From d0a550fee6ddd99c7650d07420f89f319c67b73e Mon Sep 17 00:00:00 2001 From: Mark <162816078+markashton480@users.noreply.github.com> Date: Tue, 3 Mar 2026 22:52:59 +0000 Subject: [PATCH] =?UTF-8?q?feat(comments):=20v2=20=E2=80=94=20HTMX,=20Turn?= =?UTF-8?q?stile,=20reactions,=20design=20refresh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Extract comment templates into reusable partials (_comment.html, _comment_form.html, _comment_list.html, _reply_form.html, etc.) - Add HTMX progressive enhancement: inline form submission with partial responses, delta polling for live updates, form reset on success, success/moderation toast feedback - Integrate Cloudflare Turnstile for invisible bot protection: server-side token validation with hostname check, fail-closed on errors/timeouts, feature-flagged via TURNSTILE_SECRET_KEY env var - Auto-approve comments that pass Turnstile; keep manual approval as fallback when Turnstile is disabled (model default stays False) - Add CommentReaction model with UniqueConstraint for session-based anonymous reactions (heart/thumbs-up), toggle support, separate rate-limit bucket (20/min) - Add comment poll endpoint (GET /comments/poll//?after_id=N) for HTMX delta polling without duplicates - Update CSP middleware to allow challenges.cloudflare.com in script-src, connect-src, and frame-src - Self-host htmx.min.js (v2.0.4) to minimize CSP surface area - Add django-htmx middleware and requests to dependencies - Add Unapprove bulk action to Wagtail admin for moderation - Extend PII purge command to anonymize reaction session_key - Design refresh: neon glow avatars, solid hover shadows, gradient section header, cyan reply borders, grid-pattern empty state, neon-pink focus glow on form inputs - Add turnstile_site_key to template context via context processor - 18 new tests covering HTMX contracts, Turnstile success/failure/ timeout/hostname-mismatch, polling deltas, reaction toggle/dedup/ rate-limit, CSP headers, and PII purge extension Closes #43 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- apps/blog/models.py | 3 + .../commands/purge_old_comment_data.py | 9 +- .../migrations/0002_commentreaction.py | 27 ++ apps/comments/models.py | 18 ++ apps/comments/tests/test_v2.py | 271 ++++++++++++++++++ apps/comments/urls.py | 4 +- apps/comments/views.py | 159 +++++++++- apps/comments/wagtail_hooks.py | 29 ++ apps/core/context_processors.py | 6 +- apps/core/middleware.py | 5 +- config/settings/base.py | 7 + requirements/base.txt | 2 + static/js/htmx.min.js | 1 + templates/base.html | 4 +- templates/blog/article_page.html | 73 +---- templates/comments/_comment.html | 24 ++ templates/comments/_comment_form.html | 32 +++ templates/comments/_comment_list.html | 6 + templates/comments/_comment_list_inner.html | 3 + templates/comments/_comment_success.html | 3 + templates/comments/_reactions.html | 12 + templates/comments/_reply_form.html | 20 ++ .../comments/confirm_bulk_unapprove.html | 53 ++++ 23 files changed, 695 insertions(+), 76 deletions(-) create mode 100644 apps/comments/migrations/0002_commentreaction.py create mode 100644 apps/comments/tests/test_v2.py create mode 100644 static/js/htmx.min.js create mode 100644 templates/comments/_comment.html create mode 100644 templates/comments/_comment_form.html create mode 100644 templates/comments/_comment_list.html create mode 100644 templates/comments/_comment_list_inner.html create mode 100644 templates/comments/_comment_success.html create mode 100644 templates/comments/_reactions.html create mode 100644 templates/comments/_reply_form.html create mode 100644 templates/comments/confirm_bulk_unapprove.html diff --git a/apps/blog/models.py b/apps/blog/models.py index 16928ec..413b003 100644 --- a/apps/blog/models.py +++ b/apps/blog/models.py @@ -303,12 +303,15 @@ class ArticlePage(SeoMixin, Page): def get_context(self, request, *args, **kwargs): ctx = super().get_context(request, *args, **kwargs) ctx["related_articles"] = self.get_related_articles() + from django.conf import settings + from apps.comments.models import Comment approved_replies = Comment.objects.filter(is_approved=True).select_related("parent") ctx["approved_comments"] = self.comments.filter(is_approved=True, parent__isnull=True).prefetch_related( Prefetch("replies", queryset=approved_replies) ) + ctx["turnstile_site_key"] = getattr(settings, "TURNSTILE_SITE_KEY", "") return ctx diff --git a/apps/comments/management/commands/purge_old_comment_data.py b/apps/comments/management/commands/purge_old_comment_data.py index 73b17bf..0259e34 100644 --- a/apps/comments/management/commands/purge_old_comment_data.py +++ b/apps/comments/management/commands/purge_old_comment_data.py @@ -5,7 +5,7 @@ from datetime import timedelta from django.core.management.base import BaseCommand from django.utils import timezone -from apps.comments.models import Comment +from apps.comments.models import Comment, CommentReaction class Command(BaseCommand): @@ -29,3 +29,10 @@ class Command(BaseCommand): .update(author_email="", ip_address=None) ) self.stdout.write(self.style.SUCCESS(f"Purged personal data for {purged} comment(s).")) + + reactions_purged = ( + CommentReaction.objects.filter(created_at__lt=cutoff) + .exclude(session_key="") + .update(session_key="") + ) + self.stdout.write(self.style.SUCCESS(f"Purged session keys for {reactions_purged} reaction(s).")) diff --git a/apps/comments/migrations/0002_commentreaction.py b/apps/comments/migrations/0002_commentreaction.py new file mode 100644 index 0000000..fe90967 --- /dev/null +++ b/apps/comments/migrations/0002_commentreaction.py @@ -0,0 +1,27 @@ +# Generated by Django 5.2.11 on 2026-03-03 22:49 + +import django.db.models.deletion +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('comments', '0001_initial'), + ] + + operations = [ + migrations.CreateModel( + name='CommentReaction', + fields=[ + ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('reaction_type', models.CharField(choices=[('heart', '❤️'), ('plus_one', '👍')], max_length=20)), + ('session_key', models.CharField(max_length=64)), + ('created_at', models.DateTimeField(auto_now_add=True)), + ('comment', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='reactions', to='comments.comment')), + ], + options={ + 'constraints': [models.UniqueConstraint(fields=('comment', 'reaction_type', 'session_key'), name='unique_comment_reaction_per_session')], + }, + ), + ] diff --git a/apps/comments/models.py b/apps/comments/models.py index 5689d97..7c17d37 100644 --- a/apps/comments/models.py +++ b/apps/comments/models.py @@ -23,3 +23,21 @@ class Comment(models.Model): def __str__(self) -> str: return f"Comment by {self.author_name}" + + +class CommentReaction(models.Model): + comment = models.ForeignKey(Comment, on_delete=models.CASCADE, related_name="reactions") + reaction_type = models.CharField(max_length=20, choices=[("heart", "❤️"), ("plus_one", "👍")]) + session_key = models.CharField(max_length=64) + created_at = models.DateTimeField(auto_now_add=True) + + class Meta: + constraints = [ + models.UniqueConstraint( + fields=["comment", "reaction_type", "session_key"], + name="unique_comment_reaction_per_session", + ) + ] + + def __str__(self) -> str: + return f"{self.reaction_type} on comment {self.comment_id}" diff --git a/apps/comments/tests/test_v2.py b/apps/comments/tests/test_v2.py new file mode 100644 index 0000000..7862a5f --- /dev/null +++ b/apps/comments/tests/test_v2.py @@ -0,0 +1,271 @@ +"""Tests for Comments v2: HTMX, Turnstile, reactions, polling, CSP.""" +from __future__ import annotations + +from datetime import timedelta +from unittest.mock import patch + +import pytest +from django.core.cache import cache +from django.core.management import call_command +from django.test import override_settings +from django.utils import timezone + +from apps.blog.models import ArticleIndexPage, ArticlePage +from apps.blog.tests.factories import AuthorFactory +from apps.comments.models import Comment, CommentReaction + + +# ── Fixtures ────────────────────────────────────────────────────────────────── + + +@pytest.fixture +def _article(home_page): + """Create a published article with comments enabled.""" + index = ArticleIndexPage(title="Articles", slug="articles") + home_page.add_child(instance=index) + author = AuthorFactory() + article = ArticlePage( + title="Test Article", + slug="test-article", + author=author, + summary="summary", + body=[("rich_text", "

