nvrl/narlblog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor

Browse Source
This commit is contained in:
Nils Pukropp
2026-03-26 00:50:11 +01:00
parent 798552d16f
commit c61a5ff3c5
15 changed files with 1005 additions and 995 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/src/main.rs
+16 -375
View File
@@ -1,84 +1,24 @@
pub mod auth;
pub mod error;
pub mod handlers;
pub mod models;
use axum::{
Router,
extract::{DefaultBodyLimit, Multipart, Path, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Json},
extract::DefaultBodyLimit,
routing::{delete, get, post},
Router,
};
use serde::{Deserialize, Serialize};
use std::{env, fs, path::PathBuf, sync::Arc};
use tower_http::{
cors::{Any, CorsLayer},
services::ServeDir,
};
use tracing::{error, info, warn};
use tracing::{error, info};
#[derive(Clone)]
struct AppState {
admin_token: String,
data_dir: PathBuf,
}
#[derive(Serialize, Deserialize, Clone)]
struct SiteConfig {
title: String,
subtitle: String,
welcome_title: String,
welcome_subtitle: String,
footer: String,
favicon: String,
theme: String,
custom_css: String,
}
impl Default for SiteConfig {
fn default() -> Self {
Self {
title: "Narlblog".to_string(),
subtitle: "A clean, modern blog".to_string(),
welcome_title: "Welcome to my blog".to_string(),
welcome_subtitle: "Thoughts on software, design, and building things with Rust and Astro.".to_string(),
footer: "Built with Rust & Astro".to_string(),
favicon: "/favicon.svg".to_string(),
theme: "mocha".to_string(),
custom_css: "".to_string(),
}
}
}
#[derive(Serialize)]
struct PostInfo {
slug: String,
excerpt: String,
}
#[derive(Serialize)]
struct PostDetail {
slug: String,
content: String,
}
#[derive(Deserialize)]
struct CreatePostRequest {
slug: String,
content: String,
}
#[derive(Serialize)]
struct ErrorResponse {
error: String,
details: Option<String>,
}
#[derive(Serialize)]
struct UploadResponse {
url: String,
}
#[derive(Serialize)]
struct FileInfo {
name: String,
url: String,
pub struct AppState {
pub admin_token: String,
pub data_dir: PathBuf,
}
#[tokio::main]
@@ -114,11 +54,11 @@ async fn main() {
.allow_headers(Any);
let app = Router::new()
.route("/api/config", get(get_config).post(update_config))
.route("/api/posts", get(list_posts).post(create_post))
.route("/api/posts/{slug}", get(get_post).delete(delete_post))
.route("/api/uploads", get(list_uploads))
.route("/api/upload", post(upload_file))
.route("/api/config", get(handlers::config::get_config).post(handlers::config::update_config))
.route("/api/posts", get(handlers::posts::list_posts).post(handlers::posts::create_post))
.route("/api/posts/{slug}", get(handlers::posts::get_post).delete(handlers::posts::delete_post))
.route("/api/uploads", get(handlers::upload::list_uploads))
.route("/api/upload", post(handlers::upload::upload_file))
.nest_service("/uploads", ServeDir::new(uploads_dir))
.layer(DefaultBodyLimit::max(50 * 1024 * 1024))
.layer(cors)
@@ -129,302 +69,3 @@ async fn main() {
let listener = tokio::net::TcpListener::bind(&addr).await.unwrap();
axum::serve(listener, app).await.unwrap();
}
fn check_auth(
headers: &HeaderMap,
admin_token: &str,
) -> Result<(), (StatusCode, Json<ErrorResponse>)> {
let auth_header = headers.get("Authorization").and_then(|h| h.to_str().ok());
if auth_header != Some(&format!("Bearer {}", admin_token)) {
warn!("Unauthorized access attempt detected");
return Err((
StatusCode::UNAUTHORIZED,
Json(ErrorResponse {
error: "Unauthorized".to_string(),
details: None,
}),
));
}
Ok(())
}
async fn get_config(State(state): State<Arc<AppState>>) -> impl IntoResponse {
let config_path = state.data_dir.join("config.json");
let config = fs::read_to_string(&config_path)
.ok()
.and_then(|c| serde_json::from_str::<SiteConfig>(&c).ok())
.unwrap_or_default();
Json(config)
}
async fn update_config(
State(state): State<Arc<AppState>>,
headers: HeaderMap,
Json(payload): Json<SiteConfig>,
) -> Result<Json<SiteConfig>, (StatusCode, Json<ErrorResponse>)> {
check_auth(&headers, &state.admin_token)?;
let config_path = state.data_dir.join("config.json");
let config_str = serde_json::to_string_pretty(&payload).map_err(|e| {
error!("Serialization error: {}", e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(ErrorResponse {
error: "Serialization error".to_string(),
details: Some(e.to_string()),
}),
)
})?;
fs::write(&config_path, config_str).map_err(|e| {
error!("Write error for config: {}", e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(ErrorResponse {
error: "Write error".to_string(),
details: Some(e.to_string()),
}),
)
})?;
Ok(Json(payload))
}
async fn create_post(
State(state): State<Arc<AppState>>,
headers: HeaderMap,
Json(payload): Json<CreatePostRequest>,
) -> Result<Json<PostDetail>, (StatusCode, Json<ErrorResponse>)> {
check_auth(&headers, &state.admin_token)?;
if payload.slug.contains('/') || payload.slug.contains('\\') || payload.slug.contains("..") {
return Err((
StatusCode::BAD_REQUEST,
Json(ErrorResponse {
error: "Invalid slug".to_string(),
details: None,
}),
));
}
let file_path = state
