From 463f16f361ad27f5aa83530c11d0fb2d53d2fa02 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 27 Jan 2024 09:19:18 +0100 Subject: [PATCH 001/103] list account and create account --- docs/swagger/docs.go | 78 ++++++++++ docs/swagger/swagger.json | 78 ++++++++++ docs/swagger/swagger.yaml | 51 +++++++ internal/cmd/root.go | 5 +- internal/database/database.go | 2 +- internal/database/database_test.go | 20 +++ internal/database/mysql.go | 19 ++- internal/database/mysql_test.go | 8 +- internal/database/pg.go | 43 ++++-- internal/database/pg_test.go | 4 +- internal/database/sqlite.go | 32 +++-- internal/database/sqlite_test.go | 4 +- internal/dependencies/dependencies.go | 3 +- internal/domains/accounts.go | 74 +++------- internal/domains/auth.go | 84 +++++++++++ internal/http/routes/api/v1/accounts.go | 142 +++++++++++++++++++ internal/http/routes/api/v1/accounts_test.go | 116 +++++++++++++++ internal/http/routes/api/v1/api.go | 1 + internal/http/routes/api/v1/auth_test.go | 12 +- internal/http/routes/api/v1/bookmarks.go | 3 - internal/http/routes/legacy.go | 2 +- internal/model/account.go | 2 +- internal/model/domains.go | 9 +- internal/testutil/shiori.go | 3 +- internal/webserver/handler-api.go | 22 +-- 25 files changed, 694 insertions(+), 123 deletions(-) create mode 100644 internal/domains/auth.go create mode 100644 internal/http/routes/api/v1/accounts.go create mode 100644 internal/http/routes/api/v1/accounts_test.go diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go index 5da1ffb4b..a72b0479c 100644 --- a/docs/swagger/docs.go +++ b/docs/swagger/docs.go @@ -15,6 +15,67 @@ const docTemplate = `{ "host": "{{.Host}}", "basePath": "{{.BasePath}}", "paths": { + "/api/v1/accounts": { + "get": { + "description": "List accounts", + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "List accounts", + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/model.AccountDTO" + } + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } + }, + "post": { + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "Create an account", + "responses": { + "201": { + "description": "Created", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/model.AccountDTO" + } + } + }, + "400": { + "description": "Bad Request", + "schema": { + "type": "string" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } + } + }, "/api/v1/auth/account": { "patch": { "produces": [ @@ -294,6 +355,23 @@ const docTemplate = `{ } } }, + "model.AccountDTO": { + "type": "object", + "properties": { + "config": { + "$ref": "#/definitions/model.UserConfig" + }, + "id": { + "type": "integer" + }, + "owner": { + "type": "boolean" + }, + "username": { + "type": "string" + } + } + }, "model.BookmarkDTO": { "type": "object", "properties": { diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json index 58a6d7be7..d32743779 100644 --- a/docs/swagger/swagger.json +++ b/docs/swagger/swagger.json @@ -4,6 +4,67 @@ "contact": {} }, "paths": { + "/api/v1/accounts": { + "get": { + "description": "List accounts", + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "List accounts", + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/model.AccountDTO" + } + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } + }, + "post": { + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "Create an account", + "responses": { + "201": { + "description": "Created", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/model.AccountDTO" + } + } + }, + "400": { + "description": "Bad Request", + "schema": { + "type": "string" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } + } + }, "/api/v1/auth/account": { "patch": { "produces": [ @@ -283,6 +344,23 @@ } } }, + "model.AccountDTO": { + "type": "object", + "properties": { + "config": { + "$ref": "#/definitions/model.UserConfig" + }, + "id": { + "type": "integer" + }, + "owner": { + "type": "boolean" + }, + "username": { + "type": "string" + } + } + }, "model.BookmarkDTO": { "type": "object", "properties": { diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml index 6935a30b3..a1d87350b 100644 --- a/docs/swagger/swagger.yaml +++ b/docs/swagger/swagger.yaml @@ -57,6 +57,17 @@ definitions: username: type: string type: object + model.AccountDTO: + properties: + config: + $ref: '#/definitions/model.UserConfig' + id: + type: integer + owner: + type: boolean + username: + type: string + type: object model.BookmarkDTO: properties: author: @@ -127,6 +138,46 @@ definitions: info: contact: {} paths: + /api/v1/accounts: + get: + description: List accounts + produces: + - application/json + responses: + "200": + description: OK + schema: + items: + $ref: '#/definitions/model.AccountDTO' + type: array + "500": + description: Internal Server Error + schema: + type: string + summary: List accounts + tags: + - accounts + post: + produces: + - application/json + responses: + "201": + description: Created + schema: + items: + $ref: '#/definitions/model.AccountDTO' + type: array + "400": + description: Bad Request + schema: + type: string + "500": + description: Internal Server Error + schema: + type: string + summary: Create an account + tags: + - accounts /api/v1/auth/account: patch: parameters: diff --git a/internal/cmd/root.go b/internal/cmd/root.go index 720cd913b..f06368eef 100644 --- a/internal/cmd/root.go +++ b/internal/cmd/root.go @@ -100,7 +100,8 @@ func initShiori(ctx context.Context, cmd *cobra.Command) (*config.Config, *depen } dependencies := dependencies.NewDependencies(logger, db, cfg) - dependencies.Domains.Auth = domains.NewAccountsDomain(dependencies) + dependencies.Domains.Auth = domains.NewAuthDomain(dependencies) + dependencies.Domains.Accounts = domains.NewAccountsDomain(dependencies) dependencies.Domains.Archiver = domains.NewArchiverDomain(dependencies) dependencies.Domains.Bookmarks = domains.NewBookmarksDomain(dependencies) dependencies.Domains.Storage = domains.NewStorageDomain(dependencies, afero.NewBasePathFs(afero.NewOsFs(), cfg.Storage.DataDir)) @@ -121,7 +122,7 @@ func initShiori(ctx context.Context, cmd *cobra.Command) (*config.Config, *depen Owner: true, } - if err := db.SaveAccount(cmd.Context(), account); err != nil { + if _, err := db.SaveAccount(cmd.Context(), account); err != nil { logger.WithError(err).Fatal("error ensuring owner account") } } diff --git a/internal/database/database.go b/internal/database/database.go index d79c56ca0..5b0c1c9ab 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -87,7 +87,7 @@ type DB interface { GetBookmark(ctx context.Context, id int, url string) (model.BookmarkDTO, bool, error) // SaveAccount saves new account in database - SaveAccount(ctx context.Context, a model.Account) error + SaveAccount(ctx context.Context, a model.Account) (*model.Account, error) // SaveAccountSettings saves settings for specific user in database SaveAccountSettings(ctx context.Context, a model.Account) error diff --git a/internal/database/database_test.go b/internal/database/database_test.go index 01f8a9d91..9c83fd544 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -30,6 +30,8 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { // Tags "testCreateTag": testCreateTag, "testCreateTags": testCreateTags, + // Accoubnts + "testCreateAccount": testCreateAccount, } for testName, testCase := range tests { @@ -311,6 +313,8 @@ func testGetBookmarksCount(t *testing.T, db DB) { assert.Equal(t, count, expectedCount, "count should be %d", expectedCount) } +// ----------------- TAGS ----------------- + func testCreateTag(t *testing.T, db DB) { ctx := context.TODO() tag := model.Tag{Name: "shiori"} @@ -323,3 +327,19 @@ func testCreateTags(t *testing.T, db DB) { err := db.CreateTags(ctx, model.Tag{Name: "shiori"}, model.Tag{Name: "shiori2"}) assert.NoError(t, err, "Save tag must not fail") } + +// ----------------- ACCOUNTS ----------------- +func testCreateAccount(t *testing.T, db DB) { + ctx := context.TODO() + acc := model.Account{ + Username: "testuser", + Password: "testpass", + Owner: true, + } + insertedAccount, err := db.SaveAccount(ctx, acc) + assert.NoError(t, err, "Save account must not fail") + assert.Equal(t, acc.Username, insertedAccount.Username, "Saved account must have an username set") + assert.Equal(t, acc.Password, insertedAccount.Password, "Saved account must have a password set") + assert.Equal(t, acc.Owner, insertedAccount.Owner, "Saved account must have an owner set") + assert.NotEmpty(t, insertedAccount.ID, "Saved account must have an ID set") +} diff --git a/internal/database/mysql.go b/internal/database/mysql.go index ad561e43b..148499944 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -523,22 +523,33 @@ func (db *MySQLDatabase) GetBookmark(ctx context.Context, id int, url string) (m } // SaveAccount saves new account to database. Returns error if any happened. -func (db *MySQLDatabase) SaveAccount(ctx context.Context, account model.Account) (err error) { +func (db *MySQLDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { // Hash password with bcrypt hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) if err != nil { - return errors.WithStack(err) + return nil, errors.WithStack(err) } // Insert account to database - _, err = db.ExecContext(ctx, `INSERT INTO account + result, insertErr := db.ExecContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES (?, ?, ?, ?) ON DUPLICATE KEY UPDATE password = VALUES(password), owner = VALUES(owner)`, account.Username, hashedPassword, account.Owner, account.Config) + if insertErr != nil { + return nil, errors.WithStack(insertErr) + } - return errors.WithStack(err) + var accountID int64 + accountID, err = result.LastInsertId() + if err != nil { + return nil, errors.WithStack(err) + } + + account.ID = int(accountID) + + return &account, nil } // SaveAccountSettings update settings for specific account in database. Returns error if any happened diff --git a/internal/database/mysql_test.go b/internal/database/mysql_test.go index e591464c0..c690d2fc1 100644 --- a/internal/database/mysql_test.go +++ b/internal/database/mysql_test.go @@ -107,8 +107,12 @@ func TestGetAccountsMySql(t *testing.T) { {Username: "foo_bar", Password: "foobar", Owner: true}, } for _, acc := range testAccounts { - err := db.SaveAccount(ctx, acc) + account, err := db.SaveAccount(ctx, acc) assert.Nil(t, err) + assert.Equal(t, acc.Username, account.Username) + assert.Equal(t, acc.Password, account.Password) + assert.Equal(t, acc.Owner, account.Owner) + assert.NotEmpty(t, account.ID) } // Successful case @@ -160,7 +164,7 @@ func TestGetAccountMySql(t *testing.T) { {Username: "foo_bar", Password: "foobar", Owner: true}, } for _, acc := range testAccounts { - err := db.SaveAccount(ctx, acc) + _, err := db.SaveAccount(ctx, acc) assert.Nil(t, err) // Successful case diff --git a/internal/database/pg.go b/internal/database/pg.go index 0a36929bf..37fc3fe77 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -532,22 +532,39 @@ func (db *PGDatabase) GetBookmark(ctx context.Context, id int, url string) (mode } // SaveAccount saves new account to database. Returns error if any happened. -func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (err error) { - // Hash password with bcrypt - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) - if err != nil { - return err +func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { + var accountID int64 + if err := db.withTx(ctx, func(tx *sqlx.Tx) error { + // Hash password with bcrypt + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) + if err != nil { + return err + } + + query, err := tx.PrepareContext(ctx, `INSERT INTO account + (username, password, owner, config) VALUES ($1, $2, $3, $4) + ON CONFLICT(username) DO UPDATE SET + password = $2, + owner = $3 + RETURNING id`) + if err != nil { + return errors.WithStack(err) + } + + err = query.QueryRowContext(ctx, + account.Username, hashedPassword, account.Owner, account.Config).Scan(&accountID) + if err != nil { + return errors.WithStack(err) + } + + return nil + }); err != nil { + return nil, errors.WithStack(err) } - // Insert account to database - _, err = db.ExecContext(ctx, `INSERT INTO account - (username, password, owner, config) VALUES ($1, $2, $3, $4) - ON CONFLICT(username) DO UPDATE SET - password = $2, - owner = $3`, - account.Username, hashedPassword, account.Owner, account.Config) + account.ID = int(accountID) - return errors.WithStack(err) + return &account, nil } // SaveAccountSettings update settings for specific account in database. Returns error if any happened diff --git a/internal/database/pg_test.go b/internal/database/pg_test.go index cabfe89b6..b7b38ce36 100644 --- a/internal/database/pg_test.go +++ b/internal/database/pg_test.go @@ -86,7 +86,7 @@ func TestGetAccountsPg(t *testing.T) { {Username: "foo_bar", Password: "foobar", Owner: true}, } for _, acc := range testAccounts { - err := db.SaveAccount(ctx, acc) + _, err := db.SaveAccount(ctx, acc) assert.Nil(t, err) } @@ -139,7 +139,7 @@ func TestGetAccountPg(t *testing.T) { {Username: "foo_bar", Password: "foobar", Owner: true}, } for _, acc := range testAccounts { - err := db.SaveAccount(ctx, acc) + _, err := db.SaveAccount(ctx, acc) assert.Nil(t, err) // Successful case diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index 01e649bf6..d4031d437 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -645,7 +645,8 @@ func (db *SQLiteDatabase) GetBookmark(ctx context.Context, id int, url string) ( } // SaveAccount saves new account to database. Returns error if any happened. -func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account) error { +func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { + var accountID int64 if err := db.withTx(ctx, func(tx *sqlx.Tx) error { // Hash password with bcrypt hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) @@ -653,19 +654,30 @@ func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account return err } - // Insert account to database - _, err = tx.Exec(`INSERT INTO account - (username, password, owner, config) VALUES (?, ?, ?, ?) - ON CONFLICT(username) DO UPDATE SET - password = ?, owner = ?`, + query, err := tx.PrepareContext(ctx, `INSERT INTO account + (username, password, owner, config) VALUES (?, ?, ?, ?) + ON CONFLICT(username) DO UPDATE SET + password = ?, owner = ? + RETURNING id`) + if err != nil { + return errors.WithStack(err) + } + + err = query.QueryRowContext(ctx, account.Username, hashedPassword, account.Owner, account.Config, - hashedPassword, account.Owner, account.Config) - return errors.WithStack(err) + hashedPassword, account.Owner).Scan(&accountID) + if err != nil { + return errors.WithStack(err) + } + + return nil }); err != nil { - return errors.WithStack(err) + return nil, errors.WithStack(err) } - return nil + account.ID = int(accountID) + + return &account, nil } // SaveAccountSettings update settings for specific account in database. Returns error if any happened. diff --git a/internal/database/sqlite_test.go b/internal/database/sqlite_test.go index 509df0e5c..a6eeca846 100644 --- a/internal/database/sqlite_test.go +++ b/internal/database/sqlite_test.go @@ -89,7 +89,7 @@ func TestSQLiteDatabase_SaveAccount(t *testing.T) { // Test falid database acc := model.Account{} - err = db.SaveAccount(ctx, acc) + _, err = db.SaveAccount(ctx, acc) assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") } @@ -139,7 +139,7 @@ func TestGetAccounts(t *testing.T) { {Username: "foo_bar", Password: "foobar", Owner: true}, } for _, acc := range testAccounts { - err := db.SaveAccount(ctx, acc) + _, err := db.SaveAccount(ctx, acc) assert.Nil(t, err) } diff --git a/internal/dependencies/dependencies.go b/internal/dependencies/dependencies.go index 644607515..b30138574 100644 --- a/internal/dependencies/dependencies.go +++ b/internal/dependencies/dependencies.go @@ -8,8 +8,9 @@ import ( ) type Domains struct { + Accounts model.AccountsDomain Archiver model.ArchiverDomain - Auth model.AccountsDomain + Auth model.AuthDomain Bookmarks model.BookmarksDomain Storage model.StorageDomain } diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index 3607c7bd5..f04e4555c 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -3,81 +3,47 @@ package domains import ( "context" "fmt" - "time" + "github.com/go-shiori/shiori/internal/database" "github.com/go-shiori/shiori/internal/dependencies" "github.com/go-shiori/shiori/internal/model" - "github.com/golang-jwt/jwt/v5" - "github.com/pkg/errors" - "golang.org/x/crypto/bcrypt" ) type AccountsDomain struct { deps *dependencies.Dependencies } -type JWTClaim struct { - jwt.RegisteredClaims - - Account *model.Account -} - -func (d *AccountsDomain) CheckToken(ctx context.Context, userJWT string) (*model.Account, error) { - token, err := jwt.ParseWithClaims(userJWT, &JWTClaim{}, func(token *jwt.Token) (interface{}, error) { - // Validate algorithm - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - - return d.deps.Config.Http.SecretKey, nil - }) +func (d *AccountsDomain) ListAccounts(ctx context.Context) ([]model.AccountDTO, error) { + accounts, err := d.deps.Database.GetAccounts(ctx, database.GetAccountsOptions{}) if err != nil { - return nil, errors.Wrap(err, "error parsing token") + return nil, fmt.Errorf("error getting accounts: %v", err) } - if claims, ok := token.Claims.(*JWTClaim); ok && token.Valid { - if claims.Account.ID > 0 { - return claims.Account, nil - } - if err != nil { - return nil, err - } - - return claims.Account, nil + accountDTOs := []model.AccountDTO{} + for _, account := range accounts { + accountDTOs = append(accountDTOs, account.ToDTO()) } - return nil, fmt.Errorf("error obtaining user from JWT claims") -} -func (d *AccountsDomain) GetAccountFromCredentials(ctx context.Context, username, password string) (*model.Account, error) { - account, _, err := d.deps.Database.GetAccount(ctx, username) - if err != nil { - return nil, fmt.Errorf("username and password do not match") - } - - if err := bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(password)); err != nil { - return nil, fmt.Errorf("username and password do not match") - } - - return &account, nil + return accountDTOs, nil } -func (d *AccountsDomain) CreateTokenForAccount(account *model.Account, expiration time.Time) (string, error) { - claims := jwt.MapClaims{ - "account": account.ToDTO(), - "exp": expiration.UTC().Unix(), - } - - token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) - - t, err := token.SignedString(d.deps.Config.Http.SecretKey) +func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Account) (*model.AccountDTO, error) { + storedAccount, err := d.deps.Database.SaveAccount(ctx, model.Account{ + Username: account.Username, + Password: account.Password, + Owner: account.Owner, + }) if err != nil { - d.deps.Log.WithError(err).Error("error signing token") + return nil, fmt.Errorf("error creating account: %v", err) } - return t, err + // FIXME + result := storedAccount.ToDTO() + + return &result, nil } -func NewAccountsDomain(deps *dependencies.Dependencies) *AccountsDomain { +func NewAccountsDomain(deps *dependencies.Dependencies) model.AccountsDomain { return &AccountsDomain{ deps: deps, } diff --git a/internal/domains/auth.go b/internal/domains/auth.go new file mode 100644 index 000000000..33ac665f0 --- /dev/null +++ b/internal/domains/auth.go @@ -0,0 +1,84 @@ +package domains + +import ( + "context" + "fmt" + "time" + + "github.com/go-shiori/shiori/internal/dependencies" + "github.com/go-shiori/shiori/internal/model" + "github.com/golang-jwt/jwt/v5" + "github.com/pkg/errors" + "golang.org/x/crypto/bcrypt" +) + +type AuthDomain struct { + deps *dependencies.Dependencies +} + +type JWTClaim struct { + jwt.RegisteredClaims + + Account *model.Account +} + +func (d *AuthDomain) CheckToken(ctx context.Context, userJWT string) (*model.Account, error) { + token, err := jwt.ParseWithClaims(userJWT, &JWTClaim{}, func(token *jwt.Token) (interface{}, error) { + // Validate algorithm + if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { + return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) + } + + return d.deps.Config.Http.SecretKey, nil + }) + if err != nil { + return nil, errors.Wrap(err, "error parsing token") + } + + if claims, ok := token.Claims.(*JWTClaim); ok && token.Valid { + if claims.Account.ID > 0 { + return claims.Account, nil + } + if err != nil { + return nil, err + } + + return claims.Account, nil + } + return nil, fmt.Errorf("error obtaining user from JWT claims") +} + +func (d *AuthDomain) GetAccountFromCredentials(ctx context.Context, username, password string) (*model.Account, error) { + account, _, err := d.deps.Database.GetAccount(ctx, username) + if err != nil { + return nil, fmt.Errorf("username and password do not match") + } + + if err := bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(password)); err != nil { + return nil, fmt.Errorf("username and password do not match") + } + + return &account, nil +} + +func (d *AuthDomain) CreateTokenForAccount(account *model.Account, expiration time.Time) (string, error) { + claims := jwt.MapClaims{ + "account": account.ToDTO(), + "exp": expiration.UTC().Unix(), + } + + token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) + + t, err := token.SignedString(d.deps.Config.Http.SecretKey) + if err != nil { + d.deps.Log.WithError(err).Error("error signing token") + } + + return t, err +} + +func NewAuthDomain(deps *dependencies.Dependencies) *AuthDomain { + return &AuthDomain{ + deps: deps, + } +} diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go new file mode 100644 index 000000000..7b157c8d0 --- /dev/null +++ b/internal/http/routes/api/v1/accounts.go @@ -0,0 +1,142 @@ +package api_v1 + +import ( + "fmt" + "net/http" + + "github.com/gin-gonic/gin" + "github.com/go-shiori/shiori/internal/dependencies" + "github.com/go-shiori/shiori/internal/http/response" + "github.com/go-shiori/shiori/internal/model" + "github.com/sirupsen/logrus" +) + +type AccountsAPIRoutes struct { + logger *logrus.Logger + deps *dependencies.Dependencies +} + +func (r *AccountsAPIRoutes) Setup(g *gin.RouterGroup) model.Routes { + g.GET("/", r.listHandler) + g.POST("/", r.createHandler) + // g.DELETE("/:id", r.deleteHandler) + // g.PUT("/:id", r.updateHandler) + + return r +} + +func NewAccountsAPIRoutes(logger *logrus.Logger, deps *dependencies.Dependencies) *AccountsAPIRoutes { + return &AccountsAPIRoutes{ + logger: logger, + deps: deps, + } +} + +// listHandler godoc +// +// @Summary List accounts +// @Description List accounts +// @Tags accounts +// @Produce json +// @Success 200 {array} model.AccountDTO +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts [get] +func (r *AccountsAPIRoutes) listHandler(c *gin.Context) { + accounts, err := r.deps.Domains.Accounts.ListAccounts(c.Request.Context()) + if err != nil { + r.logger.WithError(err).Error("error getting accounts") + c.AbortWithStatus(http.StatusInternalServerError) + return + } + + response.Send(c, http.StatusOK, accounts) +} + +type createAccountPayload struct { + Username string `json:"username" validate:"required"` + Password string `json:"password" validate:"required"` + IsVisitor bool `json:"is_visitor"` +} + +func (p *createAccountPayload) IsValid() error { + if p.Username == "" { + return fmt.Errorf("username should not be empty") + } + if p.Password == "" { + return fmt.Errorf("password should not be empty") + } + return nil +} + +func (p *createAccountPayload) ToDatabase() model.Account { + return model.Account{ + Username: p.Username, + Password: p.Password, + Owner: !p.IsVisitor, + } +} + +// createHandler godoc +// +// @Summary Create an account +// @Tags accounts +// @Produce json +// @Success 201 {array} model.AccountDTO +// @Failure 400 {string} string "Bad Request" +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts [post] +func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { + var payload createAccountPayload + if err := c.ShouldBindJSON(&payload); err != nil { + r.logger.WithError(err).Error("error binding json") + c.AbortWithStatus(http.StatusBadRequest) + return + } + + if err := payload.IsValid(); err != nil { + r.logger.WithError(err).Error("error validating payload") + response.SendError(c, http.StatusBadRequest, err.Error()) + return + } + + account, err := r.deps.Domains.Accounts.CreateAccount(c.Request.Context(), payload.ToDatabase()) + if err != nil { + r.logger.WithError(err).Error("error creating account") + c.AbortWithStatus(http.StatusInternalServerError) + return + } + + response.Send(c, http.StatusCreated, account) +} + +// func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { +// id := c.Param("id") + +// if err := r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id); err != nil { +// r.logger.WithError(err).Error("error deleting account") +// c.AbortWithStatus(http.StatusInternalServerError) +// return +// } + +// response.Send(c, http.StatusOK, nil) +// } + +// func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { +// id := c.Param("id") + +// var payload model.AccountDTO +// if err := c.ShouldBindJSON(&payload); err != nil { +// r.logger.WithError(err).Error("error binding json") +// c.AbortWithStatus(http.StatusBadRequest) +// return +// } + +// account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), id, payload) +// if err != nil { +// r.logger.WithError(err).Error("error updating account") +// c.AbortWithStatus(http.StatusInternalServerError) +// return +// } + +// response.Send(c, http.StatusOK, account) +// } diff --git a/internal/http/routes/api/v1/accounts_test.go b/internal/http/routes/api/v1/accounts_test.go new file mode 100644 index 000000000..af2adc81a --- /dev/null +++ b/internal/http/routes/api/v1/accounts_test.go @@ -0,0 +1,116 @@ +package api_v1 + +import ( + "context" + "net/http" + "testing" + + "github.com/gin-gonic/gin" + "github.com/go-shiori/shiori/internal/model" + "github.com/go-shiori/shiori/internal/testutil" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/require" +) + +func TestAccountList(t *testing.T) { + logger := logrus.New() + ctx := context.TODO() + + t.Run("empty account list", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "GET", "/") + require.Equal(t, http.StatusOK, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertMessageIsEmptyList(t) + }) + + t.Run("return account", func(t *testing.T) { + ctx := context.TODO() + + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + + _, err := deps.Domains.Accounts.CreateAccount(ctx, model.Account{ + Username: "gopher", + Password: "shiori", + }) + require.NoError(t, err) + + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "GET", "/") + require.Equal(t, http.StatusOK, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertOk(t) + require.Len(t, response.Response.Message, 1) + }) +} + +func TestAccountCreate(t *testing.T) { + logger := logrus.New() + ctx := context.TODO() + + t.Run("create account ok", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`{ + "username": "gopher", + "password": "shiori" + }`)) + require.Equal(t, http.StatusCreated, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertOk(t) + + }) + + t.Run("empty username", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`{ + "username": "", + "password": "shiori" + }`)) + require.Equal(t, http.StatusBadRequest, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertNotOk(t) + }) + + t.Run("empty password", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`{ + "username": "gopher", + "password": "" + }`)) + require.Equal(t, http.StatusBadRequest, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertNotOk(t) + }) +} diff --git a/internal/http/routes/api/v1/api.go b/internal/http/routes/api/v1/api.go index dbbea86aa..94b1e2ffd 100644 --- a/internal/http/routes/api/v1/api.go +++ b/internal/http/routes/api/v1/api.go @@ -22,6 +22,7 @@ func (r *APIRoutes) Setup(g *gin.RouterGroup) model.Routes { g.Use(middleware.AuthenticationRequired()) r.handle(g, "/bookmarks", NewBookmarksPIRoutes(r.logger, r.deps)) r.handle(g, "/tags", NewTagsPIRoutes(r.logger, r.deps)) + r.handle(g, "/accounts", NewAccountsAPIRoutes(r.logger, r.deps)) return r } diff --git a/internal/http/routes/api/v1/auth_test.go b/internal/http/routes/api/v1/auth_test.go index ec918bb6b..de9a4fa52 100644 --- a/internal/http/routes/api/v1/auth_test.go +++ b/internal/http/routes/api/v1/auth_test.go @@ -62,7 +62,9 @@ func TestAccountsRoute(t *testing.T) { Password: "gopher", Owner: true, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + + _, accountInsertErr := deps.Database.SaveAccount(ctx, account) + require.NoError(t, accountInsertErr) w := httptest.NewRecorder() body := []byte(`{"username": "shiori", "password": "gopher"}`) @@ -87,7 +89,8 @@ func TestAccountsRoute(t *testing.T) { Password: "gopher", Owner: true, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + _, accountInsertErr := deps.Database.SaveAccount(ctx, account) + require.NoError(t, accountInsertErr) token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) require.NoError(t, err) @@ -257,7 +260,8 @@ func TestSettingsHandler(t *testing.T) { MakePublic: true, }, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + _, accountInsertErr := deps.Database.SaveAccount(ctx, account) + require.NoError(t, accountInsertErr) // Get current user config user, _, err := deps.Database.GetAccount(ctx, "shiori") @@ -279,7 +283,7 @@ func TestSettingsHandler(t *testing.T) { "UseArchive": false, "CreateEbook": false, "MakePublic": false - } + } }`) w := httptest.NewRecorder() diff --git a/internal/http/routes/api/v1/bookmarks.go b/internal/http/routes/api/v1/bookmarks.go index ccea76ff1..11c9145ec 100644 --- a/internal/http/routes/api/v1/bookmarks.go +++ b/internal/http/routes/api/v1/bookmarks.go @@ -2,7 +2,6 @@ package api_v1 import ( "fmt" - "log" "net/http" "os" fp "path/filepath" @@ -90,8 +89,6 @@ func (payload *apiCreateBookmarkPayload) ToBookmark() (*model.BookmarkDTO, error CreateArchive: payload.CreateArchive, } - log.Println(bookmark.URL) - var err error bookmark.URL, err = core.RemoveUTMParams(bookmark.URL) if err != nil { diff --git a/internal/http/routes/legacy.go b/internal/http/routes/legacy.go index 899feaeaf..8b975c207 100644 --- a/internal/http/routes/legacy.go +++ b/internal/http/routes/legacy.go @@ -112,7 +112,7 @@ func (r *LegacyAPIRoutes) Setup(g *gin.Engine) { // router.PUT(jp("/api/accounts"), withLogging(hdl.apiUpdateAccount)) legacyGroup.PUT("/api/accounts", r.handle(r.legacyHandler.ApiUpdateAccount)) // router.POST(jp("/api/accounts"), withLogging(hdl.apiInsertAccount)) - legacyGroup.POST("/api/accounts", r.handle(r.legacyHandler.ApiInsertAccount)) + // legacyGroup.POST("/api/accounts", r.handle(r.legacyHandler.ApiInsertAccount)) // router.DELETE(jp("/api/accounts"), withLogging(hdl.apiDeleteAccount)) legacyGroup.DELETE("/api/accounts", r.handle(r.legacyHandler.ApiDeleteAccount)) } diff --git a/internal/model/account.go b/internal/model/account.go index 3128041f1..c04630a1e 100644 --- a/internal/model/account.go +++ b/internal/model/account.go @@ -6,7 +6,7 @@ import ( "fmt" ) -// Account is the database model for account. +// Account is the database representation for account. type Account struct { ID int `db:"id" json:"id"` Username string `db:"username" json:"username"` diff --git a/internal/model/domains.go b/internal/model/domains.go index ce4e0532b..a0bf64c4b 100644 --- a/internal/model/domains.go +++ b/internal/model/domains.go @@ -17,12 +17,19 @@ type BookmarksDomain interface { GetBookmark(ctx context.Context, id DBID) (*BookmarkDTO, error) } -type AccountsDomain interface { +type AuthDomain interface { CheckToken(ctx context.Context, userJWT string) (*Account, error) GetAccountFromCredentials(ctx context.Context, username, password string) (*Account, error) CreateTokenForAccount(account *Account, expiration time.Time) (string, error) } +type AccountsDomain interface { + ListAccounts(ctx context.Context) ([]AccountDTO, error) + CreateAccount(ctx context.Context, account Account) (*AccountDTO, error) + // UpdateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) + // DeleteAccount(ctx context.Context, account AccountDTO) error +} + type ArchiverDomain interface { DownloadBookmarkArchive(book BookmarkDTO) (*BookmarkDTO, error) GetBookmarkArchive(book *BookmarkDTO) (*warc.Archive, error) diff --git a/internal/testutil/shiori.go b/internal/testutil/shiori.go index 86120658f..aa88e03b7 100644 --- a/internal/testutil/shiori.go +++ b/internal/testutil/shiori.go @@ -36,8 +36,9 @@ func GetTestConfigurationAndDependencies(t *testing.T, ctx context.Context, logg deps := dependencies.NewDependencies(logger, db, cfg) deps.Database = db - deps.Domains.Auth = domains.NewAccountsDomain(deps) + deps.Domains.Accounts = domains.NewAccountsDomain(deps) deps.Domains.Archiver = domains.NewArchiverDomain(deps) + deps.Domains.Auth = domains.NewAuthDomain(deps) deps.Domains.Bookmarks = domains.NewBookmarksDomain(deps) deps.Domains.Storage = domains.NewStorageDomain(deps, afero.NewBasePathFs(afero.NewOsFs(), cfg.Storage.DataDir)) diff --git a/internal/webserver/handler-api.go b/internal/webserver/handler-api.go index 3772459bd..1ff1e77bc 100644 --- a/internal/webserver/handler-api.go +++ b/internal/webserver/handler-api.go @@ -464,26 +464,6 @@ func (h *Handler) ApiGetAccounts(w http.ResponseWriter, r *http.Request, ps http checkError(err) } -// ApiInsertAccount is handler for POST /api/accounts -func (h *Handler) ApiInsertAccount(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - ctx := r.Context() - - // Make sure session still valid - err := h.validateSession(r) - checkError(err) - - // Decode request - var account model.Account - err = json.NewDecoder(r.Body).Decode(&account) - checkError(err) - - // Save account to database - err = h.DB.SaveAccount(ctx, account) - checkError(err) - - fmt.Fprint(w, 1) -} - // ApiUpdateAccount is handler for PUT /api/accounts func (h *Handler) ApiUpdateAccount(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { ctx := r.Context() @@ -520,7 +500,7 @@ func (h *Handler) ApiUpdateAccount(w http.ResponseWriter, r *http.Request, ps ht // Save new password to database account.Password = request.NewPassword account.Owner = request.Owner - err = h.DB.SaveAccount(ctx, account) + _, err = h.DB.SaveAccount(ctx, account) checkError(err) // Delete user's sessions From 795b39c9863ddb38cdbc45df0272faae0da48db1 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sun, 4 Feb 2024 12:45:46 +0100 Subject: [PATCH 002/103] deleteaccount (wip) --- internal/database/database.go | 6 + internal/database/database_test.go | 109 +++++++++++++++---- internal/database/mysql.go | 26 +++++ internal/database/pg.go | 25 +++++ internal/database/sqlite.go | 26 +++++ internal/domains/accounts.go | 10 ++ internal/http/routes/api/v1/accounts.go | 28 +++-- internal/http/routes/api/v1/accounts_test.go | 31 ++++++ internal/model/domains.go | 2 +- 9 files changed, 230 insertions(+), 33 deletions(-) diff --git a/internal/database/database.go b/internal/database/database.go index 5b0c1c9ab..641068d2d 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -16,6 +16,9 @@ import ( //go:embed migrations/* var migrations embed.FS +// ErrNotFound is error returned when record is not found in database. +var ErrNotFound = errors.New("not found") + // OrderMethod is the order method for getting bookmarks type OrderMethod int @@ -101,6 +104,9 @@ type DB interface { // DeleteAccounts removes all record with matching usernames DeleteAccounts(ctx context.Context, usernames ...string) error + // DeleteAccount removes account with matching username. + DeleteAccount(ctx context.Context, username string) error + // CreateTags creates new tags in database. CreateTags(ctx context.Context, tags ...model.Tag) error diff --git a/internal/database/database_test.go b/internal/database/database_test.go index 9c83fd544..ca0cfab69 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -6,9 +6,10 @@ import ( "github.com/go-shiori/shiori/internal/model" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) -type databaseTestCase func(t *testing.T, db DB) +type databaseTestCase func(t *testing.T, dbFactory testDatabaseFactory) type testDatabaseFactory func(ctx context.Context) (DB, error) func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { @@ -32,20 +33,20 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { "testCreateTags": testCreateTags, // Accoubnts "testCreateAccount": testCreateAccount, + "testDeleteAccount": testDeleteAccount, } for testName, testCase := range tests { t.Run(testName, func(tInner *testing.T) { - ctx := context.TODO() - db, err := dbFactory(ctx) - assert.NoError(tInner, err, "Error recreating database") - testCase(tInner, db) + testCase(tInner, dbFactory) }) } } -func testBookmarkAutoIncrement(t *testing.T, db DB) { +func testBookmarkAutoIncrement(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", @@ -66,8 +67,10 @@ func testBookmarkAutoIncrement(t *testing.T, db DB) { assert.Equal(t, 2, result[0].ID, "Saved bookmark must have ID %d", 2) } -func testCreateBookmark(t *testing.T, db DB) { +func testCreateBookmark(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/obelisk", @@ -80,8 +83,10 @@ func testCreateBookmark(t *testing.T, db DB) { assert.Equal(t, 1, result[0].ID, "Saved bookmark must have an ID set") } -func testCreateBookmarkWithContent(t *testing.T, db DB) { +func testCreateBookmarkWithContent(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/obelisk", @@ -105,8 +110,10 @@ func testCreateBookmarkWithContent(t *testing.T, db DB) { assert.Equal(t, book.HTML, books[0].HTML, "Saved bookmark must have HTML") } -func testCreateBookmarkWithTag(t *testing.T, db DB) { +func testCreateBookmarkWithTag(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/obelisk", @@ -125,8 +132,10 @@ func testCreateBookmarkWithTag(t *testing.T, db DB) { assert.Equal(t, book.Tags[0].Name, result[0].Tags[0].Name) } -func testCreateBookmarkTwice(t *testing.T, db DB) { +func testCreateBookmarkTwice(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", @@ -143,8 +152,10 @@ func testCreateBookmarkTwice(t *testing.T, db DB) { assert.Error(t, err, "Save bookmarks must fail") } -func testCreateTwoDifferentBookmarks(t *testing.T, db DB) { +func testCreateTwoDifferentBookmarks(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", @@ -162,8 +173,10 @@ func testCreateTwoDifferentBookmarks(t *testing.T, db DB) { assert.NoError(t, err, "Save second bookmark must not fail") } -func testUpdateBookmark(t *testing.T, db DB) { +func testUpdateBookmark(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", @@ -183,8 +196,10 @@ func testUpdateBookmark(t *testing.T, db DB) { assert.Equal(t, savedBookmark.ID, result[0].ID) } -func testUpdateBookmarkWithContent(t *testing.T, db DB) { +func testUpdateBookmarkWithContent(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/obelisk", @@ -215,8 +230,10 @@ func testUpdateBookmarkWithContent(t *testing.T, db DB) { assert.Equal(t, updatedBook.HTML, books[0].HTML, "Saved bookmark must have updated HTML") } -func testGetBookmark(t *testing.T, db DB) { +func testGetBookmark(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", @@ -233,8 +250,10 @@ func testGetBookmark(t *testing.T, db DB) { assert.Equal(t, book.URL, savedBookmark.URL, "Retrieved bookmark should be the same") } -func testGetBookmarkNotExistent(t *testing.T, db DB) { +func testGetBookmarkNotExistent(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) savedBookmark, exists, err := db.GetBookmark(ctx, 1, "") assert.NoError(t, err, "Get bookmark should not fail") @@ -242,8 +261,10 @@ func testGetBookmarkNotExistent(t *testing.T, db DB) { assert.Equal(t, model.BookmarkDTO{}, savedBookmark) } -func testGetBookmarks(t *testing.T, db DB) { +func testGetBookmarks(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", @@ -264,10 +285,11 @@ func testGetBookmarks(t *testing.T, db DB) { assert.Equal(t, savedBookmark.ID, results[0].ID, "bookmark should be the one saved") } -func testGetBookmarksWithSQLCharacters(t *testing.T, db DB) { +func testGetBookmarksWithSQLCharacters(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) - // _ := 0 book := model.BookmarkDTO{ URL: "https://github.com/go-shiori/shiori", Title: "shiori", @@ -294,8 +316,10 @@ func testGetBookmarksWithSQLCharacters(t *testing.T, db DB) { } } -func testGetBookmarksCount(t *testing.T, db DB) { +func testGetBookmarksCount(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) expectedCount := 1 book := model.BookmarkDTO{ @@ -315,22 +339,31 @@ func testGetBookmarksCount(t *testing.T, db DB) { // ----------------- TAGS ----------------- -func testCreateTag(t *testing.T, db DB) { +func testCreateTag(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) + tag := model.Tag{Name: "shiori"} err := db.CreateTags(ctx, tag) assert.NoError(t, err, "Save tag must not fail") } -func testCreateTags(t *testing.T, db DB) { +func testCreateTags(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) + err := db.CreateTags(ctx, model.Tag{Name: "shiori"}, model.Tag{Name: "shiori2"}) assert.NoError(t, err, "Save tag must not fail") } // ----------------- ACCOUNTS ----------------- -func testCreateAccount(t *testing.T, db DB) { +func testCreateAccount(t *testing.T, dbFactory testDatabaseFactory) { ctx := context.TODO() + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) + acc := model.Account{ Username: "testuser", Password: "testpass", @@ -343,3 +376,35 @@ func testCreateAccount(t *testing.T, db DB) { assert.Equal(t, acc.Owner, insertedAccount.Owner, "Saved account must have an owner set") assert.NotEmpty(t, insertedAccount.ID, "Saved account must have an ID set") } + +func testDeleteAccount(t *testing.T, dbFactory testDatabaseFactory) { + ctx := context.TODO() + + t.Run("success", func(t *testing.T) { + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) + + acc := model.Account{ + Username: "testuser", + Password: "testpass", + Owner: true, + } + storedAccount, err := db.SaveAccount(ctx, acc) + assert.NoError(t, err, "Save account must not fail") + + err = db.DeleteAccount(ctx, storedAccount.Username) + assert.NoError(t, err, "Delete account must not fail") + + _, exists, err := db.GetAccount(ctx, storedAccount.Username) + assert.NoError(t, err, "Get account must not fail") + assert.False(t, exists, "Account must not exist") + }) + + t.Run("not existent", func(t *testing.T) { + db, errDB := dbFactory(ctx) + require.NoError(t, errDB) + + err := db.DeleteAccount(ctx, "notexistent") + assert.ErrorIs(t, ErrNotFound, err, "Delete account must fail") + }) +} diff --git a/internal/database/mysql.go b/internal/database/mysql.go index 148499944..5561390ee 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -3,6 +3,7 @@ package database import ( "context" "database/sql" + "fmt" "strings" "time" @@ -624,6 +625,31 @@ func (db *MySQLDatabase) DeleteAccounts(ctx context.Context, usernames ...string return nil } +// DeleteAccount removes record with matching username. +func (db *MySQLDatabase) DeleteAccount(ctx context.Context, username string) error { + if err := db.withTx(ctx, func(tx *sqlx.Tx) error { + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE username = ?`, username) + if err != nil { + return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) + } + + rows, err := result.RowsAffected() + if err != nil { + return errors.WithStack(fmt.Errorf("error getting rows affected: %v", err)) + } + + if rows == 0 { + return ErrNotFound + } + + return nil + }); err != nil { + return errors.WithStack(err) + } + + return nil +} + // CreateTags creates new tags from submitted objects. func (db *MySQLDatabase) CreateTags(ctx context.Context, tags ...model.Tag) error { query := `INSERT INTO tag (name) VALUES ` diff --git a/internal/database/pg.go b/internal/database/pg.go index 37fc3fe77..738b7b7d2 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -639,6 +639,31 @@ func (db *PGDatabase) DeleteAccounts(ctx context.Context, usernames ...string) ( return nil } +// DeleteAccount removes record with matching username. +func (db *PGDatabase) DeleteAccount(ctx context.Context, username string) error { + if err := db.withTx(ctx, func(tx *sqlx.Tx) error { + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE username = $1`, username) + if err != nil { + return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) + } + + rows, err := result.RowsAffected() + if err != nil { + return errors.WithStack(fmt.Errorf("error getting rows affected: %v", err)) + } + + if rows == 0 { + return ErrNotFound + } + + return nil + }); err != nil { + return errors.WithStack(err) + } + + return nil +} + // CreateTags creates new tags from submitted objects. func (db *PGDatabase) CreateTags(ctx context.Context, tags ...model.Tag) error { query := `INSERT INTO tag (name) VALUES (:name)` diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index d4031d437..cc369618d 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -3,6 +3,7 @@ package database import ( "context" "database/sql" + "fmt" "log" "strings" "time" @@ -761,6 +762,31 @@ func (db *SQLiteDatabase) DeleteAccounts(ctx context.Context, usernames ...strin return nil } +// DeleteAccount removes record with matching username. +func (db *SQLiteDatabase) DeleteAccount(ctx context.Context, username string) error { + if err := db.withTx(ctx, func(tx *sqlx.Tx) error { + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE username = ?