package chat import ( "bytes" "encoding/json" "fmt" "io" "net/http" "strings" "time" "code.nonshy.com/nonshy/website/pkg/config" "code.nonshy.com/nonshy/website/pkg/geoip" "code.nonshy.com/nonshy/website/pkg/log" "code.nonshy.com/nonshy/website/pkg/models" "code.nonshy.com/nonshy/website/pkg/photo" "code.nonshy.com/nonshy/website/pkg/session" "code.nonshy.com/nonshy/website/pkg/templates" "code.nonshy.com/nonshy/website/pkg/worker" "github.com/golang-jwt/jwt/v4" ) // JWT claims. type Claims struct { // Custom claims. IsAdmin bool `json:"op,omitempty"` Avatar string `json:"img,omitempty"` ProfileURL string `json:"url,omitempty"` Nickname string `json:"nick,omitempty"` Emoji string `json:"emoji,omitempty"` Gender string `json:"gender,omitempty"` // Standard claims. Notes: // subject = username jwt.RegisteredClaims } // Gender returns the BareRTC gender string for the user's gender selection. func Gender(u *models.User) string { switch u.GetProfileField("gender") { case "Man", "Trans (FTM)": return "m" case "Woman", "Trans (MTF)": return "f" case "Non-binary", "Trans", "Other": return "o" default: return "" } } // Landing page for chat rooms. func Landing() http.HandlerFunc { tmpl := templates.Must("chat.html") return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Get the current user. currentUser, err := session.CurrentUser(r) if err != nil { session.FlashError(w, r, "Couldn't get current user: %s", err) templates.Redirect(w, "/") return } // Are they logging into the chat room? var ( intent = r.FormValue("intent") isShy = currentUser.IsShy() ) if intent == "join" { // If we are shy, block chat for now. if isShy { session.FlashError(w, r, "You have a Shy Account and are not allowed in the chat room at this time where our non-shy members may "+ "be on camera.", ) templates.Redirect(w, "/chat") return } // Get our Chat JWT secret. var ( secret = []byte(config.Current.BareRTC.JWTSecret) chatURL = config.Current.BareRTC.URL ) if len(secret) == 0 || chatURL == "" { session.FlashError(w, r, "Couldn't sign you into the chat: JWT secret key or chat URL not configured!") templates.Redirect(w, r.URL.Path) return } // Avatar URL - masked if non-public. avatar := photo.URLPath(currentUser.ProfilePhoto.CroppedFilename) switch currentUser.ProfilePhoto.Visibility { case models.PhotoPrivate: avatar = "/static/img/shy-private.png" case models.PhotoFriends: avatar = "/static/img/shy-friends.png" } // Country flag emoji. emoji, err := geoip.GetRequestCountryFlagWithCode(r) if err != nil { emoji, err = geoip.CountryFlagEmojiWithCode("US") if err != nil { emoji = "🏴‍☠️" } } // Create the JWT claims. claims := Claims{ IsAdmin: currentUser.HasAdminScope(config.ScopeChatModerator), Avatar: avatar, ProfileURL: "/u/" + currentUser.Username, Nickname: currentUser.NameOrUsername(), Emoji: emoji, Gender: Gender(currentUser), RegisteredClaims: jwt.RegisteredClaims{ ExpiresAt: jwt.NewNumericDate(time.Now().Add(5 * time.Minute)), IssuedAt: jwt.NewNumericDate(time.Now()), NotBefore: jwt.NewNumericDate(time.Now()), Issuer: config.Title, Subject: currentUser.Username, ID: fmt.Sprintf("%d", currentUser.ID), }, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) ss, err := token.SignedString(secret) if err != nil { session.FlashError(w, r, "Couldn't sign you into the chat: %s", err) templates.Redirect(w, r.URL.Path) return } // Send over their blocklist to the chat server. if err := SendBlocklist(currentUser); err != nil { log.Error("SendBlocklist: %s", err) } // Redirect them to the chat room. templates.Redirect(w, strings.TrimSuffix(chatURL, "/")+"/?jwt="+ss) return } var vars = map[string]interface{}{ "ChatAPI": strings.TrimSuffix(config.Current.BareRTC.URL, "/") + "/api/statistics", "IsShyUser": isShy, // Pre-populate the "who's online" widget from backend cache data "ChatStatistics": worker.GetChatStatistics(), } if err := tmpl.Execute(w, r, vars); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } }) } // SendBlocklist syncs the user blocklist to the chat server prior to sending them over. func SendBlocklist(user *models.User) error { // Get the user's blocklist. blockedUsernames := models.BlockedUsernames(user.ID) log.Info("SendBlocklist(%s) to BareRTC: %d blocked usernames", user.Username, len(blockedUsernames)) // API request struct for BareRTC /api/blocklist endpoint. var request = struct { APIKey string Username string Blocklist []string }{ config.Current.CronAPIKey, user.Username, blockedUsernames, } // JSON request body. jsonStr, err := json.Marshal(request) if err != nil { return err } // Make the API request to BareRTC. var url = strings.TrimSuffix(config.Current.BareRTC.URL, "/") + "/api/blocklist" req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonStr)) if err != nil { return err } req.Header.Set("Content-Type", "application/json") client := &http.Client{ Timeout: 10 * time.Second, } resp, err := client.Do(req) if err != nil { return err } defer resp.Body.Close() if resp.StatusCode != http.StatusOK { body, _ := io.ReadAll(resp.Body) log.Error("SendBlocklist: error syncing blocklist to BareRTC: status %d body %s", resp.StatusCode, body) } return nil }