feat(web): compress assets

ItsNotGoodName · ItsNotGoodName · commit 5b6236cb0593 · 2023-09-14T22:43:23.000-07:00
diff --git a/cmd/smtpbridge/main.go b/cmd/smtpbridge/main.go
@@ -23,6 +23,7 @@ import (
 	"github.com/ItsNotGoodName/smtpbridge/web"
 	"github.com/ItsNotGoodName/smtpbridge/web/helpers"
 	"github.com/ItsNotGoodName/smtpbridge/web/http"
+	"github.com/ItsNotGoodName/smtpbridge/web/session"
 	"github.com/Rican7/lieut"
 	"github.com/gorilla/sessions"
 	"github.com/reugn/go-quartz/quartz"
@@ -170,18 +171,21 @@ func run(flags *flag.FlagSet) lieut.Executor {
 
 		// HTTP
 		if !cfg.HTTPDisable {
+			// HTTP CSRF
 			csrfSecret, err := secret.GetOrCreate(cfg.CSRFSecretPath)
 			if err != nil {
 				return err
 			}
 
+			// HTTP session
 			sessionSecret, err := secret.GetOrCreate(cfg.SessionSecretPath)
 			if err != nil {
 				return err
 			}
+			sessionStore := sessions.NewFilesystemStore(cfg.SessionsDirectory, sessionSecret)
+			session.ConfigureOptions(sessionStore.Options)
 
 			controller := http.NewController(app, cfg.TimeHourFormat)
-			sessionStore := sessions.NewFilesystemStore(cfg.SessionsDirectory, sessionSecret)
 			router := http.NewRouter(controller, app, fileStore, csrfSecret, sessionStore)
 			server := http.NewServer(router, cfg.HTTPAddress)
 			super.Add(server)
diff --git a/web/http/router.go b/web/http/router.go
@@ -1,17 +1,19 @@
 package http
 
 import (
+	"compress/flate"
 	"io/fs"
-	"net/http"
 
 	"github.com/ItsNotGoodName/smtpbridge/internal/core"
+	"github.com/ItsNotGoodName/smtpbridge/pkg/chiext"
 	"github.com/ItsNotGoodName/smtpbridge/web"
 	"github.com/ItsNotGoodName/smtpbridge/web/pages"
 	"github.com/ItsNotGoodName/smtpbridge/web/routes"
-	"github.com/ItsNotGoodName/smtpbridge/web/sessions"
+	"github.com/ItsNotGoodName/smtpbridge/web/session"
 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/chi/v5/middleware"
 	"github.com/gorilla/csrf"
+	"github.com/gorilla/sessions"
 )
 
 const paramID = "{id}"
@@ -25,20 +27,27 @@ func NewRouter(ct pages.Controller, app core.App, fileFS fs.FS, csrfSecret []byt
 	r.Use(middleware.Recoverer)
 	r.Use(csrf.Protect(csrfSecret, csrf.Secure(false), csrf.Path("/")))
 
-	mountWebFS(r, web.FS)
+	r.Group(func(r chi.Router) {
+		r.Use(web.CacheControl)
+		r.Use(middleware.NewCompressor(flate.DefaultCompression, "application/javascript", "text/css").Handler)
+
+		chiext.MountFS(r, web.FS)
+	})
 
-	// Login
+	// Unauthorized
 	r.Group(func(r chi.Router) {
-		r.Use(sessions.AuthRestrict(app, ss))
+		r.Use(session.AuthRestrict(app, ss))
 
+		// Login
 		r.Get(routes.Login().String(),
 			pages.LoginView(ct, app))
 		r.Post(routes.Login().String(),
 			pages.Login(ct, app, ss))
 	})
 
+	// Authorized
 	r.Group(func(r chi.Router) {
-		r.Use(sessions.AuthRequire(app, ss))
+		r.Use(session.AuthRequire(app, ss))
 