body

")], + ) + index.add_child(instance=article) + article.save_revision().publish() + return article + + +@pytest.fixture +def approved_comment(_article): + return Comment.objects.create( + article=_article, + author_name="Alice", + author_email="alice@example.com", + body="Great article!", + is_approved=True, + ) + + +def _post_comment(client, article, extra=None, htmx=False): + cache.clear() + payload = { + "article_id": article.id, + "author_name": "Test", + "author_email": "test@example.com", + "body": "Hello world", + "honeypot": "", + } + if extra: + payload.update(extra) + headers = {} + if htmx: + headers["HTTP_HX_REQUEST"] = "true" + return client.post("/comments/post/", payload, **headers) + + +# ── HTMX Response Contracts ────────────────────────────────────────────────── + + +@pytest.mark.django_db +def test_htmx_post_returns_partial_on_success(client, _article): + """HTMX POST with Turnstile disabled returns moderation notice partial.""" + resp = _post_comment(client, _article, htmx=True) + assert resp.status_code == 200 + assert b"awaiting moderation" in resp.content + assert "HX-Request" in resp["Vary"] + + +@pytest.mark.django_db +@override_settings(TURNSTILE_SECRET_KEY="test-secret") +def test_htmx_post_returns_comment_partial_when_turnstile_passes(client, _article): + """HTMX POST with successful Turnstile returns comment partial for append.""" + with patch("apps.comments.views._verify_turnstile", return_value=True): + resp = _post_comment(client, _article, extra={"cf-turnstile-response": "tok"}, htmx=True) + assert resp.status_code == 200 + assert b"Hello world" in resp.content + assert b"comment-" in resp.content + comment = Comment.objects.get() + assert comment.is_approved is True + + +@pytest.mark.django_db +def test_htmx_post_returns_form_with_errors_on_invalid(client, _article): + """HTMX POST with invalid data returns form partial with HTTP 422.""" + cache.clear() + resp = client.post( + "/comments/post/", + {"article_id": _article.id, "author_name": "T", "author_email": "t@t.com", "body": " ", "honeypot": ""}, + HTTP_HX_REQUEST="true", + ) + assert resp.status_code == 422 + assert "HX-Request" in resp["Vary"] + assert Comment.objects.count() == 0 + + +@pytest.mark.django_db +def test_non_htmx_post_still_redirects(client, _article): + """Non-HTMX POST continues to redirect (progressive enhancement).""" + resp = _post_comment(client, _article) + assert resp.status_code == 302 + assert resp["Location"].endswith("?commented=1") + + +# ── Turnstile Integration ──────────────────────────────────────────────────── + + +@pytest.mark.django_db +@override_settings(TURNSTILE_SECRET_KEY="test-secret") +def test_turnstile_failure_keeps_comment_unapproved(client, _article): + """When Turnstile verification fails, comment stays unapproved.""" + with patch("apps.comments.views._verify_turnstile", return_value=False): + _post_comment(client, _article, extra={"cf-turnstile-response": "bad-tok"}) + comment = Comment.objects.get() + assert comment.is_approved is False + + +@pytest.mark.django_db +def test_turnstile_disabled_keeps_comment_unapproved(client, _article): + """When TURNSTILE_SECRET_KEY is empty, comment stays unapproved.""" + _post_comment(client, _article) + comment = Comment.objects.get() + assert comment.is_approved is False + + +@pytest.mark.django_db +@override_settings(TURNSTILE_SECRET_KEY="test-secret", TURNSTILE_EXPECTED_HOSTNAME="nohypeai.com") +def test_turnstile_hostname_mismatch_rejects(client, _article): + """Turnstile hostname mismatch keeps comment unapproved.""" + mock_resp = type("R", (), {"json": lambda self: {"success": True, "hostname": "evil.com"}})() + with patch("apps.comments.views.http_requests.post", return_value=mock_resp): + _post_comment(client, _article, extra={"cf-turnstile-response": "tok"}) + comment = Comment.objects.get() + assert comment.is_approved is False + + +@pytest.mark.django_db +@override_settings(TURNSTILE_SECRET_KEY="test-secret") +def test_turnstile_timeout_fails_closed(client, _article): + """Network error during Turnstile verification fails closed.""" + with patch("apps.comments.views.http_requests.post", side_effect=Exception("timeout")): + _post_comment(client, _article, extra={"cf-turnstile-response": "tok"}) + comment = Comment.objects.get() + assert comment.is_approved is False + + +# ── Polling ─────────────────────────────────────────────────────────────────── + + +@pytest.mark.django_db +def test_comment_poll_returns_new_comments(_article, client, approved_comment): + """Poll endpoint returns only comments after the given ID.""" + resp = client.get(f"/comments/poll/{_article.id}/?after_id=0") + assert resp.status_code == 200 + assert b"Alice" in resp.content + + resp2 = client.get(f"/comments/poll/{_article.id}/?after_id={approved_comment.id}") + assert resp2.status_code == 200 + assert b"Alice" not in resp2.content + + +@pytest.mark.django_db +def test_comment_poll_no_duplicates(_article, client, approved_comment): + """Polling with current latest ID returns empty.""" + resp = client.get(f"/comments/poll/{_article.id}/?after_id={approved_comment.id}") + assert b"comment-" not in resp.content + + +# ── Reactions ───────────────────────────────────────────────────────────────── + + +@pytest.mark.django_db +def test_react_creates_reaction(client, approved_comment): + cache.clear() + resp = client.post( + f"/comments/{approved_comment.id}/react/", + {"reaction_type": "heart"}, + HTTP_HX_REQUEST="true", + ) + assert resp.status_code == 200 + assert CommentReaction.objects.count() == 1 + + +@pytest.mark.django_db +def test_react_toggle_removes_reaction(client, approved_comment): + """Second reaction of same type removes it (toggle).""" + cache.clear() + client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "heart"}) + client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "heart"}) + assert CommentReaction.objects.count() == 0 + + +@pytest.mark.django_db +def test_react_different_types_coexist(client, approved_comment): + cache.clear() + client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "heart"}) + client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "plus_one"}) + assert CommentReaction.objects.count() == 2 + + +@pytest.mark.django_db +def test_react_invalid_type_returns_400(client, approved_comment): + cache.clear() + resp = client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "invalid"}) + assert resp.status_code == 400 + + +@pytest.mark.django_db +def test_react_on_unapproved_comment_returns_404(client, _article): + cache.clear() + comment = Comment.objects.create( + article=_article, author_name="B", author_email="b@b.com", body="x", is_approved=False, + ) + resp = client.post(f"/comments/{comment.id}/react/", {"reaction_type": "heart"}) + assert resp.status_code == 404 + + +@pytest.mark.django_db +@override_settings(REACTION_RATE_LIMIT_PER_MINUTE=2) +def test_react_rate_limit(client, approved_comment): + cache.clear() + for _ in range(2): + client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "heart"}) + resp = client.post(f"/comments/{approved_comment.id}/react/", {"reaction_type": "plus_one"}) + assert resp.status_code == 429 + + +# ── CSP ─────────────────────────────────────────────────────────────────────── + + +@pytest.mark.django_db +def test_csp_allows_turnstile(client, _article): + """CSP header includes Cloudflare Turnstile domains.""" + resp = client.get(_article.url) + csp = resp.get("Content-Security-Policy", "") + assert "challenges.cloudflare.com" in csp + assert "frame-src" in csp + + +# ── Purge Command Extension ────────────────────────────────────────────────── + + +@pytest.mark.django_db +def test_purge_clears_reaction_session_keys(home_page): + index = ArticleIndexPage(title="Articles", slug="articles") + home_page.add_child(instance=index) + author = AuthorFactory() + article = ArticlePage(title="A", slug="a", author=author, summary="s", body=[("rich_text", "

