#include "httpd.js.h"

#include "file.js.h"
#include "http.h"
#include "log.h"
#include "mem.h"
#include "ssb.db.h"
#include "ssb.ebt.h"
#include "ssb.h"
#include "task.h"
#include "tls.h"
#include "tlscontext.js.h"
#include "trace.h"
#include "util.js.h"
#include "version.h"

#include "ow-crypt.h"

#include "picohttpparser.h"

#include "sodium/crypto_sign.h"
#include "sodium/utils.h"

#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>

#include <openssl/sha.h>

#if !defined(__APPLE__) && !defined(__OpenBSD__) && !defined(_WIN32)
#include <alloca.h>
#endif

#define CYAN "\e[1;36m"
#define MAGENTA "\e[1;35m"
#define YELLOW "\e[1;33m"
#define RESET "\e[0m"

const int64_t k_refresh_interval = 1ULL * 7 * 24 * 60 * 60 * 1000;

static JSValue _authenticate_jwt(tf_ssb_t* ssb, JSContext* context, const char* jwt);
static JSValue _httpd_websocket_upgrade(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv);
static bool _is_name_valid(const char* name);
static const char* _make_session_jwt(JSContext* context, tf_ssb_t* ssb, const char* name);
static const char* _make_set_session_cookie_header(tf_http_request_t* request, const char* session_cookie);
const char** _form_data_decode(const char* data, int length);
const char* _form_data_get(const char** form_data, const char* key);

static JSClassID _httpd_request_class_id;

typedef struct _http_user_data_t
{
	char redirect[1024];
} http_user_data_t;

typedef struct _http_handler_data_t
{
	JSContext* context;
	JSValue callback;
} http_handler_data_t;

static JSValue _httpd_response_write_head(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	JS_SetPropertyStr(context, this_val, "response_status", JS_DupValue(context, argv[0]));
	JS_SetPropertyStr(context, this_val, "response_headers", JS_DupValue(context, argv[1]));
	return JS_UNDEFINED;
}

static int _object_to_headers(JSContext* context, JSValue object, const char** headers, int headers_length)
{
	int count = 0;
	JSPropertyEnum* ptab = NULL;
	uint32_t plen = 0;
	JS_GetOwnPropertyNames(context, &ptab, &plen, object, JS_GPN_STRING_MASK);
	for (; count < (int)plen && count < headers_length / 2; ++count)
	{
		JSPropertyDescriptor desc;
		JSValue key_value = JS_NULL;
		if (JS_GetOwnProperty(context, &desc, object, ptab[count].atom) == 1)
		{
			key_value = desc.value;
			JS_FreeValue(context, desc.setter);
			JS_FreeValue(context, desc.getter);
		}
		headers[count * 2 + 0] = JS_AtomToCString(context, ptab[count].atom);
		headers[count * 2 + 1] = JS_ToCString(context, key_value);
		JS_FreeValue(context, key_value);
	}
	for (uint32_t i = 0; i < plen; ++i)
	{
		JS_FreeAtom(context, ptab[i].atom);
	}
	js_free(context, ptab);
	return count;
}

static JSValue _httpd_response_end(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_http_request_t* request = JS_GetOpaque(this_val, _httpd_request_class_id);
	size_t length = 0;
	const char* cstring = NULL;
	const void* data = NULL;
	JSValue buffer = JS_UNDEFINED;
	if (JS_IsString(argv[0]))
	{
		cstring = JS_ToCStringLen(context, &length, argv[0]);
		data = cstring;
	}
	else if ((data = tf_util_try_get_array_buffer(context, &length, argv[0])) != 0)
	{
	}
	else
	{
		size_t offset;
		size_t size;
		size_t element_size;
		buffer = tf_util_try_get_typed_array_buffer(context, argv[0], &offset, &size, &element_size);
		if (!JS_IsException(buffer))
		{
			data = tf_util_try_get_array_buffer(context, &length, buffer);
		}
	}
	JSValue response_status = JS_GetPropertyStr(context, this_val, "response_status");
	int status = 0;
	JS_ToInt32(context, &status, response_status);
	JS_FreeValue(context, response_status);

	const char* headers[64] = { 0 };
	JSValue response_headers = JS_GetPropertyStr(context, this_val, "response_headers");
	int headers_count = _object_to_headers(context, response_headers, headers, tf_countof(headers));
	JS_FreeValue(context, response_headers);

	tf_http_respond(request, status, headers, headers_count, data, length);

