No OneTemporary
Actions

Size

149 KB

Subscribers

None

View Options

	diff --git a/Makefile b/Makefile
	index c39f5fe..c711b7e 100644
	--- a/Makefile
	+++ b/Makefile
	@@ -1,149 +1,149 @@
	GITREV=`git describe \| cut -c 2-`
	LDFLAGS=-ldflags="-s -w -X 'github.com/writefreely/writefreely.softwareVer=$(GITREV)'"

	GOCMD=go
	GOINSTALL=$(GOCMD) install $(LDFLAGS)
	GOBUILD=$(GOCMD) build $(LDFLAGS)
	GOTEST=$(GOCMD) test $(LDFLAGS)
	GOGET=$(GOCMD) get
	BINARY_NAME=writefreely
	BUILDPATH=build/$(BINARY_NAME)
	DOCKERCMD=docker
	IMAGE_NAME=writeas/writefreely
	TMPBIN=./tmp

	all : build

	ci: deps
	cd cmd/writefreely; $(GOBUILD) -v

	build: deps
	cd cmd/writefreely; $(GOBUILD) -v -tags='netgo sqlite'

	build-no-sqlite: deps-no-sqlite
	cd cmd/writefreely; $(GOBUILD) -v -tags='netgo' -o $(BINARY_NAME)

	build-linux: deps
	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
	$(GOCMD) install src.techknowlogick.com/xgo@latest; \
	fi
	- xgo --targets=linux/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely .
	+ xgo --targets=linux/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.21.x -out writefreely -pkg ./cmd/writefreely .

	build-windows: deps
	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
	$(GOCMD) install src.techknowlogick.com/xgo@latest; \
	fi
	- xgo --targets=windows/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely .
	+ xgo --targets=windows/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.21.x -out writefreely -pkg ./cmd/writefreely .

	build-darwin: deps
	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
	$(GOCMD) install src.techknowlogick.com/xgo@latest; \
	fi
	- xgo --targets=darwin/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely .
	+ xgo --targets=darwin/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.21.x -out writefreely -pkg ./cmd/writefreely .

	build-arm6: deps
	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
	$(GOCMD) install src.techknowlogick.com/xgo@latest; \
	fi
	- xgo --targets=linux/arm-6, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely .
	+ xgo --targets=linux/arm-6, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.21.x -out writefreely -pkg ./cmd/writefreely .

	build-arm7: deps
	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
	$(GOCMD) install src.techknowlogick.com/xgo@latest; \
	fi
	- xgo --targets=linux/arm-7, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely .
	+ xgo --targets=linux/arm-7, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.21.x -out writefreely -pkg ./cmd/writefreely .

	build-arm64: deps
	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
	$(GOCMD) install src.techknowlogick.com/xgo@latest; \
	fi
	- xgo --targets=linux/arm64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely .
	+ xgo --targets=linux/arm64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.21.x -out writefreely -pkg ./cmd/writefreely .

	build-docker :
	$(DOCKERCMD) build -t $(IMAGE_NAME):latest -t $(IMAGE_NAME):$(GITREV) .

	test:
	$(GOTEST) -v ./...

	run:
	$(GOINSTALL) -tags='netgo sqlite' ./...
	$(BINARY_NAME) --debug

	deps :
	$(GOGET) -tags='sqlite' -d -v ./...

	deps-no-sqlite:
	$(GOGET) -d -v ./...

	install : build
	cmd/writefreely/$(BINARY_NAME) --config
	cmd/writefreely/$(BINARY_NAME) --gen-keys
	cmd/writefreely/$(BINARY_NAME) --init-db
	cd less/; $(MAKE) install $(MFLAGS)

	release : clean ui
	mkdir -p $(BUILDPATH)
	rsync -av --exclude=".*" templates $(BUILDPATH)
	rsync -av --exclude=".*" pages $(BUILDPATH)
	rsync -av --exclude=".*" static $(BUILDPATH)
	rm -r $(BUILDPATH)/static/local
	scripts/invalidate-css.sh $(BUILDPATH)
	mkdir $(BUILDPATH)/keys
	$(MAKE) build-linux
	mv build/$(BINARY_NAME)-linux-amd64 $(BUILDPATH)/$(BINARY_NAME)
	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_amd64.tar.gz -C build $(BINARY_NAME)
	rm $(BUILDPATH)/$(BINARY_NAME)
	$(MAKE) build-arm6
	mv build/$(BINARY_NAME)-linux-arm-6 $(BUILDPATH)/$(BINARY_NAME)
	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_arm6.tar.gz -C build $(BINARY_NAME)
	rm $(BUILDPATH)/$(BINARY_NAME)
	$(MAKE) build-arm7
	mv build/$(BINARY_NAME)-linux-arm-7 $(BUILDPATH)/$(BINARY_NAME)
	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_arm7.tar.gz -C build $(BINARY_NAME)
	rm $(BUILDPATH)/$(BINARY_NAME)
	$(MAKE) build-arm64
	mv build/$(BINARY_NAME)-linux-arm64 $(BUILDPATH)/$(BINARY_NAME)
	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_arm64.tar.gz -C build $(BINARY_NAME)
	rm $(BUILDPATH)/$(BINARY_NAME)
	$(MAKE) build-darwin
	mv build/$(BINARY_NAME)-darwin-10.12-amd64 $(BUILDPATH)/$(BINARY_NAME)
	tar -cvzf $(BINARY_NAME)_$(GITREV)_macos_amd64.tar.gz -C build $(BINARY_NAME)
	rm $(BUILDPATH)/$(BINARY_NAME)
	$(MAKE) build-windows
	mv build/$(BINARY_NAME)-windows-4.0-amd64.exe $(BUILDPATH)/$(BINARY_NAME).exe
	cd build; zip -r ../$(BINARY_NAME)_$(GITREV)_windows_amd64.zip ./$(BINARY_NAME)
	rm $(BUILDPATH)/$(BINARY_NAME).exe
	$(MAKE) build-docker
	$(MAKE) release-docker

	# This assumes you're on linux/amd64
	release-linux : clean ui
	mkdir -p $(BUILDPATH)
	cp -r templates $(BUILDPATH)
	cp -r pages $(BUILDPATH)
	cp -r static $(BUILDPATH)
	mkdir $(BUILDPATH)/keys
	$(MAKE) build-no-sqlite
	mv cmd/writefreely/$(BINARY_NAME) $(BUILDPATH)/$(BINARY_NAME)
	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_amd64.tar.gz -C build $(BINARY_NAME)

	release-docker :
	$(DOCKERCMD) push $(IMAGE_NAME)

	ui : force_look
	cd less/; $(MAKE) $(MFLAGS)
	cd prose/; $(MAKE) $(MFLAGS)

	$(TMPBIN):
	mkdir -p $(TMPBIN)

	$(TMPBIN)/xgo: deps $(TMPBIN)
	$(GOBUILD) -o $(TMPBIN)/xgo src.techknowlogick.com/xgo

	clean :
	-rm -rf build
	-rm -rf tmp
	cd less/; $(MAKE) clean $(MFLAGS)

	force_look :
	true
	diff --git a/activitypub.go b/activitypub.go
	index 8fb0716..6a3b0a1 100644
	--- a/activitypub.go
	+++ b/activitypub.go
	@@ -1,954 +1,969 @@
	/*
	* Copyright © 2018-2021 Musing Studio LLC.
	*
	* This file is part of WriteFreely.
	*
	* WriteFreely is free software: you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License, included
	* in the LICENSE file in this source code package.
	*/

	package writefreely

	import (
	"bytes"
	"crypto/sha256"
	"database/sql"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"net/http/httputil"
	"net/url"
	"path/filepath"
	"strconv"
	"strings"
	"time"

	"github.com/gorilla/mux"
	"github.com/writeas/activity/streams"
	"github.com/writeas/activityserve"
	"github.com/writeas/httpsig"
	"github.com/writeas/impart"
	"github.com/writeas/web-core/activitypub"
	"github.com/writeas/web-core/activitystreams"
	"github.com/writeas/web-core/id"
	"github.com/writeas/web-core/log"
	"github.com/writeas/web-core/silobridge"
	)

	const (
	// TODO: delete. don't use this!
	apCustomHandleDefault = "blog"

	apCacheTime = time.Minute
	)

	var instanceColl *Collection

	func initActivityPub(app *App) {
	ur, _ := url.Parse(app.cfg.App.Host)
	instanceColl = &Collection{
	ID: 0,
	Alias: ur.Host,
	Title: ur.Host,
	db: app.db,
	hostName: app.cfg.App.Host,
	}
	}

	type RemoteUser struct {
	ID int64
	ActorID string
	Inbox string
	SharedInbox string
	URL string
	Handle string
	Created time.Time
	}

	func (ru *RemoteUser) CreatedFriendly() string {
	return ru.Created.Format("January 2, 2006")
	}

	func (ru *RemoteUser) EstimatedHandle() string {
	if ru.Handle != "" {
	return ru.Handle
	}
	username := filepath.Base(ru.ActorID)
	host, _ := url.Parse(ru.ActorID)
	return username + "@" + host.Host
	}

	func (ru RemoteUser) AsPerson() activitystreams.Person {
	return &activitystreams.Person{
	BaseObject: activitystreams.BaseObject{
	Type: "Person",
	Context: []interface{}{
	activitystreams.Namespace,
	},
	ID: ru.ActorID,
	},
	Inbox: ru.Inbox,
	Endpoints: activitystreams.Endpoints{
	SharedInbox: ru.SharedInbox,
	},
	}
	}

	func activityPubClient() *http.Client {
	return &http.Client{
	Timeout: 15 * time.Second,
	}
	}

	func handleFetchCollectionActivities(app App, w http.ResponseWriter, r http.Request) error {
	w.Header().Set("Server", serverSoftware)

	vars := mux.Vars(r)
	alias := vars["alias"]
	if alias == "" {
	alias = filepath.Base(r.RequestURI)
	}

	// TODO: enforce visibility
	// Get base Collection data
	var c *Collection
	var err error
	if alias == r.Host {
	c = instanceColl
	} else if app.cfg.App.SingleUser {
	c, err = app.db.GetCollectionByID(1)
	} else {
	c, err = app.db.GetCollection(alias)
	}
	if err != nil {
	return err
	}
	c.hostName = app.cfg.App.Host

	if !c.IsInstanceColl() {
	silenced, err := app.db.IsUserSilenced(c.OwnerID)
	if err != nil {
	log.Error("fetch collection activities: %v", err)
	return ErrInternalGeneral
	}
	if silenced {
	return ErrCollectionNotFound
	}
	}

	p := c.PersonObject()

	setCacheControl(w, apCacheTime)
	return impart.RenderActivityJSON(w, p, http.StatusOK)
	}

	func handleFetchCollectionOutbox(app App, w http.ResponseWriter, r http.Request) error {
	w.Header().Set("Server", serverSoftware)

	vars := mux.Vars(r)
	alias := vars["alias"]

	// TODO: enforce visibility
	// Get base Collection data
	var c *Collection
	var err error
	if app.cfg.App.SingleUser {
	c, err = app.db.GetCollectionByID(1)
	} else {
	c, err = app.db.GetCollection(alias)
	}
	if err != nil {
	return err
	}
	silenced, err := app.db.IsUserSilenced(c.OwnerID)
	if err != nil {
	log.Error("fetch collection outbox: %v", err)
	return ErrInternalGeneral
	}
	if silenced {
	return ErrCollectionNotFound
	}
	c.hostName = app.cfg.App.Host

	if app.cfg.App.SingleUser {
	if alias != c.Alias {
	return ErrCollectionNotFound
	}
	}

	res := &CollectionObj{Collection: *c}
	app.db.GetPostsCount(res, false)
	accountRoot := c.FederatedAccount()

	page := r.FormValue("page")
	p, err := strconv.Atoi(page)
	if err != nil \|\| p < 1 {
	// Return outbox
	oc := activitystreams.NewOrderedCollection(accountRoot, "outbox", res.TotalPosts)
	return impart.RenderActivityJSON(w, oc, http.StatusOK)
	}

	// Return outbox page
	ocp := activitystreams.NewOrderedCollectionPage(accountRoot, "outbox", res.TotalPosts, p)
	ocp.OrderedItems = []interface{}{}

	posts, err := app.db.GetPosts(app.cfg, c, p, false, true, false)
	for _, pp := range *posts {
	pp.Collection = res
	o := pp.ActivityObject(app)
	a := activitystreams.NewCreateActivity(o)
	a.Context = nil
	ocp.OrderedItems = append(ocp.OrderedItems, *a)
	}

	setCacheControl(w, apCacheTime)
	return impart.RenderActivityJSON(w, ocp, http.StatusOK)
	}

	func handleFetchCollectionFollowers(app App, w http.ResponseWriter, r http.Request) error {
	w.Header().Set("Server", serverSoftware)

	vars := mux.Vars(r)
	alias := vars["alias"]

	// TODO: enforce visibility
	// Get base Collection data
	var c *Collection
	var err error
	if app.cfg.App.SingleUser {
	c, err = app.db.GetCollectionByID(1)
	} else {
	c, err = app.db.GetCollection(alias)
	}
	if err != nil {
	return err
	}
	silenced, err := app.db.IsUserSilenced(c.OwnerID)
	if err != nil {
	log.Error("fetch collection followers: %v", err)
	return ErrInternalGeneral
	}
	if silenced {
	return ErrCollectionNotFound
	}
	c.hostName = app.cfg.App.Host

	accountRoot := c.FederatedAccount()

	folls, err := app.db.GetAPFollowers(c)
	if err != nil {
	return err
	}

	page := r.FormValue("page")
	p, err := strconv.Atoi(page)
	if err != nil \|\| p < 1 {
	// Return outbox
	oc := activitystreams.NewOrderedCollection(accountRoot, "followers", len(*folls))
	return impart.RenderActivityJSON(w, oc, http.StatusOK)
	}

	// Return outbox page
	ocp := activitystreams.NewOrderedCollectionPage(accountRoot, "followers", len(*folls), p)
	ocp.OrderedItems = []interface{}{}
	/*
	for _, f := range *folls {
	ocp.OrderedItems = append(ocp.OrderedItems, f.ActorID)
	}
	*/
	setCacheControl(w, apCacheTime)
	return impart.RenderActivityJSON(w, ocp, http.StatusOK)
	}

	func handleFetchCollectionFollowing(app App, w http.ResponseWriter, r http.Request) error {
	w.Header().Set("Server", serverSoftware)

	vars := mux.Vars(r)
	alias := vars["alias"]

	// TODO: enforce visibility
	// Get base Collection data
	var c *Collection
	var err error
	if app.cfg.App.SingleUser {
	c, err = app.db.GetCollectionByID(1)
	} else {
	c, err = app.db.GetCollection(alias)
	}
	if err != nil {
	return err
	}
	silenced, err := app.db.IsUserSilenced(c.OwnerID)
	if err != nil {
	log.Error("fetch collection following: %v", err)
	return ErrInternalGeneral
	}
	if silenced {
	return ErrCollectionNotFound
	}
	c.hostName = app.cfg.App.Host

	accountRoot := c.FederatedAccount()

	page := r.FormValue("page")
	p, err := strconv.Atoi(page)
	if err != nil \|\| p < 1 {
	// Return outbox
	oc := activitystreams.NewOrderedCollection(accountRoot, "following", 0)
	return impart.RenderActivityJSON(w, oc, http.StatusOK)
	}

	// Return outbox page
	ocp := activitystreams.NewOrderedCollectionPage(accountRoot, "following", 0, p)
	ocp.OrderedItems = []interface{}{}
	setCacheControl(w, apCacheTime)
	return impart.RenderActivityJSON(w, ocp, http.StatusOK)
	}

	func handleFetchCollectionInbox(app App, w http.ResponseWriter, r http.Request) error {
	w.Header().Set("Server", serverSoftware)

	vars := mux.Vars(r)
	alias := vars["alias"]
	var c *Collection
	var err error
	if app.cfg.App.SingleUser {
	c, err = app.db.GetCollectionByID(1)
	} else {
	c, err = app.db.GetCollection(alias)
	}
	if err != nil {
	// TODO: return Reject?
	return err
	}
	silenced, err := app.db.IsUserSilenced(c.OwnerID)
	if err != nil {
	log.Error("fetch collection inbox: %v", err)
	return ErrInternalGeneral
	}
	if silenced {
	return ErrCollectionNotFound
	}
	c.hostName = app.cfg.App.Host

	if debugging {
	dump, err := httputil.DumpRequest(r, true)
	if err != nil {
	log.Error("Can't dump: %v", err)
	} else {
	log.Info("Rec'd! %q", dump)
	}
	}

	var m map[string]interface{}
	if err := json.NewDecoder(r.Body).Decode(&m); err != nil {
	return err
	}

	a := streams.NewAccept()
	p := c.PersonObject()
	var to *url.URL
	var isFollow, isUnfollow bool
	fullActor := &activitystreams.Person{}
	var remoteUser *RemoteUser

	res := &streams.Resolver{
	FollowCallback: func(f *streams.Follow) error {
	isFollow = true

	// 1) Use the Follow concrete type here
	// 2) Errors are propagated to res.Deserialize call below
	m["@context"] = []string{activitystreams.Namespace}
	b, _ := json.Marshal(m)
	if debugging {
	log.Info("Follow: %s", b)
	}

	_, followID := f.GetId()
	if followID == nil {
	log.Error("Didn't resolve follow ID")
	} else {
	aID := c.FederatedAccount() + "#accept-" + id.GenerateFriendlyRandomString(20)
	acceptID, err := url.Parse(aID)
	if err != nil {
	log.Error("Couldn't parse generated Accept URL '%s': %v", aID, err)
	}
	a.SetId(acceptID)
	}
	a.AppendObject(f.Raw())
	_, to = f.GetActor(0)
	obj := f.Raw().GetObjectIRI(0)
	a.AppendActor(obj)