`, username) + if err != nil { + return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) + } + + rows, err := result.RowsAffected() + if err != nil { + return errors.WithStack(fmt.Errorf("error getting rows affected: %v", err)) + } + + if rows == 0 { + return ErrNotFound + } + + return nil + }); err != nil { + return errors.WithStack(err) + } + + return nil +} + // CreateTags creates new tags from submitted objects. func (db *SQLiteDatabase) CreateTags(ctx context.Context, tags ...model.Tag) error { query := `INSERT INTO tag (name) VALUES ` diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index f04e4555c..6c079c316 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -2,6 +2,7 @@ package domains import ( "context" + "errors" "fmt" "github.com/go-shiori/shiori/internal/database" @@ -43,6 +44,15 @@ func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Accoun return &result, nil } +func (d *AccountsDomain) DeleteAccount(ctx context.Context, username string) error { + err := d.deps.Database.DeleteAccounts(ctx, username) + if err != nil && !errors.Is(err, database.ErrNotFound) { + return fmt.Errorf("error deleting account: %v", err) + } + + return nil +} + func NewAccountsDomain(deps *dependencies.Dependencies) model.AccountsDomain { return &AccountsDomain{ deps: deps, diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 7b157c8d0..73a2db963 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -19,7 +19,7 @@ type AccountsAPIRoutes struct { func (r *AccountsAPIRoutes) Setup(g *gin.RouterGroup) model.Routes { g.GET("/", r.listHandler) g.POST("/", r.createHandler) - // g.DELETE("/:id", r.deleteHandler) + g.DELETE("/:id", r.deleteHandler) // g.PUT("/:id", r.updateHandler) return r @@ -109,17 +109,25 @@ func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { response.Send(c, http.StatusCreated, account) } -// func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { -// id := c.Param("id") +// deleteHandler godoc +// +// @Summary Delete an account +// @Tags accounts +// @Produce json +// @Success 204 {string} string "No content" +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts/{id} [delete] +func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { + id := c.Param("id") -// if err := r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id); err != nil { -// r.logger.WithError(err).Error("error deleting account") -// c.AbortWithStatus(http.StatusInternalServerError) -// return -// } + if err := r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id); err != nil { + r.logger.WithError(err).Error("error deleting account") + c.AbortWithStatus(http.StatusInternalServerError) + return + } -// response.Send(c, http.StatusOK, nil) -// } + response.Send(c, http.StatusNoContent, nil) +} // func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { // id := c.Param("id") diff --git a/internal/http/routes/api/v1/accounts_test.go b/internal/http/routes/api/v1/accounts_test.go index af2adc81a..0d8c888c1 100644 --- a/internal/http/routes/api/v1/accounts_test.go +++ b/internal/http/routes/api/v1/accounts_test.go @@ -3,6 +3,7 @@ package api_v1 import ( "context" "net/http" + "strconv" "testing" "github.com/gin-gonic/gin" @@ -114,3 +115,33 @@ func TestAccountCreate(t *testing.T) { response.AssertNotOk(t) }) } + +func TestAccountDelete(t *testing.T) { + logger := logrus.New() + ctx := context.TODO() + + t.Run("success", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + + account, err := deps.Domains.Accounts.CreateAccount(ctx, model.Account{ + Username: "gopher", + Password: "shiori", + }) + require.NoError(t, err) + + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "DELETE", "/"+strconv.Itoa(account.ID)) + require.Equal(t, http.StatusNoContent, w.Code) + }) + + t.Run("account not found", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "DELETE", "/99") + require.Equal(t, http.StatusNotFound, w.Code) + }) +} diff --git a/internal/model/domains.go b/internal/model/domains.go index a0bf64c4b..df71a0083 100644 --- a/internal/model/domains.go +++ b/internal/model/domains.go @@ -27,7 +27,7 @@ type AccountsDomain interface { ListAccounts(ctx context.Context) ([]AccountDTO, error) CreateAccount(ctx context.Context, account Account) (*AccountDTO, error) // UpdateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) - // DeleteAccount(ctx context.Context, account AccountDTO) error + DeleteAccount(ctx context.Context, username string) error } type ArchiverDomain interface { From da169fe80a06ac65031456d9aa05400561d874f1 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 17:54:19 +0200 Subject: [PATCH 003/103] remove old accounts code --- internal/http/routes/legacy.go | 9 --- internal/webserver/handler-api.go | 103 ------------------------------ 2 files changed, 112 deletions(-) diff --git a/internal/http/routes/legacy.go b/internal/http/routes/legacy.go index abfb55a9c..c8d243d1b 100644 --- a/internal/http/routes/legacy.go +++ b/internal/http/routes/legacy.go @@ -98,15 +98,6 @@ func (r *LegacyAPIRoutes) Setup(g *gin.Engine) { legacyGroup.POST("/api/bookmarks/ext", r.handle(r.legacyHandler.ApiInsertViaExtension)) // router.DELETE(jp("/api/bookmarks/ext"), withLogging(hdl.apiDeleteViaExtension)) legacyGroup.DELETE("/api/bookmarks/ext", r.handle(r.legacyHandler.ApiDeleteViaExtension)) - - // router.GET(jp("/api/accounts"), withLogging(hdl.apiGetAccounts)) - legacyGroup.GET("/api/accounts", r.handle(r.legacyHandler.ApiGetAccounts)) - // router.PUT(jp("/api/accounts"), withLogging(hdl.apiUpdateAccount)) - legacyGroup.PUT("/api/accounts", r.handle(r.legacyHandler.ApiUpdateAccount)) - // router.POST(jp("/api/accounts"), withLogging(hdl.apiInsertAccount)) - // legacyGroup.POST("/api/accounts", r.handle(r.legacyHandler.ApiInsertAccount)) - // router.DELETE(jp("/api/accounts"), withLogging(hdl.apiDeleteAccount)) - legacyGroup.DELETE("/api/accounts", r.handle(r.legacyHandler.ApiDeleteAccount)) } func NewLegacyAPIRoutes(logger *logrus.Logger, deps *dependencies.Dependencies, cfg *config.Config) *LegacyAPIRoutes { diff --git a/internal/webserver/handler-api.go b/internal/webserver/handler-api.go index 1ff1e77bc..260524329 100644 --- a/internal/webserver/handler-api.go +++ b/internal/webserver/handler-api.go @@ -18,7 +18,6 @@ import ( "github.com/go-shiori/shiori/internal/dependencies" "github.com/go-shiori/shiori/internal/model" "github.com/julienschmidt/httprouter" - "golang.org/x/crypto/bcrypt" ) func downloadBookmarkContent(deps *dependencies.Dependencies, book *model.BookmarkDTO, dataDir string, request *http.Request, keepTitle, keepExcerpt bool) (*model.BookmarkDTO, error) { @@ -446,105 +445,3 @@ func (h *Handler) ApiUpdateBookmarkTags(w http.ResponseWriter, r *http.Request, err = json.NewEncoder(w).Encode(&bookmarks) checkError(err) } - -// ApiGetAccounts is handler for GET /api/accounts -func (h *Handler) ApiGetAccounts(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - ctx := r.Context() - - // Make sure session still valid - err := h.validateSession(r) - checkError(err) - - // Get list of usernames from database - accounts, err := h.DB.GetAccounts(ctx, database.GetAccountsOptions{}) - checkError(err) - - w.Header().Set("Content-Type", "application/json") - err = json.NewEncoder(w).Encode(&accounts) - checkError(err) -} - -// ApiUpdateAccount is handler for PUT /api/accounts -func (h *Handler) ApiUpdateAccount(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - ctx := r.Context() - - // Make sure session still valid - err := h.validateSession(r) - checkError(err) - - // Decode request - request := struct { - Username string `json:"username"` - OldPassword string `json:"oldPassword"` - NewPassword string `json:"newPassword"` - Owner bool `json:"owner"` - }{} - - err = json.NewDecoder(r.Body).Decode(&request) - checkError(err) - - // Get existing account data from database - account, exist, err := h.DB.GetAccount(ctx, request.Username) - checkError(err) - - if !exist { - panic(fmt.Errorf("username doesn't exist")) - } - - // Compare old password with database - err = bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(request.OldPassword)) - if err != nil { - panic(fmt.Errorf("old password doesn't match")) - } - - // Save new password to database - account.Password = request.NewPassword - account.Owner = request.Owner - _, err = h.DB.SaveAccount(ctx, account) - checkError(err) - - // Delete user's sessions - if val, found := h.UserCache.Get(request.Username); found { - userSessions := val.([]string) - for _, session := range userSessions { - h.SessionCache.Delete(session) - } - - h.UserCache.Delete(request.Username) - } - - fmt.Fprint(w, 1) -} - -// ApiDeleteAccount is handler for DELETE /api/accounts -func (h *Handler) ApiDeleteAccount(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - ctx := r.Context() - - // Make sure session still valid - err := h.validateSession(r) - checkError(err) - - // Decode request - usernames := []string{} - err = json.NewDecoder(r.Body).Decode(&usernames) - checkError(err) - - // Delete accounts - err = h.DB.DeleteAccounts(ctx, usernames...) - checkError(err) - - // Delete user's sessions - var userSessions []string - for _, username := range usernames { - if val, found := h.UserCache.Get(username); found { - userSessions = val.([]string) - for _, session := range userSessions { - h.SessionCache.Delete(session) - } - - h.UserCache.Delete(username) - } - } - - fmt.Fprint(w, 1) -} From 8c02f9db8730910c4ee11986fd06269d0fd25cb0 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 17:54:43 +0200 Subject: [PATCH 004/103] fix from merge --- internal/database/database.go | 7 ---- internal/database/database_test.go | 19 +++++----- internal/database/mysql.go | 32 +++++------------ internal/database/pg.go | 31 +++++----------- internal/database/sqlite.go | 36 +++++-------------- internal/domains/accounts.go | 10 ++++-- internal/http/routes/api/v1/accounts.go | 9 ++++- internal/http/routes/api/v1/bookmarks_test.go | 6 ++-- internal/http/routes/api/v1/tags_test.go | 6 ++-- internal/model/errors.go | 1 + 10 files changed, 61 insertions(+), 96 deletions(-) diff --git a/internal/database/database.go b/internal/database/database.go index 2c6d741a6..222ef3e46 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -2,7 +2,6 @@ package database import ( "context" - "embed" "fmt" "log" "net/url" @@ -13,9 +12,6 @@ import ( "github.com/pkg/errors" ) -//go:embed migrations/* -var migrations embed.FS - // ErrNotFound is error returned when record is not found in database. var ErrNotFound = errors.New("not found") @@ -110,9 +106,6 @@ type DB interface { // GetAccount fetch account with matching username. GetAccount(ctx context.Context, username string) (model.Account, bool, error) - // DeleteAccounts removes all record with matching usernames - DeleteAccounts(ctx context.Context, usernames ...string) error - // DeleteAccount removes account with matching username. DeleteAccount(ctx context.Context, username string) error diff --git a/internal/database/database_test.go b/internal/database/database_test.go index ca6610f73..722a677d6 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -31,14 +31,14 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { // Tags "testCreateTag": testCreateTag, "testCreateTags": testCreateTags, - // Accoubnts - "testCreateAccount": testCreateAccount, - "testDeleteAccount": testDeleteAccount, // Accounts - "testSaveAccount": testSaveAccount, - "testSaveAccountSetting": testSaveAccountSettings, - "testGetAccount": testGetAccount, - "testGetAccounts": testGetAccounts, + "testCreateAccount": testCreateAccount, + "testDeleteAccount": testDeleteAccount, + "testDeleteNonExistantAccount": testDeleteNonExistantAccount, + "testSaveAccount": testSaveAccount, + "testSaveAccountSetting": testSaveAccountSettings, + "testGetAccount": testGetAccount, + "testGetAccounts": testGetAccounts, } for testName, testCase := range tests { @@ -365,14 +365,14 @@ func testDeleteAccount(t *testing.T, db DB) { assert.NoError(t, err, "Delete account must not fail") _, exists, err := db.GetAccount(ctx, storedAccount.Username) - assert.NoError(t, err, "Get account must not fail") assert.False(t, exists, "Account must not exist") + assert.ErrorIs(t, err, ErrNotFound, "Get account must return not found error") } func testDeleteNonExistantAccount(t *testing.T, db DB) { ctx := context.TODO() err := db.DeleteAccount(ctx, "notexistent") - assert.ErrorIs(t, ErrNotFound, err, "Delete account must fail") + assert.ErrorIs(t, err, ErrNotFound, "Delete account must fail") } func testSaveAccount(t *testing.T, db DB) { @@ -386,6 +386,7 @@ func testSaveAccount(t *testing.T, db DB) { account, err := db.SaveAccount(ctx, acc) require.Nil(t, err) require.NotNil(t, account) + require.NotEmpty(t, account.ID) } func testSaveAccountSettings(t *testing.T, db DB) { diff --git a/internal/database/mysql.go b/internal/database/mysql.go index fe5b056ad..d4dd9dac6 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -652,46 +652,32 @@ func (db *MySQLDatabase) GetAccounts(ctx context.Context, opts GetAccountsOption // Returns the account and boolean whether it's exist or not. func (db *MySQLDatabase) GetAccount(ctx context.Context, username string) (model.Account, bool, error) { account := model.Account{} - if err := db.GetContext(ctx, &account, `SELECT + err := db.GetContext(ctx, &account, `SELECT id, username, password, owner, config FROM account WHERE username = ?`, username, - ); err != nil { + ) + if err != nil && err != sql.ErrNoRows { return account, false, errors.WithStack(err) } - return account, account.ID != 0, nil -} - -// DeleteAccounts removes all record with matching usernames. -func (db *MySQLDatabase) DeleteAccounts(ctx context.Context, usernames ...string) error { - if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - // Delete account - stmtDelete, _ := tx.Preparex(`DELETE FROM account WHERE username = ?`) - for _, username := range usernames { - _, err := stmtDelete.ExecContext(ctx, username) - if err != nil { - return errors.WithStack(err) - } - } - - return nil - }); err != nil { - return errors.WithStack(err) + // Use custom not found error if that's the result of the query + if err == sql.ErrNoRows { + err = ErrNotFound } - return nil + return account, account.ID != 0, err } // DeleteAccount removes record with matching username. func (db *MySQLDatabase) DeleteAccount(ctx context.Context, username string) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE username = ?`, username) + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, username) if err != nil { return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) } rows, err := result.RowsAffected() - if err != nil { + if err != nil && err != sql.ErrNoRows { return errors.WithStack(fmt.Errorf("error getting rows affected: %v", err)) } diff --git a/internal/database/pg.go b/internal/database/pg.go index 5a99249b6..d9ada4f84 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -665,45 +665,32 @@ func (db *PGDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptions) // Returns the account and boolean whether it's exist or not. func (db *PGDatabase) GetAccount(ctx context.Context, username string) (model.Account, bool, error) { account := model.Account{} - if err := db.GetContext(ctx, &account, `SELECT + err := db.GetContext(ctx, &account, `SELECT id, username, password, owner, config FROM account WHERE username = $1`, username, - ); err != nil { + ) + if err != nil && err != sql.ErrNoRows { return account, false, errors.WithStack(err) } - return account, account.ID != 0, nil -} - -// DeleteAccounts removes all record with matching usernames. -func (db *PGDatabase) DeleteAccounts(ctx context.Context, usernames ...string) (err error) { - if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - // Delete account - stmtDelete, _ := tx.Preparex(`DELETE FROM account WHERE username = $1`) - for _, username := range usernames { - if _, err := stmtDelete.ExecContext(ctx, username); err != nil { - return errors.WithStack(err) - } - } - - return nil - }); err != nil { - return errors.WithStack(err) + // Use custom not found error if that's the result of the query + if err == sql.ErrNoRows { + err = ErrNotFound } - return nil + return account, account.ID != 0, err } // DeleteAccount removes record with matching username. func (db *PGDatabase) DeleteAccount(ctx context.Context, username string) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE username = $1`, username) + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = $1`, username) if err != nil { return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) } rows, err := result.RowsAffected() - if err != nil { + if err != nil && err != sql.ErrNoRows { return errors.WithStack(fmt.Errorf("error getting rows affected: %v", err)) } diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index d888f85fb..9e628d7f0 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -771,50 +771,32 @@ func (db *SQLiteDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptio // Returns the account and boolean whether it's exist or not. func (db *SQLiteDatabase) GetAccount(ctx context.Context, username string) (model.Account, bool, error) { account := model.Account{} - if err := db.GetContext(ctx, &account, `SELECT + err := db.GetContext(ctx, &account, `SELECT id, username, password, owner, config FROM account WHERE username = ?`, username, - ); err != nil { + ) + if err != nil && err != sql.ErrNoRows { return account, false, errors.WithStack(err) } - return account, account.ID != 0, nil -} - -// DeleteAccounts removes all record with matching usernames. -func (db *SQLiteDatabase) DeleteAccounts(ctx context.Context, usernames ...string) error { - if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - // Delete account - stmtDelete, err := tx.Preparex(`DELETE FROM account WHERE username = ?`) - if err != nil { - return errors.WithStack(err) - } - - for _, username := range usernames { - _, err := stmtDelete.ExecContext(ctx, username) - if err != nil { - return errors.WithStack(err) - } - } - - return nil - }); err != nil { - return errors.WithStack(err) + // Use custom not found error if that's the result of the query + if err == sql.ErrNoRows { + err = ErrNotFound } - return nil + return account, account.ID != 0, err } // DeleteAccount removes record with matching username. func (db *SQLiteDatabase) DeleteAccount(ctx context.Context, username string) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE username = ?`, username) + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, username) if err != nil { return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) } rows, err := result.RowsAffected() - if err != nil { + if err != nil && err != sql.ErrNoRows { return errors.WithStack(fmt.Errorf("error getting rows affected: %v", err)) } diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index 6c079c316..3b3d15bea 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -44,9 +44,13 @@ func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Accoun return &result, nil } -func (d *AccountsDomain) DeleteAccount(ctx context.Context, username string) error { - err := d.deps.Database.DeleteAccounts(ctx, username) - if err != nil && !errors.Is(err, database.ErrNotFound) { +func (d *AccountsDomain) DeleteAccount(ctx context.Context, id string) error { + err := d.deps.Database.DeleteAccount(ctx, id) + if errors.Is(err, database.ErrNotFound) { + return model.ErrNotFound + } + + if err != nil { return fmt.Errorf("error deleting account: %v", err) } diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 73a2db963..484521b74 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -1,6 +1,7 @@ package api_v1 import ( + "errors" "fmt" "net/http" @@ -120,7 +121,13 @@ func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { id := c.Param("id") - if err := r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id); err != nil { + err := r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id) + if errors.Is(err, model.ErrNotFound) { + response.SendError(c, http.StatusNotFound, "account not found") + return + } + + if err != nil { r.logger.WithError(err).Error("error deleting account") c.AbortWithStatus(http.StatusInternalServerError) return diff --git a/internal/http/routes/api/v1/bookmarks_test.go b/internal/http/routes/api/v1/bookmarks_test.go index 7af902565..0c013a177 100644 --- a/internal/http/routes/api/v1/bookmarks_test.go +++ b/internal/http/routes/api/v1/bookmarks_test.go @@ -31,7 +31,8 @@ func TestUpdateBookmarkCache(t *testing.T) { Password: "test", Owner: false, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + _, err := deps.Database.SaveAccount(ctx, account) + require.NoError(t, err) token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) require.NoError(t, err) @@ -63,7 +64,8 @@ func TestReadableeBookmarkContent(t *testing.T) { Password: "test", Owner: false, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + _, err := deps.Database.SaveAccount(ctx, account) + require.NoError(t, err) token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) require.NoError(t, err) diff --git a/internal/http/routes/api/v1/tags_test.go b/internal/http/routes/api/v1/tags_test.go index 54300ad42..724929ece 100644 --- a/internal/http/routes/api/v1/tags_test.go +++ b/internal/http/routes/api/v1/tags_test.go @@ -28,7 +28,8 @@ func TestTagList(t *testing.T) { Password: "test", Owner: true, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + _, err := deps.Database.SaveAccount(ctx, account) + require.NoError(t, err) token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) require.NoError(t, err) @@ -78,7 +79,8 @@ func TestTagCreate(t *testing.T) { Password: "test", Owner: true, } - require.NoError(t, deps.Database.SaveAccount(ctx, account)) + _, err := deps.Database.SaveAccount(ctx, account) + require.NoError(t, err) // token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) // require.NoError(t, err) diff --git a/internal/model/errors.go b/internal/model/errors.go index 75c4b9111..055a7b774 100644 --- a/internal/model/errors.go +++ b/internal/model/errors.go @@ -6,4 +6,5 @@ var ( ErrBookmarkNotFound = errors.New("bookmark not found") ErrBookmarkInvalidID = errors.New("invalid bookmark ID") ErrUnauthorized = errors.New("unauthorized user") + ErrNotFound = errors.New("not found") ) From e88bfe3c0b3c91b183f59a1ac897a728a8fbeb72 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 17:54:52 +0200 Subject: [PATCH 005/103] remove serve method from makefile --- Makefile | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Makefile b/Makefile index 37dcbb1ea..8f3c7eeda 100644 --- a/Makefile +++ b/Makefile @@ -57,11 +57,6 @@ help: clean: rm -rf dist -## Runs the legacy http API for local development -.PHONY: serve -serve: - SHIORI_DEVELOPMENT=$(SHIORI_DEVELOPMENT) SHIORI_DIR=$(SHIORI_DIR) go run main.go serve - ## Runs server for local development .PHONY: run-server run-server: From 21d306641d686d66d7c4740fa579b364ad99977a Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 18:57:31 +0200 Subject: [PATCH 006/103] ListAccounts, password hash on domain --- internal/cmd/root.go | 6 +- internal/database/database.go | 22 +-- internal/database/database_test.go | 135 ++++++++++--------- internal/database/mysql.go | 41 +++--- internal/database/mysql_test.go | 121 ----------------- internal/database/pg.go | 42 +++--- internal/database/pg_test.go | 117 ---------------- internal/database/sqlite.go | 41 +++--- internal/database/sqlite_test.go | 90 +------------ internal/domains/accounts.go | 38 +++++- internal/domains/auth.go | 15 ++- internal/http/routes/api/v1/accounts.go | 18 ++- internal/http/routes/api/v1/accounts_test.go | 6 +- internal/http/routes/api/v1/auth_test.go | 10 +- internal/model/account.go | 5 +- internal/model/domains.go | 4 +- internal/webserver/handler-api.go | 2 +- 17 files changed, 228 insertions(+), 485 deletions(-) diff --git a/internal/cmd/root.go b/internal/cmd/root.go index 4868eda9b..b11357459 100644 --- a/internal/cmd/root.go +++ b/internal/cmd/root.go @@ -109,20 +109,20 @@ func initShiori(ctx context.Context, cmd *cobra.Command) (*config.Config, *depen // Workaround: Get accounts to make sure at least one is present in the database. // If there's no accounts in the database, create the shiori/gopher account the legacy api // hardcoded in the login handler. - accounts, err := db.GetAccounts(cmd.Context(), database.GetAccountsOptions{}) + accounts, err := db.ListAccounts(cmd.Context(), database.ListAccountsOptions{}) if err != nil { cError.Printf("Failed to get owner account: %v\n", err) os.Exit(1) } if len(accounts) == 0 { - account := model.Account{ + account := model.AccountDTO{ Username: "shiori", Password: "gopher", Owner: true, } - if _, err := db.SaveAccount(cmd.Context(), account); err != nil { + if _, err := dependencies.Domains.Accounts.CreateAccount(cmd.Context(), account); err != nil { logger.WithError(err).Fatal("error ensuring owner account") } } diff --git a/internal/database/database.go b/internal/database/database.go index 222ef3e46..6015a9383 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -39,10 +39,16 @@ type GetBookmarksOptions struct { Offset int } -// GetAccountsOptions is options for fetching accounts from database. -type GetAccountsOptions struct { +// ListAccountsOptions is options for fetching accounts from database. +type ListAccountsOptions struct { + // Filter accounts by a keyword Keyword string - Owner bool + // Filter accounts by exact useranme + Username string + // Return owner accounts only + Owner bool + // Retrieve password content + WithPassword bool } // Connect connects to database based on submitted database URL. @@ -100,14 +106,14 @@ type DB interface { // SaveAccountSettings saves settings for specific user in database SaveAccountSettings(ctx context.Context, a model.Account) error - // GetAccounts fetch list of account (without its password) with matching keyword. - GetAccounts(ctx context.Context, opts GetAccountsOptions) ([]model.Account, error) + // ListAccounts fetch list of account (without its password) with matching keyword. + ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) // GetAccount fetch account with matching username. - GetAccount(ctx context.Context, username string) (model.Account, bool, error) + GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) - // DeleteAccount removes account with matching username. - DeleteAccount(ctx context.Context, username string) error + // DeleteAccount removes account with matching id + DeleteAccount(ctx context.Context, id model.DBID) error // CreateTags creates new tags in database. CreateTags(ctx context.Context, tags ...model.Tag) error diff --git a/internal/database/database_test.go b/internal/database/database_test.go index 722a677d6..8908ddfcc 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -38,7 +38,8 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { "testSaveAccount": testSaveAccount, "testSaveAccountSetting": testSaveAccountSettings, "testGetAccount": testGetAccount, - "testGetAccounts": testGetAccounts, + "testGetAccounts": testListAccounts, + "testListAccountsWithPassword": testListAccountsWithPassword, } for testName, testCase := range tests { @@ -361,17 +362,17 @@ func testDeleteAccount(t *testing.T, db DB) { storedAccount, err := db.SaveAccount(ctx, acc) assert.NoError(t, err, "Save account must not fail") - err = db.DeleteAccount(ctx, storedAccount.Username) + err = db.DeleteAccount(ctx, storedAccount.ID) assert.NoError(t, err, "Delete account must not fail") - _, exists, err := db.GetAccount(ctx, storedAccount.Username) + _, exists, err := db.GetAccount(ctx, storedAccount.ID) assert.False(t, exists, "Account must not exist") assert.ErrorIs(t, err, ErrNotFound, "Get account must return not found error") } func testDeleteNonExistantAccount(t *testing.T, db DB) { ctx := context.TODO() - err := db.DeleteAccount(ctx, "notexistent") + err := db.DeleteAccount(ctx, model.DBID(99)) assert.ErrorIs(t, err, ErrNotFound, "Delete account must fail") } @@ -406,66 +407,80 @@ func testSaveAccountSettings(t *testing.T, db DB) { func testGetAccount(t *testing.T, db DB) { ctx := context.TODO() - t.Run("success", func(t *testing.T) { - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - - // Successful case - account, exists, err := db.GetAccount(ctx, acc.Username) - assert.Nil(t, err) - assert.True(t, exists, "Expected account to exist") - assert.Equal(t, acc.Username, account.Username) - } - // Falid case - account, exists, err := db.GetAccount(ctx, "foobar") - assert.NotNil(t, err) - assert.False(t, exists, "Expected account to exist") - assert.Empty(t, account.Username) - }) + // Insert test accounts + testAccounts := []model.Account{ + {Username: "foo", Password: "bar", Owner: false}, + {Username: "hello", Password: "world", Owner: false}, + {Username: "foo_bar", Password: "foobar", Owner: true}, + } + + for _, acc := range testAccounts { + storedAcc, err := db.SaveAccount(ctx, acc) + assert.Nil(t, err) + + // Successful case + account, exists, err := db.GetAccount(ctx, storedAcc.ID) + assert.Nil(t, err) + assert.True(t, exists, "Expected account to exist") + assert.Equal(t, storedAcc.Username, account.Username) + } + + // Failed case + account, exists, err := db.GetAccount(ctx, 99) + assert.NotNil(t, err) + assert.False(t, exists, "Expected account to exist") + assert.Empty(t, account.Username) } -func testGetAccounts(t *testing.T, db DB) { +func testListAccounts(t *testing.T, db DB) { ctx := context.TODO() - t.Run("success", func(t *testing.T) { - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - } + // prepare database + testAccounts := []model.Account{ + {Username: "foo", Password: "bar", Owner: false}, + {Username: "hello", Password: "world", Owner: false}, + {Username: "foo_bar", Password: "foobar", Owner: true}, + } + for _, acc := range testAccounts { + _, err := db.SaveAccount(ctx, acc) + assert.Nil(t, err) + } - // Successful case - // without opt - accounts, err := db.GetAccounts(ctx, GetAccountsOptions{}) - assert.NoError(t, err) - assert.Equal(t, 3, len(accounts)) - // with owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Owner: true}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with opt - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "foo"}) - assert.NoError(t, err) - assert.Equal(t, 2, len(accounts)) - // with opt and owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "hello", Owner: false}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with not result - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "shiori"}) - assert.NoError(t, err) - assert.Equal(t, 0, len(accounts)) + tests := []struct { + name string + options ListAccountsOptions + expected int + }{ + {"default", ListAccountsOptions{}, 3}, + {"with owner", ListAccountsOptions{Owner: true}, 1}, + {"with keyword", ListAccountsOptions{Keyword: "foo"}, 2}, + {"with keyword and owner", ListAccountsOptions{Keyword: "hello", Owner: false}, 1}, + {"with no result", ListAccountsOptions{Keyword: "shiori"}, 0}, + {"with username", ListAccountsOptions{Username: "foo"}, 1}, + {"with non-existent username", ListAccountsOptions{Username: "non-existant"}, 0}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + accounts, err := db.ListAccounts(ctx, tt.options) + assert.NoError(t, err) + assert.Equal(t, tt.expected, len(accounts)) + }) + } +} + +func testListAccountsWithPassword(t *testing.T, db DB) { + ctx := context.TODO() + _, err := db.SaveAccount(ctx, model.Account{ + Username: "gopher", + Password: "shiori", }) + assert.Nil(t, err) + + storedAccounts, err := db.ListAccounts(ctx, ListAccountsOptions{ + WithPassword: true, + }) + for _, acc := range storedAccounts { + require.NotEmpty(t, acc.Password) + } } diff --git a/internal/database/mysql.go b/internal/database/mysql.go index d4dd9dac6..9a9341fc3 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -10,7 +10,6 @@ import ( "github.com/go-shiori/shiori/internal/model" "github.com/jmoiron/sqlx" "github.com/pkg/errors" - "golang.org/x/crypto/bcrypt" _ "github.com/go-sql-driver/mysql" ) @@ -582,30 +581,24 @@ func (db *MySQLDatabase) GetBookmark(ctx context.Context, id int, url string) (m // SaveAccount saves new account to database. Returns error if any happened. func (db *MySQLDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { - // Hash password with bcrypt - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) - if err != nil { - return nil, errors.WithStack(err) - } - // Insert account to database result, insertErr := db.ExecContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES (?, ?, ?, ?) ON DUPLICATE KEY UPDATE password = VALUES(password), owner = VALUES(owner)`, - account.Username, hashedPassword, account.Owner, account.Config) + account.Username, account.Password, account.Owner, account.Config) if insertErr != nil { return nil, errors.WithStack(insertErr) } var accountID int64 - accountID, err = result.LastInsertId() + accountID, err := result.LastInsertId() if err != nil { return nil, errors.WithStack(err) } - account.ID = int(accountID) + account.ID = model.DBID(accountID) return &account, nil } @@ -621,23 +614,31 @@ func (db *MySQLDatabase) SaveAccountSettings(ctx context.Context, account model. return errors.WithStack(err) } -// GetAccounts fetch list of account (without its password) based on submitted options. -func (db *MySQLDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptions) ([]model.Account, error) { +// ListAccounts fetch list of account (without its password) based on submitted options. +func (db *MySQLDatabase) ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) { // Create query args := []interface{}{} - query := `SELECT id, username, owner, config FROM account WHERE 1` + fields := []string{"id", "username", "owner", "config"} + if opts.WithPassword { + fields = append(fields, "password") + } + + query := fmt.Sprintf(`SELECT %s FROM account WHERE 1`, strings.Join(fields, ", ")) if opts.Keyword != "" { query += " AND username LIKE ?" args = append(args, "%"+opts.Keyword+"%") } + if opts.Username != "" { + query += " AND username = ?" + args = append(args, opts.Username) + } + if opts.Owner { query += " AND owner = 1" } - query += ` ORDER BY username` - // Fetch list account accounts := []model.Account{} err := db.SelectContext(ctx, &accounts, query, args...) @@ -650,11 +651,11 @@ func (db *MySQLDatabase) GetAccounts(ctx context.Context, opts GetAccountsOption // GetAccount fetch account with matching username. // Returns the account and boolean whether it's exist or not. -func (db *MySQLDatabase) GetAccount(ctx context.Context, username string) (model.Account, bool, error) { +func (db *MySQLDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) { account := model.Account{} err := db.GetContext(ctx, &account, `SELECT - id, username, password, owner, config FROM account WHERE username = ?`, - username, + id, username, password, owner, config FROM account WHERE id = ?`, + id, ) if err != nil && err != sql.ErrNoRows { return account, false, errors.WithStack(err) @@ -669,9 +670,9 @@ func (db *MySQLDatabase) GetAccount(ctx context.Context, username string) (model } // DeleteAccount removes record with matching username. -func (db *MySQLDatabase) DeleteAccount(ctx context.Context, username string) error { +func (db *MySQLDatabase) DeleteAccount(ctx context.Context, id model.DBID) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, username) + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, id) if err != nil { return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) } diff --git a/internal/database/mysql_test.go b/internal/database/mysql_test.go index a37525e31..5ee4e3587 100644 --- a/internal/database/mysql_test.go +++ b/internal/database/mysql_test.go @@ -7,12 +7,9 @@ import ( "context" "log" "os" - "path/filepath" "testing" - "github.com/go-shiori/shiori/internal/model" "github.com/jmoiron/sqlx" - "github.com/stretchr/testify/assert" ) func init() { @@ -62,121 +59,3 @@ func mysqlTestDatabaseFactory(_ *testing.T, ctx context.Context) (DB, error) { func TestMysqlsDatabase(t *testing.T) { testDatabase(t, mysqlTestDatabaseFactory) } - -func TestSaveAccountSettingsMySql(t *testing.T) { - ctx := context.TODO() - - db, err := mysqlTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Mock data - account := model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - - // Successful case - err = db.SaveAccountSettings(ctx, account) - assert.NoError(t, err) - - // Initialize not correct database - ctx = context.TODO() - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err = factory(ctx) - assert.Nil(t, err) - account = model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - err = db.SaveAccountSettings(ctx, account) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") -} - -func TestGetAccountsMySql(t *testing.T) { - ctx := context.TODO() - - db, err := mysqlTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - account, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - assert.Equal(t, acc.Username, account.Username) - assert.Equal(t, acc.Password, account.Password) - assert.Equal(t, acc.Owner, account.Owner) - assert.NotEmpty(t, account.ID) - } - - // Successful case - // without opt - accounts, err := db.GetAccounts(ctx, GetAccountsOptions{}) - assert.NoError(t, err) - assert.Equal(t, 3, len(accounts)) - // with owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Owner: true}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with opt - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "foo"}) - assert.NoError(t, err) - assert.Equal(t, 2, len(accounts)) - // with opt and owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "hello", Owner: false}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with not result - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "shiori"}) - assert.NoError(t, err) - assert.Equal(t, 0, len(accounts)) - - // Initialize not correct database - ctx = context.TODO() - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err = factory(ctx) - assert.Nil(t, err) - // with invalid query - opts := GetAccountsOptions{Keyword: "foo", Owner: true} - _, err = db.GetAccounts(ctx, opts) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") -} - -func TestGetAccountMySql(t *testing.T) { - ctx := context.TODO() - - db, err := mysqlTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - - // Successful case - account, exists, err := db.GetAccount(ctx, acc.Username) - assert.Nil(t, err) - assert.True(t, exists, "Expected account to exist") - assert.Equal(t, acc.Username, account.Username) - } - // Falid case - account, exists, err := db.GetAccount(ctx, "foobar") - assert.NotNil(t, err) - assert.False(t, exists, "Expected account to exist") - assert.Empty(t, account.Username) -} diff --git a/internal/database/pg.go b/internal/database/pg.go index d9ada4f84..e77d15202 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -4,13 +4,13 @@ import ( "context" "database/sql" "fmt" + "strconv" "strings" "time" "github.com/go-shiori/shiori/internal/model" "github.com/jmoiron/sqlx" "github.com/pkg/errors" - "golang.org/x/crypto/bcrypt" _ "github.com/lib/pq" ) @@ -590,12 +590,6 @@ func (db *PGDatabase) GetBookmark(ctx context.Context, id int, url string) (mode func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { var accountID int64 if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - // Hash password with bcrypt - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) - if err != nil { - return err - } - query, err := tx.PrepareContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES ($1, $2, $3, $4) ON CONFLICT(username) DO UPDATE SET @@ -607,7 +601,7 @@ func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (* } err = query.QueryRowContext(ctx, - account.Username, hashedPassword, account.Owner, account.Config).Scan(&accountID) + account.Username, account.Password, account.Owner, account.Config).Scan(&accountID) if err != nil { return errors.WithStack(err) } @@ -617,7 +611,7 @@ func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (* return nil, errors.WithStack(err) } - account.ID = int(accountID) + account.ID = model.DBID(accountID) return &account, nil } @@ -634,23 +628,31 @@ func (db *PGDatabase) SaveAccountSettings(ctx context.Context, account model.Acc return errors.WithStack(err) } -// GetAccounts fetch list of account (without its password) based on submitted options. -func (db *PGDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptions) ([]model.Account, error) { +// ListAccounts fetch list of account (without its password) based on submitted options. +func (db *PGDatabase) ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) { // Create query args := []interface{}{} - query := `SELECT id, username, owner, config FROM account WHERE TRUE` + fields := []string{"id", "username", "owner", "config"} + if opts.WithPassword { + fields = append(fields, "password") + } + + query := fmt.Sprintf(`SELECT %s FROM account WHERE TRUE`, strings.Join(fields, ", ")) if opts.Keyword != "" { - query += " AND username LIKE $1" + query += " AND username LIKE $" + strconv.Itoa(len(args)+1) args = append(args, "%"+opts.Keyword+"%") } + if opts.Username != "" { + query += " AND username = $" + strconv.Itoa(len(args)+1) + args = append(args, opts.Username) + } + if opts.Owner { query += " AND owner = TRUE" } - query += ` ORDER BY username` - // Fetch list account accounts := []model.Account{} err := db.SelectContext(ctx, &accounts, query, args...) @@ -663,11 +665,11 @@ func (db *PGDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptions) // GetAccount fetch account with matching username. // Returns the account and boolean whether it's exist or not. -func (db *PGDatabase) GetAccount(ctx context.Context, username string) (model.Account, bool, error) { +func (db *PGDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) { account := model.Account{} err := db.GetContext(ctx, &account, `SELECT - id, username, password, owner, config FROM account WHERE username = $1`, - username, + id, username, password, owner, config FROM account WHERE id = $1`, + id, ) if err != nil && err != sql.ErrNoRows { return account, false, errors.WithStack(err) @@ -682,9 +684,9 @@ func (db *PGDatabase) GetAccount(ctx context.Context, username string) (model.Ac } // DeleteAccount removes record with matching username. -func (db *PGDatabase) DeleteAccount(ctx context.Context, username string) error { +func (db *PGDatabase) DeleteAccount(ctx context.Context, id model.DBID) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = $1`, username) + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = $1`, id) if err != nil { return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) } diff --git a/internal/database/pg_test.go b/internal/database/pg_test.go index cb79ba7cc..f8172a0f0 100644 --- a/internal/database/pg_test.go +++ b/internal/database/pg_test.go @@ -7,11 +7,7 @@ import ( "context" "log" "os" - "path/filepath" "testing" - - "github.com/go-shiori/shiori/internal/model" - "github.com/stretchr/testify/assert" ) func init() { @@ -42,116 +38,3 @@ func postgresqlTestDatabaseFactory(_ *testing.T, ctx context.Context) (DB, error func TestPostgresDatabase(t *testing.T) { testDatabase(t, postgresqlTestDatabaseFactory) } - -func TestSaveAccountSettingsPg(t *testing.T) { - ctx := context.TODO() - - db, err := postgresqlTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Mock data - account := model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - - // Successful case - err = db.SaveAccountSettings(ctx, account) - assert.NoError(t, err) - - // Initialize not correct database - ctx = context.TODO() - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err = factory(ctx) - assert.Nil(t, err) - account = model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - err = db.SaveAccountSettings(ctx, account) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") -} -func TestGetAccountsPg(t *testing.T) { - ctx := context.TODO() - - db, err := postgresqlTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - } - - // Successful case - // without opt - accounts, err := db.GetAccounts(ctx, GetAccountsOptions{}) - assert.NoError(t, err) - assert.Equal(t, 3, len(accounts)) - // with owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Owner: true}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with opt - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "foo"}) - assert.NoError(t, err) - assert.Equal(t, 2, len(accounts)) - // with opt and owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "hello", Owner: false}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with not result - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "shiori"}) - assert.NoError(t, err) - assert.Equal(t, 0, len(accounts)) - - // Initialize not correct database - ctx = context.TODO() - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err = factory(ctx) - assert.Nil(t, err) - // with invalid query - opts := GetAccountsOptions{Keyword: "foo", Owner: true} - _, err = db.GetAccounts(ctx, opts) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") -} - -func TestGetAccountPg(t *testing.T) { - ctx := context.TODO() - - db, err := postgresqlTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - - // Successful case - account, exists, err := db.GetAccount(ctx, acc.Username) - assert.Nil(t, err) - assert.True(t, exists, "Expected account to exist") - assert.Equal(t, acc.Username, account.Username) - } - // Falid case - account, exists, err := db.GetAccount(ctx, "foobar") - assert.NotNil(t, err) - assert.False(t, exists, "Expected account to exist") - assert.Empty(t, account.Username) -} diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index 9e628d7f0..1b5546ef4 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -11,7 +11,6 @@ import ( "github.com/go-shiori/shiori/internal/model" "github.com/jmoiron/sqlx" "github.com/pkg/errors" - "golang.org/x/crypto/bcrypt" _ "modernc.org/sqlite" ) @@ -692,12 +691,6 @@ func (db *SQLiteDatabase) GetBookmark(ctx context.Context, id int, url string) ( func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { var accountID int64 if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - // Hash password with bcrypt - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) - if err != nil { - return err - } - query, err := tx.PrepareContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES (?, ?, ?, ?) ON CONFLICT(username) DO UPDATE SET @@ -708,8 +701,8 @@ func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account } err = query.QueryRowContext(ctx, - account.Username, hashedPassword, account.Owner, account.Config, - hashedPassword, account.Owner).Scan(&accountID) + account.Username, account.Password, account.Owner, account.Config, + account.Password, account.Owner).Scan(&accountID) if err != nil { return errors.WithStack(err) } @@ -719,7 +712,7 @@ func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account return nil, errors.WithStack(err) } - account.ID = int(accountID) + account.ID = model.DBID(accountID) return &account, nil } @@ -740,23 +733,31 @@ func (db *SQLiteDatabase) SaveAccountSettings(ctx context.Context, account model return nil } -// GetAccounts fetch list of account (without its password) based on submitted options. -func (db *SQLiteDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptions) ([]model.Account, error) { +// ListAccounts fetch list of account (without its password) based on submitted options. +func (db *SQLiteDatabase) ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) { // Create query args := []interface{}{} - query := `SELECT id, username, owner, config FROM account WHERE 1` + fields := []string{"id", "username", "owner", "config"} + if opts.WithPassword { + fields = append(fields, "password") + } + + query := fmt.Sprintf(`SELECT %s FROM account WHERE 1`, strings.Join(fields, ", ")) if opts.Keyword != "" { query += " AND username LIKE ?" args = append(args, "%"+opts.Keyword+"%") } + if opts.Username != "" { + query += " AND username = ?" + args = append(args, opts.Username) + } + if opts.Owner { query += " AND owner = 1" } - query += ` ORDER BY username` - // Fetch list account accounts := []model.Account{} err := db.SelectContext(ctx, &accounts, query, args...) @@ -769,11 +770,11 @@ func (db *SQLiteDatabase) GetAccounts(ctx context.Context, opts GetAccountsOptio // GetAccount fetch account with matching username. // Returns the account and boolean whether it's exist or not. -func (db *SQLiteDatabase) GetAccount(ctx context.Context, username string) (model.Account, bool, error) { +func (db *SQLiteDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) { account := model.Account{} err := db.GetContext(ctx, &account, `SELECT - id, username, password, owner, config FROM account WHERE username = ?`, - username, + id, username, password, owner, config FROM account WHERE id = ?