vfs/alfheim-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

git-svn-id: svn://losandesgames.com/alfheim-website@39 15359d88-9307-4e75-a9c1-e5686e5897df

Browse Source
This commit is contained in:
Vicente Ferrari Smith 2025-02-18 13:29:02 +00:00
parent 7efedae78f
commit b07ce774ec
7 changed files with 520 additions and 462 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.vscode/launch.json vendored Normal file
View File

@ -0,0 +1,16 @@
{
// Use IntelliSense to learn about possible attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"name": "Attach to Remote",
"type": "go",
"request": "attach",
"mode": "remote",
"port": 4321,
"host": "45.76.84.7",
}
]
}

3
Makefile
View File

@ -16,5 +16,4 @@ deploy:
.PHONY: service .PHONY: service
service: service:
rsync -P alfheimgame.service alfheim@alfheimgame.com:/home/alfheim rsync -P alfheimgame.service alfheim@alfheimgame.com:/home/alfheim
rsync -P Caddyfile alfheim@alfheimgame.com:/home/alfheim ssh -t root@alfheimgame.com 'mv /home/alfheim/alfheimgame.service /etc/systemd/system && systemctl enable alfheimgame && systemctl restart alfheimgame'
ssh -t root@alfheimgame.com 'mv /home/alfheim/alfheimgame.service /etc/systemd/system && mv /home/alfheim/Caddyfile /etc/caddy && systemctl enable alfheimgame && systemctl restart alfheimgame'

1
alfheimgame.service
View File

@ -15,6 +15,7 @@ CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE
EnvironmentFile=/etc/environment EnvironmentFile=/etc/environment
WorkingDirectory=/home/alfheim/linux_amd64 WorkingDirectory=/home/alfheim/linux_amd64
#ExecStart=/go/bin/dlv --listen=:4321 --headless=true --log=true exec /home/alfheim/linux_amd64/alfheimgame -- -production
ExecStart=/home/alfheim/linux_amd64/alfheimgame -production ExecStart=/home/alfheim/linux_amd64/alfheimgame -production
Restart=on-failure Restart=on-failure