	// First get actor information
	if to == nil {
	return fmt.Errorf("No valid `to` string")
	}
	fullActor, remoteUser, err = getActor(app, to.String())
	if err != nil {
	return err
	}
	return impart.RenderActivityJSON(w, m, http.StatusOK)
	},
	UndoCallback: func(u *streams.Undo) error {
	isUnfollow = true

	m["@context"] = []string{activitystreams.Namespace}
	b, _ := json.Marshal(m)
	if debugging {
	log.Info("Undo: %s", b)
	}

	a.AppendObject(u.Raw())
	_, to = u.GetActor(0)
	// TODO: get actor from object.object, not object
	obj := u.Raw().GetObjectIRI(0)
	a.AppendActor(obj)
	if to != nil {
	// Populate fullActor from DB?
	remoteUser, err = getRemoteUser(app, to.String())
	if err != nil {
	if iErr, ok := err.(*impart.HTTPError); ok {
	if iErr.Status == http.StatusNotFound {
	log.Error("No remoteuser info for Undo event!")
	}
	}
	return err
	} else {
	fullActor = remoteUser.AsPerson()
	}
	} else {
	log.Error("No to on Undo!")
	}
	return impart.RenderActivityJSON(w, m, http.StatusOK)
	},
	}
	if err := res.Deserialize(m); err != nil {
	// 3) Any errors from #2 can be handled, or the payload is an unknown type.
	log.Error("Unable to resolve Follow: %v", err)
	if debugging {
	log.Error("Map: %s", m)
	}
	return err
	}

	go func() {
	if to == nil {
	if debugging {
	log.Error("No `to` value!")
	}
	return
	}

	time.Sleep(2 * time.Second)
	am, err := a.Serialize()
	if err != nil {
	log.Error("Unable to serialize Accept: %v", err)
	return
	}
	am["@context"] = []string{activitystreams.Namespace}

	err = makeActivityPost(app.cfg.App.Host, p, fullActor.Inbox, am)
	if err != nil {
	log.Error("Unable to make activity POST: %v", err)
	return
	}

	if isFollow {
	t, err := app.db.Begin()
	if err != nil {
	log.Error("Unable to start transaction: %v", err)
	return
	}

	var followerID int64

	if remoteUser != nil {
	followerID = remoteUser.ID
	} else {
	// Add follower locally, since it wasn't found before
	res, err := t.Exec("INSERT INTO remoteusers (actor_id, inbox, shared_inbox, url) VALUES (?, ?, ?, ?)", fullActor.ID, fullActor.Inbox, fullActor.Endpoints.SharedInbox, fullActor.URL)
	if err != nil {
	// if duplicate key, res will be nil and panic on
	// res.LastInsertId below
	t.Rollback()
	log.Error("Couldn't add new remoteuser in DB: %v\n", err)
	return
	}

	followerID, err = res.LastInsertId()
	if err != nil {
	t.Rollback()
	log.Error("no lastinsertid for followers, rolling back: %v", err)
	return
	}

	// Add in key
	_, err = t.Exec("INSERT INTO remoteuserkeys (id, remote_user_id, public_key) VALUES (?, ?, ?)", fullActor.PublicKey.ID, followerID, fullActor.PublicKey.PublicKeyPEM)
	if err != nil {
	if !app.db.isDuplicateKeyErr(err) {
	t.Rollback()
	log.Error("Couldn't add follower keys in DB: %v\n", err)
	return
	}
	}
	}

	// Add follow
	_, err = t.Exec("INSERT INTO remotefollows (collection_id, remote_user_id, created) VALUES (?, ?, "+app.db.now()+")", c.ID, followerID)
	if err != nil {
	if !app.db.isDuplicateKeyErr(err) {
	t.Rollback()
	log.Error("Couldn't add follower in DB: %v\n", err)
	return
	}
	}

	err = t.Commit()
	if err != nil {
	t.Rollback()
	log.Error("Rolling back after Commit(): %v\n", err)
	return
	}
	} else if isUnfollow {
	// Remove follower locally
	_, err = app.db.Exec("DELETE FROM remotefollows WHERE collection_id = ? AND remote_user_id = (SELECT id FROM remoteusers WHERE actor_id = ?)", c.ID, to.String())
	if err != nil {
	log.Error("Couldn't remove follower from DB: %v\n", err)
	}
	}
	}()

	return nil
	}

	func makeActivityPost(hostName string, p *activitystreams.Person, url string, m interface{}) error {
	log.Info("POST %s", url)
	b, err := json.Marshal(m)
	if err != nil {
	return err
	}

	r, _ := http.NewRequest("POST", url, bytes.NewBuffer(b))
	r.Header.Add("Content-Type", "application/activity+json")
	r.Header.Set("User-Agent", ServerUserAgent(hostName))
	h := sha256.New()
	h.Write(b)
	r.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil)))

	// Sign using the 'Signature' header
	privKey, err := activitypub.DecodePrivateKey(p.GetPrivKey())
	if err != nil {
	return err
	}
	signer := httpsig.NewSigner(p.PublicKey.ID, privKey, httpsig.RSASHA256, []string{"(request-target)", "date", "host", "digest"})
	err = signer.SignSigHeader(r)
	if err != nil {
	log.Error("Can't sign: %v", err)
	}

	if debugging {
	dump, err := httputil.DumpRequestOut(r, true)
	if err != nil {
	log.Error("Can't dump: %v", err)
	} else {
	log.Info("%s", dump)
	}
	}

	resp, err := activityPubClient().Do(r)
	if err != nil {
	return err
	}
	if resp != nil && resp.Body != nil {
	defer resp.Body.Close()
	}

	body, err := io.ReadAll(resp.Body)
	if err != nil {
	return err
	}
	if debugging {
	log.Info("Status : %s", resp.Status)
	log.Info("Response: %s", body)
	}

	return nil
	}

	func resolveIRI(hostName, url string) ([]byte, error) {
	log.Info("GET %s", url)

	r, _ := http.NewRequest("GET", url, nil)
	r.Header.Add("Accept", "application/activity+json")
	r.Header.Set("User-Agent", ServerUserAgent(hostName))

	p := instanceColl.PersonObject()
	h := sha256.New()
	h.Write([]byte{})
	r.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil)))

	// Sign using the 'Signature' header
	privKey, err := activitypub.DecodePrivateKey(p.GetPrivKey())
	if err != nil {
	return nil, err
	}
	signer := httpsig.NewSigner(p.PublicKey.ID, privKey, httpsig.RSASHA256, []string{"(request-target)", "date", "host", "digest"})
	err = signer.SignSigHeader(r)
	if err != nil {
	log.Error("Can't sign: %v", err)
	}

	if debugging {
	dump, err := httputil.DumpRequestOut(r, true)
	if err != nil {
	log.Error("Can't dump: %v", err)
	} else {
	log.Info("%s", dump)
	}
	}

	resp, err := activityPubClient().Do(r)
	if err != nil {
	return nil, err
	}
	if resp != nil && resp.Body != nil {
	defer resp.Body.Close()
	}

	body, err := io.ReadAll(resp.Body)
	if err != nil {
	return nil, err
	}
	if debugging {
	log.Info("Status : %s", resp.Status)
	log.Info("Response: %s", body)
	}

	return body, nil
	}

	func deleteFederatedPost(app App, p PublicPost, collID int64) error {
	if debugging {
	log.Info("Deleting federated post!")
	}
	p.Collection.hostName = app.cfg.App.Host
	actor := p.Collection.PersonObject(collID)
	na := p.ActivityObject(app)

	// Add followers
	p.Collection.ID = collID
	followers, err := app.db.GetAPFollowers(&p.Collection.Collection)
	if err != nil {
	log.Error("Couldn't delete post (get followers)! %v", err)
	return err
	}

	inboxes := map[string][]string{}
	for _, f := range *followers {
	inbox := f.SharedInbox
	if inbox == "" {
	inbox = f.Inbox
	}
	if _, ok := inboxes[inbox]; ok {
	inboxes[inbox] = append(inboxes[inbox], f.ActorID)
	} else {
	inboxes[inbox] = []string{f.ActorID}
	}
	}

	for si, instFolls := range inboxes {
	na.CC = []string{}
	na.CC = append(na.CC, instFolls...)
	da := activitystreams.NewDeleteActivity(na)
	// Make the ID unique to ensure it works in Pleroma
	// See: https://git.pleroma.social/pleroma/pleroma/issues/1481
	da.ID += "#Delete"

	err = makeActivityPost(app.cfg.App.Host, actor, si, da)
	if err != nil {
	log.Error("Couldn't delete post! %v", err)
	}
	}
	return nil
	}

	func federatePost(app App, p PublicPost, collID int64, isUpdate bool) error {
	// If app is private, do not federate
	if app.cfg.App.Private {
	return nil
	}

	// Do not federate posts from private or protected blogs
	if p.Collection.Visibility == CollPrivate \|\| p.Collection.Visibility == CollProtected {
	return nil
	}

	if debugging {
	if isUpdate {
	log.Info("Federating updated post!")
	} else {
	log.Info("Federating new post!")
	}
	}

	actor := p.Collection.PersonObject(collID)
	na := p.ActivityObject(app)

	// Add followers
	p.Collection.ID = collID
	followers, err := app.db.GetAPFollowers(&p.Collection.Collection)
	if err != nil {
	log.Error("Couldn't post! %v", err)
	return err
	}
	log.Info("Followers for %d: %+v", collID, followers)

	inboxes := map[string][]string{}
	for _, f := range *followers {
	inbox := f.SharedInbox
	if inbox == "" {
	inbox = f.Inbox
	}
	if _, ok := inboxes[inbox]; ok {
	// check if we're already sending to this shared inbox
	inboxes[inbox] = append(inboxes[inbox], f.ActorID)
	} else {
	// add the new shared inbox to the list
	inboxes[inbox] = []string{f.ActorID}
	}
	}

	var activity *activitystreams.Activity
	// for each one of the shared inboxes
	for si, instFolls := range inboxes {
	// add all followers from that instance
	// to the CC field
	na.CC = []string{}
	na.CC = append(na.CC, instFolls...)
	// create a new "Create" activity
	// with our article as object
	if isUpdate {
	na.Updated = &p.Updated
	activity = activitystreams.NewUpdateActivity(na)
	} else {
	activity = activitystreams.NewCreateActivity(na)
	activity.To = na.To
	activity.CC = na.CC
	}
	// and post it to that sharedInbox
	err = makeActivityPost(app.cfg.App.Host, actor, si, activity)
	if err != nil {
	log.Error("Couldn't post! %v", err)
	}
	}

	// re-create the object so that the CC list gets reset and has
	// the mentioned users. This might seem wasteful but the code is
	// cleaner than adding the mentioned users to CC here instead of
	// in p.ActivityObject()
	na = p.ActivityObject(app)
	for _, tag := range na.Tag {
	if tag.Type == "Mention" {
	activity = activitystreams.NewCreateActivity(na)
	activity.To = na.To
	activity.CC = na.CC
	// This here might be redundant in some cases as we might have already
	// sent this to the sharedInbox of this instance above, but we need too
	// much logic to catch this at the expense of the odd extra request.
	// I don't believe we'd ever have too many mentions in a single post that this
	// could become a burden.
	remoteUser, err := getRemoteUser(app, tag.HRef)
	if err != nil {
	log.Error("Unable to find remote user %s. Skipping: %v", tag.HRef, err)
	continue
	}
	err = makeActivityPost(app.cfg.App.Host, actor, remoteUser.Inbox, activity)
	if err != nil {
	log.Error("Couldn't post! %v", err)
	}
	}
	}

	return nil
	}

	func getRemoteUser(app App, actorID string) (RemoteUser, error) {
	u := RemoteUser{ActorID: actorID}
	var urlVal, handle sql.NullString
	err := app.db.QueryRow("SELECT id, inbox, shared_inbox, url, handle FROM remoteusers WHERE actor_id = ?", actorID).Scan(&u.ID, &u.Inbox, &u.SharedInbox, &urlVal, &handle)
	switch {
	case err == sql.ErrNoRows:
	return nil, impart.HTTPError{http.StatusNotFound, "No remote user with that ID."}
	case err != nil:
	log.Error("Couldn't get remote user %s: %v", actorID, err)
	return nil, err
	}

	u.URL = urlVal.String
	u.Handle = handle.String

	return &u, nil
	}

	// getRemoteUserFromHandle retrieves the profile page of a remote user
	// from the @user@server.tld handle
	func getRemoteUserFromHandle(app App, handle string) (RemoteUser, error) {
	u := RemoteUser{Handle: handle}
	var urlVal sql.NullString
	err := app.db.QueryRow("SELECT id, actor_id, inbox, shared_inbox, url FROM remoteusers WHERE handle = ?", handle).Scan(&u.ID, &u.ActorID, &u.Inbox, &u.SharedInbox, &urlVal)
	switch {
	case err == sql.ErrNoRows:
	return nil, ErrRemoteUserNotFound
	case err != nil:
	log.Error("Couldn't get remote user %s: %v", handle, err)
	return nil, err
	}
	u.URL = urlVal.String
	return &u, nil
	}

	func getActor(app App, actorIRI string) (activitystreams.Person, *RemoteUser, error) {
	log.Info("Fetching actor %s locally", actorIRI)
	actor := &activitystreams.Person{}
	remoteUser, err := getRemoteUser(app, actorIRI)
	if err != nil {
	if iErr, ok := err.(impart.HTTPError); ok {
	if iErr.Status == http.StatusNotFound {
	// Fetch remote actor
	log.Info("Not found; fetching actor %s remotely", actorIRI)
	actorResp, err := resolveIRI(app.cfg.App.Host, actorIRI)
	if err != nil {
	- log.Error("Unable to get actor! %v", err)
	+ log.Error("Unable to get base actor! %v", err)
	return nil, nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't fetch actor."}
	}
	if err := unmarshalActor(actorResp, actor); err != nil {
	- log.Error("Unable to unmarshal actor! %v", err)
	+ log.Error("Unable to unmarshal base actor! %v", err)
	return nil, nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't parse actor."}
	}
	+ baseActor := &activitystreams.Person{}
	+ if err := unmarshalActor(actorResp, baseActor); err != nil {
	+ log.Error("Unable to unmarshal actual actor! %v", err)
	+ return nil, nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't parse actual actor."}
	+ }
	+ // Fetch the actual actor using the owner field from the publicKey object
	+ actualActorResp, err := resolveIRI(app.cfg.App.Host, baseActor.PublicKey.Owner)
	+ if err != nil {
	+ log.Error("Unable to get actual actor! %v", err)
	+ return nil, nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't fetch actual actor."}
	+ }
	+ if err := unmarshalActor(actualActorResp, actor); err != nil {
	+ log.Error("Unable to unmarshal actual actor! %v", err)
	+ return nil, nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't parse actual actor."}
	+ }
	} else {
	return nil, nil, err
	}
	} else {
	return nil, nil, err
	}
	} else {
	actor = remoteUser.AsPerson()
	}
	return actor, remoteUser, nil
	}

	func GetProfileURLFromHandle(app *App, handle string) (string, error) {
	handle = strings.TrimLeft(handle, "@")
	actorIRI := ""
	parts := strings.Split(handle, "@")
	if len(parts) != 2 {
	return "", fmt.Errorf("invalid handle format")
	}
	domain := parts[1]

	// Check non-AP instances
	if siloProfileURL := silobridge.Profile(parts[0], domain); siloProfileURL != "" {
	return siloProfileURL, nil
	}

	remoteUser, err := getRemoteUserFromHandle(app, handle)
	if err != nil {
	// can't find using handle in the table but the table may already have this user without
	// handle from a previous version
	// TODO: Make this determination. We should know whether a user exists without a handle, or doesn't exist at all
	actorIRI = RemoteLookup(handle)
	_, errRemoteUser := getRemoteUser(app, actorIRI)
	// if it exists then we need to update the handle
	if errRemoteUser == nil {
	_, err := app.db.Exec("UPDATE remoteusers SET handle = ? WHERE actor_id = ?", handle, actorIRI)
	if err != nil {
	log.Error("Couldn't update handle '%s' for user %s", handle, actorIRI)
	}
	} else {
	// this probably means we don't have the user in the table so let's try to insert it
	// here we need to ask the server for the inboxes
	remoteActor, err := activityserve.NewRemoteActor(actorIRI)
	if err != nil {
	log.Error("Couldn't fetch remote actor: %v", err)
	}
	if debugging {
	log.Info("Got remote actor: %s %s %s %s %s", actorIRI, remoteActor.GetInbox(), remoteActor.GetSharedInbox(), remoteActor.URL(), handle)
	}
	_, err = app.db.Exec("INSERT INTO remoteusers (actor_id, inbox, shared_inbox, url, handle) VALUES(?, ?, ?, ?, ?)", actorIRI, remoteActor.GetInbox(), remoteActor.GetSharedInbox(), remoteActor.URL(), handle)
	if err != nil {
	log.Error("Couldn't insert remote user: %v", err)
	return "", err
	}
	actorIRI = remoteActor.URL()
	}
	} else if remoteUser.URL == "" {
	log.Info("Remote user %s URL empty, fetching", remoteUser.ActorID)
	newRemoteActor, err := activityserve.NewRemoteActor(remoteUser.ActorID)
	if err != nil {
	log.Error("Couldn't fetch remote actor: %v", err)
	} else {
	_, err := app.db.Exec("UPDATE remoteusers SET url = ? WHERE actor_id = ?", newRemoteActor.URL(), remoteUser.ActorID)
	if err != nil {
	log.Error("Couldn't update handle '%s' for user %s", handle, actorIRI)
	} else {
	actorIRI = newRemoteActor.URL()
	}
	}
	} else {
	actorIRI = remoteUser.URL
	}
	return actorIRI, nil
	}

	// unmarshal actor normalizes the actor response to conform to
	// the type Person from github.com/writeas/web-core/activitysteams
	//
	// some implementations return different context field types
	// this converts any non-slice contexts into a slice
	func unmarshalActor(actorResp []byte, actor *activitystreams.Person) error {
	// FIXME: Hubzilla has an object for the Actor's url: cannot unmarshal object into Go struct field Person.url of type string

	// flexActor overrides the Context field to allow
	// all valid representations during unmarshal
	flexActor := struct {
	activitystreams.Person
	Context json.RawMessage `json:"@context,omitempty"`
	}{}
	if err := json.Unmarshal(actorResp, &flexActor); err != nil {
	return err
	}

	actor.Endpoints = flexActor.Endpoints
	actor.Followers = flexActor.Followers
	actor.Following = flexActor.Following
	actor.ID = flexActor.ID
	actor.Icon = flexActor.Icon
	actor.Inbox = flexActor.Inbox
	actor.Name = flexActor.Name
	actor.Outbox = flexActor.Outbox
	actor.PreferredUsername = flexActor.PreferredUsername
	actor.PublicKey = flexActor.PublicKey
	actor.Summary = flexActor.Summary
	actor.Type = flexActor.Type
	actor.URL = flexActor.URL

	func(val interface{}) {
	switch val.(type) {
	case []interface{}:
	// already a slice, do nothing
	actor.Context = val.([]interface{})
	default:
	actor.Context = []interface{}{val}
	}
	}(flexActor.Context)

	return nil
	}

	func setCacheControl(w http.ResponseWriter, ttl time.Duration) {
	w.Header().Set("Cache-Control", fmt.Sprintf("public, max-age=%.0f", ttl.Seconds()))
	}
	diff --git a/app.go b/app.go
	index 43a5c09..7630254 100644
	--- a/app.go
	+++ b/app.go
	@@ -1,1003 +1,1003 @@
	/*
	* Copyright © 2018-2021 Musing Studio LLC.
	*
	* This file is part of WriteFreely.
	*
	* WriteFreely is free software: you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License, included
	* in the LICENSE file in this source code package.
	*/

	package writefreely

	import (
	"crypto/tls"
	"database/sql"
	_ "embed"
	"fmt"
	"html/template"
	"net"
	"net/http"
	"net/url"
	"os"
	"os/signal"
	"path/filepath"
	"regexp"
	"strings"
	"syscall"
	"time"

