2021-01-05 06:05:40 -07:00
|
|
|
// Copyright 2020 The Gitea Authors. All rights reserved.
|
2022-11-27 11:20:29 -07:00
|
|
|
// SPDX-License-Identifier: MIT
|
2021-01-05 06:05:40 -07:00
|
|
|
|
2021-06-08 17:33:54 -06:00
|
|
|
package install
|
2021-01-05 06:05:40 -07:00
|
|
|
|
|
|
|
import (
|
2022-08-28 03:43:25 -06:00
|
|
|
goctx "context"
|
2021-01-05 06:05:40 -07:00
|
|
|
"fmt"
|
2023-03-03 19:12:02 -07:00
|
|
|
"html"
|
2021-01-05 06:05:40 -07:00
|
|
|
"net/http"
|
|
|
|
|
2022-07-23 00:38:03 -06:00
|
|
|
"code.gitea.io/gitea/modules/httpcache"
|
2021-01-05 06:05:40 -07:00
|
|
|
"code.gitea.io/gitea/modules/log"
|
2021-01-26 08:36:53 -07:00
|
|
|
"code.gitea.io/gitea/modules/public"
|
2021-01-05 06:05:40 -07:00
|
|
|
"code.gitea.io/gitea/modules/setting"
|
|
|
|
"code.gitea.io/gitea/modules/templates"
|
2021-01-26 08:36:53 -07:00
|
|
|
"code.gitea.io/gitea/modules/web"
|
2021-01-30 01:55:53 -07:00
|
|
|
"code.gitea.io/gitea/modules/web/middleware"
|
2021-06-08 17:33:54 -06:00
|
|
|
"code.gitea.io/gitea/routers/common"
|
2022-05-04 05:56:20 -06:00
|
|
|
"code.gitea.io/gitea/routers/web/healthcheck"
|
2021-04-06 13:44:05 -06:00
|
|
|
"code.gitea.io/gitea/services/forms"
|
2021-01-05 06:05:40 -07:00
|
|
|
|
2021-01-26 08:36:53 -07:00
|
|
|
"gitea.com/go-chi/session"
|
2021-01-05 06:05:40 -07:00
|
|
|
)
|
|
|
|
|
2021-06-08 17:33:54 -06:00
|
|
|
type dataStore map[string]interface{}
|
|
|
|
|
|
|
|
func (d *dataStore) GetData() map[string]interface{} {
|
|
|
|
return *d
|
|
|
|
}
|
|
|
|
|
2022-08-28 03:43:25 -06:00
|
|
|
func installRecovery(ctx goctx.Context) func(next http.Handler) http.Handler {
|
|
|
|
_, rnd := templates.HTMLRenderer(ctx)
|
2021-01-05 06:05:40 -07:00
|
|
|
return func(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
defer func() {
|
|
|
|
// Why we need this? The first recover will try to render a beautiful
|
|
|
|
// error page for user, but the process can still panic again, then
|
|
|
|
// we have to just recover twice and send a simple error page that
|
2023-03-03 19:12:02 -07:00
|
|
|
// should not panic anymore.