b

")]) + index.add_child(instance=article) + article.save_revision().publish() + + comment = Comment.objects.create( + article=article, author_name="X", author_email="x@x.com", body="y", is_approved=True, + ) + reaction = CommentReaction.objects.create( + comment=comment, reaction_type="heart", session_key="abc123", + ) + CommentReaction.objects.filter(pk=reaction.pk).update(created_at=timezone.now() - timedelta(days=800)) + + call_command("purge_old_comment_data") + reaction.refresh_from_db() + assert reaction.session_key == "" diff --git a/apps/comments/urls.py b/apps/comments/urls.py index 861e88c..3e31d07 100644 --- a/apps/comments/urls.py +++ b/apps/comments/urls.py @@ -1,7 +1,9 @@ from django.urls import path -from apps.comments.views import CommentCreateView +from apps.comments.views import CommentCreateView, comment_poll, comment_react urlpatterns = [ path("post/", CommentCreateView.as_view(), name="comment_post"), + path("poll//", comment_poll, name="comment_poll"), + path("/react/", comment_react, name="comment_react"), ] diff --git a/apps/comments/views.py b/apps/comments/views.py index 6c34fc3..552da5f 100644 --- a/apps/comments/views.py +++ b/apps/comments/views.py @@ -1,16 +1,25 @@ from __future__ import annotations +import logging +from urllib.parse import urlencode + +import requests as http_requests from django.conf import settings from django.contrib import messages from django.core.cache import cache from django.core.exceptions import ValidationError -from django.http import HttpResponse +from django.db import IntegrityError +from django.db.models import F, Prefetch +from django.http import HttpResponse, JsonResponse from django.shortcuts import get_object_or_404, redirect, render from django.views import View +from django.views.decorators.http import require_GET, require_POST from apps.blog.models import ArticlePage from apps.comments.forms import CommentForm -from apps.comments.models import Comment +from apps.comments.models import Comment, CommentReaction + +logger = logging.getLogger(__name__) def client_ip_from_request(request) -> str: @@ -22,11 +31,53 @@ def client_ip_from_request(request) -> str: return remote_addr +def _is_htmx(request) -> bool: + return request.headers.get("HX-Request") == "true" + + +def _add_vary_header(response): + response["Vary"] = "HX-Request" + return response + + +def _verify_turnstile(token: str, ip: str) -> bool: + secret = getattr(settings, "TURNSTILE_SECRET_KEY", "") + if not secret: + return False + try: + resp = http_requests.post( + "https://challenges.cloudflare.com/turnstile/v0/siteverify", + data={"secret": secret, "response": token, "remoteip": ip}, + timeout=5, + ) + result = resp.json() + if not result.get("success"): + return False + expected_hostname = getattr(settings, "TURNSTILE_EXPECTED_HOSTNAME", "") + if expected_hostname and result.get("hostname") != expected_hostname: + logger.warning("Turnstile hostname mismatch: %s", result.get("hostname")) + return False + return True + except Exception: + logger.exception("Turnstile verification failed") + return False + + +def _turnstile_enabled() -> bool: + return bool(getattr(settings, "TURNSTILE_SECRET_KEY", "")) + + class CommentCreateView(View): def _render_article_with_errors(self, request, article, form): + if _is_htmx(request): + ctx = {"comment_form": form, "page": article} + ctx["turnstile_site_key"] = getattr(settings, "TURNSTILE_SITE_KEY", "") + resp = render(request, "comments/_comment_form.html", ctx, status=422) + return _add_vary_header(resp) context = article.get_context(request) context["page"] = article context["comment_form"] = form + context["turnstile_site_key"] = getattr(settings, "TURNSTILE_SITE_KEY", "") return render(request, "blog/article_page.html", context, status=200) def post(self, request): @@ -45,9 +96,21 @@ class CommentCreateView(View): if form.is_valid(): if form.cleaned_data.get("honeypot"): + if _is_htmx(request): + return _add_vary_header( + render(request, "comments/_comment_success.html", {"message": "Comment posted!"}) + ) return redirect(f"{article.url}?commented=1") + + # Turnstile verification + turnstile_ok = False + if _turnstile_enabled(): + token = request.POST.get("cf-turnstile-response", "") + turnstile_ok = _verify_turnstile(token, ip) + comment = form.save(commit=False) comment.article = article + comment.is_approved = turnstile_ok parent_id = form.cleaned_data.get("parent_id") if parent_id: comment.parent = Comment.objects.filter(pk=parent_id, article=article).first() @@ -58,7 +121,97 @@ class CommentCreateView(View): form.add_error(None, "Reply depth exceeds the allowed limit") return self._render_article_with_errors(request, article, form) comment.save() - messages.success(request, "Your comment is awaiting moderation") + + if _is_htmx(request): + if comment.is_approved: + resp = render(request, "comments/_comment.html", { + "comment": comment, "page": article, + "turnstile_site_key": getattr(settings, "TURNSTILE_SITE_KEY", ""), + }) + else: + resp = render(request, "comments/_comment_success.html", { + "message": "Your comment has been posted and is awaiting moderation.", + }) + return _add_vary_header(resp) + + messages.success( + request, + "Comment posted!" if comment.is_approved else "Your comment is awaiting moderation", + ) return redirect(f"{article.url}?commented=1") return self._render_article_with_errors(request, article, form) + + +@require_GET +def comment_poll(request, article_id): + """Return comments newer than after_id for HTMX polling.""" + article = get_object_or_404(ArticlePage, pk=article_id) + after_id = request.GET.get("after_id", "0") + try: + after_id = int(after_id) + except (ValueError, TypeError): + after_id = 0 + + approved_replies = Comment.objects.filter(is_approved=True).select_related("parent") + comments = ( + article.comments.filter(is_approved=True, parent__isnull=True, id__gt=after_id) + .prefetch_related(Prefetch("replies", queryset=approved_replies)) + .order_by("created_at", "id") + ) + + resp = render(request, "comments/_comment_list_inner.html", { + "approved_comments": comments, + "page": article, + "turnstile_site_key": getattr(settings, "TURNSTILE_SITE_KEY", ""), + }) + return _add_vary_header(resp) + + +@require_POST +def comment_react(request, comment_id): + """Toggle a reaction on a comment.""" + ip = client_ip_from_request(request) + key = f"reaction-rate:{ip}" + count = cache.get(key, 0) + rate_limit = getattr(settings, "REACTION_RATE_LIMIT_PER_MINUTE", 20) + if count >= rate_limit: + return HttpResponse(status=429) + cache.set(key, count + 1, timeout=60) + + comment = get_object_or_404(Comment, pk=comment_id, is_approved=True) + reaction_type = request.POST.get("reaction_type", "heart") + if reaction_type not in ("heart", "plus_one"): + return HttpResponse(status=400) + + if not request.session.session_key: + request.session.create() + session_key = request.session.session_key + + try: + existing = CommentReaction.objects.filter( + comment=comment, reaction_type=reaction_type, session_key=session_key + ).first() + if existing: + existing.delete() + else: + CommentReaction.objects.create( + comment=comment, reaction_type=reaction_type, session_key=session_key + ) + except IntegrityError: + pass + + counts = {} + for rt in ("heart", "plus_one"): + counts[rt] = comment.reactions.filter(reaction_type=rt).count() + user_reacted = set( + comment.reactions.filter(session_key=session_key).values_list("reaction_type", flat=True) + ) + + if _is_htmx(request): + resp = render(request, "comments/_reactions.html", { + "comment": comment, "counts": counts, "user_reacted": user_reacted, + }) + return _add_vary_header(resp) + + return JsonResponse({"counts": counts, "user_reacted": list(user_reacted)}) diff --git a/apps/comments/wagtail_hooks.py b/apps/comments/wagtail_hooks.py index 01579ee..e2cccbf 100644 --- a/apps/comments/wagtail_hooks.py +++ b/apps/comments/wagtail_hooks.py @@ -41,6 +41,34 @@ class ApproveCommentBulkAction(SnippetBulkAction): ) % {"count": num_parent_objects} +class UnapproveCommentBulkAction(SnippetBulkAction): + display_name = _("Unapprove") + action_type = "unapprove" + aria_label = _("Unapprove selected comments") + template_name = "comments/confirm_bulk_unapprove.html" + action_priority = 30 + models = [Comment] + + def check_perm(self, snippet): + if getattr(self, "can_change_items", None) is None: + self.can_change_items = self.request.user.has_perm(get_permission_name("change", self.model)) + return self.can_change_items + + @classmethod + def execute_action(cls, objects, **kwargs): + updated = kwargs["self"].model.objects.filter(pk__in=[obj.pk for obj in objects], is_approved=True).update( + is_approved=False + ) + return updated, 0 + + def get_success_message(self, num_parent_objects, num_child_objects): + return ngettext( + "%(count)d comment unapproved.", + "%(count)d comments unapproved.", + num_parent_objects, + ) % {"count": num_parent_objects} + + class CommentViewSet(SnippetViewSet): model = Comment queryset = Comment.objects.all() @@ -70,3 +98,4 @@ class CommentViewSet(SnippetViewSet): register_snippet(CommentViewSet) hooks.register("register_bulk_action", ApproveCommentBulkAction) +hooks.register("register_bulk_action", UnapproveCommentBulkAction) diff --git a/apps/core/context_processors.py b/apps/core/context_processors.py index 8ce6231..899d162 100644 --- a/apps/core/context_processors.py +++ b/apps/core/context_processors.py @@ -1,3 +1,4 @@ +from django.conf import settings as django_settings from wagtail.models import Site from apps.core.models import SiteSettings @@ -6,4 +7,7 @@ from apps.core.models import SiteSettings def site_settings(request): site = Site.find_for_request(request) settings_obj = SiteSettings.for_site(site) if site else None - return {"site_settings": settings_obj} + return { + "site_settings": settings_obj, + "turnstile_site_key": getattr(django_settings, "TURNSTILE_SITE_KEY", ""), + } diff --git a/apps/core/middleware.py b/apps/core/middleware.py index 25fd18c..1afe820 100644 --- a/apps/core/middleware.py +++ b/apps/core/middleware.py @@ -28,11 +28,12 @@ class SecurityHeadersMiddleware: return response response["Content-Security-Policy"] = ( f"default-src 'self'; " - f"script-src 'self' 'nonce-{nonce}'; " + f"script-src 'self' 'nonce-{nonce}' https://challenges.cloudflare.com; " "style-src 'self' https://fonts.googleapis.com; " "img-src 'self' data: blob:; " "font-src 'self' https://fonts.gstatic.com; " - "connect-src 'self'; " + "connect-src 'self' https://challenges.cloudflare.com; " + "frame-src https://challenges.cloudflare.com; " "object-src 'none'; " "base-uri 'self'; " "frame-ancestors 'self'" diff --git a/config/settings/base.py b/config/settings/base.py index adc6d65..30e3146 100644 --- a/config/settings/base.py +++ b/config/settings/base.py @@ -48,6 +48,7 @@ INSTALLED_APPS = [ "wagtailseo", "tailwind", "theme", + "django_htmx", "apps.core", "apps.blog", "apps.authors", @@ -66,6 +67,7 @@ MIDDLEWARE = [ "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", + "django_htmx.middleware.HtmxMiddleware", "wagtail.contrib.redirects.middleware.RedirectMiddleware", "apps.core.middleware.ConsentMiddleware", ] @@ -154,6 +156,11 @@ STORAGES = { TAILWIND_APP_NAME = "theme" +# Cloudflare Turnstile (comment spam protection) +TURNSTILE_SITE_KEY = os.getenv("TURNSTILE_SITE_KEY", "") +TURNSTILE_SECRET_KEY = os.getenv("TURNSTILE_SECRET_KEY", "") +TURNSTILE_EXPECTED_HOSTNAME = os.getenv("TURNSTILE_EXPECTED_HOSTNAME", "") + WAGTAILSEARCH_BACKENDS = { "default": { "BACKEND": "wagtail.search.backends.database", diff --git a/requirements/base.txt b/requirements/base.txt index 472cf9a..f7d43c0 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -10,6 +10,8 @@ python-dotenv~=1.0.0 dj-database-url~=2.2.0 django-tailwind~=3.8.0 django-csp~=3.8.0 +django-htmx~=1.21.0 +requests~=2.32.0 pytest~=8.3.0 pytest-django~=4.9.0 pytest-cov~=5.0.0 diff --git a/static/js/htmx.min.js b/static/js/htmx.min.js new file mode 100644 index 0000000..59937d7 --- /dev/null +++ b/static/js/htmx.min.js @@ -0,0 +1 @@ +var htmx=function(){"use strict";const Q={onLoad:null,process:null,on:null,off:null,trigger:null,ajax:null,find:null,findAll:null,closest:null,values:function(e,t){const n=cn(e,t||"post");return n.values},remove:null,addClass:null,removeClass:null,toggleClass:null,takeClass:null,swap:null,defineExtension:null,removeExtension:null,logAll:null,logNone:null,logger:null,config:{historyEnabled:true,historyCacheSize:10,refreshOnHistoryMiss:false,defaultSwapStyle:"innerHTML",defaultSwapDelay:0,defaultSettleDelay:20,includeIndicatorStyles:true,indicatorClass:"htmx-indicator",requestClass:"htmx-request",addedClass:"htmx-added",settlingClass:"htmx-settling",swappingClass:"htmx-swapping",allowEval:true,allowScriptTags:true,inlineScriptNonce:"",inlineStyleNonce:"",attributesToSettle:["class","style","width","height"],withCredentials:false,timeout:0,wsReconnectDelay:"full-jitter",wsBinaryType:"blob",disableSelector:"[hx-disable], [data-hx-disable]",scrollBehavior:"instant",defaultFocusScroll:false,getCacheBusterParam:false,globalViewTransitions:false,methodsThatUseUrlParams:["get","delete"],selfRequestsOnly:true,ignoreTitle:false,scrollIntoViewOnBoost:true,triggerSpecsCache:null,disableInheritance:false,responseHandling:[{code:"204",swap:false},{code:"[23]..",swap:true},{code:"[45]..",swap:false,error:true}],allowNestedOobSwaps:true},parseInterval:null,_:null,version:"2.0.4"};Q.onLoad=j;Q.process=kt;Q.on=ye;Q.off=be;Q.trigger=he;Q.ajax=Rn;Q.find=u;Q.findAll=x;Q.closest=g;Q.remove=z;Q.addClass=K;Q.removeClass=G;Q.toggleClass=W;Q.takeClass=Z;Q.swap=$e;Q.defineExtension=Fn;Q.removeExtension=Bn;Q.logAll=V;Q.logNone=_;Q.parseInterval=d;Q._=e;const n={addTriggerHandler:St,bodyContains:le,canAccessLocalStorage:B,findThisElement:Se,filterValues:hn,swap:$e,hasAttribute:s,getAttributeValue:te,getClosestAttributeValue:re,getClosestMatch:o,getExpressionVars:En,getHeaders:fn,getInputValues:cn,getInternalData:ie,getSwapSpecification:gn,getTriggerSpecs:st,getTarget:Ee,makeFragment:P,mergeObjects:ce,makeSettleInfo:xn,oobSwap:He,querySelectorExt:ae,settleImmediately:Kt,shouldCancel:ht,triggerEvent:he,triggerErrorEvent:fe,withExtensions:Ft};const r=["get","post","put","delete","patch"];const H=r.map(function(e){return"[hx-"+e+"], [data-hx-"+e+"]"}).join(", ");function d(e){if(e==undefined){return undefined}let t=NaN;if(e.slice(-2)=="ms"){t=parseFloat(e.slice(0,-2))}else if(e.slice(-1)=="s"){t=parseFloat(e.slice(0,-1))*1e3}else if(e.slice(-1)=="m"){t=parseFloat(e.slice(0,-1))*1e3*60}else{t=parseFloat(e)}return isNaN(t)?undefined:t}function ee(e,t){return e instanceof Element&&e.getAttribute(t)}function s(e,t){return!!e.hasAttribute&&(e.hasAttribute(t)||e.hasAttribute("data-"+t))}function te(e,t){return ee(e,t)||ee(e,"data-"+t)}function c(e){const t=e.parentElement;if(!t&&e.parentNode instanceof ShadowRoot)return e.parentNode;return t}function ne(){return document}function m(e,t){return e.getRootNode?e.getRootNode({composed:t}):ne()}function o(e,t){while(e&&!t(e)){e=c(e)}return e||null}function i(e,t,n){const r=te(t,n);const o=te(t,"hx-disinherit");var i=te(t,"hx-inherit");if(e!==t){if(Q.config.disableInheritance){if(i&&(i==="*"||i.split(" ").indexOf(n)>=0)){return r}else{return null}}if(o&&(o==="*"||o.split(" ").indexOf(n)>=0)){return"unset"}}return r}function re(t,n){let r=null;o(t,function(e){return!!(r=i(t,ue(e),n))});if(r!=="unset"){return r}}function h(e,t){const n=e instanceof Element&&(e.matches||e.matchesSelector||e.msMatchesSelector||e.mozMatchesSelector||e.webkitMatchesSelector||e.oMatchesSelector);return!!n&&n.call(e,t)}function T(e){const t=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i;const n=t.exec(e);if(n){return n[1].toLowerCase()}else{return""}}function q(e){const t=new DOMParser;return t.parseFromString(e,"text/html")}function L(e,t){while(t.childNodes.length>0){e.append(t.childNodes[0])}}function A(e){const t=ne().createElement("script");se(e.attributes,function(e){t.setAttribute(e.name,e.value)});t.textContent=e.textContent;t.async=false;if(Q.config.inlineScriptNonce){t.nonce=Q.config.inlineScriptNonce}return t}function N(e){return e.matches("script")&&(e.type==="text/javascript"||e.type==="module"||e.type==="")}function I(e){Array.from(e.querySelectorAll("script")).forEach(e=>{if(N(e)){const t=A(e);const n=e.parentNode;try{n.insertBefore(t,e)}catch(e){O(e)}finally{e.remove()}}})}function P(e){const t=e.replace(/]*)?>[\s\S]*?<\/head>/i,"");const n=T(t);let r;if(n==="html"){r=new DocumentFragment;const i=q(e);L(r,i.body);r.title=i.title}else if(n==="body"){r=new DocumentFragment;const i=q(t);L(r,i.body);r.title=i.title}else{const i=q('");r=i.querySelector("template").content;r.title=i.title;var o=r.querySelector("title");if(o&&o.parentNode===r){o.remove();r.title=o.innerText}}if(r){if(Q.config.allowScriptTags){I(r)}else{r.querySelectorAll("script").forEach(e=>e.remove())}}return r}function oe(e){if(e){e()}}function t(e,t){return Object.prototype.toString.call(e)==="[object "+t+"]"}function k(e){return typeof e==="function"}function D(e){return t(e,"Object")}function ie(e){const t="htmx-internal-data";let n=e[t];if(!n){n=e[t]={}}return n}function M(t){const n=[];if(t){for(let e=0;e=0}function le(e){return e.getRootNode({composed:true})===document}function F(e){return e.trim().split(/\s+/)}function ce(e,t){for(const n in t){if(t.hasOwnProperty(n)){e[n]=t[n]}}return e}function S(e){try{return JSON.parse(e)}catch(e){O(e);return null}}function B(){const e="htmx:localStorageTest";try{localStorage.setItem(e,e);localStorage.removeItem(e);return true}catch(e){return false}}function U(t){try{const e=new URL(t);if(e){t=e.pathname+e.search}if(!/^\/$/.test(t)){t=t.replace(/\/+$/,"")}return t}catch(e){return t}}function e(e){return vn(ne().body,function(){return eval(e)})}function j(t){const e=Q.on("htmx:load",function(e){t(e.detail.elt)});return e}function V(){Q.logger=function(e,t,n){if(console){console.log(t,e,n)}}}function _(){Q.logger=null}function u(e,t){if(typeof e!=="string"){return e.querySelector(t)}else{return u(ne(),e)}}function x(e,t){if(typeof e!=="string"){return e.querySelectorAll(t)}else{return x(ne(),e)}}function E(){return window}function z(e,t){e=y(e);if(t){E().setTimeout(function(){z(e);e=null},t)}else{c(e).removeChild(e)}}function ue(e){return e instanceof Element?e:null}function $(e){return e instanceof HTMLElement?e:null}function J(e){return typeof e==="string"?e:null}function f(e){return e instanceof Element||e instanceof Document||e instanceof DocumentFragment?e:null}function K(e,t,n){e=ue(y(e));if(!e){return}if(n){E().setTimeout(function(){K(e,t);e=null},n)}else{e.classList&&e.classList.add(t)}}function G(e,t,n){let r=ue(y(e));if(!r){return}if(n){E().setTimeout(function(){G(r,t);r=null},n)}else{if(r.classList){r.classList.remove(t);if(r.classList.length===0){r.removeAttribute("class")}}}}function W(e,t){e=y(e);e.classList.toggle(t)}function Z(e,t){e=y(e);se(e.parentElement.children,function(e){G(e,t)});K(ue(e),t)}function g(e,t){e=ue(y(e));if(e&&e.closest){return e.closest(t)}else{do{if(e==null||h(e,t)){return e}}while(e=e&&ue(c(e)));return null}}function l(e,t){return e.substring(0,t.length)===t}function Y(e,t){return e.substring(e.length-t.length)===t}function ge(e){const t=e.trim();if(l(t,"<")&&Y(t,"/>")){return t.substring(1,t.length-2)}else{return t}}function p(t,r,n){if(r.indexOf("global ")===0){return p(t,r.slice(7),true)}t=y(t);const o=[];{let t=0;let n=0;for(let e=0;e"){t--}}if(n0){const r=ge(o.shift());let e;if(r.indexOf("closest ")===0){e=g(ue(t),ge(r.substr(8)))}else if(r.indexOf("find ")===0){e=u(f(t),ge(r.substr(5)))}else if(r==="next"||r==="nextElementSibling"){e=ue(t).nextElementSibling}else if(r.indexOf("next ")===0){e=pe(t,ge(r.substr(5)),!!n)}else if(r==="previous"||r==="previousElementSibling"){e=ue(t).previousElementSibling}else if(r.indexOf("previous ")===0){e=me(t,ge(r.substr(9)),!!n)}else if(r==="document"){e=document}else if(r==="window"){e=window}else if(r==="body"){e=document.body}else if(r==="root"){e=m(t,!!n)}else if(r==="host"){e=t.getRootNode().host}else{s.push(r)}if(e){i.push(e)}}if(s.length>0){const e=s.join(",");const c=f(m(t,!!n));i.push(...M(c.querySelectorAll(e)))}return i}var pe=function(t,e,n){const r=f(m(t,n)).querySelectorAll(e);for(let e=0;e=0;e--){const o=r[e];if(o.compareDocumentPosition(t)===Node.DOCUMENT_POSITION_FOLLOWING){return o}}};function ae(e,t){if(typeof e!=="string"){return p(e,t)[0]}else{return p(ne().body,e)[0]}}function y(e,t){if(typeof e==="string"){return u(f(t)||document,e)}else{return e}}function xe(e,t,n,r){if(k(t)){return{target:ne().body,event:J(e),listener:t,options:n}}else{return{target:y(e),event:J(t),listener:n,options:r}}}function ye(t,n,r,o){Vn(function(){const e=xe(t,n,r,o);e.target.addEventListener(e.event,e.listener,e.options)});const e=k(n);return e?n:r}function be(t,n,r){Vn(function(){const e=xe(t,n,r);e.target.removeEventListener(e.event,e.listener)});return k(n)?n:r}const ve=ne().createElement("output");function we(e,t){const n=re(e,t);if(n){if(n==="this"){return[Se(e,t)]}else{const r=p(e,n);if(r.length===0){O('The selector "'+n+'" on '+t+" returned no matches!");return[ve]}else{return r}}}}function Se(e,t){return ue(o(e,function(e){return te(ue(e),t)!=null}))}function Ee(e){const t=re(e,"hx-target");if(t){if(t==="this"){return Se(e,"hx-target")}else{return ae(e,t)}}else{const n=ie(e);if(n.boosted){return ne().body}else{return e}}}function Ce(t){const n=Q.config.attributesToSettle;for(let e=0;e0){s=e.substring(0,e.indexOf(":"));n=e.substring(e.indexOf(":")+1)}else{s=e}o.removeAttribute("hx-swap-oob");o.removeAttribute("data-hx-swap-oob");const r=p(t,n,false);if(r){se(r,function(e){let t;const n=o.cloneNode(true);t=ne().createDocumentFragment();t.appendChild(n);if(!Re(s,e)){t=f(n)}const r={shouldSwap:true,target:e,fragment:t};if(!he(e,"htmx:oobBeforeSwap",r))return;e=r.target;if(r.shouldSwap){qe(t);_e(s,e,e,t,i);Te()}se(i.elts,function(e){he(e,"htmx:oobAfterSwap",r)})});o.parentNode.removeChild(o)}else{o.parentNode.removeChild(o);fe(ne().body,"htmx:oobErrorNoTarget",{content:o})}return e}function Te(){const e=u("#--htmx-preserve-pantry--");if(e){for(const t of[...e.children]){const n=u("#"+t.id);n.parentNode.moveBefore(t,n);n.remove()}e.remove()}}function qe(e){se(x(e,"[hx-preserve], [data-hx-preserve]"),function(e){const t=te(e,"id");const n=ne().getElementById(t);if(n!=null){if(e.moveBefore){let e=u("#--htmx-preserve-pantry--");if(e==null){ne().body.insertAdjacentHTML("afterend","
");e=u("#--htmx-preserve-pantry--")}e.moveBefore(n,null)}else{e.parentNode.replaceChild(n,e)}}})}function Le(l,e,c){se(e.querySelectorAll("[id]"),function(t){const n=ee(t,"id");if(n&&n.length>0){const r=n.replace("'","\\'");const o=t.tagName.replace(":","\\:");const e=f(l);const i=e&&e.querySelector(o+"[id='"+r+"']");if(i&&i!==e){const s=t.cloneNode();Oe(t,i);c.tasks.push(function(){Oe(t,s)})}}})}function Ae(e){return function(){G(e,Q.config.addedClass);kt(ue(e));Ne(f(e));he(e,"htmx:load")}}function Ne(e){const t="[autofocus]";const n=$(h(e,t)?e:e.querySelector(t));if(n!=null){n.focus()}}function a(e,t,n,r){Le(e,n,r);while(n.childNodes.length>0){const o=n.firstChild;K(ue(o),Q.config.addedClass);e.insertBefore(o,t);if(o.nodeType!==Node.TEXT_NODE&&o.nodeType!==Node.COMMENT_NODE){r.tasks.push(Ae(o))}}}function Ie(e,t){let n=0;while(n0}function $e(e,t,r,o){if(!o){o={}}e=y(e);const i=o.contextElement?m(o.contextElement,false):ne();const n=document.activeElement;let s={};try{s={elt:n,start:n?n.selectionStart:null,end:n?n.selectionEnd:null}}catch(e){}const l=xn(e);if(r.swapStyle==="textContent"){e.textContent=t}else{let n=P(t);l.title=n.title;if(o.selectOOB){const u=o.selectOOB.split(",");for(let t=0;t0){E().setTimeout(c,r.settleDelay)}else{c()}}function Je(e,t,n){const r=e.getResponseHeader(t);if(r.indexOf("{")===0){const o=S(r);for(const i in o){if(o.hasOwnProperty(i)){let e=o[i];if(D(e)){n=e.target!==undefined?e.target:n}else{e={value:e}}he(n,i,e)}}}else{const s=r.split(",");for(let e=0;e0){const s=o[0];if(s==="]"){e--;if(e===0){if(n===null){t=t+"true"}o.shift();t+=")})";try{const l=vn(r,function(){return Function(t)()},function(){return true});l.source=t;return l}catch(e){fe(ne().body,"htmx:syntax:error",{error:e,source:t});return null}}}else if(s==="["){e++}if(tt(s,n,i)){t+="(("+i+"."+s+") ? ("+i+"."+s+") : (window."+s+"))"}else{t=t+s}n=o.shift()}}}function C(e,t){let n="";while(e.length>0&&!t.test(e[0])){n+=e.shift()}return n}function rt(e){let t;if(e.length>0&&Ye.test(e[0])){e.shift();t=C(e,Qe).trim();e.shift()}else{t=C(e,v)}return t}const ot="input, textarea, select";function it(e,t,n){const r=[];const o=et(t);do{C(o,w);const l=o.length;const c=C(o,/[,\[\s]/);if(c!==""){if(c==="every"){const u={trigger:"every"};C(o,w);u.pollInterval=d(C(o,/[,\[\s]/));C(o,w);var i=nt(e,o,"event");if(i){u.eventFilter=i}r.push(u)}else{const a={trigger:c};var i=nt(e,o,"event");if(i){a.eventFilter=i}C(o,w);while(o.length>0&&o[0]!==","){const f=o.shift();if(f==="changed"){a.changed=true}else if(f==="once"){a.once=true}else if(f==="consume"){a.consume=true}else if(f==="delay"&&o[0]===":"){o.shift();a.delay=d(C(o,v))}else if(f==="from"&&o[0]===":"){o.shift();if(Ye.test(o[0])){var s=rt(o)}else{var s=C(o,v);if(s==="closest"||s==="find"||s==="next"||s==="previous"){o.shift();const h=rt(o);if(h.length>0){s+=" "+h}}}a.from=s}else if(f==="target"&&o[0]===":"){o.shift();a.target=rt(o)}else if(f==="throttle"&&o[0]===":"){o.shift();a.throttle=d(C(o,v))}else if(f==="queue"&&o[0]===":"){o.shift();a.queue=C(o,v)}else if(f==="root"&&o[0]===":"){o.shift();a[f]=rt(o)}else if(f==="threshold"&&o[0]===":"){o.shift();a[f]=C(o,v)}else{fe(e,"htmx:syntax:error",{token:o.shift()})}C(o,w)}r.push(a)}}if(o.length===l){fe(e,"htmx:syntax:error",{token:o.shift()})}C(o,w)}while(o[0]===","&&o.shift());if(n){n[t]=r}return r}function st(e){const t=te(e,"hx-trigger");let n=[];if(t){const r=Q.config.triggerSpecsCache;n=r&&r[t]||it(e,t,r)}if(n.length>0){return n}else if(h(e,"form")){return[{trigger:"submit"}]}else if(h(e,'input[type="button"], input[type="submit"]')){return[{trigger:"click"}]}else if(h(e,ot)){return[{trigger:"change"}]}else{return[{trigger:"click"}]}}function lt(e){ie(e).cancelled=true}function ct(e,t,n){const r=ie(e);r.timeout=E().setTimeout(function(){if(le(e)&&r.cancelled!==true){if(!gt(n,e,Mt("hx:poll:trigger",{triggerSpec:n,target:e}))){t(e)}ct(e,t,n)}},n.pollInterval)}function ut(e){return location.hostname===e.hostname&&ee(e,"href")&&ee(e,"href").indexOf("#")!==0}function at(e){return g(e,Q.config.disableSelector)}function ft(t,n,e){if(t instanceof HTMLAnchorElement&&ut(t)&&(t.target===""||t.target==="_self")||t.tagName==="FORM"&&String(ee(t,"method")).toLowerCase()!=="dialog"){n.boosted=true;let r,o;if(t.tagName==="A"){r="get";o=ee(t,"href")}else{const i=ee(t,"method");r=i?i.toLowerCase():"get";o=ee(t,"action");if(o==null||o===""){o=ne().location.href}if(r==="get"&&o.includes("?")){o=o.replace(/\?[^#]+/,"")}}e.forEach(function(e){pt(t,function(e,t){const n=ue(e);if(at(n)){b(n);return}de(r,o,n,t)},n,e,true)})}}function ht(e,t){const n=ue(t);if(!n){return false}if(e.type==="submit"||e.type==="click"){if(n.tagName==="FORM"){return true}if(h(n,'input[type="submit"], button')&&(h(n,"[form]")||g(n,"form")!==null)){return true}if(n instanceof HTMLAnchorElement&&n.href&&(n.getAttribute("href")==="#"||n.getAttribute("href").indexOf("#")!==0)){return true}}return false}function dt(e,t){return ie(e).boosted&&e instanceof HTMLAnchorElement&&t.type==="click"&&(t.ctrlKey||t.metaKey)}function gt(e,t,n){const r=e.eventFilter;if(r){try{return r.call(t,n)!==true}catch(e){const o=r.source;fe(ne().body,"htmx:eventFilter:error",{error:e,source:o});return true}}return false}function pt(l,c,e,u,a){const f=ie(l);let t;if(u.from){t=p(l,u.from)}else{t=[l]}if(u.changed){if(!("lastValue"in f)){f.lastValue=new WeakMap}t.forEach(function(e){if(!f.lastValue.has(u)){f.lastValue.set(u,new WeakMap)}f.lastValue.get(u).set(e,e.value)})}se(t,function(i){const s=function(e){if(!le(l)){i.removeEventListener(u.trigger,s);return}if(dt(l,e)){return}if(a||ht(e,l)){e.preventDefault()}if(gt(u,l,e)){return}const t=ie(e);t.triggerSpec=u;if(t.handledFor==null){t.handledFor=[]}if(t.handledFor.indexOf(l)<0){t.handledFor.push(l);if(u.consume){e.stopPropagation()}if(u.target&&e.target){if(!h(ue(e.target),u.target)){return}}if(u.once){if(f.triggeredOnce){return}else{f.triggeredOnce=true}}if(u.changed){const n=event.target;const r=n.value;const o=f.lastValue.get(u);if(o.has(n)&&o.get(n)===r){return}o.set(n,r)}if(f.delayed){clearTimeout(f.delayed)}if(f.throttle){return}if(u.throttle>0){if(!f.throttle){he(l,"htmx:trigger");c(l,e);f.throttle=E().setTimeout(function(){f.throttle=null},u.throttle)}}else if(u.delay>0){f.delayed=E().setTimeout(function(){he(l,"htmx:trigger");c(l,e)},u.delay)}else{he(l,"htmx:trigger");c(l,e)}}};if(e.listenerInfos==null){e.listenerInfos=[]}e.listenerInfos.push({trigger:u.trigger,listener:s,on:i});i.addEventListener(u.trigger,s)})}let mt=false;let xt=null;function yt(){if(!xt){xt=function(){mt=true};window.addEventListener("scroll",xt);window.addEventListener("resize",xt);setInterval(function(){if(mt){mt=false;se(ne().querySelectorAll("[hx-trigger*='revealed'],[data-hx-trigger*='revealed']"),function(e){bt(e)})}},200)}}function bt(e){if(!s(e,"data-hx-revealed")&&X(e)){e.setAttribute("data-hx-revealed","true");const