`, + id, ) if err != nil && err != sql.ErrNoRows { return account, false, errors.WithStack(err) @@ -788,9 +789,9 @@ func (db *SQLiteDatabase) GetAccount(ctx context.Context, username string) (mode } // DeleteAccount removes record with matching username. -func (db *SQLiteDatabase) DeleteAccount(ctx context.Context, username string) error { +func (db *SQLiteDatabase) DeleteAccount(ctx context.Context, id model.DBID) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { - result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, username) + result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, id) if err != nil { return errors.WithStack(fmt.Errorf("error deleting account: %v", err)) } diff --git a/internal/database/sqlite_test.go b/internal/database/sqlite_test.go index 217abae08..971837b71 100644 --- a/internal/database/sqlite_test.go +++ b/internal/database/sqlite_test.go @@ -71,11 +71,10 @@ func testSqliteGetBookmarksWithDash(t *testing.T) { } -func TestSQLiteDatabase_SaveAccount(t *testing.T) { - +func TestSQLiteDatabaseSaveAccountFail(t *testing.T) { ctx := context.TODO() - // Initialize not correct database + // Initialize nonexistant database factory := func(ctx context.Context) (DB, error) { return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) } @@ -88,88 +87,3 @@ func TestSQLiteDatabase_SaveAccount(t *testing.T) { assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") } - -func TestSaveAccountSettings(t *testing.T) { - ctx := context.TODO() - - db, err := sqliteTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Mock data - account := model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - - // Successful case - err = db.SaveAccountSettings(ctx, account) - assert.NoError(t, err) - - // Initialize not correct database - ctx = context.TODO() - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err = factory(ctx) - assert.Nil(t, err) - account = model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - err = db.SaveAccountSettings(ctx, account) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") -} - -func TestGetAccounts(t *testing.T) { - ctx := context.TODO() - - db, err := sqliteTestDatabaseFactory(t, ctx) - assert.NoError(t, err) - - // Insert test accounts - testAccounts := []model.Account{ - {Username: "foo", Password: "bar", Owner: false}, - {Username: "hello", Password: "world", Owner: false}, - {Username: "foo_bar", Password: "foobar", Owner: true}, - } - for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) - assert.Nil(t, err) - } - - // Successful case - // without opt - accounts, err := db.GetAccounts(ctx, GetAccountsOptions{}) - assert.NoError(t, err) - assert.Equal(t, 3, len(accounts)) - // with owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Owner: true}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with opt - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "foo"}) - assert.NoError(t, err) - assert.Equal(t, 2, len(accounts)) - // with opt and owner - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "hello", Owner: false}) - assert.NoError(t, err) - assert.Equal(t, 1, len(accounts)) - // with not result - accounts, err = db.GetAccounts(ctx, GetAccountsOptions{Keyword: "shiori"}) - assert.NoError(t, err) - assert.Equal(t, 0, len(accounts)) - - // Initialize not correct database - ctx = context.TODO() - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err = factory(ctx) - assert.Nil(t, err) - // with invalid query - opts := GetAccountsOptions{Keyword: "foo", Owner: true} - _, err = db.GetAccounts(ctx, opts) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") -} diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index 3b3d15bea..258280f31 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -8,6 +8,7 @@ import ( "github.com/go-shiori/shiori/internal/database" "github.com/go-shiori/shiori/internal/dependencies" "github.com/go-shiori/shiori/internal/model" + "golang.org/x/crypto/bcrypt" ) type AccountsDomain struct { @@ -15,7 +16,7 @@ type AccountsDomain struct { } func (d *AccountsDomain) ListAccounts(ctx context.Context) ([]model.AccountDTO, error) { - accounts, err := d.deps.Database.GetAccounts(ctx, database.GetAccountsOptions{}) + accounts, err := d.deps.Database.ListAccounts(ctx, database.ListAccountsOptions{}) if err != nil { return nil, fmt.Errorf("error getting accounts: %v", err) } @@ -28,24 +29,29 @@ func (d *AccountsDomain) ListAccounts(ctx context.Context) ([]model.AccountDTO, return accountDTOs, nil } -func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Account) (*model.AccountDTO, error) { +func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.AccountDTO) (*model.AccountDTO, error) { + // Hash password with bcrypt + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) + if err != nil { + return nil, fmt.Errorf("error hashing provided password: %w", err) + } + storedAccount, err := d.deps.Database.SaveAccount(ctx, model.Account{ Username: account.Username, - Password: account.Password, + Password: string(hashedPassword), Owner: account.Owner, }) if err != nil { return nil, fmt.Errorf("error creating account: %v", err) } - // FIXME result := storedAccount.ToDTO() return &result, nil } -func (d *AccountsDomain) DeleteAccount(ctx context.Context, id string) error { - err := d.deps.Database.DeleteAccount(ctx, id) +func (d *AccountsDomain) DeleteAccount(ctx context.Context, id int) error { + err := d.deps.Database.DeleteAccount(ctx, model.DBID(id)) if errors.Is(err, database.ErrNotFound) { return model.ErrNotFound } @@ -57,6 +63,26 @@ func (d *AccountsDomain) DeleteAccount(ctx context.Context, id string) error { return nil } +func (d *AccountsDomain) UpdateAccount(ctx context.Context, account model.AccountDTO) (*model.AccountDTO, error) { + updatedAccount := model.Account{ + ID: account.ID, + } + + // Update password as well + if account.Password != "" { + // Hash password with bcrypt + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) + if err != nil { + return nil, fmt.Errorf("error hashing provided password: %w", err) + } + updatedAccount.Password = string(hashedPassword) + } + + // TODO + + return nil, nil +} + func NewAccountsDomain(deps *dependencies.Dependencies) model.AccountsDomain { return &AccountsDomain{ deps: deps, diff --git a/internal/domains/auth.go b/internal/domains/auth.go index 33ac665f0..288c4b81c 100644 --- a/internal/domains/auth.go +++ b/internal/domains/auth.go @@ -5,6 +5,7 @@ import ( "fmt" "time" + "github.com/go-shiori/shiori/internal/database" "github.com/go-shiori/shiori/internal/dependencies" "github.com/go-shiori/shiori/internal/model" "github.com/golang-jwt/jwt/v5" @@ -39,9 +40,6 @@ func (d *AuthDomain) CheckToken(ctx context.Context, userJWT string) (*model.Acc if claims.Account.ID > 0 { return claims.Account, nil } - if err != nil { - return nil, err - } return claims.Account, nil } @@ -49,11 +47,20 @@ func (d *AuthDomain) CheckToken(ctx context.Context, userJWT string) (*model.Acc } func (d *AuthDomain) GetAccountFromCredentials(ctx context.Context, username, password string) (*model.Account, error) { - account, _, err := d.deps.Database.GetAccount(ctx, username) + accounts, err := d.deps.Database.ListAccounts(ctx, database.ListAccountsOptions{ + Username: username, + WithPassword: true, + }) if err != nil { return nil, fmt.Errorf("username and password do not match") } + if len(accounts) != 1 { + return nil, fmt.Errorf("username and password do not match") + } + + account := accounts[0] + if err := bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(password)); err != nil { return nil, fmt.Errorf("username and password do not match") } diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 484521b74..5679a1db4 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "net/http" + "strconv" "github.com/gin-gonic/gin" "github.com/go-shiori/shiori/internal/dependencies" @@ -69,8 +70,8 @@ func (p *createAccountPayload) IsValid() error { return nil } -func (p *createAccountPayload) ToDatabase() model.Account { - return model.Account{ +func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { + return model.AccountDTO{ Username: p.Username, Password: p.Password, Owner: !p.IsVisitor, @@ -100,7 +101,7 @@ func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { return } - account, err := r.deps.Domains.Accounts.CreateAccount(c.Request.Context(), payload.ToDatabase()) + account, err := r.deps.Domains.Accounts.CreateAccount(c.Request.Context(), payload.ToAccountDTO()) if err != nil { r.logger.WithError(err).Error("error creating account") c.AbortWithStatus(http.StatusInternalServerError) @@ -119,9 +120,16 @@ func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { // @Failure 500 {string} string "Internal Server Error" // @Router /api/v1/accounts/{id} [delete] func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { - id := c.Param("id") + idParam := c.Param("id") - err := r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id) + id, err := strconv.Atoi(idParam) + if err != nil { + r.logger.WithError(err).Error("error parsing id") + response.SendError(c, http.StatusBadRequest, "invalid id") + return + } + + err = r.deps.Domains.Accounts.DeleteAccount(c.Request.Context(), id) if errors.Is(err, model.ErrNotFound) { response.SendError(c, http.StatusNotFound, "account not found") return diff --git a/internal/http/routes/api/v1/accounts_test.go b/internal/http/routes/api/v1/accounts_test.go index 0d8c888c1..854be7499 100644 --- a/internal/http/routes/api/v1/accounts_test.go +++ b/internal/http/routes/api/v1/accounts_test.go @@ -37,7 +37,7 @@ func TestAccountList(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) - _, err := deps.Domains.Accounts.CreateAccount(ctx, model.Account{ + _, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ Username: "gopher", Password: "shiori", }) @@ -124,7 +124,7 @@ func TestAccountDelete(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) - account, err := deps.Domains.Accounts.CreateAccount(ctx, model.Account{ + account, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ Username: "gopher", Password: "shiori", }) @@ -132,7 +132,7 @@ func TestAccountDelete(t *testing.T) { router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) - w := testutil.PerformRequest(g, "DELETE", "/"+strconv.Itoa(account.ID)) + w := testutil.PerformRequest(g, "DELETE", "/"+strconv.Itoa(int(account.ID))) require.Equal(t, http.StatusNoContent, w.Code) }) diff --git a/internal/http/routes/api/v1/auth_test.go b/internal/http/routes/api/v1/auth_test.go index de9a4fa52..62d01054c 100644 --- a/internal/http/routes/api/v1/auth_test.go +++ b/internal/http/routes/api/v1/auth_test.go @@ -57,13 +57,13 @@ func TestAccountsRoute(t *testing.T) { router.Setup(g.Group("/")) // Create an account manually to test - account := model.Account{ + account := model.AccountDTO{ Username: "shiori", Password: "gopher", Owner: true, } - _, accountInsertErr := deps.Database.SaveAccount(ctx, account) + _, accountInsertErr := deps.Domains.Accounts.CreateAccount(ctx, account) require.NoError(t, accountInsertErr) w := httptest.NewRecorder() @@ -260,11 +260,11 @@ func TestSettingsHandler(t *testing.T) { MakePublic: true, }, } - _, accountInsertErr := deps.Database.SaveAccount(ctx, account) + acc, accountInsertErr := deps.Database.SaveAccount(ctx, account) require.NoError(t, accountInsertErr) // Get current user config - user, _, err := deps.Database.GetAccount(ctx, "shiori") + user, _, err := deps.Database.GetAccount(ctx, acc.ID) require.NoError(t, err) require.Equal(t, user.Config, account.Config) @@ -293,7 +293,7 @@ func TestSettingsHandler(t *testing.T) { g.ServeHTTP(w, req) require.Equal(t, 200, w.Code) - user, _, err = deps.Database.GetAccount(ctx, "shiori") + user, _, err = deps.Database.GetAccount(ctx, acc.ID) require.NoError(t, err) require.NotEqual(t, user.Config, account.Config) diff --git a/internal/model/account.go b/internal/model/account.go index c04630a1e..18d838e48 100644 --- a/internal/model/account.go +++ b/internal/model/account.go @@ -8,7 +8,7 @@ import ( // Account is the database representation for account. type Account struct { - ID int `db:"id" json:"id"` + ID DBID `db:"id" json:"id"` Username string `db:"username" json:"username"` Password string `db:"password" json:"password,omitempty"` Owner bool `db:"owner" json:"owner"` @@ -56,8 +56,9 @@ func (a Account) ToDTO() AccountDTO { // AccountDTO is data transfer object for Account. type AccountDTO struct { - ID int `json:"id"` + ID DBID `json:"id"` Username string `json:"username"` + Password string `json:"-"` // Used only to store, not to retrieve Owner bool `json:"owner"` Config UserConfig `json:"config"` } diff --git a/internal/model/domains.go b/internal/model/domains.go index df71a0083..8614bc03b 100644 --- a/internal/model/domains.go +++ b/internal/model/domains.go @@ -25,9 +25,9 @@ type AuthDomain interface { type AccountsDomain interface { ListAccounts(ctx context.Context) ([]AccountDTO, error) - CreateAccount(ctx context.Context, account Account) (*AccountDTO, error) + CreateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) // UpdateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) - DeleteAccount(ctx context.Context, username string) error + DeleteAccount(ctx context.Context, id int) error } type ArchiverDomain interface { diff --git a/internal/webserver/handler-api.go b/internal/webserver/handler-api.go index 260524329..6b93b2e73 100644 --- a/internal/webserver/handler-api.go +++ b/internal/webserver/handler-api.go @@ -20,7 +20,7 @@ import ( "github.com/julienschmidt/httprouter" ) -func downloadBookmarkContent(deps *dependencies.Dependencies, book *model.BookmarkDTO, dataDir string, request *http.Request, keepTitle, keepExcerpt bool) (*model.BookmarkDTO, error) { +func downloadBookmarkContent(deps *dependencies.Dependencies, book *model.BookmarkDTO, dataDir string, _ *http.Request, keepTitle, keepExcerpt bool) (*model.BookmarkDTO, error) { content, contentType, err := core.DownloadBookmark(book.URL) if err != nil { return nil, fmt.Errorf("error downloading url: %s", err) From 56f441e75a06890d584793d281219d7244144be5 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 19:04:19 +0200 Subject: [PATCH 007/103] make lint --- docs/swagger/docs.go | 49 ++++++++++++++++++------ docs/swagger/swagger.json | 49 ++++++++++++++++++------ docs/swagger/swagger.yaml | 32 ++++++++++++---- internal/database/database_test.go | 1 + internal/http/routes/api/v1/accounts.go | 40 +++++++++---------- internal/http/routes/api/v1/bookmarks.go | 4 +- 6 files changed, 121 insertions(+), 54 deletions(-) diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go index 8458d1845..1c6afe47b 100644 --- a/docs/swagger/docs.go +++ b/docs/swagger/docs.go @@ -76,6 +76,31 @@ const docTemplate = `{ } } }, + "/api/v1/accounts/{id}": { + "delete": { + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "Delete an account", + "responses": { + "204": { + "description": "No content", + "schema": { + "type": "string" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } + } + }, "/api/v1/auth/account": { "patch": { "produces": [ @@ -233,7 +258,7 @@ const docTemplate = `{ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/api_v1.contentResponseMessage" + "$ref": "#/definitions/api_v1.readableResponseMessage" } }, "403": { @@ -289,17 +314,6 @@ const docTemplate = `{ } }, "definitions": { - "api_v1.contentResponseMessage": { - "type": "object", - "properties": { - "content": { - "type": "string" - }, - "html": { - "type": "string" - } - } - }, "api_v1.loginRequestPayload": { "type": "object", "required": [ @@ -334,6 +348,17 @@ const docTemplate = `{ } } }, + "api_v1.readableResponseMessage": { + "type": "object", + "properties": { + "content": { + "type": "string" + }, + "html": { + "type": "string" + } + } + }, "api_v1.settingRequestPayload": { "type": "object", "properties": { diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json index 2e61880c9..8a8500fa0 100644 --- a/docs/swagger/swagger.json +++ b/docs/swagger/swagger.json @@ -65,6 +65,31 @@ } } }, + "/api/v1/accounts/{id}": { + "delete": { + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "Delete an account", + "responses": { + "204": { + "description": "No content", + "schema": { + "type": "string" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } + } + }, "/api/v1/auth/account": { "patch": { "produces": [ @@ -222,7 +247,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/api_v1.contentResponseMessage" + "$ref": "#/definitions/api_v1.readableResponseMessage" } }, "403": { @@ -278,17 +303,6 @@ } }, "definitions": { - "api_v1.contentResponseMessage": { - "type": "object", - "properties": { - "content": { - "type": "string" - }, - "html": { - "type": "string" - } - } - }, "api_v1.loginRequestPayload": { "type": "object", "required": [ @@ -323,6 +337,17 @@ } } }, + "api_v1.readableResponseMessage": { + "type": "object", + "properties": { + "content": { + "type": "string" + }, + "html": { + "type": "string" + } + } + }, "api_v1.settingRequestPayload": { "type": "object", "properties": { diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml index 7f8956a12..fd0559a77 100644 --- a/docs/swagger/swagger.yaml +++ b/docs/swagger/swagger.yaml @@ -1,11 +1,4 @@ definitions: - api_v1.contentResponseMessage: - properties: - content: - type: string - html: - type: string - type: object api_v1.loginRequestPayload: properties: password: @@ -29,6 +22,13 @@ definitions: token: type: string type: object + api_v1.readableResponseMessage: + properties: + content: + type: string + html: + type: string + type: object api_v1.settingRequestPayload: properties: config: @@ -185,6 +185,22 @@ paths: summary: Create an account tags: - accounts + /api/v1/accounts/{id}: + delete: + produces: + - application/json + responses: + "204": + description: No content + schema: + type: string + "500": + description: Internal Server Error + schema: + type: string + summary: Delete an account + tags: + - accounts /api/v1/auth/account: patch: parameters: @@ -284,7 +300,7 @@ paths: "200": description: OK schema: - $ref: '#/definitions/api_v1.contentResponseMessage' + $ref: '#/definitions/api_v1.readableResponseMessage' "403": description: Token not provided/invalid summary: Get readable version of bookmark. diff --git a/internal/database/database_test.go b/internal/database/database_test.go index 8908ddfcc..c83a3be0d 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -480,6 +480,7 @@ func testListAccountsWithPassword(t *testing.T, db DB) { storedAccounts, err := db.ListAccounts(ctx, ListAccountsOptions{ WithPassword: true, }) + require.NoError(t, err) for _, acc := range storedAccounts { require.NotEmpty(t, acc.Password) } diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 5679a1db4..73ad918fd 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -36,13 +36,13 @@ func NewAccountsAPIRoutes(logger *logrus.Logger, deps *dependencies.Dependencies // listHandler godoc // -// @Summary List accounts -// @Description List accounts -// @Tags accounts -// @Produce json -// @Success 200 {array} model.AccountDTO -// @Failure 500 {string} string "Internal Server Error" -// @Router /api/v1/accounts [get] +// @Summary List accounts +// @Description List accounts +// @Tags accounts +// @Produce json +// @Success 200 {array} model.AccountDTO +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts [get] func (r *AccountsAPIRoutes) listHandler(c *gin.Context) { accounts, err := r.deps.Domains.Accounts.ListAccounts(c.Request.Context()) if err != nil { @@ -80,13 +80,13 @@ func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { // createHandler godoc // -// @Summary Create an account -// @Tags accounts -// @Produce json -// @Success 201 {array} model.AccountDTO -// @Failure 400 {string} string "Bad Request" -// @Failure 500 {string} string "Internal Server Error" -// @Router /api/v1/accounts [post] +// @Summary Create an account +// @Tags accounts +// @Produce json +// @Success 201 {array} model.AccountDTO +// @Failure 400 {string} string "Bad Request" +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts [post] func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { var payload createAccountPayload if err := c.ShouldBindJSON(&payload); err != nil { @@ -113,12 +113,12 @@ func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { // deleteHandler godoc // -// @Summary Delete an account -// @Tags accounts -// @Produce json -// @Success 204 {string} string "No content" -// @Failure 500 {string} string "Internal Server Error" -// @Router /api/v1/accounts/{id} [delete] +// @Summary Delete an account +// @Tags accounts +// @Produce json +// @Success 204 {string} string "No content" +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts/{id} [delete] func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { idParam := c.Param("id") diff --git a/internal/http/routes/api/v1/bookmarks.go b/internal/http/routes/api/v1/bookmarks.go index f7e967e8e..5c6451c77 100644 --- a/internal/http/routes/api/v1/bookmarks.go +++ b/internal/http/routes/api/v1/bookmarks.go @@ -96,7 +96,7 @@ type readableResponseMessage struct { // @Tags Auth // @securityDefinitions.apikey ApiKeyAuth // @Produce json -// @Success 200 {object} contentResponseMessage +// @Success 200 {object} readableResponseMessage // @Failure 403 {object} nil "Token not provided/invalid" // @Router /api/v1/bookmarks/id/readable [get] func (r *BookmarksAPIRoutes) bookmarkReadable(c *gin.Context) { @@ -119,7 +119,7 @@ func (r *BookmarksAPIRoutes) bookmarkReadable(c *gin.Context) { // @Summary Update Cache and Ebook on server. // @Tags Auth // @securityDefinitions.apikey ApiKeyAuth -// @Param payload body updateCachePayload true "Update Cache Payload"` +// @Param payload body updateCachePayload true "Update Cache Payload"` // @Produce json // @Success 200 {object} model.BookmarkDTO // @Failure 403 {object} nil "Token not provided/invalid" From 0835804f63272901141c5fc094f7041d663bad07 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 19:09:57 +0200 Subject: [PATCH 008/103] more permissive assertion --- internal/database/sqlite_test.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/internal/database/sqlite_test.go b/internal/database/sqlite_test.go index 971837b71..486872dac 100644 --- a/internal/database/sqlite_test.go +++ b/internal/database/sqlite_test.go @@ -84,6 +84,5 @@ func TestSQLiteDatabaseSaveAccountFail(t *testing.T) { // Test falid database acc := model.Account{} _, err = db.SaveAccount(ctx, acc) - assert.Contains(t, err.Error(), "SQL logic error: no such table: account (1)") - + assert.Contains(t, err.Error(), "no such table: account") } From 7c09384617aa92f5d5d4cba30983fc847d996544 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Mon, 3 Jun 2024 23:50:16 +0200 Subject: [PATCH 009/103] rename test --- internal/database/database_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/database/database_test.go b/internal/database/database_test.go index c83a3be0d..dddaadfff 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -38,7 +38,7 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { "testSaveAccount": testSaveAccount, "testSaveAccountSetting": testSaveAccountSettings, "testGetAccount": testGetAccount, - "testGetAccounts": testListAccounts, + "testListAccounts": testListAccounts, "testListAccountsWithPassword": testListAccountsWithPassword, } From fee6cf7f9cb8f1d4e3268f30d7f2a91bdd8a47b1 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Tue, 4 Jun 2024 00:33:58 +0200 Subject: [PATCH 010/103] update account --- internal/cmd/root.go | 2 +- internal/database/database.go | 5 ++- internal/database/database_test.go | 45 +++++++++++++++++++ internal/database/mysql.go | 27 +++++++++-- internal/database/pg.go | 29 ++++++++++-- internal/database/sqlite.go | 32 +++++++++++-- internal/domains/accounts.go | 53 ++++++++++++++++++---- internal/http/routes/api/v1/accounts.go | 57 +++++++++++++++--------- internal/http/routes/api/v1/auth_test.go | 4 +- internal/model/account.go | 17 ++++--- internal/model/domains.go | 2 +- internal/model/ptr.go | 5 +++ 12 files changed, 227 insertions(+), 51 deletions(-) create mode 100644 internal/model/ptr.go diff --git a/internal/cmd/root.go b/internal/cmd/root.go index b11357459..bca56cdc7 100644 --- a/internal/cmd/root.go +++ b/internal/cmd/root.go @@ -119,7 +119,7 @@ func initShiori(ctx context.Context, cmd *cobra.Command) (*config.Config, *depen account := model.AccountDTO{ Username: "shiori", Password: "gopher", - Owner: true, + Owner: model.Ptr[bool](true), } if _, err := dependencies.Domains.Accounts.CreateAccount(cmd.Context(), account); err != nil { diff --git a/internal/database/database.go b/internal/database/database.go index 6015a9383..7cf3ca770 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -103,6 +103,9 @@ type DB interface { // SaveAccount saves new account in database SaveAccount(ctx context.Context, a model.Account) (*model.Account, error) + // UpdateAccount updates account in database + UpdateAccount(ctx context.Context, a model.Account) error + // SaveAccountSettings saves settings for specific user in database SaveAccountSettings(ctx context.Context, a model.Account) error @@ -110,7 +113,7 @@ type DB interface { ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) // GetAccount fetch account with matching username. - GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) + GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) // DeleteAccount removes account with matching id DeleteAccount(ctx context.Context, id model.DBID) error diff --git a/internal/database/database_test.go b/internal/database/database_test.go index dddaadfff..0335f0dae 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -36,6 +36,7 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { "testDeleteAccount": testDeleteAccount, "testDeleteNonExistantAccount": testDeleteNonExistantAccount, "testSaveAccount": testSaveAccount, + "testUpdateAccount": testUpdateAccount, "testSaveAccountSetting": testSaveAccountSettings, "testGetAccount": testGetAccount, "testListAccounts": testListAccounts, @@ -390,6 +391,50 @@ func testSaveAccount(t *testing.T, db DB) { require.NotEmpty(t, account.ID) } +func testUpdateAccount(t *testing.T, db DB) { + ctx := context.TODO() + + acc := model.Account{ + Username: "testuser", + Password: "testpass", + Owner: true, + Config: model.UserConfig{ + ShowId: true, + }, + } + + account, err := db.SaveAccount(ctx, acc) + require.Nil(t, err) + require.NotNil(t, account) + require.NotEmpty(t, account.ID) + + account, _, err = db.GetAccount(ctx, account.ID) + require.Nil(t, err) + + t.Run("update", func(t *testing.T) { + acc := model.Account{ + ID: account.ID, + Username: "asdlasd", + Owner: false, + Password: "another", + Config: model.UserConfig{ + ShowId: false, + }, + } + + err := db.UpdateAccount(ctx, acc) + require.Nil(t, err) + + updatedAccount, exists, err := db.GetAccount(ctx, account.ID) + require.NoError(t, err) + require.True(t, exists) + require.Equal(t, acc.Username, updatedAccount.Username) + require.Equal(t, acc.Owner, updatedAccount.Owner) + require.Equal(t, acc.Config, updatedAccount.Config) + require.NotEqual(t, acc.Password, account.Password) + }) +} + func testSaveAccountSettings(t *testing.T, db DB) { ctx := context.TODO() diff --git a/internal/database/mysql.go b/internal/database/mysql.go index 9a9341fc3..cda93156d 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -603,6 +603,27 @@ func (db *MySQLDatabase) SaveAccount(ctx context.Context, account model.Account) return &account, nil } +// UpdateAccount update account in database +func (db *MySQLDatabase) UpdateAccount(ctx context.Context, account model.Account) error { + if account.ID == 0 { + return ErrNotFound + } + + db.withTx(ctx, func(tx *sqlx.Tx) error { + _, err := tx.ExecContext(ctx, `UPDATE account + SET username = ?, password = ?, owner = ?, config = ? + WHERE id = ?`, + account.Username, account.Password, account.Owner, account.Config, account.ID) + if err != nil { + return errors.WithStack(err) + } + + return nil + }) + + return nil +} + // SaveAccountSettings update settings for specific account in database. Returns error if any happened func (db *MySQLDatabase) SaveAccountSettings(ctx context.Context, account model.Account) (err error) { // Update account config in database for specific user @@ -651,14 +672,14 @@ func (db *MySQLDatabase) ListAccounts(ctx context.Context, opts ListAccountsOpti // GetAccount fetch account with matching username. // Returns the account and boolean whether it's exist or not. -func (db *MySQLDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) { +func (db *MySQLDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) { account := model.Account{} err := db.GetContext(ctx, &account, `SELECT id, username, password, owner, config FROM account WHERE id = ?`, id, ) if err != nil && err != sql.ErrNoRows { - return account, false, errors.WithStack(err) + return &account, false, errors.WithStack(err) } // Use custom not found error if that's the result of the query @@ -666,7 +687,7 @@ func (db *MySQLDatabase) GetAccount(ctx context.Context, id model.DBID) (model.A err = ErrNotFound } - return account, account.ID != 0, err + return &account, account.ID != 0, err } // DeleteAccount removes record with matching username. diff --git a/internal/database/pg.go b/internal/database/pg.go index e77d15202..7abaaed58 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -616,6 +616,29 @@ func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (* return &account, nil } +// UpdateAccount updates account in database. +func (db *PGDatabase) UpdateAccount(ctx context.Context, account model.Account) error { + if account.ID == 0 { + return ErrNotFound + } + + if err := db.withTx(ctx, func(tx *sqlx.Tx) error { + _, err := tx.ExecContext(ctx, `UPDATE account + SET username = $1, password = $2, owner = $3, config = $4 + WHERE id = $5`, + account.Username, account.Password, account.Owner, account.Config, account.ID) + if err != nil { + return errors.WithStack(err) + } + + return nil + }); err != nil { + return errors.WithStack(err) + } + + return nil +} + // SaveAccountSettings update settings for specific account in database. Returns error if any happened func (db *PGDatabase) SaveAccountSettings(ctx context.Context, account model.Account) (err error) { @@ -665,14 +688,14 @@ func (db *PGDatabase) ListAccounts(ctx context.Context, opts ListAccountsOptions // GetAccount fetch account with matching username. // Returns the account and boolean whether it's exist or not. -func (db *PGDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) { +func (db *PGDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) { account := model.Account{} err := db.GetContext(ctx, &account, `SELECT id, username, password, owner, config FROM account WHERE id = $1`, id, ) if err != nil && err != sql.ErrNoRows { - return account, false, errors.WithStack(err) + return &account, false, errors.WithStack(err) } // Use custom not found error if that's the result of the query @@ -680,7 +703,7 @@ func (db *PGDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Acco err = ErrNotFound } - return account, account.ID != 0, err + return &account, account.ID != 0, err } // DeleteAccount removes record with matching username. diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index 1b5546ef4..b88809556 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -733,6 +733,32 @@ func (db *SQLiteDatabase) SaveAccountSettings(ctx context.Context, account model return nil } +func (db *SQLiteDatabase) UpdateAccount(ctx context.Context, account model.Account) error { + if account.ID == 0 { + return ErrNotFound + } + + if err := db.withTx(ctx, func(tx *sqlx.Tx) error { + queryString := "UPDATE account SET username = ?, password = ?, owner = ?, config = ? WHERE id = ?" + + updateQuery, err := tx.PrepareContext(ctx, queryString) + if err != nil { + return errors.WithStack(err) + } + + _, err = updateQuery.ExecContext(ctx, account.Username, account.Password, account.Owner, account.Config, account.ID) + if err != nil { + return errors.WithStack(err) + } + + return nil + }); err != nil { + return errors.WithStack(err) + } + + return nil +} + // ListAccounts fetch list of account (without its password) based on submitted options. func (db *SQLiteDatabase) ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) { // Create query @@ -770,14 +796,14 @@ func (db *SQLiteDatabase) ListAccounts(ctx context.Context, opts ListAccountsOpt // GetAccount fetch account with matching username. // Returns the account and boolean whether it's exist or not. -func (db *SQLiteDatabase) GetAccount(ctx context.Context, id model.DBID) (model.Account, bool, error) { +func (db *SQLiteDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) { account := model.Account{} err := db.GetContext(ctx, &account, `SELECT id, username, password, owner, config FROM account WHERE id = ?`, id, ) if err != nil && err != sql.ErrNoRows { - return account, false, errors.WithStack(err) + return &account, false, errors.WithStack(err) } // Use custom not found error if that's the result of the query @@ -785,7 +811,7 @@ func (db *SQLiteDatabase) GetAccount(ctx context.Context, id model.DBID) (model. err = ErrNotFound } - return account, account.ID != 0, err + return &account, account.ID != 0, err } // DeleteAccount removes record with matching username. diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index 258280f31..c8f73fd07 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -36,11 +36,18 @@ func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Accoun return nil, fmt.Errorf("error hashing provided password: %w", err) } - storedAccount, err := d.deps.Database.SaveAccount(ctx, model.Account{ + acc := model.Account{ Username: account.Username, Password: string(hashedPassword), - Owner: account.Owner, - }) + } + if account.Owner != nil { + acc.Owner = *account.Owner + } + if account.Config != nil { + acc.Config = *account.Config + } + + storedAccount, err := d.deps.Database.SaveAccount(ctx, acc) if err != nil { return nil, fmt.Errorf("error creating account: %v", err) } @@ -64,23 +71,51 @@ func (d *AccountsDomain) DeleteAccount(ctx context.Context, id int) error { } func (d *AccountsDomain) UpdateAccount(ctx context.Context, account model.AccountDTO) (*model.AccountDTO, error) { - updatedAccount := model.Account{ - ID: account.ID, + // Get account from database + storedAccount, _, err := d.deps.Database.GetAccount(ctx, account.ID) + if errors.Is(err, database.ErrNotFound) { + return nil, model.ErrNotFound + } + if err != nil { + return nil, fmt.Errorf("error getting account for update: %w", err) } - // Update password as well if account.Password != "" { // Hash password with bcrypt hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) if err != nil { return nil, fmt.Errorf("error hashing provided password: %w", err) } - updatedAccount.Password = string(hashedPassword) + storedAccount.Password = string(hashedPassword) + } + + if account.Username != "" { + storedAccount.Username = account.Username + } + + if account.Owner != nil { + storedAccount.Owner = *account.Owner + } + + if account.Config != nil { + storedAccount.Config = *account.Config + } + + // Save updated account + err = d.deps.Database.UpdateAccount(ctx, *storedAccount) + if err != nil { + return nil, fmt.Errorf("error updating account: %w", err) + } + + // Get updated account from database + updatedAccount, _, err := d.deps.Database.GetAccount(ctx, account.ID) + if err != nil { + return nil, fmt.Errorf("error getting updated account: %w", err) } - // TODO + account = updatedAccount.ToDTO() - return nil, nil + return &account, nil } func NewAccountsDomain(deps *dependencies.Dependencies) model.AccountsDomain { diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 73ad918fd..0c0400a6f 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -22,7 +22,7 @@ func (r *AccountsAPIRoutes) Setup(g *gin.RouterGroup) model.Routes { g.GET("/", r.listHandler) g.POST("/", r.createHandler) g.DELETE("/:id", r.deleteHandler) - // g.PUT("/:id", r.updateHandler) + g.PUT("/:id", r.updateHandler) return r } @@ -74,7 +74,7 @@ func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { return model.AccountDTO{ Username: p.Username, Password: p.Password, - Owner: !p.IsVisitor, + Owner: model.Ptr[bool](!p.IsVisitor), } } @@ -144,22 +144,37 @@ func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { response.Send(c, http.StatusNoContent, nil) } -// func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { -// id := c.Param("id") - -// var payload model.AccountDTO -// if err := c.ShouldBindJSON(&payload); err != nil { -// r.logger.WithError(err).Error("error binding json") -// c.AbortWithStatus(http.StatusBadRequest) -// return -// } - -// account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), id, payload) -// if err != nil { -// r.logger.WithError(err).Error("error updating account") -// c.AbortWithStatus(http.StatusInternalServerError) -// return -// } - -// response.Send(c, http.StatusOK, account) -// } +// updateHandler godoc +// +// @Summary Update an account +// @Tags accounts +// @Produce json +// @Success 200 {array} model.AccountDTO +// @Failure 400 {string} string "Bad Request" +// @Failure 500 {string} string "Internal Server Error" +// @Router /api/v1/accounts/{id} [put,patch] +func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { + accountID, err := strconv.Atoi(c.Param("id")) + if err != nil { + r.logger.WithError(err).Error("error parsing id") + response.SendError(c, http.StatusBadRequest, "invalid id") + return + } + + var payload model.AccountDTO + if err := c.ShouldBindJSON(&payload); err != nil { + r.logger.WithError(err).Error("error binding json") + c.AbortWithStatus(http.StatusBadRequest) + return + } + payload.ID = model.DBID(accountID) + + account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), payload) + if err != nil { + r.logger.WithError(err).Error("error updating account") + c.AbortWithStatus(http.StatusInternalServerError) + return + } + + response.Send(c, http.StatusOK, account) +} diff --git a/internal/http/routes/api/v1/auth_test.go b/internal/http/routes/api/v1/auth_test.go index 62d01054c..e88e67181 100644 --- a/internal/http/routes/api/v1/auth_test.go +++ b/internal/http/routes/api/v1/auth_test.go @@ -60,7 +60,7 @@ func TestAccountsRoute(t *testing.T) { account := model.AccountDTO{ Username: "shiori", Password: "gopher", - Owner: true, + Owner: model.Ptr(true), } _, accountInsertErr := deps.Domains.Accounts.CreateAccount(ctx, account) @@ -269,7 +269,7 @@ func TestSettingsHandler(t *testing.T) { require.Equal(t, user.Config, account.Config) // Send Request to update config for user - token, err := deps.Domains.Auth.CreateTokenForAccount(&user, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(user, time.Now().Add(time.Minute)) require.NoError(t, err) payloadJSON := []byte(`{ diff --git a/internal/model/account.go b/internal/model/account.go index 18d838e48..0deb0f6cc 100644 --- a/internal/model/account.go +++ b/internal/model/account.go @@ -46,19 +46,22 @@ func (c UserConfig) Value() (driver.Value, error) { // ToDTO converts Account to AccountDTO. func (a Account) ToDTO() AccountDTO { + owner := a.Owner + config := a.Config + return AccountDTO{ ID: a.ID, Username: a.Username, - Owner: a.Owner, - Config: a.Config, + Owner: &owner, + Config: &config, } } // AccountDTO is data transfer object for Account. type AccountDTO struct { - ID DBID `json:"id"` - Username string `json:"username"` - Password string `json:"-"` // Used only to store, not to retrieve - Owner bool `json:"owner"` - Config UserConfig `json:"config"` + ID DBID `json:"id"` + Username string `json:"username"` + Password string `json:"-"` // Used only to store, not to retrieve + Owner *bool `json:"owner"` + Config *UserConfig `json:"config"` } diff --git a/internal/model/domains.go b/internal/model/domains.go index 8614bc03b..b6e765b63 100644 --- a/internal/model/domains.go +++ b/internal/model/domains.go @@ -26,7 +26,7 @@ type AuthDomain interface { type AccountsDomain interface { ListAccounts(ctx context.Context) ([]AccountDTO, error) CreateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) - // UpdateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) + UpdateAccount(ctx context.Context, account AccountDTO) (*AccountDTO, error) DeleteAccount(ctx context.Context, id int) error } diff --git a/internal/model/ptr.go b/internal/model/ptr.go new file mode 100644 index 000000000..1d3e7c35e --- /dev/null +++ b/internal/model/ptr.go @@ -0,0 +1,5 @@ +package model + +func Ptr[t any](a t) *t { + return &a +} From 4f41104ead462fe922beb0e47932416e31019800 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Tue, 4 Jun 2024 21:43:58 +0200 Subject: [PATCH 011/103] Authorization --- internal/http/middleware/auth.go | 16 ++++++++++++++++ internal/http/routes/api/v1/accounts.go | 2 ++ 2 files changed, 18 insertions(+) diff --git a/internal/http/middleware/auth.go b/internal/http/middleware/auth.go index cb3da436f..7e68d27cb 100644 --- a/internal/http/middleware/auth.go +++ b/internal/http/middleware/auth.go @@ -42,6 +42,22 @@ func AuthenticationRequired() gin.HandlerFunc { } } +func AdminRequired() gin.HandlerFunc { + return func(ctx *gin.Context) { + c := context.NewContextFromGin(ctx) + if !c.UserIsLogged() { + response.SendError(ctx, http.StatusUnauthorized, nil) + return + } + + account := c.GetAccount() + if !account.Owner { + response.SendError(ctx, http.StatusForbidden, nil) + return + } + } +} + // getTokenFromHeader returns the token from the Authorization header, if any. func getTokenFromHeader(c *gin.Context) string { authorization := c.GetHeader(model.AuthorizationHeader) diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 0c0400a6f..9545ba002 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -8,6 +8,7 @@ import ( "github.com/gin-gonic/gin" "github.com/go-shiori/shiori/internal/dependencies" + "github.com/go-shiori/shiori/internal/http/middleware" "github.com/go-shiori/shiori/internal/http/response" "github.com/go-shiori/shiori/internal/model" "github.com/sirupsen/logrus" @@ -19,6 +20,7 @@ type AccountsAPIRoutes struct { } func (r *AccountsAPIRoutes) Setup(g *gin.RouterGroup) model.Routes { + g.Use(middleware.AdminRequired()) g.GET("/", r.listHandler) g.POST("/", r.createHandler) g.DELETE("/:id", r.deleteHandler) From a397c59ce0912a77bc1c5175199e9cd1a8831701 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Tue, 4 Jun 2024 21:44:05 +0200 Subject: [PATCH 012/103] updated api calls --- internal/view/assets/js/page/setting.js | 31 +++++++------------------ 1 file changed, 9 insertions(+), 22 deletions(-) diff --git a/internal/view/assets/js/page/setting.js b/internal/view/assets/js/page/setting.js index 35cc0b17c..5d43303bd 100644 --- a/internal/view/assets/js/page/setting.js +++ b/internal/view/assets/js/page/setting.js @@ -135,7 +135,7 @@ export default { if (this.loading) return; this.loading = true; - fetch(new URL("api/accounts", document.baseURI), { + fetch(new URL("api/v1/accounts", document.baseURI), { headers: { "Content-Type": "application/json", Authorization: "Bearer " + localStorage.getItem("shiori-token"), @@ -147,7 +147,7 @@ export default { }) .then((json) => { this.loading = false; - this.accounts = json; + this.accounts = json.message; }) .catch((err) => { this.loading = false; @@ -210,7 +210,7 @@ export default { }; this.dialog.loading = true; - fetch(new URL("api/accounts", document.baseURI), { + fetch(new URL("api/v1/accounts", document.baseURI), { method: "post", body: JSON.stringify(request), headers: { @@ -220,16 +220,13 @@ export default { }) .then((response) => { if (!response.ok) throw response; - return response; + return response.json(); }) - .then(() => { + .then((json) => { this.dialog.loading = false; this.dialog.visible = false; - this.accounts.push({ - username: data.username, - owner: !data.visitor, - }); + this.accounts.push(json.message); this.accounts.sort((a, b) => { var nameA = a.username.toLowerCase(), nameB = b.username.toLowerCase(); @@ -259,12 +256,6 @@ export default { title: "Change Password", content: "Input new password :", fields: [ - { - name: "oldPassword", - label: "Old password", - type: "password", - value: "", - }, { name: "password", label: "New password", @@ -276,16 +267,11 @@ export default { label: "Repeat password", type: "password", value: "", - }, + } ], mainText: "OK", secondText: "Cancel", mainClick: (data) => { - if (data.oldPassword === "") { - this.showErrorDialog("Old password must not empty"); - return; - } - if (data.password === "") { this.showErrorDialog("New password must not empty"); return; @@ -297,6 +283,7 @@ export default { } var request = { + id: account.id, username: account.username, oldPassword: data.oldPassword, newPassword: data.password, @@ -304,7 +291,7 @@ export default { }; this.dialog.loading = true; - fetch(new URL("api/accounts", document.baseURI), { + fetch(new URL("api/v1/accounts/" + account.id, document.baseURI), { method: "put", body: JSON.stringify(request), headers: { From 6ba47227f010a7e496ee508d5342265e82b5045d Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Tue, 4 Jun 2024 23:25:52 +0200 Subject: [PATCH 013/103] apis, pointers, auth --- internal/domains/auth.go | 12 +- internal/http/context/auth.go | 4 +- internal/http/context/auth_test.go | 2 +- internal/http/context/context.go | 2 +- internal/http/middleware/auth.go | 9 +- internal/http/middleware/auth_test.go | 50 ++++- internal/http/routes/api/v1/accounts.go | 3 +- internal/http/routes/api/v1/accounts_test.go | 187 ++++++++++++++++-- internal/http/routes/api/v1/auth.go | 45 ++--- internal/http/routes/api/v1/auth_test.go | 152 +++++--------- internal/http/routes/api/v1/bookmarks.go | 2 +- internal/http/routes/api/v1/bookmarks_test.go | 4 +- internal/http/routes/api/v1/tags.go | 2 +- internal/http/routes/api/v1/tags_test.go | 2 +- internal/http/routes/legacy.go | 2 +- internal/model/account.go | 4 + internal/model/domains.go | 6 +- internal/model/legacy.go | 2 +- internal/testutil/accounts.go | 27 +++ internal/testutil/http.go | 7 + internal/view/assets/js/page/setting.js | 13 +- internal/webserver/handler.go | 2 +- 22 files changed, 358 insertions(+), 181 deletions(-) create mode 100644 internal/testutil/accounts.go diff --git a/internal/domains/auth.go b/internal/domains/auth.go index 288c4b81c..8ec0cae27 100644 --- a/internal/domains/auth.go +++ b/internal/domains/auth.go @@ -20,10 +20,10 @@ type AuthDomain struct { type JWTClaim struct { jwt.RegisteredClaims - Account *model.Account + Account *model.AccountDTO } -func (d *AuthDomain) CheckToken(ctx context.Context, userJWT string) (*model.Account, error) { +func (d *AuthDomain) CheckToken(ctx context.Context, userJWT string) (*model.AccountDTO, error) { token, err := jwt.ParseWithClaims(userJWT, &JWTClaim{}, func(token *jwt.Token) (interface{}, error) { // Validate algorithm if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { @@ -46,7 +46,7 @@ func (d *AuthDomain) CheckToken(ctx context.Context, userJWT string) (*model.Acc return nil, fmt.Errorf("error obtaining user from JWT claims") } -func (d *AuthDomain) GetAccountFromCredentials(ctx context.Context, username, password string) (*model.Account, error) { +func (d *AuthDomain) GetAccountFromCredentials(ctx context.Context, username, password string) (*model.AccountDTO, error) { accounts, err := d.deps.Database.ListAccounts(ctx, database.ListAccountsOptions{ Username: username, WithPassword: true, @@ -65,12 +65,12 @@ func (d *AuthDomain) GetAccountFromCredentials(ctx context.Context, username, pa return nil, fmt.Errorf("username and password do not match") } - return &account, nil + return model.Ptr(account.ToDTO()), nil } -func (d *AuthDomain) CreateTokenForAccount(account *model.Account, expiration time.Time) (string, error) { +func (d *AuthDomain) CreateTokenForAccount(account *model.AccountDTO, expiration time.Time) (string, error) { claims := jwt.MapClaims{ - "account": account.ToDTO(), + "account": account, "exp": expiration.UTC().Unix(), } diff --git a/internal/http/context/auth.go b/internal/http/context/auth.go index d11e69e30..214ebcf49 100644 --- a/internal/http/context/auth.go +++ b/internal/http/context/auth.go @@ -8,9 +8,9 @@ func (c *Context) UserIsLogged() bool { return exists } -func (c *Context) GetAccount() *model.Account { +func (c *Context) GetAccount() *model.AccountDTO { if c.account == nil && c.UserIsLogged() { - c.account = c.MustGet(model.ContextAccountKey).(*model.Account) + c.account = c.MustGet(model.ContextAccountKey).