	"github.com/gorilla/mux"
	"github.com/gorilla/schema"
	"github.com/gorilla/sessions"
	"github.com/manifoldco/promptui"
	stripmd "github.com/writeas/go-strip-markdown/v2"
	"github.com/writeas/impart"
	"github.com/writeas/web-core/auth"
	"github.com/writeas/web-core/converter"
	"github.com/writeas/web-core/log"
	"golang.org/x/crypto/acme/autocert"

	"github.com/writefreely/writefreely/author"
	"github.com/writefreely/writefreely/config"
	"github.com/writefreely/writefreely/key"
	"github.com/writefreely/writefreely/migrations"
	"github.com/writefreely/writefreely/page"
	)

	const (
	staticDir = "static"
	assumedTitleLen = 80
	postsPerPage = 10

	serverSoftware = "WriteFreely"
	softwareURL = "https://writefreely.org"
	)

	var (
	debugging bool

	// Software version can be set from git env using -ldflags
	- softwareVer = "0.15.0"
	+ softwareVer = "0.15.1"

	// DEPRECATED VARS
	isSingleUser bool
	)

	// App holds data and configuration for an individual WriteFreely instance.
	type App struct {
	router *mux.Router
	shttp *http.ServeMux
	db *datastore
	cfg *config.Config
	cfgFile string
	keys *key.Keychain
	sessionStore sessions.Store
	formDecoder *schema.Decoder
	updates *updatesCache

	timeline *localTimeline
	}

	// DB returns the App's datastore
	func (app App) DB() datastore {
	return app.db
	}

	// Router returns the App's router
	func (app App) Router() mux.Router {
	return app.router
	}

	// Config returns the App's current configuration.
	func (app App) Config() config.Config {
	return app.cfg
	}

	// SetConfig updates the App's Config to the given value.
	func (app App) SetConfig(cfg config.Config) {
	app.cfg = cfg
	}

	// SetKeys updates the App's Keychain to the given value.
	func (app App) SetKeys(k key.Keychain) {
	app.keys = k
	}

	func (app *App) SessionStore() sessions.Store {
	return app.sessionStore
	}

	func (app *App) SetSessionStore(s sessions.Store) {
	app.sessionStore = s
	}

	// Apper is the interface for getting data into and out of a WriteFreely
	// instance (or "App").
	//
	// App returns the App for the current instance.
	//
	// LoadConfig reads an app configuration into the App, returning any error
	// encountered.
	//
	// SaveConfig persists the current App configuration.
	//
	// LoadKeys reads the App's encryption keys and loads them into its
	// key.Keychain.
	type Apper interface {
	App() *App

	LoadConfig() error
	SaveConfig(*config.Config) error

	LoadKeys() error

	ReqLog(r *http.Request, status int, timeSince time.Duration) string
	}

	// App returns the App
	func (app App) App() App {
	return app
	}

	// LoadConfig loads and parses a config file.
	func (app *App) LoadConfig() error {
	log.Info("Loading %s configuration...", app.cfgFile)
	cfg, err := config.Load(app.cfgFile)
	if err != nil {
	log.Error("Unable to load configuration: %v", err)
	os.Exit(1)
	return err
	}
	app.cfg = cfg
	return nil
	}

	// SaveConfig saves the given Config to disk -- namely, to the App's cfgFile.
	func (app App) SaveConfig(c config.Config) error {
	return config.Save(c, app.cfgFile)
	}

	// LoadKeys reads all needed keys from disk into the App. In order to use the
	// configured `Server.KeysParentDir`, you must call initKeyPaths(App) before
	// this.
	func (app *App) LoadKeys() error {
	var err error
	app.keys = &key.Keychain{}

	if debugging {
	log.Info(" %s", emailKeyPath)
	}

	executable, err := os.Executable()
	if err != nil {
	executable = "writefreely"
	} else {
	executable = filepath.Base(executable)
	}

	app.keys.EmailKey, err = os.ReadFile(emailKeyPath)
	if err != nil {
	return err
	}

	if debugging {
	log.Info(" %s", cookieAuthKeyPath)
	}
	app.keys.CookieAuthKey, err = os.ReadFile(cookieAuthKeyPath)
	if err != nil {
	return err
	}

	if debugging {
	log.Info(" %s", cookieKeyPath)
	}
	app.keys.CookieKey, err = os.ReadFile(cookieKeyPath)
	if err != nil {
	return err
	}

	if debugging {
	log.Info(" %s", csrfKeyPath)
	}
	app.keys.CSRFKey, err = os.ReadFile(csrfKeyPath)
	if err != nil {
	if os.IsNotExist(err) {
	log.Error(`Missing key: %s.

	Run this command to generate missing keys:
	%s keys generate

	`, csrfKeyPath, executable)
	}
	return err
	}

	return nil
	}

	func (app App) ReqLog(r http.Request, status int, timeSince time.Duration) string {
	return fmt.Sprintf("\"%s %s\" %d %s \"%s\"", r.Method, r.RequestURI, status, timeSince, r.UserAgent())
	}

	// handleViewHome shows page at root path. It checks the configuration and
	// authentication state to show the correct page.
	func handleViewHome(app App, w http.ResponseWriter, r http.Request) error {
	if app.cfg.App.SingleUser {
	// Render blog index
	return handleViewCollection(app, w, r)
	}

	// Multi-user instance
	forceLanding := r.FormValue("landing") == "1"
	if !forceLanding {
	// Show correct page based on user auth status and configured landing path
	u := getUserSession(app, r)

	if app.cfg.App.Chorus {
	// This instance is focused on reading, so show Reader on home route if not
	// private or a private-instance user is logged in.
	if !app.cfg.App.Private \|\| u != nil {
	return viewLocalTimeline(app, w, r)
	}
	}

	if u != nil {
	// User is logged in, so show the Pad
	return handleViewPad(app, w, r)
	}

	if app.cfg.App.Private {
	return viewLogin(app, w, r)
	}

	if land := app.cfg.App.LandingPath(); land != "/" {
	return impart.HTTPError{http.StatusFound, land}
	}
	}

	return handleViewLanding(app, w, r)
	}

	func handleViewLanding(app App, w http.ResponseWriter, r http.Request) error {
	forceLanding := r.FormValue("landing") == "1"

	p := struct {
	page.StaticPage
	*OAuthButtons
	Flashes []template.HTML
	Banner template.HTML
	Content template.HTML

	ForcedLanding bool
	}{
	StaticPage: pageForReq(app, r),
	OAuthButtons: NewOAuthButtons(app.Config()),
	ForcedLanding: forceLanding,
	}

	banner, err := getLandingBanner(app)
	if err != nil {
	log.Error("unable to get landing banner: %v", err)
	return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get banner: %v", err)}
	}
	p.Banner = template.HTML(applyMarkdown([]byte(banner.Content), "", app.cfg))

	content, err := getLandingBody(app)
	if err != nil {
	log.Error("unable to get landing content: %v", err)
	return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get content: %v", err)}
	}
	p.Content = template.HTML(applyMarkdown([]byte(content.Content), "", app.cfg))

	// Get error messages
	session, err := app.sessionStore.Get(r, cookieName)
	if err != nil {
	// Ignore this
	log.Error("Unable to get session in handleViewHome; ignoring: %v", err)
	}
	flashes, _ := getSessionFlashes(app, w, r, session)
	for _, flash := range flashes {
	p.Flashes = append(p.Flashes, template.HTML(flash))
	}

	// Show landing page
	return renderPage(w, "landing.tmpl", p)
	}

	func handleTemplatedPage(app App, w http.ResponseWriter, r http.Request, t *template.Template) error {
	p := struct {
	page.StaticPage
	ContentTitle string
	Content template.HTML
	PlainContent string
	Updated string

	AboutStats *InstanceStats
	}{
	StaticPage: pageForReq(app, r),
	}
	if r.URL.Path == "/about" \|\| r.URL.Path == "/contact" \|\| r.URL.Path == "/privacy" {
	var c *instanceContent
	var err error

	if r.URL.Path == "/about" {
	c, err = getAboutPage(app)

	// Fetch stats
	p.AboutStats = &InstanceStats{}
	p.AboutStats.NumPosts, _ = app.db.GetTotalPosts()
	p.AboutStats.NumBlogs, _ = app.db.GetTotalCollections()
	} else if r.URL.Path == "/contact" {
	c, err = getContactPage(app)
	if c.Updated.IsZero() {
	// Page was never set up, so return 404
	return ErrPostNotFound
	}
	} else {
	c, err = getPrivacyPage(app)
	}

	if err != nil {
	return err
	}
	p.ContentTitle = c.Title.String
	p.Content = template.HTML(applyMarkdown([]byte(c.Content), "", app.cfg))
	p.PlainContent = shortPostDescription(stripmd.Strip(c.Content))
	if !c.Updated.IsZero() {
	p.Updated = c.Updated.Format("January 2, 2006")
	}
	}

	// Serve templated page
	err := t.ExecuteTemplate(w, "base", p)
	if err != nil {
	log.Error("Unable to render page: %v", err)
	}
	return nil
	}

	func pageForReq(app App, r http.Request) page.StaticPage {
	p := page.StaticPage{
	AppCfg: app.cfg.App,
	Path: r.URL.Path,
	Version: "v" + softwareVer,
	}

	// Use custom style, if file exists
	if _, err := os.Stat(filepath.Join(app.cfg.Server.StaticParentDir, staticDir, "local", "custom.css")); err == nil {
	p.CustomCSS = true
	}

	// Add user information, if given
	var u *User
	accessToken := r.FormValue("t")
	if accessToken != "" {
	userID := app.db.GetUserID(accessToken)
	if userID != -1 {
	var err error
	u, err = app.db.GetUserByID(userID)
	if err == nil {
	p.Username = u.Username
	}
	}
	} else {
	u = getUserSession(app, r)
	if u != nil {
	p.Username = u.Username
	p.IsAdmin = u != nil && u.IsAdmin()
	p.CanInvite = canUserInvite(app.cfg, p.IsAdmin)
	}
	}
	p.CanViewReader = !app.cfg.App.Private \|\| u != nil

	return p
	}

	var fileRegex = regexp.MustCompile("/([^/]\\.[^/])$")

	// Initialize loads the app configuration and initializes templates, keys,
	// session, route handlers, and the database connection.
	func Initialize(apper Apper, debug bool) (*App, error) {
	debugging = debug

	apper.LoadConfig()

	// Load templates
	err := InitTemplates(apper.App().Config())
	if err != nil {
	return nil, fmt.Errorf("load templates: %s", err)
	}

	// Load keys and set up session
	initKeyPaths(apper.App()) // TODO: find a better way to do this, since it's unneeded in all Apper implementations
	err = InitKeys(apper)
	if err != nil {
	return nil, fmt.Errorf("init keys: %s", err)
	}
	apper.App().InitUpdates()

	apper.App().InitSession()

	apper.App().InitDecoder()

	err = ConnectToDatabase(apper.App())
	if err != nil {
	return nil, fmt.Errorf("connect to DB: %s", err)
	}

	initActivityPub(apper.App())

	if apper.App().cfg.Email.Domain != "" \|\| apper.App().cfg.Email.MailgunPrivate != "" {
	if apper.App().cfg.Email.Domain == "" {
	log.Error("[FAILED] Starting publish jobs queue: no [letters]domain config value set.")
	} else if apper.App().cfg.Email.MailgunPrivate == "" {
	log.Error("[FAILED] Starting publish jobs queue: no [letters]mailgun_private config value set.")
	} else {
	log.Info("Starting publish jobs queue...")
	go startPublishJobsQueue(apper.App())
	}
	}

	// Handle local timeline, if enabled
	if apper.App().cfg.App.LocalTimeline {
	log.Info("Initializing local timeline...")
	initLocalTimeline(apper.App())
	}

	return apper.App(), nil
	}

	func Serve(app App, r mux.Router) {
	log.Info("Going to serve...")

	isSingleUser = app.cfg.App.SingleUser
	app.cfg.Server.Dev = debugging

	// Handle shutdown
	c := make(chan os.Signal, 2)
	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
	go func() {
	<-c
	log.Info("Shutting down...")
	shutdown(app)
	log.Info("Done.")
	os.Exit(0)
	}()

	// Start gopher server
	if app.cfg.Server.GopherPort > 0 && !app.cfg.App.Private {
	go initGopher(app)
	}

	// Start web application server
	var bindAddress = app.cfg.Server.Bind
	if bindAddress == "" {
	bindAddress = "localhost"
	}
	var err error
	if app.cfg.IsSecureStandalone() {
	if app.cfg.Server.Autocert {
	m := &autocert.Manager{
	Prompt: autocert.AcceptTOS,
	Cache: autocert.DirCache(app.cfg.Server.TLSCertPath),
	}
	host, err := url.Parse(app.cfg.App.Host)
	if err != nil {
	log.Error("[WARNING] Unable to parse configured host! %s", err)
	log.Error(`[WARNING] ALL hosts are allowed, which can open you to an attack where
	clients connect to a server by IP address and pretend to be asking for an
	incorrect host name, and cause you to reach the CA's rate limit for certificate
	requests. We recommend supplying a valid host name.`)
	log.Info("Using autocert on ANY host")
	} else {
	log.Info("Using autocert on host %s", host.Host)
	m.HostPolicy = autocert.HostWhitelist(host.Host)
	}
	s := &http.Server{
	Addr: ":https",
	Handler: r,
	TLSConfig: &tls.Config{
	GetCertificate: m.GetCertificate,
	},
	}
	s.SetKeepAlivesEnabled(false)

	go func() {
	log.Info("Serving redirects on http://%s:80", bindAddress)
	err = http.ListenAndServe(":80", m.HTTPHandler(nil))
	log.Error("Unable to start redirect server: %v", err)
	}()

	log.Info("Serving on https://%s:443", bindAddress)
	log.Info("---")
	err = s.ListenAndServeTLS("", "")
	} else {
	go func() {
	log.Info("Serving redirects on http://%s:80", bindAddress)
	err = http.ListenAndServe(fmt.Sprintf("%s:80", bindAddress), http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
	http.Redirect(w, r, app.cfg.App.Host, http.StatusMovedPermanently)
	}))
	log.Error("Unable to start redirect server: %v", err)
	}()

	log.Info("Serving on https://%s:443", bindAddress)
	log.Info("Using manual certificates")
	log.Info("---")
	err = http.ListenAndServeTLS(fmt.Sprintf("%s:443", bindAddress), app.cfg.Server.TLSCertPath, app.cfg.Server.TLSKeyPath, r)
	}
	} else {
	network := "tcp"
	protocol := "http"
	if strings.HasPrefix(bindAddress, "/") {
	network = "unix"
	protocol = "http+unix"

	// old sockets will remain after server closes;
	// we need to delete them in order to open new ones
	err = os.Remove(bindAddress)
	if err != nil && !os.IsNotExist(err) {
	log.Error("%s already exists but could not be removed: %v", bindAddress, err)
	os.Exit(1)
	}
	} else {
	bindAddress = fmt.Sprintf("%s:%d", bindAddress, app.cfg.Server.Port)
	}

	log.Info("Serving on %s://%s", protocol, bindAddress)
	log.Info("---")
	listener, err := net.Listen(network, bindAddress)
	if err != nil {
	log.Error("Could not bind to address: %v", err)
	os.Exit(1)
	}

	if network == "unix" {
	err = os.Chmod(bindAddress, 0o666)
	if err != nil {
	log.Error("Could not update socket permissions: %v", err)
	os.Exit(1)
	}
	}

	defer listener.Close()
	err = http.Serve(listener, r)
	}
	if err != nil {
	log.Error("Unable to start: %v", err)
	os.Exit(1)
	}
	}

	func (app *App) InitDecoder() {
	// TODO: do this at the package level, instead of the App level
	// Initialize modules
	app.formDecoder = schema.NewDecoder()
	app.formDecoder.RegisterConverter(converter.NullJSONString{}, converter.ConvertJSONNullString)
	app.formDecoder.RegisterConverter(converter.NullJSONBool{}, converter.ConvertJSONNullBool)
	app.formDecoder.RegisterConverter(sql.NullString{}, converter.ConvertSQLNullString)
	app.formDecoder.RegisterConverter(sql.NullBool{}, converter.ConvertSQLNullBool)
	app.formDecoder.RegisterConverter(sql.NullInt64{}, converter.ConvertSQLNullInt64)
	app.formDecoder.RegisterConverter(sql.NullFloat64{}, converter.ConvertSQLNullFloat64)
	}

	// ConnectToDatabase validates and connects to the configured database, then
	// tests the connection.
	func ConnectToDatabase(app *App) error {
	// Check database configuration
	if app.cfg.Database.Type == driverMySQL && app.cfg.Database.User == "" {
	return fmt.Errorf("Database user not set.")
	}
	if app.cfg.Database.Host == "" {
	app.cfg.Database.Host = "localhost"
	}
	if app.cfg.Database.Database == "" {
	app.cfg.Database.Database = "writefreely"
	}

	// TODO: check err
	connectToDatabase(app)

	// Test database connection
	err := app.db.Ping()
	if err != nil {
	return fmt.Errorf("Database ping failed: %s", err)
	}

	return nil
	}

	// FormatVersion constructs the version string for the application
	func FormatVersion() string {
	return serverSoftware + " " + softwareVer
	}

	// OutputVersion prints out the version of the application.
	func OutputVersion() {
	fmt.Println(FormatVersion())
	}

	// NewApp creates a new app instance.
	func NewApp(cfgFile string) *App {
	return &App{
	cfgFile: cfgFile,
	}
	}

	// CreateConfig creates a default configuration and saves it to the app's cfgFile.
	func CreateConfig(app *App) error {
	log.Info("Creating configuration...")
	c := config.New()
	log.Info("Saving configuration %s...", app.cfgFile)
	err := config.Save(c, app.cfgFile)
	if err != nil {
	return fmt.Errorf("Unable to save configuration: %v", err)
	}
	return nil
	}

	// DoConfig runs the interactive configuration process.
	func DoConfig(app *App, configSections string) {
	if configSections == "" {
	configSections = "server db app"
	}
	// let's check there aren't any garbage in the list
	configSectionsArray := strings.Split(configSections, " ")
	for _, element := range configSectionsArray {
	if element != "server" && element != "db" && element != "app" {
	log.Error("Invalid argument to --sections. Valid arguments are only \"server\", \"db\" and \"app\"")
	os.Exit(1)
	}
	}
	d, err := config.Configure(app.cfgFile, configSections)
	if err != nil {
	log.Error("Unable to configure: %v", err)
	os.Exit(1)
	}
	app.cfg = d.Config
	connectToDatabase(app)
	defer shutdown(app)

	if !app.db.DatabaseInitialized() {
	err = adminInitDatabase(app)
	if err != nil {
	log.Error(err.Error())
	os.Exit(1)
	}
	} else {
	log.Info("Database already initialized.")
	}

	if d.User != nil {
	u := &User{
	Username: d.User.Username,
	HashedPass: d.User.HashedPass,
	Created: time.Now().Truncate(time.Second).UTC(),
	}

	// Create blog
	log.Info("Creating user %s...\n", u.Username)
	err = app.db.CreateUser(app.cfg, u, app.cfg.App.SiteName, "")
	if err != nil {
	log.Error("Unable to create user: %s", err)
	os.Exit(1)
	}
	log.Info("Done!")
	}
	os.Exit(0)
	}