115
handlers.go
View File

@ -4,24 +4,28 @@
package main package main
import "fmt" import (
import "log" "encoding/json"
import "net/http" "errors"
import "html/template" "fmt"
import "encoding/json" "html/template"
"io"
"log"
"net/http"
"runtime/debug"
"strings"
"unicode/utf8"
"github.com/stripe/stripe-go/v78"
"github.com/stripe/stripe-go/v78/billingportal/session"
"github.com/stripe/stripe-go/v78/customer"
"github.com/stripe/stripe-go/v78/customersession"
"github.com/stripe/stripe-go/v78/price"
"github.com/stripe/stripe-go/v78/subscription"
"github.com/stripe/stripe-go/v78/webhook"
)
//import "strconv" //import "strconv"
import "strings"
import "unicode/utf8"
import "errors"
import "runtime/debug"
import "io/ioutil"
import "github.com/stripe/stripe-go/v78"
import "github.com/stripe/stripe-go/v78/price"
import "github.com/stripe/stripe-go/v78/customersession"
import "github.com/stripe/stripe-go/v78/billingportal/session"
import "github.com/stripe/stripe-go/v78/webhook"
import "github.com/stripe/stripe-go/v78/customer"
import "github.com/stripe/stripe-go/v78/subscription"
type TemplateData struct { type TemplateData struct {
AuthenticatedUser int32 AuthenticatedUser int32
@ -74,28 +78,28 @@ func home(w http.ResponseWriter, r *http.Request) {
} }
id := authenticated_user(w, r) id := authenticated_user(w, r)
account, err := users.GetAccount(id) account, _ := users.GetAccount(id)
activesubscription := subscriptions.HasActiveSubscription(id)
active_subscription := subscriptions.HasActiveSubscription(id)
text, err := template.ParseFiles("ui/base.html", "ui/index.html") text, err := template.ParseFiles("ui/base.html", "ui/index.html")
if err != nil { if err != nil {
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
log.Fatal(err) log.Println(err)
} }
switch r.Method { switch r.Method {
case http.MethodGet: case http.MethodGet:
err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, ActiveSubscription: active_subscription})
err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, ActiveSubscription: activesubscription})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
case http.MethodPost: case http.MethodPost:
err := text.Execute(w, TemplateData{}) err := text.Execute(w, TemplateData{})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
} }
@ -139,7 +143,7 @@ func login(w http.ResponseWriter, r *http.Request) {
err := text.Execute(w, TemplateData{AuthenticatedUser: authenticated_user(w, r), FormErrors: errors}) err := text.Execute(w, TemplateData{AuthenticatedUser: authenticated_user(w, r), FormErrors: errors})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
@ -151,7 +155,7 @@ func login(w http.ResponseWriter, r *http.Request) {
errors["generic"] = "Email or Password is incorrect" errors["generic"] = "Email or Password is incorrect"
err := text.Execute(w, TemplateData{AuthenticatedUser: authenticated_user(w, r), FormErrors: errors}) err := text.Execute(w, TemplateData{AuthenticatedUser: authenticated_user(w, r), FormErrors: errors})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
@ -171,11 +175,17 @@ func logout(w http.ResponseWriter, r *http.Request) {
text, err := template.ParseFiles("ui/base.html", "ui/logout.html") text, err := template.ParseFiles("ui/base.html", "ui/logout.html")
if err != nil { if err != nil {
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
log.Fatal(err) log.Println(err)
} }
id := authenticated_user(w, r) id := authenticated_user(w, r)
account, err := users.GetAccount(id) account, err := users.GetAccount(id)
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Println(err)
}
activesubscription := subscriptions.HasActiveSubscription(id) activesubscription := subscriptions.HasActiveSubscription(id)
switch r.Method { switch r.Method {
@ -183,7 +193,7 @@ func logout(w http.ResponseWriter, r *http.Request) {
err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, ActiveSubscription: activesubscription}) err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, ActiveSubscription: activesubscription})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
@ -200,18 +210,23 @@ func register(w http.ResponseWriter, r *http.Request) {
text, err := template.ParseFiles("ui/base.html", "ui/register.html") text, err := template.ParseFiles("ui/base.html", "ui/register.html")
if err != nil { if err != nil {
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
log.Fatal(err) log.Println(err)
} }
id := authenticated_user(w, r) id := authenticated_user(w, r)
account, err := users.GetAccount(id) account, err := users.GetAccount(id)
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Println(err)
}
switch r.Method { switch r.Method {
case http.MethodGet: case http.MethodGet:
err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account}) err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
@ -236,7 +251,7 @@ func register(w http.ResponseWriter, r *http.Request) {
err := text.Execute(w, TemplateData{AuthenticatedUser: authenticated_user(w, r), FormErrors: errors}) err := text.Execute(w, TemplateData{AuthenticatedUser: authenticated_user(w, r), FormErrors: errors})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
