32a9170428
All checks were successful
check / check (push) Successful in 1m37s
Refactor Dockerfile to use a separate lint stage with a pinned golangci-lint v2.11.3 Docker image instead of installing golangci-lint via curl in the builder stage. This follows the pattern used by sneak/pixa. Changes: - Dockerfile: separate lint stage using golangci/golangci-lint:v2.11.3 (Debian-based, pinned by sha256) with COPY --from=lint dependency - Bump Go from 1.24 to 1.26.1 (golang:1.26.1-bookworm, pinned) - Bump golangci-lint from v1.64.8 to v2.11.3 - Migrate .golangci.yml from v1 to v2 format (same linters, format only) - All Docker images pinned by sha256 digest - Fix all lint issues from the v2 linter upgrade: - Add package comments to all packages - Add doc comments to all exported types, functions, and methods - Fix unchecked errors (errcheck) - Fix unused parameters (revive) - Fix gosec warnings (MaxBytesReader for form parsing) - Fix staticcheck suggestions (fmt.Fprintf instead of WriteString) - Rename DeliveryTask to Task to avoid stutter (delivery.Task) - Rename shadowed builtin 'max' parameter - Update README.md version requirements
65 lines
1.4 KiB
Go
65 lines
1.4 KiB
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/go-chi/chi"
|
|
)
|
|
|
|
// HandleProfile returns a handler for the user profile page
|
|
func (h *Handlers) HandleProfile() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
// Get username from URL
|
|
requestedUsername := chi.URLParam(r, "username")
|
|
if requestedUsername == "" {
|
|
http.NotFound(w, r)
|
|
|
|
return
|
|
}
|
|
|
|
// Get session
|
|
sess, err := h.session.Get(r)
|
|
if err != nil || !h.session.IsAuthenticated(sess) {
|
|
// Redirect to login if not authenticated
|
|
http.Redirect(w, r, "/pages/login", http.StatusSeeOther)
|
|
|
|
return
|
|
}
|
|
|
|
// Get user info from session
|
|
sessionUsername, ok := h.session.GetUsername(sess)
|
|
if !ok {
|
|
h.log.Error("authenticated session missing username")
|
|
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
|
|
|
return
|
|
}
|
|
|
|
sessionUserID, ok := h.session.GetUserID(sess)
|
|
if !ok {
|
|
h.log.Error("authenticated session missing user ID")
|
|
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
|
|
|
return
|
|
}
|
|
|
|
// For now, only allow users to view their own profile
|
|
if requestedUsername != sessionUsername {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
|
|
return
|
|
}
|
|
|
|
// Prepare data for template
|
|
data := map[string]any{
|
|
"User": &UserInfo{
|
|
ID: sessionUserID,
|
|
Username: sessionUsername,
|
|
},
|
|
}
|
|
|
|
// Render the profile page
|
|
h.renderTemplate(w, r, "profile.html", data)
|
|
}
|
|
}
|