	// GenerateKeyFiles creates app encryption keys and saves them into the configured KeysParentDir.
	func GenerateKeyFiles(app *App) error {
	// Read keys path from config
	app.LoadConfig()

	// Create keys dir if it doesn't exist yet
	fullKeysDir := filepath.Join(app.cfg.Server.KeysParentDir, keysDir)
	if _, err := os.Stat(fullKeysDir); os.IsNotExist(err) {
	err = os.Mkdir(fullKeysDir, 0700)
	if err != nil {
	return err
	}
	}

	// Generate keys
	initKeyPaths(app)
	// TODO: use something like https://github.com/hashicorp/go-multierror to return errors
	var keyErrs error
	err := generateKey(emailKeyPath)
	if err != nil {
	keyErrs = err
	}
	err = generateKey(cookieAuthKeyPath)
	if err != nil {
	keyErrs = err
	}
	err = generateKey(cookieKeyPath)
	if err != nil {
	keyErrs = err
	}
	err = generateKey(csrfKeyPath)
	if err != nil {
	keyErrs = err
	}

	return keyErrs
	}

	// CreateSchema creates all database tables needed for the application.
	func CreateSchema(apper Apper) error {
	apper.LoadConfig()
	connectToDatabase(apper.App())
	defer shutdown(apper.App())
	err := adminInitDatabase(apper.App())
	if err != nil {
	return err
	}
	return nil
	}

	// Migrate runs all necessary database migrations.
	func Migrate(apper Apper) error {
	apper.LoadConfig()
	connectToDatabase(apper.App())
	defer shutdown(apper.App())

	err := migrations.Migrate(migrations.NewDatastore(apper.App().db.DB, apper.App().db.driverName))
	if err != nil {
	return fmt.Errorf("migrate: %s", err)
	}
	return nil
	}

	// ResetPassword runs the interactive password reset process.
	func ResetPassword(apper Apper, username string) error {
	// Connect to the database
	apper.LoadConfig()
	connectToDatabase(apper.App())
	defer shutdown(apper.App())

	// Fetch user
	u, err := apper.App().db.GetUserForAuth(username)
	if err != nil {
	log.Error("Get user: %s", err)
	os.Exit(1)
	}

	// Prompt for new password
	prompt := promptui.Prompt{
	Templates: &promptui.PromptTemplates{
	Success: "{{ . \| bold \| faint }}: ",
	},
	Label: "New password",
	Mask: '*',
	}
	newPass, err := prompt.Run()
	if err != nil {
	log.Error("%s", err)
	os.Exit(1)
	}

	// Do the update
	log.Info("Updating...")
	err = adminResetPassword(apper.App(), u, newPass)
	if err != nil {
	log.Error("%s", err)
	os.Exit(1)
	}
	log.Info("Success.")
	return nil
	}

	// DoDeleteAccount runs the confirmation and account delete process.
	func DoDeleteAccount(apper Apper, username string) error {
	// Connect to the database
	apper.LoadConfig()
	connectToDatabase(apper.App())
	defer shutdown(apper.App())

	// check user exists
	u, err := apper.App().db.GetUserForAuth(username)
	if err != nil {
	log.Error("%s", err)
	os.Exit(1)
	}
	userID := u.ID

	// do not delete the admin account
	// TODO: check for other admins and skip?
	if u.IsAdmin() {
	log.Error("Can not delete admin account")
	os.Exit(1)
	}

	// confirm deletion, w/ w/out posts
	prompt := promptui.Prompt{
	Templates: &promptui.PromptTemplates{
	Success: "{{ . \| bold \| faint }}: ",
	},
	Label: fmt.Sprintf("Really delete user : %s", username),
	IsConfirm: true,
	}
	_, err = prompt.Run()
	if err != nil {
	log.Info("Aborted...")
	os.Exit(0)
	}

	log.Info("Deleting...")
	err = apper.App().db.DeleteAccount(userID)
	if err != nil {
	log.Error("%s", err)
	os.Exit(1)
	}
	log.Info("Success.")
	return nil
	}

	func connectToDatabase(app *App) {
	log.Info("Connecting to %s database...", app.cfg.Database.Type)

	var db *sql.DB
	var err error
	if app.cfg.Database.Type == driverMySQL {
	db, err = sql.Open(app.cfg.Database.Type, fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8mb4&parseTime=true&loc=%s&tls=%t", app.cfg.Database.User, app.cfg.Database.Password, app.cfg.Database.Host, app.cfg.Database.Port, app.cfg.Database.Database, url.QueryEscape(time.Local.String()), app.cfg.Database.TLS))
	db.SetMaxOpenConns(50)
	} else if app.cfg.Database.Type == driverSQLite {
	if !SQLiteEnabled {
	log.Error("Invalid database type '%s'. Binary wasn't compiled with SQLite3 support.", app.cfg.Database.Type)
	os.Exit(1)
	}
	if app.cfg.Database.FileName == "" {
	log.Error("SQLite database filename value in config.ini is empty.")
	os.Exit(1)
	}
	db, err = sql.Open("sqlite3_with_regex", app.cfg.Database.FileName+"?parseTime=true&cached=shared")
	db.SetMaxOpenConns(2)
	} else {
	log.Error("Invalid database type '%s'. Only 'mysql' and 'sqlite3' are supported right now.", app.cfg.Database.Type)
	os.Exit(1)
	}
	if err != nil {
	log.Error("%s", err)
	os.Exit(1)
	}
	app.db = &datastore{db, app.cfg.Database.Type}
	}

	func shutdown(app *App) {
	log.Info("Closing database connection...")
	app.db.Close()
	if strings.HasPrefix(app.cfg.Server.Bind, "/") {
	// Clean up socket
	log.Info("Removing socket file...")
	err := os.Remove(app.cfg.Server.Bind)
	if err != nil {
	log.Error("Unable to remove socket: %s", err)
	os.Exit(1)
	}
	log.Info("Success.")
	}
	}

	// CreateUser creates a new admin or normal user from the given credentials.
	func CreateUser(apper Apper, username, password string, isAdmin bool) error {
	// Create an admin user with --create-admin
	apper.LoadConfig()
	connectToDatabase(apper.App())
	defer shutdown(apper.App())

	// Ensure an admin / first user doesn't already exist
	firstUser, _ := apper.App().db.GetUserByID(1)
	if isAdmin {
	// Abort if trying to create admin user, but one already exists
	if firstUser != nil {
	return fmt.Errorf("Admin user already exists (%s). Create a regular user with: writefreely --create-user", firstUser.Username)
	}
	} else {
	// Abort if trying to create regular user, but no admin exists yet
	if firstUser == nil {
	return fmt.Errorf("No admin user exists yet. Create an admin first with: writefreely --create-admin")
	}
	}

	// Create the user
	// Normalize and validate username
	desiredUsername := username
	username = getSlug(username, "")

	usernameDesc := username
	if username != desiredUsername {
	usernameDesc += " (originally: " + desiredUsername + ")"
	}

	if !author.IsValidUsername(apper.App().cfg, username) {
	return fmt.Errorf("Username %s is invalid, reserved, or shorter than configured minimum length (%d characters).", usernameDesc, apper.App().cfg.App.MinUsernameLen)
	}

	// Hash the password
	hashedPass, err := auth.HashPass([]byte(password))
	if err != nil {
	return fmt.Errorf("Unable to hash password: %v", err)
	}

	u := &User{
	Username: username,
	HashedPass: hashedPass,
	Created: time.Now().Truncate(time.Second).UTC(),
	}

	userType := "user"
	if isAdmin {
	userType = "admin"
	}
	log.Info("Creating %s %s...", userType, usernameDesc)
	err = apper.App().db.CreateUser(apper.App().Config(), u, desiredUsername, "")
	if err != nil {
	return fmt.Errorf("Unable to create user: %s", err)
	}
	log.Info("Done!")
	return nil
	}

	//go:embed schema.sql
	var schemaSql string

	//go:embed sqlite.sql
	var sqliteSql string

	func adminInitDatabase(app *App) error {
	var schema string
	if app.cfg.Database.Type == driverSQLite {
	schema = sqliteSql
	} else {
	schema = schemaSql
	}

	tblReg := regexp.MustCompile("CREATE TABLE (IF NOT EXISTS )?`([a-z_]+)`")

	queries := strings.Split(string(schema), ";\n")
	for _, q := range queries {
	if strings.TrimSpace(q) == "" {
	continue
	}
	parts := tblReg.FindStringSubmatch(q)
	if len(parts) >= 3 {
	log.Info("Creating table %s...", parts[2])
	} else {
	log.Info("Creating table ??? (Weird query) No match in: %v", parts)
	}
	_, err := app.db.Exec(q)
	if err != nil {
	log.Error("%s", err)
	} else {
	log.Info("Created.")
	}
	}

	// Set up migrations table
	log.Info("Initializing appmigrations table...")
	err := migrations.SetInitialMigrations(migrations.NewDatastore(app.db.DB, app.db.driverName))
	if err != nil {
	return fmt.Errorf("Unable to set initial migrations: %v", err)
	}

	log.Info("Running migrations...")
	err = migrations.Migrate(migrations.NewDatastore(app.db.DB, app.db.driverName))
	if err != nil {
	return fmt.Errorf("migrate: %s", err)
	}

	log.Info("Done.")
	return nil
	}

	// ServerUserAgent returns a User-Agent string to use in external requests. The
	// hostName parameter may be left empty.
	func ServerUserAgent(hostName string) string {
	hostUAStr := ""
	if hostName != "" {
	hostUAStr = "; +" + hostName
	}
	return "Go (" + serverSoftware + "/" + softwareVer + hostUAStr + ")"
	}
	diff --git a/go.mod b/go.mod
	index 666bd89..cbfa0d2 100644
	--- a/go.mod
	+++ b/go.mod
	@@ -1,92 +1,93 @@
	module github.com/writefreely/writefreely

	require (
	github.com/PuerkitoBio/goquery v1.8.1 // indirect
	github.com/aymerick/douceur v0.2.0
	github.com/clbanning/mxj v1.8.4 // indirect
	github.com/dustin/go-humanize v1.0.1
	github.com/facebookgo/ensure v0.0.0-20200202191622-63f1cf65ac4c // indirect
	github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 // indirect
	github.com/facebookgo/subset v0.0.0-20200203212716-c811ad88dec4 // indirect
	- github.com/fatih/color v1.16.0
	+ github.com/fatih/color v1.17.0
	github.com/go-ini/ini v1.67.0
	- github.com/go-sql-driver/mysql v1.7.1
	+ github.com/go-sql-driver/mysql v1.8.1
	github.com/go-test/deep v1.0.1 // indirect
	github.com/gobuffalo/envy v1.9.0 // indirect
	github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e // indirect
	github.com/gorilla/csrf v1.7.2
	github.com/gorilla/feeds v1.1.2
	github.com/gorilla/mux v1.8.1
	github.com/gorilla/schema v1.4.1
	github.com/gorilla/sessions v1.3.0
	github.com/guregu/null v4.0.0+incompatible
	github.com/hashicorp/go-multierror v1.1.1
	github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2
	github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec
	github.com/mailgun/mailgun-go v2.0.0+incompatible
	github.com/manifoldco/promptui v0.9.0
	github.com/mattn/go-sqlite3 v1.14.21
	github.com/microcosm-cc/bluemonday v1.0.26
	github.com/mitchellh/go-wordwrap v1.0.1
	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d
	github.com/onsi/ginkgo v1.16.4 // indirect
	github.com/onsi/gomega v1.13.0 // indirect
	github.com/rainycape/unidecode v0.0.0-20150907023854-cb7f23ec59be // indirect
	github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 // indirect
	github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c // indirect
	github.com/stretchr/testify v1.9.0
	github.com/urfave/cli/v2 v2.27.4
	github.com/writeas/activity v0.1.2
	github.com/writeas/activityserve v0.0.0-20230428180247-dc13a4f4d835
	github.com/writeas/go-strip-markdown/v2 v2.1.1
	github.com/writeas/go-webfinger v1.1.0
	github.com/writeas/httpsig v1.0.0
	github.com/writeas/impart v1.1.1
	github.com/writeas/import v0.2.1
	github.com/writeas/monday v1.3.0
	github.com/writeas/saturday v1.7.2-0.20200427193424-392b95a03320
	github.com/writeas/slug v1.2.0
	github.com/writeas/web-core v1.6.1-0.20231003013047-d81124d45431
	github.com/writefreely/go-gopher v0.0.0-20220429181814-40127126f83b
	github.com/writefreely/go-nodeinfo v1.2.0
	golang.org/x/crypto v0.24.0
	- golang.org/x/net v0.22.0
	+ golang.org/x/net v0.26.0
	)

	require (
	code.as/core/socks v1.0.0 // indirect
	+ filippo.io/edwards25519 v1.1.0 // indirect
	github.com/andybalholm/cascadia v1.3.2 // indirect
	github.com/beevik/etree v1.1.0 // indirect
	github.com/captncraig/cors v0.0.0-20190703115713-e80254a89df1 // indirect
	github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e // indirect
	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
	github.com/davecgh/go-spew v1.1.1 // indirect
	github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5 // indirect
	github.com/fatih/structs v1.1.0 // indirect
	github.com/go-fed/httpsig v0.1.1-0.20200204213531-0ef28562fabe // indirect
	github.com/gofrs/uuid v3.3.0+incompatible // indirect
	github.com/gologme/log v1.2.0 // indirect
	github.com/gorilla/css v1.0.0 // indirect
	github.com/gorilla/securecookie v1.1.2 // indirect
	github.com/hashicorp/errwrap v1.0.0 // indirect
	github.com/joho/godotenv v1.3.0 // indirect
	github.com/jtolds/gls v4.2.1+incompatible // indirect
	github.com/mattn/go-colorable v0.1.13 // indirect
	github.com/mattn/go-isatty v0.0.20 // indirect
	github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 // indirect
	github.com/pkg/errors v0.9.1 // indirect
	github.com/pmezard/go-difflib v1.0.0 // indirect
	github.com/rogpeppe/go-internal v1.9.0 // indirect
	github.com/russross/blackfriday/v2 v2.1.0 // indirect
	github.com/sasha-s/go-deadlock v0.3.1 // indirect
	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
	github.com/writeas/go-writeas/v2 v2.0.2 // indirect
	github.com/writeas/openssl-go v1.0.0 // indirect
	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
	golang.org/x/sys v0.21.0 // indirect
	golang.org/x/text v0.16.0 // indirect
	gopkg.in/ini.v1 v1.62.0 // indirect
	gopkg.in/yaml.v3 v3.0.1 // indirect
	)