|
2021-01-05 06:05:40 -07:00
|
|
|
defer func() {
|
|
|
|
if err := recover(); err != nil {
|
2022-01-20 04:41:25 -07:00
|
|
|
combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, log.Stack(2))
|
|
|
|
log.Error("%s", combinedErr)
|
2021-10-20 08:37:19 -06:00
|
|
|
if setting.IsProd {
|
2022-03-22 22:54:07 -06:00
|
|
|
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
2021-01-14 14:17:03 -07:00
|
|
|
} else {
|
2022-03-22 22:54:07 -06:00
|
|
|
http.Error(w, combinedErr, http.StatusInternalServerError)
|
2021-01-05 06:05:40 -07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
if err := recover(); err != nil {
|
2022-01-20 04:41:25 -07:00
|
|
|
combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, log.Stack(2))
|
|
|
|
log.Error("%s", combinedErr)
|
2021-01-05 06:05:40 -07:00
|
|
|
|
2021-01-30 01:55:53 -07:00
|
|
|
lc := middleware.Locale(w, req)
|
2022-01-20 10:46:10 -07:00
|
|
|
store := dataStore{
|
2021-06-08 17:33:54 -06:00
|
|
|
"Language": lc.Language(),
|
|
|
|
"CurrentURL": setting.AppSubURL + req.URL.RequestURI(),
|
2022-06-27 14:58:46 -06:00
|
|
|
"locale": lc,
|
2021-06-08 17:33:54 -06:00
|
|
|
"SignedUserID": int64(0),
|
|
|
|
"SignedUserName": "",
|
2021-01-05 06:05:40 -07:00
|
|
|
}
|
|
|
|
|
2023-03-08 13:40:04 -07:00
|
|
|
httpcache.SetCacheControlInHeader(w.Header(), 0, "no-transform")
|
2021-08-06 14:47:10 -06:00
|
|
|
w.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
|
2021-01-05 06:05:40 -07:00
|
|
|
|
2021-10-20 08:37:19 -06:00
|
|
|
if !setting.IsProd {
|
2021-06-08 17:33:54 -06:00
|
|
|
store["ErrorMsg"] = combinedErr
|
2021-01-05 06:05:40 -07:00
|
|
|
}
|
2022-03-22 22:54:07 -06:00
|
|
|
err = rnd.HTML(w, http.StatusInternalServerError, "status/500", templates.BaseVars().Merge(store))
|
2021-01-05 06:05:40 -07:00
|
|
|
if err != nil {
|
|
|
|
log.Error("%v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
next.ServeHTTP(w, req)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2021-01-26 08:36:53 -07:00
|
|
|
|
Refactor web route (#24080)
The old code is unnecessarily complex, and has many misuses.
Old code "wraps" a lot, wrap wrap wrap, it's difficult to understand
which kind of handler is used.
The new code uses a general approach, we do not need to write all kinds
of handlers into the "wrapper", do not need to wrap them again and
again.
New code, there are only 2 concepts:
1. HandlerProvider: `func (h any) (handlerProvider func (next)
http.Handler)`, it can be used as middleware
2. Use HandlerProvider to get the final HandlerFunc, and use it for
`r.Get()`
And we can decouple the route package from context package (see the
TODO).
# FAQ
## Is `reflect` safe?
Yes, all handlers are checked during startup, see the `preCheckHandler`
comment. If any handler is wrong, developers could know it in the first
time.
## Does `reflect` affect performance?
No. https://github.com/go-gitea/gitea/pull/24080#discussion_r1164825901
1. This reflect code only runs for each web handler call, handler is far
more slower: 10ms-50ms
2. The reflect is pretty fast (comparing to other code): 0.000265ms
3. XORM has more reflect operations already
2023-04-20 12:49:06 -06:00
|
|
|
// Routes registers the installation routes
|
2022-08-28 03:43:25 -06:00
|
|
|
func Routes(ctx goctx.Context) *web.Route {
|
2021-01-26 08:36:53 -07:00
|
|
|
r := web.NewRoute()
|
2021-06-08 17:33:54 -06:00
|
|
|
for _, middle := range common.Middlewares() {
|
2021-01-26 08:36:53 -07:00
|
|
|
r.Use(middle)
|
|
|
|
}
|
|
|
|
|
Refactor web route (#24080)
The old code is unnecessarily complex, and has many misuses.
Old code "wraps" a lot, wrap wrap wrap, it's difficult to understand
which kind of handler is used.
The new code uses a general approach, we do not need to write all kinds
of handlers into the "wrapper", do not need to wrap them again and
again.
New code, there are only 2 concepts:
1. HandlerProvider: `func (h any) (handlerProvider func (next)
http.Handler)`, it can be used as middleware
2. Use HandlerProvider to get the final HandlerFunc, and use it for
`r.Get()`
And we can decouple the route package from context package (see the
TODO).
# FAQ
## Is `reflect` safe?
Yes, all handlers are checked during startup, see the `preCheckHandler`
comment. If any handler is wrong, developers could know it in the first
time.
