fix: allow public search routes and prevent js redeclaration
This commit is contained in:
@@ -61,8 +61,10 @@ func RequireAuth(next http.Handler) http.Handler {
|
||||
// RequireGlobalAuth ensures that a valid user is in the context for all routes except login and static
|
||||
func RequireGlobalAuth(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
// Allow unauthenticated access to login and static files
|
||||
if r.URL.Path == "/login" || strings.HasPrefix(r.URL.Path, "/static/") {
|
||||
// Allow unauthenticated access to login, search, and static files
|
||||
if r.URL.Path == "/login" || strings.HasPrefix(r.URL.Path, "/static/") ||
|
||||
r.URL.Path == "/search" || r.URL.Path == "/api/search" || r.URL.Path == "/api/search-quick" ||
|
||||
r.URL.Path == "/" {
|
||||
next.ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -1,62 +1,67 @@
|
||||
let searchTimeout;
|
||||
const searchInput = document.getElementById('search-input');
|
||||
const searchDropdown = document.getElementById('search-dropdown');
|
||||
(function() {
|
||||
if (window.searchInitialized) return
|
||||
window.searchInitialized = true
|
||||
|
||||
if (searchInput) {
|
||||
searchInput.addEventListener('input', function(e) {
|
||||
clearTimeout(searchTimeout);
|
||||
const query = e.target.value.trim();
|
||||
let searchTimeout
|
||||
const searchInput = document.getElementById('search-input')
|
||||
const searchDropdown = document.getElementById('search-dropdown')
|
||||
|
||||
if (query.length < 2) {
|
||||
searchDropdown.innerHTML = '';
|
||||
return;
|
||||
}
|
||||
if (searchInput) {
|
||||
searchInput.addEventListener('input', function(e) {
|
||||
clearTimeout(searchTimeout)
|
||||
const query = e.target.value.trim()
|
||||
|
||||
searchTimeout = setTimeout(() => {
|
||||
fetch('/api/search-quick?q=' + encodeURIComponent(query))
|
||||
.then(res => res.json())
|
||||
.then(results => {
|
||||
if (!results || results.length === 0) {
|
||||
searchDropdown.innerHTML = '';
|
||||
return;
|
||||
}
|
||||
if (query.length < 2) {
|
||||
searchDropdown.innerHTML = ''
|
||||
return
|
||||
}
|
||||
|
||||
let html = '<div class="search-results">';
|
||||
html += '<div class="search-results-title">Anime</div>';
|
||||
results.forEach(r => {
|
||||
html += `
|
||||
<a href="/anime/${r.id}" class="search-result-item">
|
||||
${r.image ? `<img src="${r.image}" alt="${r.title}" class="search-result-thumb" />` : '<div class="search-result-no-image">no image</div>'}
|
||||
<div class="search-result-info">
|
||||
<div class="search-result-title">${escapeHtml(r.title)}</div>
|
||||
<div class="search-result-type">${r.type}</div>
|
||||
</div>
|
||||
</a>
|
||||
`;
|
||||
});
|
||||
html += `<a href="/search?q=${encodeURIComponent(query)}" class="search-result-view-all">View all results for ${escapeHtml(query)}</a>`;
|
||||
html += '</div>';
|
||||
searchDropdown.innerHTML = html;
|
||||
})
|
||||
.catch(err => console.error('Search error:', err));
|
||||
}, 300);
|
||||
});
|
||||
searchTimeout = setTimeout(() => {
|
||||
fetch('/api/search-quick?q=' + encodeURIComponent(query))
|
||||
.then(res => res.json())
|
||||
.then(results => {
|
||||
if (!results || results.length === 0) {
|
||||
searchDropdown.innerHTML = ''
|
||||
return
|
||||
}
|
||||
|
||||
searchInput.addEventListener('blur', () => {
|
||||
setTimeout(() => {
|
||||
searchDropdown.innerHTML = '';
|
||||
}, 200);
|
||||
});
|
||||
let html = '<div class="search-results">'
|
||||
html += '<div class="search-results-title">Anime</div>'
|
||||
results.forEach(r => {
|
||||
html += `
|
||||
<a href="/anime/${r.id}" class="search-result-item">
|
||||
${r.image ? `<img src="${r.image}" alt="${r.title}" class="search-result-thumb" />` : '<div class="search-result-no-image">no image</div>'}
|
||||
<div class="search-result-info">
|
||||
<div class="search-result-title">${escapeHtml(r.title)}</div>
|
||||
<div class="search-result-type">${r.type}</div>
|
||||
</div>
|
||||
</a>
|
||||
`
|
||||
})
|
||||
html += `<a href="/search?q=${encodeURIComponent(query)}" class="search-result-view-all">View all results for ${escapeHtml(query)}</a>`
|
||||
html += '</div>'
|
||||
searchDropdown.innerHTML = html
|
||||
})
|
||||
.catch(err => console.error('Search error:', err))
|
||||
}, 300)
|
||||
})
|
||||
|
||||
document.addEventListener('click', (e) => {
|
||||
if (!e.target.closest('.header-search-wrapper')) {
|
||||
searchDropdown.innerHTML = '';
|
||||
}
|
||||
});
|
||||
}
|
||||
searchInput.addEventListener('blur', () => {
|
||||
setTimeout(() => {
|
||||
searchDropdown.innerHTML = ''
|
||||
}, 200)
|
||||
})
|
||||
|
||||
function escapeHtml(text) {
|
||||
const div = document.createElement('div');
|
||||
div.textContent = text;
|
||||
return div.innerHTML;
|
||||
}
|
||||
document.addEventListener('click', (e) => {
|
||||
if (!e.target.closest('.header-search-wrapper')) {
|
||||
searchDropdown.innerHTML = ''
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
function escapeHtml(text) {
|
||||
const div = document.createElement('div')
|
||||
div.textContent = text
|
||||
return div.innerHTML
|
||||
}
|
||||
})()
|
||||
|
||||
Reference in New Issue
Block a user