	-go 1.19
	+go 1.21
	diff --git a/go.sum b/go.sum
	index a09893d..fcb69cf 100644
	--- a/go.sum
	+++ b/go.sum
	@@ -1,319 +1,321 @@
	code.as/core/socks v1.0.0 h1:SPQXNp4SbEwjOAP9VzUahLHak8SDqy5n+9cm9tpjZOs=
	code.as/core/socks v1.0.0/go.mod h1:BAXBy5O9s2gmw6UxLqNJcVbWY7C/UPs+801CcSsfWOY=
	+filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
	+filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
	github.com/PuerkitoBio/goquery v1.8.1 h1:uQxhNlArOIdbrH1tr0UXwdVFgDcZDrZVdcpygAcwmWM=
	github.com/PuerkitoBio/goquery v1.8.1/go.mod h1:Q8ICL1kNUJ2sXGoAhPGUdYDJvgQgHzJsnnd3H7Ho5jQ=
	github.com/andybalholm/cascadia v1.3.1/go.mod h1:R4bJ1UQfqADjvDa4P6HZHLh/3OxWWEqc0Sk8XGwHqvA=
	github.com/andybalholm/cascadia v1.3.2 h1:3Xi6Dw5lHF15JtdcmAHD3i1+T8plmv7BQ/nsViSLyss=
	github.com/andybalholm/cascadia v1.3.2/go.mod h1:7gtRlve5FxPPgIgX36uWBX58OdBsSS6lUvCFb+h7KvU=
	github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
	github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
	github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
	github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
	github.com/captncraig/cors v0.0.0-20190703115713-e80254a89df1 h1:AFSJaASPGYNbkUa5c8ZybrcW9pP3Cy7+z5dnpcc/qG8=
	github.com/captncraig/cors v0.0.0-20190703115713-e80254a89df1/go.mod h1:EIlIeMufZ8nqdUhnesledB15xLRl4wIJUppwDLPrdrQ=
	github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE=
	github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
	github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8=
	github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
	github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWsoZXJNW3xEE4JJyHa5Q25/sd8=
	github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
	github.com/clbanning/mxj v1.8.3/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng=
	github.com/clbanning/mxj v1.8.4 h1:HuhwZtbyvyOw+3Z1AowPkU87JkJUSv751ELWaiTpj8I=
	github.com/clbanning/mxj v1.8.4/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng=
	github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4=
	github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
	github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
	github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
	github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
	github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5 h1:RAV05c0xOkJ3dZGS0JFybxFKZ2WMLabgx3uXnd7rpGs=
	github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4=
	github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
	github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
	github.com/facebookgo/ensure v0.0.0-20200202191622-63f1cf65ac4c h1:8ISkoahWXwZR41ois5lSJBSVw4D0OV19Ht/JSTzvSv0=
	github.com/facebookgo/ensure v0.0.0-20200202191622-63f1cf65ac4c/go.mod h1:Yg+htXGokKKdzcwhuNDwVvN+uBxDGXJ7G/VN1d8fa64=
	github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 h1:JWuenKqqX8nojtoVVWjGfOF9635RETekkoH6Cc9SX0A=
	github.com/facebookgo/stack v0.0.0-20160209184415-751773369052/go.mod h1:UbMTZqLaRiH3MsBH8va0n7s1pQYcu3uTb8G4tygF4Zg=
	github.com/facebookgo/subset v0.0.0-20200203212716-c811ad88dec4 h1:7HZCaLC5+BZpmbhCOZJ293Lz68O7PYrF2EzeiFMwCLk=
	github.com/facebookgo/subset v0.0.0-20200203212716-c811ad88dec4/go.mod h1:5tD+neXqOorC30/tWg0LCSkrqj/AR6gu8yY8/fpw1q0=
	-github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
	-github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
	+github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4=
	+github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI=
	github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
	github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
	github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
	github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
	github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
	github.com/go-fed/httpsig v0.1.0/go.mod h1:T56HUNYZUQ1AGUzhAYPugZfp36sKApVnGBgKlIY+aIE=
	github.com/go-fed/httpsig v0.1.1-0.20200204213531-0ef28562fabe h1:U71giCx5NjRn4Lb71UuprPHqhjxGv3Jqonb9fgcaJH8=
	github.com/go-fed/httpsig v0.1.1-0.20200204213531-0ef28562fabe/go.mod h1:T56HUNYZUQ1AGUzhAYPugZfp36sKApVnGBgKlIY+aIE=
	github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A=
	github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
	-github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
	-github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
	+github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
	+github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
	github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
	github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg=
	github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
	github.com/gobuffalo/envy v1.9.0 h1:eZR0DuEgVLfeIb1zIKt3bT4YovIMf9O9LXQeCZLXpqE=
	github.com/gobuffalo/envy v1.9.0/go.mod h1:FurDp9+EDPE4aIUS3ZLyD+7/9fpx7YRt/ukY6jIHf0w=
	github.com/gofrs/uuid v3.3.0+incompatible h1:8K4tyRfvU1CYPgJsveYFQMhpFd/wXNM7iK6rR7UHz84=
	github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
	github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
	github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
	github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
	github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
	github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
	github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
	github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
	github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
	github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
	github.com/gologme/log v1.2.0 h1:Ya5Ip/KD6FX7uH0S31QO87nCCSucKtF44TLbTtO7V4c=
	github.com/gologme/log v1.2.0/go.mod h1:gq31gQ8wEHkR+WekdWsqDuf8pXTUZA9BnnzTuPz1Y9U=
	github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
	github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
	github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
	github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
	github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
	github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e h1:JKmoR8x90Iww1ks85zJ1lfDGgIiMDuIptTOhJq+zKyg=
	github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
	github.com/gorilla/csrf v1.7.2 h1:oTUjx0vyf2T+wkrx09Trsev1TE+/EbDAeHtSTbtC2eI=
	github.com/gorilla/csrf v1.7.2/go.mod h1:F1Fj3KG23WYHE6gozCmBAezKookxbIvUJT+121wTuLk=
	github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
	github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c=
	github.com/gorilla/feeds v1.1.2 h1:pxzZ5PD3RJdhFH2FsJJ4x6PqMqbgFk1+Vez4XWBW8Iw=
	github.com/gorilla/feeds v1.1.2/go.mod h1:WMib8uJP3BbY+X8Szd1rA5Pzhdfh+HCCAYT2z7Fza6Y=
	github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
	github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
	github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
	github.com/gorilla/schema v1.4.1 h1:jUg5hUjCSDZpNGLuXQOgIWGdlgrIdYvgQ0wZtdK1M3E=
	github.com/gorilla/schema v1.4.1/go.mod h1:Dg5SSm5PV60mhF2NFaTV1xuYYj8tV8NOPRo4FggUMnM=
	github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
	github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
	github.com/gorilla/sessions v1.3.0 h1:XYlkq7KcpOB2ZhHBPv5WpjMIxrQosiZanfoy1HLZFzg=
	github.com/gorilla/sessions v1.3.0/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
	github.com/guregu/null v4.0.0+incompatible h1:4zw0ckM7ECd6FNNddc3Fu4aty9nTlpkkzH7dPn4/4Gw=
	github.com/guregu/null v4.0.0+incompatible/go.mod h1:ePGpQaN9cw0tj45IR5E5ehMvsFlLlQZAkkOXZurJ3NM=
	github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
	github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
	github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
	github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
	github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
	github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
	github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2 h1:wIdDEle9HEy7vBPjC6oKz6ejs3Ut+jmsYvuOoAW2pSM=
	github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2/go.mod h1:WtaVKD9TeruTED9ydiaOJU08qGoEPP/LyzTKiD3jEsw=
	github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
	github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
	github.com/jtolds/gls v4.2.1+incompatible h1:fSuqC+Gmlu6l/ZYAoZzx2pyucC8Xza35fpRVWLVmUEE=
	github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
	github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
	github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
	github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
	github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
	github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
	github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
	github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec h1:ZXWuspqypleMuJy4bzYEqlMhJnGAYpLrWe5p7W3CdvI=
	github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec/go.mod h1:voECJzdraJmolzPBgL9Z7ANwXf4oMXaTCsIkdiPpR/g=
	github.com/mailgun/mailgun-go v2.0.0+incompatible h1:0FoRHWwMUctnd8KIR3vtZbqdfjpIMxOZgcSa51s8F8o=
	github.com/mailgun/mailgun-go v2.0.0+incompatible/go.mod h1:NWTyU+O4aczg/nsGhQnvHL6v2n5Gy6Sv5tNDVvC6FbU=
	github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA=
	github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg=
	github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
	github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
	github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
	github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
	github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
	github.com/mattn/go-sqlite3 v1.14.21 h1:IXocQLOykluc3xPE0Lvy8FtggMz1G+U3mEjg+0zGizc=
	github.com/mattn/go-sqlite3 v1.14.21/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
	github.com/microcosm-cc/bluemonday v1.0.23/go.mod h1:mN70sk7UkkF8TUr2IGBpNN0jAgStuPzlK76QuruE/z4=
	github.com/microcosm-cc/bluemonday v1.0.26 h1:xbqSvqzQMeEHCqMi64VAs4d8uy6Mequs3rQ0k/Khz58=
	github.com/microcosm-cc/bluemonday v1.0.26/go.mod h1:JyzOCs9gkyQyjs+6h10UEVSe02CGwkhd72Xdqh78TWs=
	github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0=
	github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0=
	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d h1:VhgPp6v9qf9Agr/56bj7Y/xa04UccTW04VP0Qed4vnQ=
	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U=
	github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
	github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
	github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
	github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
	github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
	github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E=
	github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc=
	github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
	github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
	github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
	github.com/onsi/gomega v1.13.0 h1:7lLHu94wT9Ij0o6EWWclhu0aOh32VxhkwEJvzuWPeak=
	github.com/onsi/gomega v1.13.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je41yGY=
	github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 h1:q2e307iGHPdTGp0hoxKjt1H5pDo6utceo3dQVK3I5XQ=
	github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5/go.mod h1:jvVRKCrJTQWu0XVbaOlby/2lO20uSCHEMzzplHXte1o=
	github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
	github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
	github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
	github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
	github.com/rainycape/unidecode v0.0.0-20150907023854-cb7f23ec59be h1:ta7tUOvsPHVHGom5hKW5VXNc2xZIkfCKP8iaqOyYtUQ=
	github.com/rainycape/unidecode v0.0.0-20150907023854-cb7f23ec59be/go.mod h1:MIDFMn7db1kT65GmV94GzpX9Qdi7N/pQlwb+AN8wh+Q=
	github.com/rogpeppe/go-internal v1.3.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
	github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
	github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
	github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
	github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
	github.com/sasha-s/go-deadlock v0.3.1 h1:sqv7fDNShgjcaxkO0JNcOAlr8B9+cV5Ey/OB71efZx0=
	github.com/sasha-s/go-deadlock v0.3.1/go.mod h1:F73l+cr82YSh10GxyRI6qZiCgK64VaZjwesgfQ1/iLM=
	github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
	github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
	github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 h1:Jpy1PXuP99tXNrhbq2BaPz9B+jNAvH1JPQQpG/9GCXY=
	github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
	github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c h1:Ho+uVpkel/udgjbwB5Lktg9BtvJSh2DT0Hi6LPSyI2w=
	github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s=
	github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
	github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
	github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
	github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
	github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
	github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
	github.com/urfave/cli/v2 v2.27.4 h1:o1owoI+02Eb+K107p27wEX9Bb8eqIoZCfLXloLUSWJ8=
	github.com/urfave/cli/v2 v2.27.4/go.mod h1:m4QzxcD2qpra4z7WhzEGn74WZLViBnMpb1ToCAKdGRQ=
	github.com/writeas/activity v0.1.2 h1:Y12B5lIrabfqKE7e7HFCWiXrlfXljr9tlkFm2mp7DgY=
	github.com/writeas/activity v0.1.2/go.mod h1:mYYgiewmEM+8tlifirK/vl6tmB2EbjYaxwb+ndUw5T0=
	github.com/writeas/activityserve v0.0.0-20230428180247-dc13a4f4d835 h1:bm/7gYo6y3GxtTa1qyUFyCk29CTnBAKt7z4D2MASYrw=
	github.com/writeas/activityserve v0.0.0-20230428180247-dc13a4f4d835/go.mod h1:4akDJSl+sSp+QhrQKMqzAqdV1gJ1pPx6XPI77zgMM8o=
	github.com/writeas/go-strip-markdown/v2 v2.1.1 h1:hAxUM21Uhznf/FnbVGiJciqzska6iLei22Ijc3q2e28=
	github.com/writeas/go-strip-markdown/v2 v2.1.1/go.mod h1:UvvgPJgn1vvN8nWuE5e7v/+qmDu3BSVnKAB6Gl7hFzA=
	github.com/writeas/go-webfinger v1.1.0 h1:MzNyt0ry/GMsRmJGftn2o9mPwqK1Q5MLdh4VuJCfb1Q=
	github.com/writeas/go-webfinger v1.1.0/go.mod h1:w2VxyRO/J5vfNjJHYVubsjUGHd3RLDoVciz0DE3ApOc=
	github.com/writeas/go-writeas v1.1.0/go.mod h1:oh9U1rWaiE0p3kzdKwwvOpNXgp0P0IELI7OLOwV4fkA=
	github.com/writeas/go-writeas/v2 v2.0.2 h1:akvdMg89U5oBJiCkBwOXljVLTqP354uN6qnG2oOMrbk=
	github.com/writeas/go-writeas/v2 v2.0.2/go.mod h1:9sjczQJKmru925fLzg0usrU1R1tE4vBmQtGnItUMR0M=
	github.com/writeas/httpsig v1.0.0 h1:peIAoIA3DmlP8IG8tMNZqI4YD1uEnWBmkcC9OFPjt3A=
	github.com/writeas/httpsig v1.0.0/go.mod h1:7ClMGSrSVXJbmiLa17bZ1LrG1oibGZmUMlh3402flPY=
	github.com/writeas/impart v1.1.0/go.mod h1:g0MpxdnTOHHrl+Ca/2oMXUHJ0PcRAEWtkCzYCJUXC9Y=
	github.com/writeas/impart v1.1.1 h1:RyA9+CqbdbDuz53k+nXCWUY+NlEkdyw6+nWanxSBl5o=
	github.com/writeas/impart v1.1.1/go.mod h1:g0MpxdnTOHHrl+Ca/2oMXUHJ0PcRAEWtkCzYCJUXC9Y=
	github.com/writeas/import v0.2.1 h1:3k+bDNCyqaWdZinyUZtEO4je3mR6fr/nE4ozTh9/9Wg=
	github.com/writeas/import v0.2.1/go.mod h1:gFe0Pl7ZWYiXbI0TJxeMMyylPGZmhVvCfQxhMEc8CxM=
	github.com/writeas/monday v1.3.0 h1:h51wJ0DULXIDZ1w11zutLL7YCBRO5LznXISSzqVLZeA=
	github.com/writeas/monday v1.3.0/go.mod h1:9/CdGLDdIeAvzvf4oeihX++PE/qXUT2+tUlPQKCfRWY=
	github.com/writeas/openssl-go v1.0.0 h1:YXM1tDXeYOlTyJjoMlYLQH1xOloUimSR1WMF8kjFc5o=
	github.com/writeas/openssl-go v1.0.0/go.mod h1:WsKeK5jYl0B5y8ggOmtVjbmb+3rEGqSD25TppjJnETA=
	github.com/writeas/saturday v1.7.1/go.mod h1:ETE1EK6ogxptJpAgUbcJD0prAtX48bSloie80+tvnzQ=
	github.com/writeas/saturday v1.7.2-0.20200427193424-392b95a03320 h1:PozPZ29CQ/xt6ym/+FvIz+KvKEObSSc5ye+95zbTjVU=
	github.com/writeas/saturday v1.7.2-0.20200427193424-392b95a03320/go.mod h1:ETE1EK6ogxptJpAgUbcJD0prAtX48bSloie80+tvnzQ=
	github.com/writeas/slug v1.2.0 h1:EMQ+cwLiOcA6EtFwUgyw3Ge18x9uflUnOnR6bp/J+/g=
	github.com/writeas/slug v1.2.0/go.mod h1:RE8shOqQP3YhsfsQe0L3RnuejfQ4Mk+JjY5YJQFubfQ=
	github.com/writeas/web-core v1.6.1-0.20231003013047-d81124d45431 h1:ruqL2u87k504PXkR/fC4DcfZyyHmCindlpjOQKmyOsY=
	github.com/writeas/web-core v1.6.1-0.20231003013047-d81124d45431/go.mod h1:7+idL4Y4woF7MnUfNX2mvkaQ8nLIJXths2y5iYPtA3k=
	github.com/writefreely/go-gopher v0.0.0-20220429181814-40127126f83b h1:h3NzB8OZ50NNi5k9yrFeyFszt3LyqyVK4+xUHFYY8B0=
	github.com/writefreely/go-gopher v0.0.0-20220429181814-40127126f83b/go.mod h1:T2UVVzt+R5KSSZe2xRSytnwc2M9AoDegi7foeIsik+M=
	github.com/writefreely/go-nodeinfo v1.2.0 h1:La+YbTCvmpTwFhBSlebWDDL81N88Qf/SCAvRLR7F8ss=
	github.com/writefreely/go-nodeinfo v1.2.0/go.mod h1:UTvE78KpcjYOlRHupZIiSEFcXHioTXuacCbHU+CAcPg=
	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
	github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
	github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
	golang.org/x/crypto v0.0.0-20180527072434-ab813273cd59/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
	golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
	golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
	golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
	golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
	golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
	golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
	golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
	golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
	golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
	golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
	golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
	golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
	golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
	golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
	golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
	golang.org/x/net v0.0.0-20210916014120-12bc252f5db8/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
	golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
	golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
	golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
	golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
	golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
	golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
	-golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
	-golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
	+golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
	+golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
	golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
	golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
	golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
	golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
	golang.org/x/sys v0.0.0-20180525142821-c11f84a56e43/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
	golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
	golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
	golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
	golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
	golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
	golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
	golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
	golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
	golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
	golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
	golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
	golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
	golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
	golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
	golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
	golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
	golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
	golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
	golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
	golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
	golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
	golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
	golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
	golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
	golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
	golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
	golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
	golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
	google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
	google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
	google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
	google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
	google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
	google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
	google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
	google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
	gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
	gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
	gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
	gopkg.in/ini.v1 v1.55.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
	gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU=
	gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
	gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU=
	gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0/go.mod h1:WDnlLJ4WF5VGsH/HVa3CI79GS0ol3YnhVnKP89i0kNg=
	gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
	gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
	gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
	gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
	gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
	gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
	gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
	diff --git a/nodeinfo.go b/nodeinfo.go
	index 6ce3572..5a38d96 100644
	--- a/nodeinfo.go
	+++ b/nodeinfo.go
	@@ -1,121 +1,121 @@
	/*
	* Copyright © 2018-2019, 2021 Musing Studio LLC.
	*
	* This file is part of WriteFreely.
	*
	* WriteFreely is free software: you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License, included
	* in the LICENSE file in this source code package.
	*/

	package writefreely

	import (
	"github.com/writeas/web-core/log"
	"github.com/writefreely/go-nodeinfo"
	"github.com/writefreely/writefreely/config"
	"strings"
	)

	type nodeInfoResolver struct {
	cfg *config.Config
	db *datastore
	}

	func nodeInfoConfig(db datastore, cfg config.Config) *nodeinfo.Config {
	name := cfg.App.SiteName
	desc := cfg.App.SiteDesc
	if desc == "" {
	desc = "Minimal, federated blogging platform."
	}
	if cfg.App.SingleUser {
	// Fetch blog information, instead
	coll, err := db.GetCollectionByID(1)
	if err == nil {
	desc = coll.Description
	}
	}
	return &nodeinfo.Config{
	BaseURL: cfg.App.Host,
	InfoURL: "/api/nodeinfo",

	Metadata: nodeinfo.Metadata{
	NodeName: name,
	NodeDescription: desc,
	Private: cfg.App.Private,
	Software: nodeinfo.SoftwareMeta{
	HomePage: softwareURL,
	GitHub: "https://github.com/writefreely/writefreely",
	- Follow: "https://writing.exchange/@write_as",
	+ Follow: "https://writing.exchange/@writefreely",
	},
	MaxBlogs: cfg.App.MaxBlogs,
	PublicReader: cfg.App.LocalTimeline,
	Invites: cfg.App.UserInvites != "",
	},
	Protocols: []nodeinfo.NodeProtocol{
	nodeinfo.ProtocolActivityPub,
	},
	Services: nodeinfo.Services{
	Inbound: []nodeinfo.NodeService{},
	Outbound: []nodeinfo.NodeService{
	nodeinfo.ServiceRSS,
	},
	},
	Software: nodeinfo.SoftwareInfo{
	Name: strings.ToLower(serverSoftware),
	Version: softwareVer,
	},
	}
	}

	func (r nodeInfoResolver) IsOpenRegistration() (bool, error) {
	return r.cfg.App.OpenRegistration, nil
	}

	func (r nodeInfoResolver) Usage() (nodeinfo.Usage, error) {
	var collCount, postCount int64
	var activeHalfYear, activeMonth int
	var err error
	collCount, err = r.db.GetTotalCollections()
	if err != nil {
	collCount = 0
	}
	postCount, err = r.db.GetTotalPosts()
	if err != nil {
	log.Error("Unable to fetch post counts: %v", err)
	}

	if r.cfg.App.PublicStats {
	// Display bi-yearly / monthly stats
	err = r.db.QueryRow(`SELECT COUNT(*) FROM (
	SELECT DISTINCT collection_id
	FROM posts
	INNER JOIN collections c
	ON collection_id = c.id
	WHERE collection_id IS NOT NULL
	AND updated > DATE_SUB(NOW(), INTERVAL 6 MONTH)) co`).Scan(&activeHalfYear)
	if err != nil {
	log.Error("Failed getting 6-month active user stats: %s", err)
	}

	err = r.db.QueryRow(`SELECT COUNT(*) FROM (
	SELECT DISTINCT collection_id
	FROM posts
	INNER JOIN collections c
	ON collection_id = c.id
	WHERE collection_id IS NOT NULL
	AND updated > DATE_SUB(NOW(), INTERVAL 1 MONTH)) co`).Scan(&activeMonth)
	if err != nil {
	log.Error("Failed getting 1-month active user stats: %s", err)
	}
	}

	return nodeinfo.Usage{
	Users: nodeinfo.UsageUsers{
	Total: int(collCount),
	ActiveHalfYear: activeHalfYear,
	ActiveMonth: activeMonth,
	},
	LocalPosts: int(postCount),
	}, nil
	}
	diff --git a/oauth_generic.go b/oauth_generic.go
	index 25c162b..36f166c 100644
	--- a/oauth_generic.go
	+++ b/oauth_generic.go
	@@ -1,142 +1,144 @@
	/*
	* Copyright © 2020-2021 Musing Studio LLC and respective authors.
	*
	* This file is part of WriteFreely.
	*
	* WriteFreely is free software: you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License, included
	* in the LICENSE file in this source code package.
	*/

	package writefreely

	import (
	"context"
	"errors"
	"fmt"
	"github.com/writeas/web-core/log"
	"net/http"
	"net/url"
	"strings"
	)