t=ie(e);if(t.initHash){he(e,"revealed")}else{e.addEventListener("htmx:afterProcessNode",function(){he(e,"revealed")},{once:true})}}}function vt(e,t,n,r){const o=function(){if(!n.loaded){n.loaded=true;he(e,"htmx:trigger");t(e)}};if(r>0){E().setTimeout(o,r)}else{o()}}function wt(t,n,e){let i=false;se(r,function(r){if(s(t,"hx-"+r)){const o=te(t,"hx-"+r);i=true;n.path=o;n.verb=r;e.forEach(function(e){St(t,e,n,function(e,t){const n=ue(e);if(g(n,Q.config.disableSelector)){b(n);return}de(r,o,n,t)})})}});return i}function St(r,e,t,n){if(e.trigger==="revealed"){yt();pt(r,n,t,e);bt(ue(r))}else if(e.trigger==="intersect"){const o={};if(e.root){o.root=ae(r,e.root)}if(e.threshold){o.threshold=parseFloat(e.threshold)}const i=new IntersectionObserver(function(t){for(let e=0;e0){t.polling=true;ct(ue(r),n,e)}else{pt(r,n,t,e)}}function Et(e){const t=ue(e);if(!t){return false}const n=t.attributes;for(let e=0;e", "+e).join(""));return o}else{return[]}}function Tt(e){const t=g(ue(e.target),"button, input[type='submit']");const n=Lt(e);if(n){n.lastButtonClicked=t}}function qt(e){const t=Lt(e);if(t){t.lastButtonClicked=null}}function Lt(e){const t=g(ue(e.target),"button, input[type='submit']");if(!t){return}const n=y("#"+ee(t,"form"),t.getRootNode())||g(t,"form");if(!n){return}return ie(n)}function At(e){e.addEventListener("click",Tt);e.addEventListener("focusin",Tt);e.addEventListener("focusout",qt)}function Nt(t,e,n){const r=ie(t);if(!Array.isArray(r.onHandlers)){r.onHandlers=[]}let o;const i=function(e){vn(t,function(){if(at(t)){return}if(!o){o=new Function("event",n)}o.call(t,e)})};t.addEventListener(e,i);r.onHandlers.push({event:e,listener:i})}function It(t){ke(t);for(let e=0;eQ.config.historyCacheSize){i.shift()}while(i.length>0){try{localStorage.setItem("htmx-history-cache",JSON.stringify(i));break}catch(e){fe(ne().body,"htmx:historyCacheError",{cause:e,cache:i});i.shift()}}}function Vt(t){if(!B()){return null}t=U(t);const n=S(localStorage.getItem("htmx-history-cache"))||[];for(let e=0;e=200&&this.status<400){he(ne().body,"htmx:historyCacheMissLoad",i);const e=P(this.response);const t=e.querySelector("[hx-history-elt],[data-hx-history-elt]")||e;const n=Ut();const r=xn(n);kn(e.title);qe(e);Ve(n,t,r);Te();Kt(r.tasks);Bt=o;he(ne().body,"htmx:historyRestore",{path:o,cacheMiss:true,serverResponse:this.response})}else{fe(ne().body,"htmx:historyCacheMissLoadError",i)}};e.send()}function Wt(e){zt();e=e||location.pathname+location.search;const t=Vt(e);if(t){const n=P(t.content);const r=Ut();const o=xn(r);kn(t.title);qe(n);Ve(r,n,o);Te();Kt(o.tasks);E().setTimeout(function(){window.scrollTo(0,t.scroll)},0);Bt=e;he(ne().body,"htmx:historyRestore",{path:e,item:t})}else{if(Q.config.refreshOnHistoryMiss){window.location.reload(true)}else{Gt(e)}}}function Zt(e){let t=we(e,"hx-indicator");if(t==null){t=[e]}se(t,function(e){const t=ie(e);t.requestCount=(t.requestCount||0)+1;e.classList.add.call(e.classList,Q.config.requestClass)});return t}function Yt(e){let t=we(e,"hx-disabled-elt");if(t==null){t=[]}se(t,function(e){const t=ie(e);t.requestCount=(t.requestCount||0)+1;e.setAttribute("disabled","");e.setAttribute("data-disabled-by-htmx","")});return t}function Qt(e,t){se(e.concat(t),function(e){const t=ie(e);t.requestCount=(t.requestCount||1)-1});se(e,function(e){const t=ie(e);if(t.requestCount===0){e.classList.remove.call(e.classList,Q.config.requestClass)}});se(t,function(e){const t=ie(e);if(t.requestCount===0){e.removeAttribute("disabled");e.removeAttribute("data-disabled-by-htmx")}})}function en(t,n){for(let e=0;en.indexOf(e)<0)}else{e=e.filter(e=>e!==n)}r.delete(t);se(e,e=>r.append(t,e))}}function on(t,n,r,o,i){if(o==null||en(t,o)){return}else{t.push(o)}if(tn(o)){const s=ee(o,"name");let e=o.value;if(o instanceof HTMLSelectElement&&o.multiple){e=M(o.querySelectorAll("option:checked")).map(function(e){return e.value})}if(o instanceof HTMLInputElement&&o.files){e=M(o.files)}nn(s,e,n);if(i){sn(o,r)}}if(o instanceof HTMLFormElement){se(o.elements,function(e){if(t.indexOf(e)>=0){rn(e.name,e.value,n)}else{t.push(e)}if(i){sn(e,r)}});new FormData(o).forEach(function(e,t){if(e instanceof File&&e.name===""){return}nn(t,e,n)})}}function sn(e,t){const n=e;if(n.willValidate){he(n,"htmx:validation:validate");if(!n.checkValidity()){t.push({elt:n,message:n.validationMessage,validity:n.validity});he(n,"htmx:validation:failed",{message:n.validationMessage,validity:n.validity})}}}function ln(n,e){for(const t of e.keys()){n.delete(t)}e.forEach(function(e,t){n.append(t,e)});return n}function cn(e,t){const n=[];const r=new FormData;const o=new FormData;const i=[];const s=ie(e);if(s.lastButtonClicked&&!le(s.lastButtonClicked)){s.lastButtonClicked=null}let l=e instanceof HTMLFormElement&&e.noValidate!==true||te(e,"hx-validate")==="true";if(s.lastButtonClicked){l=l&&s.lastButtonClicked.formNoValidate!==true}if(t!=="get"){on(n,o,i,g(e,"form"),l)}on(n,r,i,e,l);if(s.lastButtonClicked||e.tagName==="BUTTON"||e.tagName==="INPUT"&&ee(e,"type")==="submit"){const u=s.lastButtonClicked||e;const a=ee(u,"name");nn(a,u.value,o)}const c=we(e,"hx-include");se(c,function(e){on(n,r,i,ue(e),l);if(!h(e,"form")){se(f(e).querySelectorAll(ot),function(e){on(n,r,i,e,l)})}});ln(r,o);return{errors:i,formData:r,values:An(r)}}function un(e,t,n){if(e!==""){e+="&"}if(String(n)==="[object Object]"){n=JSON.stringify(n)}const r=encodeURIComponent(n);e+=encodeURIComponent(t)+"="+r;return e}function an(e){e=qn(e);let n="";e.forEach(function(e,t){n=un(n,t,e)});return n}function fn(e,t,n){const r={"HX-Request":"true","HX-Trigger":ee(e,"id"),"HX-Trigger-Name":ee(e,"name"),"HX-Target":te(t,"id"),"HX-Current-URL":ne().location.href};bn(e,"hx-headers",false,r);if(n!==undefined){r["HX-Prompt"]=n}if(ie(e).boosted){r["HX-Boosted"]="true"}return r}function hn(n,e){const t=re(e,"hx-params");if(t){if(t==="none"){return new FormData}else if(t==="*"){return n}else if(t.indexOf("not ")===0){se(t.slice(4).split(","),function(e){e=e.trim();n.delete(e)});return n}else{const r=new FormData;se(t.split(","),function(t){t=t.trim();if(n.has(t)){n.getAll(t).forEach(function(e){r.append(t,e)})}});return r}}else{return n}}function dn(e){return!!ee(e,"href")&&ee(e,"href").indexOf("#")>=0}function gn(e,t){const n=t||re(e,"hx-swap");const r={swapStyle:ie(e).boosted?"innerHTML":Q.config.defaultSwapStyle,swapDelay:Q.config.defaultSwapDelay,settleDelay:Q.config.defaultSettleDelay};if(Q.config.scrollIntoViewOnBoost&&ie(e).boosted&&!dn(e)){r.show="top"}if(n){const s=F(n);if(s.length>0){for(let e=0;e0?o.join(":"):null;r.scroll=u;r.scrollTarget=i}else if(l.indexOf("show:")===0){const a=l.slice(5);var o=a.split(":");const f=o.pop();var i=o.length>0?o.join(":"):null;r.show=f;r.showTarget=i}else if(l.indexOf("focus-scroll:")===0){const h=l.slice("focus-scroll:".length);r.focusScroll=h=="true"}else if(e==0){r.swapStyle=l}else{O("Unknown modifier in hx-swap: "+l)}}}}return r}function pn(e){return re(e,"hx-encoding")==="multipart/form-data"||h(e,"form")&&ee(e,"enctype")==="multipart/form-data"}function mn(t,n,r){let o=null;Ft(n,function(e){if(o==null){o=e.encodeParameters(t,r,n)}});if(o!=null){return o}else{if(pn(n)){return ln(new FormData,qn(r))}else{return an(r)}}}function xn(e){return{tasks:[],elts:[e]}}function yn(e,t){const n=e[0];const r=e[e.length-1];if(t.scroll){var o=null;if(t.scrollTarget){o=ue(ae(n,t.scrollTarget))}if(t.scroll==="top"&&(n||o)){o=o||n;o.scrollTop=0}if(t.scroll==="bottom"&&(r||o)){o=o||r;o.scrollTop=o.scrollHeight}}if(t.show){var o=null;if(t.showTarget){let e=t.showTarget;if(t.showTarget==="window"){e="body"}o=ue(ae(n,e))}if(t.show==="top"&&(n||o)){o=o||n;o.scrollIntoView({block:"start",behavior:Q.config.scrollBehavior})}if(t.show==="bottom"&&(r||o)){o=o||r;o.scrollIntoView({block:"end",behavior:Q.config.scrollBehavior})}}}function bn(r,e,o,i){if(i==null){i={}}if(r==null){return i}const s=te(r,e);if(s){let e=s.trim();let t=o;if(e==="unset"){return null}if(e.indexOf("javascript:")===0){e=e.slice(11);t=true}else if(e.indexOf("js:")===0){e=e.slice(3);t=true}if(e.indexOf("{")!==0){e="{"+e+"}"}let n;if(t){n=vn(r,function(){return Function("return ("+e+")")()},{})}else{n=S(e)}for(const l in n){if(n.hasOwnProperty(l)){if(i[l]==null){i[l]=n[l]}}}}return bn(ue(c(r)),e,o,i)}function vn(e,t,n){if(Q.config.allowEval){return t()}else{fe(e,"htmx:evalDisallowedError");return n}}function wn(e,t){return bn(e,"hx-vars",true,t)}function Sn(e,t){return bn(e,"hx-vals",false,t)}function En(e){return ce(wn(e),Sn(e))}function Cn(t,n,r){if(r!==null){try{t.setRequestHeader(n,r)}catch(e){t.setRequestHeader(n,encodeURIComponent(r));t.setRequestHeader(n+"-URI-AutoEncoded","true")}}}function On(t){if(t.responseURL&&typeof URL!=="undefined"){try{const e=new URL(t.responseURL);return e.pathname+e.search}catch(e){fe(ne().body,"htmx:badResponseUrl",{url:t.responseURL})}}}function R(e,t){return t.test(e.getAllResponseHeaders())}function Rn(t,n,r){t=t.toLowerCase();if(r){if(r instanceof Element||typeof r==="string"){return de(t,n,null,null,{targetOverride:y(r)||ve,returnPromise:true})}else{let e=y(r.target);if(r.target&&!e||r.source&&!e&&!y(r.source)){e=ve}return de(t,n,y(r.source),r.event,{handler:r.handler,headers:r.headers,values:r.values,targetOverride:e,swapOverride:r.swap,select:r.select,returnPromise:true})}}else{return de(t,n,null,null,{returnPromise:true})}}function Hn(e){const t=[];while(e){t.push(e);e=e.parentElement}return t}function Tn(e,t,n){let r;let o;if(typeof URL==="function"){o=new URL(t,document.location.href);const i=document.location.origin;r=i===o.origin}else{o=t;r=l(t,document.location.origin)}if(Q.config.selfRequestsOnly){if(!r){return false}}return he(e,"htmx:validateUrl",ce({url:o,sameHost:r},n))}function qn(e){if(e instanceof FormData)return e;const t=new FormData;for(const n in e){if(e.hasOwnProperty(n)){if(e[n]&&typeof e[n].forEach==="function"){e[n].forEach(function(e){t.append(n,e)})}else if(typeof e[n]==="object"&&!