(*model.AccountDTO) } return c.account diff --git a/internal/http/context/auth_test.go b/internal/http/context/auth_test.go index e7bc7e0e5..37bcfbf8e 100644 --- a/internal/http/context/auth_test.go +++ b/internal/http/context/auth_test.go @@ -22,7 +22,7 @@ func TestUserIsLogged(t *testing.T) { func TestGetAccount(t *testing.T) { t.Run("test get account (logged in)", func(t *testing.T) { - account := model.Account{ + account := model.AccountDTO{ Username: "shiori", } c := New() diff --git a/internal/http/context/context.go b/internal/http/context/context.go index d8219f259..1d0c84b01 100644 --- a/internal/http/context/context.go +++ b/internal/http/context/context.go @@ -9,7 +9,7 @@ import ( type Context struct { *gin.Context - account *model.Account + account *model.AccountDTO } // NewContextFromGin returns a new Context instance from gin.Context diff --git a/internal/http/middleware/auth.go b/internal/http/middleware/auth.go index 7e68d27cb..21e9018cb 100644 --- a/internal/http/middleware/auth.go +++ b/internal/http/middleware/auth.go @@ -42,16 +42,13 @@ func AuthenticationRequired() gin.HandlerFunc { } } +// AdminRequired provides a middleware that checks if the user is logged in and is an admin, returning +// a 403 error if not. func AdminRequired() gin.HandlerFunc { return func(ctx *gin.Context) { c := context.NewContextFromGin(ctx) - if !c.UserIsLogged() { - response.SendError(ctx, http.StatusUnauthorized, nil) - return - } - account := c.GetAccount() - if !account.Owner { + if account == nil || !account.IsOwner() { response.SendError(ctx, http.StatusForbidden, nil) return } diff --git a/internal/http/middleware/auth_test.go b/internal/http/middleware/auth_test.go index 3b5d3d5ff..b1f362778 100644 --- a/internal/http/middleware/auth_test.go +++ b/internal/http/middleware/auth_test.go @@ -61,7 +61,7 @@ func TestAuthMiddleware(t *testing.T) { }) t.Run("test authorization header", func(t *testing.T) { - account := model.Account{Username: "shiori"} + account := model.AccountDTO{Username: "shiori"} token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) require.NoError(t, err) w := httptest.NewRecorder() @@ -74,7 +74,7 @@ func TestAuthMiddleware(t *testing.T) { }) t.Run("test authorization cookie", func(t *testing.T) { - account := model.Account{Username: "shiori"} + account := model.AccountDTO{Username: "shiori"} token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) require.NoError(t, err) w := httptest.NewRecorder() @@ -90,3 +90,49 @@ func TestAuthMiddleware(t *testing.T) { require.True(t, exists) }) } + +func TestAdminRequiredMiddleware(t *testing.T) { + t.Run("test unauthorized", func(t *testing.T) { + g := testutil.NewGin() + g.Use(AdminRequired()) + g.Handle("GET", "/", func(c *gin.Context) { + response.Send(c, http.StatusOK, nil) + }) + w := testutil.PerformRequest(g, "GET", "/") + require.Equal(t, http.StatusForbidden, w.Code) + // This ensures we are aborting the request and not sending more data + require.Equal(t, `{"ok":false,"message":null}`, w.Body.String()) + }) + + t.Run("test user but not admin", func(t *testing.T) { + g := testutil.NewGin() + // Fake a logged in admin in the context, which is the way the AuthMiddleware works. + g.Use(func(ctx *gin.Context) { + ctx.Set(model.ContextAccountKey, &model.AccountDTO{ + Owner: model.Ptr(false), + }) + }) + g.Use(AdminRequired()) + g.GET("/", func(c *gin.Context) { + c.Status(http.StatusOK) + }) + w := testutil.PerformRequest(g, "GET", "/") + require.Equal(t, http.StatusForbidden, w.Code) + }) + + t.Run("test authorized", func(t *testing.T) { + g := testutil.NewGin() + // Fake a logged in admin in the context, which is the way the AuthMiddleware works. + g.Use(func(ctx *gin.Context) { + ctx.Set(model.ContextAccountKey, &model.AccountDTO{ + Owner: model.Ptr(true), + }) + }) + g.Use(AdminRequired()) + g.GET("/", func(c *gin.Context) { + c.Status(http.StatusOK) + }) + w := testutil.PerformRequest(g, "GET", "/") + require.Equal(t, http.StatusOK, w.Code) + }) +} diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 9545ba002..4078710d8 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -25,6 +25,7 @@ func (r *AccountsAPIRoutes) Setup(g *gin.RouterGroup) model.Routes { g.POST("/", r.createHandler) g.DELETE("/:id", r.deleteHandler) g.PUT("/:id", r.updateHandler) + g.PATCH("/:id", r.updateHandler) return r } @@ -76,7 +77,7 @@ func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { return model.AccountDTO{ Username: p.Username, Password: p.Password, - Owner: model.Ptr[bool](!p.IsVisitor), + Owner: model.Ptr(!p.IsVisitor), } } diff --git a/internal/http/routes/api/v1/accounts_test.go b/internal/http/routes/api/v1/accounts_test.go index 854be7499..174c53cb5 100644 --- a/internal/http/routes/api/v1/accounts_test.go +++ b/internal/http/routes/api/v1/accounts_test.go @@ -2,42 +2,97 @@ package api_v1 import ( "context" + "encoding/json" "net/http" "strconv" "testing" + "time" "github.com/gin-gonic/gin" + "github.com/go-shiori/shiori/internal/http/middleware" "github.com/go-shiori/shiori/internal/model" "github.com/go-shiori/shiori/internal/testutil" "github.com/sirupsen/logrus" "github.com/stretchr/testify/require" ) -func TestAccountList(t *testing.T) { +func TestAccountRouteAuthorization(t *testing.T) { logger := logrus.New() ctx := context.TODO() - t.Run("empty account list", func(t *testing.T) { + t.Run("require authentication", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "GET", "/") - require.Equal(t, http.StatusOK, w.Code) + require.Equal(t, http.StatusForbidden, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertNotOk(t) + }) + + t.Run("require admin user", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + account, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ + Username: "gopher", + Password: "shiori", + }) + require.NoError(t, err) + + token, err := deps.Domains.Auth.CreateTokenForAccount(account, time.Now().Add(time.Hour)) + require.NoError(t, err) + + w := testutil.PerformRequest(g, "GET", "/", testutil.WithAuthToken(token)) + require.Equal(t, http.StatusForbidden, w.Code) response, err := testutil.NewTestResponseFromReader(w.Body) require.NoError(t, err) - response.AssertMessageIsEmptyList(t) + response.AssertNotOk(t) }) +} + +func TestAccountList(t *testing.T) { + logger := logrus.New() + ctx := context.TODO() t.Run("return account", func(t *testing.T) { - ctx := context.TODO() + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "GET", "/", testutil.WithAuthToken(token)) + require.Equal(t, http.StatusOK, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertOk(t) + require.Len(t, response.Response.Message, 1) + }) + + t.Run("return accounts", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) - _, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ + _, err = deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ Username: "gopher", Password: "shiori", }) @@ -45,15 +100,16 @@ func TestAccountList(t *testing.T) { router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) - w := testutil.PerformRequest(g, "GET", "/") + w := testutil.PerformRequest(g, "GET", "/", testutil.WithAuthToken(token)) require.Equal(t, http.StatusOK, w.Code) response, err := testutil.NewTestResponseFromReader(w.Body) require.NoError(t, err) response.AssertOk(t) - require.Len(t, response.Response.Message, 1) + require.Len(t, response.Response.Message, 2) }) + } func TestAccountCreate(t *testing.T) { @@ -63,13 +119,17 @@ func TestAccountCreate(t *testing.T) { t.Run("create account ok", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`{ "username": "gopher", "password": "shiori" - }`)) + }`), testutil.WithAuthToken(token)) require.Equal(t, http.StatusCreated, w.Code) response, err := testutil.NewTestResponseFromReader(w.Body) @@ -82,13 +142,17 @@ func TestAccountCreate(t *testing.T) { t.Run("empty username", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`{ "username": "", "password": "shiori" - }`)) + }`), testutil.WithAuthToken(token)) require.Equal(t, http.StatusBadRequest, w.Code) response, err := testutil.NewTestResponseFromReader(w.Body) @@ -100,13 +164,17 @@ func TestAccountCreate(t *testing.T) { t.Run("empty password", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`{ "username": "gopher", "password": "" - }`)) + }`), testutil.WithAuthToken(token)) require.Equal(t, http.StatusBadRequest, w.Code) response, err := testutil.NewTestResponseFromReader(w.Body) @@ -123,6 +191,10 @@ func TestAccountDelete(t *testing.T) { t.Run("success", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) account, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ Username: "gopher", @@ -132,16 +204,105 @@ func TestAccountDelete(t *testing.T) { router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) - w := testutil.PerformRequest(g, "DELETE", "/"+strconv.Itoa(int(account.ID))) + w := testutil.PerformRequest(g, "DELETE", "/"+strconv.Itoa(int(account.ID)), testutil.WithAuthToken(token)) require.Equal(t, http.StatusNoContent, w.Code) }) t.Run("account not found", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) router := NewAccountsAPIRoutes(logger, deps) router.Setup(g.Group("/")) - w := testutil.PerformRequest(g, "DELETE", "/99") + w := testutil.PerformRequest(g, "DELETE", "/99", testutil.WithAuthToken(token)) require.Equal(t, http.StatusNotFound, w.Code) }) } + +func TestAccountUpdate(t *testing.T) { + logger := logrus.New() + ctx := context.TODO() + + for _, tc := range []struct { + name string + payload model.AccountDTO + code int + cmp func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) + }{ + { + name: "success change username", + payload: model.AccountDTO{ + Username: "gopher2", + }, + code: http.StatusOK, + cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + require.Equal(t, payload.Username, storedAccount.Username) + }, + }, + { + name: "success change password", + payload: model.AccountDTO{ + Password: "gopher2", + }, + code: http.StatusOK, + cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + require.NotEqual(t, initial.Password, storedAccount.Password) + }, + }, + { + name: "success change owner", + payload: model.AccountDTO{ + Owner: model.Ptr(true), + }, + code: http.StatusOK, + cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + require.Equal(t, *payload.Owner, storedAccount.Owner) + }, + }, + { + name: "change entire account", + payload: model.AccountDTO{ + Username: "gopher2", + Password: "gopher2", + Owner: model.Ptr(true), + }, + code: http.StatusOK, + cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + require.Equal(t, payload.Username, storedAccount.Username) + require.NotEqual(t, initial.Password, storedAccount.Password) + require.Equal(t, *payload.Owner, storedAccount.Owner) + }, + }, + } { + t.Run(tc.name, func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + + account, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ + Username: "gopher", + Password: "shiori", + }) + require.NoError(t, err) + + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + body, err := json.Marshal(tc.payload) + require.NoError(t, err) + + w := testutil.PerformRequest(g, "PATCH", "/"+strconv.Itoa(int(account.ID)), testutil.WithBody(string(body)), testutil.WithAuthToken(token)) + require.Equal(t, tc.code, w.Code) + + storedAccount, _, err := deps.Database.GetAccount(ctx, account.ID) + require.NoError(t, err) + + tc.cmp(t, *account, tc.payload, *storedAccount) + }) + } +} diff --git a/internal/http/routes/api/v1/auth.go b/internal/http/routes/api/v1/auth.go index 10f8ad3dc..83bae9f61 100644 --- a/internal/http/routes/api/v1/auth.go +++ b/internal/http/routes/api/v1/auth.go @@ -8,6 +8,7 @@ import ( "github.com/gin-gonic/gin" "github.com/go-shiori/shiori/internal/dependencies" "github.com/go-shiori/shiori/internal/http/context" + "github.com/go-shiori/shiori/internal/http/middleware" "github.com/go-shiori/shiori/internal/http/response" "github.com/go-shiori/shiori/internal/model" "github.com/sirupsen/logrus" @@ -20,10 +21,11 @@ type AuthAPIRoutes struct { } func (r *AuthAPIRoutes) Setup(group *gin.RouterGroup) model.Routes { - group.GET("/me", r.meHandler) group.POST("/login", r.loginHandler) + group.Use(middleware.AuthenticationRequired()) + group.GET("/me", r.meHandler) group.POST("/refresh", r.refreshHandler) - group.PATCH("/account", r.settingsHandler) + group.PATCH("/account", r.updateHandler) return r } @@ -92,7 +94,7 @@ func (r *AuthAPIRoutes) loginHandler(c *gin.Context) { return } - sessionID, err := r.legacyLoginHandler(*account, time.Hour*24*30) + sessionID, err := r.legacyLoginHandler(account, time.Hour*24*30) if err != nil { r.logger.WithError(err).Error("failed execute legacy login handler") response.SendInternalServerError(c) @@ -119,14 +121,10 @@ func (r *AuthAPIRoutes) loginHandler(c *gin.Context) { // @Router /api/v1/auth/refresh [post] func (r *AuthAPIRoutes) refreshHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.UserIsLogged() { - response.SendError(c, http.StatusForbidden, nil) - return - } expiration := time.Now().Add(time.Hour * 72) - account, _ := c.Get(model.ContextAccountKey) - token, err := r.deps.Domains.Auth.CreateTokenForAccount(account.(*model.Account), expiration) + account := ctx.GetAccount() + token, err := r.deps.Domains.Auth.CreateTokenForAccount(account, expiration) if err != nil { response.SendInternalServerError(c) return @@ -150,43 +148,40 @@ func (r *AuthAPIRoutes) refreshHandler(c *gin.Context) { // @Router /api/v1/auth/me [get] func (r *AuthAPIRoutes) meHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.UserIsLogged() { - response.SendError(c, http.StatusForbidden, nil) - return - } - response.Send(c, http.StatusOK, ctx.GetAccount()) } -// settingsHandler godoc +// updateHandler godoc // -// @Summary Perform actions on the currently logged-in user. +// @Summary Update account information // @Tags Auth // @securityDefinitions.apikey ApiKeyAuth -// @Param payload body settingRequestPayload false "Config data" +// @Param payload body model.AccountDTO false "Account data" // @Produce json // @Success 200 {object} model.Account // @Failure 403 {object} nil "Token not provided/invalid" // @Router /api/v1/auth/account [patch] -func (r *AuthAPIRoutes) settingsHandler(c *gin.Context) { +func (r *AuthAPIRoutes) updateHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.UserIsLogged() { - response.SendError(c, http.StatusForbidden, nil) - } - var payload settingRequestPayload + + var payload model.AccountDTO if err := c.ShouldBindJSON(&payload); err != nil { response.SendInternalServerError(c) } + // TODO: Check old password? + account := ctx.GetAccount() - account.Config = payload.Config + payload.ID = account.ID - err := r.deps.Database.SaveAccountSettings(c, *account) + account, err := r.deps.Domains.Accounts.UpdateAccount(c, payload) if err != nil { + r.deps.Log.WithError(err).Error("failed to update account") response.SendInternalServerError(c) + return } - response.Send(c, http.StatusOK, ctx.GetAccount()) + response.Send(c, http.StatusOK, account) } func NewAuthAPIRoutes(logger *logrus.Logger, deps *dependencies.Dependencies, loginHandler model.LegacyLoginHandler) *AuthAPIRoutes { diff --git a/internal/http/routes/api/v1/auth_test.go b/internal/http/routes/api/v1/auth_test.go index e88e67181..630dfa418 100644 --- a/internal/http/routes/api/v1/auth_test.go +++ b/internal/http/routes/api/v1/auth_test.go @@ -1,11 +1,8 @@ package api_v1 import ( - "bytes" "context" - "encoding/json" "net/http" - "net/http/httptest" "testing" "time" @@ -16,7 +13,7 @@ import ( "github.com/stretchr/testify/require" ) -func noopLegacyLoginHandler(_ model.Account, _ time.Duration) (string, error) { +func noopLegacyLoginHandler(_ *model.AccountDTO, _ time.Duration) (string, error) { return "", nil } @@ -29,10 +26,8 @@ func TestAccountsRoute(t *testing.T) { _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) router := NewAuthAPIRoutes(logger, deps, noopLegacyLoginHandler) router.Setup(g.Group("/")) - w := httptest.NewRecorder() - body := []byte(`{"username": "gopher"}`) - req := httptest.NewRequest("POST", "/login", bytes.NewBuffer(body)) - g.ServeHTTP(w, req) + body := `{"username": "gopher"}` + w := testutil.PerformRequest(g, "POST", "/login", testutil.WithBody(body)) require.Equal(t, 400, w.Code) }) @@ -42,11 +37,8 @@ func TestAccountsRoute(t *testing.T) { _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) router := NewAuthAPIRoutes(logger, deps, noopLegacyLoginHandler) router.Setup(g.Group("/")) - w := httptest.NewRecorder() - body := []byte(`{"username": "gopher", "password": "shiori"}`) - req := httptest.NewRequest("POST", "/login", bytes.NewBuffer(body)) - g.ServeHTTP(w, req) - + body := `{"username": "gopher", "password": "shiori"}` + w := testutil.PerformRequest(g, "POST", "/login", testutil.WithBody(body)) require.Equal(t, 400, w.Code) }) @@ -66,10 +58,7 @@ func TestAccountsRoute(t *testing.T) { _, accountInsertErr := deps.Domains.Accounts.CreateAccount(ctx, account) require.NoError(t, accountInsertErr) - w := httptest.NewRecorder() - body := []byte(`{"username": "shiori", "password": "gopher"}`) - req := httptest.NewRequest("POST", "/login", bytes.NewBuffer(body)) - g.ServeHTTP(w, req) + w := testutil.PerformRequest(g, "POST", "/login", testutil.WithBody(`{"username": "shiori", "password": "gopher"}`)) require.Equal(t, 200, w.Code) }) @@ -92,15 +81,11 @@ func TestAccountsRoute(t *testing.T) { _, accountInsertErr := deps.Database.SaveAccount(ctx, account) require.NoError(t, accountInsertErr) - token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) - req := httptest.NewRequest("GET", "/me", nil) - req.Header.Add("Authorization", "Bearer "+token) - w := httptest.NewRecorder() - g.ServeHTTP(w, req) - - require.Equal(t, 200, w.Code) + w := testutil.PerformRequest(g, "GET", "/me", testutil.WithAuthToken(token)) + require.Equal(t, http.StatusOK, w.Code) }) t.Run("check /me (incorrect token)", func(t *testing.T) { @@ -112,11 +97,9 @@ func TestAccountsRoute(t *testing.T) { router := NewAuthAPIRoutes(logger, deps, noopLegacyLoginHandler) router.Setup(g.Group("/")) - req := httptest.NewRequest("GET", "/me", nil) - w := httptest.NewRecorder() - g.ServeHTTP(w, req) + w := testutil.PerformRequest(g, "POST", "/refresh", testutil.WithAuthToken("nometokens")) - require.Equal(t, 403, w.Code) + require.Equal(t, http.StatusUnauthorized, w.Code) }) } @@ -169,21 +152,19 @@ func TestRefreshHandler(t *testing.T) { t.Run("empty headers", func(t *testing.T) { w := testutil.PerformRequest(g, "POST", "/refresh") - require.Equal(t, http.StatusForbidden, w.Code) + require.Equal(t, http.StatusUnauthorized, w.Code) }) t.Run("token invalid", func(t *testing.T) { - w := testutil.PerformRequest(g, "POST", "/refresh") - require.Equal(t, http.StatusForbidden, w.Code) + w := testutil.PerformRequest(g, "POST", "/refresh", testutil.WithAuthToken("nometokens")) + require.Equal(t, http.StatusUnauthorized, w.Code) }) t.Run("token valid", func(t *testing.T) { - token, err := deps.Domains.Auth.CreateTokenForAccount(&model.Account{ - Username: "shiori", - }, time.Now().Add(time.Minute)) + _, token, err := testutil.NewAdminUser(deps) require.NoError(t, err) - w := testutil.PerformRequest(g, "POST", "/refresh", testutil.WithHeader(model.AuthorizationHeader, model.AuthorizationTokenType+" "+token)) + w := testutil.PerformRequest(g, "POST", "/refresh", testutil.WithAuthToken(token)) require.Equal(t, http.StatusAccepted, w.Code) }) @@ -199,80 +180,49 @@ func TestSettingsHandler(t *testing.T) { g.Use(middleware.AuthMiddleware(deps)) router.Setup(g.Group("/")) - t.Run("token valid", func(t *testing.T) { - token, err := deps.Domains.Auth.CreateTokenForAccount(&model.Account{ - Username: "shiori", - }, time.Now().Add(time.Minute)) - require.NoError(t, err) - - type settingRequestPayload struct { - Config model.UserConfig `json:"config"` - } - payload := settingRequestPayload{ - Config: model.UserConfig{ - // add your configuration data here - }, - } - payloadJSON, err := json.Marshal(payload) - if err != nil { - logrus.Printf("problem") - } - - w := testutil.PerformRequest(g, "PATCH", "/account", testutil.WithBody(string(payloadJSON)), testutil.WithHeader(model.AuthorizationHeader, model.AuthorizationTokenType+" "+token)) - - require.Equal(t, http.StatusOK, w.Code) + account, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ + Username: "shiori", + Password: "gopher", + Owner: model.Ptr(true), + Config: model.Ptr(model.UserConfig{ + ShowId: true, + ListMode: true, + HideThumbnail: true, + HideExcerpt: true, + NightMode: true, + KeepMetadata: true, + UseArchive: true, + CreateEbook: true, + MakePublic: true, + }), + }) + require.NoError(t, err) + t.Run("require authentication", func(t *testing.T) { + w := testutil.PerformRequest(g, "PATCH", "/account") + require.Equal(t, http.StatusUnauthorized, w.Code) }) t.Run("config not valid", func(t *testing.T) { - token, err := deps.Domains.Auth.CreateTokenForAccount(&model.Account{ - Username: "shiori", - }, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(account, time.Now().Add(time.Minute)) require.NoError(t, err) - w := testutil.PerformRequest(g, "PATCH", "/account", testutil.WithBody("notValidConfig"), testutil.WithHeader(model.AuthorizationHeader, model.AuthorizationTokenType+" "+token)) + w := testutil.PerformRequest(g, "PATCH", "/account", testutil.WithBody("notValidConfig"), testutil.WithAuthToken(token)) require.Equal(t, http.StatusInternalServerError, w.Code) - }) - t.Run("Test configure change in database", func(t *testing.T) { - // Create a tmp database - g := testutil.NewGin() - _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) - router := NewAuthAPIRoutes(logger, deps, noopLegacyLoginHandler) - g.Use(middleware.AuthMiddleware(deps)) - router.Setup(g.Group("/")) - - // Create an account manually to test - account := model.Account{ - Username: "shiori", - Password: "gopher", - Owner: true, - Config: model.UserConfig{ - ShowId: true, - ListMode: true, - HideThumbnail: true, - HideExcerpt: true, - NightMode: true, - KeepMetadata: true, - UseArchive: true, - CreateEbook: true, - MakePublic: true, - }, - } - acc, accountInsertErr := deps.Database.SaveAccount(ctx, account) - require.NoError(t, accountInsertErr) + t.Run("Test configure change in database", func(t *testing.T) { // Get current user config - user, _, err := deps.Database.GetAccount(ctx, acc.ID) + user, _, err := deps.Database.GetAccount(ctx, account.ID) require.NoError(t, err) - require.Equal(t, user.Config, account.Config) + require.Equal(t, user.ToDTO().Config, account.Config) // Send Request to update config for user - token, err := deps.Domains.Auth.CreateTokenForAccount(user, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(user.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) - payloadJSON := []byte(`{ + payloadJSON := `{ "config": { "ShowId": false, "ListMode": false, @@ -283,20 +233,14 @@ func TestSettingsHandler(t *testing.T) { "UseArchive": false, "CreateEbook": false, "MakePublic": false - } - }`) - - w := httptest.NewRecorder() - req := httptest.NewRequest(http.MethodPatch, "/account", bytes.NewBuffer(payloadJSON)) - req.Header.Set("Content-Type", "application/json") - req.Header.Add("Authorization", "Bearer "+token) - g.ServeHTTP(w, req) + }}` - require.Equal(t, 200, w.Code) - user, _, err = deps.Database.GetAccount(ctx, acc.ID) + w := testutil.PerformRequest(g, "PATCH", "/account", testutil.WithBody(payloadJSON), testutil.WithAuthToken(token)) + require.Equal(t, http.StatusOK, w.Code) + user, _, err = deps.Database.GetAccount(ctx, account.ID) require.NoError(t, err) - require.NotEqual(t, user.Config, account.Config) + require.NotEqualValues(t, user.ToDTO().Config, account.Config) }) } diff --git a/internal/http/routes/api/v1/bookmarks.go b/internal/http/routes/api/v1/bookmarks.go index 5c6451c77..1eba9e290 100644 --- a/internal/http/routes/api/v1/bookmarks.go +++ b/internal/http/routes/api/v1/bookmarks.go @@ -126,7 +126,7 @@ func (r *BookmarksAPIRoutes) bookmarkReadable(c *gin.Context) { // @Router /api/v1/bookmarks/cache [put] func (r *BookmarksAPIRoutes) updateCache(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.GetAccount().Owner { + if !ctx.GetAccount().IsOwner() { response.SendError(c, http.StatusForbidden, nil) return } diff --git a/internal/http/routes/api/v1/bookmarks_test.go b/internal/http/routes/api/v1/bookmarks_test.go index 0c013a177..6a1bfb9ff 100644 --- a/internal/http/routes/api/v1/bookmarks_test.go +++ b/internal/http/routes/api/v1/bookmarks_test.go @@ -33,7 +33,7 @@ func TestUpdateBookmarkCache(t *testing.T) { } _, err := deps.Database.SaveAccount(ctx, account) require.NoError(t, err) - token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) t.Run("require authentication", func(t *testing.T) { @@ -66,7 +66,7 @@ func TestReadableeBookmarkContent(t *testing.T) { } _, err := deps.Database.SaveAccount(ctx, account) require.NoError(t, err) - token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) bookmark := testutil.GetValidBookmark() diff --git a/internal/http/routes/api/v1/tags.go b/internal/http/routes/api/v1/tags.go index 290e8ed69..9035929d0 100644 --- a/internal/http/routes/api/v1/tags.go +++ b/internal/http/routes/api/v1/tags.go @@ -51,7 +51,7 @@ func (r *TagsAPIRoutes) listHandler(c *gin.Context) { // @Router /api/v1/tags [post] func (r *TagsAPIRoutes) createHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.GetAccount().Owner { + if !ctx.GetAccount().IsOwner() { response.SendError(c, http.StatusForbidden, nil) return } diff --git a/internal/http/routes/api/v1/tags_test.go b/internal/http/routes/api/v1/tags_test.go index 724929ece..78c0a4ea9 100644 --- a/internal/http/routes/api/v1/tags_test.go +++ b/internal/http/routes/api/v1/tags_test.go @@ -30,7 +30,7 @@ func TestTagList(t *testing.T) { } _, err := deps.Database.SaveAccount(ctx, account) require.NoError(t, err) - token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) + token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) bookmark := testutil.GetValidBookmark() diff --git a/internal/http/routes/legacy.go b/internal/http/routes/legacy.go index c8d243d1b..af49a5bcb 100644 --- a/internal/http/routes/legacy.go +++ b/internal/http/routes/legacy.go @@ -39,7 +39,7 @@ func (r *LegacyAPIRoutes) handle(handler func(w http.ResponseWriter, r *http.Req } } -func (r *LegacyAPIRoutes) HandleLogin(account model.Account, expTime time.Duration) (string, error) { +func (r *LegacyAPIRoutes) HandleLogin(account *model.AccountDTO, expTime time.Duration) (string, error) { // Create session ID sessionID, err := uuid.NewV4() if err != nil { diff --git a/internal/model/account.go b/internal/model/account.go index 0deb0f6cc..7c04db64c 100644 --- a/internal/model/account.go +++ b/internal/model/account.go @@ -65,3 +65,7 @@ type AccountDTO struct { Owner *bool `json:"owner"` Config *UserConfig `json:"config"` } + +func (adto *AccountDTO) IsOwner() bool { + return adto.Owner != nil && *adto.Owner +} diff --git a/internal/model/domains.go b/internal/model/domains.go index b6e765b63..b656769b3 100644 --- a/internal/model/domains.go +++ b/internal/model/domains.go @@ -18,9 +18,9 @@ type BookmarksDomain interface { } type AuthDomain interface { - CheckToken(ctx context.Context, userJWT string) (*Account, error) - GetAccountFromCredentials(ctx context.Context, username, password string) (*Account, error) - CreateTokenForAccount(account *Account, expiration time.Time) (string, error) + CheckToken(ctx context.Context, userJWT string) (*AccountDTO, error) + GetAccountFromCredentials(ctx context.Context, username, password string) (*AccountDTO, error) + CreateTokenForAccount(account *AccountDTO, expiration time.Time) (string, error) } type AccountsDomain interface { diff --git a/internal/model/legacy.go b/internal/model/legacy.go index 4042537cd..0db8fc3cc 100644 --- a/internal/model/legacy.go +++ b/internal/model/legacy.go @@ -2,4 +2,4 @@ package model import "time" -type LegacyLoginHandler func(account Account, expTime time.Duration) (string, error) +type LegacyLoginHandler func(account *AccountDTO, expTime time.Duration) (string, error) diff --git a/internal/testutil/accounts.go b/internal/testutil/accounts.go new file mode 100644 index 000000000..6796251f1 --- /dev/null +++ b/internal/testutil/accounts.go @@ -0,0 +1,27 @@ +package testutil + +import ( + "context" + "time" + + "github.com/go-shiori/shiori/internal/dependencies" + "github.com/go-shiori/shiori/internal/model" +) + +func NewAdminUser(deps *dependencies.Dependencies) (*model.AccountDTO, string, error) { + account, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "admin", + Password: "admin", + Owner: model.Ptr(true), + }) + if err != nil { + return nil, "", err + } + + token, err := deps.Domains.Auth.CreateTokenForAccount(account, time.Now().Add(time.Hour*24*365)) + if err != nil { + return nil, "", err + } + + return account, token, nil +} diff --git a/internal/testutil/http.go b/internal/testutil/http.go index 43c6df7e0..28fcff9b6 100644 --- a/internal/testutil/http.go +++ b/internal/testutil/http.go @@ -7,6 +7,7 @@ import ( "strings" "github.com/gin-gonic/gin" + "github.com/go-shiori/shiori/internal/model" ) // NewGin returns a new gin engine with test mode enabled. @@ -30,6 +31,12 @@ func WithHeader(name, value string) Option { } } +func WithAuthToken(token string) Option { + return func(request *http.Request) { + request.Header.Add(model.AuthorizationHeader, model.AuthorizationTokenType+" "+token) + } +} + func PerformRequest(handler http.Handler, method, path string, options ...Option) *httptest.ResponseRecorder { recorder := httptest.NewRecorder() return PerformRequestWithRecorder(recorder, handler, method, path, options...) diff --git a/internal/view/assets/js/page/setting.js b/internal/view/assets/js/page/setting.js index 5d43303bd..1c86142df 100644 --- a/internal/view/assets/js/page/setting.js +++ b/internal/view/assets/js/page/setting.js @@ -283,16 +283,12 @@ export default { } var request = { - id: account.id, - username: account.username, - oldPassword: data.oldPassword, - newPassword: data.password, - owner: account.owner, + password: data.password, }; this.dialog.loading = true; - fetch(new URL("api/v1/accounts/" + account.id, document.baseURI), { - method: "put", + fetch(new URL(`api/v1/accounts/${account.id}`, document.baseURI), { + method: "patch", body: JSON.stringify(request), headers: { "Content-Type": "application/json", @@ -324,9 +320,8 @@ export default { secondText: "No", mainClick: () => { this.dialog.loading = true; - fetch(`api/accounts`, { + fetch(`api/v1/accounts/${account.id}`, { method: "delete", - body: JSON.stringify([account.username]), headers: { "Content-Type": "application/json", Authorization: "Bearer " + localStorage.getItem("shiori-token"), diff --git a/internal/webserver/handler.go b/internal/webserver/handler.go index 7a625b5d9..76d167503 100644 --- a/internal/webserver/handler.go +++ b/internal/webserver/handler.go @@ -116,7 +116,7 @@ func (h *Handler) validateSession(r *http.Request) error { return fmt.Errorf("session has been expired") } - if r.Method != "" && r.Method != "GET" && !account.Owner { + if r.Method != "" && r.Method != "GET" && account.Owner != nil && !*account.Owner { return fmt.Errorf("account level is not sufficient") } From e126bee6a17923b8ef2fe88649fc24303d16f80a Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Tue, 4 Jun 2024 23:26:42 +0200 Subject: [PATCH 014/103] swagger --- docs/swagger/docs.go | 46 +++++++++++++++++++------ docs/swagger/swagger.json | 46 +++++++++++++++++++------ docs/swagger/swagger.yaml | 32 ++++++++++++----- internal/http/routes/api/v1/accounts.go | 3 +- internal/http/routes/api/v1/auth.go | 4 --- 5 files changed, 95 insertions(+), 36 deletions(-) diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go index 1c6afe47b..fdc68e06f 100644 --- a/docs/swagger/docs.go +++ b/docs/swagger/docs.go @@ -99,6 +99,38 @@ const docTemplate = `{ } } } + }, + "patch": { + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "Update an account", + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/model.AccountDTO" + } + } + }, + "400": { + "description": "Bad Request", + "schema": { + "type": "string" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } } }, "/api/v1/auth/account": { @@ -109,14 +141,14 @@ const docTemplate = `{ "tags": [ "Auth" ], - "summary": "Perform actions on the currently logged-in user.", + "summary": "Update account information", "parameters": [ { - "description": "Config data", + "description": "Account data", "name": "payload", "in": "body", "schema": { - "$ref": "#/definitions/api_v1.settingRequestPayload" + "$ref": "#/definitions/model.AccountDTO" } } ], @@ -359,14 +391,6 @@ const docTemplate = `{ } } }, - "api_v1.settingRequestPayload": { - "type": "object", - "properties": { - "config": { - "$ref": "#/definitions/model.UserConfig" - } - } - }, "api_v1.updateCachePayload": { "type": "object", "required": [ diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json index 8a8500fa0..c3c641950 100644 --- a/docs/swagger/swagger.json +++ b/docs/swagger/swagger.json @@ -88,6 +88,38 @@ } } } + }, + "patch": { + "produces": [ + "application/json" + ], + "tags": [ + "accounts" + ], + "summary": "Update an account", + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/model.AccountDTO" + } + } + }, + "400": { + "description": "Bad Request", + "schema": { + "type": "string" + } + }, + "500": { + "description": "Internal Server Error", + "schema": { + "type": "string" + } + } + } } }, "/api/v1/auth/account": { @@ -98,14 +130,14 @@ "tags": [ "Auth" ], - "summary": "Perform actions on the currently logged-in user.", + "summary": "Update account information", "parameters": [ { - "description": "Config data", + "description": "Account data", "name": "payload", "in": "body", "schema": { - "$ref": "#/definitions/api_v1.settingRequestPayload" + "$ref": "#/definitions/model.AccountDTO" } } ], @@ -348,14 +380,6 @@ } } }, - "api_v1.settingRequestPayload": { - "type": "object", - "properties": { - "config": { - "$ref": "#/definitions/model.UserConfig" - } - } - }, "api_v1.updateCachePayload": { "type": "object", "required": [ diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml index fd0559a77..ab13fd3d1 100644 --- a/docs/swagger/swagger.yaml +++ b/docs/swagger/swagger.yaml @@ -29,11 +29,6 @@ definitions: html: type: string type: object - api_v1.settingRequestPayload: - properties: - config: - $ref: '#/definitions/model.UserConfig' - type: object api_v1.updateCachePayload: properties: create_archive: @@ -201,14 +196,35 @@ paths: summary: Delete an account tags: - accounts + patch: + produces: + - application/json + responses: + "200": + description: OK + schema: + items: + $ref: '#/definitions/model.AccountDTO' + type: array + "400": + description: Bad Request + schema: + type: string + "500": + description: Internal Server Error + schema: + type: string + summary: Update an account + tags: + - accounts /api/v1/auth/account: patch: parameters: - - description: Config data + - description: Account data in: body name: payload schema: - $ref: '#/definitions/api_v1.settingRequestPayload' + $ref: '#/definitions/model.AccountDTO' produces: - application/json responses: @@ -218,7 +234,7 @@ paths: $ref: '#/definitions/model.Account' "403": description: Token not provided/invalid - summary: Perform actions on the currently logged-in user. + summary: Update account information tags: - Auth /api/v1/auth/login: diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 4078710d8..4bc062bfe 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -24,7 +24,6 @@ func (r *AccountsAPIRoutes) Setup(g *gin.RouterGroup) model.Routes { g.GET("/", r.listHandler) g.POST("/", r.createHandler) g.DELETE("/:id", r.deleteHandler) - g.PUT("/:id", r.updateHandler) g.PATCH("/:id", r.updateHandler) return r @@ -155,7 +154,7 @@ func (r *AccountsAPIRoutes) deleteHandler(c *gin.Context) { // @Success 200 {array} model.AccountDTO // @Failure 400 {string} string "Bad Request" // @Failure 500 {string} string "Internal Server Error" -// @Router /api/v1/accounts/{id} [put,patch] +// @Router /api/v1/accounts/{id} [patch] func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { accountID, err := strconv.Atoi(c.Param("id")) if err != nil { diff --git a/internal/http/routes/api/v1/auth.go b/internal/http/routes/api/v1/auth.go index 83bae9f61..d7ae7aec2 100644 --- a/internal/http/routes/api/v1/auth.go +++ b/internal/http/routes/api/v1/auth.go @@ -51,10 +51,6 @@ type loginResponseMessage struct { Expiration int64 `json:"expires"` // Deprecated, used only for legacy APIs } -type settingRequestPayload struct { - Config model.UserConfig `json:"config"` -} - // loginHandler godoc // // @Summary Login to an account using username and password From a90e01ad868be6e0d520bfc16233621926c36c57 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Tue, 4 Jun 2024 23:30:54 +0200 Subject: [PATCH 015/103] stylecheck --- internal/view/assets/js/page/setting.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/view/assets/js/page/setting.js b/internal/view/assets/js/page/setting.js index 1c86142df..81648e965 100644 --- a/internal/view/assets/js/page/setting.js +++ b/internal/view/assets/js/page/setting.js @@ -267,7 +267,7 @@ export default { label: "Repeat password", type: "password", value: "", - } + }, ], mainText: "OK", secondText: "Cancel", From b79340afa4b2e6f4da01aad52fd23d1430fcef01 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 09:39:37 +0200 Subject: [PATCH 016/103] domain validation --- internal/domains/accounts.go | 9 ++++++++- internal/http/routes/api/v1/accounts.go | 25 +++++++++---------------- internal/model/account.go | 22 +++++++++++++++++++++- internal/model/validation.go | 20 ++++++++++++++++++++ 4 files changed, 58 insertions(+), 18 deletions(-) create mode 100644 internal/model/validation.go diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index c8f73fd07..311b18b4f 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -30,7 +30,10 @@ func (d *AccountsDomain) ListAccounts(ctx context.Context) ([]model.AccountDTO, } func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.AccountDTO) (*model.AccountDTO, error) { - // Hash password with bcrypt + if err := account.IsValidCreate(); err != nil { + return nil, err + } + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) if err != nil { return nil, fmt.Errorf("error hashing provided password: %w", err) @@ -71,6 +74,10 @@ func (d *AccountsDomain) DeleteAccount(ctx context.Context, id int) error { } func (d *AccountsDomain) UpdateAccount(ctx context.Context, account model.AccountDTO) (*model.AccountDTO, error) { + if err := account.IsValidUpdate(); err != nil { + return nil, err + } + // Get account from database storedAccount, _, err := d.deps.Database.GetAccount(ctx, account.ID) if errors.Is(err, database.ErrNotFound) { diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 4bc062bfe..c5bf948ec 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -2,7 +2,6 @@ package api_v1 import ( "errors" - "fmt" "net/http" "strconv" @@ -57,21 +56,11 @@ func (r *AccountsAPIRoutes) listHandler(c *gin.Context) { } type createAccountPayload struct { - Username string `json:"username" validate:"required"` - Password string `json:"password" validate:"required"` + Username string `json:"username"` + Password string `json:"password"` IsVisitor bool `json:"is_visitor"` } -func (p *createAccountPayload) IsValid() error { - if p.Username == "" { - return fmt.Errorf("username should not be empty") - } - if p.Password == "" { - return fmt.Errorf("password should not be empty") - } - return nil -} - func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { return model.AccountDTO{ Username: p.Username, @@ -97,13 +86,12 @@ func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { return } - if err := payload.IsValid(); err != nil { - r.logger.WithError(err).Error("error validating payload") + account, err := r.deps.Domains.Accounts.CreateAccount(c.Request.Context(), payload.ToAccountDTO()) + if err, isValidationErr := err.(model.ValidationError); isValidationErr { response.SendError(c, http.StatusBadRequest, err.Error()) return } - account, err := r.deps.Domains.Accounts.CreateAccount(c.Request.Context(), payload.ToAccountDTO()) if err != nil { r.logger.WithError(err).Error("error creating account") c.AbortWithStatus(http.StatusInternalServerError) @@ -172,6 +160,11 @@ func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { payload.ID = model.DBID(accountID) account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), payload) + if err, isValidationErr := err.(model.ValidationError); isValidationErr { + response.SendError(c, http.StatusBadRequest, err.Error()) + return + } + if err != nil { r.logger.WithError(err).Error("error updating account") c.AbortWithStatus(http.StatusInternalServerError) diff --git a/internal/model/account.go b/internal/model/account.go index 99b03119c..d046f6db0 100644 --- a/internal/model/account.go +++ b/internal/model/account.go @@ -61,7 +61,7 @@ func (a Account) ToDTO() AccountDTO { type AccountDTO struct { ID DBID `json:"id"` Username string `json:"username"` - Password string `json:"-"` // Used only to store, not to retrieve + Password string `json:"passowrd,omitempty"` // Used only to store, not to retrieve Owner *bool `json:"owner"` Config *UserConfig `json:"config"` } @@ -69,3 +69,23 @@ type AccountDTO struct { func (adto *AccountDTO) IsOwner() bool { return adto.Owner != nil && *adto.Owner } + +func (adto *AccountDTO) IsValidCreate() error { + if adto.Username == "" { + return NewValidationError("username", "username should not be empty") + } + + if adto.Password == "" { + return NewValidationError("password", "password should not be empty") + } + + return nil +} + +func (adto *AccountDTO) IsValidUpdate() error { + if adto.Username == "" && adto.Password == "" && adto.Owner == nil && adto.Config == nil { + return NewValidationError("account", "no fields to update") + } + + return nil +} diff --git a/internal/model/validation.go b/internal/model/validation.go new file mode 100644 index 000000000..3a7ed7967 --- /dev/null +++ b/internal/model/validation.go @@ -0,0 +1,20 @@ +package model + +// ValidationError represents a validation error. +// This errors are used in the domain layer to indicate an error that is caused generally +// by the user and has to be sent back via the API or appropriate channel. +type ValidationError struct { + Field string `json:"field"` + Message string `json:"message"` +} + +func (v ValidationError) Error() string { + return v.Message +} + +func NewValidationError(field, message string) ValidationError { + return ValidationError{ + Field: field, + Message: message, + } +} From 9c480199e8e9531eb5d6fb00f0f973d2e5e22945 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 09:39:43 +0200 Subject: [PATCH 017/103] tests --- internal/domains/accounts_test.go | 156 +++++++++++++++++++++++ internal/http/routes/api/v1/auth_test.go | 1 - 2 files changed, 156 insertions(+), 1 deletion(-) create mode 100644 internal/domains/accounts_test.go diff --git a/internal/domains/accounts_test.go b/internal/domains/accounts_test.go new file mode 100644 index 000000000..a6e241803 --- /dev/null +++ b/internal/domains/accounts_test.go @@ -0,0 +1,156 @@ +package domains_test + +import ( + "context" + "fmt" + "testing" + + "github.com/go-shiori/shiori/internal/model" + "github.com/go-shiori/shiori/internal/testutil" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/require" +) + +func TestAccountDomainsListAccounts(t *testing.T) { + logger := logrus.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, context.TODO(), logger) + + t.Run("empty", func(t *testing.T) { + accounts, err := deps.Domains.Accounts.ListAccounts(context.Background()) + require.NoError(t, err) + require.Empty(t, accounts) + }) + + t.Run("some accounts", func(t *testing.T) { + for i := 0; i < 3; i++ { + _, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: fmt.Sprintf("user%d", i), + Password: fmt.Sprintf("password%d", i), + }) + require.NoError(t, err) + } + + accounts, err := deps.Domains.Accounts.ListAccounts(context.Background()) + require.NoError(t, err) + require.Len(t, accounts, 3) + require.Equal(t, "", accounts[0].Password) + }) +} + +func TestAccountDomainCreateAccount(t *testing.T) { + logger := logrus.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, context.TODO(), logger) + + t.Run("create account", func(t *testing.T) { + acc, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "user", + Password: "password", + Owner: model.Ptr(true), + Config: &model.UserConfig{ + Theme: "dark", + }, + }) + require.NoError(t, err) + require.NotZero(t, acc.ID) + require.Equal(t, "user", acc.Username) + require.Equal(t, "dark", acc.Config.Theme) + }) + + t.Run("create account with empty username", func(t *testing.T) { + _, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "", + Password: "password", + }) + require.Error(t, err) + _, isValidationErr := err.(model.ValidationError) + require.True(t, isValidationErr) + }) + + t.Run("create account with empty password", func(t *testing.T) { + _, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "user", + Password: "", + }) + require.Error(t, err) + _, isValidationErr := err.(model.ValidationError) + require.True(t, isValidationErr) + }) +} + +func TestAccountDomainUpdateAccount(t *testing.T) { + logger := logrus.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, context.TODO(), logger) + + t.Run("update account", func(t *testing.T) { + acc, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "user", + Password: "password", + }) + require.NoError(t, err) + + acc, err = deps.Domains.Accounts.UpdateAccount(context.TODO(), model.AccountDTO{ + ID: acc.ID, + Username: "user2", + Password: "password2", + Owner: model.Ptr(true), + Config: &model.UserConfig{ + Theme: "light", + }, + }) + require.NoError(t, err) + require.Equal(t, "user2", acc.Username) + require.Equal(t, "light", acc.Config.Theme) + }) + + t.Run("update non-existing account", func(t *testing.T) { + _, err := deps.Domains.Accounts.UpdateAccount(context.TODO(), model.AccountDTO{ + ID: 999, + Username: "user", + Password: "password", + }) + require.Error(t, err) + require.ErrorIs(t, err, model.ErrNotFound) + }) + + t.Run("try to update with no changes", func(t *testing.T) { + acc, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "user", + Password: "password", + }) + require.NoError(t, err) + + _, err = deps.Domains.Accounts.UpdateAccount(context.TODO(), model.AccountDTO{ + ID: acc.ID, + }) + require.Error(t, err) + _, isValidationErr := err.(model.ValidationError) + require.True(t, isValidationErr) + }) + +} + +func TestAccountDomainDeleteAccount(t *testing.T) { + logger := logrus.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, context.TODO(), logger) + + t.Run("delete account", func(t *testing.T) { + acc, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ + Username: "user", + Password: "password", + }) + require.NoError(t, err) + + err = deps.Domains.Accounts.DeleteAccount(context.TODO(), int(acc.ID)) + require.NoError(t, err) + + accounts, err := deps.Domains.Accounts.ListAccounts(context.Background()) + require.NoError(t, err) + require.Empty(t, accounts) + }) + + t.Run("delete non-existing account", func(t *testing.T) { + err := deps.Domains.Accounts.DeleteAccount(context.TODO(), 999) + require.Error(t, err) + require.ErrorIs(t, err, model.ErrNotFound) + }) +} diff --git a/internal/http/routes/api/v1/auth_test.go b/internal/http/routes/api/v1/auth_test.go index 329bbfcfc..6a89292c9 100644 --- a/internal/http/routes/api/v1/auth_test.go +++ b/internal/http/routes/api/v1/auth_test.go @@ -189,7 +189,6 @@ func TestSettingsHandler(t *testing.T) { ListMode: true, HideThumbnail: true, HideExcerpt: true, - NightMode: true, KeepMetadata: true, UseArchive: true, CreateEbook: true, From 046863c4e9462b0954f8efb6c942d33b98834aad Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 09:40:56 +0200 Subject: [PATCH 018/103] swagger --- docs/swagger/docs.go | 4 ++++ docs/swagger/swagger.json | 4 ++++ docs/swagger/swagger.yaml | 3 +++ 3 files changed, 11 insertions(+) diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go index 58bd7232f..712faab21 100644 --- a/docs/swagger/docs.go +++ b/docs/swagger/docs.go @@ -449,6 +449,10 @@ const docTemplate = `{ "owner": { "type": "boolean" }, + "passowrd": { + "description": "Used only to store, not to retrieve", + "type": "string" + }, "username": { "type": "string" } diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json index 6eff4740c..f3707a51a 100644 --- a/docs/swagger/swagger.json +++ b/docs/swagger/swagger.json @@ -438,6 +438,10 @@ "owner": { "type": "boolean" }, + "passowrd": { + "description": "Used only to store, not to retrieve", + "type": "string" + }, "username": { "type": "string" } diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml index 2a18d0952..c13eee724 100644 --- a/docs/swagger/swagger.yaml +++ b/docs/swagger/swagger.yaml @@ -67,6 +67,9 @@ definitions: type: integer owner: type: boolean + passowrd: + description: Used only to store, not to retrieve + type: string username: type: string type: object From 3069f003b880721100a5ea15b30b8f201c91dc0c Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 18:07:10 +0200 Subject: [PATCH 019/103] error handling --- internal/http/routes/api/v1/accounts.go | 8 +- internal/http/routes/api/v1/accounts_test.go | 82 ++++++++++++++++++++ 2 files changed, 88 insertions(+), 2 deletions(-) diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index c5bf948ec..3c6278a87 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -81,8 +81,8 @@ func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { func (r *AccountsAPIRoutes) createHandler(c *gin.Context) { var payload createAccountPayload if err := c.ShouldBindJSON(&payload); err != nil { - r.logger.WithError(err).Error("error binding json") - c.AbortWithStatus(http.StatusBadRequest) + r.logger.WithError(err).Error("error parsing json") + response.SendError(c, http.StatusBadRequest, "invalid json") return } @@ -160,6 +160,10 @@ func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { payload.ID = model.DBID(accountID) account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), payload) + if errors.Is(err, model.ErrNotFound) { + response.SendError(c, http.StatusNotFound, "account not found") + return + } if err, isValidationErr := err.