} }
@ -267,19 +282,24 @@ func account(w http.ResponseWriter, r *http.Request) {
id := authenticated_user(w, r) id := authenticated_user(w, r)
account, err := users.GetAccount(id) account, err := users.GetAccount(id)
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Println(err)
}
//log.Println(id, account) //log.Println(id, account)
text, err := template.ParseFiles("ui/base.html", "ui/account.html") text, err := template.ParseFiles("ui/base.html", "ui/account.html")
if err != nil { if err != nil {
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
log.Fatal(err) log.Println(err)
} }
switch r.Method { switch r.Method {
case http.MethodGet: case http.MethodGet:
err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account}) err := text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
} }
@ -301,7 +321,11 @@ func deleteaccount(w http.ResponseWriter, r *http.Request) {
log.Println("Deleting account with id ", id) log.Println("Deleting account with id ", id)
users.Delete(id) users.Delete(id)
session, _ := store.Get(r, "id") session, err := store.Get(r, "id")
if err != nil {
log.Println(err)
http.Error(w, "Internal Server Error", 500)
}
session.Values["id"] = 0 session.Values["id"] = 0
session.Save(r, w) session.Save(r, w)
@ -314,6 +338,11 @@ func subscribe(w http.ResponseWriter, r *http.Request) {
id := authenticated_user(w, r) id := authenticated_user(w, r)
account, err := users.GetAccount(id) account, err := users.GetAccount(id)
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Println(err)
}
params := &stripe.PriceListParams{} params := &stripe.PriceListParams{}
params.Limit = stripe.Int64(3) params.Limit = stripe.Int64(3)
params.AddExpand("data.product") params.AddExpand("data.product")
@ -335,13 +364,13 @@ func subscribe(w http.ResponseWriter, r *http.Request) {
text, err := template.New("base.html").Funcs(fm).ParseFiles("ui/base.html", "ui/subscribe.html") text, err := template.New("base.html").Funcs(fm).ParseFiles("ui/base.html", "ui/subscribe.html")
if err != nil { if err != nil {
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
log.Fatal(err) log.Println(err)
return return
} }
err = text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, Prices: prices}) err = text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, Prices: prices})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
} }
@ -350,6 +379,11 @@ func subscribe_stripe(w http.ResponseWriter, r *http.Request) {
id := authenticated_user(w, r) id := authenticated_user(w, r)
account, err := users.GetAccount(id) account, err := users.GetAccount(id)
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Println(err)
}
params := &stripe.CustomerSessionParams{ params := &stripe.CustomerSessionParams{
Customer: stripe.String(account.StripeID), Customer: stripe.String(account.StripeID),
Components: &stripe.CustomerSessionComponentsParams{ Components: &stripe.CustomerSessionComponentsParams{
@ -366,12 +400,12 @@ func subscribe_stripe(w http.ResponseWriter, r *http.Request) {
text, err := template.ParseFiles("ui/base.html", "ui/subscribe_stripe.html") text, err := template.ParseFiles("ui/base.html", "ui/subscribe_stripe.html")
if err != nil { if err != nil {
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
log.Fatal(err) log.Println(err)
} }
err = text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, ClientSecret: result.ClientSecret}) err = text.Execute(w, TemplateData{AuthenticatedUser: id, Account: account, ClientSecret: result.ClientSecret})
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
http.Error(w, "Internal Server Error", 500) http.Error(w, "Internal Server Error", 500)
} }
} }
@ -399,7 +433,7 @@ func managebilling(w http.ResponseWriter, r *http.Request) {
func webhooks(w http.ResponseWriter, r *http.Request) { func webhooks(w http.ResponseWriter, r *http.Request) {
const MaxBodyBytes = int64(65536) const MaxBodyBytes = int64(65536)
r.Body = http.MaxBytesReader(w, r.Body, MaxBodyBytes) r.Body = http.MaxBytesReader(w, r.Body, MaxBodyBytes)
payload, err := ioutil.ReadAll(r.Body) payload, err := io.ReadAll(r.Body)
if err != nil { if err != nil {
log.Printf("Error reading request body: %v\n", err) log.Printf("Error reading request body: %v\n", err)
w.WriteHeader(http.StatusServiceUnavailable) w.WriteHeader(http.StatusServiceUnavailable)
@ -466,7 +500,6 @@ func webhooks(w http.ResponseWriter, r *http.Request) {
return return
} }
// ... handle other event types // ... handle other event types
default: default:
log.Printf("Unhandled event type: %s\n", event.Type) log.Printf("Unhandled event type: %s\n", event.Type)
@ -479,7 +512,7 @@ func handle_checkout_session_completed(checkoutsession stripe.CheckoutSession) e
//toprint, _ := json.MarshalIndent(checkoutSession, "", " ") //toprint, _ := json.MarshalIndent(checkoutSession, "", " ")
//log.Println(string(toprint)) //log.Println(string(toprint))
subscription, err := subscription.Get(checkoutsession.Subscription.ID, nil); subscription, err := subscription.Get(checkoutsession.Subscription.ID, nil)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
return err return err

