Remove dependent on session auth for api/v1 routers (#19321)

* Remove dependent on session auth for api/v1 routers * Remove unnecessary session on API context * remove missed header * fix test * fix missed api/v1
author: Lunny Xiao <xiaolunwen@gmail.com> 2022-04-08 12:22:10 +0800
committer: GitHub <noreply@github.com> 2022-04-08 06:22:10 +0200
commit: 3c3d49899f0f7206e190bdeecdc4da248cc7e686 (patch)
tree: 7d1f57f7655142b47b5adeb197943c74c1e6f8c9 /routers/web
parent: 75f8534c3a8678f4b55e557960450230cf909b93 (diff)
download: gitea-3c3d49899f0f7206e190bdeecdc4da248cc7e686.tar.gz
gitea-3c3d49899f0f7206e190bdeecdc4da248cc7e686.zip
3 files changed, 135 insertions, 3 deletions
diff --git a/routers/web/misc/markdown.go b/routers/web/misc/markdown.go
new file mode 100644
index 0000000000..b37aaf10ff
--- /dev/null
+++ b/routers/web/misc/markdown.go
@@ -0,0 +1,98 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package misc
+
+import (
+	"net/http"
+	"strings"
+
+	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/markup/markdown"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/web"
+	"mvdan.cc/xurls/v2"
+)
+
+// Markdown render markdown document to HTML
+func Markdown(ctx *context.Context) {
+	// swagger:operation POST /markdown miscellaneous renderMarkdown
+	// ---
+	// summary: Render a markdown document as HTML
+	// parameters:
+	// - name: body
+	//   in: body
+	//   schema:
+	//     "$ref": "#/definitions/MarkdownOption"
+	// consumes:
+	// - application/json
+	// produces:
+	//     - text/html
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/MarkdownRender"
+	//   "422":
+	//     "$ref": "#/responses/validationError"
+
+	form := web.GetForm(ctx).(*api.MarkdownOption)
+
+	if ctx.HasAPIError() {
+		ctx.Error(http.StatusUnprocessableEntity, "", ctx.GetErrMsg())
+		return
+	}
+
+	if len(form.Text) == 0 {
+		_, _ = ctx.Write([]byte(""))
+		return
+	}
+
+	switch form.Mode {
+	case "comment":
+		fallthrough
+	case "gfm":
+		urlPrefix := form.Context
+		meta := map[string]string{}
+		if !strings.HasPrefix(setting.AppSubURL+"/", urlPrefix) {
+			// check if urlPrefix is already set to a URL
+			linkRegex, _ := xurls.StrictMatchingScheme("https?://")
+			m := linkRegex.FindStringIndex(urlPrefix)
+			if m == nil {
+				urlPrefix = util.URLJoin(setting.AppURL, form.Context)
+			}
+		}
+		if ctx.Repo != nil && ctx.Repo.Repository != nil {
+			// "gfm" = Github Flavored Markdown - set this to render as a document
+			if form.Mode == "gfm" {
+				meta = ctx.Repo.Repository.ComposeDocumentMetas()
+			} else {
+				meta = ctx.Repo.Repository.ComposeMetas()
+			}
+		}
+		if form.Mode == "gfm" {
+			meta["mode"] = "document"
+		}
+
+		if err := markdown.Render(&markup.RenderContext{
+			Ctx:       ctx,
+			URLPrefix: urlPrefix,
+			Metas:     meta,
+			IsWiki:    form.Wiki,
+		}, strings.NewReader(form.Text), ctx.Resp); err != nil {
+			ctx.Error(http.StatusInternalServerError, err.Error())
+			return
+		}
+	default:
+		if err := markdown.RenderRaw(&markup.RenderContext{
+			Ctx:       ctx,
+			URLPrefix: form.Context,
+		}, strings.NewReader(form.Text), ctx.Resp); err != nil {
+			ctx.Error(http.StatusInternalServerError, err.Error())
+			return
+		}
+	}
+}
diff --git a/routers/web/misc/swagger.go b/routers/web/misc/swagger.go
new file mode 100644
index 0000000000..e46d4194b4
--- /dev/null
+++ b/routers/web/misc/swagger.go
@@ -0,0 +1,21 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package misc
+
+import (
+	"net/http"
+
+	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/context"
+)
+
+// tplSwagger swagger page template
+const tplSwagger base.TplName = "swagger/ui"
+
+// Swagger render swagger-ui page with v1 json
+func Swagger(ctx *context.Context) {
+	ctx.Data["APIJSONVersion"] = "v1"
+	ctx.HTML(http.StatusOK, tplSwagger)
+}
diff --git a/routers/web/web.go b/routers/web/web.go
index 9a2e96aeec..190ab099e0 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -25,13 +25,13 @@ import (
 	"code.gitea.io/gitea/modules/validation"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/modules/web/routing"
-	"code.gitea.io/gitea/routers/api/v1/misc"
 	"code.gitea.io/gitea/routers/web/admin"
 	"code.gitea.io/gitea/routers/web/auth"
 	"code.gitea.io/gitea/routers/web/dev"
 	"code.gitea.io/gitea/routers/web/events"
 	"code.gitea.io/gitea/routers/web/explore"
 	"code.gitea.io/gitea/routers/web/feed"
+	"code.gitea.io/gitea/routers/web/misc"
 	"code.gitea.io/gitea/routers/web/org"
 	"code.gitea.io/gitea/routers/web/repo"
 	"code.gitea.io/gitea/routers/web/user"
@@ -46,6 +46,7 @@ import (
 	_ "code.gitea.io/gitea/modules/session" // to registers all internal adapters
 