(model.ValidationError); isValidationErr { response.SendError(c, http.StatusBadRequest, err.Error()) return diff --git a/internal/http/routes/api/v1/accounts_test.go b/internal/http/routes/api/v1/accounts_test.go index 174c53cb5..fc441505e 100644 --- a/internal/http/routes/api/v1/accounts_test.go +++ b/internal/http/routes/api/v1/accounts_test.go @@ -116,6 +116,25 @@ func TestAccountCreate(t *testing.T) { logger := logrus.New() ctx := context.TODO() + t.Run("invalid payload", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + w := testutil.PerformRequest(g, "POST", "/", testutil.WithBody(`invalid`), testutil.WithAuthToken(token)) + require.Equal(t, http.StatusBadRequest, w.Code) + + response, err := testutil.NewTestResponseFromReader(w.Body) + require.NoError(t, err) + + response.AssertNotOk(t) + }) + t.Run("create account ok", func(t *testing.T) { g := gin.New() _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) @@ -219,6 +238,18 @@ func TestAccountDelete(t *testing.T) { w := testutil.PerformRequest(g, "DELETE", "/99", testutil.WithAuthToken(token)) require.Equal(t, http.StatusNotFound, w.Code) }) + + t.Run("invalid id", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "DELETE", "/invalid", testutil.WithAuthToken(token)) + require.Equal(t, http.StatusBadRequest, w.Code) + }) } func TestAccountUpdate(t *testing.T) { @@ -275,6 +306,12 @@ func TestAccountUpdate(t *testing.T) { require.Equal(t, *payload.Owner, storedAccount.Owner) }, }, + { + name: "invalid update", + payload: model.AccountDTO{}, + code: http.StatusBadRequest, + cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) {}, + }, } { t.Run(tc.name, func(t *testing.T) { g := gin.New() @@ -305,4 +342,49 @@ func TestAccountUpdate(t *testing.T) { tc.cmp(t, *account, tc.payload, *storedAccount) }) } + + t.Run("invalid payload", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + + account, err := deps.Domains.Accounts.CreateAccount(ctx, model.AccountDTO{ + Username: "gopher", + Password: "shiori", + }) + require.NoError(t, err) + + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + + w := testutil.PerformRequest(g, "PATCH", "/"+strconv.Itoa(int(account.ID)), testutil.WithBody(`invalid`), testutil.WithAuthToken(token)) + require.Equal(t, http.StatusBadRequest, w.Code) + }) + + t.Run("account not found", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "PATCH", "/99", testutil.WithAuthToken(token), testutil.WithBody(`{"username":"gopher"}`)) + require.Equal(t, http.StatusNotFound, w.Code) + }) + + t.Run("invalid id", func(t *testing.T) { + g := gin.New() + _, deps := testutil.GetTestConfigurationAndDependencies(t, ctx, logger) + g.Use(middleware.AuthMiddleware(deps)) + _, token, err := testutil.NewAdminUser(deps) + require.NoError(t, err) + router := NewAccountsAPIRoutes(logger, deps) + router.Setup(g.Group("/")) + w := testutil.PerformRequest(g, "PATCH", "/invalid", testutil.WithAuthToken(token)) + require.Equal(t, http.StatusBadRequest, w.Code) + }) } From 2ba22f2cfc58e7132390022dacd4e9c18c8eee2e Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 18:16:12 +0200 Subject: [PATCH 020/103] fix system account changes --- internal/http/routes/api/v1/system.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/http/routes/api/v1/system.go b/internal/http/routes/api/v1/system.go index f68aaf70a..a094f57aa 100644 --- a/internal/http/routes/api/v1/system.go +++ b/internal/http/routes/api/v1/system.go @@ -46,7 +46,8 @@ type infoResponse struct { // @Router /api/v1/system/info [get] func (r *SystemAPIRoutes) infoHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.GetAccount().Owner { + account := ctx.GetAccount() + if account == nil || !account.IsOwner() { response.SendError(c, http.StatusForbidden, "Only owners can access this endpoint") return } From 7618d4a79d87d67cf76e0afc4d427c3cf31b77f9 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 18:18:05 +0200 Subject: [PATCH 021/103] Cleanup database interface --- internal/database/database.go | 7 ++--- internal/database/database_test.go | 29 +++++-------------- internal/database/mysql.go | 4 +-- internal/database/pg.go | 4 +-- internal/database/sqlite.go | 4 +-- internal/database/sqlite_test.go | 2 +- internal/domains/accounts.go | 2 +- internal/http/routes/api/v1/auth_test.go | 2 +- internal/http/routes/api/v1/bookmarks_test.go | 4 +-- internal/http/routes/api/v1/tags_test.go | 4 +-- 10 files changed, 22 insertions(+), 40 deletions(-) diff --git a/internal/database/database.go b/internal/database/database.go index 916dcc15a..9b67e4496 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -100,15 +100,12 @@ type DB interface { // GetBookmark fetches bookmark based on its ID or URL. GetBookmark(ctx context.Context, id int, url string) (model.BookmarkDTO, bool, error) - // SaveAccount saves new account in database - SaveAccount(ctx context.Context, a model.Account) (*model.Account, error) + // CreateAccount saves new account in database + CreateAccount(ctx context.Context, a model.Account) (*model.Account, error) // UpdateAccount updates account in database UpdateAccount(ctx context.Context, a model.Account) error - // SaveAccountSettings saves settings for specific user in database - SaveAccountSettings(ctx context.Context, a model.Account) error - // ListAccounts fetch list of account (without its password) with matching keyword. ListAccounts(ctx context.Context, opts ListAccountsOptions) ([]model.Account, error) diff --git a/internal/database/database_test.go b/internal/database/database_test.go index 0335f0dae..1e379e5f7 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -37,7 +37,6 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { "testDeleteNonExistantAccount": testDeleteNonExistantAccount, "testSaveAccount": testSaveAccount, "testUpdateAccount": testUpdateAccount, - "testSaveAccountSetting": testSaveAccountSettings, "testGetAccount": testGetAccount, "testListAccounts": testListAccounts, "testListAccountsWithPassword": testListAccountsWithPassword, @@ -344,7 +343,7 @@ func testCreateAccount(t *testing.T, db DB) { Password: "testpass", Owner: true, } - insertedAccount, err := db.SaveAccount(ctx, acc) + insertedAccount, err := db.CreateAccount(ctx, acc) assert.NoError(t, err, "Save account must not fail") assert.Equal(t, acc.Username, insertedAccount.Username, "Saved account must have an username set") assert.Equal(t, acc.Password, insertedAccount.Password, "Saved account must have a password set") @@ -360,7 +359,7 @@ func testDeleteAccount(t *testing.T, db DB) { Password: "testpass", Owner: true, } - storedAccount, err := db.SaveAccount(ctx, acc) + storedAccount, err := db.CreateAccount(ctx, acc) assert.NoError(t, err, "Save account must not fail") err = db.DeleteAccount(ctx, storedAccount.ID) @@ -385,7 +384,7 @@ func testSaveAccount(t *testing.T, db DB) { Config: model.UserConfig{}, } - account, err := db.SaveAccount(ctx, acc) + account, err := db.CreateAccount(ctx, acc) require.Nil(t, err) require.NotNil(t, account) require.NotEmpty(t, account.ID) @@ -403,7 +402,7 @@ func testUpdateAccount(t *testing.T, db DB) { }, } - account, err := db.SaveAccount(ctx, acc) + account, err := db.CreateAccount(ctx, acc) require.Nil(t, err) require.NotNil(t, account) require.NotEmpty(t, account.ID) @@ -435,20 +434,6 @@ func testUpdateAccount(t *testing.T, db DB) { }) } -func testSaveAccountSettings(t *testing.T, db DB) { - ctx := context.TODO() - - t.Run("success", func(t *testing.T) { - acc := model.Account{ - Username: "test", - Config: model.UserConfig{}, - } - - err := db.SaveAccountSettings(ctx, acc) - require.Nil(t, err) - }) -} - func testGetAccount(t *testing.T, db DB) { ctx := context.TODO() @@ -460,7 +445,7 @@ func testGetAccount(t *testing.T, db DB) { } for _, acc := range testAccounts { - storedAcc, err := db.SaveAccount(ctx, acc) + storedAcc, err := db.CreateAccount(ctx, acc) assert.Nil(t, err) // Successful case @@ -487,7 +472,7 @@ func testListAccounts(t *testing.T, db DB) { {Username: "foo_bar", Password: "foobar", Owner: true}, } for _, acc := range testAccounts { - _, err := db.SaveAccount(ctx, acc) + _, err := db.CreateAccount(ctx, acc) assert.Nil(t, err) } @@ -516,7 +501,7 @@ func testListAccounts(t *testing.T, db DB) { func testListAccountsWithPassword(t *testing.T, db DB) { ctx := context.TODO() - _, err := db.SaveAccount(ctx, model.Account{ + _, err := db.CreateAccount(ctx, model.Account{ Username: "gopher", Password: "shiori", }) diff --git a/internal/database/mysql.go b/internal/database/mysql.go index dbbb82be9..097d34436 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -579,8 +579,8 @@ func (db *MySQLDatabase) GetBookmark(ctx context.Context, id int, url string) (m return book, book.ID != 0, nil } -// SaveAccount saves new account to database. Returns error if any happened. -func (db *MySQLDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { +// CreateAccount saves new account to database. Returns error if any happened. +func (db *MySQLDatabase) CreateAccount(ctx context.Context, account model.Account) (*model.Account, error) { // Insert account to database result, insertErr := db.ExecContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES (?, ?, ?, ?) diff --git a/internal/database/pg.go b/internal/database/pg.go index 3fb1a78cd..7dea2e602 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -586,8 +586,8 @@ func (db *PGDatabase) GetBookmark(ctx context.Context, id int, url string) (mode return book, book.ID != 0, nil } -// SaveAccount saves new account to database. Returns error if any happened. -func (db *PGDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { +// CreateAccount saves new account to database. Returns error if any happened. +func (db *PGDatabase) CreateAccount(ctx context.Context, account model.Account) (*model.Account, error) { var accountID int64 if err := db.withTx(ctx, func(tx *sqlx.Tx) error { query, err := tx.PrepareContext(ctx, `INSERT INTO account diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index d50cbf336..6a2c61e98 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -687,8 +687,8 @@ func (db *SQLiteDatabase) GetBookmark(ctx context.Context, id int, url string) ( return book, book.ID != 0, nil } -// SaveAccount saves new account to database. Returns error if any happened. -func (db *SQLiteDatabase) SaveAccount(ctx context.Context, account model.Account) (*model.Account, error) { +// CreateAccount saves new account to database. Returns error if any happened. +func (db *SQLiteDatabase) CreateAccount(ctx context.Context, account model.Account) (*model.Account, error) { var accountID int64 if err := db.withTx(ctx, func(tx *sqlx.Tx) error { query, err := tx.PrepareContext(ctx, `INSERT INTO account diff --git a/internal/database/sqlite_test.go b/internal/database/sqlite_test.go index 486872dac..23c1f568a 100644 --- a/internal/database/sqlite_test.go +++ b/internal/database/sqlite_test.go @@ -83,6 +83,6 @@ func TestSQLiteDatabaseSaveAccountFail(t *testing.T) { // Test falid database acc := model.Account{} - _, err = db.SaveAccount(ctx, acc) + _, err = db.CreateAccount(ctx, acc) assert.Contains(t, err.Error(), "no such table: account") } diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index 311b18b4f..d3656ba94 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -50,7 +50,7 @@ func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Accoun acc.Config = *account.Config } - storedAccount, err := d.deps.Database.SaveAccount(ctx, acc) + storedAccount, err := d.deps.Database.CreateAccount(ctx, acc) if err != nil { return nil, fmt.Errorf("error creating account: %v", err) } diff --git a/internal/http/routes/api/v1/auth_test.go b/internal/http/routes/api/v1/auth_test.go index 6a89292c9..af95fdea6 100644 --- a/internal/http/routes/api/v1/auth_test.go +++ b/internal/http/routes/api/v1/auth_test.go @@ -78,7 +78,7 @@ func TestAccountsRoute(t *testing.T) { Password: "gopher", Owner: true, } - _, accountInsertErr := deps.Database.SaveAccount(ctx, account) + _, accountInsertErr := deps.Database.CreateAccount(ctx, account) require.NoError(t, accountInsertErr) token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) diff --git a/internal/http/routes/api/v1/bookmarks_test.go b/internal/http/routes/api/v1/bookmarks_test.go index 6a1bfb9ff..77913f24b 100644 --- a/internal/http/routes/api/v1/bookmarks_test.go +++ b/internal/http/routes/api/v1/bookmarks_test.go @@ -31,7 +31,7 @@ func TestUpdateBookmarkCache(t *testing.T) { Password: "test", Owner: false, } - _, err := deps.Database.SaveAccount(ctx, account) + _, err := deps.Database.CreateAccount(ctx, account) require.NoError(t, err) token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) @@ -64,7 +64,7 @@ func TestReadableeBookmarkContent(t *testing.T) { Password: "test", Owner: false, } - _, err := deps.Database.SaveAccount(ctx, account) + _, err := deps.Database.CreateAccount(ctx, account) require.NoError(t, err) token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) diff --git a/internal/http/routes/api/v1/tags_test.go b/internal/http/routes/api/v1/tags_test.go index 78c0a4ea9..503f95173 100644 --- a/internal/http/routes/api/v1/tags_test.go +++ b/internal/http/routes/api/v1/tags_test.go @@ -28,7 +28,7 @@ func TestTagList(t *testing.T) { Password: "test", Owner: true, } - _, err := deps.Database.SaveAccount(ctx, account) + _, err := deps.Database.CreateAccount(ctx, account) require.NoError(t, err) token, err := deps.Domains.Auth.CreateTokenForAccount(model.Ptr(account.ToDTO()), time.Now().Add(time.Minute)) require.NoError(t, err) @@ -79,7 +79,7 @@ func TestTagCreate(t *testing.T) { Password: "test", Owner: true, } - _, err := deps.Database.SaveAccount(ctx, account) + _, err := deps.Database.CreateAccount(ctx, account) require.NoError(t, err) // token, err := deps.Domains.Auth.CreateTokenForAccount(&account, time.Now().Add(time.Minute)) // require.NoError(t, err) From 4386df7b4001c021a712b3f375325d52319b592e Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 18:22:16 +0200 Subject: [PATCH 022/103] test cleanup --- internal/database/database_test.go | 15 --------------- internal/database/sqlite_test.go | 17 ----------------- internal/testutil/http.go | 10 +++++----- 3 files changed, 5 insertions(+), 37 deletions(-) diff --git a/internal/database/database_test.go b/internal/database/database_test.go index 1e379e5f7..373d43e3e 100644 --- a/internal/database/database_test.go +++ b/internal/database/database_test.go @@ -35,7 +35,6 @@ func testDatabase(t *testing.T, dbFactory testDatabaseFactory) { "testCreateAccount": testCreateAccount, "testDeleteAccount": testDeleteAccount, "testDeleteNonExistantAccount": testDeleteNonExistantAccount, - "testSaveAccount": testSaveAccount, "testUpdateAccount": testUpdateAccount, "testGetAccount": testGetAccount, "testListAccounts": testListAccounts, @@ -376,20 +375,6 @@ func testDeleteNonExistantAccount(t *testing.T, db DB) { assert.ErrorIs(t, err, ErrNotFound, "Delete account must fail") } -func testSaveAccount(t *testing.T, db DB) { - ctx := context.TODO() - - acc := model.Account{ - Username: "testuser", - Config: model.UserConfig{}, - } - - account, err := db.CreateAccount(ctx, acc) - require.Nil(t, err) - require.NotNil(t, account) - require.NotEmpty(t, account.ID) -} - func testUpdateAccount(t *testing.T, db DB) { ctx := context.TODO() diff --git a/internal/database/sqlite_test.go b/internal/database/sqlite_test.go index 23c1f568a..720d3ea3f 100644 --- a/internal/database/sqlite_test.go +++ b/internal/database/sqlite_test.go @@ -68,21 +68,4 @@ func testSqliteGetBookmarksWithDash(t *testing.T) { assert.NoError(t, err, "Get bookmarks should not fail") assert.Len(t, results, 1, "results should contain one item") assert.Equal(t, savedBookmark.ID, results[0].ID, "bookmark should be the one saved") - -} - -func TestSQLiteDatabaseSaveAccountFail(t *testing.T) { - ctx := context.TODO() - - // Initialize nonexistant database - factory := func(ctx context.Context) (DB, error) { - return OpenSQLiteDatabase(ctx, filepath.Join(os.TempDir(), "shiori_test.db")) - } - db, err := factory(ctx) - assert.Nil(t, err) - - // Test falid database - acc := model.Account{} - _, err = db.CreateAccount(ctx, acc) - assert.Contains(t, err.Error(), "no such table: account") } diff --git a/internal/testutil/http.go b/internal/testutil/http.go index 395c64e1e..64395a361 100644 --- a/internal/testutil/http.go +++ b/internal/testutil/http.go @@ -58,10 +58,10 @@ func PerformRequestWithRecorder(recorder *httptest.ResponseRecorder, r http.Hand // Keep in mind that this users is not saved in database so any tests that use this middleware // should not rely on database. func FakeUserLoggedInMiddlewware(ctx *gin.Context) { - ctx.Set("account", &model.Account{ + ctx.Set("account", &model.AccountDTO{ ID: 1, Username: "user", - Owner: false, + Owner: model.Ptr(false), }) } @@ -69,10 +69,10 @@ func FakeUserLoggedInMiddlewware(ctx *gin.Context) { // Keep in mind that this users is not saved in database so any tests that use this middleware // should not rely on database. func FakeAdminLoggedInMiddlewware(ctx *gin.Context) { - ctx.Set("account", &model.Account{ + ctx.Set("account", &model.AccountDTO{ ID: 1, - Username: "admin", - Owner: true, + Username: "user", + Owner: model.Ptr(true), }) } From ed7027e2ac37713dd1bd9ca48aacd867c9a2973c Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 8 Jun 2024 18:26:33 +0200 Subject: [PATCH 023/103] fixed nil references --- internal/http/routes/api/v1/bookmarks.go | 3 ++- internal/http/routes/api/v1/tags.go | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/internal/http/routes/api/v1/bookmarks.go b/internal/http/routes/api/v1/bookmarks.go index 5bf831c5a..6448b3833 100644 --- a/internal/http/routes/api/v1/bookmarks.go +++ b/internal/http/routes/api/v1/bookmarks.go @@ -125,7 +125,8 @@ func (r *BookmarksAPIRoutes) bookmarkReadable(c *gin.Context) { // @Router /api/v1/bookmarks/cache [put] func (r *BookmarksAPIRoutes) updateCache(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.GetAccount().IsOwner() { + account := ctx.GetAccount() + if account != nil && !account.IsOwner() { response.SendError(c, http.StatusForbidden, nil) return } diff --git a/internal/http/routes/api/v1/tags.go b/internal/http/routes/api/v1/tags.go index 9035929d0..01a21fdc2 100644 --- a/internal/http/routes/api/v1/tags.go +++ b/internal/http/routes/api/v1/tags.go @@ -51,7 +51,8 @@ func (r *TagsAPIRoutes) listHandler(c *gin.Context) { // @Router /api/v1/tags [post] func (r *TagsAPIRoutes) createHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - if !ctx.GetAccount().IsOwner() { + account := ctx.GetAccount() + if account != nil && !account.IsOwner() { response.SendError(c, http.StatusForbidden, nil) return } From 44ba6219f8528898615fe60951116c6d7699b5e4 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 21 Dec 2024 10:39:24 +0100 Subject: [PATCH 024/103] feat: Add logout endpoint to auth routes --- internal/http/routes/api/v1/auth.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/http/routes/api/v1/auth.go b/internal/http/routes/api/v1/auth.go index 906a03b89..160b27bdd 100644 --- a/internal/http/routes/api/v1/auth.go +++ b/internal/http/routes/api/v1/auth.go @@ -26,6 +26,7 @@ func (r *AuthAPIRoutes) Setup(group *gin.RouterGroup) model.Routes { group.GET("/me", r.meHandler) group.POST("/refresh", r.refreshHandler) group.PATCH("/account", r.updateHandler) + group.POST("/logout", r.logoutHandler) return r } From 6773a485d72a4069389835196ab15d6ca4a3d93c Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 21 Dec 2024 10:39:26 +0100 Subject: [PATCH 025/103] feat: Add logoutHandler for stateless JWT token logout --- internal/http/routes/api/v1/auth.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/internal/http/routes/api/v1/auth.go b/internal/http/routes/api/v1/auth.go index 160b27bdd..0b3b6d9de 100644 --- a/internal/http/routes/api/v1/auth.go +++ b/internal/http/routes/api/v1/auth.go @@ -179,6 +179,21 @@ func (r *AuthAPIRoutes) updateHandler(c *gin.Context) { response.Send(c, http.StatusOK, account) } +// logoutHandler godoc +// +// @Summary Logout from the current session +// @Tags Auth +// @securityDefinitions.apikey ApiKeyAuth +// @Produce json +// @Success 200 {object} nil "Logout successful" +// @Failure 403 {object} nil "Token not provided/invalid" +// @Router /api/v1/auth/logout [post] +func (r *AuthAPIRoutes) logoutHandler(c *gin.Context) { + // Since the token is stateless JWT, we just return success + // The client should remove the token from their storage + response.Send(c, http.StatusOK, nil) +} + func NewAuthAPIRoutes(logger *logrus.Logger, deps *dependencies.Dependencies, loginHandler model.LegacyLoginHandler) *AuthAPIRoutes { return &AuthAPIRoutes{ logger: logger, From 9615c6fea9fd1f6941034405ecf18b1742811107 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sat, 21 Dec 2024 10:53:12 +0100 Subject: [PATCH 026/103] fixed some bug catched in tests --- internal/domains/auth.go | 4 +++ internal/domains/auth_test.go | 1 + internal/http/routes/api/v1/auth.go | 2 +- internal/http/routes/legacy.go | 3 --- internal/view/index.html | 12 ++++----- internal/webserver/handler-api.go | 11 -------- internal/webserver/handler.go | 40 ----------------------------- 7 files changed, 12 insertions(+), 61 deletions(-) create mode 100644 internal/domains/auth_test.go diff --git a/internal/domains/auth.go b/internal/domains/auth.go index 8ec0cae27..b98dfc33c 100644 --- a/internal/domains/auth.go +++ b/internal/domains/auth.go @@ -69,6 +69,10 @@ func (d *AuthDomain) GetAccountFromCredentials(ctx context.Context, username, pa } func (d *AuthDomain) CreateTokenForAccount(account *model.AccountDTO, expiration time.Time) (string, error) { + if account == nil { + return "", fmt.Errorf("account is nil") + } + claims := jwt.MapClaims{ "account": account, "exp": expiration.UTC().Unix(), diff --git a/internal/domains/auth_test.go b/internal/domains/auth_test.go new file mode 100644 index 000000000..a7e332a97 --- /dev/null +++ b/internal/domains/auth_test.go @@ -0,0 +1 @@ +package domains diff --git a/internal/http/routes/api/v1/auth.go b/internal/http/routes/api/v1/auth.go index 0b3b6d9de..063f41036 100644 --- a/internal/http/routes/api/v1/auth.go +++ b/internal/http/routes/api/v1/auth.go @@ -93,7 +93,7 @@ func (r *AuthAPIRoutes) loginHandler(c *gin.Context) { return } - sessionID, err := r.legacyLoginHandler(account, time.Hour*24*30) + sessionID, err := r.legacyLoginHandler(account, expiration) if err != nil { r.logger.WithError(err).Error("failed execute legacy login handler") response.SendInternalServerError(c) diff --git a/internal/http/routes/legacy.go b/internal/http/routes/legacy.go index af49a5bcb..6a6d07474 100644 --- a/internal/http/routes/legacy.go +++ b/internal/http/routes/legacy.go @@ -67,7 +67,6 @@ func (r *LegacyAPIRoutes) Setup(g *gin.Engine) { Log: false, // Already done by gin }, r.deps) r.legacyHandler.PrepareSessionCache() - r.legacyHandler.PrepareTemplates() legacyGroup := g.Group("/") @@ -78,8 +77,6 @@ func (r *LegacyAPIRoutes) Setup(g *gin.Engine) { c.Data(http.StatusInternalServerError, "text/plain", []byte(err.(error).Error())) })) - legacyGroup.POST("/api/logout", r.handle(r.legacyHandler.ApiLogout)) - // router.GET(jp("/api/tags"), withLogging(hdl.apiGetTags)) legacyGroup.GET("/api/tags", r.handle(r.legacyHandler.ApiGetTags)) // router.PUT(jp("/api/tag"), withLogging(hdl.apiRenameTag)) diff --git a/internal/view/index.html b/internal/view/index.html index 177cc542f..d4c92464f 100644 --- a/internal/view/index.html +++ b/internal/view/index.html @@ -93,7 +93,7 @@ secondText: "No", mainClick: () => { this.dialog.loading = true; - fetch(new URL("api/logout", document.baseURI), { + fetch(new URL("api/v1/logout", document.baseURI), { method: "post" }).then(response => { if (!response.ok) throw response; @@ -155,7 +155,7 @@ owner: owner, }; }, - + onLoginSuccess() { this.loadSetting(); this.loadAccount(); @@ -165,7 +165,7 @@ async validateSession() { const token = localStorage.getItem("shiori-token"); const account = localStorage.getItem("shiori-account"); - + if (!(token && account)) { return false; } @@ -176,11 +176,11 @@ "Authorization": `Bearer ${token}` } }); - + if (!response.ok) { throw new Error('Invalid session'); } - + return true; } catch (err) { // Clear invalid session data @@ -195,7 +195,7 @@ async checkLoginStatus() { const isValid = await this.validateSession(); this.isLoggedIn = isValid; - + if (isValid) { this.loadSetting(); this.loadAccount(); diff --git a/internal/webserver/handler-api.go b/internal/webserver/handler-api.go index 741a420d3..0316df4ae 100644 --- a/internal/webserver/handler-api.go +++ b/internal/webserver/handler-api.go @@ -45,17 +45,6 @@ func downloadBookmarkContent(deps *dependencies.Dependencies, book *model.Bookma return &result, err } -// ApiLogout is handler for POST /api/logout -func (h *Handler) ApiLogout(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - // Get session ID - sessionID := h.GetSessionID(r) - if sessionID != "" { - h.SessionCache.Delete(sessionID) - } - - fmt.Fprint(w, 1) -} - // ApiGetBookmarks is handler for GET /api/bookmarks func (h *Handler) ApiGetBookmarks(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { ctx := r.Context() diff --git a/internal/webserver/handler.go b/internal/webserver/handler.go index 76d167503..af77e4b43 100644 --- a/internal/webserver/handler.go +++ b/internal/webserver/handler.go @@ -2,7 +2,6 @@ package webserver import ( "fmt" - "html/template" "net/http" "strings" @@ -24,8 +23,6 @@ type Handler struct { Log bool dependencies *dependencies.Dependencies - - templates map[string]*template.Template } func (h *Handler) PrepareSessionCache() { @@ -48,43 +45,6 @@ func (h *Handler) PrepareSessionCache() { }) } -func (h *Handler) PrepareTemplates() error { - // Prepare variables - var err error - h.templates = make(map[string]*template.Template) - - // Prepare func map - funcMap := template.FuncMap{ - "html": func(s string) template.HTML { - return template.HTML(s) - }, - } - - // Create template for login, index and content - for _, name := range []string{"login", "index", "content"} { - h.templates[name], err = createTemplate(name+".html", funcMap) - if err != nil { - return err - } - } - - // Create template for archive overlay - h.templates["archive"], err = template.New("archive").Delims("$$", "$$").Parse( - `
- -
- View Original - $$if .HasContent$$ - View Readable - $$end$$ -
`) - if err != nil { - return err - } - - return nil -} - func (h *Handler) GetSessionID(r *http.Request) string { // Try to get session ID from the header sessionID := r.Header.Get("X-Session-Id") From 44ba938767bc6e75a1bced0808fbfb6b9e3ddea9 Mon Sep 17 00:00:00 2001 From: "Felipe M." Date: Sun, 22 Dec 2024 12:21:50 +0100 Subject: [PATCH 027/103] auth/account patch --- docs/swagger/docs.go | 19 ++++ docs/swagger/swagger.json | 19 ++++ docs/swagger/swagger.yaml | 12 ++ internal/database/mysql.go | 4 +- internal/database/pg.go | 13 +-- internal/database/sqlite.go | 7 +- internal/domains/accounts.go | 2 +- internal/http/routes/api/v1/accounts.go | 17 +-- internal/http/routes/api/v1/accounts_test.go | 36 +++--- internal/http/routes/api/v1/auth.go | 63 ++++++++++- internal/model/ptr.go | 1 + internal/testutil/accounts.go | 4 + internal/view/assets/css/style.css | 2 +- internal/view/assets/js/component/dialog.js | 32 +++--- internal/view/assets/js/page/base.js | 7 ++ internal/view/assets/js/page/setting.js | 112 ++++++++++++++----- internal/view/assets/less/common.less | 2 +- internal/view/index.html | 4 +- internal/webserver/assets-dev.go | 13 --- internal/webserver/assets-prod.go | 20 ---- internal/webserver/utils.go | 20 ---- 21 files changed, 263 insertions(+), 146 deletions(-) delete mode 100644 internal/webserver/assets-dev.go delete mode 100644 internal/webserver/assets-prod.go diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go index 9c5eb1203..7bf4634e4 100644 --- a/docs/swagger/docs.go +++ b/docs/swagger/docs.go @@ -200,6 +200,25 @@ const docTemplate = `{ } } }, + "/api/v1/auth/logout": { + "post": { + "produces": [ + "application/json" + ], + "tags": [ + "Auth" + ], + "summary": "Logout from the current session", + "responses": { + "200": { + "description": "Logout successful" + }, + "403": { + "description": "Token not provided/invalid" + } + } + } + }, "/api/v1/auth/me": { "get": { "produces": [ diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json index c9d1513e3..45d418541 100644 --- a/docs/swagger/swagger.json +++ b/docs/swagger/swagger.json @@ -189,6 +189,25 @@ } } }, + "/api/v1/auth/logout": { + "post": { + "produces": [ + "application/json" + ], + "tags": [ + "Auth" + ], + "summary": "Logout from the current session", + "responses": { + "200": { + "description": "Logout successful" + }, + "403": { + "description": "Token not provided/invalid" + } + } + } + }, "/api/v1/auth/me": { "get": { "produces": [ diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml index 998aaae37..67b5868dd 100644 --- a/docs/swagger/swagger.yaml +++ b/docs/swagger/swagger.yaml @@ -280,6 +280,18 @@ paths: summary: Login to an account using username and password tags: - Auth + /api/v1/auth/logout: + post: + produces: + - application/json + responses: + "200": + description: Logout successful + "403": + description: Token not provided/invalid + summary: Logout from the current session + tags: + - Auth /api/v1/auth/me: get: produces: diff --git a/internal/database/mysql.go b/internal/database/mysql.go index 477086ea7..b7cc4f33e 100644 --- a/internal/database/mysql.go +++ b/internal/database/mysql.go @@ -678,7 +678,7 @@ func (db *MySQLDatabase) ListAccounts(ctx context.Context, opts ListAccountsOpti return accounts, nil } -// GetAccount fetch account with matching username. +// GetAccount fetch account with matching ID. // Returns the account and boolean whether it's exist or not. func (db *MySQLDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) { account := model.Account{} @@ -698,7 +698,7 @@ func (db *MySQLDatabase) GetAccount(ctx context.Context, id model.DBID) (*model. return &account, account.ID != 0, err } -// DeleteAccount removes record with matching username. +// DeleteAccount removes record with matching ID. func (db *MySQLDatabase) DeleteAccount(ctx context.Context, id model.DBID) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, id) diff --git a/internal/database/pg.go b/internal/database/pg.go index 9f44b86cc..08b20c7a7 100644 --- a/internal/database/pg.go +++ b/internal/database/pg.go @@ -605,23 +605,20 @@ func (db *PGDatabase) CreateAccount(ctx context.Context, account model.Account) if err := db.withTx(ctx, func(tx *sqlx.Tx) error { query, err := tx.PrepareContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES ($1, $2, $3, $4) - ON CONFLICT(username) DO UPDATE SET - password = $2, - owner = $3 RETURNING id`) if err != nil { - return errors.WithStack(err) + return fmt.Errorf("error preparing query: %w", err) } err = query.QueryRowContext(ctx, account.Username, account.Password, account.Owner, account.Config).Scan(&accountID) if err != nil { - return errors.WithStack(err) + return fmt.Errorf("error executing query: %w", err) } return nil }); err != nil { - return nil, errors.WithStack(err) + return nil, fmt.Errorf("error during transaction: %w", err) } account.ID = model.DBID(accountID) @@ -699,7 +696,7 @@ func (db *PGDatabase) ListAccounts(ctx context.Context, opts ListAccountsOptions return accounts, nil } -// GetAccount fetch account with matching username. +// GetAccount fetch account with matching ID. // Returns the account and boolean whether it's exist or not. func (db *PGDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) { account := model.Account{} @@ -719,7 +716,7 @@ func (db *PGDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Acc return &account, account.ID != 0, err } -// DeleteAccount removes record with matching username. +// DeleteAccount removes record with matching ID. func (db *PGDatabase) DeleteAccount(ctx context.Context, id model.DBID) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = $1`, id) diff --git a/internal/database/sqlite.go b/internal/database/sqlite.go index cfe6428d0..807a28619 100644 --- a/internal/database/sqlite.go +++ b/internal/database/sqlite.go @@ -696,8 +696,6 @@ func (db *SQLiteDatabase) CreateAccount(ctx context.Context, account model.Accou if err := db.withTx(ctx, func(tx *sqlx.Tx) error { query, err := tx.PrepareContext(ctx, `INSERT INTO account (username, password, owner, config) VALUES (?, ?, ?, ?) - ON CONFLICT(username) DO UPDATE SET - password = ?, owner = ? RETURNING id`) if err != nil { return errors.WithStack(err) @@ -736,6 +734,7 @@ func (db *SQLiteDatabase) SaveAccountSettings(ctx context.Context, account model return nil } +// UpdateAccount updates account in database. func (db *SQLiteDatabase) UpdateAccount(ctx context.Context, account model.Account) error { if account.ID == 0 { return ErrNotFound @@ -797,7 +796,7 @@ func (db *SQLiteDatabase) ListAccounts(ctx context.Context, opts ListAccountsOpt return accounts, nil } -// GetAccount fetch account with matching username. +// GetAccount fetch account with matching ID. // Returns the account and boolean whether it's exist or not. func (db *SQLiteDatabase) GetAccount(ctx context.Context, id model.DBID) (*model.Account, bool, error) { account := model.Account{} @@ -817,7 +816,7 @@ func (db *SQLiteDatabase) GetAccount(ctx context.Context, id model.DBID) (*model return &account, account.ID != 0, err } -// DeleteAccount removes record with matching username. +// DeleteAccount removes record with matching ID. func (db *SQLiteDatabase) DeleteAccount(ctx context.Context, id model.DBID) error { if err := db.withTx(ctx, func(tx *sqlx.Tx) error { result, err := tx.ExecContext(ctx, `DELETE FROM account WHERE id = ?`, id) diff --git a/internal/domains/accounts.go b/internal/domains/accounts.go index d3656ba94..8606785fd 100644 --- a/internal/domains/accounts.go +++ b/internal/domains/accounts.go @@ -34,7 +34,7 @@ func (d *AccountsDomain) CreateAccount(ctx context.Context, account model.Accoun return nil, err } - hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), 10) + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(account.Password), bcrypt.DefaultCost) if err != nil { return nil, fmt.Errorf("error hashing provided password: %w", err) } diff --git a/internal/http/routes/api/v1/accounts.go b/internal/http/routes/api/v1/accounts.go index 3c6278a87..d222f6eb4 100644 --- a/internal/http/routes/api/v1/accounts.go +++ b/internal/http/routes/api/v1/accounts.go @@ -56,16 +56,16 @@ func (r *AccountsAPIRoutes) listHandler(c *gin.Context) { } type createAccountPayload struct { - Username string `json:"username"` - Password string `json:"password"` - IsVisitor bool `json:"is_visitor"` + Username string `json:"username"` + Password string `json:"password"` + Owner bool `json:"owner"` } func (p *createAccountPayload) ToAccountDTO() model.AccountDTO { return model.AccountDTO{ Username: p.Username, Password: p.Password, - Owner: model.Ptr(!p.IsVisitor), + Owner: &p.Owner, } } @@ -151,15 +151,18 @@ func (r *AccountsAPIRoutes) updateHandler(c *gin.Context) { return } - var payload model.AccountDTO + var payload updateAccountPayload if err := c.ShouldBindJSON(&payload); err != nil { r.logger.WithError(err).Error("error binding json") c.AbortWithStatus(http.StatusBadRequest) return } - payload.ID = model.DBID(accountID) - account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), payload) + // Not checking the old password since admins/owners can update any account + updatedAccount := payload.ToAccountDTO() + updatedAccount.ID = model.DBID(accountID) + + account, err := r.deps.Domains.Accounts.UpdateAccount(c.Request.Context(), updatedAccount) if errors.Is(err, model.ErrNotFound) { response.SendError(c, http.StatusNotFound, "account not found") return diff --git a/internal/http/routes/api/v1/accounts_test.go b/internal/http/routes/api/v1/accounts_test.go index fc441505e..1ed18f8df 100644 --- a/internal/http/routes/api/v1/accounts_test.go +++ b/internal/http/routes/api/v1/accounts_test.go @@ -258,49 +258,50 @@ func TestAccountUpdate(t *testing.T) { for _, tc := range []struct { name string - payload model.AccountDTO + payload updateAccountPayload code int - cmp func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) + cmp func(t *testing.T, initial *model.AccountDTO, payload updateAccountPayload, storedAccount model.Account) }{ { name: "success change username", - payload: model.AccountDTO{ + payload: updateAccountPayload{ Username: "gopher2", }, code: http.StatusOK, - cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + cmp: func(t *testing.T, initial *model.AccountDTO, payload updateAccountPayload, storedAccount model.Account) { require.Equal(t, payload.Username, storedAccount.Username) }, }, { name: "success change password", - payload: model.AccountDTO{ - Password: "gopher2", + payload: updateAccountPayload{ + OldPassword: "gopher", + NewPassword: "gopher2", }, code: http.StatusOK, - cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + cmp: func(t *testing.T, initial *model.AccountDTO, payload updateAccountPayload, storedAccount model.Account) { require.NotEqual(t, initial.Password, storedAccount.Password) }, }, { name: "success change owner", - payload: model.AccountDTO{ + payload: updateAccountPayload{ Owner: model.Ptr(true), }, code: http.StatusOK, - cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + cmp: func(t *testing.T, initial *model.AccountDTO, payload updateAccountPayload, storedAccount model.Account) { require.Equal(t, *payload.Owner, storedAccount.Owner) }, }, { name: "change entire account", - payload: model.AccountDTO{ - Username: "gopher2", - Password: "gopher2", - Owner: model.Ptr(true), + payload: updateAccountPayload{ + Username: "gopher2", + NewPassword: "gopher2", + Owner: model.Ptr(true), }, code: http.StatusOK, - cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) { + cmp: func(t *testing.T, initial *model.AccountDTO, payload updateAccountPayload, storedAccount model.Account) { require.Equal(t, payload.Username, storedAccount.Username) require.NotEqual(t, initial.Password, storedAccount.Password) require.Equal(t, *payload.Owner, storedAccount.Owner) @@ -308,9 +309,10 @@ func TestAccountUpdate(t *testing.T) { }, { name: "invalid update", - payload: model.AccountDTO{}, + payload: updateAccountPayload{}, code: http.StatusBadRequest, - cmp: func(t *testing.T, initial, payload model.AccountDTO, storedAccount model.Account) {}, + cmp: func(t *testing.T, initial *model.AccountDTO, payload updateAccountPayload, storedAccount model.Account) { + }, }, } { t.Run(tc.name, func(t *testing.T) { @@ -339,7 +341,7 @@ func TestAccountUpdate(t *testing.T) { storedAccount, _, err := deps.Database.GetAccount(ctx, account.ID) require.NoError(t, err) - tc.cmp(t, *account, tc.payload, *storedAccount) + tc.cmp(t, account, tc.payload, *storedAccount) }) } diff --git a/internal/http/routes/api/v1/auth.go b/internal/http/routes/api/v1/auth.go index 063f41036..8a0db2a9c 100644 --- a/internal/http/routes/api/v1/auth.go +++ b/internal/http/routes/api/v1/auth.go @@ -146,6 +146,44 @@ func (r *AuthAPIRoutes) meHandler(c *gin.Context) { response.Send(c, http.StatusOK, ctx.GetAccount()) } +type updateAccountPayload struct { + OldPassword string `json:"old_password"` + NewPassword string `json:"new_password"` + Username string `json:"username"` + Owner *bool `json:"owner"` + Config *model.UserConfig `json:"config"` +} + +func (p *updateAccountPayload) IsValid() error { + if p.NewPassword != "" && p.OldPassword == "" { + return fmt.Errorf("To update the password the old one must be provided") + } + + return nil +} + +func (p *updateAccountPayload) ToAccountDTO() model.AccountDTO { + account := model.AccountDTO{} + + if p.NewPassword != "" { + account.Password = p.NewPassword + } + + if p.Owner != nil { + account.Owner = p.Owner + } + + if p.Config != nil { + account.Config = p.Config + } + + if p.Username != "" { + account.Username = p.Username + } + + return account +} + // updateHandler godoc // // @Summary Update account information @@ -159,17 +197,34 @@ func (r *AuthAPIRoutes) meHandler(c *gin.Context) { func (r *AuthAPIRoutes) updateHandler(c *gin.Context) { ctx := context.NewContextFromGin(c) - var payload model.AccountDTO + var payload updateAccountPayload if err := c.ShouldBindJSON(&payload); err != nil { response.SendInternalServerError(c) } - // TODO: Check old password? + r.deps.Log.Error(payload.OldPassword) + r.deps.Log.Error(payload.NewPassword) + + if err := payload.IsValid(); err != nil { + response.SendError(c, http.StatusBadRequest, err.Error()) + return + } account := ctx.GetAccount() - payload.ID = account.ID - account, err := r.deps.Domains.Accounts.UpdateAccount(c, payload) + // If trying to update password, check if old password is correct + if payload.NewPassword != "" { + _, err := r.deps.Domains.Auth.GetAccountFromCredentials(c, account.Username, payload.OldPassword) + if err != nil { + response.SendError(c, http.StatusBadRequest, "Old password is incorrect") + return + } + } + + updatedAccount := payload.ToAccountDTO() + updatedAccount.ID = account.ID + + account, err := r.deps.Domains.Accounts.UpdateAccount(c, updatedAccount) if err != nil { r.deps.Log.WithError(err).Error("failed to update account") response.SendInternalServerError(c) diff --git a/internal/model/ptr.go b/internal/model/ptr.go index 1d3e7c35e..0fbecd672 100644 --- a/internal/model/ptr.go +++ b/internal/model/ptr.go @@ -1,5 +1,6 @@ package model +// Ptr returns a pointer to the value passed as argument. func Ptr[t any](a t) *t { return &a } diff --git a/internal/testutil/accounts.go b/internal/testutil/accounts.go index 6796251f1..7e767241c 100644 --- a/internal/testutil/accounts.go +++ b/internal/testutil/accounts.go @@ -8,6 +8,10 @@ import ( "github.com/go-shiori/shiori/internal/model" ) +// NewAdminUser creates a new admin user and returns its account and token. +// Use this when testing the API endpoints that require admin authentication to +// generate the user and obtain a token that can be easily added as `WithAuthToken()` +// option in the request. func NewAdminUser(deps *dependencies.Dependencies) (*model.AccountDTO, string, error) { account, err := deps.Domains.Accounts.CreateAccount(context.TODO(), model.AccountDTO{ Username: "admin", diff --git a/internal/view/assets/css/style.css b/internal/view/assets/css/style.css index 010af4e9c..7bb7a903b 100644 --- a/internal/view/assets/css/style.css +++ b/internal/view/assets/css/style.css @@ -1 +1 @@ -@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:200;src:local('Source Sans Pro ExtraLight'),local('SourceSansPro-ExtraLight'),url(libs/fonts/source-sans-pro-v13-latin-200.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-200.woff) format('woff')}@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:400;src:local('Source Sans Pro Regular'),local('SourceSansPro-Regular'),url(libs/fonts/source-sans-pro-v13-latin-regular.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-regular.woff) format('woff')}@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:600;src:local('Source Sans Pro SemiBold'),local('SourceSansPro-SemiBold'),url(libs/fonts/source-sans-pro-v13-latin-600.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-600.woff) format('woff')}@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:700;src:local('Source Sans Pro Bold'),local('SourceSansPro-Bold'),url(libs/fonts/source-sans-pro-v13-latin-700.