
|
|
||||||
|
|
||||||
if (format) {
|
|
||||||
if (dataUrl && TEMPLATE_PATTERN.test(dataUrl)) {
|
|
||||||
img.setAttribute('src', dataUrl.replace(TEMPLATE_PATTERN_GLOBAL, format))
|
|
||||||
}
|
|
||||||
for (const attr of [...img.attributes]) {
|
|
||||||
if (attr.name !== 'src' && TEMPLATE_PATTERN.test(attr.value)) {
|
|
||||||
img.setAttribute(attr.name, attr.value.replace(TEMPLATE_PATTERN_GLOBAL, format))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (TEMPLATE_PATTERN.test(img.getAttribute('src') ?? '')) {
|
|
||||||
img.remove()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function showMessageForXSeconds(text, seconds) {
|
|
||||||
message.value = text;
|
|
||||||
showMessage.value = true;
|
|
||||||
|
|
||||||
// Set a timeout to hide the message after x seconds
|
|
||||||
setTimeout(() => {
|
|
||||||
showMessage.value = false;
|
|
||||||
message.value = '';
|
|
||||||
}, seconds * 1000); // Convert seconds to milliseconds
|
|
||||||
}
|
|
||||||
|
|
||||||
async function getReadable(feed, index) {
|
|
||||||
try {
|
|
||||||
const response = await axios.post("/api/v1/article/read", {
|
|
||||||
url: feed.url
|
|
||||||
}, authHeaders())
|
|
||||||
|
|
||||||
const doc = new DOMParser().parseFromString(response.data.content, 'text/html');
|
|
||||||
// Scraped articles often contain image/link URLs that are relative to the
|
|
||||||
// source site. A <base> tag makes the browser (and Readability) resolve
|
|
||||||
// them against the article's original URL instead of our own origin.
|
|
||||||
const base = doc.createElement('base');
|
|
||||||
base.setAttribute('href', feed.url);
|
|
||||||
doc.head.prepend(base);
|
|
||||||
doc.querySelectorAll('img').forEach(resolveTemplatedImage);
|
|
||||||
doc.querySelectorAll('video, audio').forEach(el => el.remove());
|
|
||||||
// Some feeds (e.g. Stuttgarter Nachrichten) embed a social-sharing widget
|
|
||||||
// (WhatsApp/Email/Facebook/... links plus a "Link kopiert" tooltip) in the
|
|
||||||
// article body. It's not part of the article, so strip it before Readability
|
|
||||||
// pulls it into the parsed content.
|
|
||||||
doc.querySelectorAll('#article-social-bar').forEach(el => el.remove())
|
|
||||||
// Some feeds (e.g. Deutsche Welle) leave behind a heading + play-icon SVG
|
|
||||||
// for an embedded video/audio player whose actual <video>/<audio>/<iframe>
|
|
||||||
// we already stripped — without it, the heading is just a giant orphaned
|
|
||||||
// icon that takes up space and links nowhere.
|
|
||||||
doc.querySelectorAll('[aria-label]').forEach(el => {
|
|
||||||
if (/^(Eingebettete[rs]?|Embedded) (Video|Audio)/i.test(el.getAttribute('aria-label'))) {
|
|
||||||
el.remove()
|
|
||||||
}
|
|
||||||
})
|
|
||||||
// Alpine.js widget overlays: x-cloak marks elements that should be hidden
|
|
||||||
// until Alpine.js initialises (prevents FOUC). These are always widget
|
|
||||||
// containers (e.g. taz's "taz schneller googeln" promo), never article
|
|
||||||
// content, so they're safe to remove unconditionally.
|
|
||||||
doc.querySelectorAll('[x-cloak]').forEach(el => el.remove())
|
|
||||||
// taz subscription promo blocks: a standalone <section> whose link(s) point
|
|
||||||
// to an /abo/ subscription page. Only climb to <section>, not <article>,
|
|
||||||
// to avoid accidentally removing the main article body.
|
|
||||||
doc.querySelectorAll('a[href*="/abo/"]').forEach(el => {
|
|
||||||
const container = el.closest('section')
|
|
||||||
if (container) container.remove()
|
|
||||||
})
|
|
||||||
// taz "Mehr zum Thema" related-articles teaser section.