49
main.go
View File

@ -8,7 +8,6 @@ import (
"flag" "flag"
"log" "log"
"net/http" "net/http"
"time"
"database/sql" "database/sql"
"regexp" "regexp"
@ -16,10 +15,6 @@ import (
"github.com/gorilla/sessions" "github.com/gorilla/sessions"
_ "github.com/lib/pq" _ "github.com/lib/pq"
"github.com/stripe/stripe-go/v78" "github.com/stripe/stripe-go/v78"
"crypto/tls"
"golang.org/x/crypto/acme/autocert"
) )
var users *Usermodel var users *Usermodel
@ -32,8 +27,8 @@ var emailrx = regexp.MustCompile("/^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-
func main() { func main() {
addr := flag.String("addr", "127.0.0.1:8080", "HTTP network addr") addr := flag.String("addr", "127.0.0.1:8080", "HTTP network addr")
//prodaddr := flag.String("prodaddr", "127.0.0.1:4000", "HTTP network addr") prodaddr := flag.String("prodaddr", "127.0.0.1:4000", "HTTP network addr")
prodaddr := flag.String("prodaddr", "45.76.84.7:443", "HTTP network addr") //prodaddr := flag.String("prodaddr", "45.76.84.7:443", "HTTP network addr")
production := flag.Bool("production", false, "Whether to use production port and TLS") production := flag.Bool("production", false, "Whether to use production port and TLS")
_ = addr _ = addr
@ -94,31 +89,25 @@ func main() {
mux.HandleFunc("/webhook", webhooks) mux.HandleFunc("/webhook", webhooks)
if *production { if *production {
autocertManager := autocert.Manager{ // autocertManager := autocert.Manager{
Prompt: autocert.AcceptTOS, // Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist("alfheimgame.com"), // HostPolicy: autocert.HostWhitelist("alfheimgame.com"),
Email: "vicenteferrarismith@gmail.com", // Email: "vicenteferrarismith@gmail.com",
Cache: autocert.DirCache("certs"), // Cache: autocert.DirCache("certs"),
} // }
tlsConfig := &tls.Config{ // server := &http.Server{
GetCertificate: autocertManager.GetCertificate, // Addr: *prodaddr,
PreferServerCipherSuites: true, // Handler: log_request(secure_headers(mux)),
CurvePreferences: []tls.CurveID{tls.X25519, tls.CurveP256}, // TLSConfig: autocertManager.TLSConfig(),
NextProtos: []string{"acme-tls/1"}, // IdleTimeout: time.Minute,
} // ReadTimeout: 5 * time.Second,
// WriteTimeout: 10 * time.Second,
// }
server := &http.Server{ // log.Fatal(server.ListenAndServeTLS("", ""))
Addr: *prodaddr, log.Fatal(http.ListenAndServe(*prodaddr, log_request(secure_headers(mux))))
Handler: log_connection(secure_headers(mux)),
TLSConfig: tlsConfig,
IdleTimeout: time.Minute,
ReadTimeout: 5 * time.Second,
WriteTimeout: 10 * time.Second,
}
log.Fatal(server.ListenAndServeTLS("", ""))
} else { } else {
log.Fatal(http.ListenAndServe(*addr, log_connection(secure_headers(mux)))) log.Fatal(http.ListenAndServe(*addr, log_request(secure_headers(mux))))
} }
} }

