Move macaron to chi (#14293)

Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>

8 files changed, 86 insertions, 64 deletions

diff --git a/routers/private/hook.go b/routers/private/hook.go
index 34e849f6f7..853d3069ec 100644
--- a/routers/private/hook.go
+++ b/routers/private/hook.go
@@ -15,16 +15,16 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/models"
+	gitea_context "code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/web"
 	pull_service "code.gitea.io/gitea/services/pull"
 	repo_service "code.gitea.io/gitea/services/repository"
-
-	"gitea.com/macaron/macaron"
 )
 
 func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env []string) error {
@@ -117,7 +117,8 @@ func isErrUnverifiedCommit(err error) bool {
 }
 
 // HookPreReceive checks whether a individual commit is acceptable
-func HookPreReceive(ctx *macaron.Context, opts private.HookOptions) {
+func HookPreReceive(ctx *gitea_context.PrivateContext) {
+	opts := web.GetForm(ctx).(*private.HookOptions)
 	ownerName := ctx.Params(":owner")
 	repoName := ctx.Params(":repo")
 	repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName)
@@ -370,7 +371,8 @@ func HookPreReceive(ctx *macaron.Context, opts private.HookOptions) {
 }
 
 // HookPostReceive updates services and users
-func HookPostReceive(ctx *macaron.Context, opts private.HookOptions) {
+func HookPostReceive(ctx *gitea_context.PrivateContext) {
+	opts := web.GetForm(ctx).(*private.HookOptions)
 	ownerName := ctx.Params(":owner")
 	repoName := ctx.Params(":repo")
 
@@ -540,7 +542,7 @@ func HookPostReceive(ctx *macaron.Context, opts private.HookOptions) {
 }
 
 // SetDefaultBranch updates the default branch
-func SetDefaultBranch(ctx *macaron.Context) {
+func SetDefaultBranch(ctx *gitea_context.PrivateContext) {
 	ownerName := ctx.Params(":owner")
 	repoName := ctx.Params(":repo")
 	branch := ctx.Params(":branch")
diff --git a/routers/private/internal.go b/routers/private/internal.go
index 4fb267a49a..e541591a38 100644
--- a/routers/private/internal.go
+++ b/routers/private/internal.go
@@ -6,47 +6,69 @@
 package private
 
 import (
+	"net/http"
+	"reflect"
 	"strings"
 
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/web"
 
-	"gitea.com/macaron/binding"
-	"gitea.com/macaron/macaron"
+	"gitea.com/go-chi/binding"
 )
 
 // CheckInternalToken check internal token is set
-func CheckInternalToken(ctx *macaron.Context) {
-	tokens := ctx.Req.Header.Get("Authorization")
-	fields := strings.Fields(tokens)
-	if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken {
-		log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens)
-		ctx.Error(403)
+func CheckInternalToken(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		tokens := req.Header.Get("Authorization")
+		fields := strings.Fields(tokens)
+		if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken {
+			log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens)
+			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
+		} else {
+			next.ServeHTTP(w, req)
+		}
+	})
+}
+
+// bind binding an obj to a handler
+func bind(obj interface{}) http.HandlerFunc {
+	var tp = reflect.TypeOf(obj)
+	for tp.Kind() == reflect.Ptr {
+		tp = tp.Elem()
 	}
+	return web.Wrap(func(ctx *context.PrivateContext) {
+		var theObj = reflect.New(tp).Interface() // create a new form obj for every request but not use obj directly
+		binding.Bind(ctx.Req, theObj)
+		web.SetForm(ctx, theObj)
+	})
 }
 
