2025-02-10 08:16:50 -08:00
|
|
|
defmodule BrightWeb.Router do
|
|
|
|
|
use BrightWeb, :router
|
|
|
|
|
|
|
|
|
|
import Oban.Web.Router
|
|
|
|
|
|
|
|
|
|
import BrightWeb.AuthController,
|
|
|
|
|
only: [
|
|
|
|
|
fetch_current_user: 2,
|
2025-02-12 06:09:01 -08:00
|
|
|
require_admin_user: 2,
|
|
|
|
|
require_authenticated_user: 2,
|
|
|
|
|
require_patron_tier_1: 2
|
2025-02-10 08:16:50 -08:00
|
|
|
]
|
|
|
|
|
|
|
|
|
|
pipeline :browser do
|
|
|
|
|
plug(:accepts, ["html", "json", "txt"])
|
|
|
|
|
plug(:fetch_session)
|
|
|
|
|
plug(:fetch_live_flash)
|
|
|
|
|
plug(:fetch_current_user)
|
|
|
|
|
plug(:put_root_layout, html: {BrightWeb.Layouts, :root})
|
|
|
|
|
plug(:protect_from_forgery)
|
|
|
|
|
plug(:put_secure_browser_headers)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
pipeline :api do
|
|
|
|
|
plug(:accepts, ["json"])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
scope "/auth", BrightWeb do
|
|
|
|
|
pipe_through(:browser)
|
|
|
|
|
|
|
|
|
|
live_session :auth_login, on_mount: {BrightWeb.AuthController, :current_user} do
|
|
|
|
|
live("/login", SignInLive, :index)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
get("/logout", AuthController, :delete)
|
|
|
|
|
get("/:provider", AuthController, :request)
|
|
|
|
|
get("/:provider/callback", AuthController, :callback)
|
|
|
|
|
post("/:provider/callback", AuthController, :callback)
|
|
|
|
|
end
|
|
|
|
|
|
2025-02-12 06:09:01 -08:00
|
|
|
## tier 1 protected routes
|
|
|
|
|
scope "/", BrightWeb do
|
|
|
|
|
pipe_through [:browser, :require_authenticated_user, :require_patron_tier_1]
|
|
|
|
|
|
|
|
|
|
resources("/vtubers", VtuberController, only: [:new, :create, :edit, :update])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
## admin protected routes
|
2025-02-10 08:16:50 -08:00
|
|
|
## this section needs to be above the unprotected routes,
|
|
|
|
|
## so routes like "/streams/new" take precedence.
|
|
|
|
|
scope "/", BrightWeb do
|
|
|
|
|
pipe_through [:browser, :require_admin_user]
|
|
|
|
|
# pipe_through [:browser]
|
|
|
|
|
|
|
|
|
|
resources("/streams", StreamController, only: [:new, :create, :edit, :update, :delete])
|
|
|
|
|
|
|
|
|
|
# I think there is something faulty with how I'm calling these nested routes
|
|
|
|
|
# # get "/vods/new", VodController, :new
|
|
|
|
|
# # post "/vods", VodController, :create
|
|
|
|
|
# # delete "/vods/:id", VodController, :delete
|
|
|
|
|
# # get "/vods/:id/edit", VodController, :edit
|
|
|
|
|
# resources "/vods", StreamController, only: [:new, :create, :edit, :update, :delete]
|
|
|
|
|
|
|
|
|
|
# resources "/vt", VtuberController do
|
|
|
|
|
# get "/vods/new", VodController, :new
|
|
|
|
|
# post "/vods", VodController, :create
|
|
|
|
|
# get "/vtubers/:id/edit", VtuberController, :edit
|
|
|
|
|
# end
|
|
|
|
|
|
|
|
|
|
# resources "/vtubers", VtuberController do
|
|
|
|
|
# get "/new", VtuberController, :new
|
|
|
|
|
# post "/", VtuberController, :create
|
|
|
|
|
# get "/vods/new", VodController, :new
|
|
|
|
|
# post "/vods", VodController, :create
|
|
|
|
|
# get "/vtubers/:id/edit", VtuberController, :edit
|
|
|
|
|
# end
|
|
|
|
|
|
|
|
|
|
resources("/vods", VodController, only: [:create, :new, :edit, :update, :delete])
|
2025-02-12 06:09:01 -08:00
|
|
|
resources("/vtubers", VtuberController, only: [:delete])
|