## Does `reflect` affect performance?
No. https://github.com/go-gitea/gitea/pull/24080#discussion_r1164825901
1. This reflect code only runs for each web handler call, handler is far
more slower: 10ms-50ms
2. The reflect is pretty fast (comparing to other code): 0.000265ms
3. XORM has more reflect operations already
2023-04-20 12:49:06 -06:00
|
|
|
r.Use(web.MiddlewareWithPrefix("/assets/", nil, public.AssetsHandlerFunc("/assets/")))
|
2021-05-30 04:25:11 -06:00
|
|
|
|
2021-01-26 08:36:53 -07:00
|
|
|
r.Use(session.Sessioner(session.Options{
|
|
|
|
Provider: setting.SessionConfig.Provider,
|
|
|
|
ProviderConfig: setting.SessionConfig.ProviderConfig,
|
|
|
|
CookieName: setting.SessionConfig.CookieName,
|
|
|
|
CookiePath: setting.SessionConfig.CookiePath,
|
|
|
|
Gclifetime: setting.SessionConfig.Gclifetime,
|
|
|
|
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
|
|
|
Secure: setting.SessionConfig.Secure,
|
2021-05-31 12:22:36 -06:00
|
|
|
SameSite: setting.SessionConfig.SameSite,
|
2021-01-26 08:36:53 -07:00
|
|
|
Domain: setting.SessionConfig.Domain,
|
|
|
|
}))
|
|
|
|
|
2022-08-28 03:43:25 -06:00
|
|
|
r.Use(installRecovery(ctx))
|
|
|
|
r.Use(Init(ctx))
|
2023-03-03 19:12:02 -07:00
|
|
|
r.Get("/", Install) // it must be on the root, because the "install.js" use the window.location to replace the "localhost" AppURL
|
2021-06-08 17:33:54 -06:00
|
|
|
r.Post("/", web.Bind(forms.InstallForm{}), SubmitInstall)
|
2023-03-03 19:12:02 -07:00
|
|
|
r.Get("/post-install", InstallDone)
|
2022-05-04 05:56:20 -06:00
|
|
|
r.Get("/api/healthz", healthcheck.Check)
|
2022-01-20 04:41:25 -07:00
|
|
|
|
Refactor web route (#24080)
The old code is unnecessarily complex, and has many misuses.
Old code "wraps" a lot, wrap wrap wrap, it's difficult to understand
which kind of handler is used.
The new code uses a general approach, we do not need to write all kinds
of handlers into the "wrapper", do not need to wrap them again and
again.
New code, there are only 2 concepts:
1. HandlerProvider: `func (h any) (handlerProvider func (next)
http.Handler)`, it can be used as middleware
2. Use HandlerProvider to get the final HandlerFunc, and use it for
`r.Get()`
And we can decouple the route package from context package (see the
TODO).
# FAQ
## Is `reflect` safe?
Yes, all handlers are checked during startup, see the `preCheckHandler`
comment. If any handler is wrong, developers could know it in the first
time.
## Does `reflect` affect performance?
No. https://github.com/go-gitea/gitea/pull/24080#discussion_r1164825901
1. This reflect code only runs for each web handler call, handler is far
more slower: 10ms-50ms
2. The reflect is pretty fast (comparing to other code): 0.000265ms
3. XORM has more reflect operations already
2023-04-20 12:49:06 -06:00
|
|
|
r.NotFound(installNotFound)
|
2021-01-26 08:36:53 -07:00
|
|
|
return r
|
|
|
|
}
|
2022-01-20 04:41:25 -07:00
|
|
|
|
|
|
|
func installNotFound(w http.ResponseWriter, req *http.Request) {
|
2023-03-03 19:12:02 -07:00
|
|
|
w.Header().Add("Content-Type", "text/html; charset=utf-8")
|
|
|
|
w.Header().Add("Refresh", fmt.Sprintf("1; url=%s", setting.AppSubURL+"/"))
|
|
|
|
// do not use 30x status, because the "post-install" page needs to use 404/200 to detect if Gitea has been installed.
|
|
|
|
// the fetch API could follow 30x requests to the page with 200 status.
|
|
|
|
w.WriteHeader(http.StatusNotFound)
|
|
|
|
_, _ = fmt.Fprintf(w, `Not Found. <a href="%s">Go to default page</a>.`, html.EscapeString(setting.AppSubURL+"/"))
|
2022-01-20 04:41:25 -07:00
|
|
|
}
|