10
middleware.go
View File

@ -1,7 +1,9 @@
package main package main
import "net/http" import (
import "log" "log"
"net/http"
)
func secure_headers(next http.Handler) http.Handler { func secure_headers(next http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) { fn := func(w http.ResponseWriter, r *http.Request) {
@ -14,9 +16,9 @@ func secure_headers(next http.Handler) http.Handler {
return http.HandlerFunc(fn) return http.HandlerFunc(fn)
} }
func log_connection(next http.Handler) http.Handler { func log_request(next http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) { fn := func(w http.ResponseWriter, r *http.Request) {
log.Println("Connection!") log.Printf("%s - %s %s %s", r.RemoteAddr, r.Proto, r.Method, r.URL)
next.ServeHTTP(w, r) next.ServeHTTP(w, r)
} }

42
models.go
View File

@ -4,17 +4,21 @@
package main package main
import "fmt" import (
import "errors" "database/sql"
import "time" "errors"
//import "golang.org/x/crypto/bcrypt" "fmt"
import "database/sql" "time"
import _ "github.com/lib/pq"
import "log"
import "github.com/alexedwards/argon2id"
import "github.com/stripe/stripe-go/v78" //import "golang.org/x/crypto/bcrypt"
import "github.com/stripe/stripe-go/v78/customer"
"log"
"github.com/alexedwards/argon2id"
_ "github.com/lib/pq"
"github.com/stripe/stripe-go/v78"
"github.com/stripe/stripe-go/v78/customer"
)
var ErrNoRecord = errors.New("no matching record found") var ErrNoRecord = errors.New("no matching record found")
var ErrInvalidCredentials = errors.New("invalid credentials") var ErrInvalidCredentials = errors.New("invalid credentials")
@ -64,9 +68,14 @@ type SubscriptionModel struct {
func (m *Usermodel) Insert(username string, password string, firstname string, lastname string, email string) (int32, error) { func (m *Usermodel) Insert(username string, password string, firstname string, lastname string, email string) (int32, error) {
//hashedpassword, err := bcrypt.GenerateFromPassword([]byte(password), 12) //hashedpassword, err := bcrypt.GenerateFromPassword([]byte(password), 12)
hashedpassword, err := argon2id.CreateHash(password, argon2id.DefaultParams) hashedpassword, err := argon2id.CreateHash(password, argon2id.DefaultParams)
if err != nil {
log.Println(err)
return 0, err
}
//log.Println(hashedpassword) //log.Println(hashedpassword)
stmt := `INSERT INTO accounts (username, password, firstname, lastname, email, created) VALUES ($1, $2, $3, $4, $5, NOW()) RETURNING id` stmt := `INSERT INTO accounts (username, password, firstname, lastname, email, created) VALUES ($1, $2, $3, $4, $5, NOW()) RETURNING id`
@ -90,6 +99,11 @@ func (m *Usermodel) Insert(username string, password string, firstname string, l
} }
customer, err := customer.New(params) customer, err := customer.New(params)
if err != nil {
log.Println(err)
return 0, err
}
stmt = `UPDATE accounts SET stripe_id = $1 WHERE id = $2` stmt = `UPDATE accounts SET stripe_id = $1 WHERE id = $2`
//log.Println(customer.ID, insertid) //log.Println(customer.ID, insertid)
@ -106,6 +120,11 @@ func (m *Usermodel) Insert(username string, password string, firstname string, l
func (m *Usermodel) Delete(id int32) error { func (m *Usermodel) Delete(id int32) error {
account, err := users.GetAccount(id) account, err := users.GetAccount(id)
if err != nil {
log.Println(err)
return err
}
if account.StripeID != "" { if account.StripeID != "" {
/*result*/ _, err := customer.Del(account.StripeID, nil) /*result*/ _, err := customer.Del(account.StripeID, nil)
if err != nil { if err != nil {
@ -121,7 +140,6 @@ func (m *Usermodel) Delete(id int32) error {
log.Println(err) log.Println(err)
} }
return nil return nil
} }