 		// Logout
 		r.Delete(routes.Logout().String(),
@@ -134,37 +143,3 @@ func NewRouter(ct pages.Controller, app core.App, fileFS fs.FS, csrfSecret []byt
 
 	return r
 }
-
-func mountWebFS(r chi.Router, f fs.FS) error {
-	fsHandler := http.StripPrefix("/", http.FileServer(http.FS(f)))
-
-	normalFS := func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Cache-Control", "max-age=3600")
-		fsHandler.ServeHTTP(w, r)
-	}
-
-	// Files in assets have a hash
-	assetsFS := func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Cache-Control", "max-age=31536000,immutable")
-		fsHandler.ServeHTTP(w, r)
-	}
-
-	if files, err := fs.ReadDir(f, "."); err == nil {
-		for _, f := range files {
-			name := f.Name()
-			if f.IsDir() {
-				if name == "assets" {
-					r.Get("/"+name+"/*", assetsFS)
-				} else {
-					r.Get("/"+name+"/*", normalFS)
-				}
-			} else {
-				r.Get("/"+name, normalFS)
-			}
-		}
-	} else if err != fs.ErrNotExist {
-		return err
-	}
-
-	return nil
-}
diff --git a/web/pages/pages.go b/web/pages/pages.go
@@ -23,9 +23,10 @@ import (
 	"github.com/ItsNotGoodName/smtpbridge/web/helpers"
 	"github.com/ItsNotGoodName/smtpbridge/web/meta"
 	"github.com/ItsNotGoodName/smtpbridge/web/routes"
-	"github.com/ItsNotGoodName/smtpbridge/web/sessions"
+	"github.com/ItsNotGoodName/smtpbridge/web/session"
 	"github.com/a-h/templ"
 	"github.com/go-chi/chi/v5"
+	"github.com/gorilla/sessions"
 	"github.com/kballard/go-shellquote"
 	"github.com/samber/lo"
 )
@@ -313,7 +314,7 @@ func Login(ct Controller, app core.App, ss sessions.Store) http.HandlerFunc {
 			return
 		}
 
-		err = sessions.AuthLogin(w, r, ss, user.ID)
+		err = session.AuthLogin(w, r, ss, user.ID)
 		if err != nil {
 			handleErr(w, r, err, form)
 			return
@@ -325,7 +326,7 @@ func Login(ct Controller, app core.App, ss sessions.Store) http.HandlerFunc {
 
 func Logout(ct Controller, app core.App, ss sessions.Store) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		err := sessions.AuthLogout(w, r, ss)
+		err := session.AuthLogout(w, r, ss)
 		if err != nil {
 			ct.Error(w, r, err, http.StatusInternalServerError)
 			return
diff --git a/web/session/auth.go b/web/session/auth.go
@@ -1,4 +1,4 @@
-package sessions
+package session
 
 import (
 	"net/http"
@@ -9,17 +9,15 @@ import (
 	"github.com/gorilla/sessions"
 )
 
-type Store = sessions.Store
-
-func AuthLogin(w http.ResponseWriter, r *http.Request, ss Store, id int64) error {
+func AuthLogin(w http.ResponseWriter, r *http.Request, ss sessions.Store, id int64) error {
 	session, _ := ss.New(r, "auth")
 
 	session.Values["id"] = id
 
 	return ss.Save(r, w, session)
 }
 
-func AuthLogout(w http.ResponseWriter, r *http.Request, ss Store) error {
+func AuthLogout(w http.ResponseWriter, r *http.Request, ss sessions.Store) error {
 	session, _ := ss.Get(r, "auth")
 
 	delete(session.Values, "id")
@@ -49,7 +47,7 @@ func AuthRequire(app core.App, ss sessions.Store) func(http.Handler) http.Handle
 	}
 }
 
-func AuthRestrict(app core.App, ss Store) func(http.Handler) http.Handler {
+func AuthRestrict(app core.App, ss sessions.Store) func(http.Handler) http.Handler {
 	return func(h http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			if app.AuthHTTPAnonymous() {
diff --git a/web/session/session.go b/web/session/session.go
@@ -0,0 +1,12 @@
+package session
+
+import (
+	"net/http"
+
+	"github.com/gorilla/sessions"
+)
+
+func ConfigureOptions(opts *sessions.Options) {
+	opts.SameSite = http.SameSiteLaxMode
+	opts.HttpOnly = true
+}
diff --git a/web/web.go b/web/web.go
@@ -5,7 +5,9 @@ import (
 	"context"
 	"io/fs"
 	"mime"
+	"net/http"
 	"path/filepath"
+	"strings"
 
 	"github.com/thejerf/suture/v4"
 )
@@ -43,3 +45,16 @@ func (r Refresher) Serve(ctx context.Context) error {
 	reloadVite()
 	return suture.ErrDoNotRestart
 }
+
+func CacheControl(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if strings.HasPrefix(r.RequestURI, "/assets") {
+			// Files in assets have a hash associated with them
+			w.Header().Set("Cache-Control", "max-age=31536000,immutable")
+		} else {
+			w.Header().Set("Cache-Control", "max-age=3600")
+		}
+
+		h.ServeHTTP(w, r)
+	})
+}