|
|
||||||
doc.querySelectorAll('#articleTeaser').forEach(el => el.remove())
|
|
||||||
// taz subsidiary magazine promo blocks (e.g. taz FUTURZWEI): the promo
|
|
||||||
// <article> carries an aria-label containing "Abo".
|
|
||||||
doc.querySelectorAll('article[aria-label*="Abo"]').forEach(el => {
|
|
||||||
const container = el.closest('section') ?? el
|
|
||||||
container.remove()
|
|
||||||
})
|
|
||||||
const article = new Readability(doc).parse();
|
|
||||||
if (!article) {
|
|
||||||
showMessageForXSeconds('Could not extract readable content.', 5)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
feeds.value[index].content = article.content;
|
|
||||||
feeds.value[index].readable = true;
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error fetching data:', error)
|
|
||||||
showMessageForXSeconds(error, 5)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function markRead(id) {
|
|
||||||
try {
|
|
||||||
const response = await axios.put("/api/v1/article/read/" + id, null, authHeaders())
|
|
||||||
console.log(response.status)
|
|
||||||
} catch (error) {
|
|
||||||
console.log(error)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
const fetchData = async () => {
|
|
||||||
const user_id = localStorage.getItem("user-id")
|
|
||||||
try {
|
|
||||||
const response = await axios.get("/api/v1/article/get/" + user_id, authHeaders());
|
|
||||||
const items = [];
|
|
||||||
response.data.feeds.forEach(feed => {
|
|
||||||
feed.items.forEach(item => items.push({ ...item, feedTitle: feed.title }));
|
|
||||||
});
|
|
||||||
// timestamps are zero-padded "YYYY-MM-DD HH:MM:SS" strings, so a plain
|
|
||||||
// lexicographic comparison sorts them chronologically.
|
|
||||||
items.sort((a, b) => b.timestamp.localeCompare(a.timestamp));
|
|
||||||
feeds.value = items;
|
|
||||||
await nextTick();
|
|
||||||
setupIntersectionObserver();
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error fetching data:', error)
|
|
||||||
showMessageForXSeconds(error, 5)
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
async function sync(silent = false) {
|
|
||||||
try {
|
|
||||||
const response = await axios.post('/api/v1/article/sync', {
|
|
||||||
user_id: parseInt(localStorage.getItem("user-id"))
|
|
||||||
}, authHeaders())
|
|
||||||
|
|
||||||
if (response.status == 200 && !silent) {
|
|
||||||
showMessageForXSeconds('Sync successful.', 5)
|
|
||||||
}
|
|
||||||
fetchData();
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error sync', error)
|
|
||||||
if (!silent) {
|
|
||||||
showMessageForXSeconds(error, 5)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function setupIntersectionObserver() {
|
|
||||||
if (observer) {
|
|
||||||
observer.disconnect();
|
|
||||||
}
|
|
||||||
|
|
||||||
// The sticky topbar overlays the top of the viewport, so an article fully
|
|
||||||
// hidden behind it should already count as "scrolled past" — shrink the
|
|
||||||
// observer's root by that height so it stops intersecting at that point.
|
|
||||||
const topbarHeight = document.querySelector('.app-nav')?.getBoundingClientRect().height ?? 0;
|
|
||||||
|
|
||||||
observer = new IntersectionObserver((entries) => handleIntersection(entries, topbarHeight), {
|
|
||||||
root: null, // Use the viewport as the root
|
|
||||||
rootMargin: `-${topbarHeight}px 0px 0px 0px`,
|
|
||||||
// threshold: 0.5, // Fire the callback when at least 50% of the element is visible
|
|
||||||
});
|
|
||||||
|
|
||||||
const observedDivs = document.querySelectorAll(".observe");
|
|
||||||
if (observedDivs.length > 0) {
|
|
||||||
observedDivs.forEach(observedDiv => {
|
|
||||||
observer.observe(observedDiv);
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function handleIntersection(entries, topbarHeight = 0) {
|
|
||||||
// Resolve all affected feeds before touching feeds.value — the target.id
|
|
||||||
// indices are render-time positions that shift once we splice the array.
|
|
||||||
const readFeeds = entries
|
|
||||||
.filter(entry => initialLoad === true && !entry.isIntersecting && entry.boundingClientRect.y < topbarHeight)
|
|
||||||
.map(entry => feeds.value[entry.target.id])
|
|
||||||
.filter(Boolean)
|
|
||||||
|
|
||||||
if (readFeeds.length === 0) return
|
|
||||||
|
|
||||||
// Disconnect before the DOM mutation. In card layout the cards are short
|
|
||||||
// enough that the shift caused by removing one can push the next card above
|
|
||||||
// the header, which the observer would immediately treat as another read —
|
|
||||||
// cascading until many articles disappear at once.