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-700.woff) format('woff')}.fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-left{float:left}.fa-pull-right{float:right}.fa.fa-pull-left,.fab.fa-pull-left,.fal.fa-pull-left,.far.fa-pull-left,.fas.fa-pull-left{margin-right:.3em}.fa.fa-pull-right,.fab.fa-pull-right,.fal.fa-pull-right,.far.fa-pull-right,.fas.fa-pull-right{margin-left:.3em}.fa-spin{animation:fa-spin 2s infinite linear}.fa-pulse{animation:fa-spin 1s infinite steps(8)}@keyframes fa-spin{0%{transform:rotate(0)}to{transform:rotate(1turn)}}.fa-rotate-90{transform:rotate(90deg)}.fa-rotate-180{transform:rotate(180deg)}.fa-rotate-270{transform:rotate(270deg)}.fa-flip-horizontal{transform:scaleX(-1)}.fa-flip-vertical{transform:scaleY(-1)}.fa-flip-both,.fa-flip-horizontal.fa-flip-vertical{transform:scale(-1)}:root .fa-flip-both,:root .fa-flip-horizontal,:root .fa-flip-vertical,:root .fa-rotate-180,:root .fa-rotate-270,:root .fa-rotate-90{filter:none}.fa-stack{display:inline-block;height:2em;line-height:2em;position:relative;vertical-align:middle;width:2.5em}.fa-stack-1x,.fa-stack-2x{left:0;position:absolute;text-align:center;width:100%}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-500px:before{content:"\f26e"}.fa-accessible-icon:before{content:"\f368"}.fa-accusoft:before{content:"\f369"}.fa-acquisitions-incorporated:before{content:"\f6af"}.fa-ad:before{content:"\f641"}.fa-address-book:before{content:"\f2b9"}.fa-address-card:before{content:"\f2bb"}.fa-adjust:before{content:"\f042"}.fa-adn:before{content:"\f170"}.fa-adobe:before{content:"\f778"}.fa-adversal:before{content:"\f36a"}.fa-affiliatetheme:before{content:"\f36b"}.fa-air-freshener:before{content:"\f5d0"}.fa-algolia:before{content:"\f36c"}.fa-align-center:before{content:"\f037"}.fa-align-justify:before{content:"\f039"}.fa-align-left:before{content:"\f036"}.fa-align-right:before{content:"\f038"}.fa-alipay:before{content:"\f642"}.fa-allergies:before{content:"\f461"}.fa-amazon:before{content:"\f270"}.fa-amazon-pay:before{content:"\f42c"}.fa-ambulance:before{content:"\f0f9"}.fa-american-sign-language-interpreting:before{content:"\f2a3"}.fa-amilia:before{content:"\f36d"}.fa-anchor:before{content:"\f13d"}.fa-android:before{content:"\f17b"}.fa-angellist:before{content:"\f209"}.fa-angle-double-down:before{content:"\f103"}.fa-angle-double-left:before{content:"\f100"}.fa-angle-double-right:before{content:"\f101"}.fa-angle-double-up:before{content:"\f102"}.fa-angle-down:before{content:"\f107"}.fa-angle-left:before{content:"\f104"}.fa-angle-right:before{content:"\f105"}.fa-angle-up:before{content:"\f106"}.fa-angry:before{content:"\f556"}.fa-angrycreative:before{content:"\f36e"}.fa-angular:before{content:"\f420"}.fa-ankh:before{content:"\f644"}.fa-app-store:before{content:"\f36f"}.fa-app-store-ios:before{content:"\f370"}.fa-apper:before{content:"\f371"}.fa-apple:before{content:"\f179"}.fa-apple-alt:before{content:"\f5d1"}.fa-apple-pay:before{content:"\f415"}.fa-archive:before{content:"\f187"}.fa-archway:before{content:"\f557"}.fa-arrow-alt-circle-down:before{content:"\f358"}.fa-arrow-alt-circle-left:before{content:"\f359"}.fa-arrow-alt-circle-right:before{content:"\f35a"}.fa-arrow-alt-circle-up:before{content:"\f35b"}.fa-arrow-circle-down:before{content:"\f0ab"}.fa-arrow-circle-left:before{content:"\f0a8"}.fa-arrow-circle-right:before{content:"\f0a9"}.fa-arrow-circle-up:before{content:"\f0aa"}.fa-arrow-down:before{content:"\f063"}.fa-arrow-left:before{content:"\f060"}.fa-arrow-right:before{content:"\f061"}.fa-arrow-up:before{content:"\f062"}.fa-arrows-alt:before{content:"\f0b2"}.fa-arrows-alt-h:before{content:"\f337"}.fa-arrows-alt-v:before{content:"\f338"}.fa-artstation:before{content:"\f77a"}.fa-assistive-listening-systems:before{content:"\f2a2"}.fa-asterisk:before{content:"\f069"}.fa-asymmetrik:before{content:"\f372"}.fa-at:before{content:"\f1fa"}.fa-atlas:before{content:"\f558"}.fa-atlassian:before{content:"\f77b"}.fa-atom:before{content:"\f5d2"}.fa-audible:before{content:"\f373"}.fa-audio-description:before{content:"\f29e"}.fa-autoprefixer:before{content:"\f41c"}.fa-avianex:before{content:"\f374"}.fa-aviato:before{content:"\f421"}.fa-award:before{content:"\f559"}.fa-aws:before{content:"\f375"}.fa-baby:before{content:"\f77c"}.fa-baby-carriage:before{content:"\f77d"}.fa-backspace:before{content:"\f55a"}.fa-backward:before{content:"\f04a"}.fa-bacon:before{content:"\f7e5"}.fa-balance-scale:before{content:"\f24e"}.fa-ban:before{content:"\f05e"}.fa-band-aid:before{content:"\f462"}.fa-bandcamp:before{content:"\f2d5"}.fa-barcode:before{content:"\f02a"}.fa-bars:before{content:"\f0c9"}.fa-baseball-ball:before{content:"\f433"}.fa-basketball-ball:before{content:"\f434"}.fa-bath:before{content:"\f2cd"}.fa-battery-empty:before{content:"\f244"}.fa-battery-full:before{content:"\f240"}.fa-battery-half:before{content:"\f242"}.fa-battery-quarter:before{content:"\f243"}.fa-battery-three-quarters:before{content:"\f241"}.fa-bed:before{content:"\f236"}.fa-beer:before{content:"\f0fc"}.fa-behance:before{content:"\f1b4"}.fa-behance-square:before{content:"\f1b5"}.fa-bell:before{content:"\f0f3"}.fa-bell-slash:before{content:"\f1f6"}.fa-bezier-curve:before{content:"\f55b"}.fa-bible:before{content:"\f647"}.fa-bicycle:before{content:"\f206"}.fa-bimobject:before{content:"\f378"}.fa-binoculars:before{content:"\f1e5"}.fa-biohazard:before{content:"\f780"}.fa-birthday-cake:before{content:"\f1fd"}.fa-bitbucket:before{content:"\f171"}.fa-bitcoin:before{content:"\f379"}.fa-bity:before{content:"\f37a"}.fa-black-tie:before{content:"\f27e"}.fa-blackberry:before{content:"\f37b"}.fa-blender:before{content:"\f517"}.fa-blender-phone:before{content:"\f6b6"}.fa-blind:before{content:"\f29d"}.fa-blog:before{content:"\f781"}.fa-blogger:before{content:"\f37c"}.fa-blogger-b:before{content:"\f37d"}.fa-bluetooth:before{content:"\f293"}.fa-bluetooth-b:before{content:"\f294"}.fa-bold:before{content:"\f032"}.fa-bolt:before{content:"\f0e7"}.fa-bomb:before{content:"\f1e2"}.fa-bone:before{content:"\f5d7"}.fa-bong:before{content:"\f55c"}.fa-book:before{content:"\f02d"}.fa-book-dead:before{content:"\f6b7"}.fa-book-medical:before{content:"\f7e6"}.fa-book-open:before{content:"\f518"}.fa-book-reader:before{content:"\f5da"}.fa-bookmark:before{content:"\f02e"}.fa-bowling-ball:before{content:"\f436"}.fa-box:before{content:"\f466"}.fa-box-open:before{content:"\f49e"}.fa-boxes:before{content:"\f468"}.fa-braille:before{content:"\f2a1"}.fa-brain:before{content:"\f5dc"}.fa-bread-slice:before{content:"\f7ec"}.fa-briefcase:before{content:"\f0b1"}.fa-briefcase-medical:before{content:"\f469"}.fa-broadcast-tower:before{content:"\f519"}.fa-broom:before{content:"\f51a"}.fa-brush:before{content:"\f55d"}.fa-btc:before{content:"\f15a"}.fa-bug:before{content:"\f188"}.fa-building:before{content:"\f1ad"}.fa-bullhorn:before{content:"\f0a1"}.fa-bullseye:before{content:"\f140"}.fa-burn:before{content:"\f46a"}.fa-buromobelexperte:before{content:"\f37f"}.fa-bus:before{content:"\f207"}.fa-bus-alt:before{content:"\f55e"}.fa-business-time:before{content:"\f64a"}.fa-buysellads:before{content:"\f20d"}.fa-calculator:before{content:"\f1ec"}.fa-calendar:before{content:"\f133"}.fa-calendar-alt:before{content:"\f073"}.fa-calendar-check:before{content:"\f274"}.fa-calendar-day:before{content:"\f783"}.fa-calendar-minus:before{content:"\f272"}.fa-calendar-plus:before{content:"\f271"}.fa-calendar-times:before{content:"\f273"}.fa-calendar-week:before{content:"\f784"}.fa-camera:before{content:"\f030"}.fa-camera-retro:before{content:"\f083"}.fa-campground:before{content:"\f6bb"}.fa-canadian-maple-leaf:before{content:"\f785"}.fa-candy-cane:before{content:"\f786"}.fa-cannabis:before{content:"\f55f"}.fa-capsules:before{content:"\f46b"}.fa-car:before{content:"\f1b9"}.fa-car-alt:before{content:"\f5de"}.fa-car-battery:before{content:"\f5df"}.fa-car-crash:before{content:"\f5e1"}.fa-car-side:before{content:"\f5e4"}.fa-caret-down:before{content:"\f0d7"}.fa-caret-left:before{content:"\f0d9"}.fa-caret-right:before{content:"\f0da"}.fa-caret-square-down:before{content:"\f150"}.fa-caret-square-left:before{content:"\f191"}.fa-caret-square-right:before{content:"\f152"}.fa-caret-square-up:before{content:"\f151"}.fa-caret-up:before{content:"\f0d8"}.fa-carrot:before{content:"\f787"}.fa-cart-arrow-down:before{content:"\f218"}.fa-cart-plus:before{content:"\f217"}.fa-cash-register:before{content:"\f788"}.fa-cat:before{content:"\f6be"}.fa-cc-amazon-pay:before{content:"\f42d"}.fa-cc-amex:before{content:"\f1f3"}.fa-cc-apple-pay:before{content:"\f416"}.fa-cc-diners-club:before{content:"\f24c"}.fa-cc-discover:before{content:"\f1f2"}.fa-cc-jcb:before{content:"\f24b"}.fa-cc-mastercard:before{content:"\f1f1"}.fa-cc-paypal:before{content:"\f1f4"}.fa-cc-stripe:before{content:"\f1f5"}.fa-cc-visa:before{content:"\f1f0"}.fa-centercode:before{content:"\f380"}.fa-centos:before{content:"\f789"}.fa-certificate:before{content:"\f0a3"}.fa-chair:before{content:"\f6c0"}.fa-chalkboard:before{content:"\f51b"}.fa-chalkboard-teacher:before{content:"\f51c"}.fa-charging-station:before{content:"\f5e7"}.fa-chart-area:before{content:"\f1fe"}.fa-chart-bar:before{content:"\f080"}.fa-chart-line:before{content:"\f201"}.fa-chart-pie:before{content:"\f200"}.fa-check:before{content:"\f00c"}.fa-check-circle:before{content:"\f058"}.fa-check-double:before{content:"\f560"}.fa-check-square:before{content:"\f14a"}.fa-cheese:before{content:"\f7ef"}.fa-chess:before{content:"\f439"}.fa-chess-bishop:before{content:"\f43a"}.fa-chess-board:before{content:"\f43c"}.fa-chess-king:before{content:"\f43f"}.fa-chess-knight:before{content:"\f441"}.fa-chess-pawn:before{content:"\f443"}.fa-chess-queen:before{content:"\f445"}.fa-chess-rook:before{content:"\f447"}.fa-chevron-circle-down:before{content:"\f13a"}.fa-chevron-circle-left:before{content:"\f137"}.fa-chevron-circle-right:before{content:"\f138"}.fa-chevron-circle-up:before{content:"\f139"}.fa-chevron-down:before{content:"\f078"}.fa-chevron-left:before{content:"\f053"}.fa-chevron-right:before{content:"\f054"}.fa-chevron-up:before{content:"\f077"}.fa-child:before{content:"\f1ae"}.fa-chrome:before{content:"\f268"}.fa-church:before{content:"\f51d"}.fa-circle:before{content:"\f111"}.fa-circle-notch:before{content:"\f1ce"}.fa-city:before{content:"\f64f"}.fa-clinic-medical:before{content:"\f7f2"}.fa-clipboard:before{content:"\f328"}.fa-clipboard-check:before{content:"\f46c"}.fa-clipboard-list:before{content:"\f46d"}.fa-clock:before{content:"\f017"}.fa-clone:before{content:"\f24d"}.fa-closed-captioning:before{content:"\f20a"}.fa-cloud:before{content:"\f0c2"}.fa-cloud-download-alt:before{content:"\f381"}.fa-cloud-meatball:before{content:"\f73b"}.fa-cloud-moon:before{content:"\f6c3"}.fa-cloud-moon-rain:before{content:"\f73c"}.fa-cloud-rain:before{content:"\f73d"}.fa-cloud-showers-heavy:before{content:"\f740"}.fa-cloud-sun:before{content:"\f6c4"}.fa-cloud-sun-rain:before{content:"\f743"}.fa-cloud-upload-alt:before{content:"\f382"}.fa-cloudscale:before{content:"\f383"}.fa-cloudsmith:before{content:"\f384"}.fa-cloudversify:before{content:"\f385"}.fa-cocktail:before{content:"\f561"}.fa-code:before{content:"\f121"}.fa-code-branch:before{content:"\f126"}.fa-codepen:before{content:"\f1cb"}.fa-codiepie:before{content:"\f284"}.fa-coffee:before{content:"\f0f4"}.fa-cog:before{content:"\f013"}.fa-cogs:before{content:"\f085"}.fa-coins:before{content:"\f51e"}.fa-columns:before{content:"\f0db"}.fa-comment:before{content:"\f075"}.fa-comment-alt:before{content:"\f27a"}.fa-comment-dollar:before{content:"\f651"}.fa-comment-dots:before{content:"\f4ad"}.fa-comment-medical:before{content:"\f7f5"}.fa-comment-slash:before{content:"\f4b3"}.fa-comments:before{content:"\f086"}.fa-comments-dollar:before{content:"\f653"}.fa-compact-disc:before{content:"\f51f"}.fa-compass:before{content:"\f14e"}.fa-compress:before{content:"\f066"}.fa-compress-arrows-alt:before{content:"\f78c"}.fa-concierge-bell:before{content:"\f562"}.fa-confluence:before{content:"\f78d"}.fa-connectdevelop:before{content:"\f20e"}.fa-contao:before{content:"\f26d"}.fa-cookie:before{content:"\f563"}.fa-cookie-bite:before{content:"\f564"}.fa-copy:before{content:"\f0c5"}.fa-copyright:before{content:"\f1f9"}.fa-couch:before{content:"\f4b8"}.fa-cpanel:before{content:"\f388"}.fa-creative-commons:before{content:"\f25e"}.fa-creative-commons-by:before{content:"\f4e7"}.fa-creative-commons-nc:before{content:"\f4e8"}.fa-creative-commons-nc-eu:before{content:"\f4e9"}.fa-creative-commons-nc-jp:before{content:"\f4ea"}.fa-creative-commons-nd:before{content:"\f4eb"}.fa-creative-commons-pd:before{content:"\f4ec"}.fa-creative-commons-pd-alt:before{content:"\f4ed"}.fa-creative-commons-remix:before{content:"\f4ee"}.fa-creative-commons-sa:before{content:"\f4ef"}.fa-creative-commons-sampling:before{content:"\f4f0"}.fa-creative-commons-sampling-plus:before{content:"\f4f1"}.fa-creative-commons-share:before{content:"\f4f2"}.fa-creative-commons-zero:before{content:"\f4f3"}.fa-credit-card:before{content:"\f09d"}.fa-critical-role:before{content:"\f6c9"}.fa-crop:before{content:"\f125"}.fa-crop-alt:before{content:"\f565"}.fa-cross:before{content:"\f654"}.fa-crosshairs:before{content:"\f05b"}.fa-crow:before{content:"\f520"}.fa-crown:before{content:"\f521"}.fa-crutch:before{content:"\f7f7"}.fa-css3:before{content:"\f13c"}.fa-css3-alt:before{content:"\f38b"}.fa-cube:before{content:"\f1b2"}.fa-cubes:before{content:"\f1b3"}.fa-cut:before{content:"\f0c4"}.fa-cuttlefish:before{content:"\f38c"}.fa-d-and-d:before{content:"\f38d"}.fa-d-and-d-beyond:before{content:"\f6ca"}.fa-dashcube:before{content:"\f210"}.fa-database:before{content:"\f1c0"}.fa-deaf:before{content:"\f2a4"}.fa-delicious:before{content:"\f1a5"}.fa-democrat:before{content:"\f747"}.fa-deploydog:before{content:"\f38e"}.fa-deskpro:before{content:"\f38f"}.fa-desktop:before{content:"\f108"}.fa-dev:before{content:"\f6cc"}.fa-deviantart:before{content:"\f1bd"}.fa-dharmachakra:before{content:"\f655"}.fa-dhl:before{content:"\f790"}.fa-diagnoses:before{content:"\f470"}.fa-diaspora:before{content:"\f791"}.fa-dice:before{content:"\f522"}.fa-dice-d20:before{content:"\f6cf"}.fa-dice-d6:before{content:"\f6d1"}.fa-dice-five:before{content:"\f523"}.fa-dice-four:before{content:"\f524"}.fa-dice-one:before{content:"\f525"}.fa-dice-six:before{content:"\f526"}.fa-dice-three:before{content:"\f527"}.fa-dice-two:before{content:"\f528"}.fa-digg:before{content:"\f1a6"}.fa-digital-ocean:before{content:"\f391"}.fa-digital-tachograph:before{content:"\f566"}.fa-directions:before{content:"\f5eb"}.fa-discord:before{content:"\f392"}.fa-discourse:before{content:"\f393"}.fa-divide:before{content:"\f529"}.fa-dizzy:before{content:"\f567"}.fa-dna:before{content:"\f471"}.fa-dochub:before{content:"\f394"}.fa-docker:before{content:"\f395"}.fa-dog:before{content:"\f6d3"}.fa-dollar-sign:before{content:"\f155"}.fa-dolly:before{content:"\f472"}.fa-dolly-flatbed:before{content:"\f474"}.fa-donate:before{content:"\f4b9"}.fa-door-closed:before{content:"\f52a"}.fa-door-open:before{content:"\f52b"}.fa-dot-circle:before{content:"\f192"}.fa-dove:before{content:"\f4ba"}.fa-download:before{content:"\f019"}.fa-draft2digital:before{content:"\f396"}.fa-drafting-compass:before{content:"\f568"}.fa-dragon:before{content:"\f6d5"}.fa-draw-polygon:before{content:"\f5ee"}.fa-dribbble:before{content:"\f17d"}.fa-dribbble-square:before{content:"\f397"}.fa-dropbox:before{content:"\f16b"}.fa-drum:before{content:"\f569"}.fa-drum-steelpan:before{content:"\f56a"}.fa-drumstick-bite:before{content:"\f6d7"}.fa-drupal:before{content:"\f1a9"}.fa-dumbbell:before{content:"\f44b"}.fa-dumpster:before{content:"\f793"}.fa-dumpster-fire:before{content:"\f794"}.fa-dungeon:before{content:"\f6d9"}.fa-dyalog:before{content:"\f399"}.fa-earlybirds:before{content:"\f39a"}.fa-ebay:before{content:"\f4f4"}.fa-edge:before{content:"\f282"}.fa-edit:before{content:"\f044"}.fa-egg:before{content:"\f7fb"}.fa-eject:before{content:"\f052"}.fa-elementor:before{content:"\f430"}.fa-ellipsis-h:before{content:"\f141"}.fa-ellipsis-v:before{content:"\f142"}.fa-ello:before{content:"\f5f1"}.fa-ember:before{content:"\f423"}.fa-empire:before{content:"\f1d1"}.fa-envelope:before{content:"\f0e0"}.fa-envelope-open:before{content:"\f2b6"}.fa-envelope-open-text:before{content:"\f658"}.fa-envelope-square:before{content:"\f199"}.fa-envira:before{content:"\f299"}.fa-equals:before{content:"\f52c"}.fa-eraser:before{content:"\f12d"}.fa-erlang:before{content:"\f39d"}.fa-ethereum:before{content:"\f42e"}.fa-ethernet:before{content:"\f796"}.fa-etsy:before{content:"\f2d7"}.fa-euro-sign:before{content:"\f153"}.fa-exchange-alt:before{content:"\f362"}.fa-exclamation:before{content:"\f12a"}.fa-exclamation-circle:before{content:"\f06a"}.fa-exclamation-triangle:before{content:"\f071"}.fa-expand:before{content:"\f065"}.fa-expand-arrows-alt:before{content:"\f31e"}.fa-expeditedssl:before{content:"\f23e"}.fa-external-link-alt:before{content:"\f35d"}.fa-external-link-square-alt:before{content:"\f360"}.fa-eye:before{content:"\f06e"}.fa-eye-dropper:before{content:"\f1fb"}.fa-eye-slash:before{content:"\f070"}.fa-facebook:before{content:"\f09a"}.fa-facebook-f:before{content:"\f39e"}.fa-facebook-messenger:before{content:"\f39f"}.fa-facebook-square:before{content:"\f082"}.fa-fantasy-flight-games:before{content:"\f6dc"}.fa-fast-backward:before{content:"\f049"}.fa-fast-forward:before{content:"\f050"}.fa-fax:before{content:"\f1ac"}.fa-feather:before{content:"\f52d"}.fa-feather-alt:before{content:"\f56b"}.fa-fedex:before{content:"\f797"}.fa-fedora:before{content:"\f798"}.fa-female:before{content:"\f182"}.fa-fighter-jet:before{content:"\f0fb"}.fa-figma:before{content:"\f799"}.fa-file:before{content:"\f15b"}.fa-file-alt:before{content:"\f15c"}.fa-file-archive:before{content:"\f1c6"}.fa-file-audio:before{content:"\f1c7"}.fa-file-code:before{content:"\f1c9"}.fa-file-contract:before{content:"\f56c"}.fa-file-csv:before{content:"\f6dd"}.fa-file-download:before{content:"\f56d"}.fa-file-excel:before{content:"\f1c3"}.fa-file-export:before{content:"\f56e"}.fa-file-image:before{content:"\f1c5"}.fa-file-import:before{content:"\f56f"}.fa-file-invoice:before{content:"\f570"}.fa-file-invoice-dollar:before{content:"\f571"}.fa-file-medical:before{content:"\f477"}.fa-file-medical-alt:before{content:"\f478"}.fa-file-pdf:before{content:"\f1c1"}.fa-file-powerpoint:before{content:"\f1c4"}.fa-file-prescription:before{content:"\f572"}.fa-file-signature:before{content:"\f573"}.fa-file-upload:before{content:"\f574"}.fa-file-video:before{content:"\f1c8"}.fa-file-word:before{content:"\f1c2"}.fa-fill:before{content:"\f575"}.fa-fill-drip:before{content:"\f576"}.fa-film:before{content:"\f008"}.fa-filter:before{content:"\f0b0"}.fa-fingerprint:before{content:"\f577"}.fa-fire:before{content:"\f06d"}.fa-fire-alt:before{content:"\f7e4"}.fa-fire-extinguisher:before{content:"\f134"}.fa-firefox:before{content:"\f269"}.fa-first-aid:before{content:"\f479"}.fa-first-order:before{content:"\f2b0"}.fa-first-order-alt:before{content:"\f50a"}.fa-firstdraft:before{content:"\f3a1"}.fa-fish:before{content:"\f578"}.fa-fist-raised:before{content:"\f6de"}.fa-flag:before{content:"\f024"}.fa-flag-checkered:before{content:"\f11e"}.fa-flag-usa:before{content:"\f74d"}.fa-flask:before{content:"\f0c3"}.fa-flickr:before{content:"\f16e"}.fa-flipboard:before{content:"\f44d"}.fa-flushed:before{content:"\f579"}.fa-fly:before{content:"\f417"}.fa-folder:before{content:"\f07b"}.fa-folder-minus:before{content:"\f65d"}.fa-folder-open:before{content:"\f07c"}.fa-folder-plus:before{content:"\f65e"}.fa-font:before{content:"\f031"}.fa-font-awesome:before{content:"\f2b4"}.fa-font-awesome-alt:before{content:"\f35c"}.fa-font-awesome-flag:before{content:"\f425"}.fa-font-awesome-logo-full:before{content:"\f4e6"}.fa-fonticons:before{content:"\f280"}.fa-fonticons-fi:before{content:"\f3a2"}.fa-football-ball:before{content:"\f44e"}.fa-fort-awesome:before{content:"\f286"}.fa-fort-awesome-alt:before{content:"\f3a3"}.fa-forumbee:before{content:"\f211"}.fa-forward:before{content:"\f04e"}.fa-foursquare:before{content:"\f180"}.fa-free-code-camp:before{content:"\f2c5"}.fa-freebsd:before{content:"\f3a4"}.fa-frog:before{content:"\f52e"}.fa-frown:before{content:"\f119"}.fa-frown-open:before{content:"\f57a"}.fa-fulcrum:before{content:"\f50b"}.fa-funnel-dollar:before{content:"\f662"}.fa-futbol:before{content:"\f1e3"}.fa-galactic-republic:before{content:"\f50c"}.fa-galactic-senate:before{content:"\f50d"}.fa-gamepad:before{content:"\f11b"}.fa-gas-pump:before{content:"\f52f"}.fa-gavel:before{content:"\f0e3"}.fa-gem:before{content:"\f3a5"}.fa-genderless:before{content:"\f22d"}.fa-get-pocket:before{content:"\f265"}.fa-gg:before{content:"\f260"}.fa-gg-circle:before{content:"\f261"}.fa-ghost:before{content:"\f6e2"}.fa-gift:before{content:"\f06b"}.fa-gifts:before{content:"\f79c"}.fa-git:before{content:"\f1d3"}.fa-git-square:before{content:"\f1d2"}.fa-github:before{content:"\f09b"}.fa-github-alt:before{content:"\f113"}.fa-github-square:before{content:"\f092"}.fa-gitkraken:before{content:"\f3a6"}.fa-gitlab:before{content:"\f296"}.fa-gitter:before{content:"\f426"}.fa-glass-cheers:before{content:"\f79f"}.fa-glass-martini:before{content:"\f000"}.fa-glass-martini-alt:before{content:"\f57b"}.fa-glass-whiskey:before{content:"\f7a0"}.fa-glasses:before{content:"\f530"}.fa-glide:before{content:"\f2a5"}.fa-glide-g:before{content:"\f2a6"}.fa-globe:before{content:"\f0ac"}.fa-globe-africa:before{content:"\f57c"}.fa-globe-americas:before{content:"\f57d"}.fa-globe-asia:before{content:"\f57e"}.fa-globe-europe:before{content:"\f7a2"}.fa-gofore:before{content:"\f3a7"}.fa-golf-ball:before{content:"\f450"}.fa-goodreads:before{content:"\f3a8"}.fa-goodreads-g:before{content:"\f3a9"}.fa-google:before{content:"\f1a0"}.fa-google-drive:before{content:"\f3aa"}.fa-google-play:before{content:"\f3ab"}.fa-google-plus:before{content:"\f2b3"}.fa-google-plus-g:before{content:"\f0d5"}.fa-google-plus-square:before{content:"\f0d4"}.fa-google-wallet:before{content:"\f1ee"}.fa-gopuram:before{content:"\f664"}.fa-graduation-cap:before{content:"\f19d"}.fa-gratipay:before{content:"\f184"}.fa-grav:before{content:"\f2d6"}.fa-greater-than:before{content:"\f531"}.fa-greater-than-equal:before{content:"\f532"}.fa-grimace:before{content:"\f57f"}.fa-grin:before{content:"\f580"}.fa-grin-alt:before{content:"\f581"}.fa-grin-beam:before{content:"\f582"}.fa-grin-beam-sweat:before{content:"\f583"}.fa-grin-hearts:before{content:"\f584"}.fa-grin-squint:before{content:"\f585"}.fa-grin-squint-tears:before{content:"\f586"}.fa-grin-stars:before{content:"\f587"}.fa-grin-tears:before{content:"\f588"}.fa-grin-tongue:before{content:"\f589"}.fa-grin-tongue-squint:before{content:"\f58a"}.fa-grin-tongue-wink:before{content:"\f58b"}.fa-grin-wink:before{content:"\f58c"}.fa-grip-horizontal:before{content:"\f58d"}.fa-grip-lines:before{content:"\f7a4"}.fa-grip-lines-vertical:before{content:"\f7a5"}.fa-grip-vertical:before{content:"\f58e"}.fa-gripfire:before{content:"\f3ac"}.fa-grunt:before{content:"\f3ad"}.fa-guitar:before{content:"\f7a6"}.fa-gulp:before{content:"\f3ae"}.fa-h-square:before{content:"\f0fd"}.fa-hacker-news:before{content:"\f1d4"}.fa-hacker-news-square:before{content:"\f3af"}.fa-hackerrank:before{content:"\f5f7"}.fa-hamburger:before{content:"\f805"}.fa-hammer:before{content:"\f6e3"}.fa-hamsa:before{content:"\f665"}.fa-hand-holding:before{content:"\f4bd"}.fa-hand-holding-heart:before{content:"\f4be"}.fa-hand-holding-usd:before{content:"\f4c0"}.fa-hand-lizard:before{content:"\f258"}.fa-hand-middle-finger:before{content:"\f806"}.fa-hand-paper:before{content:"\f256"}.fa-hand-peace:before{content:"\f25b"}.fa-hand-point-down:before{content:"\f0a7"}.fa-hand-point-left:before{content:"\f0a5"}.fa-hand-point-right:before{content:"\f0a4"}.fa-hand-point-up:before{content:"\f0a6"}.fa-hand-pointer:before{content:"\f25a"}.fa-hand-rock:before{content:"\f255"}.fa-hand-scissors:before{content:"\f257"}.fa-hand-spock:before{content:"\f259"}.fa-hands:before{content:"\f4c2"}.fa-hands-helping:before{content:"\f4c4"}.fa-handshake:before{content:"\f2b5"}.fa-hanukiah:before{content:"\f6e6"}.fa-hard-hat:before{content:"\f807"}.fa-hashtag:before{content:"\f292"}.fa-hat-wizard:before{content:"\f6e8"}.fa-haykal:before{content:"\f666"}.fa-hdd:before{content:"\f0a0"}.fa-heading:before{content:"\f1dc"}.fa-headphones:before{content:"\f025"}.fa-headphones-alt:before{content:"\f58f"}.fa-headset:before{content:"\f590"}.fa-heart:before{content:"\f004"}.fa-heart-broken:before{content:"\f7a9"}.fa-heartbeat:before{content:"\f21e"}.fa-helicopter:before{content:"\f533"}.fa-highlighter:before{content:"\f591"}.fa-hiking:before{content:"\f6ec"}.fa-hippo:before{content:"\f6ed"}.fa-hips:before{content:"\f452"}.fa-hire-a-helper:before{content:"\f3b0"}.fa-history:before{content:"\f1da"}.fa-hockey-puck:before{content:"\f453"}.fa-holly-berry:before{content:"\f7aa"}.fa-home:before{content:"\f015"}.fa-hooli:before{content:"\f427"}.fa-hornbill:before{content:"\f592"}.fa-horse:before{content:"\f6f0"}.fa-horse-head:before{content:"\f7ab"}.fa-hospital:before{content:"\f0f8"}.fa-hospital-alt:before{content:"\f47d"}.fa-hospital-symbol:before{content:"\f47e"}.fa-hot-tub:before{content:"\f593"}.fa-hotdog:before{content:"\f80f"}.fa-hotel:before{content:"\f594"}.fa-hotjar:before{content:"\f3b1"}.fa-hourglass:before{content:"\f254"}.fa-hourglass-end:before{content:"\f253"}.fa-hourglass-half:before{content:"\f252"}.fa-hourglass-start:before{content:"\f251"}.fa-house-damage:before{content:"\f6f1"}.fa-houzz:before{content:"\f27c"}.fa-hryvnia:before{content:"\f6f2"}.fa-html5:before{content:"\f13b"}.fa-hubspot:before{content:"\f3b2"}.fa-i-cursor:before{content:"\f246"}.fa-ice-cream:before{content:"\f810"}.fa-icicles:before{content:"\f7ad"}.fa-id-badge:before{content:"\f2c1"}.fa-id-card:before{content:"\f2c2"}.fa-id-card-alt:before{content:"\f47f"}.fa-igloo:before{content:"\f7ae"}.fa-image:before{content:"\f03e"}.fa-images:before{content:"\f302"}.fa-imdb:before{content:"\f2d8"}.fa-inbox:before{content:"\f01c"}.fa-indent:before{content:"\f03c"}.fa-industry:before{content:"\f275"}.fa-infinity:before{content:"\f534"}.fa-info:before{content:"\f129"}.fa-info-circle:before{content:"\f05a"}.fa-instagram:before{content:"\f16d"}.fa-intercom:before{content:"\f7af"}.fa-internet-explorer:before{content:"\f26b"}.fa-invision:before{content:"\f7b0"}.fa-ioxhost:before{content:"\f208"}.fa-italic:before{content:"\f033"}.fa-itunes:before{content:"\f3b4"}.fa-itunes-note:before{content:"\f3b5"}.fa-java:before{content:"\f4e4"}.fa-jedi:before{content:"\f669"}.fa-jedi-order:before{content:"\f50e"}.fa-jenkins:before{content:"\f3b6"}.fa-jira:before{content:"\f7b1"}.fa-joget:before{content:"\f3b7"}.fa-joint:before{content:"\f595"}.fa-joomla:before{content:"\f1aa"}.fa-journal-whills:before{content:"\f66a"}.fa-js:before{content:"\f3b8"}.fa-js-square:before{content:"\f3b9"}.fa-jsfiddle:before{content:"\f1cc"}.fa-kaaba:before{content:"\f66b"}.fa-kaggle:before{content:"\f5fa"}.fa-key:before{content:"\f084"}.fa-keybase:before{content:"\f4f5"}.fa-keyboard:before{content:"\f11c"}.fa-keycdn:before{content:"\f3ba"}.fa-khanda:before{content:"\f66d"}.fa-kickstarter:before{content:"\f3bb"}.fa-kickstarter-k:before{content:"\f3bc"}.fa-kiss:before{content:"\f596"}.fa-kiss-beam:before{content:"\f597"}.fa-kiss-wink-heart:before{content:"\f598"}.fa-kiwi-bird:before{content:"\f535"}.fa-korvue:before{content:"\f42f"}.fa-landmark:before{content:"\f66f"}.fa-language:before{content:"\f1ab"}.fa-laptop:before{content:"\f109"}.fa-laptop-code:before{content:"\f5fc"}.fa-laptop-medical:before{content:"\f812"}.fa-laravel:before{content:"\f3bd"}.fa-lastfm:before{content:"\f202"}.fa-lastfm-square:before{content:"\f203"}.fa-laugh:before{content:"\f599"}.fa-laugh-beam:before{content:"\f59a"}.fa-laugh-squint:before{content:"\f59b"}.fa-laugh-wink:before{content:"\f59c"}.fa-layer-group:before{content:"\f5fd"}.fa-leaf:before{content:"\f06c"}.fa-leanpub:before{content:"\f212"}.fa-lemon:before{content:"\f094"}.fa-less:before{content:"\f41d"}.fa-less-than:before{content:"\f536"}.fa-less-than-equal:before{content:"\f537"}.fa-level-down-alt:before{content:"\f3be"}.fa-level-up-alt:before{content:"\f3bf"}.fa-life-ring:before{content:"\f1cd"}.fa-lightbulb:before{content:"\f0eb"}.fa-line:before{content:"\f3c0"}.fa-link:before{content:"\f0c1"}.fa-linkedin:before{content:"\f08c"}.fa-linkedin-in:before{content:"\f0e1"}.fa-linode:before{content:"\f2b8"}.fa-linux:before{content:"\f17c"}.fa-lira-sign:before{content:"\f195"}.fa-list:before{content:"\f03a"}.fa-list-alt:before{content:"\f022"}.fa-list-ol:before{content:"\f0cb"}.fa-list-ul:before{content:"\f0ca"}.fa-location-arrow:before{content:"\f124"}.fa-lock:before{content:"\f023"}.fa-lock-open:before{content:"\f3c1"}.fa-long-arrow-alt-down:before{content:"\f309"}.fa-long-arrow-alt-left:before{content:"\f30a"}.fa-long-arrow-alt-right:before{content:"\f30b"}.fa-long-arrow-alt-up:before{content:"\f30c"}.fa-low-vision:before{content:"\f2a8"}.fa-luggage-cart:before{content:"\f59d"}.fa-lyft:before{content:"\f3c3"}.fa-magento:before{content:"\f3c4"}.fa-magic:before{content:"\f0d0"}.fa-magnet:before{content:"\f076"}.fa-mail-bulk:before{content:"\f674"}.fa-mailchimp:before{content:"\f59e"}.fa-male:before{content:"\f183"}.fa-mandalorian:before{content:"\f50f"}.fa-map:before{content:"\f279"}.fa-map-marked:before{content:"\f59f"}.fa-map-marked-alt:before{content:"\f5a0"}.fa-map-marker:before{content:"\f041"}.fa-map-marker-alt:before{content:"\f3c5"}.fa-map-pin:before{content:"\f276"}.fa-map-signs:before{content:"\f277"}.fa-markdown:before{content:"\f60f"}.fa-marker:before{content:"\f5a1"}.fa-mars:before{content:"\f222"}.fa-mars-double:before{content:"\f227"}.fa-mars-stroke:before{content:"\f229"}.fa-mars-stroke-h:before{content:"\f22b"}.fa-mars-stroke-v:before{content:"\f22a"}.fa-mask:before{content:"\f6fa"}.fa-mastodon:before{content:"\f4f6"}.fa-maxcdn:before{content:"\f136"}.fa-medal:before{content:"\f5a2"}.fa-medapps:before{content:"\f3c6"}.fa-medium:before{content:"\f23a"}.fa-medium-m:before{content:"\f3c7"}.fa-medkit:before{content:"\f0fa"}.fa-medrt:before{content:"\f3c8"}.fa-meetup:before{content:"\f2e0"}.fa-megaport:before{content:"\f5a3"}.fa-meh:before{content:"\f11a"}.fa-meh-blank:before{content:"\f5a4"}.fa-meh-rolling-eyes:before{content:"\f5a5"}.fa-memory:before{content:"\f538"}.fa-mendeley:before{content:"\f7b3"}.fa-menorah:before{content:"\f676"}.fa-mercury:before{content:"\f223"}.fa-meteor:before{content:"\f753"}.fa-microchip:before{content:"\f2db"}.fa-microphone:before{content:"\f130"}.fa-microphone-alt:before{content:"\f3c9"}.fa-microphone-alt-slash:before{content:"\f539"}.fa-microphone-slash:before{content:"\f131"}.fa-microscope:before{content:"\f610"}.fa-microsoft:before{content:"\f3ca"}.fa-minus:before{content:"\f068"}.fa-minus-circle:before{content:"\f056"}.fa-minus-square:before{content:"\f146"}.fa-mitten:before{content:"\f7b5"}.fa-mix:before{content:"\f3cb"}.fa-mixcloud:before{content:"\f289"}.fa-mizuni:before{content:"\f3cc"}.fa-mobile:before{content:"\f10b"}.fa-mobile-alt:before{content:"\f3cd"}.fa-modx:before{content:"\f285"}.fa-monero:before{content:"\f3d0"}.fa-money-bill:before{content:"\f0d6"}.fa-money-bill-alt:before{content:"\f3d1"}.fa-money-bill-wave:before{content:"\f53a"}.fa-money-bill-wave-alt:before{content:"\f53b"}.fa-money-check:before{content:"\f53c"}.fa-money-check-alt:before{content:"\f53d"}.fa-monument:before{content:"\f5a6"}.fa-moon:before{content:"\f186"}.fa-mortar-pestle:before{content:"\f5a7"}.fa-mosque:before{content:"\f678"}.fa-motorcycle:before{content:"\f21c"}.fa-mountain:before{content:"\f6fc"}.fa-mouse-pointer:before{content:"\f245"}.fa-mug-hot:before{content:"\f7b6"}.fa-music:before{content:"\f001"}.fa-napster:before{content:"\f3d2"}.fa-neos:before{content:"\f612"}.fa-network-wired:before{content:"\f6ff"}.fa-neuter:before{content:"\f22c"}.fa-newspaper:before{content:"\f1ea"}.fa-nimblr:before{content:"\f5a8"}.fa-nintendo-switch:before{content:"\f418"}.fa-node:before{content:"\f419"}.fa-node-js:before{content:"\f3d3"}.fa-not-equal:before{content:"\f53e"}.fa-notes-medical:before{content:"\f481"}.fa-npm:before{content:"\f3d4"}.fa-ns8:before{content:"\f3d5"}.fa-nutritionix:before{content:"\f3d6"}.fa-object-group:before{content:"\f247"}.fa-object-ungroup:before{content:"\f248"}.fa-odnoklassniki:before{content:"\f263"}.fa-odnoklassniki-square:before{content:"\f264"}.fa-oil-can:before{content:"\f613"}.fa-old-republic:before{content:"\f510"}.fa-om:before{content:"\f679"}.fa-opencart:before{content:"\f23d"}.fa-openid:before{content:"\f19b"}.fa-opera:before{content:"\f26a"}.fa-optin-monster:before{content:"\f23c"}.fa-osi:before{content:"\f41a"}.fa-otter:before{content:"\f700"}.fa-outdent:before{content:"\f03b"}.fa-page4:before{content:"\f3d7"}.fa-pagelines:before{content:"\f18c"}.fa-pager:before{content:"\f815"}.fa-paint-brush:before{content:"\f1fc"}.fa-paint-roller:before{content:"\f5aa"}.fa-palette:before{content:"\f53f"}.fa-palfed:before{content:"\f3d8"}.fa-pallet:before{content:"\f482"}.fa-paper-plane:before{content:"\f1d8"}.fa-paperclip:before{content:"\f0c6"}.fa-parachute-box:before{content:"\f4cd"}.fa-paragraph:before{content:"\f1dd"}.fa-parking:before{content:"\f540"}.fa-passport:before{content:"\f5ab"}.fa-pastafarianism:before{content:"\f67b"}.fa-paste:before{content:"\f0ea"}.fa-patreon:before{content:"\f3d9"}.fa-pause:before{content:"\f04c"}.fa-pause-circle:before{content:"\f28b"}.fa-paw:before{content:"\f1b0"}.fa-paypal:before{content:"\f1ed"}.fa-peace:before{content:"\f67c"}.fa-pen:before{content:"\f304"}.fa-pen-alt:before{content:"\f305"}.fa-pen-fancy:before{content:"\f5ac"}.fa-pen-nib:before{content:"\f5ad"}.fa-pen-square:before{content:"\f14b"}.fa-pencil-alt:before{content:"\f303"}.fa-pencil-ruler:before{content:"\f5ae"}.fa-penny-arcade:before{content:"\f704"}.fa-people-carry:before{content:"\f4ce"}.fa-pepper-hot:before{content:"\f816"}.fa-percent:before{content:"\f295"}.fa-percentage:before{content:"\f541"}.fa-periscope:before{content:"\f3da"}.fa-person-booth:before{content:"\f756"}.fa-phabricator:before{content:"\f3db"}.fa-phoenix-framework:before{content:"\f3dc"}.fa-phoenix-squadron:before{content:"\f511"}.fa-phone:before{content:"\f095"}.fa-phone-slash:before{content:"\f3dd"}.fa-phone-square:before{content:"\f098"}.fa-phone-volume:before{content:"\f2a0"}.fa-php:before{content:"\f457"}.fa-pied-piper:before{content:"\f2ae"}.fa-pied-piper-alt:before{content:"\f1a8"}.fa-pied-piper-hat:before{content:"\f4e5"}.fa-pied-piper-pp:before{content:"\f1a7"}.fa-piggy-bank:before{content:"\f4d3"}.fa-pills:before{content:"\f484"}.fa-pinterest:before{content:"\f0d2"}.fa-pinterest-p:before{content:"\f231"}.fa-pinterest-square:before{content:"\f0d3"}.fa-pizza-slice:before{content:"\f818"}.fa-place-of-worship:before{content:"\f67f"}.fa-plane:before{content:"\f072"}.fa-plane-arrival:before{content:"\f5af"}.fa-plane-departure:before{content:"\f5b0"}.fa-play:before{content:"\f04b"}.fa-play-circle:before{content:"\f144"}.fa-playstation:before{content:"\f3df"}.fa-plug:before{content:"\f1e6"}.fa-plus:before{content:"\f067"}.fa-plus-circle:before{content:"\f055"}.fa-plus-square:before{content:"\f0fe"}.fa-podcast:before{content:"\f2ce"}.fa-poll:before{content:"\f681"}.fa-poll-h:before{content:"\f682"}.fa-poo:before{content:"\f2fe"}.fa-poo-storm:before{content:"\f75a"}.fa-poop:before{content:"\f619"}.fa-portrait:before{content:"\f3e0"}.fa-pound-sign:before{content:"\f154"}.fa-power-off:before{content:"\f011"}.fa-pray:before{content:"\f683"}.fa-praying-hands:before{content:"\f684"}.fa-prescription:before{content:"\f5b1"}.fa-prescription-bottle:before{content:"\f485"}.fa-prescription-bottle-alt:before{content:"\f486"}.fa-print:before{content:"\f02f"}.fa-procedures:before{content:"\f487"}.fa-product-hunt:before{content:"\f288"}.fa-project-diagram:before{content:"\f542"}.fa-pushed:before{content:"\f3e1"}.fa-puzzle-piece:before{content:"\f12e"}.fa-python:before{content:"\f3e2"}.fa-qq:before{content:"\f1d6"}.fa-qrcode:before{content:"\f029"}.fa-question:before{content:"\f128"}.fa-question-circle:before{content:"\f059"}.fa-quidditch:before{content:"\f458"}.fa-quinscape:before{content:"\f459"}.fa-quora:before{content:"\f2c4"}.fa-quote-left:before{content:"\f10d"}.fa-quote-right:before{content:"\f10e"}.fa-quran:before{content:"\f687"}.fa-r-project:before{content:"\f4f7"}.fa-radiation:before{content:"\f7b9"}.fa-radiation-alt:before{content:"\f7ba"}.fa-rainbow:before{content:"\f75b"}.fa-random:before{content:"\f074"}.fa-raspberry-pi:before{content:"\f7bb"}.fa-ravelry:before{content:"\f2d9"}.fa-react:before{content:"\f41b"}.fa-reacteurope:before{content:"\f75d"}.fa-readme:before{content:"\f4d5"}.fa-rebel:before{content:"\f1d0"}.fa-receipt:before{content:"\f543"}.fa-recycle:before{content:"\f1b8"}.fa-red-river:before{content:"\f3e3"}.fa-reddit:before{content:"\f1a1"}.fa-reddit-alien:before{content:"\f281"}.fa-reddit-square:before{content:"\f1a2"}.fa-redhat:before{content:"\f7bc"}.fa-redo:before{content:"\f01e"}.fa-redo-alt:before{content:"\f2f9"}.fa-registered:before{content:"\f25d"}.fa-renren:before{content:"\f18b"}.fa-reply:before{content:"\f3e5"}.fa-reply-all:before{content:"\f122"}.fa-replyd:before{content:"\f3e6"}.fa-republican:before{content:"\f75e"}.fa-researchgate:before{content:"\f4f8"}.fa-resolving:before{content:"\f3e7"}.fa-restroom:before{content:"\f7bd"}.fa-retweet:before{content:"\f079"}.fa-rev:before{content:"\f5b2"}.fa-ribbon:before{content:"\f4d6"}.fa-ring:before{content:"\f70b"}.fa-road:before{content:"\f018"}.fa-robot:before{content:"\f544"}.fa-rocket:before{content:"\f135"}.fa-rocketchat:before{content:"\f3e8"}.fa-rockrms:before{content:"\f3e9"}.fa-route:before{content:"\f4d7"}.fa-rss:before{content:"\f09e"}.fa-rss-square:before{content:"\f143"}.fa-ruble-sign:before{content:"\f158"}.fa-ruler:before{content:"\f545"}.fa-ruler-combined:before{content:"\f546"}.fa-ruler-horizontal:before{content:"\f547"}.fa-ruler-vertical:before{content:"\f548"}.fa-running:before{content:"\f70c"}.fa-rupee-sign:before{content:"\f156"}.fa-sad-cry:before{content:"\f5b3"}.fa-sad-tear:before{content:"\f5b4"}.fa-safari:before{content:"\f267"}.fa-sass:before{content:"\f41e"}.fa-satellite:before{content:"\f7bf"}.fa-satellite-dish:before{content:"\f7c0"}.fa-save:before{content:"\f0c7"}.fa-schlix:before{content:"\f3ea"}.fa-school:before{content:"\f549"}.fa-screwdriver:before{content:"\f54a"}.fa-scribd:before{content:"\f28a"}.fa-scroll:before{content:"\f70e"}.fa-sd-card:before{content:"\f7c2"}.fa-search:before{content:"\f002"}.fa-search-dollar:before{content:"\f688"}.fa-search-location:before{content:"\f689"}.fa-search-minus:before{content:"\f010"}.fa-search-plus:before{content:"\f00e"}.fa-searchengin:before{content:"\f3eb"}.fa-seedling:before{content:"\f4d8"}.fa-sellcast:before{content:"\f2da"}.fa-sellsy:before{content:"\f213"}.fa-server:before{content:"\f233"}.fa-servicestack:before{content:"\f3ec"}.fa-shapes:before{content:"\f61f"}.fa-share:before{content:"\f064"}.fa-share-alt:before{content:"\f1e0"}.fa-share-alt-square:before{content:"\f1e1"}.fa-share-square:before{content:"\f14d"}.fa-shekel-sign:before{content:"\f20b"}.fa-shield-alt:before{content:"\f3ed"}.fa-ship:before{content:"\f21a"}.fa-shipping-fast:before{content:"\f48b"}.fa-shirtsinbulk:before{content:"\f214"}.fa-shoe-prints:before{content:"\f54b"}.fa-shopping-bag:before{content:"\f290"}.fa-shopping-basket:before{content:"\f291"}.fa-shopping-cart:before{content:"\f07a"}.fa-shopware:before{content:"\f5b5"}.fa-shower:before{content:"\f2cc"}.fa-shuttle-van:before{content:"\f5b6"}.fa-sign:before{content:"\f4d9"}.fa-sign-in-alt:before{content:"\f2f6"}.fa-sign-language:before{content:"\f2a7"}.fa-sign-out-alt:before{content:"\f2f5"}.fa-signal:before{content:"\f012"}.fa-signature:before{content:"\f5b7"}.fa-sim-card:before{content:"\f7c4"}.fa-simplybuilt:before{content:"\f215"}.fa-sistrix:before{content:"\f3ee"}.fa-sitemap:before{content:"\f0e8"}.fa-sith:before{content:"\f512"}.fa-skating:before{content:"\f7c5"}.fa-sketch:before{content:"\f7c6"}.fa-skiing:before{content:"\f7c9"}.fa-skiing-nordic:before{content:"\f7ca"}.fa-skull:before{content:"\f54c"}.fa-skull-crossbones:before{content:"\f714"}.fa-skyatlas:before{content:"\f216"}.fa-skype:before{content:"\f17e"}.fa-slack:before{content:"\f198"}.fa-slack-hash:before{content:"\f3ef"}.fa-slash:before{content:"\f715"}.fa-sleigh:before{content:"\f7cc"}.fa-sliders-h:before{content:"\f1de"}.fa-slideshare:before{content:"\f1e7"}.fa-smile:before{content:"\f118"}.fa-smile-beam:before{content:"\f5b8"}.fa-smile-wink:before{content:"\f4da"}.fa-smog:before{content:"\f75f"}.fa-smoking:before{content:"\f48d"}.fa-smoking-ban:before{content:"\f54d"}.fa-sms:before{content:"\f7cd"}.fa-snapchat:before{content:"\f2ab"}.fa-snapchat-ghost:before{content:"\f2ac"}.fa-snapchat-square:before{content:"\f2ad"}.fa-snowboarding:before{content:"\f7ce"}.fa-snowflake:before{content:"\f2dc"}.fa-snowman:before{content:"\f7d0"}.fa-snowplow:before{content:"\f7d2"}.fa-socks:before{content:"\f696"}.fa-solar-panel:before{content:"\f5ba"}.fa-sort:before{content:"\f0dc"}.fa-sort-alpha-down:before{content:"\f15d"}.fa-sort-alpha-up:before{content:"\f15e"}.fa-sort-amount-down:before{content:"\f160"}.fa-sort-amount-up:before{content:"\f161"}.fa-sort-down:before{content:"\f0dd"}.fa-sort-numeric-down:before{content:"\f162"}.fa-sort-numeric-up:before{content:"\f163"}.fa-sort-up:before{content:"\f0de"}.fa-soundcloud:before{content:"\f1be"}.fa-sourcetree:before{content:"\f7d3"}.fa-spa:before{content:"\f5bb"}.fa-space-shuttle:before{content:"\f197"}.fa-speakap:before{content:"\f3f3"}.fa-spider:before{content:"\f717"}.fa-spinner:before{content:"\f110"}.fa-splotch:before{content:"\f5bc"}.fa-spotify:before{content:"\f1bc"}.fa-spray-can:before{content:"\f5bd"}.fa-square:before{content:"\f0c8"}.fa-square-full:before{content:"\f45c"}.fa-square-root-alt:before{content:"\f698"}.fa-squarespace:before{content:"\f5be"}.fa-stack-exchange:before{content:"\f18d"}.fa-stack-overflow:before{content:"\f16c"}.fa-stamp:before{content:"\f5bf"}.fa-star:before{content:"\f005"}.fa-star-and-crescent:before{content:"\f699"}.fa-star-half:before{content:"\f089"}.fa-star-half-alt:before{content:"\f5c0"}.fa-star-of-david:before{content:"\f69a"}.fa-star-of-life:before{content:"\f621"}.fa-staylinked:before{content:"\f3f5"}.fa-steam:before{content:"\f1b6"}.fa-steam-square:before{content:"\f1b7"}.fa-steam-symbol:before{content:"\f3f6"}.fa-step-backward:before{content:"\f048"}.fa-step-forward:before{content:"\f051"}.fa-stethoscope:before{content:"\f0f1"}.fa-sticker-mule:before{content:"\f3f7"}.fa-sticky-note:before{content:"\f249"}.fa-stop:before{content:"\f04d"}.fa-stop-circle:before{content:"\f28d"}.fa-stopwatch:before{content:"\f2f2"}.fa-store:before{content:"\f54e"}.fa-store-alt:before{content:"\f54f"}.fa-strava:before{content:"\f428"}.fa-stream:before{content:"\f550"}.fa-street-view:before{content:"\f21d"}.fa-strikethrough:before{content:"\f0cc"}.fa-stripe:before{content:"\f429"}.fa-stripe-s:before{content:"\f42a"}.fa-stroopwafel:before{content:"\f551"}.fa-studiovinari:before{content:"\f3f8"}.fa-stumbleupon:before{content:"\f1a4"}.fa-stumbleupon-circle:before{content:"\f1a3"}.fa-subscript:before{content:"\f12c"}.fa-subway:before{content:"\f239"}.fa-suitcase:before{content:"\f0f2"}.fa-suitcase-rolling:before{content:"\f5c1"}.fa-sun:before{content:"\f185"}.fa-superpowers:before{content:"\f2dd"}.fa-superscript:before{content:"\f12b"}.fa-supple:before{content:"\f3f9"}.fa-surprise:before{content:"\f5c2"}.fa-suse:before{content:"\f7d6"}.fa-swatchbook:before{content:"\f5c3"}.fa-swimmer:before{content:"\f5c4"}.fa-swimming-pool:before{content:"\f5c5"}.fa-synagogue:before{content:"\f69b"}.fa-sync:before{content:"\f021"}.fa-sync-alt:before{content:"\f2f1"}.fa-syringe:before{content:"\f48e"}.fa-table:before{content:"\f0ce"}.fa-table-tennis:before{content:"\f45d"}.fa-tablet:before{content:"\f10a"}.fa-tablet-alt:before{content:"\f3fa"}.fa-tablets:before{content:"\f490"}.fa-tachometer-alt:before{content:"\f3fd"}.fa-tag:before{content:"\f02b"}.fa-tags:before{content:"\f02c"}.fa-tape:before{content:"\f4db"}.fa-tasks:before{content:"\f0ae"}.fa-taxi:before{content:"\f1ba"}.fa-teamspeak:before{content:"\f4f9"}.fa-teeth:before{content:"\f62e"}.fa-teeth-open:before{content:"\f62f"}.fa-telegram:before{content:"\f2c6"}.fa-telegram-plane:before{content:"\f3fe"}.fa-temperature-high:before{content:"\f769"}.fa-temperature-low:before{content:"\f76b"}.fa-tencent-weibo:before{content:"\f1d5"}.fa-tenge:before{content:"\f7d7"}.fa-terminal:before{content:"\f120"}.fa-text-height:before{content:"\f034"}.fa-text-width:before{content:"\f035"}.fa-th:before{content:"\f00a"}.fa-th-large:before{content:"\f009"}.fa-th-list:before{content:"\f00b"}.fa-the-red-yeti:before{content:"\f69d"}.fa-theater-masks:before{content:"\f630"}.fa-themeco:before{content:"\f5c6"}.fa-themeisle:before{content:"\f2b2"}.fa-thermometer:before{content:"\f491"}.fa-thermometer-empty:before{content:"\f2cb"}.fa-thermometer-full:before{content:"\f2c7"}.fa-thermometer-half:before{content:"\f2c9"}.fa-thermometer-quarter:before{content:"\f2ca"}.fa-thermometer-three-quarters:before{content:"\f2c8"}.fa-think-peaks:before{content:"\f731"}.fa-thumbs-down:before{content:"\f165"}.fa-thumbs-up:before{content:"\f164"}.fa-thumbtack:before{content:"\f08d"}.fa-ticket-alt:before{content:"\f3ff"}.fa-times:before{content:"\f00d"}.fa-times-circle:before{content:"\f057"}.fa-tint:before{content:"\f043"}.fa-tint-slash:before{content:"\f5c7"}.fa-tired:before{content:"\f5c8"}.fa-toggle-off:before{content:"\f204"}.fa-toggle-on:before{content:"\f205"}.fa-toilet:before{content:"\f7d8"}.fa-toilet-paper:before{content:"\f71e"}.fa-toolbox:before{content:"\f552"}.fa-tools:before{content:"\f7d9"}.fa-tooth:before{content:"\f5c9"}.fa-torah:before{content:"\f6a0"}.fa-torii-gate:before{content:"\f6a1"}.fa-tractor:before{content:"\f722"}.fa-trade-federation:before{content:"\f513"}.fa-trademark:before{content:"\f25c"}.fa-traffic-light:before{content:"\f637"}.fa-train:before{content:"\f238"}.fa-tram:before{content:"\f7da"}.fa-transgender:before{content:"\f224"}.fa-transgender-alt:before{content:"\f225"}.fa-trash:before{content:"\f1f8"}.fa-trash-alt:before{content:"\f2ed"}.fa-trash-restore:before{content:"\f829"}.fa-trash-restore-alt:before{content:"\f82a"}.fa-tree:before{content:"\f1bb"}.fa-trello:before{content:"\f181"}.fa-tripadvisor:before{content:"\f262"}.fa-trophy:before{content:"\f091"}.fa-truck:before{content:"\f0d1"}.fa-truck-loading:before{content:"\f4de"}.fa-truck-monster:before{content:"\f63b"}.fa-truck-moving:before{content:"\f4df"}.fa-truck-pickup:before{content:"\f63c"}.fa-tshirt:before{content:"\f553"}.fa-tty:before{content:"\f1e4"}.fa-tumblr:before{content:"\f173"}.fa-tumblr-square:before{content:"\f174"}.fa-tv:before{content:"\f26c"}.fa-twitch:before{content:"\f1e8"}.fa-twitter:before{content:"\f099"}.fa-twitter-square:before{content:"\f081"}.fa-typo3:before{content:"\f42b"}.fa-uber:before{content:"\f402"}.fa-ubuntu:before{content:"\f7df"}.fa-uikit:before{content:"\f403"}.fa-umbrella:before{content:"\f0e9"}.fa-umbrella-beach:before{content:"\f5ca"}.fa-underline:before{content:"\f0cd"}.fa-undo:before{content:"\f0e2"}.fa-undo-alt:before{content:"\f2ea"}.fa-uniregistry:before{content:"\f404"}.fa-universal-access:before{content:"\f29a"}.fa-university:before{content:"\f19c"}.fa-unlink:before{content:"\f127"}.fa-unlock:before{content:"\f09c"}.fa-unlock-alt:before{content:"\f13e"}.fa-untappd:before{content:"\f405"}.fa-upload:before{content:"\f093"}.fa-ups:before{content:"\f7e0"}.fa-usb:before{content:"\f287"}.fa-user:before{content:"\f007"}.fa-user-alt:before{content:"\f406"}.fa-user-alt-slash:before{content:"\f4fa"}.fa-user-astronaut:before{content:"\f4fb"}.fa-user-check:before{content:"\f4fc"}.fa-user-circle:before{content:"\f2bd"}.fa-user-clock:before{content:"\f4fd"}.fa-user-cog:before{content:"\f4fe"}.fa-user-edit:before{content:"\f4ff"}.fa-user-friends:before{content:"\f500"}.fa-user-graduate:before{content:"\f501"}.fa-user-injured:before{content:"\f728"}.fa-user-lock:before{content:"\f502"}.fa-user-md:before{content:"\f0f0"}.fa-user-minus:before{content:"\f503"}.fa-user-ninja:before{content:"\f504"}.fa-user-nurse:before{content:"\f82f"}.fa-user-plus:before{content:"\f234"}.fa-user-secret:before{content:"\f21b"}.fa-user-shield:before{content:"\f505"}.fa-user-slash:before{content:"\f506"}.fa-user-tag:before{content:"\f507"}.fa-user-tie:before{content:"\f508"}.fa-user-times:before{content:"\f235"}.fa-users:before{content:"\f0c0"}.fa-users-cog:before{content:"\f509"}.fa-usps:before{content:"\f7e1"}.fa-ussunnah:before{content:"\f407"}.fa-utensil-spoon:before{content:"\f2e5"}.fa-utensils:before{content:"\f2e7"}.fa-vaadin:before{content:"\f408"}.fa-vector-square:before{content:"\f5cb"}.fa-venus:before{content:"\f221"}.fa-venus-double:before{content:"\f226"}.fa-venus-mars:before{content:"\f228"}.fa-viacoin:before{content:"\f237"}.fa-viadeo:before{content:"\f2a9"}.fa-viadeo-square:before{content:"\f2aa"}.fa-vial:before{content:"\f492"}.fa-vials:before{content:"\f493"}.fa-viber:before{content:"\f409"}.fa-video:before{content:"\f03d"}.fa-video-slash:before{content:"\f4e2"}.fa-vihara:before{content:"\f6a7"}.fa-vimeo:before{content:"\f40a"}.fa-vimeo-square:before{content:"\f194"}.fa-vimeo-v:before{content:"\f27d"}.fa-vine:before{content:"\f1ca"}.fa-vk:before{content:"\f189"}.fa-vnv:before{content:"\f40b"}.fa-volleyball-ball:before{content:"\f45f"}.fa-volume-down:before{content:"\f027"}.fa-volume-mute:before{content:"\f6a9"}.fa-volume-off:before{content:"\f026"}.fa-volume-up:before{content:"\f028"}.fa-vote-yea:before{content:"\f772"}.fa-vr-cardboard:before{content:"\f729"}.fa-vuejs:before{content:"\f41f"}.fa-walking:before{content:"\f554"}.fa-wallet:before{content:"\f555"}.fa-warehouse:before{content:"\f494"}.fa-water:before{content:"\f773"}.fa-weebly:before{content:"\f5cc"}.fa-weibo:before{content:"\f18a"}.fa-weight:before{content:"\f496"}.fa-weight-hanging:before{content:"\f5cd"}.fa-weixin:before{content:"\f1d7"}.fa-whatsapp:before{content:"\f232"}.fa-whatsapp-square:before{content:"\f40c"}.fa-wheelchair:before{content:"\f193"}.fa-whmcs:before{content:"\f40d"}.fa-wifi:before{content:"\f1eb"}.fa-wikipedia-w:before{content:"\f266"}.fa-wind:before{content:"\f72e"}.fa-window-close:before{content:"\f410"}.fa-window-maximize:before{content:"\f2d0"}.fa-window-minimize:before{content:"\f2d1"}.fa-window-restore:before{content:"\f2d2"}.fa-windows:before{content:"\f17a"}.fa-wine-bottle:before{content:"\f72f"}.fa-wine-glass:before{content:"\f4e3"}.fa-wine-glass-alt:before{content:"\f5ce"}.fa-wix:before{content:"\f5cf"}.fa-wizards-of-the-coast:before{content:"\f730"}.fa-wolf-pack-battalion:before{content:"\f514"}.fa-won-sign:before{content:"\f159"}.fa-wordpress:before{content:"\f19a"}.fa-wordpress-simple:before{content:"\f411"}.fa-wpbeginner:before{content:"\f297"}.fa-wpexplorer:before{content:"\f2de"}.fa-wpforms:before{content:"\f298"}.fa-wpressr:before{content:"\f3e4"}.fa-wrench:before{content:"\f0ad"}.fa-x-ray:before{content:"\f497"}.fa-xbox:before{content:"\f412"}.fa-xing:before{content:"\f168"}.fa-xing-square:before{content:"\f169"}.fa-y-combinator:before{content:"\f23b"}.fa-yahoo:before{content:"\f19e"}.fa-yandex:before{content:"\f413"}.fa-yandex-international:before{content:"\f414"}.fa-yarn:before{content:"\f7e3"}.fa-yelp:before{content:"\f1e9"}.fa-yen-sign:before{content:"\f157"}.fa-yin-yang:before{content:"\f6ad"}.fa-yoast:before{content:"\f2b1"}.fa-youtube:before{content:"\f167"}.fa-youtube-square:before{content:"\f431"}.fa-zhihu:before{content:"\f63f"}.sr-only{border:0;clip:rect(0,0,0,0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.sr-only-focusable:active,.sr-only-focusable:focus{clip:auto;height:auto;margin:0;overflow:visible;position:static;width:auto}@font-face{font-family:"Font Awesome 5 Brands";font-style:normal;font-weight:400;font-display:auto;src:url(libs/fonts/fa-brands-400.eot);src:url(libs/fonts/fa-brands-400.eot?#iefix) format("embedded-opentype"),url(libs/fonts/fa-brands-400.woff2) format("woff2"),url(libs/fonts/fa-brands-400.woff) format("woff"),url(libs/fonts/fa-brands-400.ttf) format("truetype"),url(libs/fonts/fa-brands-400.svg#fontawesome) format("svg")}.fab{font-family:"Font Awesome 5 Brands"}@font-face{font-family:"Font Awesome 5 Free";font-style:normal;font-weight:400;font-display:auto;src:url(libs/fonts/fa-regular-400.eot);src:url(libs/fonts/fa-regular-400.eot?#iefix) format("embedded-opentype"),url(libs/fonts/fa-regular-400.woff2) format("woff2"),url(libs/fonts/fa-regular-400.woff) format("woff"),url(libs/fonts/fa-regular-400.ttf) format("truetype"),url(libs/fonts/fa-regular-400.svg#fontawesome) format("svg")}.far{font-weight:400}@font-face{font-family:"Font Awesome 5 Free";font-style:normal;font-weight:900;font-display:auto;src:url(libs/fonts/fa-solid-900.eot);src:url(libs/fonts/fa-solid-900.eot?