website/pkg/middleware/authentication.go
Noah Petherbridge 4f04323d5a Public Avatar Consent Page
The nonshy website is changing the policy on profile pictures. From August 30,
the square cropped avatar images will need to be publicly viewable to everyone.

This implements the first pass of the rollout:

* Add the Public Avatar Consent Page which explains the change to users and
  asks for their acknowledgement. The link is available from their User Settings
  page, near their Certification Photo link.
* When users (with non-public avatars) accept the change: their square cropped
  avatar will become visible to everybody, instead of showing a placeholder
  avatar.
* Users can change their mind and opt back out, which will again show the
  placeholder avatar.
* The Certification Required middleware will automatically enforce the consent
  page once the scheduled go-live date arrives.

Next steps are:

1. Post an announcement on the forum about the upcoming change and link users
   to the consent form if they want to check it out early.
2. Update the nonshy site to add banners to places like the User Dashboard for
   users who will be affected by the change, to link them to the forum post
   and the consent page.
2024-06-29 16:44:18 -07:00

168 lines
4.9 KiB
Go

package middleware
import (
"context"
"net/http"
"net/url"
"time"
"code.nonshy.com/nonshy/website/pkg/config"
"code.nonshy.com/nonshy/website/pkg/controller/photo"
"code.nonshy.com/nonshy/website/pkg/log"
"code.nonshy.com/nonshy/website/pkg/models"
"code.nonshy.com/nonshy/website/pkg/session"
"code.nonshy.com/nonshy/website/pkg/templates"
)
// LoginRequired middleware.
func LoginRequired(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// User must be logged in.
user, err := session.CurrentUser(r)
if err != nil {
log.Error("LoginRequired: %s", err)
session.FlashError(w, r, "You must be signed in to view this page.")
templates.Redirect(w, "/login?next="+url.QueryEscape(r.URL.String()))
return
}
// Are they banned?
if user.Status == models.UserStatusBanned {
session.LogoutUser(w, r)
session.FlashError(w, r, "Your account has been banned and you are now logged out.")
templates.Redirect(w, "/")
return
}
// Is their account disabled?
if DisabledAccount(user, w, r) {
return
}
// Is the site under a Maintenance Mode restriction?
if MaintenanceMode(user, w, r) {
return
}
// Ping LastLoginAt for long lived sessions, but not if impersonated.
var pingLastLoginAt bool
if time.Since(user.LastLoginAt) > config.LastLoginAtCooldown && !session.Impersonated(r) {
user.LastLoginAt = time.Now()
pingLastLoginAt = true
if err := user.Save(); err != nil {
log.Error("LoginRequired: couldn't refresh LastLoginAt for user %s: %s", user.Username, err)
}
}
// Log the last visit of their current IP address.
if err := models.PingIPAddress(r, user, pingLastLoginAt); err != nil {
log.Error("LoginRequired: couldn't ping user %s IP address: %s", user.Username, err)
}
// Ask the user for their birthdate?
if AgeGate(user, w, r) {
return
}
// Stick the CurrentUser in the request context so future calls to session.CurrentUser can read it.
ctx := context.WithValue(r.Context(), session.CurrentUserKey, user)
handler.ServeHTTP(w, r.WithContext(ctx))
})
}
// AdminRequired middleware.
func AdminRequired(scope string, handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// User must be logged in.
currentUser, err := session.CurrentUser(r)
if err != nil {
log.Error("AdminRequired: %s", err)
session.FlashError(w, r, "You must be signed in to view this page.")
templates.Redirect(w, "/login?next="+url.QueryEscape(r.URL.String()))
return
}
// Stick the CurrentUser in the request context so future calls to session.CurrentUser can read it.
ctx := context.WithValue(r.Context(), session.CurrentUserKey, currentUser)
// Admin required.
if !currentUser.IsAdmin {
errhandler := templates.MakeErrorPage("Admin Required", "You do not have permission for this page.", http.StatusForbidden)
errhandler.ServeHTTP(w, r.WithContext(ctx))
return
}
// Ensure the admin scope.
if scope != "" && !currentUser.HasAdminScope(scope) {
errhandler := templates.MakeErrorPage(
"Admin Scope Required",
"Missing required admin scope: "+scope,
http.StatusForbidden,
)
errhandler.ServeHTTP(w, r.WithContext(ctx))
return
}
handler.ServeHTTP(w, r.WithContext(ctx))
})
}
// CertRequired middleware: like LoginRequired but user must also have their verification pic certified.
func CertRequired(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// User must be logged in.
currentUser, err := session.CurrentUser(r)
if err != nil {
log.Error("LoginRequired: %s", err)
session.FlashError(w, r, "You must be signed in to view this page.")
templates.Redirect(w, "/login?next="+url.QueryEscape(r.URL.String()))
return
}
// Log the last visit of their current IP address.
if err := models.PingIPAddress(r, currentUser, false); err != nil {
log.Error("CertRequired: couldn't ping user %s IP address: %s", currentUser.Username, err)
}
// Are they banned?
if currentUser.Status == models.UserStatusBanned {
session.LogoutUser(w, r)
session.FlashError(w, r, "Your account has been banned and you are now logged out.")
templates.Redirect(w, "/")
return
}
// Is their account disabled?
if DisabledAccount(currentUser, w, r) {
return
}
// Is the site under a Maintenance Mode restriction?
if MaintenanceMode(currentUser, w, r) {
return
}
// User must be certified.
if !currentUser.Certified || currentUser.ProfilePhoto.ID == 0 {
log.Error("CertRequired: user is not certified")
photo.CertificationRequiredError().ServeHTTP(w, r)
return
}
// Ask the user for their birthdate?
if AgeGate(currentUser, w, r) {
return
}
// Public Avatar consent enforcement?
if PublicAvatarConsent(currentUser, w, r) {
return
}
handler.ServeHTTP(w, r)
})
}