forgejo/routers/user/avatar.go
zeripath e6baa656f7
make avatar lookup occur at image request (#10540)
speed up page generation by making avatar lookup occur at the browser
not at page generation

* Protect against evil email address ".."

* hash the complete email address

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-Authored-By: Lauris BH <lauris@nix.lv>
2020-03-27 14:34:39 +02:00

68 lines
1.6 KiB
Go

// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package user
import (
"errors"
"strconv"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
)
// Avatar redirect browser to user avatar of requested size
func Avatar(ctx *context.Context) {
userName := ctx.Params(":username")
size, err := strconv.Atoi(ctx.Params(":size"))
if err != nil {
ctx.ServerError("Invalid avatar size", err)
return
}
log.Debug("Asked avatar for user %v and size %v", userName, size)
var user *models.User
if strings.ToLower(userName) != "ghost" {
user, err = models.GetUserByName(userName)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.ServerError("Requested avatar for invalid user", err)
} else {
ctx.ServerError("Retrieving user by name", err)
}
return
}
} else {
user = models.NewGhostUser()
}
ctx.Redirect(user.RealSizedAvatarLink(size))
}
// AvatarByEmailHash redirects the browser to the appropriate Avatar link
func AvatarByEmailHash(ctx *context.Context) {
hash := ctx.Params(":hash")
if len(hash) == 0 {
ctx.ServerError("invalid avatar hash", errors.New("hash cannot be empty"))
return
}
email, err := models.GetEmailForHash(hash)
if err != nil {
ctx.ServerError("invalid avatar hash", err)
return
}
if len(email) == 0 {
ctx.Redirect(base.DefaultAvatarLink())
return
}
size := ctx.QueryInt("size")
if size == 0 {
size = base.DefaultAvatarSize
}
ctx.Redirect(base.SizedAvatarLinkWithDomain(email, size))
}