#iefix) format("embedded-opentype"),url(libs/fonts/fa-solid-900.woff2) format("woff2"),url(libs/fonts/fa-solid-900.woff) format("woff"),url(libs/fonts/fa-solid-900.ttf) format("truetype"),url(libs/fonts/fa-solid-900.svg#fontawesome) format("svg")}.fa,.far,.fas{font-family:"Font Awesome 5 Free"}.fa,.fas{font-weight:900}:root{--colorLink:#999;--colorSidebar:#fff;--errorColor:#f44336;--main:#f44336;--sidebarBg:#292929;--sidebarHoverBg:#232323;--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}.night-colors{--bg:#1f1f1f;--border:#191919;--color:#fff;--contentBg:#292929;--headerBg:#292929;--selectedBg:#261918;--bgqoute:#1f1f1f5e}.light-colors{--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}body.dark{--bg:#1f1f1f;--border:#191919;--color:#fff;--contentBg:#292929;--headerBg:#292929;--selectedBg:#261918;--bgqoute:#1f1f1f5e}body.light{--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}@media (prefers-color-scheme:dark){:root{--bg:#1f1f1f;--border:#191919;--color:#fff;--contentBg:#292929;--headerBg:#292929;--selectedBg:#261918;--bgqoute:#1f1f1f5e}}@media (prefers-color-scheme:light){:root{--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}}select{background:var(--contentBg);border:1px solid var(--border);border-radius:4px;color:var(--color)}.login-footer{color:var(--color)}.content-footer{width:100%;padding:20px;max-width:840px;margin-bottom:16px;background-color:var(--contentBg);border:1px solid var(--border);display:flex;flex-flow:column;align-items:center}.metadata{display:flex;flex-flow:row wrap;text-align:center;font-size:16px;color:var(--colorLink)}.metadata:first-child{justify-content:flex-start}.metadata:nth-child(2){justify-content:flex-end}.metadata[v-cloak]{visibility:hidden}.links{display:flex;flex-flow:row wrap}.links a{padding:0 4px;color:var(--color);text-decoration:underline}.links a:focus,.links a:hover{color:var(--main)}*{border-width:0;box-sizing:border-box;font-family:"Source Sans Pro",sans-serif;margin:0;padding:0;text-decoration:none}body{background-color:var(--bg)}a{cursor:pointer}.spacer{flex:1}#login-scene{height:100%;height:100dvh;padding:16px;overflow:auto;display:flex;align-items:center;flex-flow:column nowrap;background-color:var(--bg)}#login-scene>.error-message{width:100%;max-width:400px;font-size:1em;background-color:var(--contentBg);border:1px solid var(--border);padding:16px;margin-top:auto;margin-bottom:16px;text-align:center;color:var(--errorColor)}#login-scene #login-box{width:100%;max-width:400px;margin-bottom:auto;background-color:var(--contentBg);display:flex;flex-flow:column nowrap;border:1px solid var(--border);flex-shrink:0}#login-scene #login-box:first-child{margin-top:auto}#login-scene #login-box #logo-area{display:flex;align-items:center;flex-flow:column nowrap;padding:16px;background-color:var(--main);border-bottom:1px solid var(--border);flex-shrink:0}#login-scene #login-box #logo-area #logo{font-size:3em;font-weight:100;color:var(--contentBg)}#login-scene #login-box #logo-area #logo span{margin-right:8px}#login-scene #login-box #logo-area #tagline{font-weight:500;margin-top:4px;color:var(--contentBg);text-align:center}#login-scene #login-box #input-area{padding:16px;display:grid;grid-gap:16px;grid-template-columns:auto 1fr;justify-content:baseline;align-items:center;border-bottom:1px solid var(--border)}#login-scene #login-box #input-area>label{color:var(--color)}#login-scene #login-box #input-area>input{color:var(--color);padding:8px;background-color:var(--contentBg);border:1px solid var(--border);min-width:0;font-size:1em}#login-scene #login-box #input-area .checkbox-field{grid-column:1/span 2;display:flex;flex-flow:row nowrap;align-items:center;justify-content:center;cursor:pointer}#login-scene #login-box #input-area .checkbox-field:focus,#login-scene #login-box #input-area .checkbox-field:hover{text-decoration:underline;text-decoration-color:var(--main)}#login-scene #login-box #input-area .checkbox-field>input[type=checkbox]{margin-right:8px}#login-scene #login-box #button-area{display:flex;flex-flow:row nowrap;padding:16px;justify-content:center}#login-scene #login-box #button-area a{color:var(--color);text-transform:uppercase;text-align:center;font-weight:600;cursor:default}#login-scene #login-box #button-area a.button{cursor:pointer}#login-scene #login-box #button-area a.button:focus,#login-scene #login-box #button-area a.button:hover{color:var(--main)}#main-scene{min-height:100%;min-height:100dvh;padding-top:60px;padding-left:60px;background-color:var(--bg)}#main-scene #main-sidebar{top:0;left:0;width:60px;height:100%;height:100dvh;position:fixed;display:flex;flex-flow:column nowrap;background-color:var(--sidebarBg);z-index:1}#main-scene #main-sidebar a{flex-shrink:0;display:block;width:60px;line-height:60px;text-align:center;font-size:1em;color:var(--colorSidebar)}#main-scene #main-sidebar a.active{cursor:default;color:var(--colorSidebar);background-color:var(--main)}#main-scene #main-sidebar a:focus,#main-scene #main-sidebar a:hover{color:var(--main);background-color:var(--sidebarHoverBg)}#main-scene .page-header{top:0;left:60px;right:0;height:60px;position:fixed;color:var(--color);background-color:var(--headerBg);border-bottom:1px solid var(--border);padding:0 16px;z-index:10}#main-scene h1.page-header{line-height:60px;font-size:1.3em;font-weight:600}#main-scene div.page-header{display:flex;flex-flow:row nowrap;align-items:center}#main-scene div.page-header p{flex:1 0;font-size:1.3em;font-weight:600;line-height:60px;color:var(--color)}#main-scene div.page-header input[type=text]{flex:1 0;min-width:0;margin-right:8px;font-size:1.1em;font-weight:500;line-height:59px;color:var(--color);background-color:var(--contentBg)}#main-scene div.page-header input[type=text]::placeholder{color:var(--colorLink)}#main-scene div.page-header a{display:block;width:24px;line-height:24px;color:var(--colorLink);text-align:center}#main-scene div.page-header a:not(:last-child){margin-right:8px}#main-scene div.page-header a:hover{color:var(--main)}#main-scene .loading-overlay{display:flex;flex-flow:column nowrap;align-items:center;justify-content:center;overflow:hidden;position:fixed;top:0;left:0;width:100%;width:100dvw;height:100%;height:100dvh;z-index:10001;background-color:rgba(0,0,0,.6)}#main-scene .loading-overlay i{color:var(--colorSidebar);font-size:4em;text-align:center;width:80px;line-height:80px;position:absolute}@media (max-width:600px){#main-scene{padding-top:50px;padding-left:0;padding-bottom:50px}#main-scene #main-sidebar{top:auto;right:0;bottom:0;width:100%;width:100dvw;height:50px;flex-flow:row nowrap;border-top:1px solid var(--border)}#main-scene #main-sidebar .spacer{display:none}#main-scene #main-sidebar a{width:auto;flex:1 0;line-height:50px}#main-scene #main-sidebar a:focus,#main-scene #main-sidebar a:hover{color:var(--colorSidebar);background-color:var(--main)}#main-scene .page-header{left:0;height:50px}#main-scene h1.page-header{text-align:center;font-size:1em;line-height:50px;text-transform:uppercase}#main-scene div.page-header{flex-flow:row wrap}#main-scene div.page-header p{flex:1 0;font-size:1em;font-weight:500;line-height:3em;padding:0}#main-scene div.page-header input[type=text]{flex:1 0;font-size:1em;font-weight:500;line-height:3em}#main-scene div.page-header a{display:block;width:24px;line-height:100%}}#content-scene{padding:20px;display:flex;color:var(--color);background-color:var(--bg);flex-flow:column nowrap;align-items:center}#content-scene #header{width:100%;padding:20px;max-width:840px;margin-bottom:16px;background-color:var(--contentBg);border:1px solid var(--border);display:flex;flex-flow:column;align-items:center}#content-scene #header #title{padding:8px 0;grid-column-start:1;grid-column-end:-1;font-size:36px;font-weight:700;word-break:break-word;hyphens:none;text-align:center}#content-scene #content{width:100%;padding:20px;max-width:840px;background-color:var(--contentBg);border:1px solid var(--border)}#content-scene #content *{font-size:18px;line-height:180%}#content-scene #content :not(:last-child){margin-bottom:20px}#content-scene #content a{color:var(--color);text-decoration:underline}#content-scene #content a:focus,#content-scene #content a:hover{color:var(--main)}#content-scene #content code,#content-scene #content pre{overflow:auto;border:1px solid var(--border);font-family:"Ubuntu Mono","Courier New",Courier,monospace;font-size:16px}#content-scene #content pre{padding:8px}#content-scene #content pre>code{border:0}#content-scene #content ol,#content-scene #content ul{padding-left:16px}#content-scene #content img{height:auto;max-width:100%}#content-scene #content table{border:1px solid var(--border);border-collapse:collapse}#content-scene #content table td,#content-scene #content table th,#content-scene #content table tr{border:1px solid var(--border)}#content-scene #content blockquote{margin:15px;padding:15px;font-style:italic;background:var(--bgqoute)}#page-home>.empty-message{max-width:400px;font-size:1em;background-color:var(--contentBg);border:1px solid var(--border);padding:16px;margin:16px;color:var(--errorColor)}#page-home #edit-box{background-color:var(--selectedBg);border-bottom:1px solid var(--main)}#page-home #bookmarks-grid{display:grid;grid-template-rows:min-content;grid-template-columns:repeat(auto-fill,minmax(300px,1fr));grid-gap:16px;padding:16px;overflow:auto}#page-home #bookmarks-grid .bookmark{align-self:start}#page-home #bookmarks-grid .pagination-box{grid-column-end:-1;grid-column-start:1;display:flex;flex-flow:row nowrap;align-self:start}#page-home #bookmarks-grid .pagination-box a{padding:8px;color:var(--colorLink)}#page-home #bookmarks-grid .pagination-box a:focus,#page-home #bookmarks-grid .pagination-box a:hover{color:var(--main)}#page-home #bookmarks-grid .pagination-box input{width:40px;padding:8px;text-align:center;font-size:.9em;color:var(--color);border:1px solid var(--border);background-color:var(--contentBg);margin:0 8px}#page-home #bookmarks-grid .pagination-box p{font-size:.9em;color:var(--colorLink);line-height:37px;font-weight:600}#page-home #bookmarks-grid .pagination-box p:last-of-type::before{content:"/";margin-right:8px}#page-home #bookmarks-grid.list{grid-gap:0;padding-bottom:0;grid-template-columns:auto}#page-home #bookmarks-grid.list .pagination-box{padding:16px 0}#page-home #bookmarks-grid.list .pagination-box:first-child{padding-top:0}@media (max-width:600px){#page-home #bookmarks-grid.list{padding:16px 0 0}#page-home #bookmarks-grid.list .pagination-box{padding:16px}}#page-home #dialog-tags .custom-dialog-body{grid-template-columns:repeat(2,minmax(0,1fr))}@media (max-width:600px){#page-home #dialog-tags .custom-dialog-body{grid-template-columns:minmax(0,1fr)}}#page-home #dialog-tags .custom-dialog-body a{font-size:1em;color:var(--color)}#page-home #dialog-tags .custom-dialog-body a span:last-child{font-size:1em;color:var(--colorLink);margin-left:4px}#page-home #dialog-tags .custom-dialog-body a span:last-child::before{content:"(";margin-right:2px}#page-home #dialog-tags .custom-dialog-body a span:last-child::after{content:")";margin-left:2px}#page-home #dialog-tags .custom-dialog-body a:focus,#page-home #dialog-tags .custom-dialog-body a:hover{color:var(--main)}#page-setting{min-height:0;max-height:100%;display:flex;flex-flow:column nowrap}#page-setting .setting-container{padding:8px;display:flex;overflow:auto;flex-flow:column nowrap;flex:1 0}#page-setting .setting-container::after{content:"";display:block;min-height:1px}#page-setting .setting-container details.setting-group{margin:8px;display:block;max-width:350px;color:var(--color);background-color:var(--contentBg);border:1px solid var(--border)}@media (max-width:600px){#page-setting .setting-container details.setting-group{max-width:100%}}#page-setting .setting-container details.setting-group summary{list-style:none;font-weight:600;width:100%;padding:12px 8px;font-size:1.1em;cursor:pointer}#page-setting .setting-container details.setting-group summary:hover{color:var(--main)}#page-setting .setting-container details.setting-group summary::-webkit-details-marker{display:none}#page-setting .setting-container details.setting-group summary::after{content:"+";margin-left:8px;font-weight:600}#page-setting .setting-container details.setting-group[open] summary{border-bottom:1px solid var(--border)}#page-setting .setting-container details.setting-group[open] summary::after{content:"-"!important}#page-setting .setting-container details.setting-group ul{list-style:none}#page-setting .setting-container details.setting-group ul li{padding:4px 8px;color:var(--color);display:flex;flex-flow:row nowrap;align-items:center}#page-setting .setting-container details.setting-group div.setting-group-footer{padding:4px 8px;display:flex;flex-flow:column nowrap;align-items:flex-end;border-top:1px solid var(--border)}#page-setting .setting-container details.setting-group div.setting-group-footer>a{text-transform:uppercase;padding:8px 4px;font-size:.9em;font-weight:600}#page-setting .setting-container details.setting-group div.setting-group-footer>a:hover{color:var(--main)}#page-setting .setting-container details.setting-group div.setting-group-footer>a:focus{outline:0;color:var(--main);border-bottom:1px dashed var(--main)}#page-setting #setting-bookmarks,#page-setting #setting-display{display:flex;flex-flow:column nowrap}#page-setting #setting-bookmarks[open],#page-setting #setting-display[open]{padding-bottom:8px}#page-setting #setting-bookmarks[open] summary,#page-setting #setting-display[open] summary{margin-bottom:8px}#page-setting #setting-bookmarks label,#page-setting #setting-display label{padding:4px 8px;color:var(--color);display:flex;flex-flow:row nowrap;align-items:center;cursor:pointer}#page-setting #setting-bookmarks label:focus,#page-setting #setting-bookmarks label:hover,#page-setting #setting-display label:focus,#page-setting #setting-display label:hover{text-decoration:underline;text-decoration-color:var(--main)}#page-setting #setting-bookmarks label>input[type=checkbox],#page-setting #setting-display label>input[type=checkbox]{margin-right:8px}#page-setting #setting-accounts summary{margin-bottom:0}#page-setting #setting-accounts ul{list-style:none}#page-setting #setting-accounts ul li{padding:8px;display:flex;flex-flow:row nowrap;align-items:center}#page-setting #setting-accounts ul li:not(:last-child){border-bottom:1px solid var(--border)}#page-setting #setting-accounts ul li p{font-size:1em;color:var(--color);flex:1 0}#page-setting #setting-accounts ul li p span{color:var(--colorLink)}#page-setting #setting-accounts ul li a{margin-left:8px;color:var(--colorLink)}#page-setting #setting-accounts ul li a:hover{color:var(--main)}#page-setting #setting-system-info ul{padding-top:4px;padding-bottom:4px}#page-setting #setting-system-info ul li span{margin-left:8px}:root{--dialogHeaderBg:#292929;--colorDialogHeader:#fff}.custom-dialog-overlay{display:flex;flex-flow:column nowrap;align-items:center;justify-content:center;min-width:0;min-height:0;overflow:hidden;position:fixed;top:0;left:0;width:100%;width:100dvw;height:100%;height:100dvh;z-index:10001;background-color:rgba(0,0,0,.6);padding:32px}.custom-dialog-overlay .custom-dialog{display:flex;flex-flow:column nowrap;min-height:0;max-height:100%;max-width:100%;width:400px;overflow:auto;background-color:var(--contentBg);font-size:16px;resize:both}.custom-dialog-overlay .custom-dialog .custom-dialog-header{padding:16px;color:var(--colorDialogHeader);background-color:var(--dialogHeaderBg);font-weight:600;font-size:1em;text-transform:uppercase;border-bottom:1px solid var(--border)}.custom-dialog-overlay .custom-dialog .custom-dialog-body{padding:16px 16px 0;display:grid;max-height:100%;min-height:80px;min-width:0;overflow:auto;font-size:1em;grid-template-columns:max-content 1fr;align-content:start;align-items:baseline;grid-gap:16px;flex-grow:1}.custom-dialog-overlay .custom-dialog .custom-dialog-body::after{content:"";display:block;min-height:1px;grid-column-end:-1;grid-column-start:1}.custom-dialog-overlay .custom-dialog .custom-dialog-body .custom-dialog-content{grid-column-end:-1;grid-column-start:1;color:var(--color);align-self:baseline}.custom-dialog-overlay .custom-dialog .custom-dialog-body>label{color:var(--color);padding:8px 0;font-size:1em}.custom-dialog-overlay .custom-dialog .custom-dialog-body>input[type=password],.custom-dialog-overlay .custom-dialog .custom-dialog-body>input[type=text],.custom-dialog-overlay .custom-dialog .custom-dialog-body>textarea{color:var(--color);padding:8px;font-size:1em;border:1px solid var(--border);background-color:var(--contentBg);min-width:0}.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field{color:var(--color);font-size:1em;display:flex;flex-flow:row nowrap;padding:0;grid-column-start:1;grid-column-end:-1;cursor:pointer}.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field:focus,.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field:hover{text-decoration:underline;text-decoration-color:var(--main)}.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field>input[type=checkbox]{margin-right:8px}.custom-dialog-overlay .custom-dialog .custom-dialog-body>textarea{height:6em;min-height:37px;resize:vertical}.custom-dialog-overlay .custom-dialog .custom-dialog-body>.suggestion{position:absolute;display:block;padding:8px;background-color:var(--contentBg);border:1px solid var(--border);color:var(--color);font-size:.9em}.custom-dialog-overlay .custom-dialog .custom-dialog-footer{padding:16px;display:flex;flex-flow:row wrap;justify-content:flex-end;border-top:1px solid var(--border)}.custom-dialog-overlay .custom-dialog .custom-dialog-footer>a{padding:0 8px;font-size:.9em;font-weight:600;color:var(--color);text-transform:uppercase}.custom-dialog-overlay .custom-dialog .custom-dialog-footer>a:focus,.custom-dialog-overlay .custom-dialog .custom-dialog-footer>a:hover{outline:0;color:var(--main)}.custom-dialog-overlay .custom-dialog .custom-dialog-footer>i.fa-spinner.fa-spin{width:19px;line-height:19px;text-align:center;color:var(--color)}@media only screen and (max-width:768px){.custom-dialog-overlay{padding:0}.custom-dialog{width:100%!important;height:100%!important;resize:none!important}}.bookmark{display:flex;flex-flow:column nowrap;min-width:0;border:1px solid var(--border);background-color:var(--contentBg);height:100%;position:relative}.bookmark:focus .bookmark-menu>a,.bookmark:hover .bookmark-menu>a{display:block}.bookmark.selected{background-color:var(--selectedBg)}.bookmark .bookmark-selector{position:absolute;top:0;left:0;width:100%;height:100%;z-index:9}.bookmark .bookmark-link{display:block;cursor:default}.bookmark .bookmark-link[href]{cursor:pointer}.bookmark .bookmark-link[href]:focus .title,.bookmark .bookmark-link[href]:hover .title{color:var(--main)}.bookmark .bookmark-link span.thumbnail{width:100%;height:200px;display:block;background-size:cover;background-repeat:no-repeat;background-position:center center;margin-bottom:8px;border-bottom:1px solid var(--border)}.bookmark .bookmark-link .id{color:var(--color);border:1px solid var(--border);background-color:var(--contentBg);font-size:.7em;font-weight:700;left:-1px;top:-1px;position:absolute;padding:0 .3em;opacity:.7}.bookmark .bookmark-link .title{text-overflow:ellipsis;word-wrap:break-word;overflow:hidden;font-size:1.2em;line-height:1.3em;max-height:5.2em;font-weight:600;padding:0 16px;color:var(--color)}.bookmark .bookmark-link .title:first-child{margin-top:16px}.bookmark .bookmark-link .title i{color:var(--colorLink);margin-left:4px;font-size:14px}.bookmark .bookmark-link .excerpt{color:var(--color);margin-top:8px;padding:0 16px;text-overflow:ellipsis;word-wrap:break-word;overflow:hidden;font-size:.9em;line-height:1.5em;max-height:10.5em}.bookmark .bookmark-tags{display:flex;flex-flow:row wrap;margin:8px 0 -4px;padding:0 8px}.bookmark .bookmark-tags a{margin:4px;padding:4px 8px;font-size:.8em;font-weight:600;border:1px solid var(--border);border-radius:4px;color:var(--colorLink);background-color:var(--contentBg)}.bookmark .bookmark-tags a:focus,.bookmark .bookmark-tags a:hover{color:var(--main)}.bookmark .bookmark-menu{padding:8px 16px 16px;display:flex;flex-flow:row nowrap;min-width:0;min-height:0;align-items:center}.bookmark .bookmark-menu a{color:var(--colorLink);flex-shrink:0;opacity:.8;display:none;font-size:.9em}.bookmark .bookmark-menu a:not(:last-child){margin-right:12px}.bookmark .bookmark-menu a:focus,.bookmark .bookmark-menu a:hover{color:var(--main);opacity:1}.bookmark .bookmark-menu .url{flex:1 0;opacity:1;display:block;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;line-height:21px}.bookmark .bookmark-menu .url:not([href]){cursor:default;color:var(--colorLink)}@media (max-width:1024px){.bookmark .bookmark-menu a{display:block}}.bookmark.list{border-top-width:0;border-bottom-width:1px;padding:16px 24px 16px 100px}.bookmark.list:first-child{border-top-width:1px}.bookmark.list .bookmark-link span.thumbnail{position:absolute;top:0;left:0;width:100px;height:100%;margin-bottom:0;border-bottom:0;border-right:1px solid var(--border)}.bookmark.list .bookmark-link .title{margin:0;padding-left:24px}.bookmark.list .excerpt,.bookmark.list>.spacer{display:none}.bookmark.list .bookmark-tags{padding-left:16px;padding-right:0}.bookmark.list .bookmark-menu{padding:8px 0 0 24px;align-items:flex-end}.bookmark.list.no-thumbnail{padding-left:16px;padding-right:16px}.bookmark.list.no-thumbnail .bookmark-link .title{padding:0;margin-bottom:4px}.bookmark.list.no-thumbnail .excerpt{margin-top:0;margin-bottom:4px;padding:0;display:block}.bookmark.list.no-thumbnail .bookmark-tags{padding-left:0;margin:0 -4px 0}.bookmark.list.no-thumbnail .bookmark-menu{padding-top:0;padding-left:0}@media (max-width:600px){.bookmark.list{padding:8px 16px 8px 70px;border-width:0!important;border-bottom-width:1px!important}.bookmark.list .bookmark-link span.thumbnail{width:70px}.bookmark.list .bookmark-link .title{font-size:1.1em;font-weight:500;padding-left:16px}.bookmark.list .bookmark-tags{padding-left:8px}.bookmark.list .bookmark-menu{padding-left:16px}} \ No newline at end of file +@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:200;src:local('Source Sans Pro ExtraLight'),local('SourceSansPro-ExtraLight'),url(libs/fonts/source-sans-pro-v13-latin-200.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-200.woff) format('woff')}@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:400;src:local('Source Sans Pro Regular'),local('SourceSansPro-Regular'),url(libs/fonts/source-sans-pro-v13-latin-regular.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-regular.woff) format('woff')}@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:600;src:local('Source Sans Pro SemiBold'),local('SourceSansPro-SemiBold'),url(libs/fonts/source-sans-pro-v13-latin-600.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-600.woff) format('woff')}@font-face{font-family:'Source Sans Pro';font-style:normal;font-weight:700;src:local('Source Sans Pro Bold'),local('SourceSansPro-Bold'),url(libs/fonts/source-sans-pro-v13-latin-700.woff2) format('woff2'),url(libs/fonts/source-sans-pro-v13-latin-700.woff) format('woff')}.fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-left{float:left}.fa-pull-right{float:right}.fa.fa-pull-left,.fab.fa-pull-left,.fal.fa-pull-left,.far.fa-pull-left,.fas.fa-pull-left{margin-right:.3em}.fa.fa-pull-right,.fab.fa-pull-right,.fal.fa-pull-right,.far.fa-pull-right,.fas.fa-pull-right{margin-left:.3em}.fa-spin{animation:fa-spin 2s infinite linear}.fa-pulse{animation:fa-spin 1s infinite steps(8)}@keyframes fa-spin{0%{transform:rotate(0)}to{transform:rotate(1turn)}}.fa-rotate-90{transform:rotate(90deg)}.fa-rotate-180{transform:rotate(180deg)}.fa-rotate-270{transform:rotate(270deg)}.fa-flip-horizontal{transform:scaleX(-1)}.fa-flip-vertical{transform:scaleY(-1)}.fa-flip-both,.fa-flip-horizontal.fa-flip-vertical{transform:scale(-1)}:root .fa-flip-both,:root .fa-flip-horizontal,:root .fa-flip-vertical,:root .fa-rotate-180,:root .fa-rotate-270,:root .fa-rotate-90{filter:none}.fa-stack{display:inline-block;height:2em;line-height:2em;position:relative;vertical-align:middle;width:2.5em}.fa-stack-1x,.fa-stack-2x{left:0;position:absolute;text-align:center;width:100%}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-500px:before{content:"\f26e"}.fa-accessible-icon:before{content:"\f368"}.fa-accusoft:before{content:"\f369"}.fa-acquisitions-incorporated:before{content:"\f6af"}.fa-ad:before{content:"\f641"}.fa-address-book:before{content:"\f2b9"}.fa-address-card:before{content:"\f2bb"}.fa-adjust:before{content:"\f042"}.fa-adn:before{content:"\f170"}.fa-adobe:before{content:"\f778"}.fa-adversal:before{content:"\f36a"}.fa-affiliatetheme:before{content:"\f36b"}.fa-air-freshener:before{content:"\f5d0"}.fa-algolia:before{content:"\f36c"}.fa-align-center:before{content:"\f037"}.fa-align-justify:before{content:"\f039"}.fa-align-left:before{content:"\f036"}.fa-align-right:before{content:"\f038"}.fa-alipay:before{content:"\f642"}.fa-allergies:before{content:"\f461"}.fa-amazon:before{content:"\f270"}.fa-amazon-pay:before{content:"\f42c"}.fa-ambulance:before{content:"\f0f9"}.fa-american-sign-language-interpreting:before{content:"\f2a3"}.fa-amilia:before{content:"\f36d"}.fa-anchor:before{content:"\f13d"}.fa-android:before{content:"\f17b"}.fa-angellist:before{content:"\f209"}.fa-angle-double-down:before{content:"\f103"}.fa-angle-double-left:before{content:"\f100"}.fa-angle-double-right:before{content:"\f101"}.fa-angle-double-up:before{content:"\f102"}.fa-angle-down:before{content:"\f107"}.fa-angle-left:before{content:"\f104"}.fa-angle-right:before{content:"\f105"}.fa-angle-up:before{content:"\f106"}.fa-angry:before{content:"\f556"}.fa-angrycreative:before{content:"\f36e"}.fa-angular:before{content:"\f420"}.fa-ankh:before{content:"\f644"}.fa-app-store:before{content:"\f36f"}.fa-app-store-ios:before{content:"\f370"}.fa-apper:before{content:"\f371"}.fa-apple:before{content:"\f179"}.fa-apple-alt:before{content:"\f5d1"}.fa-apple-pay:before{content:"\f415"}.fa-archive:before{content:"\f187"}.fa-archway:before{content:"\f557"}.fa-arrow-alt-circle-down:before{content:"\f358"}.fa-arrow-alt-circle-left:before{content:"\f359"}.fa-arrow-alt-circle-right:before{content:"\f35a"}.fa-arrow-alt-circle-up:before{content:"\f35b"}.fa-arrow-circle-down:before{content:"\f0ab"}.fa-arrow-circle-left:before{content:"\f0a8"}.fa-arrow-circle-right:before{content:"\f0a9"}.fa-arrow-circle-up:before{content:"\f0aa"}.fa-arrow-down:before{content:"\f063"}.fa-arrow-left:before{content:"\f060"}.fa-arrow-right:before{content:"\f061"}.fa-arrow-up:before{content:"\f062"}.fa-arrows-alt:before{content:"\f0b2"}.fa-arrows-alt-h:before{content:"\f337"}.fa-arrows-alt-v:before{content:"\f338"}.fa-artstation:before{content:"\f77a"}.fa-assistive-listening-systems:before{content:"\f2a2"}.fa-asterisk:before{content:"\f069"}.fa-asymmetrik:before{content:"\f372"}.fa-at:before{content:"\f1fa"}.fa-atlas:before{content:"\f558"}.fa-atlassian:before{content:"\f77b"}.fa-atom:before{content:"\f5d2"}.fa-audible:before{content:"\f373"}.fa-audio-description:before{content:"\f29e"}.fa-autoprefixer:before{content:"\f41c"}.fa-avianex:before{content:"\f374"}.fa-aviato:before{content:"\f421"}.fa-award:before{content:"\f559"}.fa-aws:before{content:"\f375"}.fa-baby:before{content:"\f77c"}.fa-baby-carriage:before{content:"\f77d"}.fa-backspace:before{content:"\f55a"}.fa-backward:before{content:"\f04a"}.fa-bacon:before{content:"\f7e5"}.fa-balance-scale:before{content:"\f24e"}.fa-ban:before{content:"\f05e"}.fa-band-aid:before{content:"\f462"}.fa-bandcamp:before{content:"\f2d5"}.fa-barcode:before{content:"\f02a"}.fa-bars:before{content:"\f0c9"}.fa-baseball-ball:before{content:"\f433"}.fa-basketball-ball:before{content:"\f434"}.fa-bath:before{content:"\f2cd"}.fa-battery-empty:before{content:"\f244"}.fa-battery-full:before{content:"\f240"}.fa-battery-half:before{content:"\f242"}.fa-battery-quarter:before{content:"\f243"}.fa-battery-three-quarters:before{content:"\f241"}.fa-bed:before{content:"\f236"}.fa-beer:before{content:"\f0fc"}.fa-behance:before{content:"\f1b4"}.fa-behance-square:before{content:"\f1b5"}.fa-bell:before{content:"\f0f3"}.fa-bell-slash:before{content:"\f1f6"}.fa-bezier-curve:before{content:"\f55b"}.fa-bible:before{content:"\f647"}.fa-bicycle:before{content:"\f206"}.fa-bimobject:before{content:"\f378"}.fa-binoculars:before{content:"\f1e5"}.fa-biohazard:before{content:"\f780"}.fa-birthday-cake:before{content:"\f1fd"}.fa-bitbucket:before{content:"\f171"}.fa-bitcoin:before{content:"\f379"}.fa-bity:before{content:"\f37a"}.fa-black-tie:before{content:"\f27e"}.fa-blackberry:before{content:"\f37b"}.fa-blender:before{content:"\f517"}.fa-blender-phone:before{content:"\f6b6"}.fa-blind:before{content:"\f29d"}.fa-blog:before{content:"\f781"}.fa-blogger:before{content:"\f37c"}.fa-blogger-b:before{content:"\f37d"}.fa-bluetooth:before{content:"\f293"}.fa-bluetooth-b:before{content:"\f294"}.fa-bold:before{content:"\f032"}.fa-bolt:before{content:"\f0e7"}.fa-bomb:before{content:"\f1e2"}.fa-bone:before{content:"\f5d7"}.fa-bong:before{content:"\f55c"}.fa-book:before{content:"\f02d"}.fa-book-dead:before{content:"\f6b7"}.fa-book-medical:before{content:"\f7e6"}.fa-book-open:before{content:"\f518"}.fa-book-reader:before{content:"\f5da"}.fa-bookmark:before{content:"\f02e"}.fa-bowling-ball:before{content:"\f436"}.fa-box:before{content:"\f466"}.fa-box-open:before{content:"\f49e"}.fa-boxes:before{content:"\f468"}.fa-braille:before{content:"\f2a1"}.fa-brain:before{content:"\f5dc"}.fa-bread-slice:before{content:"\f7ec"}.fa-briefcase:before{content:"\f0b1"}.fa-briefcase-medical:before{content:"\f469"}.fa-broadcast-tower:before{content:"\f519"}.fa-broom:before{content:"\f51a"}.fa-brush:before{content:"\f55d"}.fa-btc:before{content:"\f15a"}.fa-bug:before{content:"\f188"}.fa-building:before{content:"\f1ad"}.fa-bullhorn:before{content:"\f0a1"}.fa-bullseye:before{content:"\f140"}.fa-burn:before{content:"\f46a"}.fa-buromobelexperte:before{content:"\f37f"}.fa-bus:before{content:"\f207"}.fa-bus-alt:before{content:"\f55e"}.fa-business-time:before{content:"\f64a"}.fa-buysellads:before{content:"\f20d"}.fa-calculator:before{content:"\f1ec"}.fa-calendar:before{content:"\f133"}.fa-calendar-alt:before{content:"\f073"}.fa-calendar-check:before{content:"\f274"}.fa-calendar-day:before{content:"\f783"}.fa-calendar-minus:before{content:"\f272"}.fa-calendar-plus:before{content:"\f271"}.fa-calendar-times:before{content:"\f273"}.fa-calendar-week:before{content:"\f784"}.fa-camera:before{content:"\f030"}.fa-camera-retro:before{content:"\f083"}.fa-campground:before{content:"\f6bb"}.fa-canadian-maple-leaf:before{content:"\f785"}.fa-candy-cane:before{content:"\f786"}.fa-cannabis:before{content:"\f55f"}.fa-capsules:before{content:"\f46b"}.fa-car:before{content:"\f1b9"}.fa-car-alt:before{content:"\f5de"}.fa-car-battery:before{content:"\f5df"}.fa-car-crash:before{content:"\f5e1"}.fa-car-side:before{content:"\f5e4"}.fa-caret-down:before{content:"\f0d7"}.fa-caret-left:before{content:"\f0d9"}.fa-caret-right:before{content:"\f0da"}.fa-caret-square-down:before{content:"\f150"}.fa-caret-square-left:before{content:"\f191"}.fa-caret-square-right:before{content:"\f152"}.fa-caret-square-up:before{content:"\f151"}.fa-caret-up:before{content:"\f0d8"}.fa-carrot:before{content:"\f787"}.fa-cart-arrow-down:before{content:"\f218"}.fa-cart-plus:before{content:"\f217"}.fa-cash-register:before{content:"\f788"}.fa-cat:before{content:"\f6be"}.fa-cc-amazon-pay:before{content:"\f42d"}.fa-cc-amex:before{content:"\f1f3"}.fa-cc-apple-pay:before{content:"\f416"}.fa-cc-diners-club:before{content:"\f24c"}.fa-cc-discover:before{content:"\f1f2"}.fa-cc-jcb:before{content:"\f24b"}.fa-cc-mastercard:before{content:"\f1f1"}.fa-cc-paypal:before{content:"\f1f4"}.fa-cc-stripe:before{content:"\f1f5"}.fa-cc-visa:before{content:"\f1f0"}.fa-centercode:before{content:"\f380"}.fa-centos:before{content:"\f789"}.fa-certificate:before{content:"\f0a3"}.fa-chair:before{content:"\f6c0"}.fa-chalkboard:before{content:"\f51b"}.fa-chalkboard-teacher:before{content:"\f51c"}.fa-charging-station:before{content:"\f5e7"}.fa-chart-area:before{content:"\f1fe"}.fa-chart-bar:before{content:"\f080"}.fa-chart-line:before{content:"\f201"}.fa-chart-pie:before{content:"\f200"}.fa-check:before{content:"\f00c"}.fa-check-circle:before{content:"\f058"}.fa-check-double:before{content:"\f560"}.fa-check-square:before{content:"\f14a"}.fa-cheese:before{content:"\f7ef"}.fa-chess:before{content:"\f439"}.fa-chess-bishop:before{content:"\f43a"}.fa-chess-board:before{content:"\f43c"}.fa-chess-king:before{content:"\f43f"}.fa-chess-knight:before{content:"\f441"}.fa-chess-pawn:before{content:"\f443"}.fa-chess-queen:before{content:"\f445"}.fa-chess-rook:before{content:"\f447"}.fa-chevron-circle-down:before{content:"\f13a"}.fa-chevron-circle-left:before{content:"\f137"}.fa-chevron-circle-right:before{content:"\f138"}.fa-chevron-circle-up:before{content:"\f139"}.fa-chevron-down:before{content:"\f078"}.fa-chevron-left:before{content:"\f053"}.fa-chevron-right:before{content:"\f054"}.fa-chevron-up:before{content:"\f077"}.fa-child:before{content:"\f1ae"}.fa-chrome:before{content:"\f268"}.fa-church:before{content:"\f51d"}.fa-circle:before{content:"\f111"}.fa-circle-notch:before{content:"\f1ce"}.fa-city:before{content:"\f64f"}.fa-clinic-medical:before{content:"\f7f2"}.fa-clipboard:before{content:"\f328"}.fa-clipboard-check:before{content:"\f46c"}.fa-clipboard-list:before{content:"\f46d"}.fa-clock:before{content:"\f017"}.fa-clone:before{content:"\f24d"}.fa-closed-captioning:before{content:"\f20a"}.fa-cloud:before{content:"\f0c2"}.fa-cloud-download-alt:before{content:"\f381"}.fa-cloud-meatball:before{content:"\f73b"}.fa-cloud-moon:before{content:"\f6c3"}.fa-cloud-moon-rain:before{content:"\f73c"}.fa-cloud-rain:before{content:"\f73d"}.fa-cloud-showers-heavy:before{content:"\f740"}.fa-cloud-sun:before{content:"\f6c4"}.fa-cloud-sun-rain:before{content:"\f743"}.fa-cloud-upload-alt:before{content:"\f382"}.fa-cloudscale:before{content:"\f383"}.fa-cloudsmith:before{content:"\f384"}.fa-cloudversify:before{content:"\f385"}.fa-cocktail:before{content:"\f561"}.fa-code:before{content:"\f121"}.fa-code-branch:before{content:"\f126"}.fa-codepen:before{content:"\f1cb"}.fa-codiepie:before{content:"\f284"}.fa-coffee:before{content:"\f0f4"}.fa-cog:before{content:"\f013"}.fa-cogs:before{content:"\f085"}.fa-coins:before{content:"\f51e"}.fa-columns:before{content:"\f0db"}.fa-comment:before{content:"\f075"}.fa-comment-alt:before{content:"\f27a"}.fa-comment-dollar:before{content:"\f651"}.fa-comment-dots:before{content:"\f4ad"}.fa-comment-medical:before{content:"\f7f5"}.fa-comment-slash:before{content:"\f4b3"}.fa-comments:before{content:"\f086"}.fa-comments-dollar:before{content:"\f653"}.fa-compact-disc:before{content:"\f51f"}.fa-compass:before{content:"\f14e"}.fa-compress:before{content:"\f066"}.fa-compress-arrows-alt:before{content:"\f78c"}.fa-concierge-bell:before{content:"\f562"}.fa-confluence:before{content:"\f78d"}.fa-connectdevelop:before{content:"\f20e"}.fa-contao:before{content:"\f26d"}.fa-cookie:before{content:"\f563"}.fa-cookie-bite:before{content:"\f564"}.fa-copy:before{content:"\f0c5"}.fa-copyright:before{content:"\f1f9"}.fa-couch:before{content:"\f4b8"}.fa-cpanel:before{content:"\f388"}.fa-creative-commons:before{content:"\f25e"}.fa-creative-commons-by:before{content:"\f4e7"}.fa-creative-commons-nc:before{content:"\f4e8"}.fa-creative-commons-nc-eu:before{content:"\f4e9"}.fa-creative-commons-nc-jp:before{content:"\f4ea"}.fa-creative-commons-nd:before{content:"\f4eb"}.fa-creative-commons-pd:before{content:"\f4ec"}.fa-creative-commons-pd-alt:before{content:"\f4ed"}.fa-creative-commons-remix:before{content:"\f4ee"}.fa-creative-commons-sa:before{content:"\f4ef"}.fa-creative-commons-sampling:before{content:"\f4f0"}.fa-creative-commons-sampling-plus:before{content:"\f4f1"}.fa-creative-commons-share:before{content:"\f4f2"}.fa-creative-commons-zero:before{content:"\f4f3"}.fa-credit-card:before{content:"\f09d"}.fa-critical-role:before{content:"\f6c9"}.fa-crop:before{content:"\f125"}.fa-crop-alt:before{content:"\f565"}.fa-cross:before{content:"\f654"}.fa-crosshairs:before{content:"\f05b"}.fa-crow:before{content:"\f520"}.fa-crown:before{content:"\f521"}.fa-crutch:before{content:"\f7f7"}.fa-css3:before{content:"\f13c"}.fa-css3-alt:before{content:"\f38b"}.fa-cube:before{content:"\f1b2"}.fa-cubes:before{content:"\f1b3"}.fa-cut:before{content:"\f0c4"}.fa-cuttlefish:before{content:"\f38c"}.fa-d-and-d:before{content:"\f38d"}.fa-d-and-d-beyond:before{content:"\f6ca"}.fa-dashcube:before{content:"\f210"}.fa-database:before{content:"\f1c0"}.fa-deaf:before{content:"\f2a4"}.fa-delicious:before{content:"\f1a5"}.fa-democrat:before{content:"\f747"}.fa-deploydog:before{content:"\f38e"}.fa-deskpro:before{content:"\f38f"}.fa-desktop:before{content:"\f108"}.fa-dev:before{content:"\f6cc"}.fa-deviantart:before{content:"\f1bd"}.fa-dharmachakra:before{content:"\f655"}.fa-dhl:before{content:"\f790"}.fa-diagnoses:before{content:"\f470"}.fa-diaspora:before{content:"\f791"}.fa-dice:before{content:"\f522"}.fa-dice-d20:before{content:"\f6cf"}.fa-dice-d6:before{content:"\f6d1"}.fa-dice-five:before{content:"\f523"}.fa-dice-four:before{content:"\f524"}.fa-dice-one:before{content:"\f525"}.fa-dice-six:before{content:"\f526"}.fa-dice-three:before{content:"\f527"}.fa-dice-two:before{content:"\f528"}.fa-digg:before{content:"\f1a6"}.fa-digital-ocean:before{content:"\f391"}.fa-digital-tachograph:before{content:"\f566"}.fa-directions:before{content:"\f5eb"}.fa-discord:before{content:"\f392"}.fa-discourse:before{content:"\f393"}.fa-divide:before{content:"\f529"}.fa-dizzy:before{content:"\f567"}.fa-dna:before{content:"\f471"}.fa-dochub:before{content:"\f394"}.fa-docker:before{content:"\f395"}.fa-dog:before{content:"\f6d3"}.fa-dollar-sign:before{content:"\f155"}.fa-dolly:before{content:"\f472"}.fa-dolly-flatbed:before{content:"\f474"}.fa-donate:before{content:"\f4b9"}.fa-door-closed:before{content:"\f52a"}.fa-door-open:before{content:"\f52b"}.fa-dot-circle:before{content:"\f192"}.fa-dove:before{content:"\f4ba"}.fa-download:before{content:"\f019"}.fa-draft2digital:before{content:"\f396"}.fa-drafting-compass:before{content:"\f568"}.fa-dragon:before{content:"\f6d5"}.fa-draw-polygon:before{content:"\f5ee"}.fa-dribbble:before{content:"\f17d"}.fa-dribbble-square:before{content:"\f397"}.fa-dropbox:before{content:"\f16b"}.fa-drum:before{content:"\f569"}.fa-drum-steelpan:before{content:"\f56a"}.fa-drumstick-bite:before{content:"\f6d7"}.fa-drupal:before{content:"\f1a9"}.fa-dumbbell:before{content:"\f44b"}.fa-dumpster:before{content:"\f793"}.fa-dumpster-fire:before{content:"\f794"}.fa-dungeon:before{content:"\f6d9"}.fa-dyalog:before{content:"\f399"}.fa-earlybirds:before{content:"\f39a"}.fa-ebay:before{content:"\f4f4"}.fa-edge:before{content:"\f282"}.fa-edit:before{content:"\f044"}.fa-egg:before{content:"\f7fb"}.fa-eject:before{content:"\f052"}.fa-elementor:before{content:"\f430"}.fa-ellipsis-h:before{content:"\f141"}.fa-ellipsis-v:before{content:"\f142"}.fa-ello:before{content:"\f5f1"}.fa-ember:before{content:"\f423"}.fa-empire:before{content:"\f1d1"}.fa-envelope:before{content:"\f0e0"}.fa-envelope-open:before{content:"\f2b6"}.fa-envelope-open-text:before{content:"\f658"}.fa-envelope-square:before{content:"\f199"}.fa-envira:before{content:"\f299"}.fa-equals:before{content:"\f52c"}.fa-eraser:before{content:"\f12d"}.fa-erlang:before{content:"\f39d"}.fa-ethereum:before{content:"\f42e"}.fa-ethernet:before{content:"\f796"}.fa-etsy:before{content:"\f2d7"}.fa-euro-sign:before{content:"\f153"}.fa-exchange-alt:before{content:"\f362"}.fa-exclamation:before{content:"\f12a"}.fa-exclamation-circle:before{content:"\f06a"}.fa-exclamation-triangle:before{content:"\f071"}.fa-expand:before{content:"\f065"}.fa-expand-arrows-alt:before{content:"\f31e"}.fa-expeditedssl:before{content:"\f23e"}.fa-external-link-alt:before{content:"\f35d"}.fa-external-link-square-alt:before{content:"\f360"}.fa-eye:before{content:"\f06e"}.fa-eye-dropper:before{content:"\f1fb"}.fa-eye-slash:before{content:"\f070"}.fa-facebook:before{content:"\f09a"}.fa-facebook-f:before{content:"\f39e"}.fa-facebook-messenger:before{content:"\f39f"}.fa-facebook-square:before{content:"\f082"}.fa-fantasy-flight-games:before{content:"\f6dc"}.fa-fast-backward:before{content:"\f049"}.fa-fast-forward:before{content:"\f050"}.fa-fax:before{content:"\f1ac"}.fa-feather:before{content:"\f52d"}.fa-feather-alt:before{content:"\f56b"}.fa-fedex:before{content:"\f797"}.fa-fedora:before{content:"\f798"}.fa-female:before{content:"\f182"}.fa-fighter-jet:before{content:"\f0fb"}.fa-figma:before{content:"\f799"}.fa-file:before{content:"\f15b"}.fa-file-alt:before{content:"\f15c"}.fa-file-archive:before{content:"\f1c6"}.fa-file-audio:before{content:"\f1c7"}.fa-file-code:before{content:"\f1c9"}.fa-file-contract:before{content:"\f56c"}.fa-file-csv:before{content:"\f6dd"}.fa-file-download:before{content:"\f56d"}.fa-file-excel:before{content:"\f1c3"}.fa-file-export:before{content:"\f56e"}.fa-file-image:before{content:"\f1c5"}.fa-file-import:before{content:"\f56f"}.fa-file-invoice:before{content:"\f570"}.fa-file-invoice-dollar:before{content:"\f571"}.fa-file-medical:before{content:"\f477"}.fa-file-medical-alt:before{content:"\f478"}.fa-file-pdf:before{content:"\f1c1"}.fa-file-powerpoint:before{content:"\f1c4"}.fa-file-prescription:before{content:"\f572"}.fa-file-signature:before{content:"\f573"}.fa-file-upload:before{content:"\f574"}.fa-file-video:before{content:"\f1c8"}.fa-file-word:before{content:"\f1c2"}.fa-fill:before{content:"\f575"}.fa-fill-drip:before{content:"\f576"}.fa-film:before{content:"\f008"}.fa-filter:before{content:"\f0b0"}.fa-fingerprint:before{content:"\f577"}.fa-fire:before{content:"\f06d"}.fa-fire-alt:before{content:"\f7e4"}.fa-fire-extinguisher:before{content:"\f134"}.fa-firefox:before{content:"\f269"}.fa-first-aid:before{content:"\f479"}.fa-first-order:before{content:"\f2b0"}.fa-first-order-alt:before{content:"\f50a"}.fa-firstdraft:before{content:"\f3a1"}.fa-fish:before{content:"\f578"}.fa-fist-raised:before{content:"\f6de"}.fa-flag:before{content:"\f024"}.fa-flag-checkered:before{content:"\f11e"}.fa-flag-usa:before{content:"\f74d"}.fa-flask:before{content:"\f0c3"}.fa-flickr:before{content:"\f16e"}.fa-flipboard:before{content:"\f44d"}.fa-flushed:before{content:"\f579"}.fa-fly:before{content:"\f417"}.fa-folder:before{content:"\f07b"}.fa-folder-minus:before{content:"\f65d"}.fa-folder-open:before{content:"\f07c"}.fa-folder-plus:before{content:"\f65e"}.fa-font:before{content:"\f031"}.fa-font-awesome:before{content:"\f2b4"}.fa-font-awesome-alt:before{content:"\f35c"}.fa-font-awesome-flag:before{content:"\f425"}.fa-font-awesome-logo-full:before{content:"\f4e6"}.fa-fonticons:before{content:"\f280"}.fa-fonticons-fi:before{content:"\f3a2"}.fa-football-ball:before{content:"\f44e"}.fa-fort-awesome:before{content:"\f286"}.fa-fort-awesome-alt:before{content:"\f3a3"}.fa-forumbee:before{content:"\f211"}.fa-forward:before{content:"\f04e"}.fa-foursquare:before{content:"\f180"}.fa-free-code-camp:before{content:"\f2c5"}.fa-freebsd:before{content:"\f3a4"}.fa-frog:before{content:"\f52e"}.fa-frown:before{content:"\f119"}.fa-frown-open:before{content:"\f57a"}.fa-fulcrum:before{content:"\f50b"}.fa-funnel-dollar:before{content:"\f662"}.fa-futbol:before{content:"\f1e3"}.fa-galactic-republic:before{content:"\f50c"}.fa-galactic-senate:before{content:"\f50d"}.fa-gamepad:before{content:"\f11b"}.fa-gas-pump:before{content:"\f52f"}.fa-gavel:before{content:"\f0e3"}.fa-gem:before{content:"\f3a5"}.fa-genderless:before{content:"\f22d"}.fa-get-pocket:before{content:"\f265"}.fa-gg:before{content:"\f260"}.fa-gg-circle:before{content:"\f261"}.fa-ghost:before{content:"\f6e2"}.fa-gift:before{content:"\f06b"}.fa-gifts:before{content:"\f79c"}.fa-git:before{content:"\f1d3"}.fa-git-square:before{content:"\f1d2"}.fa-github:before{content:"\f09b"}.fa-github-alt:before{content:"\f113"}.fa-github-square:before{content:"\f092"}.fa-gitkraken:before{content:"\f3a6"}.fa-gitlab:before{content:"\f296"}.fa-gitter:before{content:"\f426"}.fa-glass-cheers:before{content:"\f79f"}.fa-glass-martini:before{content:"\f000"}.fa-glass-martini-alt:before{content:"\f57b"}.fa-glass-whiskey:before{content:"\f7a0"}.fa-glasses:before{content:"\f530"}.fa-glide:before{content:"\f2a5"}.fa-glide-g:before{content:"\f2a6"}.fa-globe:before{content:"\f0ac"}.fa-globe-africa:before{content:"\f57c"}.fa-globe-americas:before{content:"\f57d"}.fa-globe-asia:before{content:"\f57e"}.fa-globe-europe:before{content:"\f7a2"}.fa-gofore:before{content:"\f3a7"}.fa-golf-ball:before{content:"\f450"}.fa-goodreads:before{content:"\f3a8"}.fa-goodreads-g:before{content:"\f3a9"}.fa-google:before{content:"\f1a0"}.fa-google-drive:before{content:"\f3aa"}.fa-google-play:before{content:"\f3ab"}.fa-google-plus:before{content:"\f2b3"}.fa-google-plus-g:before{content:"\f0d5"}.fa-google-plus-square:before{content:"\f0d4"}.fa-google-wallet:before{content:"\f1ee"}.fa-gopuram:before{content:"\f664"}.fa-graduation-cap:before{content:"\f19d"}.fa-gratipay:before{content:"\f184"}.fa-grav:before{content:"\f2d6"}.fa-greater-than:before{content:"\f531"}.fa-greater-than-equal:before{content:"\f532"}.fa-grimace:before{content:"\f57f"}.fa-grin:before{content:"\f580"}.fa-grin-alt:before{content:"\f581"}.fa-grin-beam:before{content:"\f582"}.fa-grin-beam-sweat:before{content:"\f583"}.fa-grin-hearts:before{content:"\f584"}.fa-grin-squint:before{content:"\f585"}.fa-grin-squint-tears:before{content:"\f586"}.fa-grin-stars:before{content:"\f587"}.fa-grin-tears:before{content:"\f588"}.fa-grin-tongue:before{content:"\f589"}.fa-grin-tongue-squint:before{content:"\f58a"}.fa-grin-tongue-wink:before{content:"\f58b"}.fa-grin-wink:before{content:"\f58c"}.fa-grip-horizontal:before{content:"\f58d"}.fa-grip-lines:before{content:"\f7a4"}.fa-grip-lines-vertical:before{content:"\f7a5"}.fa-grip-vertical:before{content:"\f58e"}.fa-gripfire:before{content:"\f3ac"}.fa-grunt:before{content:"\f3ad"}.fa-guitar:before{content:"\f7a6"}.fa-gulp:before{content:"\f3ae"}.fa-h-square:before{content:"\f0fd"}.fa-hacker-news:before{content:"\f1d4"}.fa-hacker-news-square:before{content:"\f3af"}.fa-hackerrank:before{content:"\f5f7"}.fa-hamburger:before{content:"\f805"}.fa-hammer:before{content:"\f6e3"}.fa-hamsa:before{content:"\f665"}.fa-hand-holding:before{content:"\f4bd"}.fa-hand-holding-heart:before{content:"\f4be"}.fa-hand-holding-usd:before{content:"\f4c0"}.fa-hand-lizard:before{content:"\f258"}.fa-hand-middle-finger:before{content:"\f806"}.fa-hand-paper:before{content:"\f256"}.fa-hand-peace:before{content:"\f25b"}.fa-hand-point-down:before{content:"\f0a7"}.fa-hand-point-left:before{content:"\f0a5"}.fa-hand-point-right:before{content:"\f0a4"}.fa-hand-point-up:before{content:"\f0a6"}.fa-hand-pointer:before{content:"\f25a"}.fa-hand-rock:before{content:"\f255"}.fa-hand-scissors:before{content:"\f257"}.fa-hand-spock:before{content:"\f259"}.fa-hands:before{content:"\f4c2"}.fa-hands-helping:before{content:"\f4c4"}.fa-handshake:before{content:"\f2b5"}.fa-hanukiah:before{content:"\f6e6"}.fa-hard-hat:before{content:"\f807"}.fa-hashtag:before{content:"\f292"}.fa-hat-wizard:before{content:"\f6e8"}.fa-haykal:before{content:"\f666"}.fa-hdd:before{content:"\f0a0"}.fa-heading:before{content:"\f1dc"}.fa-headphones:before{content:"\f025"}.fa-headphones-alt:before{content:"\f58f"}.fa-headset:before{content:"\f590"}.fa-heart:before{content:"\f004"}.fa-heart-broken:before{content:"\f7a9"}.fa-heartbeat:before{content:"\f21e"}.fa-helicopter:before{content:"\f533"}.fa-highlighter:before{content:"\f591"}.fa-hiking:before{content:"\f6ec"}.fa-hippo:before{content:"\f6ed"}.fa-hips:before{content:"\f452"}.fa-hire-a-helper:before{content:"\f3b0"}.fa-history:before{content:"\f1da"}.fa-hockey-puck:before{content:"\f453"}.fa-holly-berry:before{content:"\f7aa"}.fa-home:before{content:"\f015"}.fa-hooli:before{content:"\f427"}.fa-hornbill:before{content:"\f592"}.fa-horse:before{content:"\f6f0"}.fa-horse-head:before{content:"\f7ab"}.fa-hospital:before{content:"\f0f8"}.fa-hospital-alt:before{content:"\f47d"}.fa-hospital-symbol:before{content:"\f47e"}.fa-hot-tub:before{content:"\f593"}.fa-hotdog:before{content:"\f80f"}.fa-hotel:before{content:"\f594"}.fa-hotjar:before{content:"\f3b1"}.fa-hourglass:before{content:"\f254"}.fa-hourglass-end:before{content:"\f253"}.fa-hourglass-half:before{content:"\f252"}.fa-hourglass-start:before{content:"\f251"}.fa-house-damage:before{content:"\f6f1"}.fa-houzz:before{content:"\f27c"}.fa-hryvnia:before{content:"\f6f2"}.fa-html5:before{content:"\f13b"}.fa-hubspot:before{content:"\f3b2"}.fa-i-cursor:before{content:"\f246"}.fa-ice-cream:before{content:"\f810"}.fa-icicles:before{content:"\f7ad"}.fa-id-badge:before{content:"\f2c1"}.fa-id-card:before{content:"\f2c2"}.fa-id-card-alt:before{content:"\f47f"}.fa-igloo:before{content:"\f7ae"}.fa-image:before{content:"\f03e"}.fa-images:before{content:"\f302"}.fa-imdb:before{content:"\f2d8"}.fa-inbox:before{content:"\f01c"}.fa-indent:before{content:"\f03c"}.fa-industry:before{content:"\f275"}.fa-infinity:before{content:"\f534"}.fa-info:before{content:"\f129"}.fa-info-circle:before{content:"\f05a"}.fa-instagram:before{content:"\f16d"}.fa-intercom:before{content:"\f7af"}.fa-internet-explorer:before{content:"\f26b"}.fa-invision:before{content:"\f7b0"}.fa-ioxhost:before{content:"\f208"}.fa-italic:before{content:"\f033"}.fa-itunes:before{content:"\f3b4"}.fa-itunes-note:before{content:"\f3b5"}.fa-java:before{content:"\f4e4"}.fa-jedi:before{content:"\f669"}.fa-jedi-order:before{content:"\f50e"}.fa-jenkins:before{content:"\f3b6"}.fa-jira:before{content:"\f7b1"}.fa-joget:before{content:"\f3b7"}.fa-joint:before{content:"\f595"}.fa-joomla:before{content:"\f1aa"}.fa-journal-whills:before{content:"\f66a"}.fa-js:before{content:"\f3b8"}.fa-js-square:before{content:"\f3b9"}.