|
|
||||||
if (observer) {
|
|
||||||
observer.disconnect()
|
|
||||||
observer = null
|
|
||||||
}
|
|
||||||
|
|
||||||
const readIds = new Set(readFeeds.map(feed => feed.id))
|
|
||||||
feeds.value = feeds.value.filter(feed => !readIds.has(feed.id))
|
|
||||||
|
|
||||||
for (const feed of readFeeds) {
|
|
||||||
markRead(feed.id)
|
|
||||||
}
|
|
||||||
|
|
||||||
nextTick().then(() => {
|
|
||||||
// If scroll anchoring didn't compensate for the removed content (common
|
|
||||||
// with position:fixed headers and overflow-x:hidden on body), the first
|
|
||||||
// remaining article will have drifted above the header. Correct the scroll
|
|
||||||
// position so it sits exactly at the header bottom before reconnecting —
|
|
||||||
// otherwise the initial observation would immediately mark everything above
|
|
||||||
// the topbar as read and cascade until the list is empty.
|
|
||||||
const first = document.querySelector('.observe')
|
|
||||||
if (first) {
|
|
||||||
const top = first.getBoundingClientRect().top
|
|
||||||
if (top < topbarHeight) {
|
|
||||||
window.scrollBy(0, top - topbarHeight)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
setupIntersectionObserver()
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
function setInitialLoad(value) {
|
|
||||||
initialLoad = value
|
|
||||||
}
|
|
||||||
|
|
||||||
async function markAllRead() {
|
|
||||||
if (feeds.value.length === 0) return
|
|
||||||
if (!window.confirm('Mark all articles as read?')) return
|
|
||||||
|
|
||||||
const ids = feeds.value.map(feed => feed.id)
|
|
||||||
feeds.value = []
|
|
||||||
currentIndex.value = 0
|
|
||||||
// markRead swallows its own errors, so Promise.all can't reject here.
|
|
||||||
await Promise.all(ids.map(id => markRead(id)))
|
|
||||||
showMessageForXSeconds('All articles marked as read.', 5)
|
|
||||||
}
|
|
||||||
|
|
||||||
function markCurrentArticleRead() {
|
|
||||||
const feed = feeds.value[currentIndex.value]
|
|
||||||
// Marking read here (rather than via removeFeed, as the scroll-based list
|
|
||||||
// view does) keeps the array stable so currentIndex stays valid while paging.
|
|
||||||
// The local `read` flag lets leaveArticleView() drop these once we're done.
|
|
||||||
if (feed) {
|
|
||||||
feed.read = true
|
|
||||||
markRead(feed.id)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function leaveArticleView() {
|
|
||||||
// Articles paged past in article view were marked read but deliberately kept
|
|
||||||
// in place so currentIndex stayed valid — drop them now so they don't keep
|
|
||||||
// showing up in the list view.
|
|
||||||
feeds.value = feeds.value.filter(feed => !feed.read)
|
|
||||||
currentIndex.value = 0
|
|
||||||
viewMode.value = 'list'
|
|
||||||
// The v-if on the list container tears down and recreates all .observe DOM
|
|
||||||
// nodes when switching views, so the intersection observer must be
|
|
||||||
// re-pointed at the new elements after Vue has finished rendering.
|
|
||||||
await nextTick()
|
|
||||||
setupIntersectionObserver()
|
|
||||||
}
|
|
||||||
|
|
||||||
function toggleViewMode() {
|
|
||||||
if (viewMode.value === 'article') {
|
|
||||||
leaveArticleView()
|
|
||||||
} else {
|
|
||||||
// Disconnect first: the v-if switch is about to unmount all .observe
|
|
||||||
// elements, which would otherwise fire intersection callbacks reporting
|
|
||||||
// them as no-longer-intersecting and mark every visible article read.