-// RegisterRoutes registers all internal APIs routes to web application.
+// Routes registers all internal APIs routes to web application.
 // These APIs will be invoked by internal commands for example `gitea serv` and etc.
-func RegisterRoutes(m *macaron.Macaron) {
-	bind := binding.Bind
-
-	m.Group("/", func() {
-		m.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent)
-		m.Post("/ssh/:id/update/:repoid", UpdatePublicKeyInRepo)
-		m.Post("/hook/pre-receive/:owner/:repo", bind(private.HookOptions{}), HookPreReceive)
-		m.Post("/hook/post-receive/:owner/:repo", bind(private.HookOptions{}), HookPostReceive)
-		m.Post("/hook/set-default-branch/:owner/:repo/:branch", SetDefaultBranch)
-		m.Get("/serv/none/:keyid", ServNoCommand)
-		m.Get("/serv/command/:keyid/:owner/:repo", ServCommand)
-		m.Post("/manager/shutdown", Shutdown)
-		m.Post("/manager/restart", Restart)
-		m.Post("/manager/flush-queues", bind(private.FlushOptions{}), FlushQueues)
-		m.Post("/manager/pause-logging", PauseLogging)
-		m.Post("/manager/resume-logging", ResumeLogging)
-		m.Post("/manager/release-and-reopen-logging", ReleaseReopenLogging)
-		m.Post("/manager/add-logger", bind(private.LoggerOptions{}), AddLogger)
-		m.Post("/manager/remove-logger/:group/:name", RemoveLogger)
-		m.Post("/mail/send", SendEmail)
-	}, CheckInternalToken)
+func Routes() *web.Route {
+	var r = web.NewRoute()
+	r.Use(context.PrivateContexter())
+	r.Use(CheckInternalToken)
+
+	r.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent)
+	r.Post("/ssh/{id}/update/{repoid}", UpdatePublicKeyInRepo)
+	r.Post("/hook/pre-receive/{owner}/{repo}", bind(private.HookOptions{}), HookPreReceive)
+	r.Post("/hook/post-receive/{owner}/{repo}", bind(private.HookOptions{}), HookPostReceive)
+	r.Post("/hook/set-default-branch/{owner}/{repo}/{branch}", SetDefaultBranch)
+	r.Get("/serv/none/{keyid}", ServNoCommand)
+	r.Get("/serv/command/{keyid}/{owner}/{repo}", ServCommand)
+	r.Post("/manager/shutdown", Shutdown)
+	r.Post("/manager/restart", Restart)
+	r.Post("/manager/flush-queues", bind(private.FlushOptions{}), FlushQueues)
+	r.Post("/manager/pause-logging", PauseLogging)
+	r.Post("/manager/resume-logging", ResumeLogging)
+	r.Post("/manager/release-and-reopen-logging", ReleaseReopenLogging)
+	r.Post("/manager/add-logger", bind(private.LoggerOptions{}), AddLogger)
+	r.Post("/manager/remove-logger/{group}/{name}", RemoveLogger)
+	r.Post("/mail/send", SendEmail)
+
+	return r
 }
diff --git a/routers/private/key.go b/routers/private/key.go
index c00330fe88..b90faa22a4 100644
--- a/routers/private/key.go
+++ b/routers/private/key.go
@@ -9,13 +9,12 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/timeutil"
-
-	"gitea.com/macaron/macaron"
 )
 
 // UpdatePublicKeyInRepo update public key and deploy key updates
-func UpdatePublicKeyInRepo(ctx *macaron.Context) {
+func UpdatePublicKeyInRepo(ctx *context.PrivateContext) {
 	keyID := ctx.ParamsInt64(":id")
 	repoID := ctx.ParamsInt64(":repoid")
 	if err := models.UpdatePublicKeyUpdated(keyID); err != nil {
@@ -49,7 +48,7 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
 
 // AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
 // and returns public key found.
-func AuthorizedPublicKeyByContent(ctx *macaron.Context) {
+func AuthorizedPublicKeyByContent(ctx *context.PrivateContext) {
 	content := ctx.Query("content")
 
 	publicKey, err := models.SearchPublicKeyByContent(content)
diff --git a/routers/private/mail.go b/routers/private/mail.go
index b3b21d042f..330de14c46 100644
--- a/routers/private/mail.go
+++ b/routers/private/mail.go
@@ -11,17 +11,17 @@ import (
 	"strconv"
 