 	"gitea.com/go-chi/captcha"
+	"gitea.com/go-chi/session"
 	"github.com/NYTimes/gziphandler"
 	"github.com/go-chi/chi/v5/middleware"
 	"github.com/go-chi/cors"
@@ -85,7 +86,7 @@ func buildAuthGroup() *auth_service.Group {
 	group := auth_service.NewGroup(
 		&auth_service.OAuth2{}, // FIXME: this should be removed and only applied in download and oauth realted routers
 		&auth_service.Basic{},  // FIXME: this should be removed and only applied in download and git/lfs routers
-		auth_service.SharedSession,
+		&auth_service.Session{},
 	)
 	if setting.Service.EnableReverseProxyAuth {
 		group.Add(&auth_service.ReverseProxy{})
@@ -96,7 +97,7 @@ func buildAuthGroup() *auth_service.Group {
 }
 
 // Routes returns all web routes
-func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
+func Routes() *web.Route {
 	routes := web.NewRoute()
 
 	routes.Use(web.WrapWithPrefix(public.AssetsURLPathPrefix, public.AssetsHandlerFunc(&public.Options{
@@ -105,6 +106,17 @@ func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
 		CorsHandler: CorsHandler(),
 	}), "AssetsHandler"))
 
+	sessioner := session.Sessioner(session.Options{
+		Provider:       setting.SessionConfig.Provider,
+		ProviderConfig: setting.SessionConfig.ProviderConfig,
+		CookieName:     setting.SessionConfig.CookieName,
+		CookiePath:     setting.SessionConfig.CookiePath,
+		Gclifetime:     setting.SessionConfig.Gclifetime,
+		Maxlifetime:    setting.SessionConfig.Maxlifetime,
+		Secure:         setting.SessionConfig.Secure,
+		SameSite:       setting.SessionConfig.SameSite,
+		Domain:         setting.SessionConfig.Domain,
+	})
 	routes.Use(sessioner)
 
 	routes.Use(Recovery())
@@ -878,6 +890,7 @@ func RegisterRoutes(m *web.Route) {
 		m.Group("/comments/{id}", func() {
 			m.Get("/attachments", repo.GetCommentAttachments)
 		})
+		m.Post("/markdown", bindIgnErr(structs.MarkdownOption{}), misc.Markdown)
 		m.Group("/labels", func() {
 			m.Post("/new", bindIgnErr(forms.CreateLabelForm{}), repo.NewLabel)
 			m.Post("/edit", bindIgnErr(forms.CreateLabelForm{}), repo.UpdateLabel)
author	Lunny Xiao <xiaolunwen@gmail.com>	2022-04-08 12:22:10 +0800
committer	GitHub <noreply@github.com>	2022-04-08 06:22:10 +0200
commit	3c3d49899f0f7206e190bdeecdc4da248cc7e686 (patch)
tree	7d1f57f7655142b47b5adeb197943c74c1e6f8c9 /routers/web
parent	75f8534c3a8678f4b55e557960450230cf909b93 (diff)
download	gitea-3c3d49899f0f7206e190bdeecdc4da248cc7e686.tar.gz gitea-3c3d49899f0f7206e190bdeecdc4da248cc7e686.zip