|
|
||||||
if (observer) {
|
|
||||||
observer.disconnect()
|
|
||||||
observer = null
|
|
||||||
}
|
|
||||||
viewMode.value = 'article'
|
|
||||||
currentIndex.value = 0
|
|
||||||
markCurrentArticleRead()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function toggleLayout() {
|
|
||||||
if (observer) {
|
|
||||||
observer.disconnect()
|
|
||||||
observer = null
|
|
||||||
}
|
|
||||||
window.scrollTo(0, 0)
|
|
||||||
layout.value = layout.value === 'list' ? 'cards' : 'list'
|
|
||||||
localStorage.setItem('layout', layout.value)
|
|
||||||
await nextTick()
|
|
||||||
setupIntersectionObserver()
|
|
||||||
}
|
|
||||||
|
|
||||||
function nextArticle() {
|
|
||||||
if (currentIndex.value < feeds.value.length - 1) {
|
|
||||||
currentIndex.value += 1
|
|
||||||
markCurrentArticleRead()
|
|
||||||
window.scrollTo(0, 0)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function prevArticle() {
|
|
||||||
if (currentIndex.value > 0) {
|
|
||||||
currentIndex.value -= 1
|
|
||||||
markCurrentArticleRead()
|
|
||||||
window.scrollTo(0, 0)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
export function useFeeds() {
|
|
||||||
return {
|
|
||||||
feeds,
|
|
||||||
showMessage,
|
|
||||||
message,
|
|
||||||
showModal,
|
|
||||||
viewMode,
|
|
||||||
currentIndex,
|
|
||||||
toggleViewMode,
|
|
||||||
leaveArticleView,
|
|
||||||
layout,
|
|
||||||
toggleLayout,
|
|
||||||
nextArticle,
|
|
||||||
prevArticle,
|
|
||||||
fetchData,
|
|
||||||
sync,
|
|
||||||
getReadable,
|
|
||||||
markRead,
|
|
||||||
markAllRead,
|
|
||||||
showMessageForXSeconds,
|
|
||||||
setupIntersectionObserver,
|
|
||||||
setInitialLoad,
|
|
||||||
handleIntersection,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,79 +0,0 @@
|
|||||||
import { ref } from 'vue'
|
|
||||||
|
|
||||||
const HEADLINE_FONT_OPTIONS = [
|
|
||||||
{ key: 'default', label: 'Default (Glook)', value: "Glook, 'Courier New'" },
|
|
||||||
{ key: 'playfair', label: 'Playfair Display', value: "'Playfair Display', Georgia, serif" },
|
|
||||||
{ key: 'lora', label: 'Lora', value: "Lora, Georgia, serif" },
|
|
||||||
{ key: 'raleway', label: 'Raleway', value: "Raleway, -apple-system, sans-serif" },
|
|
||||||
{ key: 'inter', label: 'Inter', value: "Inter, -apple-system, sans-serif" },
|
|
||||||
]
|
|
||||||
|
|
||||||
const CONTENT_FONT_OPTIONS = [
|
|
||||||
{ key: 'default', label: 'Default (Merriweather)', value: "Merriweather, Georgia, 'Times New Roman', Times, serif" },
|
|
||||||
{ key: 'lora', label: 'Lora', value: "Lora, Georgia, serif" },
|
|
||||||
{ key: 'source-serif', label: 'Source Serif 4', value: "'Source Serif 4', Georgia, serif" },
|
|
||||||
{ key: 'inter', label: 'Inter', value: "Inter, -apple-system, sans-serif" },
|
|
||||||
{ key: 'playfair', label: 'Playfair Display', value: "'Playfair Display', Georgia, serif" },
|
|
||||||
]
|
|
||||||
|
|
||||||
const SIZE_STEPS = [0.85, 1, 1.2, 1.45]
|
|
||||||
const SIZE_LABELS = ['S', 'M', 'L', 'XL']
|
|
||||||
|
|
||||||
const headlineSizeScale = ref(parseFloat(localStorage.getItem('s-headline-size') ?? '1'))
|
|
||||||
const contentSizeScale = ref(parseFloat(localStorage.getItem('s-content-size') ?? '1'))
|
|
||||||
const headlineFontKey = ref(localStorage.getItem('s-headline-font') ?? 'default')
|
|
||||||
const contentFontKey = ref(localStorage.getItem('s-content-font') ?? 'default')
|
|
||||||
|
|
||||||
function fontValue(options, key) {
|
|
||||||
return (options.find(o => o.key === key) ?? options[0]).value
|
|
||||||
}
|
|
||||||
|
|
||||||
function applySettings() {
|
|
||||||
const s = document.documentElement.style
|
|
||||||
s.setProperty('--headline-font-size-scale', headlineSizeScale.value)
|
|
||||||
s.setProperty('--content-font-size-scale', contentSizeScale.value)