	type genericOauthClient struct {
	ClientID string
	ClientSecret string
	AuthLocation string
	ExchangeLocation string
	InspectLocation string
	CallbackLocation string
	Scope string
	MapUserID string
	MapUsername string
	MapDisplayName string
	MapEmail string
	HttpClient HttpClient
	}

	var _ oauthClient = genericOauthClient{}

	const (
	genericOauthDisplayName = "OAuth"
	)

	func (c genericOauthClient) GetProvider() string {
	return "generic"
	}

	func (c genericOauthClient) GetClientID() string {
	return c.ClientID
	}

	func (c genericOauthClient) GetCallbackLocation() string {
	return c.CallbackLocation
	}

	func (c genericOauthClient) buildLoginURL(state string) (string, error) {
	u, err := url.Parse(c.AuthLocation)
	if err != nil {
	return "", err
	}
	q := u.Query()
	q.Set("client_id", c.ClientID)
	q.Set("redirect_uri", c.CallbackLocation)
	q.Set("response_type", "code")
	q.Set("state", state)
	q.Set("scope", c.Scope)
	u.RawQuery = q.Encode()
	return u.String(), nil
	}

	func (c genericOauthClient) exchangeOauthCode(ctx context.Context, code string) (*TokenResponse, error) {
	form := url.Values{}
	+ form.Add("client_id", c.ClientID)
	+ form.Add("client_secret", c.ClientSecret)
	form.Add("grant_type", "authorization_code")
	form.Add("redirect_uri", c.CallbackLocation)
	form.Add("scope", c.Scope)
	form.Add("code", code)
	req, err := http.NewRequest("POST", c.ExchangeLocation, strings.NewReader(form.Encode()))
	if err != nil {
	return nil, err
	}
	req.WithContext(ctx)
	req.Header.Set("User-Agent", ServerUserAgent(""))
	req.Header.Set("Accept", "application/json")
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.SetBasicAuth(c.ClientID, c.ClientSecret)

	resp, err := c.HttpClient.Do(req)
	if err != nil {
	return nil, err
	}
	if resp.StatusCode != http.StatusOK {
	return nil, errors.New("unable to exchange code for access token")
	}

	var tokenResponse TokenResponse
	if err := limitedJsonUnmarshal(resp.Body, tokenRequestMaxLen, &tokenResponse); err != nil {
	return nil, err
	}
	if tokenResponse.Error != "" {
	return nil, errors.New(tokenResponse.Error)
	}
	return &tokenResponse, nil
	}

	func (c genericOauthClient) inspectOauthAccessToken(ctx context.Context, accessToken string) (*InspectResponse, error) {
	req, err := http.NewRequest("GET", c.InspectLocation, nil)
	if err != nil {
	return nil, err
	}
	req.WithContext(ctx)
	req.Header.Set("User-Agent", ServerUserAgent(""))
	req.Header.Set("Accept", "application/json")
	req.Header.Set("Authorization", "Bearer "+accessToken)

	resp, err := c.HttpClient.Do(req)
	if err != nil {
	return nil, err
	}
	if resp.StatusCode != http.StatusOK {
	return nil, errors.New("unable to inspect access token")
	}

	// since we don't know what the JSON from the server will look like, we create a
	// generic interface and then map manually to values set in the config
	var genericInterface map[string]interface{}
	if err := limitedJsonUnmarshal(resp.Body, infoRequestMaxLen, &genericInterface); err != nil {
	return nil, err
	}

	// map each relevant field in inspectResponse to the mapped field from the config
	var inspectResponse InspectResponse
	inspectResponse.UserID, _ = genericInterface[c.MapUserID].(string)
	if inspectResponse.UserID == "" {
	log.Error("[CONFIGURATION ERROR] Generic OAuth provider returned empty UserID value (`%s`).\n Do you need to configure a different `map_user_id` value for this provider?", c.MapUserID)
	return nil, fmt.Errorf("no UserID (`%s`) value returned", c.MapUserID)
	}
	inspectResponse.Username, _ = genericInterface[c.MapUsername].(string)
	inspectResponse.DisplayName, _ = genericInterface[c.MapDisplayName].(string)
	inspectResponse.Email, _ = genericInterface[c.MapEmail].(string)

	return &inspectResponse, nil
	}
	diff --git a/posts.go b/posts.go
	index 46f5871..f31f5da 100644
	--- a/posts.go
	+++ b/posts.go
	@@ -1,1700 +1,1702 @@
	/*
	* Copyright © 2018-2021 Musing Studio LLC.
	*
	* This file is part of WriteFreely.
	*
	* WriteFreely is free software: you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License, included
	* in the LICENSE file in this source code package.
	*/

	package writefreely

	import (
	"database/sql"
	"encoding/json"
	"fmt"
	"github.com/writefreely/writefreely/spam"
	"html/template"
	"net/http"
	"net/url"
	"regexp"
	"strings"
	"time"

	"github.com/gorilla/mux"
	"github.com/guregu/null"
	"github.com/guregu/null/zero"
	"github.com/kylemcc/twitter-text-go/extract"
	"github.com/microcosm-cc/bluemonday"
	stripmd "github.com/writeas/go-strip-markdown/v2"
	"github.com/writeas/impart"
	"github.com/writeas/monday"
	"github.com/writeas/slug"
	"github.com/writeas/web-core/activitystreams"
	"github.com/writeas/web-core/bots"
	"github.com/writeas/web-core/converter"
	"github.com/writeas/web-core/i18n"
	"github.com/writeas/web-core/log"
	"github.com/writeas/web-core/tags"
	"github.com/writefreely/writefreely/page"
	"github.com/writefreely/writefreely/parse"
	)

	const (
	// Post ID length bounds
	minIDLen = 10
	maxIDLen = 10
	userPostIDLen = 10
	postIDLen = 10

	postMetaDateFormat = "2006-01-02 15:04:05"

	shortCodePaid = "<!--paid-->"
	)

	type (
	AnonymousPost struct {
	ID string
	Content string
	HTMLContent template.HTML
	Font string
	Language string
	Direction string
	Title string
	GenTitle string
	Description string
	Author string
	Views int64
	Images []string
	IsPlainText bool
	IsCode bool
	IsLinkable bool
	}

	AuthenticatedPost struct {
	ID string `json:"id" schema:"id"`
	Web bool `json:"web" schema:"web"`
	*SubmittedPost
	}

	// SubmittedPost represents a post supplied by a client for publishing or
	// updating. Since Title and Content can be updated to "", they are
	// pointers that can be easily tested to detect changes.
	SubmittedPost struct {
	Slug *string `json:"slug" schema:"slug"`
	Title *string `json:"title" schema:"title"`
	Content *string `json:"body" schema:"body"`
	Font string `json:"font" schema:"font"`
	IsRTL converter.NullJSONBool `json:"rtl" schema:"rtl"`
	Language converter.NullJSONString `json:"lang" schema:"lang"`
	Created *string `json:"created" schema:"created"`
	}

	// Post represents a post as found in the database.
	Post struct {
	ID string `db:"id" json:"id"`
	Slug null.String `db:"slug" json:"slug,omitempty"`
	Font string `db:"text_appearance" json:"appearance"`
	Language zero.String `db:"language" json:"language"`
	RTL zero.Bool `db:"rtl" json:"rtl"`
	Privacy int64 `db:"privacy" json:"-"`
	OwnerID null.Int `db:"owner_id" json:"-"`
	CollectionID null.Int `db:"collection_id" json:"-"`
	PinnedPosition null.Int `db:"pinned_position" json:"-"`
	Created time.Time `db:"created" json:"created"`
	Updated time.Time `db:"updated" json:"updated"`
	ViewCount int64 `db:"view_count" json:"-"`
	Title zero.String `db:"title" json:"title"`
	HTMLTitle template.HTML `db:"title" json:"-"`
	Content string `db:"content" json:"body"`
	HTMLContent template.HTML `db:"content" json:"-"`
	HTMLExcerpt template.HTML `db:"content" json:"-"`
	Tags []string `json:"tags"`
	Images []string `json:"images,omitempty"`
	IsPaid bool `json:"paid"`

	OwnerName string `json:"owner,omitempty"`
	}

	// PublicPost holds properties for a publicly returned post, i.e. a post in
	// a context where the viewer may not be the owner. As such, sensitive
	// metadata for the post is hidden and properties supporting the display of
	// the post are added.
	PublicPost struct {
	*Post
	IsSubdomain bool `json:"-"`
	IsTopLevel bool `json:"-"`
	DisplayDate string `json:"-"`
	Views int64 `json:"views"`
	Owner *PublicUser `json:"-"`
	IsOwner bool `json:"-"`
	URL string `json:"url,omitempty"`
	Collection *CollectionObj `json:"collection,omitempty"`
	}

	CollectionPostPage struct {
	*PublicPost
	page.StaticPage
	IsOwner bool
	IsPinned bool
	IsCustomDomain bool
	Monetization string
	Verification string
	PinnedPosts *[]PublicPost
	IsFound bool
	IsAdmin bool
	CanInvite bool
	Silenced bool

	// Helper field for Chorus mode
	CollAlias string
	}

	RawPost struct {
	Id, Slug string
	Title string
	Content string
	Views int64
	Font string
	Created time.Time
	Updated time.Time
	IsRTL sql.NullBool
	Language sql.NullString
	OwnerID int64
	CollectionID sql.NullInt64

	Found bool
	Gone bool
	}

	AnonymousAuthPost struct {
	ID string `json:"id"`
	Token string `json:"token"`
	}
	ClaimPostRequest struct {
	*AnonymousAuthPost
	CollectionAlias string `json:"collection"`
	CreateCollection bool `json:"create_collection"`

	// Generated properties
	Slug string `json:"-"`
	}
	ClaimPostResult struct {
	ID string `json:"id,omitempty"`
	Code int `json:"code,omitempty"`
	ErrorMessage string `json:"error_msg,omitempty"`
	Post *PublicPost `json:"post,omitempty"`
	}
	)

	func (p *Post) Direction() string {
	if p.RTL.Valid {
	if p.RTL.Bool {
	return "rtl"
	}
	return "ltr"
	}
	return "auto"
	}

	// DisplayTitle dynamically generates a title from the Post's contents if it
	// doesn't already have an explicit title.
	func (p *Post) DisplayTitle() string {
	if p.Title.String != "" {
	return p.Title.String
	}
	t := friendlyPostTitle(p.Content, p.ID)
	return t
	}

	// PlainDisplayTitle dynamically generates a title from the Post's contents if it
	// doesn't already have an explicit title.
	func (p *Post) PlainDisplayTitle() string {
	if t := stripmd.Strip(p.DisplayTitle()); t != "" {
	return t
	}
	return p.ID
	}

	// FormattedDisplayTitle dynamically generates a title from the Post's contents if it
	// doesn't already have an explicit title.
	func (p *Post) FormattedDisplayTitle() template.HTML {
	if p.HTMLTitle != "" {
	return p.HTMLTitle
	}
	return template.HTML(p.DisplayTitle())
	}

	// Summary gives a shortened summary of the post based on the post's title,
	// especially for display in a longer list of posts. It extracts a summary for
	// posts in the Title\n\nBody format, returning nothing if the entire was short
	// enough that the extracted title == extracted summary.
	func (p Post) Summary() string {
	if p.Content == "" {
	return ""
	}
	p.Content = stripHTMLWithoutEscaping(p.Content)
	// and Markdown
	p.Content = stripmd.StripOptions(p.Content, stripmd.Options{SkipImages: true})

	title := p.Title.String
	var desc string
	if title == "" {
	// No title, so generate one
	title = friendlyPostTitle(p.Content, p.ID)
	desc = postDescription(p.Content, title, p.ID)
	if desc == title {
	return ""
	}
	return desc
	}

	return shortPostDescription(p.Content)
	}

	func (p Post) SummaryHTML() template.HTML {
	return template.HTML(p.Summary())
	}

	// Excerpt shows any text that comes before a (more) tag.
	// TODO: use HTMLExcerpt in templates instead of this method
	func (p *Post) Excerpt() template.HTML {
	return p.HTMLExcerpt
	}

	func (p *Post) CreatedDate() string {
	return p.Created.Format("2006-01-02")
	}

	func (p *Post) Created8601() string {
	return p.Created.Format("2006-01-02T15:04:05Z")
	}

	func (p *Post) IsScheduled() bool {
	return p.Created.After(time.Now())
	}

	func (p *Post) HasTag(tag string) bool {
	// Regexp looks for tag and has a non-capturing group at the end looking
	// for the end of the word.
	// Assisted by: https://stackoverflow.com/a/35192941/1549194
	hasTag, _ := regexp.MatchString("#"+tag+`(?:[[:punct:]]\|\s\|\z)`, p.Content)
	return hasTag
	}

	func (p *Post) HasTitleLink() bool {
	if p.Title.String == "" {
	return false
	}
	hasLink, _ := regexp.MatchString(`([^!]+\|^)\[.+\]$.+$`, p.Title.String)
	return hasLink
	}

	func (c CollectionPostPage) DisplayMonetization() string {
	if c.Collection == nil {
	log.Info("CollectionPostPage.DisplayMonetization: c.Collection is nil")
	return ""
	}
	return displayMonetization(c.Monetization, c.Collection.Alias)
	}

	func handleViewPost(app App, w http.ResponseWriter, r http.Request) error {
	vars := mux.Vars(r)
	friendlyID := vars["post"]

	// NOTE: until this is done better, be sure to keep this in parity with
	// isRaw() and viewCollectionPost()
	isJSON := strings.HasSuffix(friendlyID, ".json")
	isXML := strings.HasSuffix(friendlyID, ".xml")
	isCSS := strings.HasSuffix(friendlyID, ".css")
	isMarkdown := strings.HasSuffix(friendlyID, ".md")
	isRaw := strings.HasSuffix(friendlyID, ".txt") \|\| isJSON \|\| isXML \|\| isCSS \|\| isMarkdown

	// Display reserved page if that is requested resource
	if t, ok := pages[r.URL.Path[1:]+".tmpl"]; ok {
	return handleTemplatedPage(app, w, r, t)
	+ } else if r.URL.Path == "/sitemap.xml" && !app.cfg.App.SingleUser {
	+ return impart.HTTPError{Status: http.StatusNotFound, Message: "Page not found."}
	} else if (strings.Contains(r.URL.Path, ".") && !isRaw && !isMarkdown) \|\| r.URL.Path == "/robots.txt" \|\| r.URL.Path == "/manifest.json" {
	// Serve static file
	app.shttp.ServeHTTP(w, r)
	return nil
	}

	// Display collection if this is a collection
	c, _ := app.db.GetCollection(friendlyID)
	if c != nil {
	return impart.HTTPError{http.StatusMovedPermanently, fmt.Sprintf("/%s/", friendlyID)}
	}

	// Normalize the URL, redirecting user to consistent post URL
	if friendlyID != strings.ToLower(friendlyID) {
	return impart.HTTPError{http.StatusMovedPermanently, fmt.Sprintf("/%s", strings.ToLower(friendlyID))}
	}

	ext := ""
	if isRaw {
	parts := strings.Split(friendlyID, ".")
	friendlyID = parts[0]
	if len(parts) > 1 {
	ext = "." + parts[1]
	}
	}

	var ownerID sql.NullInt64
	var collectionID sql.NullInt64
	var title string
	var content string
	var font string
	var language []byte
	var rtl []byte
	var views int64
	var post *AnonymousPost
	var found bool
	var gone bool

	fixedID := slug.Make(friendlyID)
	if fixedID != friendlyID {
	return impart.HTTPError{http.StatusFound, fmt.Sprintf("/%s%s", fixedID, ext)}
	}

	err := app.db.QueryRow("SELECT owner_id, collection_id, title, content, text_appearance, view_count, language, rtl FROM posts WHERE id = ?", friendlyID).Scan(&ownerID, &collectionID, &title, &content, &font, &views, &language, &rtl)
	switch {
	case err == sql.ErrNoRows:
	found = false

	// Output the error in the correct format
	if isJSON {
	content = "{\"error\": \"Post not found.\"}"
	} else if isRaw {
	content = "Post not found."
	} else {
	return ErrPostNotFound
	}
	case err != nil:
	found = false

	log.Error("Post loading err: %s\n", err)
	return ErrInternalGeneral
	default:
	found = true

	var d string
	if len(rtl) == 0 {
	d = "auto"
	} else if rtl[0] == 49 {
	// TODO: find a cleaner way to get this (possibly NULL) value
	d = "rtl"
	} else {
	d = "ltr"
	}
	generatedTitle := friendlyPostTitle(content, friendlyID)
	sanitizedContent := content
	if font != "code" {
	sanitizedContent = template.HTMLEscapeString(content)
	}
	var desc string
	if title == "" {
	desc = postDescription(content, title, friendlyID)
	} else {
	desc = shortPostDescription(content)
	}
	post = &AnonymousPost{
	ID: friendlyID,
	Content: sanitizedContent,
	Title: title,
	GenTitle: generatedTitle,
	Description: desc,
	Author: "",
	Font: font,
	IsPlainText: isRaw,
	IsCode: font == "code",
	IsLinkable: font != "code",
	Views: views,
	Language: string(language),
	Direction: d,
	}
	if !isRaw {
	post.HTMLContent = template.HTML(applyMarkdown([]byte(content), "", app.cfg))
	post.Images = extractImages(post.Content)
	}
	}

	var silenced bool
	if found {
	silenced, err = app.db.IsUserSilenced(ownerID.Int64)
	if err != nil {
	log.Error("view post: %v", err)
	}
	}

	var protectDraft bool
	if found && collectionID.Valid {
	collection, err := app.db.GetCollectionByID(collectionID.Int64)
	if err != nil {
	log.Error("view post: %v", err)
	}

	protectDraft = collection.IsPrivate() \|\| collection.IsProtected()
	}

	// Check if post has been unpublished
	if title == "" && content == "" {
	gone = true

	if isJSON {
	content = "{\"error\": \"Post was unpublished.\"}"
	} else if isCSS {
	content = ""
	} else if isRaw {
	content = "Post was unpublished."
	} else {
	return ErrPostUnpublished
	}
	}

	var u = &User{}
	if isRaw {
	contentType := "text/plain"
	if isJSON {
	contentType = "application/json"
	} else if isCSS {
	contentType = "text/css"
	} else if isXML {
	contentType = "application/xml"
	} else if isMarkdown {
	contentType = "text/markdown"
	}
	w.Header().Set("Content-Type", fmt.Sprintf("%s; charset=utf-8", contentType))
	if isMarkdown && post.Title != "" {
	fmt.Fprintf(w, "%s\n", post.Title)
	for i := 1; i <= len(post.Title); i++ {
	fmt.Fprintf(w, "=")
	}
	fmt.Fprintf(w, "\n\n")
	}
	fmt.Fprint(w, content)

	if !found {
	return ErrPostNotFound
	} else if gone {
	return ErrPostUnpublished
	}
	} else {
	var err error
	page := struct {
	*AnonymousPost
	page.StaticPage
	Username string
	IsOwner bool
	SiteURL string
	Silenced bool
	}{
	AnonymousPost: post,
	StaticPage: pageForReq(app, r),
	SiteURL: app.cfg.App.Host,
	}
	if u = getUserSession(app, r); u != nil {
	page.Username = u.Username
	page.IsOwner = ownerID.Valid && ownerID.Int64 == u.ID
	}

	if !page.IsOwner && silenced {
	return ErrPostNotFound
	}

	if !page.IsOwner && protectDraft {
	return ErrPostNotFound
	}
	page.Silenced = silenced
	err = templates["post"].ExecuteTemplate(w, "post", page)
	if err != nil {
	log.Error("Post template execute error: %v", err)
	}
	}

	go func() {
	if u != nil && ownerID.Valid && ownerID.Int64 == u.ID {
	// Post is owned by someone; skip view increment since that person is viewing this post.
	return
	}
	// Update stats for non-raw post views
	if !isRaw && r.Method != "HEAD" && !bots.IsBot(r.UserAgent()) {
	_, err := app.db.Exec("UPDATE posts SET view_count = view_count + 1 WHERE id = ?", friendlyID)
	if err != nil {
	log.Error("Unable to update posts count: %v", err)
	}
	}
	}()

	return nil
	}

	// API v2 funcs
	// newPost creates a new post with or without an owning Collection.
	//
	// Endpoints:
	// - /posts
	// - /posts?collection={alias}
	// - ? /collections/{alias}/posts
	func newPost(app App, w http.ResponseWriter, r http.Request) error {
	reqJSON := IsJSON(r)
	vars := mux.Vars(r)
	collAlias := vars["alias"]
	if collAlias == "" {
	collAlias = r.FormValue("collection")
	}
	accessToken := r.Header.Get("Authorization")
	if accessToken == "" {
	// TODO: remove this
	accessToken = r.FormValue("access_token")
	}

