forgejo/models/avatar.go
zeripath e6baa656f7
make avatar lookup occur at image request (#10540)
speed up page generation by making avatar lookup occur at the browser
not at page generation

* Protect against evil email address ".."

* hash the complete email address

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-Authored-By: Lauris BH <lauris@nix.lv>
2020-03-27 14:34:39 +02:00

49 lines
1.2 KiB
Go

// Copyright 2020 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package models
import (
"crypto/md5"
"fmt"
"net/url"
"strings"
"code.gitea.io/gitea/modules/cache"
"code.gitea.io/gitea/modules/setting"
)
// EmailHash represents a pre-generated hash map
type EmailHash struct {
Hash string `xorm:"pk varchar(32)"`
Email string `xorm:"UNIQUE NOT NULL"`
}
// GetEmailForHash converts a provided md5sum to the email
func GetEmailForHash(md5Sum string) (string, error) {
return cache.GetString("Avatar:"+md5Sum, func() (string, error) {
emailHash := EmailHash{
Hash: strings.ToLower(strings.TrimSpace(md5Sum)),
}
_, err := x.Get(&emailHash)
return emailHash.Email, err
})
}
// AvatarLink returns an avatar link for a provided email
func AvatarLink(email string) string {
lowerEmail := strings.ToLower(strings.TrimSpace(email))
sum := fmt.Sprintf("%x", md5.Sum([]byte(lowerEmail)))
_, _ = cache.GetString("Avatar:"+sum, func() (string, error) {
emailHash := &EmailHash{
Email: lowerEmail,
Hash: sum,
}
_, _ = x.Insert(emailHash)
return lowerEmail, nil
})
return setting.AppSubURL + "/avatar/" + url.PathEscape(sum)
}