2025-02-10 08:16:50 -08:00
|
|
|
|
2025-02-12 06:09:01 -08:00
|
|
|
resources("/tags", TagController, only: [:new, :create, :edit, :update, :delete])
|
2025-02-10 08:16:50 -08:00
|
|
|
|
2025-02-12 06:09:01 -08:00
|
|
|
resources("/torrents", TorrentController, only: [:new, :create, :edit, :update, :delete])
|
2025-02-10 08:16:50 -08:00
|
|
|
|
|
|
|
|
## !!! DANGER, platforms must only be writable by admins, (unless we implement SVG sanitizing)
|
|
|
|
|
## @todo remove SVGs from the database and instead put them in assets
|
|
|
|
|
resources("/platforms", PlatformController, only: [:new, :create, :edit, :update, :delete])
|
|
|
|
|
|
|
|
|
|
oban_dashboard("/oban")
|
|
|
|
|
end
|
|
|
|
|
|
2025-02-12 06:09:01 -08:00
|
|
|
## tier 0 users can access these routes
|
2025-02-10 08:16:50 -08:00
|
|
|
scope "/", BrightWeb do
|
|
|
|
|
pipe_through(:browser)
|
|
|
|
|
|
|
|
|
|
get("/", PageController, :home)
|
|
|
|
|
get("/patrons", PatronController, :index)
|
|
|
|
|
get("/about", PageController, :about)
|
|
|
|
|
get("/goals", PageController, :about)
|
|
|
|
|
get("/api", PageController, :api)
|
|
|
|
|
|
|
|
|
|
resources("/torrents", TorrentController, only: [:index, :show])
|
|
|
|
|
|
|
|
|
|
get("/streams", StreamController, :index)
|
|
|
|
|
get("/streams/:id", StreamController, :show)
|
|
|
|
|
|
|
|
|
|
get("/vods/:id", VodController, :show)
|
|
|
|
|
get("/vods", VodController, :index)
|
|
|
|
|
|
2025-02-12 06:09:01 -08:00
|
|
|
resources("/tags", TagController, only: [:index, :show])
|
2025-02-10 08:16:50 -08:00
|
|
|
|
|
|
|
|
get("/platforms", PlatformController, :index)
|
|
|
|
|
get("/platforms/:id", PlatformController, :show)
|
|
|
|
|
|
|
|
|
|
resources("/vtubers", VtuberController, only: [:index, :show])
|
|
|
|
|
|
|
|
|
|
resources "/vt", VtuberController do
|
|
|
|
|
get("/vods", VodController, :index)
|
|
|
|
|
get("/vods/:id", VodController, :show)
|
|
|
|
|
end
|
2025-02-12 06:09:01 -08:00
|
|
|
|
|
|
|
|
live_session :authenticated,
|
|
|
|
|
on_mount: [{BrightWeb.AuthController, :ensure_authenticated}] do
|
|
|
|
|
live("/profile", ProfileLive)
|
|
|
|
|
end
|
2025-02-10 08:16:50 -08:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
scope "/feeds", BrightWeb do
|
|
|
|
|
get("/vods.xml", RssController, :vods)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Other scopes may use custom stacks.
|
|
|
|
|
scope "/api", BrightWeb do
|
|
|
|
|
pipe_through(:api)
|
|
|
|
|
resources("/urls", UrlController, except: [:new, :edit])
|
|
|
|
|
get("/health", PageController, :health)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Enable LiveDashboard and Swoosh mailbox preview in development
|
|
|
|
|
if Application.compile_env(:bright, :dev_routes) do
|
|
|
|
|
# If you want to use the LiveDashboard in production, you should put
|
|
|
|
|
# it behind authentication and allow only admins to access it.
|
|
|
|
|
# If your application does not have an admins-only section yet,
|
|
|
|
|
# you can use Plug.BasicAuth to set up some basic authentication
|
|
|
|
|
# as long as you are also using SSL (which you should anyway).
|
|
|
|
|
import Phoenix.LiveDashboard.Router
|
|
|
|
|
|
|
|
|
|
scope "/dev" do
|
|
|
|
|
pipe_through(:browser)
|
|
|
|
|
|
|
|
|
|
live_dashboard("/dashboard", metrics: BrightWeb.Telemetry)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