	// FIXME: determine web submission with Content-Type header
	var u *User
	var userID int64 = -1
	var username string
	if accessToken == "" {
	u = getUserSession(app, r)
	if u != nil {
	userID = u.ID
	username = u.Username
	}
	} else {
	userID = app.db.GetUserID(accessToken)
	}
	silenced, err := app.db.IsUserSilenced(userID)
	if err != nil {
	log.Error("new post: %v", err)
	}
	if silenced {
	return ErrUserSilenced
	}

	if userID == -1 {
	return ErrNotLoggedIn
	}

	if accessToken == "" && u == nil && collAlias != "" {
	return impart.HTTPError{http.StatusBadRequest, "Parameter `access_token` required."}
	}

	// Get post data
	var p *SubmittedPost
	if reqJSON {
	decoder := json.NewDecoder(r.Body)
	err = decoder.Decode(&p)
	if err != nil {
	log.Error("Couldn't parse new post JSON request: %v\n", err)
	return ErrBadJSON
	}
	if p.Title == nil {
	t := ""
	p.Title = &t
	}
	if strings.TrimSpace((p.Title)) == "" && (p.Content == nil \|\| strings.TrimSpace((p.Content)) == "") {
	return ErrNoPublishableContent
	}
	if p.Content == nil {
	c := ""
	p.Content = &c
	}

	} else {
	post := r.FormValue("body")
	appearance := r.FormValue("font")
	title := r.FormValue("title")
	rtlValue := r.FormValue("rtl")
	langValue := r.FormValue("lang")
	if strings.TrimSpace(post) == "" {
	return ErrNoPublishableContent
	}

	var isRTL, rtlValid bool
	if rtlValue == "auto" && langValue != "" {
	isRTL = i18n.LangIsRTL(langValue)
	rtlValid = true
	} else {
	isRTL = rtlValue == "true"
	rtlValid = rtlValue != "" && langValue != ""
	}

	// Create a new post
	p = &SubmittedPost{
	Title: &title,
	Content: &post,
	Font: appearance,
	IsRTL: converter.NullJSONBool{sql.NullBool{Bool: isRTL, Valid: rtlValid}},
	Language: converter.NullJSONString{sql.NullString{String: langValue, Valid: langValue != ""}},
	}
	}
	if !p.isFontValid() {
	p.Font = "norm"
	}

	var newPost *PublicPost = &PublicPost{}
	var coll *Collection
	if accessToken != "" {
	newPost, err = app.db.CreateOwnedPost(p, accessToken, collAlias, app.cfg.App.Host)
	} else {
	//return ErrNotLoggedIn
	// TODO: verify user is logged in
	var collID int64
	if collAlias != "" {
	coll, err = app.db.GetCollection(collAlias)
	if err != nil {
	return err
	}
	coll.hostName = app.cfg.App.Host
	if coll.OwnerID != u.ID {
	return ErrForbiddenCollection
	}
	collID = coll.ID
	}
	// TODO: return PublicPost from createPost
	newPost.Post, err = app.db.CreatePost(userID, collID, p)
	}
	if err != nil {
	return err
	}
	if coll != nil {
	coll.ForPublic()
	newPost.Collection = &CollectionObj{Collection: *coll}
	}

	newPost.extractData()
	newPost.OwnerName = username
	newPost.URL = newPost.CanonicalURL(app.cfg.App.Host)

	// Write success now
	response := impart.WriteSuccess(w, newPost, http.StatusCreated)

	if newPost.Collection != nil {
	if !app.cfg.App.Private && app.cfg.App.Federation && !newPost.Created.After(time.Now()) {
	go federatePost(app, newPost, newPost.Collection.ID, false)
	}
	if app.cfg.Email.Enabled() && newPost.Collection.EmailSubsEnabled() {
	go app.db.InsertJob(&PostJob{
	PostID: newPost.ID,
	Action: "email",
	Delay: emailSendDelay,
	})
	}
	}

	return response
	}

	func existingPost(app App, w http.ResponseWriter, r http.Request) error {
	reqJSON := IsJSON(r)
	vars := mux.Vars(r)
	postID := vars["post"]

	p := AuthenticatedPost{ID: postID}
	var err error

	if reqJSON {
	// Decode JSON request
	decoder := json.NewDecoder(r.Body)
	err = decoder.Decode(&p)
	if err != nil {
	log.Error("Couldn't parse post update JSON request: %v\n", err)
	return ErrBadJSON
	}
	} else {
	err = r.ParseForm()
	if err != nil {
	log.Error("Couldn't parse post update form request: %v\n", err)
	return ErrBadFormData
	}

	// Can't decode to a nil SubmittedPost property, so create instance now
	p.SubmittedPost = &SubmittedPost{}
	err = app.formDecoder.Decode(&p, r.PostForm)
	if err != nil {
	log.Error("Couldn't decode post update form request: %v\n", err)
	return ErrBadFormData
	}
	}

	if p.Web {
	p.IsRTL.Valid = true
	}

	if p.SubmittedPost == nil {
	return ErrPostNoUpdatableVals
	}

	// Ensure an access token was given
	accessToken := r.Header.Get("Authorization")
	// Get user's cookie session if there's no token
	var u *User
	//var username string
	if accessToken == "" {
	u = getUserSession(app, r)
	if u != nil {
	//username = u.Username
	}
	}
	if u == nil && accessToken == "" {
	return ErrNoAccessToken
	}

	// Get user ID from current session or given access token, if one was given.
	var userID int64
	if u != nil {
	userID = u.ID
	} else if accessToken != "" {
	userID, err = AuthenticateUser(app.db, accessToken)
	if err != nil {
	return err
	}
	}

	silenced, err := app.db.IsUserSilenced(userID)
	if err != nil {
	log.Error("existing post: %v", err)
	}
	if silenced {
	return ErrUserSilenced
	}

	// Modify post struct
	p.ID = postID

	err = app.db.UpdateOwnedPost(&p, userID)
	if err != nil {
	if reqJSON {
	return err
	}

	if err, ok := err.(impart.HTTPError); ok {
	addSessionFlash(app, w, r, err.Message, nil)
	} else {
	addSessionFlash(app, w, r, err.Error(), nil)
	}
	}

	var pRes *PublicPost
	pRes, err = app.db.GetPost(p.ID, 0)
	if reqJSON {
	if err != nil {
	return err
	}
	pRes.extractData()
	}

	if pRes.CollectionID.Valid {
	coll, err := app.db.GetCollectionBy("id = ?", pRes.CollectionID.Int64)
	if err == nil && !app.cfg.App.Private && app.cfg.App.Federation {
	coll.hostName = app.cfg.App.Host
	pRes.Collection = &CollectionObj{Collection: *coll}
	go federatePost(app, pRes, pRes.Collection.ID, true)
	}
	}

	// Write success now
	if reqJSON {
	return impart.WriteSuccess(w, pRes, http.StatusOK)
	}

	addSessionFlash(app, w, r, "Changes saved.", nil)
	collectionAlias := vars["alias"]
	redirect := "/" + postID + "/meta"
	if collectionAlias != "" {
	collPre := "/" + collectionAlias
	if app.cfg.App.SingleUser {
	collPre = ""
	}
	redirect = collPre + "/" + pRes.Slug.String + "/edit/meta"
	} else {
	if app.cfg.App.SingleUser {
	redirect = "/d" + redirect
	}
	}
	w.Header().Set("Location", redirect)
	w.WriteHeader(http.StatusFound)

	return nil
	}

	func deletePost(app App, w http.ResponseWriter, r http.Request) error {
	vars := mux.Vars(r)
	friendlyID := vars["post"]
	editToken := r.FormValue("token")

	var ownerID int64
	var u *User
	accessToken := r.Header.Get("Authorization")
	if accessToken == "" && editToken == "" {
	u = getUserSession(app, r)
	if u == nil {
	return ErrNoAccessToken
	}
	}

	var res sql.Result
	var t *sql.Tx
	var err error
	var collID sql.NullInt64
	var coll *Collection
	var pp *PublicPost
	if editToken != "" {
	// TODO: SELECT owner_id, as well, and return appropriate error if NULL instead of running two queries
	var dummy int64
	err = app.db.QueryRow("SELECT 1 FROM posts WHERE id = ?", friendlyID).Scan(&dummy)
	switch {
	case err == sql.ErrNoRows:
	return impart.HTTPError{http.StatusNotFound, "Post not found."}
	}
	err = app.db.QueryRow("SELECT 1 FROM posts WHERE id = ? AND owner_id IS NULL", friendlyID).Scan(&dummy)
	switch {
	case err == sql.ErrNoRows:
	// Post already has an owner. This could provide a bad experience
	// for the user, but it's more important to ensure data isn't lost
	// unexpectedly. So prevent deletion via token.
	return impart.HTTPError{http.StatusConflict, "This post belongs to some user (hopefully yours). Please log in and delete it from that user's account."}
	}
	res, err = app.db.Exec("DELETE FROM posts WHERE id = ? AND modify_token = ? AND owner_id IS NULL", friendlyID, editToken)
	} else if accessToken != "" \|\| u != nil {
	// Caller provided some way to authenticate; assume caller expects the
	// post to be deleted based on a specific post owner, thus we should
	// return corresponding errors.
	if accessToken != "" {
	ownerID = app.db.GetUserID(accessToken)
	if ownerID == -1 {
	return ErrBadAccessToken
	}
	} else {
	ownerID = u.ID
	}

	// TODO: don't make two queries
	var realOwnerID sql.NullInt64
	err = app.db.QueryRow("SELECT collection_id, owner_id FROM posts WHERE id = ?", friendlyID).Scan(&collID, &realOwnerID)
	if err != nil {
	return err
	}
	if !collID.Valid {
	// There's no collection; simply delete the post
	res, err = app.db.Exec("DELETE FROM posts WHERE id = ? AND owner_id = ?", friendlyID, ownerID)
	} else {
	// Post belongs to a collection; do any additional clean up
	coll, err = app.db.GetCollectionBy("id = ?", collID.Int64)
	if err != nil {
	log.Error("Unable to get collection: %v", err)
	return err
	}
	if app.cfg.App.Federation {
	// First fetch full post for federation
	pp, err = app.db.GetOwnedPost(friendlyID, ownerID)
	if err != nil {
	log.Error("Unable to get owned post: %v", err)
	return err
	}
	collObj := &CollectionObj{Collection: *coll}
	pp.Collection = collObj
	}

	t, err = app.db.Begin()
	if err != nil {
	log.Error("No begin: %v", err)
	return err
	}
	res, err = t.Exec("DELETE FROM posts WHERE id = ? AND owner_id = ?", friendlyID, ownerID)
	}
	} else {
	return impart.HTTPError{http.StatusBadRequest, "No authenticated user or post token given."}
	}
	if err != nil {
	return err
	}

	affected, err := res.RowsAffected()
	if err != nil {
	if t != nil {
	t.Rollback()
	log.Error("Rows affected err! Rolling back")
	}
	return err
	} else if affected == 0 {
	if t != nil {
	t.Rollback()
	log.Error("No rows affected! Rolling back")
	}
	return impart.HTTPError{http.StatusForbidden, "Post not found, or you're not the owner."}
	}
	if t != nil {
	t.Commit()
	}
	if coll != nil && !app.cfg.App.Private && app.cfg.App.Federation {
	go deleteFederatedPost(app, pp, collID.Int64)
	}

	return impart.HTTPError{Status: http.StatusNoContent}
	}

	// addPost associates a post with the authenticated user.
	func addPost(app App, w http.ResponseWriter, r http.Request) error {
	var ownerID int64

	// Authenticate user
	at := r.Header.Get("Authorization")
	if at != "" {
	ownerID = app.db.GetUserID(at)
	if ownerID == -1 {
	return ErrBadAccessToken
	}
	} else {
	u := getUserSession(app, r)
	if u == nil {
	return ErrNotLoggedIn
	}
	ownerID = u.ID
	}

	silenced, err := app.db.IsUserSilenced(ownerID)
	if err != nil {
	log.Error("add post: %v", err)
	}
	if silenced {
	return ErrUserSilenced
	}

	// Parse claimed posts in format:
	// [{"id": "...", "token": "..."}]
	var claims *[]ClaimPostRequest
	decoder := json.NewDecoder(r.Body)
	err = decoder.Decode(&claims)
	if err != nil {
	return ErrBadJSONArray
	}

	vars := mux.Vars(r)
	collAlias := vars["alias"]

	// Update all given posts
	res, err := app.db.ClaimPosts(app.cfg, ownerID, collAlias, claims)
	if err != nil {
	return err
	}

	for _, pRes := range *res {
	if pRes.Code != http.StatusOK {
	continue
	}
	if !app.cfg.App.Private && app.cfg.App.Federation {
	if !pRes.Post.Created.After(time.Now()) {
	pRes.Post.Collection.hostName = app.cfg.App.Host
	go federatePost(app, pRes.Post, pRes.Post.Collection.ID, false)
	}
	}
	if app.cfg.Email.Enabled() && pRes.Post.Collection.EmailSubsEnabled() {
	go app.db.InsertJob(&PostJob{
	PostID: pRes.Post.ID,
	Action: "email",
	Delay: emailSendDelay,
	})
	}
	}
	return impart.WriteSuccess(w, res, http.StatusOK)
	}

	func dispersePost(app App, w http.ResponseWriter, r http.Request) error {
	var ownerID int64

	// Authenticate user
	at := r.Header.Get("Authorization")
	if at != "" {
	ownerID = app.db.GetUserID(at)
	if ownerID == -1 {
	return ErrBadAccessToken
	}
	} else {
	u := getUserSession(app, r)
	if u == nil {
	return ErrNotLoggedIn
	}
	ownerID = u.ID
	}

	// Parse posts in format:
	// ["..."]
	var postIDs []string
	decoder := json.NewDecoder(r.Body)
	err := decoder.Decode(&postIDs)
	if err != nil {
	return ErrBadJSONArray
	}

	// Update all given posts
	res, err := app.db.DispersePosts(ownerID, postIDs)
	if err != nil {
	return err
	}
	return impart.WriteSuccess(w, res, http.StatusOK)
	}

	type (
	PinPostResult struct {
	ID string `json:"id,omitempty"`
	Code int `json:"code,omitempty"`
	ErrorMessage string `json:"error_msg,omitempty"`
	}
	)

	// pinPost pins a post to a blog
	func pinPost(app App, w http.ResponseWriter, r http.Request) error {
	var userID int64

	// Authenticate user
	at := r.Header.Get("Authorization")
	if at != "" {
	userID = app.db.GetUserID(at)
	if userID == -1 {
	return ErrBadAccessToken
	}
	} else {
	u := getUserSession(app, r)
	if u == nil {
	return ErrNotLoggedIn
	}
	userID = u.ID
	}

	silenced, err := app.db.IsUserSilenced(userID)
	if err != nil {
	log.Error("pin post: %v", err)
	}
	if silenced {
	return ErrUserSilenced
	}

	// Parse request
	var posts []struct {
	ID string `json:"id"`
	Position int64 `json:"position"`
	}
	decoder := json.NewDecoder(r.Body)
	err = decoder.Decode(&posts)
	if err != nil {
	return ErrBadJSONArray
	}

	// Validate data
	vars := mux.Vars(r)
	collAlias := vars["alias"]

	coll, err := app.db.GetCollection(collAlias)
	if err != nil {
	return err
	}
	if coll.OwnerID != userID {
	return ErrForbiddenCollection
	}