fa-jsfiddle:before{content:"\f1cc"}.fa-kaaba:before{content:"\f66b"}.fa-kaggle:before{content:"\f5fa"}.fa-key:before{content:"\f084"}.fa-keybase:before{content:"\f4f5"}.fa-keyboard:before{content:"\f11c"}.fa-keycdn:before{content:"\f3ba"}.fa-khanda:before{content:"\f66d"}.fa-kickstarter:before{content:"\f3bb"}.fa-kickstarter-k:before{content:"\f3bc"}.fa-kiss:before{content:"\f596"}.fa-kiss-beam:before{content:"\f597"}.fa-kiss-wink-heart:before{content:"\f598"}.fa-kiwi-bird:before{content:"\f535"}.fa-korvue:before{content:"\f42f"}.fa-landmark:before{content:"\f66f"}.fa-language:before{content:"\f1ab"}.fa-laptop:before{content:"\f109"}.fa-laptop-code:before{content:"\f5fc"}.fa-laptop-medical:before{content:"\f812"}.fa-laravel:before{content:"\f3bd"}.fa-lastfm:before{content:"\f202"}.fa-lastfm-square:before{content:"\f203"}.fa-laugh:before{content:"\f599"}.fa-laugh-beam:before{content:"\f59a"}.fa-laugh-squint:before{content:"\f59b"}.fa-laugh-wink:before{content:"\f59c"}.fa-layer-group:before{content:"\f5fd"}.fa-leaf:before{content:"\f06c"}.fa-leanpub:before{content:"\f212"}.fa-lemon:before{content:"\f094"}.fa-less:before{content:"\f41d"}.fa-less-than:before{content:"\f536"}.fa-less-than-equal:before{content:"\f537"}.fa-level-down-alt:before{content:"\f3be"}.fa-level-up-alt:before{content:"\f3bf"}.fa-life-ring:before{content:"\f1cd"}.fa-lightbulb:before{content:"\f0eb"}.fa-line:before{content:"\f3c0"}.fa-link:before{content:"\f0c1"}.fa-linkedin:before{content:"\f08c"}.fa-linkedin-in:before{content:"\f0e1"}.fa-linode:before{content:"\f2b8"}.fa-linux:before{content:"\f17c"}.fa-lira-sign:before{content:"\f195"}.fa-list:before{content:"\f03a"}.fa-list-alt:before{content:"\f022"}.fa-list-ol:before{content:"\f0cb"}.fa-list-ul:before{content:"\f0ca"}.fa-location-arrow:before{content:"\f124"}.fa-lock:before{content:"\f023"}.fa-lock-open:before{content:"\f3c1"}.fa-long-arrow-alt-down:before{content:"\f309"}.fa-long-arrow-alt-left:before{content:"\f30a"}.fa-long-arrow-alt-right:before{content:"\f30b"}.fa-long-arrow-alt-up:before{content:"\f30c"}.fa-low-vision:before{content:"\f2a8"}.fa-luggage-cart:before{content:"\f59d"}.fa-lyft:before{content:"\f3c3"}.fa-magento:before{content:"\f3c4"}.fa-magic:before{content:"\f0d0"}.fa-magnet:before{content:"\f076"}.fa-mail-bulk:before{content:"\f674"}.fa-mailchimp:before{content:"\f59e"}.fa-male:before{content:"\f183"}.fa-mandalorian:before{content:"\f50f"}.fa-map:before{content:"\f279"}.fa-map-marked:before{content:"\f59f"}.fa-map-marked-alt:before{content:"\f5a0"}.fa-map-marker:before{content:"\f041"}.fa-map-marker-alt:before{content:"\f3c5"}.fa-map-pin:before{content:"\f276"}.fa-map-signs:before{content:"\f277"}.fa-markdown:before{content:"\f60f"}.fa-marker:before{content:"\f5a1"}.fa-mars:before{content:"\f222"}.fa-mars-double:before{content:"\f227"}.fa-mars-stroke:before{content:"\f229"}.fa-mars-stroke-h:before{content:"\f22b"}.fa-mars-stroke-v:before{content:"\f22a"}.fa-mask:before{content:"\f6fa"}.fa-mastodon:before{content:"\f4f6"}.fa-maxcdn:before{content:"\f136"}.fa-medal:before{content:"\f5a2"}.fa-medapps:before{content:"\f3c6"}.fa-medium:before{content:"\f23a"}.fa-medium-m:before{content:"\f3c7"}.fa-medkit:before{content:"\f0fa"}.fa-medrt:before{content:"\f3c8"}.fa-meetup:before{content:"\f2e0"}.fa-megaport:before{content:"\f5a3"}.fa-meh:before{content:"\f11a"}.fa-meh-blank:before{content:"\f5a4"}.fa-meh-rolling-eyes:before{content:"\f5a5"}.fa-memory:before{content:"\f538"}.fa-mendeley:before{content:"\f7b3"}.fa-menorah:before{content:"\f676"}.fa-mercury:before{content:"\f223"}.fa-meteor:before{content:"\f753"}.fa-microchip:before{content:"\f2db"}.fa-microphone:before{content:"\f130"}.fa-microphone-alt:before{content:"\f3c9"}.fa-microphone-alt-slash:before{content:"\f539"}.fa-microphone-slash:before{content:"\f131"}.fa-microscope:before{content:"\f610"}.fa-microsoft:before{content:"\f3ca"}.fa-minus:before{content:"\f068"}.fa-minus-circle:before{content:"\f056"}.fa-minus-square:before{content:"\f146"}.fa-mitten:before{content:"\f7b5"}.fa-mix:before{content:"\f3cb"}.fa-mixcloud:before{content:"\f289"}.fa-mizuni:before{content:"\f3cc"}.fa-mobile:before{content:"\f10b"}.fa-mobile-alt:before{content:"\f3cd"}.fa-modx:before{content:"\f285"}.fa-monero:before{content:"\f3d0"}.fa-money-bill:before{content:"\f0d6"}.fa-money-bill-alt:before{content:"\f3d1"}.fa-money-bill-wave:before{content:"\f53a"}.fa-money-bill-wave-alt:before{content:"\f53b"}.fa-money-check:before{content:"\f53c"}.fa-money-check-alt:before{content:"\f53d"}.fa-monument:before{content:"\f5a6"}.fa-moon:before{content:"\f186"}.fa-mortar-pestle:before{content:"\f5a7"}.fa-mosque:before{content:"\f678"}.fa-motorcycle:before{content:"\f21c"}.fa-mountain:before{content:"\f6fc"}.fa-mouse-pointer:before{content:"\f245"}.fa-mug-hot:before{content:"\f7b6"}.fa-music:before{content:"\f001"}.fa-napster:before{content:"\f3d2"}.fa-neos:before{content:"\f612"}.fa-network-wired:before{content:"\f6ff"}.fa-neuter:before{content:"\f22c"}.fa-newspaper:before{content:"\f1ea"}.fa-nimblr:before{content:"\f5a8"}.fa-nintendo-switch:before{content:"\f418"}.fa-node:before{content:"\f419"}.fa-node-js:before{content:"\f3d3"}.fa-not-equal:before{content:"\f53e"}.fa-notes-medical:before{content:"\f481"}.fa-npm:before{content:"\f3d4"}.fa-ns8:before{content:"\f3d5"}.fa-nutritionix:before{content:"\f3d6"}.fa-object-group:before{content:"\f247"}.fa-object-ungroup:before{content:"\f248"}.fa-odnoklassniki:before{content:"\f263"}.fa-odnoklassniki-square:before{content:"\f264"}.fa-oil-can:before{content:"\f613"}.fa-old-republic:before{content:"\f510"}.fa-om:before{content:"\f679"}.fa-opencart:before{content:"\f23d"}.fa-openid:before{content:"\f19b"}.fa-opera:before{content:"\f26a"}.fa-optin-monster:before{content:"\f23c"}.fa-osi:before{content:"\f41a"}.fa-otter:before{content:"\f700"}.fa-outdent:before{content:"\f03b"}.fa-page4:before{content:"\f3d7"}.fa-pagelines:before{content:"\f18c"}.fa-pager:before{content:"\f815"}.fa-paint-brush:before{content:"\f1fc"}.fa-paint-roller:before{content:"\f5aa"}.fa-palette:before{content:"\f53f"}.fa-palfed:before{content:"\f3d8"}.fa-pallet:before{content:"\f482"}.fa-paper-plane:before{content:"\f1d8"}.fa-paperclip:before{content:"\f0c6"}.fa-parachute-box:before{content:"\f4cd"}.fa-paragraph:before{content:"\f1dd"}.fa-parking:before{content:"\f540"}.fa-passport:before{content:"\f5ab"}.fa-pastafarianism:before{content:"\f67b"}.fa-paste:before{content:"\f0ea"}.fa-patreon:before{content:"\f3d9"}.fa-pause:before{content:"\f04c"}.fa-pause-circle:before{content:"\f28b"}.fa-paw:before{content:"\f1b0"}.fa-paypal:before{content:"\f1ed"}.fa-peace:before{content:"\f67c"}.fa-pen:before{content:"\f304"}.fa-pen-alt:before{content:"\f305"}.fa-pen-fancy:before{content:"\f5ac"}.fa-pen-nib:before{content:"\f5ad"}.fa-pen-square:before{content:"\f14b"}.fa-pencil-alt:before{content:"\f303"}.fa-pencil-ruler:before{content:"\f5ae"}.fa-penny-arcade:before{content:"\f704"}.fa-people-carry:before{content:"\f4ce"}.fa-pepper-hot:before{content:"\f816"}.fa-percent:before{content:"\f295"}.fa-percentage:before{content:"\f541"}.fa-periscope:before{content:"\f3da"}.fa-person-booth:before{content:"\f756"}.fa-phabricator:before{content:"\f3db"}.fa-phoenix-framework:before{content:"\f3dc"}.fa-phoenix-squadron:before{content:"\f511"}.fa-phone:before{content:"\f095"}.fa-phone-slash:before{content:"\f3dd"}.fa-phone-square:before{content:"\f098"}.fa-phone-volume:before{content:"\f2a0"}.fa-php:before{content:"\f457"}.fa-pied-piper:before{content:"\f2ae"}.fa-pied-piper-alt:before{content:"\f1a8"}.fa-pied-piper-hat:before{content:"\f4e5"}.fa-pied-piper-pp:before{content:"\f1a7"}.fa-piggy-bank:before{content:"\f4d3"}.fa-pills:before{content:"\f484"}.fa-pinterest:before{content:"\f0d2"}.fa-pinterest-p:before{content:"\f231"}.fa-pinterest-square:before{content:"\f0d3"}.fa-pizza-slice:before{content:"\f818"}.fa-place-of-worship:before{content:"\f67f"}.fa-plane:before{content:"\f072"}.fa-plane-arrival:before{content:"\f5af"}.fa-plane-departure:before{content:"\f5b0"}.fa-play:before{content:"\f04b"}.fa-play-circle:before{content:"\f144"}.fa-playstation:before{content:"\f3df"}.fa-plug:before{content:"\f1e6"}.fa-plus:before{content:"\f067"}.fa-plus-circle:before{content:"\f055"}.fa-plus-square:before{content:"\f0fe"}.fa-podcast:before{content:"\f2ce"}.fa-poll:before{content:"\f681"}.fa-poll-h:before{content:"\f682"}.fa-poo:before{content:"\f2fe"}.fa-poo-storm:before{content:"\f75a"}.fa-poop:before{content:"\f619"}.fa-portrait:before{content:"\f3e0"}.fa-pound-sign:before{content:"\f154"}.fa-power-off:before{content:"\f011"}.fa-pray:before{content:"\f683"}.fa-praying-hands:before{content:"\f684"}.fa-prescription:before{content:"\f5b1"}.fa-prescription-bottle:before{content:"\f485"}.fa-prescription-bottle-alt:before{content:"\f486"}.fa-print:before{content:"\f02f"}.fa-procedures:before{content:"\f487"}.fa-product-hunt:before{content:"\f288"}.fa-project-diagram:before{content:"\f542"}.fa-pushed:before{content:"\f3e1"}.fa-puzzle-piece:before{content:"\f12e"}.fa-python:before{content:"\f3e2"}.fa-qq:before{content:"\f1d6"}.fa-qrcode:before{content:"\f029"}.fa-question:before{content:"\f128"}.fa-question-circle:before{content:"\f059"}.fa-quidditch:before{content:"\f458"}.fa-quinscape:before{content:"\f459"}.fa-quora:before{content:"\f2c4"}.fa-quote-left:before{content:"\f10d"}.fa-quote-right:before{content:"\f10e"}.fa-quran:before{content:"\f687"}.fa-r-project:before{content:"\f4f7"}.fa-radiation:before{content:"\f7b9"}.fa-radiation-alt:before{content:"\f7ba"}.fa-rainbow:before{content:"\f75b"}.fa-random:before{content:"\f074"}.fa-raspberry-pi:before{content:"\f7bb"}.fa-ravelry:before{content:"\f2d9"}.fa-react:before{content:"\f41b"}.fa-reacteurope:before{content:"\f75d"}.fa-readme:before{content:"\f4d5"}.fa-rebel:before{content:"\f1d0"}.fa-receipt:before{content:"\f543"}.fa-recycle:before{content:"\f1b8"}.fa-red-river:before{content:"\f3e3"}.fa-reddit:before{content:"\f1a1"}.fa-reddit-alien:before{content:"\f281"}.fa-reddit-square:before{content:"\f1a2"}.fa-redhat:before{content:"\f7bc"}.fa-redo:before{content:"\f01e"}.fa-redo-alt:before{content:"\f2f9"}.fa-registered:before{content:"\f25d"}.fa-renren:before{content:"\f18b"}.fa-reply:before{content:"\f3e5"}.fa-reply-all:before{content:"\f122"}.fa-replyd:before{content:"\f3e6"}.fa-republican:before{content:"\f75e"}.fa-researchgate:before{content:"\f4f8"}.fa-resolving:before{content:"\f3e7"}.fa-restroom:before{content:"\f7bd"}.fa-retweet:before{content:"\f079"}.fa-rev:before{content:"\f5b2"}.fa-ribbon:before{content:"\f4d6"}.fa-ring:before{content:"\f70b"}.fa-road:before{content:"\f018"}.fa-robot:before{content:"\f544"}.fa-rocket:before{content:"\f135"}.fa-rocketchat:before{content:"\f3e8"}.fa-rockrms:before{content:"\f3e9"}.fa-route:before{content:"\f4d7"}.fa-rss:before{content:"\f09e"}.fa-rss-square:before{content:"\f143"}.fa-ruble-sign:before{content:"\f158"}.fa-ruler:before{content:"\f545"}.fa-ruler-combined:before{content:"\f546"}.fa-ruler-horizontal:before{content:"\f547"}.fa-ruler-vertical:before{content:"\f548"}.fa-running:before{content:"\f70c"}.fa-rupee-sign:before{content:"\f156"}.fa-sad-cry:before{content:"\f5b3"}.fa-sad-tear:before{content:"\f5b4"}.fa-safari:before{content:"\f267"}.fa-sass:before{content:"\f41e"}.fa-satellite:before{content:"\f7bf"}.fa-satellite-dish:before{content:"\f7c0"}.fa-save:before{content:"\f0c7"}.fa-schlix:before{content:"\f3ea"}.fa-school:before{content:"\f549"}.fa-screwdriver:before{content:"\f54a"}.fa-scribd:before{content:"\f28a"}.fa-scroll:before{content:"\f70e"}.fa-sd-card:before{content:"\f7c2"}.fa-search:before{content:"\f002"}.fa-search-dollar:before{content:"\f688"}.fa-search-location:before{content:"\f689"}.fa-search-minus:before{content:"\f010"}.fa-search-plus:before{content:"\f00e"}.fa-searchengin:before{content:"\f3eb"}.fa-seedling:before{content:"\f4d8"}.fa-sellcast:before{content:"\f2da"}.fa-sellsy:before{content:"\f213"}.fa-server:before{content:"\f233"}.fa-servicestack:before{content:"\f3ec"}.fa-shapes:before{content:"\f61f"}.fa-share:before{content:"\f064"}.fa-share-alt:before{content:"\f1e0"}.fa-share-alt-square:before{content:"\f1e1"}.fa-share-square:before{content:"\f14d"}.fa-shekel-sign:before{content:"\f20b"}.fa-shield-alt:before{content:"\f3ed"}.fa-ship:before{content:"\f21a"}.fa-shipping-fast:before{content:"\f48b"}.fa-shirtsinbulk:before{content:"\f214"}.fa-shoe-prints:before{content:"\f54b"}.fa-shopping-bag:before{content:"\f290"}.fa-shopping-basket:before{content:"\f291"}.fa-shopping-cart:before{content:"\f07a"}.fa-shopware:before{content:"\f5b5"}.fa-shower:before{content:"\f2cc"}.fa-shuttle-van:before{content:"\f5b6"}.fa-sign:before{content:"\f4d9"}.fa-sign-in-alt:before{content:"\f2f6"}.fa-sign-language:before{content:"\f2a7"}.fa-sign-out-alt:before{content:"\f2f5"}.fa-signal:before{content:"\f012"}.fa-signature:before{content:"\f5b7"}.fa-sim-card:before{content:"\f7c4"}.fa-simplybuilt:before{content:"\f215"}.fa-sistrix:before{content:"\f3ee"}.fa-sitemap:before{content:"\f0e8"}.fa-sith:before{content:"\f512"}.fa-skating:before{content:"\f7c5"}.fa-sketch:before{content:"\f7c6"}.fa-skiing:before{content:"\f7c9"}.fa-skiing-nordic:before{content:"\f7ca"}.fa-skull:before{content:"\f54c"}.fa-skull-crossbones:before{content:"\f714"}.fa-skyatlas:before{content:"\f216"}.fa-skype:before{content:"\f17e"}.fa-slack:before{content:"\f198"}.fa-slack-hash:before{content:"\f3ef"}.fa-slash:before{content:"\f715"}.fa-sleigh:before{content:"\f7cc"}.fa-sliders-h:before{content:"\f1de"}.fa-slideshare:before{content:"\f1e7"}.fa-smile:before{content:"\f118"}.fa-smile-beam:before{content:"\f5b8"}.fa-smile-wink:before{content:"\f4da"}.fa-smog:before{content:"\f75f"}.fa-smoking:before{content:"\f48d"}.fa-smoking-ban:before{content:"\f54d"}.fa-sms:before{content:"\f7cd"}.fa-snapchat:before{content:"\f2ab"}.fa-snapchat-ghost:before{content:"\f2ac"}.fa-snapchat-square:before{content:"\f2ad"}.fa-snowboarding:before{content:"\f7ce"}.fa-snowflake:before{content:"\f2dc"}.fa-snowman:before{content:"\f7d0"}.fa-snowplow:before{content:"\f7d2"}.fa-socks:before{content:"\f696"}.fa-solar-panel:before{content:"\f5ba"}.fa-sort:before{content:"\f0dc"}.fa-sort-alpha-down:before{content:"\f15d"}.fa-sort-alpha-up:before{content:"\f15e"}.fa-sort-amount-down:before{content:"\f160"}.fa-sort-amount-up:before{content:"\f161"}.fa-sort-down:before{content:"\f0dd"}.fa-sort-numeric-down:before{content:"\f162"}.fa-sort-numeric-up:before{content:"\f163"}.fa-sort-up:before{content:"\f0de"}.fa-soundcloud:before{content:"\f1be"}.fa-sourcetree:before{content:"\f7d3"}.fa-spa:before{content:"\f5bb"}.fa-space-shuttle:before{content:"\f197"}.fa-speakap:before{content:"\f3f3"}.fa-spider:before{content:"\f717"}.fa-spinner:before{content:"\f110"}.fa-splotch:before{content:"\f5bc"}.fa-spotify:before{content:"\f1bc"}.fa-spray-can:before{content:"\f5bd"}.fa-square:before{content:"\f0c8"}.fa-square-full:before{content:"\f45c"}.fa-square-root-alt:before{content:"\f698"}.fa-squarespace:before{content:"\f5be"}.fa-stack-exchange:before{content:"\f18d"}.fa-stack-overflow:before{content:"\f16c"}.fa-stamp:before{content:"\f5bf"}.fa-star:before{content:"\f005"}.fa-star-and-crescent:before{content:"\f699"}.fa-star-half:before{content:"\f089"}.fa-star-half-alt:before{content:"\f5c0"}.fa-star-of-david:before{content:"\f69a"}.fa-star-of-life:before{content:"\f621"}.fa-staylinked:before{content:"\f3f5"}.fa-steam:before{content:"\f1b6"}.fa-steam-square:before{content:"\f1b7"}.fa-steam-symbol:before{content:"\f3f6"}.fa-step-backward:before{content:"\f048"}.fa-step-forward:before{content:"\f051"}.fa-stethoscope:before{content:"\f0f1"}.fa-sticker-mule:before{content:"\f3f7"}.fa-sticky-note:before{content:"\f249"}.fa-stop:before{content:"\f04d"}.fa-stop-circle:before{content:"\f28d"}.fa-stopwatch:before{content:"\f2f2"}.fa-store:before{content:"\f54e"}.fa-store-alt:before{content:"\f54f"}.fa-strava:before{content:"\f428"}.fa-stream:before{content:"\f550"}.fa-street-view:before{content:"\f21d"}.fa-strikethrough:before{content:"\f0cc"}.fa-stripe:before{content:"\f429"}.fa-stripe-s:before{content:"\f42a"}.fa-stroopwafel:before{content:"\f551"}.fa-studiovinari:before{content:"\f3f8"}.fa-stumbleupon:before{content:"\f1a4"}.fa-stumbleupon-circle:before{content:"\f1a3"}.fa-subscript:before{content:"\f12c"}.fa-subway:before{content:"\f239"}.fa-suitcase:before{content:"\f0f2"}.fa-suitcase-rolling:before{content:"\f5c1"}.fa-sun:before{content:"\f185"}.fa-superpowers:before{content:"\f2dd"}.fa-superscript:before{content:"\f12b"}.fa-supple:before{content:"\f3f9"}.fa-surprise:before{content:"\f5c2"}.fa-suse:before{content:"\f7d6"}.fa-swatchbook:before{content:"\f5c3"}.fa-swimmer:before{content:"\f5c4"}.fa-swimming-pool:before{content:"\f5c5"}.fa-synagogue:before{content:"\f69b"}.fa-sync:before{content:"\f021"}.fa-sync-alt:before{content:"\f2f1"}.fa-syringe:before{content:"\f48e"}.fa-table:before{content:"\f0ce"}.fa-table-tennis:before{content:"\f45d"}.fa-tablet:before{content:"\f10a"}.fa-tablet-alt:before{content:"\f3fa"}.fa-tablets:before{content:"\f490"}.fa-tachometer-alt:before{content:"\f3fd"}.fa-tag:before{content:"\f02b"}.fa-tags:before{content:"\f02c"}.fa-tape:before{content:"\f4db"}.fa-tasks:before{content:"\f0ae"}.fa-taxi:before{content:"\f1ba"}.fa-teamspeak:before{content:"\f4f9"}.fa-teeth:before{content:"\f62e"}.fa-teeth-open:before{content:"\f62f"}.fa-telegram:before{content:"\f2c6"}.fa-telegram-plane:before{content:"\f3fe"}.fa-temperature-high:before{content:"\f769"}.fa-temperature-low:before{content:"\f76b"}.fa-tencent-weibo:before{content:"\f1d5"}.fa-tenge:before{content:"\f7d7"}.fa-terminal:before{content:"\f120"}.fa-text-height:before{content:"\f034"}.fa-text-width:before{content:"\f035"}.fa-th:before{content:"\f00a"}.fa-th-large:before{content:"\f009"}.fa-th-list:before{content:"\f00b"}.fa-the-red-yeti:before{content:"\f69d"}.fa-theater-masks:before{content:"\f630"}.fa-themeco:before{content:"\f5c6"}.fa-themeisle:before{content:"\f2b2"}.fa-thermometer:before{content:"\f491"}.fa-thermometer-empty:before{content:"\f2cb"}.fa-thermometer-full:before{content:"\f2c7"}.fa-thermometer-half:before{content:"\f2c9"}.fa-thermometer-quarter:before{content:"\f2ca"}.fa-thermometer-three-quarters:before{content:"\f2c8"}.fa-think-peaks:before{content:"\f731"}.fa-thumbs-down:before{content:"\f165"}.fa-thumbs-up:before{content:"\f164"}.fa-thumbtack:before{content:"\f08d"}.fa-ticket-alt:before{content:"\f3ff"}.fa-times:before{content:"\f00d"}.fa-times-circle:before{content:"\f057"}.fa-tint:before{content:"\f043"}.fa-tint-slash:before{content:"\f5c7"}.fa-tired:before{content:"\f5c8"}.fa-toggle-off:before{content:"\f204"}.fa-toggle-on:before{content:"\f205"}.fa-toilet:before{content:"\f7d8"}.fa-toilet-paper:before{content:"\f71e"}.fa-toolbox:before{content:"\f552"}.fa-tools:before{content:"\f7d9"}.fa-tooth:before{content:"\f5c9"}.fa-torah:before{content:"\f6a0"}.fa-torii-gate:before{content:"\f6a1"}.fa-tractor:before{content:"\f722"}.fa-trade-federation:before{content:"\f513"}.fa-trademark:before{content:"\f25c"}.fa-traffic-light:before{content:"\f637"}.fa-train:before{content:"\f238"}.fa-tram:before{content:"\f7da"}.fa-transgender:before{content:"\f224"}.fa-transgender-alt:before{content:"\f225"}.fa-trash:before{content:"\f1f8"}.fa-trash-alt:before{content:"\f2ed"}.fa-trash-restore:before{content:"\f829"}.fa-trash-restore-alt:before{content:"\f82a"}.fa-tree:before{content:"\f1bb"}.fa-trello:before{content:"\f181"}.fa-tripadvisor:before{content:"\f262"}.fa-trophy:before{content:"\f091"}.fa-truck:before{content:"\f0d1"}.fa-truck-loading:before{content:"\f4de"}.fa-truck-monster:before{content:"\f63b"}.fa-truck-moving:before{content:"\f4df"}.fa-truck-pickup:before{content:"\f63c"}.fa-tshirt:before{content:"\f553"}.fa-tty:before{content:"\f1e4"}.fa-tumblr:before{content:"\f173"}.fa-tumblr-square:before{content:"\f174"}.fa-tv:before{content:"\f26c"}.fa-twitch:before{content:"\f1e8"}.fa-twitter:before{content:"\f099"}.fa-twitter-square:before{content:"\f081"}.fa-typo3:before{content:"\f42b"}.fa-uber:before{content:"\f402"}.fa-ubuntu:before{content:"\f7df"}.fa-uikit:before{content:"\f403"}.fa-umbrella:before{content:"\f0e9"}.fa-umbrella-beach:before{content:"\f5ca"}.fa-underline:before{content:"\f0cd"}.fa-undo:before{content:"\f0e2"}.fa-undo-alt:before{content:"\f2ea"}.fa-uniregistry:before{content:"\f404"}.fa-universal-access:before{content:"\f29a"}.fa-university:before{content:"\f19c"}.fa-unlink:before{content:"\f127"}.fa-unlock:before{content:"\f09c"}.fa-unlock-alt:before{content:"\f13e"}.fa-untappd:before{content:"\f405"}.fa-upload:before{content:"\f093"}.fa-ups:before{content:"\f7e0"}.fa-usb:before{content:"\f287"}.fa-user:before{content:"\f007"}.fa-user-alt:before{content:"\f406"}.fa-user-alt-slash:before{content:"\f4fa"}.fa-user-astronaut:before{content:"\f4fb"}.fa-user-check:before{content:"\f4fc"}.fa-user-circle:before{content:"\f2bd"}.fa-user-clock:before{content:"\f4fd"}.fa-user-cog:before{content:"\f4fe"}.fa-user-edit:before{content:"\f4ff"}.fa-user-friends:before{content:"\f500"}.fa-user-graduate:before{content:"\f501"}.fa-user-injured:before{content:"\f728"}.fa-user-lock:before{content:"\f502"}.fa-user-md:before{content:"\f0f0"}.fa-user-minus:before{content:"\f503"}.fa-user-ninja:before{content:"\f504"}.fa-user-nurse:before{content:"\f82f"}.fa-user-plus:before{content:"\f234"}.fa-user-secret:before{content:"\f21b"}.fa-user-shield:before{content:"\f505"}.fa-user-slash:before{content:"\f506"}.fa-user-tag:before{content:"\f507"}.fa-user-tie:before{content:"\f508"}.fa-user-times:before{content:"\f235"}.fa-users:before{content:"\f0c0"}.fa-users-cog:before{content:"\f509"}.fa-usps:before{content:"\f7e1"}.fa-ussunnah:before{content:"\f407"}.fa-utensil-spoon:before{content:"\f2e5"}.fa-utensils:before{content:"\f2e7"}.fa-vaadin:before{content:"\f408"}.fa-vector-square:before{content:"\f5cb"}.fa-venus:before{content:"\f221"}.fa-venus-double:before{content:"\f226"}.fa-venus-mars:before{content:"\f228"}.fa-viacoin:before{content:"\f237"}.fa-viadeo:before{content:"\f2a9"}.fa-viadeo-square:before{content:"\f2aa"}.fa-vial:before{content:"\f492"}.fa-vials:before{content:"\f493"}.fa-viber:before{content:"\f409"}.fa-video:before{content:"\f03d"}.fa-video-slash:before{content:"\f4e2"}.fa-vihara:before{content:"\f6a7"}.fa-vimeo:before{content:"\f40a"}.fa-vimeo-square:before{content:"\f194"}.fa-vimeo-v:before{content:"\f27d"}.fa-vine:before{content:"\f1ca"}.fa-vk:before{content:"\f189"}.fa-vnv:before{content:"\f40b"}.fa-volleyball-ball:before{content:"\f45f"}.fa-volume-down:before{content:"\f027"}.fa-volume-mute:before{content:"\f6a9"}.fa-volume-off:before{content:"\f026"}.fa-volume-up:before{content:"\f028"}.fa-vote-yea:before{content:"\f772"}.fa-vr-cardboard:before{content:"\f729"}.fa-vuejs:before{content:"\f41f"}.fa-walking:before{content:"\f554"}.fa-wallet:before{content:"\f555"}.fa-warehouse:before{content:"\f494"}.fa-water:before{content:"\f773"}.fa-weebly:before{content:"\f5cc"}.fa-weibo:before{content:"\f18a"}.fa-weight:before{content:"\f496"}.fa-weight-hanging:before{content:"\f5cd"}.fa-weixin:before{content:"\f1d7"}.fa-whatsapp:before{content:"\f232"}.fa-whatsapp-square:before{content:"\f40c"}.fa-wheelchair:before{content:"\f193"}.fa-whmcs:before{content:"\f40d"}.fa-wifi:before{content:"\f1eb"}.fa-wikipedia-w:before{content:"\f266"}.fa-wind:before{content:"\f72e"}.fa-window-close:before{content:"\f410"}.fa-window-maximize:before{content:"\f2d0"}.fa-window-minimize:before{content:"\f2d1"}.fa-window-restore:before{content:"\f2d2"}.fa-windows:before{content:"\f17a"}.fa-wine-bottle:before{content:"\f72f"}.fa-wine-glass:before{content:"\f4e3"}.fa-wine-glass-alt:before{content:"\f5ce"}.fa-wix:before{content:"\f5cf"}.fa-wizards-of-the-coast:before{content:"\f730"}.fa-wolf-pack-battalion:before{content:"\f514"}.fa-won-sign:before{content:"\f159"}.fa-wordpress:before{content:"\f19a"}.fa-wordpress-simple:before{content:"\f411"}.fa-wpbeginner:before{content:"\f297"}.fa-wpexplorer:before{content:"\f2de"}.fa-wpforms:before{content:"\f298"}.fa-wpressr:before{content:"\f3e4"}.fa-wrench:before{content:"\f0ad"}.fa-x-ray:before{content:"\f497"}.fa-xbox:before{content:"\f412"}.fa-xing:before{content:"\f168"}.fa-xing-square:before{content:"\f169"}.fa-y-combinator:before{content:"\f23b"}.fa-yahoo:before{content:"\f19e"}.fa-yandex:before{content:"\f413"}.fa-yandex-international:before{content:"\f414"}.fa-yarn:before{content:"\f7e3"}.fa-yelp:before{content:"\f1e9"}.fa-yen-sign:before{content:"\f157"}.fa-yin-yang:before{content:"\f6ad"}.fa-yoast:before{content:"\f2b1"}.fa-youtube:before{content:"\f167"}.fa-youtube-square:before{content:"\f431"}.fa-zhihu:before{content:"\f63f"}.sr-only{border:0;clip:rect(0,0,0,0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.sr-only-focusable:active,.sr-only-focusable:focus{clip:auto;height:auto;margin:0;overflow:visible;position:static;width:auto}@font-face{font-family:"Font Awesome 5 Brands";font-style:normal;font-weight:400;font-display:auto;src:url(libs/fonts/fa-brands-400.eot);src:url(libs/fonts/fa-brands-400.eot?#iefix) format("embedded-opentype"),url(libs/fonts/fa-brands-400.woff2) format("woff2"),url(libs/fonts/fa-brands-400.woff) format("woff"),url(libs/fonts/fa-brands-400.ttf) format("truetype"),url(libs/fonts/fa-brands-400.svg#fontawesome) format("svg")}.fab{font-family:"Font Awesome 5 Brands"}@font-face{font-family:"Font Awesome 5 Free";font-style:normal;font-weight:400;font-display:auto;src:url(libs/fonts/fa-regular-400.eot);src:url(libs/fonts/fa-regular-400.eot?#iefix) format("embedded-opentype"),url(libs/fonts/fa-regular-400.woff2) format("woff2"),url(libs/fonts/fa-regular-400.woff) format("woff"),url(libs/fonts/fa-regular-400.ttf) format("truetype"),url(libs/fonts/fa-regular-400.svg#fontawesome) format("svg")}.far{font-weight:400}@font-face{font-family:"Font Awesome 5 Free";font-style:normal;font-weight:900;font-display:auto;src:url(libs/fonts/fa-solid-900.eot);src:url(libs/fonts/fa-solid-900.eot?#iefix) format("embedded-opentype"),url(libs/fonts/fa-solid-900.woff2) format("woff2"),url(libs/fonts/fa-solid-900.woff) format("woff"),url(libs/fonts/fa-solid-900.ttf) format("truetype"),url(libs/fonts/fa-solid-900.svg#fontawesome) format("svg")}.fa,.far,.fas{font-family:"Font Awesome 5 Free"}.fa,.fas{font-weight:900}:root{--colorLink:#999;--colorSidebar:#fff;--errorColor:#f44336;--main:#f44336;--sidebarBg:#292929;--sidebarHoverBg:#232323;--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}.night-colors{--bg:#1f1f1f;--border:#191919;--color:#fff;--contentBg:#292929;--headerBg:#292929;--selectedBg:#261918;--bgqoute:#1f1f1f5e}.light-colors{--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}body.dark{--bg:#1f1f1f;--border:#191919;--color:#fff;--contentBg:#292929;--headerBg:#292929;--selectedBg:#261918;--bgqoute:#1f1f1f5e}body.light{--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}@media (prefers-color-scheme:dark){:root{--bg:#1f1f1f;--border:#191919;--color:#fff;--contentBg:#292929;--headerBg:#292929;--selectedBg:#261918;--bgqoute:#1f1f1f5e}}@media (prefers-color-scheme:light){:root{--bg:#eee;--border:#e5e5e5;--color:#232323;--contentBg:#fff;--headerBg:#fff;--selectedBg:#ffe7e5;--bgqoute:#eee}}select{background:var(--contentBg);border:1px solid var(--border);border-radius:4px;color:var(--color)}.login-footer{color:var(--color)}.content-footer{width:100%;padding:20px;max-width:840px;margin-bottom:16px;background-color:var(--contentBg);border:1px solid var(--border);display:flex;flex-flow:column;align-items:center}.metadata{display:flex;flex-flow:row wrap;text-align:center;font-size:16px;color:var(--colorLink)}.metadata:first-child{justify-content:flex-start}.metadata:nth-child(2){justify-content:flex-end}.metadata[v-cloak]{visibility:hidden}.links{display:flex;flex-flow:row wrap}.links a{padding:0 4px;color:var(--color);text-decoration:underline}.links a:focus,.links a:hover{color:var(--main)}*{border-width:0;box-sizing:border-box;font-family:"Source Sans Pro",sans-serif;margin:0;padding:0;text-decoration:none}body{background-color:var(--bg)}a{cursor:pointer}.spacer{flex:1}#login-scene{height:100%;height:100dvh;padding:16px;overflow:auto;display:flex;align-items:center;flex-flow:column nowrap;background-color:var(--bg)}#login-scene>.error-message{width:100%;max-width:400px;font-size:1em;background-color:var(--contentBg);border:1px solid var(--border);padding:16px;margin-top:auto;margin-bottom:16px;text-align:center;color:var(--errorColor)}#login-scene #login-box{width:100%;max-width:400px;margin-bottom:auto;background-color:var(--contentBg);display:flex;flex-flow:column nowrap;border:1px solid var(--border);flex-shrink:0}#login-scene #login-box:first-child{margin-top:auto}#login-scene #login-box #logo-area{display:flex;align-items:center;flex-flow:column nowrap;padding:16px;background-color:var(--main);border-bottom:1px solid var(--border);flex-shrink:0}#login-scene #login-box #logo-area #logo{font-size:3em;font-weight:100;color:var(--contentBg)}#login-scene #login-box #logo-area #logo span{margin-right:8px}#login-scene #login-box #logo-area #tagline{font-weight:500;margin-top:4px;color:var(--contentBg);text-align:center}#login-scene #login-box #input-area{padding:16px;display:grid;grid-gap:16px;grid-template-columns:auto 1fr;justify-content:baseline;align-items:center;border-bottom:1px solid var(--border)}#login-scene #login-box #input-area>label{color:var(--color)}#login-scene #login-box #input-area>input{color:var(--color);padding:8px;background-color:var(--contentBg);border:1px solid var(--border);min-width:0;font-size:1em}#login-scene #login-box #input-area .checkbox-field{grid-column:1/span 2;display:flex;flex-flow:row nowrap;align-items:center;justify-content:center;cursor:pointer}#login-scene #login-box #input-area .checkbox-field:focus,#login-scene #login-box #input-area .checkbox-field:hover{text-decoration:underline;text-decoration-color:var(--main)}#login-scene #login-box #input-area .checkbox-field>input[type=checkbox]{margin-right:8px}#login-scene #login-box #button-area{display:flex;flex-flow:row nowrap;padding:16px;justify-content:center}#login-scene #login-box #button-area a{color:var(--color);text-transform:uppercase;text-align:center;font-weight:600;cursor:default}#login-scene #login-box #button-area a.button{cursor:pointer}#login-scene #login-box #button-area a.button:focus,#login-scene #login-box #button-area a.button:hover{color:var(--main)}#main-scene{min-height:100%;min-height:100dvh;padding-top:60px;padding-left:60px;background-color:var(--bg)}#main-scene #main-sidebar{top:0;left:0;width:60px;height:100%;height:100dvh;position:fixed;display:flex;flex-flow:column nowrap;background-color:var(--sidebarBg);z-index:1}#main-scene #main-sidebar a{flex-shrink:0;display:block;width:60px;line-height:60px;text-align:center;font-size:1em;color:var(--colorSidebar)}#main-scene #main-sidebar a.active{cursor:default;color:var(--colorSidebar);background-color:var(--main)}#main-scene #main-sidebar a:focus,#main-scene #main-sidebar a:hover{color:var(--main);background-color:var(--sidebarHoverBg)}#main-scene .page-header{top:0;left:60px;right:0;height:60px;position:fixed;color:var(--color);background-color:var(--headerBg);border-bottom:1px solid var(--border);padding:0 16px;z-index:10}#main-scene h1.page-header{line-height:60px;font-size:1.3em;font-weight:600}#main-scene div.page-header{display:flex;flex-flow:row nowrap;align-items:center}#main-scene div.page-header p{flex:1 0;font-size:1.3em;font-weight:600;line-height:60px;color:var(--color)}#main-scene div.page-header input[type=text]{flex:1 0;min-width:0;margin-right:8px;font-size:1.1em;font-weight:500;line-height:59px;color:var(--color);background-color:var(--contentBg)}#main-scene div.page-header input[type=text]::placeholder{color:var(--colorLink)}#main-scene div.page-header a{display:block;width:24px;line-height:24px;color:var(--colorLink);text-align:center}#main-scene div.page-header a:not(:last-child){margin-right:8px}#main-scene div.page-header a:hover{color:var(--main)}#main-scene .loading-overlay{display:flex;flex-flow:column nowrap;align-items:center;justify-content:center;overflow:hidden;position:fixed;top:0;left:0;width:100%;width:100dvw;height:100%;height:100dvh;z-index:10001;background-color:rgba(0,0,0,.6)}#main-scene .loading-overlay i{color:var(--colorSidebar);font-size:4em;text-align:center;width:80px;line-height:80px;position:absolute}@media (max-width:600px){#main-scene{padding-top:50px;padding-left:0;padding-bottom:50px}#main-scene #main-sidebar{top:auto;right:0;bottom:0;width:100%;width:100dvw;height:50px;flex-flow:row nowrap;border-top:1px solid var(--border)}#main-scene #main-sidebar .spacer{display:none}#main-scene #main-sidebar a{width:auto;flex:1 0;line-height:50px}#main-scene #main-sidebar a:focus,#main-scene #main-sidebar a:hover{color:var(--colorSidebar);background-color:var(--main)}#main-scene .page-header{left:0;height:50px}#main-scene h1.page-header{text-align:center;font-size:1em;line-height:50px;text-transform:uppercase}#main-scene div.page-header{flex-flow:row wrap}#main-scene div.page-header p{flex:1 0;font-size:1em;font-weight:500;line-height:3em;padding:0}#main-scene div.page-header input[type=text]{flex:1 0;font-size:1em;font-weight:500;line-height:3em}#main-scene div.page-header a{display:block;width:24px;line-height:100%}}#content-scene{padding:20px;display:flex;color:var(--color);background-color:var(--bg);flex-flow:column nowrap;align-items:center}#content-scene #header{width:100%;padding:20px;max-width:840px;margin-bottom:16px;background-color:var(--contentBg);border:1px solid var(--border);display:flex;flex-flow:column;align-items:center}#content-scene #header #title{padding:8px 0;grid-column-start:1;grid-column-end:-1;font-size:36px;font-weight:700;word-break:break-word;hyphens:none;text-align:center}#content-scene #content{width:100%;padding:20px;max-width:840px;background-color:var(--contentBg);border:1px solid var(--border)}#content-scene #content *{font-size:18px;line-height:180%}#content-scene #content :not(:last-child){margin-bottom:20px}#content-scene #content a{color:var(--color);text-decoration:underline}#content-scene #content a:focus,#content-scene #content a:hover{color:var(--main)}#content-scene #content code,#content-scene #content pre{overflow:auto;border:1px solid var(--border);font-family:"Ubuntu Mono","Courier New",Courier,monospace;font-size:16px}#content-scene #content pre{padding:8px}#content-scene #content pre>code{border:0}#content-scene #content ol,#content-scene #content ul{padding-left:16px}#content-scene #content img{height:auto;max-width:100%}#content-scene #content table{border:1px solid var(--border);border-collapse:collapse}#content-scene #content table td,#content-scene #content table th,#content-scene #content table tr{border:1px solid var(--border)}#content-scene #content blockquote{margin:15px;padding:15px;font-style:italic;background:var(--bgqoute)}#page-home>.empty-message{max-width:400px;font-size:1em;background-color:var(--contentBg);border:1px solid var(--border);padding:16px;margin:16px;color:var(--errorColor)}#page-home #edit-box{background-color:var(--selectedBg);border-bottom:1px solid var(--main)}#page-home #bookmarks-grid{display:grid;grid-template-rows:min-content;grid-template-columns:repeat(auto-fill,minmax(300px,1fr));grid-gap:16px;padding:16px;overflow:auto}#page-home #bookmarks-grid .bookmark{align-self:start}#page-home #bookmarks-grid .pagination-box{grid-column-end:-1;grid-column-start:1;display:flex;flex-flow:row nowrap;align-self:start}#page-home #bookmarks-grid .pagination-box a{padding:8px;color:var(--colorLink)}#page-home #bookmarks-grid .pagination-box a:focus,#page-home #bookmarks-grid .pagination-box a:hover{color:var(--main)}#page-home #bookmarks-grid .pagination-box input{width:40px;padding:8px;text-align:center;font-size:.9em;color:var(--color);border:1px solid var(--border);background-color:var(--contentBg);margin:0 8px}#page-home #bookmarks-grid .pagination-box p{font-size:.9em;color:var(--colorLink);line-height:37px;font-weight:600}#page-home #bookmarks-grid .pagination-box p:last-of-type::before{content:"/";margin-right:8px}#page-home #bookmarks-grid.list{grid-gap:0;padding-bottom:0;grid-template-columns:auto}#page-home #bookmarks-grid.list .pagination-box{padding:16px 0}#page-home #bookmarks-grid.list .pagination-box:first-child{padding-top:0}@media (max-width:600px){#page-home #bookmarks-grid.list{padding:16px 0 0}#page-home #bookmarks-grid.list .pagination-box{padding:16px}}#page-home #dialog-tags .custom-dialog-body{grid-template-columns:repeat(2,minmax(0,1fr))}@media (max-width:600px){#page-home #dialog-tags .custom-dialog-body{grid-template-columns:minmax(0,1fr)}}#page-home #dialog-tags .custom-dialog-body a{font-size:1em;color:var(--color)}#page-home #dialog-tags .custom-dialog-body a span:last-child{font-size:1em;color:var(--colorLink);margin-left:4px}#page-home #dialog-tags .custom-dialog-body a span:last-child::before{content:"(";margin-right:2px}#page-home #dialog-tags .custom-dialog-body a span:last-child::after{content:")";margin-left:2px}#page-home #dialog-tags .custom-dialog-body a:focus,#page-home #dialog-tags .custom-dialog-body a:hover{color:var(--main)}#page-setting{min-height:0;max-height:100%;display:flex;flex-flow:column nowrap}#page-setting .setting-container{padding:8px;display:flex;overflow:auto;flex-flow:column nowrap;flex:1 0}#page-setting .setting-container::after{content:"";display:block;min-height:1px}#page-setting .setting-container details.setting-group{margin:8px;display:block;max-width:350px;color:var(--color);background-color:var(--contentBg);border:1px solid var(--border)}@media (max-width:600px){#page-setting .setting-container details.setting-group{max-width:100%}}#page-setting .setting-container details.setting-group summary{list-style:none;font-weight:600;width:100%;padding:12px 8px;font-size:1.1em;cursor:pointer}#page-setting .setting-container details.setting-group summary:hover{color:var(--main)}#page-setting .setting-container details.setting-group summary::-webkit-details-marker{display:none}#page-setting .setting-container details.setting-group summary::after{content:"+";margin-left:8px;font-weight:600}#page-setting .setting-container details.setting-group[open] summary{border-bottom:1px solid var(--border)}#page-setting .setting-container details.setting-group[open] summary::after{content:"-"!important}#page-setting .setting-container details.setting-group ul{list-style:none}#page-setting .setting-container details.setting-group ul li{padding:4px 8px;color:var(--color);display:flex;flex-flow:row nowrap;align-items:center}#page-setting .setting-container details.setting-group div.setting-group-footer{padding:4px 8px;display:flex;flex-flow:column nowrap;align-items:flex-end;border-top:1px solid var(--border)}#page-setting .setting-container details.setting-group div.setting-group-footer>a{text-transform:uppercase;padding:8px 4px;font-size:.9em;font-weight:600}#page-setting .setting-container details.setting-group div.setting-group-footer>a:hover{color:var(--main)}#page-setting .setting-container details.setting-group div.setting-group-footer>a:focus{outline:0;color:var(--main);border-bottom:1px dashed var(--main)}#page-setting #setting-bookmarks,#page-setting #setting-display{display:flex;flex-flow:column nowrap}#page-setting #setting-bookmarks[open],#page-setting #setting-display[open]{padding-bottom:8px}#page-setting #setting-bookmarks[open] summary,#page-setting #setting-display[open] summary{margin-bottom:8px}#page-setting #setting-bookmarks label,#page-setting #setting-display label{padding:4px 8px;color:var(--color);display:flex;flex-flow:row nowrap;align-items:center;cursor:pointer}#page-setting #setting-bookmarks label:focus,#page-setting #setting-bookmarks label:hover,#page-setting #setting-display label:focus,#page-setting #setting-display label:hover{text-decoration:underline;text-decoration-color:var(--main)}#page-setting #setting-bookmarks label>input[type=checkbox],#page-setting #setting-display label>input[type=checkbox]{margin-right:8px}#page-setting .setting-accounts summary{margin-bottom:0}#page-setting .setting-accounts ul{list-style:none}#page-setting .setting-accounts ul li{padding:8px;display:flex;flex-flow:row nowrap;align-items:center}#page-setting .setting-accounts ul li:not(:last-child){border-bottom:1px solid var(--border)}#page-setting .setting-accounts ul li p{font-size:1em;color:var(--color);flex:1 0}#page-setting .setting-accounts ul li p span{color:var(--colorLink)}#page-setting .setting-accounts ul li a{margin-left:8px;color:var(--colorLink)}#page-setting .setting-accounts ul li a:hover{color:var(--main)}#page-setting #setting-system-info ul{padding-top:4px;padding-bottom:4px}#page-setting #setting-system-info ul li span{margin-left:8px}:root{--dialogHeaderBg:#292929;--colorDialogHeader:#fff}.custom-dialog-overlay{display:flex;flex-flow:column nowrap;align-items:center;justify-content:center;min-width:0;min-height:0;overflow:hidden;position:fixed;top:0;left:0;width:100%;width:100dvw;height:100%;height:100dvh;z-index:10001;background-color:rgba(0,0,0,.6);padding:32px}.custom-dialog-overlay .custom-dialog{display:flex;flex-flow:column nowrap;min-height:0;max-height:100%;max-width:100%;width:400px;overflow:auto;background-color:var(--contentBg);font-size:16px;resize:both}.custom-dialog-overlay .custom-dialog .custom-dialog-header{padding:16px;color:var(--colorDialogHeader);background-color:var(--dialogHeaderBg);font-weight:600;font-size:1em;text-transform:uppercase;border-bottom:1px solid var(--border)}.custom-dialog-overlay .custom-dialog .custom-dialog-body{padding:16px 16px 0;display:grid;max-height:100%;min-height:80px;min-width:0;overflow:auto;font-size:1em;grid-template-columns:max-content 1fr;align-content:start;align-items:baseline;grid-gap:16px;flex-grow:1}.custom-dialog-overlay .custom-dialog .custom-dialog-body::after{content:"";display:block;min-height:1px;grid-column-end:-1;grid-column-start:1}.custom-dialog-overlay .custom-dialog .custom-dialog-body .custom-dialog-content{grid-column-end:-1;grid-column-start:1;color:var(--color);align-self:baseline}.custom-dialog-overlay .custom-dialog .custom-dialog-body>label{color:var(--color);padding:8px 0;font-size:1em}.custom-dialog-overlay .custom-dialog .custom-dialog-body>input[type=password],.custom-dialog-overlay .custom-dialog .custom-dialog-body>input[type=text],.custom-dialog-overlay .custom-dialog .custom-dialog-body>textarea{color:var(--color);padding:8px;font-size:1em;border:1px solid var(--border);background-color:var(--contentBg);min-width:0}.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field{color:var(--color);font-size:1em;display:flex;flex-flow:row nowrap;padding:0;grid-column-start:1;grid-column-end:-1;cursor:pointer}.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field:focus,.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field:hover{text-decoration:underline;text-decoration-color:var(--main)}.custom-dialog-overlay .custom-dialog .custom-dialog-body .checkbox-field>input[type=checkbox]{margin-right:8px}.custom-dialog-overlay .custom-dialog .custom-dialog-body>textarea{height:6em;min-height:37px;resize:vertical}.custom-dialog-overlay .custom-dialog .custom-dialog-body>.suggestion{position:absolute;display:block;padding:8px;background-color:var(--contentBg);border:1px solid var(--border);color:var(--color);font-size:.9em}.custom-dialog-overlay .custom-dialog .custom-dialog-footer{padding:16px;display:flex;flex-flow:row wrap;justify-content:flex-end;border-top:1px solid var(--border)}.custom-dialog-overlay .custom-dialog .custom-dialog-footer>a{padding:0 8px;font-size:.9em;font-weight:600;color:var(--color);text-transform:uppercase}.custom-dialog-overlay .custom-dialog .custom-dialog-footer>a:focus,.custom-dialog-overlay .custom-dialog .custom-dialog-footer>a:hover{outline:0;color:var(--main)}.custom-dialog-overlay .custom-dialog .custom-dialog-footer>i.fa-spinner.fa-spin{width:19px;line-height:19px;text-align:center;color:var(--color)}@media only screen and (max-width:768px){.custom-dialog-overlay{padding:0}.custom-dialog{width:100%!important;height:100%!important;resize:none!important}}.bookmark{display:flex;flex-flow:column nowrap;min-width:0;border:1px solid var(--border);background-color:var(--contentBg);height:100%;position:relative}.bookmark:focus .bookmark-menu>a,.bookmark:hover .bookmark-menu>a{display:block}.bookmark.selected{background-color:var(--selectedBg)}.bookmark .bookmark-selector{position:absolute;top:0;left:0;width:100%;height:100%;z-index:9}.bookmark .bookmark-link{display:block;cursor:default}.bookmark .bookmark-link[href]{cursor:pointer}.bookmark .bookmark-link[href]:focus .title,.bookmark .bookmark-link[href]:hover .title{color:var(--main)}.bookmark .bookmark-link span.thumbnail{width:100%;height:200px;display:block;background-size:cover;background-repeat:no-repeat;background-position:center center;margin-bottom:8px;border-bottom:1px solid var(--border)}.bookmark .bookmark-link .id{color:var(--color);border:1px solid var(--border);background-color:var(--contentBg);font-size:.7em;font-weight:700;left:-1px;top:-1px;position:absolute;padding:0 .3em;opacity:.7}.bookmark .bookmark-link .title{text-overflow:ellipsis;word-wrap:break-word;overflow:hidden;font-size:1.2em;line-height:1.3em;max-height:5.2em;font-weight:600;padding:0 16px;color:var(--color)}.bookmark .bookmark-link .title:first-child{margin-top:16px}.bookmark .bookmark-link .title i{color:var(--colorLink);margin-left:4px;font-size:14px}.bookmark .bookmark-link .excerpt{color:var(--color);margin-top:8px;padding:0 16px;text-overflow:ellipsis;word-wrap:break-word;overflow:hidden;font-size:.9em;line-height:1.5em;max-height:10.5em}.bookmark .bookmark-tags{display:flex;flex-flow:row wrap;margin:8px 0 -4px;padding:0 8px}.bookmark .bookmark-tags a{margin:4px;padding:4px 8px;font-size:.8em;font-weight:600;border:1px solid var(--border);border-radius:4px;color:var(--colorLink);background-color:var(--contentBg)}.bookmark .bookmark-tags a:focus,.bookmark .bookmark-tags a:hover{color:var(--main)}.bookmark .bookmark-menu{padding:8px 16px 16px;display:flex;flex-flow:row nowrap;min-width:0;min-height:0;align-items:center}.bookmark .bookmark-menu a{color:var(--colorLink);flex-shrink:0;opacity:.8;display:none;font-size:.9em}.bookmark .bookmark-menu a:not(:last-child){margin-right:12px}.bookmark .bookmark-menu a:focus,.bookmark .bookmark-menu a:hover{color:var(--main);opacity:1}.bookmark .bookmark-menu .url{flex:1 0;opacity:1;display:block;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;line-height:21px}.bookmark .bookmark-menu .url:not([href]){cursor:default;color:var(--colorLink)}@media (max-width:1024px){.bookmark .bookmark-menu a{display:block}}.bookmark.list{border-top-width:0;border-bottom-width:1px;padding:16px 24px 16px 100px}.bookmark.list:first-child{border-top-width:1px}.bookmark.list .bookmark-link span.thumbnail{position:absolute;top:0;left:0;width:100px;height:100%;margin-bottom:0;border-bottom:0;border-right:1px solid var(--border)}.bookmark.list .bookmark-link .title{margin:0;padding-left:24px}.bookmark.list .excerpt,.bookmark.list>.spacer{display:none}.bookmark.list .bookmark-tags{padding-left:16px;padding-right:0}.bookmark.list .bookmark-menu{padding:8px 0 0 24px;align-items:flex-end}.bookmark.list.no-thumbnail{padding-left:16px;padding-right:16px}.bookmark.list.no-thumbnail .bookmark-link .title{padding:0;margin-bottom:4px}.bookmark.list.no-thumbnail .excerpt{margin-top:0;margin-bottom:4px;padding:0;display:block}.bookmark.list.no-thumbnail .bookmark-tags{padding-left:0;margin:0 -4px 0}.bookmark.list.no-thumbnail .bookmark-menu{padding-top:0;padding-left:0}@media (max-width:600px){.bookmark.list{padding:8px 16px 8px 70px;border-width:0!important;border-bottom-width:1px!important}.bookmark.list .bookmark-link span.thumbnail{width:70px}.bookmark.list .bookmark-link .title{font-size:1.1em;font-weight:500;padding-left:16px}.bookmark.list .bookmark-tags{padding-left:8px}.bookmark.list .bookmark-menu{padding-left:16px}} \ No newline at end of file diff --git a/internal/view/assets/js/component/dialog.js b/internal/view/assets/js/component/dialog.js index 8d4fdf415..3c1b472c1 100644 --- a/internal/view/assets/js/component/dialog.js +++ b/internal/view/assets/js/component/dialog.js @@ -8,26 +8,26 @@ var template = `