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/services/mailer"
-	"gitea.com/macaron/macaron"
 )
 
 // SendEmail pushes messages to mail queue
 //
 // It doesn't wait before each message will be processed
-func SendEmail(ctx *macaron.Context) {
+func SendEmail(ctx *context.PrivateContext) {
 	if setting.MailService == nil {
 		ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
 			"err": "Mail service is not enabled.",
@@ -30,7 +30,7 @@ func SendEmail(ctx *macaron.Context) {
 	}
 
 	var mail private.Email
-	rd := ctx.Req.Body().ReadCloser()
+	rd := ctx.Req.Body
 	defer rd.Close()
 	if err := json.NewDecoder(rd).Decode(&mail); err != nil {
 		log.Error("%v", err)
@@ -77,7 +77,7 @@ func SendEmail(ctx *macaron.Context) {
 	sendEmail(ctx, mail.Subject, mail.Message, emails)
 }
 
-func sendEmail(ctx *macaron.Context, subject, message string, to []string) {
+func sendEmail(ctx *context.PrivateContext, subject, message string, to []string) {
 	for _, email := range to {
 		msg := mailer.NewMessage([]string{email}, subject, message)
 		mailer.SendAsync(msg)
diff --git a/routers/private/manager.go b/routers/private/manager.go
index 67bd92003f..e5b4583fd1 100644
--- a/routers/private/manager.go
+++ b/routers/private/manager.go
@@ -9,17 +9,18 @@ import (
 	"fmt"
 	"net/http"
 
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/queue"
 	"code.gitea.io/gitea/modules/setting"
-
-	"gitea.com/macaron/macaron"
+	"code.gitea.io/gitea/modules/web"
 )
 
 // FlushQueues flushes all the Queues
-func FlushQueues(ctx *macaron.Context, opts private.FlushOptions) {
+func FlushQueues(ctx *context.PrivateContext) {
+	opts := web.GetForm(ctx).(*private.FlushOptions)
 	if opts.NonBlocking {
 		// Save the hammer ctx here - as a new one is created each time you call this.
 		baseCtx := graceful.GetManager().HammerContext()
@@ -34,7 +35,7 @@ func FlushQueues(ctx *macaron.Context, opts private.FlushOptions) {
 		})
 		return
 	}
-	err := queue.GetManager().FlushAll(ctx.Req.Request.Context(), opts.Timeout)
+	err := queue.GetManager().FlushAll(ctx.Req.Context(), opts.Timeout)
 	if err != nil {
 		ctx.JSON(http.StatusRequestTimeout, map[string]interface{}{
 			"err": fmt.Sprintf("%v", err),
@@ -44,19 +45,19 @@ func FlushQueues(ctx *macaron.Context, opts private.FlushOptions) {
 }
 
 // PauseLogging pauses logging
-func PauseLogging(ctx *macaron.Context) {
+func PauseLogging(ctx *context.PrivateContext) {
 	log.Pause()
 	ctx.PlainText(http.StatusOK, []byte("success"))
 }
 
 // ResumeLogging resumes logging
-func ResumeLogging(ctx *macaron.Context) {
+func ResumeLogging(ctx *context.PrivateContext) {
 	log.Resume()
 	ctx.PlainText(http.StatusOK, []byte("success"))
 }
 
 // ReleaseReopenLogging releases and reopens logging files
-func ReleaseReopenLogging(ctx *macaron.Context) {
+func ReleaseReopenLogging(ctx *context.PrivateContext) {
 	if err := log.ReleaseReopen(); err != nil {
 		ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
 			"err": fmt.Sprintf("Error during release and reopen: %v", err),
@@ -67,7 +68,7 @@ func ReleaseReopenLogging(ctx *macaron.Context) {
 }
 