(e[n]instanceof Blob)){t.append(n,JSON.stringify(e[n]))}else{t.append(n,e[n])}}}return t}function Ln(r,o,e){return new Proxy(e,{get:function(t,e){if(typeof e==="number")return t[e];if(e==="length")return t.length;if(e==="push"){return function(e){t.push(e);r.append(o,e)}}if(typeof t[e]==="function"){return function(){t[e].apply(t,arguments);r.delete(o);t.forEach(function(e){r.append(o,e)})}}if(t[e]&&t[e].length===1){return t[e][0]}else{return t[e]}},set:function(e,t,n){e[t]=n;r.delete(o);e.forEach(function(e){r.append(o,e)});return true}})}function An(o){return new Proxy(o,{get:function(e,t){if(typeof t==="symbol"){const r=Reflect.get(e,t);if(typeof r==="function"){return function(){return r.apply(o,arguments)}}else{return r}}if(t==="toJSON"){return()=>Object.fromEntries(o)}if(t in e){if(typeof e[t]==="function"){return function(){return o[t].apply(o,arguments)}}else{return e[t]}}const n=o.getAll(t);if(n.length===0){return undefined}else if(n.length===1){return n[0]}else{return Ln(e,t,n)}},set:function(t,n,e){if(typeof n!=="string"){return false}t.delete(n);if(e&&typeof e.forEach==="function"){e.forEach(function(e){t.append(n,e)})}else if(typeof e==="object"&&!(e instanceof Blob)){t.append(n,JSON.stringify(e))}else{t.append(n,e)}return true},deleteProperty:function(e,t){if(typeof t==="string"){e.delete(t)}return true},ownKeys:function(e){return Reflect.ownKeys(Object.fromEntries(e))},getOwnPropertyDescriptor:function(e,t){return Reflect.getOwnPropertyDescriptor(Object.fromEntries(e),t)}})}function de(t,n,r,o,i,D){let s=null;let l=null;i=i!=null?i:{};if(i.returnPromise&&typeof Promise!=="undefined"){var e=new Promise(function(e,t){s=e;l=t})}if(r==null){r=ne().body}const M=i.handler||Dn;const X=i.select||null;if(!le(r)){oe(s);return e}const c=i.targetOverride||ue(Ee(r));if(c==null||c==ve){fe(r,"htmx:targetError",{target:te(r,"hx-target")});oe(l);return e}let u=ie(r);const a=u.lastButtonClicked;if(a){const L=ee(a,"formaction");if(L!=null){n=L}const A=ee(a,"formmethod");if(A!=null){if(A.toLowerCase()!=="dialog"){t=A}}}const f=re(r,"hx-confirm");if(D===undefined){const K=function(e){return de(t,n,r,o,i,!!e)};const G={target:c,elt:r,path:n,verb:t,triggeringEvent:o,etc:i,issueRequest:K,question:f};if(he(r,"htmx:confirm",G)===false){oe(s);return e}}let h=r;let d=re(r,"hx-sync");let g=null;let F=false;if(d){const N=d.split(":");const I=N[0].trim();if(I==="this"){h=Se(r,"hx-sync")}else{h=ue(ae(r,I))}d=(N[1]||"drop").trim();u=ie(h);if(d==="drop"&&u.xhr&&u.abortable!==true){oe(s);return e}else if(d==="abort"){if(u.xhr){oe(s);return e}else{F=true}}else if(d==="replace"){he(h,"htmx:abort")}else if(d.indexOf("queue")===0){const W=d.split(" ");g=(W[1]||"last").trim()}}if(u.xhr){if(u.abortable){he(h,"htmx:abort")}else{if(g==null){if(o){const P=ie(o);if(P&&P.triggerSpec&&P.triggerSpec.queue){g=P.triggerSpec.queue}}if(g==null){g="last"}}if(u.queuedRequests==null){u.queuedRequests=[]}if(g==="first"&&u.queuedRequests.length===0){u.queuedRequests.push(function(){de(t,n,r,o,i)})}else if(g==="all"){u.queuedRequests.push(function(){de(t,n,r,o,i)})}else if(g==="last"){u.queuedRequests=[];u.queuedRequests.push(function(){de(t,n,r,o,i)})}oe(s);return e}}const p=new XMLHttpRequest;u.xhr=p;u.abortable=F;const m=function(){u.xhr=null;u.abortable=false;if(u.queuedRequests!=null&&u.queuedRequests.length>0){const e=u.queuedRequests.shift();e()}};const B=re(r,"hx-prompt");if(B){var x=prompt(B);if(x===null||!he(r,"htmx:prompt",{prompt:x,target:c})){oe(s);m();return e}}if(f&&!D){if(!confirm(f)){oe(s);m();return e}}let y=fn(r,c,x);if(t!=="get"&&!pn(r)){y["Content-Type"]="application/x-www-form-urlencoded"}if(i.headers){y=ce(y,i.headers)}const U=cn(r,t);let b=U.errors;const j=U.formData;if(i.values){ln(j,qn(i.values))}const V=qn(En(r));const v=ln(j,V);let w=hn(v,r);if(Q.config.getCacheBusterParam&&t==="get"){w.set("org.htmx.cache-buster",ee(c,"id")||"true")}if(n==null||n===""){n=ne().location.href}const S=bn(r,"hx-request");const _=ie(r).boosted;let E=Q.config.methodsThatUseUrlParams.indexOf(t)>=0;const C={boosted:_,useUrlParams:E,formData:w,parameters:An(w),unfilteredFormData:v,unfilteredParameters:An(v),headers:y,target:c,verb:t,errors:b,withCredentials:i.credentials||S.credentials||Q.config.withCredentials,timeout:i.timeout||S.timeout||Q.config.timeout,path:n,triggeringEvent:o};if(!he(r,"htmx:configRequest",C)){oe(s);m();return e}n=C.path;t=C.verb;y=C.headers;w=qn(C.parameters);b=C.errors;E=C.useUrlParams;if(b&&b.length>0){he(r,"htmx:validation:halted",C);oe(s);m();return e}const z=n.split("#");const $=z[0];const O=z[1];let R=n;if(E){R=$;const Z=!w.keys().next().done;if(Z){if(R.indexOf("?")<0){R+="?"}else{R+="&"}R+=an(w);if(O){R+="#"+O}}}if(!Tn(r,R,C)){fe(r,"htmx:invalidPath",C);oe(l);return e}p.open(t.toUpperCase(),R,true);p.overrideMimeType("text/html");p.withCredentials=C.withCredentials;p.timeout=C.timeout;if(S.noHeaders){}else{for(const k in y){if(y.hasOwnProperty(k)){const Y=y[k];Cn(p,k,Y)}}}const H={xhr:p,target:c,requestConfig:C,etc:i,boosted:_,select:X,pathInfo:{requestPath:n,finalRequestPath:R,responsePath:null,anchor:O}};p.onload=function(){try{const t=Hn(r);H.pathInfo.responsePath=On(p);M(r,H);if(H.keepIndicators!==true){Qt(T,q)}he(r,"htmx:afterRequest",H);he(r,"htmx:afterOnLoad",H);if(!le(r)){let e=null;while(t.length>0&&e==null){const n=t.shift();if(le(n)){e=n}}if(e){he(e,"htmx:afterRequest",H);he(e,"htmx:afterOnLoad",H)}}oe(s);m()}catch(e){fe(r,"htmx:onLoadError",ce({error:e},H));throw e}};p.onerror=function(){Qt(T,q);fe(r,"htmx:afterRequest",H);fe(r,"htmx:sendError",H);oe(l);m()};p.onabort=function(){Qt(T,q);fe(r,"htmx:afterRequest",H);fe(r,"htmx:sendAbort",H);oe(l);m()};p.ontimeout=function(){Qt(T,q);fe(r,"htmx:afterRequest",H);fe(r,"htmx:timeout",H);oe(l);m()};if(!he(r,"htmx:beforeRequest",H)){oe(s);m();return e}var T=Zt(r);var q=Yt(r);se(["loadstart","loadend","progress","abort"],function(t){se([p,p.upload],function(e){e.addEventListener(t,function(e){he(r,"htmx:xhr:"+t,{lengthComputable:e.lengthComputable,loaded:e.loaded,total:e.total})})})});he(r,"htmx:beforeSend",H);const J=E?null:mn(p,r,w);p.send(J);return e}function Nn(e,t){const n=t.xhr;let r=null;let o=null;if(R(n,/HX-Push:/i)){r=n.getResponseHeader("HX-Push");o="push"}else if(R(n,/HX-Push-Url:/i)){r=n.getResponseHeader("HX-Push-Url");o="push"}else if(R(n,/HX-Replace-Url:/i)){r=n.getResponseHeader("HX-Replace-Url");o="replace"}if(r){if(r==="false"){return{}}else{return{type:o,path:r}}}const i=t.pathInfo.finalRequestPath;const s=t.pathInfo.responsePath;const l=re(e,"hx-push-url");const c=re(e,"hx-replace-url");const u=ie(e).boosted;let a=null;let f=null;if(l){a="push";f=l}else if(c){a="replace";f=c}else if(u){a="push";f=s||i}if(f){if(f==="false"){return{}}if(f==="true"){f=s||i}if(t.pathInfo.anchor&&f.indexOf("#")===-1){f=f+"#"+t.pathInfo.anchor}return{type:a,path:f}}else{return{}}}function In(e,t){var n=new RegExp(e.code);return n.test(t.toString(10))}function Pn(e){for(var t=0;t0){E().setTimeout(e,x.swapDelay)}else{e()}}if(f){fe(o,"htmx:responseError",ce({error:"Response Status Error Code "+s.status+" from "+i.pathInfo.requestPath},i))}}const Mn={};function Xn(){return{init:function(e){return null},getSelectors:function(){return null},onEvent:function(e,t){return true},transformResponse:function(e,t,n){return e},isInlineSwap:function(e){return false},handleSwap:function(e,t,n,r){return false},encodeParameters:function(e,t,n){return null}}}function Fn(e,t){if(t.init){t.init(n)}Mn[e]=ce(Xn(),t)}function Bn(e){delete Mn[e]}function Un(e,n,r){if(n==undefined){n=[]}if(e==undefined){return n}if(r==undefined){r=[]}const t=te(e,"hx-ext");if(t){se(t.split(","),function(e){e=e.replace(/ /g,"");if(e.slice(0,7)=="ignore:"){r.push(e.slice(7));return}if(r.indexOf(e)<0){const t=Mn[e];if(t&&n.indexOf(t)<0){n.push(t)}}})}return Un(ue(c(e)),n,r)}var jn=false;ne().addEventListener("DOMContentLoaded",function(){jn=true});function Vn(e){if(jn||ne().readyState==="complete"){e()}else{ne().addEventListener("DOMContentLoaded",e)}}function _n(){if(Q.config.includeIndicatorStyles!==false){const e=Q.config.inlineStyleNonce?` nonce="${Q.config.inlineStyleNonce}"`:"";ne().head.insertAdjacentHTML("beforeend"," ."+Q.config.indicatorClass+"{opacity:0} ."+Q.config.requestClass+" ."+Q.config.indicatorClass+"{opacity:1; transition: opacity 200ms ease-in;} ."+Q.config.requestClass+"."+Q.config.indicatorClass+"{opacity:1; transition: opacity 200ms ease-in;} ")}}function zn(){const e=ne().querySelector('meta[name="htmx-config"]');if(e){return S(e.content)}else{return null}}function $n(){const e=zn();if(e){Q.config=ce(Q.config,e)}}Vn(function(){$n();_n();let e=ne().body;kt(e);const t=ne().querySelectorAll("[hx-trigger='restored'],[data-hx-trigger='restored']");e.addEventListener("htmx:abort",function(e){const t=e.target;const n=ie(t);if(n&&n.xhr){n.xhr.abort()}});const n=window.onpopstate?window.onpopstate.bind(window):null;window.onpopstate=function(e){if(e.state&&e.state.htmx){Wt();se(t,function(e){he(e,"htmx:restored",{document:ne(),triggerEvent:he})})}else{if(n){n(e)}}};E().setTimeout(function(){he(e,"htmx:load",{});e=null},0)});return Q}(); \ No newline at end of file diff --git a/templates/base.html b/templates/base.html index da2cf24..bfb3e47 100644 --- a/templates/base.html +++ b/templates/base.html @@ -18,8 +18,10 @@ + + {% if turnstile_site_key %}{% endif %} - +
{% include 'components/nav.html' %} {% include 'components/cookie_banner.html' %} diff --git a/templates/blog/article_page.html b/templates/blog/article_page.html index e61ec9e..4b901ec 100644 --- a/templates/blog/article_page.html +++ b/templates/blog/article_page.html @@ -140,51 +140,15 @@ {% if page.comments_enabled %}
+