	// Do (un)pinning
	isPinning := r.URL.Path[strings.LastIndex(r.URL.Path, "/"):] == "/pin"
	res := []PinPostResult{}
	for _, p := range posts {
	err = app.db.UpdatePostPinState(isPinning, p.ID, coll.ID, userID, p.Position)
	ppr := PinPostResult{ID: p.ID}
	if err != nil {
	ppr.Code = http.StatusInternalServerError
	// TODO: set error message
	} else {
	ppr.Code = http.StatusOK
	}
	res = append(res, ppr)
	}
	return impart.WriteSuccess(w, res, http.StatusOK)
	}

	func fetchPost(app App, w http.ResponseWriter, r http.Request) error {
	var collID int64
	var coll *Collection
	var err error
	vars := mux.Vars(r)
	if collAlias := vars["alias"]; collAlias != "" {
	// Fetch collection information, since an alias is provided
	coll, err = app.db.GetCollection(collAlias)
	if err != nil {
	return err
	}
	collID = coll.ID
	}

	p, err := app.db.GetPost(vars["post"], collID)
	if err != nil {
	return err
	}
	if coll == nil && p.CollectionID.Valid {
	// Collection post is getting fetched by post ID, not coll alias + post slug, so get coll info now.
	coll, err = app.db.GetCollectionByID(p.CollectionID.Int64)
	if err != nil {
	return err
	}
	}
	if coll != nil {
	coll.hostName = app.cfg.App.Host
	_, err = apiCheckCollectionPermissions(app, r, coll)
	if err != nil {
	return err
	}
	}

	silenced, err := app.db.IsUserSilenced(p.OwnerID.Int64)
	if err != nil {
	log.Error("fetch post: %v", err)
	}
	if silenced {
	return ErrPostNotFound
	}

	p.extractData()

	if IsActivityPubRequest(r) {
	if coll == nil {
	// This is a draft post; 404 for now
	// TODO: return ActivityObject
	return impart.HTTPError{http.StatusNotFound, ""}
	}

	p.Collection = &CollectionObj{Collection: *coll}
	po := p.ActivityObject(app)
	po.Context = []interface{}{activitystreams.Namespace}
	setCacheControl(w, apCacheTime)
	return impart.RenderActivityJSON(w, po, http.StatusOK)
	}

	return impart.WriteSuccess(w, p, http.StatusOK)
	}

	func fetchPostProperty(app App, w http.ResponseWriter, r http.Request) error {
	vars := mux.Vars(r)
	p, err := app.db.GetPostProperty(vars["post"], 0, vars["property"])
	if err != nil {
	return err
	}

	return impart.WriteSuccess(w, p, http.StatusOK)
	}

	func (p *Post) processPost() PublicPost {
	res := &PublicPost{Post: p, Views: 0}
	res.Views = p.ViewCount
	// TODO: move to own function
	loc := monday.FuzzyLocale(p.Language.String)
	res.DisplayDate = monday.Format(p.Created, monday.LongFormatsByLocale[loc], loc)

	return *res
	}

	func (p *PublicPost) CanonicalURL(hostName string) string {
	if p.Collection == nil \|\| p.Collection.Alias == "" {
	return hostName + "/" + p.ID + ".md"
	}
	return p.Collection.CanonicalURL() + p.Slug.String
	}

	func (pp *PublicPost) DisplayCanonicalURL() string {
	us := pp.CanonicalURL(pp.Collection.hostName)
	u, err := url.Parse(us)
	if err != nil {
	return us
	}
	return u.Hostname() + u.Path
	}

	func (p PublicPost) ActivityObject(app App) *activitystreams.Object {
	cfg := app.cfg
	var o *activitystreams.Object
	if cfg.App.NotesOnly \|\| strings.Index(p.Content, "\n\n") == -1 {
	o = activitystreams.NewNoteObject()
	} else {
	o = activitystreams.NewArticleObject()
	}
	o.ID = p.Collection.FederatedAPIBase() + "api/posts/" + p.ID
	o.Published = p.Created
	o.URL = p.CanonicalURL(cfg.App.Host)
	o.AttributedTo = p.Collection.FederatedAccount()
	o.CC = []string{
	p.Collection.FederatedAccount() + "/followers",
	}
	o.Name = p.DisplayTitle()
	p.augmentContent()
	if p.HTMLContent == template.HTML("") {
	p.formatContent(cfg, false, false)
	p.augmentReadingDestination()
	}
	o.Content = string(p.HTMLContent)
	if p.Language.Valid {
	o.ContentMap = map[string]string{
	p.Language.String: string(p.HTMLContent),
	}
	}
	if len(p.Tags) == 0 {
	o.Tag = []activitystreams.Tag{}
	} else {
	var tagBaseURL string
	if isSingleUser {
	tagBaseURL = p.Collection.CanonicalURL() + "tag:"
	} else {
	if cfg.App.Chorus {
	tagBaseURL = fmt.Sprintf("%s/read/t/", p.Collection.hostName)
	} else {
	tagBaseURL = fmt.Sprintf("%s/%s/tag:", p.Collection.hostName, p.Collection.Alias)
	}
	}
	for _, t := range p.Tags {
	o.Tag = append(o.Tag, activitystreams.Tag{
	Type: activitystreams.TagHashtag,
	HRef: tagBaseURL + t,
	Name: "#" + t,
	})
	}
	}
	if len(p.Images) > 0 {
	for _, i := range p.Images {
	o.Attachment = append(o.Attachment, activitystreams.NewImageAttachment(i))
	}
	}
	// Find mentioned users
	mentionedUsers := make(map[string]string)

	stripper := bluemonday.StrictPolicy()
	content := stripper.Sanitize(p.Content)
	mentions := mentionReg.FindAllString(content, -1)

	for _, handle := range mentions {
	actorIRI, err := app.db.GetProfilePageFromHandle(app, handle)
	if err != nil {
	log.Info("Couldn't find user '%s' locally or remotely", handle)
	continue
	}
	mentionedUsers[handle] = actorIRI
	}

	for handle, iri := range mentionedUsers {
	o.CC = append(o.CC, iri)
	o.Tag = append(o.Tag, activitystreams.Tag{Type: "Mention", HRef: iri, Name: handle})
	}
	return o
	}

	// TODO: merge this into getSlugFromPost or phase it out
	func getSlug(title, lang string) string {
	return getSlugFromPost("", title, lang)
	}

	func getSlugFromPost(title, body, lang string) string {
	if title == "" {
	// Remove Markdown, so e.g. link URLs and image alt text don't make it into the slug
	body = strings.TrimSpace(stripmd.StripOptions(body, stripmd.Options{SkipImages: true}))
	title = postTitle(body, body)
	}
	title = parse.PostLede(title, false)
	// Truncate lede if needed
	title, _ = parse.TruncToWord(title, 80)
	var s string
	if lang != "" && len(lang) == 2 {
	s = slug.MakeLang(title, lang)
	} else {
	s = slug.Make(title)
	}

	// Transliteration may cause the slug to expand past the limit, so truncate again
	s, _ = parse.TruncToWord(s, 80)
	return strings.TrimFunc(s, func(r rune) bool {
	// TruncToWord doesn't respect words in a slug, since spaces are replaced
	// with hyphens. So remove any trailing hyphens.
	return r == '-'
	})
	}

	// isFontValid returns whether or not the submitted post's appearance is valid.
	func (p *SubmittedPost) isFontValid() bool {
	validFonts := map[string]bool{
	"norm": true,
	"sans": true,
	"mono": true,
	"wrap": true,
	"code": true,
	}

	_, valid := validFonts[p.Font]
	return valid
	}

	func getRawPost(app App, friendlyID string) RawPost {
	var content, font, title string
	var isRTL sql.NullBool
	var lang sql.NullString
	var ownerID sql.NullInt64
	var created, updated time.Time

	err := app.db.QueryRow("SELECT title, content, text_appearance, language, rtl, created, updated, owner_id FROM posts WHERE id = ?", friendlyID).Scan(&title, &content, &font, &lang, &isRTL, &created, &updated, &ownerID)
	switch {
	case err == sql.ErrNoRows:
	return &RawPost{Content: "", Found: false, Gone: false}
	case err != nil:
	log.Error("Unable to fetch getRawPost: %s", err)
	return &RawPost{Content: "", Found: true, Gone: false}
	}

	return &RawPost{
	Title: title,
	Content: content,
	Font: font,
	Created: created,
	Updated: updated,
	IsRTL: isRTL,
	Language: lang,
	OwnerID: ownerID.Int64,
	Found: true,
	Gone: content == "" && title == "",
	}

	}

	// TODO; return a Post!
	func getRawCollectionPost(app App, slug, collAlias string) RawPost {
	var id, title, content, font string
	var isRTL sql.NullBool
	var lang sql.NullString
	var created, updated time.Time
	var ownerID null.Int
	var views int64
	var err error

	if app.cfg.App.SingleUser {
	err = app.db.QueryRow("SELECT id, title, content, text_appearance, language, rtl, view_count, created, updated, owner_id FROM posts WHERE slug = ? AND collection_id = 1", slug).Scan(&id, &title, &content, &font, &lang, &isRTL, &views, &created, &updated, &ownerID)
	} else {
	err = app.db.QueryRow("SELECT id, title, content, text_appearance, language, rtl, view_count, created, updated, owner_id FROM posts WHERE slug = ? AND collection_id = (SELECT id FROM collections WHERE alias = ?)", slug, collAlias).Scan(&id, &title, &content, &font, &lang, &isRTL, &views, &created, &updated, &ownerID)
	}
	switch {
	case err == sql.ErrNoRows:
	return &RawPost{Content: "", Found: false, Gone: false}
	case err != nil:
	log.Error("Unable to fetch getRawCollectionPost: %s", err)
	return &RawPost{Content: "", Found: true, Gone: false}
	}

	return &RawPost{
	Id: id,
	Slug: slug,
	Title: title,
	Content: content,
	Font: font,
	Created: created,
	Updated: updated,
	IsRTL: isRTL,
	Language: lang,
	OwnerID: ownerID.Int64,
	Found: true,
	Gone: content == "" && title == "",
	Views: views,
	}
	}

	func isRaw(r *http.Request) bool {
	vars := mux.Vars(r)
	slug := vars["slug"]

	// NOTE: until this is done better, be sure to keep this in parity with
	// isRaw in viewCollectionPost() and handleViewPost()
	isJSON := strings.HasSuffix(slug, ".json")
	isXML := strings.HasSuffix(slug, ".xml")
	isMarkdown := strings.HasSuffix(slug, ".md")
	return strings.HasSuffix(slug, ".txt") \|\| isJSON \|\| isXML \|\| isMarkdown
	}

	func viewCollectionPost(app App, w http.ResponseWriter, r http.Request) error {
	vars := mux.Vars(r)
	slug := vars["slug"]

	// NOTE: until this is done better, be sure to keep this in parity with
	// isRaw() and handleViewPost()
	isJSON := strings.HasSuffix(slug, ".json")
	isXML := strings.HasSuffix(slug, ".xml")
	isMarkdown := strings.HasSuffix(slug, ".md")
	isRaw := strings.HasSuffix(slug, ".txt") \|\| isJSON \|\| isXML \|\| isMarkdown

	cr := &collectionReq{}
	err := processCollectionRequest(cr, vars, w, r)
	if err != nil {
	return err
	}

	// Check for hellbanned users
	u, err := checkUserForCollection(app, cr, r, true)
	if err != nil {
	return err
	}

	// Normalize the URL, redirecting user to consistent post URL
	if slug != strings.ToLower(slug) {
	loc := fmt.Sprintf("/%s", strings.ToLower(slug))
	if !app.cfg.App.SingleUser {
	loc = "/" + cr.alias + loc
	}
	return impart.HTTPError{http.StatusMovedPermanently, loc}
	}

	// Display collection if this is a collection
	var c *Collection
	if app.cfg.App.SingleUser {
	c, err = app.db.GetCollectionByID(1)
	} else {
	c, err = app.db.GetCollection(cr.alias)
	}
	if err != nil {
	if err, ok := err.(impart.HTTPError); ok {
	if err.Status == http.StatusNotFound {
	// Redirect if necessary
	newAlias := app.db.GetCollectionRedirect(cr.alias)
	if newAlias != "" {
	return impart.HTTPError{http.StatusFound, "/" + newAlias + "/" + slug}
	}
	}
	}
	return err
	}
	c.hostName = app.cfg.App.Host

	silenced, err := app.db.IsUserSilenced(c.OwnerID)
	if err != nil {
	log.Error("view collection post: %v", err)
	}

	// Check collection permissions
	if c.IsPrivate() && (u == nil \|\| u.ID != c.OwnerID) {
	return ErrPostNotFound
	}
	if c.IsProtected() && (u == nil \|\| u.ID != c.OwnerID) {
	if silenced {
	return ErrPostNotFound
	} else if !isAuthorizedForCollection(app, c.Alias, r) {
	return impart.HTTPError{http.StatusFound, c.CanonicalURL() + "/?g=" + slug}
	}
	}

	cr.isCollOwner = u != nil && c.OwnerID == u.ID

	if isRaw {
	slug = strings.Split(slug, ".")[0]
	}

	// Fetch extra data about the Collection
	// TODO: refactor out this logic, shared in collection.go:fetchCollection()
	coll := NewCollectionObj(c)
	owner, err := app.db.GetUserByID(coll.OwnerID)
	if err != nil {
	// Log the error and just continue
	log.Error("Error getting user for collection: %v", err)
	} else {
	coll.Owner = owner
	}

	postFound := true
	p, err := app.db.GetPost(slug, coll.ID)
	if err != nil {
	if err == ErrCollectionPageNotFound {
	postFound = false

	if slug == "feed" {
	// User tried to access blog feed without a trailing slash, and
	// there's no post with a slug "feed"
	return impart.HTTPError{http.StatusFound, c.CanonicalURL() + "feed/"}
	}

	po := &Post{
	Slug: null.NewString(slug, true),
	Font: "norm",
	Language: zero.NewString("en", true),
	RTL: zero.NewBool(false, true),
	Content: `<p class="msg">This page is missing.</p>

	Are you sure it was ever here?`,
	}
	pp := po.processPost()
	p = &pp
	} else {
	return err
	}
	}

	// Check if the authenticated user is the post owner
	p.IsOwner = u != nil && u.ID == p.OwnerID.Int64
	p.Collection = coll
	p.IsTopLevel = app.cfg.App.SingleUser

	// Only allow a post owner or admin to view a post for silenced collections
	if silenced && !p.IsOwner && (u == nil \|\| !u.IsAdmin()) {
	return ErrPostNotFound
	}

	// Check if post has been unpublished
	if p.Content == "" && p.Title.String == "" {
	return impart.HTTPError{http.StatusGone, "Post was unpublished."}
	}

	p.augmentContent()

	// Serve collection post
	if isRaw {
	contentType := "text/plain"
	if isJSON {
	contentType = "application/json"
	} else if isXML {
	contentType = "application/xml"
	} else if isMarkdown {
	contentType = "text/markdown"
	}
	w.Header().Set("Content-Type", fmt.Sprintf("%s; charset=utf-8", contentType))
	if !postFound {
	w.WriteHeader(http.StatusNotFound)
	fmt.Fprintf(w, "Post not found.")
	// TODO: return error instead, so status is correctly reflected in logs
	return nil
	}
	if isMarkdown && p.Title.String != "" {
	fmt.Fprintf(w, "# %s\n\n", p.Title.String)
	}
	fmt.Fprint(w, p.Content)
	} else if IsActivityPubRequest(r) {
	if !postFound {
	return ErrCollectionPageNotFound
	}
	p.extractData()
	ap := p.ActivityObject(app)
	ap.Context = []interface{}{activitystreams.Namespace}
	setCacheControl(w, apCacheTime)
	return impart.RenderActivityJSON(w, ap, http.StatusOK)
	} else {
	p.extractData()
	p.Content = strings.Replace(p.Content, "<!--more-->", "", 1)
	if app.cfg.Email.Enabled() && c.EmailSubsEnabled() {
	// TODO: indicate plan is inactive or subs disabled when OWNER is viewing their own post.
	if u != nil && u.IsEmailSubscriber(app, c.ID) {
	p.Content = strings.Replace(p.Content, "<!--emailsub-->", `<p id="emailsub">You're subscribed to email updates. <a href="/api/collections/`+c.Alias+`/email/unsubscribe?slug=`+p.Slug.String+`">Unsubscribe</a>.</p>`, -1)
	} else {
	p.Content = strings.Replace(p.Content, "<!--emailsub-->", `<form method="post" id="emailsub" action="/api/collections/`+c.Alias+`/email/subscribe"><input type="hidden" name="slug" value="`+p.Slug.String+`" /><input type="hidden" name="web" value="1" /><div style="position: absolute; left: -5000px;" aria-hidden="true"><input type="email" name="`+spam.HoneypotFieldName()+`" tabindex="-1" value="" /><input type="password" name="fake_password" tabindex="-1" placeholder="password" autocomplete="new-password" /></div><input type="email" name="email" placeholder="me@example.com" /><input type="submit" id="subscribe-btn" value="Subscribe" /></form>`, -1)
	}
	}
	p.Content = strings.Replace(p.Content, "<!--emailsub-->", "<!--emailsub-->", 1)
	// TODO: move this to function
	p.formatContent(app.cfg, cr.isCollOwner, true)
	tp := CollectionPostPage{
	PublicPost: p,
	StaticPage: pageForReq(app, r),
	IsOwner: cr.isCollOwner,
	IsCustomDomain: cr.isCustomDomain,
	IsFound: postFound,
	Silenced: silenced,
	CollAlias: c.Alias,
	}
	tp.IsAdmin = u != nil && u.IsAdmin()
	tp.CanInvite = canUserInvite(app.cfg, tp.IsAdmin)
	tp.PinnedPosts, _ = app.db.GetPinnedPosts(coll, p.IsOwner)
	tp.IsPinned = len(*tp.PinnedPosts) > 0 && PostsContains(tp.PinnedPosts, p)
	tp.Monetization = coll.Monetization
	tp.Verification = coll.Verification

	if !postFound {
	w.WriteHeader(http.StatusNotFound)
	}
	postTmpl := "collection-post"
	if app.cfg.App.Chorus {
	postTmpl = "chorus-collection-post"
	}
	if err := templates[postTmpl].ExecuteTemplate(w, "post", tp); err != nil {
	log.Error("Error in %s template: %v", postTmpl, err)
	}
	}

	go func() {
	if p.OwnerID.Valid {
	// Post is owned by someone. Don't update stats if owner is viewing the post.
	if u != nil && p.OwnerID.Int64 == u.ID {
	return
	}
	}
	// Update stats for non-raw post views
	if !isRaw && r.Method != "HEAD" && !bots.IsBot(r.UserAgent()) {
	_, err := app.db.Exec("UPDATE posts SET view_count = view_count + 1 WHERE slug = ? AND collection_id = ?", slug, coll.ID)
	if err != nil {
	log.Error("Unable to update posts count: %v", err)
	}
	}
	}()

	return nil
	}

	// TODO: move this to utils after making it more generic
	func PostsContains(sl []PublicPost, s PublicPost) bool {
	for _, e := range *sl {
	if e.ID == s.ID {
	return true
	}
	}
	return false
	}

	func (p *Post) extractData() {
	p.Tags = tags.Extract(p.Content)
	p.extractImages()
	}

	func (p *Post) IsSans() bool {
	return p.Font == "sans"
	}

	func (p *Post) IsMonospace() bool {
	return p.Font == "mono"
	}

	func (rp *RawPost) UserFacingCreated() string {
	return rp.Created.Format(postMetaDateFormat)
	}

	func (rp *RawPost) Created8601() string {
	return rp.Created.Format("2006-01-02T15:04:05Z")
	}

	func (rp *RawPost) Updated8601() string {
	if rp.Updated.IsZero() {
	return ""
	}
	return rp.Updated.Format("2006-01-02T15:04:05Z")
	}

	var imageURLRegex = regexp.MustCompile(`(?i)[^ ]+\.(gif\|png\|jpg\|jpeg\|avif\|avifs\|webp\|jxl\|image)$`)

	func (p *Post) extractImages() {
	p.Images = extractImages(p.Content)
	}

	func extractImages(content string) []string {
	matches := extract.ExtractUrls(content)
	urls := map[string]bool{}
	for i := range matches {
	uRaw := matches[i].Text
	// Parse the extracted text so we can examine the path
	u, err := url.Parse(uRaw)
	if err != nil {
	continue
	}
	// Ensure the path looks like it leads to an image file
	if !imageURLRegex.MatchString(u.Path) {
	continue
	}
	urls[uRaw] = true
	}

	resURLs := make([]string, 0)
	for k := range urls {
	resURLs = append(resURLs, k)
	}
	return resURLs
	}

File Metadata

Mime Type: text/x-diff
Expires: Sat, Feb 1, 12:53 PM (8 h, 45 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 3146062

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions