+1 -1

Dockerfile

reviewed

··· 18 18 19 19 # Create necessary directories and set permissions 20 20 RUN mkdir -p "$SMALLWEB_DIR" \ 21 21 - && chown -R smallweb:smallweb "$SMALLWEB_DATA_DIR" "$SMALLWEB_DIR" 21 21 + && chown -R smallweb:smallweb "$SMALLWEB_DIR" 22 22 23 23 # Switch to non-root user 24 24 USER smallweb

+19 -1

auth/auth.go

reviewed

··· 282 282 return 283 283 } 284 284 285 285 - session, err := GetSession(cookie.Value, r.Host) 285 285 + session, err := GetSession(cookie.Value) 286 286 + if session.Domain != r.Host || session.Email != email { 287 287 + http.SetCookie(w, &http.Cookie{ 288 288 + Name: sessionCookieName, 289 289 + Expires: time.Now().Add(-1 * time.Hour), 290 290 + SameSite: http.SameSiteLaxMode, 291 291 + HttpOnly: true, 292 292 + Secure: true, 293 293 + }) 294 294 + 295 295 + if err := DeleteSession(cookie.Value); err != nil { 296 296 + http.Error(w, "Internal Server Error", http.StatusInternalServerError) 297 297 + return 298 298 + } 299 299 + 300 300 + http.Redirect(w, r, fmt.Sprintf("/_auth/login?redirect=%s", r.URL.Path), http.StatusSeeOther) 301 301 + return 302 302 + } 303 303 + 286 304 if err != nil { 287 305 http.SetCookie(w, &http.Cookie{ 288 306 Name: sessionCookieName,

+3 -22

auth/session.go

reviewed

··· 14 14 type Session struct { 15 15 ID string `json:"id"` 16 16 Email string `json:"email"` 17 17 - Domain string `json:"domain"` 17 17 + Domain string `json:"app"` 18 18 CreatedAt time.Time `json:"createdAt"` 19 19 ExpiresAt time.Time `json:"expiresAt"` 20 20 } ··· 109 109 return nil 110 110 } 111 111 112 112 - func GetSession(sessionID string, domain string) (Session, error) { 113 113 - sessionPath := sessionPath(sessionID) 114 114 - sessionBytes, err := os.ReadFile(sessionPath) 115 115 - if err != nil { 116 116 - return Session{}, fmt.Errorf("failed to read session: %w", err) 117 117 - } 118 118 - 119 119 - var session Session 120 120 - if err := json.Unmarshal(sessionBytes, &session); err != nil { 121 121 - return Session{}, fmt.Errorf("failed to unmarshal session: %w", err) 122 122 - } 123 123 - 124 124 - if session.Domain != domain { 125 125 - return Session{}, fmt.Errorf("session not found") 126 126 - } 127 127 - 128 128 - return session, nil 129 129 - } 130 130 - 131 131 - func LoadSession(sessionID string) (Session, error) { 112 112 + func GetSession(sessionID string) (Session, error) { 132 113 sessionPath := sessionPath(sessionID) 133 114 sessionBytes, err := os.ReadFile(sessionPath) 134 115 if err != nil { ··· 144 125 } 145 126 146 127 func ExtendSession(sessionID string, expiresAt time.Time) error { 147 147 - session, err := LoadSession(sessionID) 128 128 + session, err := GetSession(sessionID) 148 129 if err != nil { 149 130 return fmt.Errorf("failed to load session: %w", err) 150 131 }

-226

cmd/log.go

reviewed

··· 1 1 - package cmd 2 2 - 3 3 - import ( 4 4 - "bufio" 5 5 - "context" 6 6 - "encoding/json" 7 7 - "fmt" 8 8 - "net" 9 9 - "net/http" 10 10 - "os" 11 11 - 12 12 - "github.com/pomdtr/smallweb/api" 13 13 - "github.com/pomdtr/smallweb/utils" 14 14 - "github.com/spf13/cobra" 15 15 - ) 16 16 - 17 17 - func NewCmdLog() *cobra.Command { 18 18 - cmd := &cobra.Command{ 19 19 - Use: "log", 20 20 - Aliases: []string{"logs"}, 21 21 - Short: "Show logs", 22 22 - GroupID: CoreGroupID, 23 23 - } 24 24 - 25 25 - cmd.AddCommand(NewCmdLogHttp()) 26 26 - cmd.AddCommand(NewCmdLogConsole()) 27 27 - 28 28 - return cmd 29 29 - 30 30 - } 31 31 - 32 32 - func NewCmdLogHttp() *cobra.Command { 33 33 - var flags struct { 34 34 - host string 35 35 - json bool 36 36 - } 37 37 - 38 38 - cmd := &cobra.Command{ 39 39 - Use: "http", 40 40 - Short: "Show HTTP logs", 41 41 - RunE: func(cmd *cobra.Command, args []string) error { 42 42 - // use api unix socket if available 43 43 - client := &http.Client{ 44 44 - Transport: &http.Transport{ 45 45 - DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { 46 46 - return net.Dial("unix", api.SocketPath(k.String("domain"))) 47 47 - }, 48 48 - }, 49 49 - } 50 50 - 51 51 - req, err := http.NewRequest("GET", "http://unix/v0/logs/http", nil) 52 52 - if err != nil { 53 53 - return err 54 54 - } 55 55 - 56 56 - q := req.URL.Query() 57 57 - if flags.host != "" { 58 58 - q.Add("host", flags.host) 59 59 - } 60 60 - req.URL.RawQuery = q.Encode() 61 61 - 62 62 - resp, err := client.Do(req) 63 63 - if err != nil { 64 64 - return fmt.Errorf("failed to get logs: %w", err) 65 65 - } 66 66 - defer resp.Body.Close() 67 67 - 68 68 - if resp.StatusCode != http.StatusOK { 69 69 - return fmt.Errorf("failed to get logs: %s", resp.Status) 70 70 - } 71 71 - 72 72 - scanner := bufio.NewScanner(resp.Body) 73 73 - for scanner.Scan() { 74 74 - if scanner.Err() != nil { 75 75 - if scanner.Err().Error() == "EOF" { 76 76 - break 77 77 - } 78 78 - 79 79 - return fmt.Errorf("failed to read logs: %w", scanner.Err()) 80 80 - } 81 81 - 82 82 - if flags.json { 83 83 - fmt.Println(scanner.Text()) 84 84 - continue 85 85 - } 86 86 - 87 87 - var log map[string]any 88 88 - if err := json.Unmarshal(scanner.Bytes(), &log); err != nil { 89 89 - return fmt.Errorf("failed to parse log: %w", err) 90 90 - } 91 91 - 92 92 - request, ok := log["request"].(map[string]any) 93 93 - if !ok { 94 94 - return fmt.Errorf("failed to parse request") 95 95 - } 96 96 - 97 97 - response, ok := log["response"].(map[string]any) 98 98 - if !ok { 99 99 - return fmt.Errorf("failed to parse response") 100 100 - } 101 101 - 102 102 - time, ok := log["time"].(string) 103 103 - if !ok { 104 104 - return fmt.Errorf("failed to parse time") 105 105 - } 106 106 - 107 107 - host, ok := request["host"].(string) 108 108 - if !ok { 109 109 - return fmt.Errorf("failed to parse host") 110 110 - } 111 111 - 112 112 - method, ok := request["method"].(string) 113 113 - if !ok { 114 114 - return fmt.Errorf("failed to parse method") 115 115 - } 116 116 - 117 117 - path, ok := request["path"].(string) 118 118 - if !ok { 119 119 - return fmt.Errorf("failed to parse path") 120 120 - } 121 121 - 122 122 - status, ok := response["status"].(float64) 123 123 - if !ok { 124 124 - return fmt.Errorf("failed to parse status") 125 125 - } 126 126 - 127 127 - fmt.Printf("%s %s %s %s %d\n", time, host, method, path, int(status)) 128 128 - } 129 129 - 130 130 - return nil 131 131 - }, 132 132 - } 133 133 - 134 134 - cmd.Flags().StringVar(&flags.host, "host", "", "filter logs by host") 135 135 - cmd.Flags().BoolVar(&flags.json, "json", false, "output logs in JSON format") 136 136 - 137 137 - return cmd 138 138 - } 139 139 - 140 140 - func NewCmdLogConsole() *cobra.Command { 141 141 - var flags struct { 142 142 - json bool 143 143 - app string 144 144 - } 145 145 - 146 146 - cmd := &cobra.Command{ 147 147 - Use: "console", 148 148 - Short: "Show console logs", 149 149 - RunE: func(cmd *cobra.Command, args []string) error { 150 150 - // use api unix socket if available 151 151 - client := &http.Client{ 152 152 - Transport: &http.Transport{ 153 153 - DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { 154 154 - return net.Dial("unix", api.SocketPath(k.String("domain"))) 155 155 - }, 156 156 - }, 157 157 - } 158 158 - 159 159 - req, err := http.NewRequest("GET", "http://unix/v0/logs/console", nil) 160 160 - if err != nil { 161 161 - return err 162 162 - } 163 163 - 164 164 - q := req.URL.Query() 165 165 - if flags.app != "" { 166 166 - q.Add("app", flags.app) 167 167 - } 168 168 - req.URL.RawQuery = q.Encode() 169 169 - 170 170 - resp, err := client.Do(req) 171 171 - if err != nil { 172 172 - return fmt.Errorf("failed to get logs: %w", err) 173 173 - } 174 174 - defer resp.Body.Close() 175 175 - 176 176 - if resp.StatusCode != http.StatusOK { 177 177 - return fmt.Errorf("failed to get logs: %s", resp.Body) 178 178 - } 179 179 - 180 180 - scanner := bufio.NewScanner(resp.Body) 181 181 - for scanner.Scan() { 182 182 - if scanner.Err() != nil { 183 183 - if scanner.Err().Error() == "EOF" { 184 184 - break 185 185 - } 186 186 - } 187 187 - 188 188 - if flags.json { 189 189 - fmt.Println(scanner.Text()) 190 190 - continue 191 191 - } 192 192 - 193 193 - var log map[string]any 194 194 - if err := json.Unmarshal(scanner.Bytes(), &log); err != nil { 195 195 - fmt.Fprintln(os.Stderr, "failed to parse log:", err) 196 196 - continue 197 197 - } 198 198 - 199 199 - logType, ok := log["type"].(string) 200 200 - if !ok { 201 201 - fmt.Fprintln(os.Stderr, "failed to parse type") 202 202 - } 203 203 - 204 204 - text, ok := log["text"].(string) 205 205 - if !ok { 206 206 - fmt.Fprintln(os.Stderr, "failed to parse text") 207 207 - } 208 208 - 209 209 - if logType == "stderr" { 210 210 - fmt.Fprintln(os.Stderr, text) 211 211 - continue 212 212 - } 213 213 - 214 214 - fmt.Println(text) 215 215 - } 216 216 - 217 217 - return nil 218 218 - }, 219 219 - } 220 220 - 221 221 - cmd.Flags().BoolVar(&flags.json, "json", false, "output logs in JSON format") 222 222 - cmd.Flags().StringVar(&flags.app, "app", "", "filter logs by app") 223 223 - cmd.RegisterFlagCompletionFunc("app", completeApp(utils.RootDir())) 224 224 - 225 225 - return cmd 226 226 - }

+1 -7

cmd/root.go

reviewed

··· 30 30 func NewCmdRoot(version string, changelog string) *cobra.Command { 31 31 defaultProvider := confmap.Provider(map[string]interface{}{ 32 32 "addr": ":7777", 33 33 - "dir": "~/smallweb", 34 33 }, "") 35 34 36 35 envProvider := env.Provider("SMALLWEB_", ".", func(s string) string { 37 37 - if s == "SMALLWEB_CONFIG" { 38 38 - return "" 39 39 - } 40 40 - 41 41 - if s == "SMALLWEB_DATA_DIR" { 36 36 + if s == "SMALLWEB_DIR" { 42 37 return "" 43 38 } 44 39 ··· 80 75 cmd.AddCommand(NewCmdUp()) 81 76 cmd.AddCommand(NewCmdService()) 82 77 cmd.AddCommand(NewCmdConfig()) 83 83 - cmd.AddCommand(NewCmdLog()) 84 78 cmd.AddCommand(NewCmdCreate()) 85 79 cmd.AddCommand(NewCmdOpen()) 86 80 cmd.AddCommand(NewCmdList())

+1 -12

cmd/token.go

reviewed

··· 4 4 "encoding/json" 5 5 "fmt" 6 6 "os" 7 7 - "path/filepath" 8 7 "time" 9 8 10 10 - "github.com/adrg/xdg" 11 9 "github.com/cli/go-gh/v2/pkg/tableprinter" 12 10 "github.com/mattn/go-isatty" 13 11 "github.com/pomdtr/smallweb/auth" ··· 16 14 "golang.org/x/crypto/bcrypt" 17 15 "golang.org/x/term" 18 16 ) 19 19 - 20 20 - func DataDir() string { 21 21 - if dataDir, ok := os.LookupEnv("SMALLWEB_DATA_DIR"); ok { 22 22 - return dataDir 23 23 - } 24 24 - 25 25 - return filepath.Join(xdg.DataHome, "smallweb") 26 26 - } 27 17 28 18 func NewCmdToken() *cobra.Command { 29 19 cmd := &cobra.Command{ ··· 86 76 cmd.MarkFlagRequired("description") 87 77 cmd.Flags().StringVarP(&flags.app, "app", "a", "", "app token") 88 78 cmd.MarkFlagRequired("app") 89 89 - cmd.RegisterFlagCompletionFunc("app", completeApp(utils.ExpandTilde("~/.smallweb/apps"))) 90 90 - cmd.MarkFlagsMutuallyExclusive("admin", "app") 79 79 + cmd.RegisterFlagCompletionFunc("app", completeApp(utils.RootDir())) 91 80 92 81 return cmd 93 82 }

+10 -12

worker/worker.go

reviewed

··· 146 146 logPipe := func(pipe io.ReadCloser, logType string) { 147 147 scanner := bufio.NewScanner(pipe) 148 148 for scanner.Scan() { 149 149 - if me.Logger == nil { 150 150 - os.Stdout.WriteString(scanner.Text() + "\n") 151 151 - continue 149 149 + os.Stdout.WriteString(scanner.Text() + "\n") 150 150 + if me.Logger != nil { 151 151 + me.Logger.LogAttrs( 152 152 + context.Background(), 153 153 + slog.LevelInfo, 154 154 + logType, 155 155 + slog.String("type", logType), 156 156 + slog.String("app", me.App.Name), 157 157 + slog.String("text", scanner.Text()), 158 158 + ) 152 159 } 153 153 - 154 154 - me.Logger.LogAttrs( 155 155 - context.Background(), 156 156 - slog.LevelInfo, 157 157 - logType, 158 158 - slog.String("type", logType), 159 159 - slog.String("app", me.App.Name), 160 160 - slog.String("text", scanner.Text()), 161 161 - ) 162 160 163 161 } 164 162 }