 // RemoveLogger removes a logger
-func RemoveLogger(ctx *macaron.Context) {
+func RemoveLogger(ctx *context.PrivateContext) {
 	group := ctx.Params("group")
 	name := ctx.Params("name")
 	ok, err := log.GetLogger(group).DelLogger(name)
@@ -84,7 +85,8 @@ func RemoveLogger(ctx *macaron.Context) {
 }
 
 // AddLogger adds a logger
-func AddLogger(ctx *macaron.Context, opts private.LoggerOptions) {
+func AddLogger(ctx *context.PrivateContext) {
+	opts := web.GetForm(ctx).(*private.LoggerOptions)
 	if len(opts.Group) == 0 {
 		opts.Group = log.DEFAULT
 	}
diff --git a/routers/private/manager_unix.go b/routers/private/manager_unix.go
index ec5e976059..60ae9b68e8 100644
--- a/routers/private/manager_unix.go
+++ b/routers/private/manager_unix.go
@@ -9,20 +9,19 @@ package private
 import (
 	"net/http"
 
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/graceful"
-
-	"gitea.com/macaron/macaron"
 )
 
 // Restart causes the server to perform a graceful restart
-func Restart(ctx *macaron.Context) {
+func Restart(ctx *context.PrivateContext) {
 	graceful.GetManager().DoGracefulRestart()
 	ctx.PlainText(http.StatusOK, []byte("success"))
 
 }
 
 // Shutdown causes the server to perform a graceful shutdown
-func Shutdown(ctx *macaron.Context) {
+func Shutdown(ctx *context.PrivateContext) {
 	graceful.GetManager().DoGracefulShutdown()
 	ctx.PlainText(http.StatusOK, []byte("success"))
 }
diff --git a/routers/private/manager_windows.go b/routers/private/manager_windows.go
index ac840a9d81..244dbbe4df 100644
--- a/routers/private/manager_windows.go
+++ b/routers/private/manager_windows.go
@@ -9,20 +9,19 @@ package private
 import (
 	"net/http"
 
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/graceful"
-
-	"gitea.com/macaron/macaron"
 )
 
 // Restart is not implemented for Windows based servers as they can't fork
-func Restart(ctx *macaron.Context) {
+func Restart(ctx *context.PrivateContext) {
 	ctx.JSON(http.StatusNotImplemented, map[string]interface{}{
 		"err": "windows servers cannot be gracefully restarted - shutdown and restart manually",
 	})
 }
 
 // Shutdown causes the server to perform a graceful shutdown
-func Shutdown(ctx *macaron.Context) {
+func Shutdown(ctx *context.PrivateContext) {
 	graceful.GetManager().DoGracefulShutdown()
 	ctx.PlainText(http.StatusOK, []byte("success"))
 }
diff --git a/routers/private/serv.go b/routers/private/serv.go
index 90e1d30b01..1461194e7f 100644
--- a/routers/private/serv.go
+++ b/routers/private/serv.go
@@ -11,17 +11,16 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
 	repo_service "code.gitea.io/gitea/services/repository"
 	wiki_service "code.gitea.io/gitea/services/wiki"
-
-	"gitea.com/macaron/macaron"
 )
 
 // ServNoCommand returns information about the provided keyid
-func ServNoCommand(ctx *macaron.Context) {
+func ServNoCommand(ctx *context.PrivateContext) {
 	keyID := ctx.ParamsInt64(":keyid")
 	if keyID <= 0 {
 		ctx.JSON(http.StatusBadRequest, map[string]interface{}{
@@ -73,7 +72,7 @@ func ServNoCommand(ctx *macaron.Context) {
 }
 
 // ServCommand returns information about the provided keyid
-func ServCommand(ctx *macaron.Context) {
+func ServCommand(ctx *context.PrivateContext) {
 	keyID := ctx.ParamsInt64(":keyid")
 	ownerName := ctx.Params(":owner")
 	repoName := ctx.Params(":repo")