Comments

{% if approved_comments %} -
- {% for comment in approved_comments %} -
-
-
-
-
{{ comment.author_name }}
-
{{ comment.created_at|date:"M j, Y" }}
-
-
-

{{ comment.body }}

- {% for reply in comment.replies.all %} -
-
-
-
-
{{ reply.author_name }}
-
{{ reply.created_at|date:"M j, Y" }}
-
-
-

{{ reply.body }}

-
- {% endfor %} -
- {% csrf_token %} - - -
- - -
- - -
-
- {% endfor %} -
+ {% include "comments/_comment_list.html" %} {% else %} -

No comments yet. Be the first to comment.

+
+

No comments yet. Be the first to comment.

+
{% endif %} {% if comment_form and comment_form.errors %} @@ -194,32 +158,7 @@ {% endif %} -
-

Post a Comment

-
- {% csrf_token %} - -
-
- - -
-
- - -
-
-
- - -
- - -
-
+ {% include "comments/_comment_form.html" %}
{% endif %} {% endblock %} diff --git a/templates/comments/_comment.html b/templates/comments/_comment.html new file mode 100644 index 0000000..02c3535 --- /dev/null +++ b/templates/comments/_comment.html @@ -0,0 +1,24 @@ +
+
+
+
+
{{ comment.author_name }}
+
{{ comment.created_at|date:"M j, Y" }}
+
+
+

{{ comment.body }}

+ {% include "comments/_reactions.html" with comment=comment counts=comment.reaction_counts user_reacted=comment.user_reacted %} + {% for reply in comment.replies.all %} +
+
+
+
+
{{ reply.author_name }}
+
{{ reply.created_at|date:"M j, Y" }}
+
+
+

{{ reply.body }}

+
+ {% endfor %} + {% include "comments/_reply_form.html" with page=page comment=comment %} +
diff --git a/templates/comments/_comment_form.html b/templates/comments/_comment_form.html new file mode 100644 index 0000000..5e8184a --- /dev/null +++ b/templates/comments/_comment_form.html @@ -0,0 +1,32 @@ +{% load static %} +
+

Post a Comment

+
+ {% csrf_token %} + +
+
+ + +
+
+ + +
+
+
+ + +
+ + {% if turnstile_site_key %} +
+ {% endif %} + +
+
diff --git a/templates/comments/_comment_list.html b/templates/comments/_comment_list.html new file mode 100644 index 0000000..64947e3 --- /dev/null +++ b/templates/comments/_comment_list.html @@ -0,0 +1,6 @@ +
+ {% for comment in approved_comments %} + {% include "comments/_comment.html" with comment=comment page=page %} + {% endfor %} +
diff --git a/templates/comments/_comment_list_inner.html b/templates/comments/_comment_list_inner.html new file mode 100644 index 0000000..1d854bb --- /dev/null +++ b/templates/comments/_comment_list_inner.html @@ -0,0 +1,3 @@ +{% for comment in approved_comments %} + {% include "comments/_comment.html" with comment=comment page=page %} +{% endfor %} diff --git a/templates/comments/_comment_success.html b/templates/comments/_comment_success.html new file mode 100644 index 0000000..466e1f5 --- /dev/null +++ b/templates/comments/_comment_success.html @@ -0,0 +1,3 @@ +
+ {{ message|default:"Your comment has been posted and is awaiting moderation." }} +
diff --git a/templates/comments/_reactions.html b/templates/comments/_reactions.html new file mode 100644 index 0000000..bb84447 --- /dev/null +++ b/templates/comments/_reactions.html @@ -0,0 +1,12 @@ +
+ + +
diff --git a/templates/comments/_reply_form.html b/templates/comments/_reply_form.html new file mode 100644 index 0000000..68eecfe --- /dev/null +++ b/templates/comments/_reply_form.html @@ -0,0 +1,20 @@ +{% load static %} +
+ {% csrf_token %} + + +
+ + +
+ + + {% if turnstile_site_key %} +
+ {% endif %} + +
diff --git a/templates/comments/confirm_bulk_unapprove.html b/templates/comments/confirm_bulk_unapprove.html new file mode 100644 index 0000000..0ab89d1 --- /dev/null +++ b/templates/comments/confirm_bulk_unapprove.html @@ -0,0 +1,53 @@ +{% extends 'wagtailadmin/bulk_actions/confirmation/base.html' %} +{% load i18n wagtailusers_tags wagtailadmin_tags %} + +{% block titletag %} + {% if items|length == 1 %} + {% blocktrans trimmed with snippet_type_name=model_opts.verbose_name %}Unapprove {{ snippet_type_name }}{% endblocktrans %} - {{ items.0.item }} + {% else %} + {% blocktrans trimmed with count=items|length|intcomma %}Unapprove {{ count }} comments{% endblocktrans %} + {% endif %} +{% endblock %} + +{% block header %} + {% trans "Unapprove" as unapprove_str %} + {% if items|length == 1 %} + {% include "wagtailadmin/shared/header.html" with title=unapprove_str subtitle=items.0.item icon=header_icon only %} + {% else %} + {% include "wagtailadmin/shared/header.html" with title=unapprove_str subtitle=model_opts.verbose_name_plural|capfirst icon=header_icon only %} + {% endif %} +{% endblock header %} + +{% block items_with_access %} + {% if items %} + {% if items|length == 1 %} +

{% blocktrans trimmed with snippet_type_name=model_opts.verbose_name %}Unapprove this {{ snippet_type_name }}?{% endblocktrans %}

+ {% else %} +

{% blocktrans trimmed with count=items|length|intcomma %}Unapprove {{ count }} selected comments?{% endblocktrans %}

+ + {% endif %} + {% endif %} +{% endblock items_with_access %} + +{% block items_with_no_access %} + {% if items_with_no_access|length == 1 %} + {% trans "You don't have permission to unapprove this comment" as no_access_msg %} + {% else %} + {% trans "You don't have permission to unapprove these comments" as no_access_msg %} + {% endif %} + {% include 'wagtailsnippets/bulk_actions/list_items_with_no_access.html' with items=items_with_no_access no_access_msg=no_access_msg %} +{% endblock items_with_no_access %} + +{% block form_section %} + {% if items %} + {% trans "Yes, unapprove" as action_button_text %} + {% trans "No, go back" as no_action_button_text %} + {% include 'wagtailadmin/bulk_actions/confirmation/form.html' %} + {% else %} + {% include 'wagtailadmin/bulk_actions/confirmation/go_back.html' %} + {% endif %} +{% endblock form_section %}