.data_dir
.join("posts")
.join(format!("{}.md", payload.slug));
fs::write(&file_path, &payload.content).map_err(|e| {
error!("Write error for post {}: {}", payload.slug, e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(ErrorResponse {
error: "Write error".to_string(),
details: Some(e.to_string()),
}),
)
})?;
info!("Post created/updated: {}", payload.slug);
Ok(Json(PostDetail {
slug: payload.slug,
content: payload.content,
}))
}
async fn delete_post(
State(state): State<Arc<AppState>>,
headers: HeaderMap,
Path(slug): Path<String>,
) -> Result<StatusCode, (StatusCode, Json<ErrorResponse>)> {
check_auth(&headers, &state.admin_token)?;
let file_path = state.data_dir.join("posts").join(format!("{}.md", slug));
info!("Attempting to delete post at: {:?}", file_path);
if !file_path.exists() {
warn!("Post not found for deletion: {}", slug);
return Err((
StatusCode::NOT_FOUND,
Json(ErrorResponse {
error: "Post not found".to_string(),
details: None,
}),
));
}
fs::remove_file(file_path).map_err(|e| {
error!("Delete error for post {}: {}", slug, e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(ErrorResponse {
error: "Delete error".to_string(),
details: Some(e.to_string()),
}),
)
})?;
info!("Post deleted: {}", slug);
Ok(StatusCode::NO_CONTENT)
}
async fn list_uploads(
State(state): State<Arc<AppState>>,
headers: HeaderMap,
) -> Result<Json<Vec<FileInfo>>, (StatusCode, Json<ErrorResponse>)> {
check_auth(&headers, &state.admin_token)?;
let uploads_dir = state.data_dir.join("uploads");
let mut files = Vec::new();
if let Ok(entries) = fs::read_dir(uploads_dir) {
for entry in entries.flatten() {
let path = entry.path();
if path.is_file() {
if let Some(name) = path.file_name().and_then(|n| n.to_str()) {
files.push(FileInfo {
name: name.to_string(),
url: format!("/uploads/{}", name),
});
}
}
}
}
Ok(Json(files))
}
async fn list_posts(State(state): State<Arc<AppState>>) -> impl IntoResponse {
let posts_dir = state.data_dir.join("posts");
let mut posts = Vec::new();
if let Ok(entries) = fs::read_dir(posts_dir) {
for entry in entries.flatten() {
let path = entry.path();
if path.extension().and_then(|e| e.to_str()) == Some("md") {
if let Some(slug) = path.file_stem().and_then(|s| s.to_str()) {
let mut excerpt = String::new();
if let Ok(content) = fs::read_to_string(&path) {
// Strip basic markdown hashes and get first ~200 chars
let clean_content = content.replace("#", "").replace("\n", " ");
excerpt = clean_content.chars().take(200).collect::<String>();
if clean_content.len() > 200 {
excerpt.push_str("...");
}
}
posts.push(PostInfo {
slug: slug.to_string(),
excerpt: excerpt.trim().to_string(),
});
}
}
}
}
Json(posts)
}
async fn get_post(
State(state): State<Arc<AppState>>,
Path(slug): Path<String>,
) -> Result<Json<PostDetail>, (StatusCode, Json<ErrorResponse>)> {
let file_path = state.data_dir.join("posts").join(format!("{}.md", slug));
match fs::read_to_string(&file_path) {
Ok(content) => Ok(Json(PostDetail { slug, content })),
Err(_) => Err((
StatusCode::NOT_FOUND,
Json(ErrorResponse {
error: "Post not found".to_string(),
details: None,
}),
)),
}
}
async fn upload_file(
State(state): State<Arc<AppState>>,
headers: HeaderMap,
mut multipart: Multipart,
) -> Result<Json<UploadResponse>, (StatusCode, Json<ErrorResponse>)> {
check_auth(&headers, &state.admin_token)?;
info!("Upload requested");
while let Ok(Some(field)) = multipart.next_field().await {
let file_name = match field.file_name() {
Some(name) => name.to_string(),
None => continue,
};
info!("Processing upload for: {}", file_name);
let slugified_name = slug::slugify(&file_name);
// Handle extension correctly after slugifying
let extension = std::path::Path::new(&file_name)
.extension()
.and_then(|e| e.to_str())
.unwrap_or("");
let final_name = if !extension.is_empty() {
format!("{}.{}", slugified_name, extension)
} else {
slugified_name
};
let uploads_dir = state.data_dir.join("uploads");
let file_path = uploads_dir.join(&final_name);
let final_path = if file_path.exists() {
let timestamp = chrono::Utc::now().timestamp();
uploads_dir.join(format!("{}_{}", timestamp, final_name))
} else {
file_path
};
let final_name_str = final_path
.file_name()
.unwrap()
.to_str()
.unwrap()
.to_string();
let data = match field.bytes().await {
Ok(bytes) => bytes,
Err(e) => {
error!("Failed to read multipart bytes: {}", e);
return Err((
StatusCode::BAD_REQUEST,
Json(ErrorResponse {
error: "Read error".to_string(),
details: Some(e.to_string()),
}),
));
}
};
if let Err(e) = fs::write(&final_path, &data) {
error!("Failed to write file to {:?}: {}", final_path, e);
return Err((
StatusCode::INTERNAL_SERVER_ERROR,
Json(ErrorResponse {
error: "Write error".to_string(),
details: Some(e.to_string()),
}),
));
}
info!("File uploaded successfully to {:?}", final_path);
return Ok(Json(UploadResponse {
url: format!("/uploads/{}", final_name_str),
}));
}
warn!("Upload failed: no file found in multipart stream");
Err((
StatusCode::BAD_REQUEST,
Json(ErrorResponse {
error: "No file found".to_string(),
details: None,
}),
))
}