|
|
||||||
s.setProperty('--headline-font-family', fontValue(HEADLINE_FONT_OPTIONS, headlineFontKey.value))
|
|
||||||
s.setProperty('--content-font-family', fontValue(CONTENT_FONT_OPTIONS, contentFontKey.value))
|
|
||||||
}
|
|
||||||
|
|
||||||
function setHeadlineSize(scale) {
|
|
||||||
headlineSizeScale.value = scale
|
|
||||||
localStorage.setItem('s-headline-size', scale)
|
|
||||||
applySettings()
|
|
||||||
}
|
|
||||||
|
|
||||||
function setContentSize(scale) {
|
|
||||||
contentSizeScale.value = scale
|
|
||||||
localStorage.setItem('s-content-size', scale)
|
|
||||||
applySettings()
|
|
||||||
}
|
|
||||||
|
|
||||||
function setHeadlineFont(key) {
|
|
||||||
headlineFontKey.value = key
|
|
||||||
localStorage.setItem('s-headline-font', key)
|
|
||||||
applySettings()
|
|
||||||
}
|
|
||||||
|
|
||||||
function setContentFont(key) {
|
|
||||||
contentFontKey.value = key
|
|
||||||
localStorage.setItem('s-content-font', key)
|
|
||||||
applySettings()
|
|
||||||
}
|
|
||||||
|
|
||||||
export function useSettings() {
|
|
||||||
return {
|
|
||||||
headlineSizeScale,
|
|
||||||
contentSizeScale,
|
|
||||||
headlineFontKey,
|
|
||||||
contentFontKey,
|
|
||||||
SIZE_STEPS,
|
|
||||||
SIZE_LABELS,
|
|
||||||
HEADLINE_FONT_OPTIONS,
|
|
||||||
CONTENT_FONT_OPTIONS,
|
|
||||||
applySettings,
|
|
||||||
setHeadlineSize,
|
|
||||||
setContentSize,
|
|
||||||
setHeadlineFont,
|
|
||||||
setContentFont,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,28 +1,8 @@
|
|||||||
import './assets/main.css'
|
import './assets/main.css'
|
||||||
|
|
||||||
import axios from 'axios'
|
|
||||||
import { createApp } from 'vue'
|
import { createApp } from 'vue'
|
||||||
import App from './App.vue'
|
import App from './App.vue'
|
||||||
import router from './router'
|
import router from './router'
|
||||||
|
|
||||||
// A 401 means the server has rejected the token (missing, expired, or
|
|
||||||
// revoked via logout/token_version bump elsewhere). Drop the stale session
|
|
||||||
// and send the user back to login rather than leaving them on a page where
|
|
||||||
// every request silently fails.
|
|
||||||
axios.interceptors.response.use(
|
|
||||||
(response) => response,
|
|
||||||
(error) => {
|
|
||||||
if (error.response?.status === 401) {
|
|
||||||
localStorage.removeItem('user-token')
|
|
||||||
localStorage.removeItem('user-id')
|
|
||||||
if (router.currentRoute.value.name !== 'login') {
|
|
||||||
router.push({ name: 'login' })
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return Promise.reject(error)
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
const app = createApp(App)
|
const app = createApp(App)
|
||||||
|
|
||||||
app.use(router)
|
app.use(router)
|
||||||
|
|||||||
@@ -1,30 +0,0 @@
|
|||||||
import { describe, it, expect, beforeEach } from 'vitest'
|
|
||||||
import router from '../index'
|
|
||||||
|
|
||||||
describe('router auth guard', () => {
|
|
||||||
beforeEach(() => {
|
|
||||||
localStorage.clear()
|
|
||||||
})
|
|
||||||
|
|
||||||
it('redirects unauthenticated users away from protected routes', async () => {
|
|
||||||
await router.push('/feeds')
|
|
||||||
|
|
||||||
expect(router.currentRoute.value.name).toBe('login')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('lets authenticated users reach protected routes', async () => {
|
|
||||||
localStorage.setItem('user-token', 'abc123')
|
|
||||||
|
|
||||||
await router.push('/feeds')
|
|
||||||
|
|
||||||
expect(router.currentRoute.value.name).toBe('feeds')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('redirects the root path to the feeds route', async () => {
|
|
||||||
localStorage.setItem('user-token', 'abc123')
|
|
||||||
|
|
||||||
await router.push('/')
|
|
||||||
|
|
||||||
expect(router.currentRoute.value.name).toBe('feeds')
|
|
||||||
})
|
|
||||||
})
|
|
||||||
+15
-8
@@ -1,27 +1,32 @@
|
|||||||
import { createRouter, createWebHistory } from 'vue-router'
|
import { createRouter, createWebHistory } from 'vue-router'
|
||||||
|
import HomeView from '../views/HomeView.vue'
|
||||||
|
|
||||||
const router = createRouter({
|
const router = createRouter({
|
||||||
history: createWebHistory(import.meta.env.BASE_URL),
|
history: createWebHistory(import.meta.env.BASE_URL),
|
||||||
scrollBehavior: () => ({ top: 0, behavior: 'instant' }),
|
|
||||||
routes: [
|
routes: [
|
||||||
{
|
{
|
||||||
path: '/',
|
path: '/',
|
||||||
redirect: '/feeds',
|
name: 'home',
|
||||||
|
component: HomeView,
|
||||||
|
meta: { requiresAuth: true }, // Add a meta field to indicate that this route requires authentication
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
path: '/feeds',
|
path: '/feeds',
|
||||||
name: 'feeds',
|
name: 'feeds',
|
||||||
// route level code-splitting
|
// route level code-splitting
|
||||||
// this generates a separate chunk (Feed.[hash].js) for this route
|
// this generates a separate chunk (About.[hash].js) for this route
|
||||||
// which is lazy-loaded when the route is visited.
|
// which is lazy-loaded when the route is visited.
|
||||||
component: () => import('../views/FeedView.vue'),
|
component: () => import('../views/FeedView.vue'),
|
||||||
meta: { requiresAuth: true },
|
meta: { requiresAuth: true }, // Add a meta field to indicate that this route requires authentication
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
path: '/admin',
|
path: '/about',
|
||||||
name: 'admin',
|
name: 'about',
|
||||||
component: () => import('../views/AdminView.vue'),
|
// route level code-splitting
|
||||||
meta: { requiresAuth: true },
|
// this generates a separate chunk (About.[hash].js) for this route
|
||||||
|
// which is lazy-loaded when the route is visited.
|
||||||
|
component: () => import('../views/AboutView.vue'),
|
||||||
|
meta: { requiresAuth: true }, // Add a meta field to indicate that this route requires authentication
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
path: '/login',
|
path: '/login',
|
||||||
@@ -33,11 +38,13 @@ const router = createRouter({
|
|||||||
})
|
})
|
||||||
router.beforeEach((to, from, next) => {
|
router.beforeEach((to, from, next) => {
|
||||||
if (to.meta.requiresAuth) {
|
if (to.meta.requiresAuth) {
|
||||||
|
// TODO Check if the user is authenticated (e.g., check for a valid token)
|
||||||
let isAuthenticated = false;
|
let isAuthenticated = false;
|
||||||
if (localStorage.getItem("user-token") != null){
|
if (localStorage.getItem("user-token") != null){
|
||||||
isAuthenticated = true;
|
isAuthenticated = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (!isAuthenticated) {
|
if (!isAuthenticated) {
|
||||||
// Redirect to the login page
|
// Redirect to the login page
|
||||||
next('/login');
|
next('/login');
|
||||||
|
|||||||
@@ -0,0 +1,15 @@
|
|||||||
|
<template>
|
||||||
|
<div class="about">
|
||||||
|
<h1>This is an about page</h1>
|
||||||
|
</div>
|
||||||
|
</template>
|
||||||
|
|
||||||
|
<style>
|
||||||
|
@media (min-width: 1024px) {
|
||||||
|
.about {
|
||||||
|
min-height: 100vh;
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</style>
|
||||||
@@ -1,11 +0,0 @@
|
|||||||
<script setup>
|
|
||||||
import AdminFeeds from '../components/AdminFeeds.vue'
|
|
||||||
import AdminSettings from '../components/AdminSettings.vue'
|
|
||||||
</script>
|
|
||||||
|
|
||||||
<template>
|
|
||||||
<main>
|
|
||||||
<AdminSettings />
|
|
||||||
<AdminFeeds />
|
|
||||||
</main>
|
|
||||||
</template>
|
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user