	for (int i = 0; i < headers_count * 2; i++)
	{
		JS_FreeCString(context, headers[i]);
	}
	JS_FreeValue(context, buffer);
	if (cstring)
	{
		JS_FreeCString(context, cstring);
	}
	return JS_UNDEFINED;
}

static JSValue _httpd_response_send(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_http_request_t* request = JS_GetOpaque(this_val, _httpd_request_class_id);
	int opcode = 0x1;
	JS_ToInt32(context, &opcode, argv[1]);
	size_t length = 0;
	const char* message = JS_ToCStringLen(context, &length, argv[0]);
	tf_http_request_websocket_send(request, opcode, message, length);
	JS_FreeCString(context, message);
	return JS_UNDEFINED;
}

static void _httpd_websocket_close_callback(tf_http_request_t* request)
{
	JSContext* context = request->context;
	JSValue response_object = JS_MKPTR(JS_TAG_OBJECT, request->user_data);
	JSValue on_close = JS_GetPropertyStr(context, response_object, "onClose");
	JSValue response = JS_Call(context, on_close, JS_UNDEFINED, 0, NULL);
	tf_util_report_error(context, response);
	JS_FreeValue(context, response);
	JS_FreeValue(context, on_close);
	JS_SetPropertyStr(context, response_object, "onMessage", JS_UNDEFINED);
	JS_SetPropertyStr(context, response_object, "onClose", JS_UNDEFINED);
	JS_FreeValue(context, response_object);
}

static void _httpd_message_callback(tf_http_request_t* request, int op_code, const void* data, size_t size)
{
	JSContext* context = request->context;
	JSValue response_object = JS_MKPTR(JS_TAG_OBJECT, request->user_data);
	JSValue on_message = JS_GetPropertyStr(context, response_object, "onMessage");
	JSValue event = JS_NewObject(context);
	JS_SetPropertyStr(context, event, "opCode", JS_NewInt32(context, op_code));
	JS_SetPropertyStr(context, event, "data", JS_NewStringLen(context, data, size));
	JSValue response = JS_Call(context, on_message, JS_UNDEFINED, 1, &event);
	tf_util_report_error(context, response);
	JS_FreeValue(context, response);
	JS_FreeValue(context, event);
	JS_FreeValue(context, on_message);
}

static JSValue _httpd_make_response_object(JSContext* context, tf_http_request_t* request)
{
	JSValue response_object = JS_NewObjectClass(context, _httpd_request_class_id);
	JS_SetOpaque(response_object, request);
	JS_SetPropertyStr(context, response_object, "writeHead", JS_NewCFunction(context, _httpd_response_write_head, "writeHead", 2));
	JS_SetPropertyStr(context, response_object, "end", JS_NewCFunction(context, _httpd_response_end, "end", 1));
	JS_SetPropertyStr(context, response_object, "send", JS_NewCFunction(context, _httpd_response_send, "send", 2));
	JS_SetPropertyStr(context, response_object, "upgrade", JS_NewCFunction(context, _httpd_websocket_upgrade, "upgrade", 2));
	return response_object;
}

static bool _httpd_redirect(tf_http_request_t* request)
{
	if (request->is_tls)
	{
		return false;
	}

	http_user_data_t* user_data = tf_http_get_user_data(request->http);
	if (!user_data || !*user_data->redirect)
	{
		return false;
	}

	char redirect[1024];
	snprintf(redirect, sizeof(redirect), "%s%s", user_data->redirect, request->path);
	tf_http_respond(request, 303, (const char*[]) { "Location", redirect }, 1, NULL, 0);
	return true;
}

static JSValue _httpd_websocket_upgrade(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_http_request_t* request = JS_GetOpaque(this_val, _httpd_request_class_id);
	tf_http_request_ref(request);
	const char* header_connection = tf_http_request_get_header(request, "connection");
	const char* header_upgrade = tf_http_request_get_header(request, "upgrade");
	const char* header_sec_websocket_key = tf_http_request_get_header(request, "sec-websocket-key");
	if (header_connection && header_upgrade && header_sec_websocket_key && strstr(header_connection, "Upgrade") && strcasecmp(header_upgrade, "websocket") == 0)
	{
		static const char* k_magic = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
		size_t key_length = strlen(header_sec_websocket_key);
		size_t size = key_length + 36;
		uint8_t* key_magic = alloca(size);
		memcpy(key_magic, header_sec_websocket_key, key_length);
		memcpy(key_magic + key_length, k_magic, 36);
		uint8_t digest[20];
		SHA1(key_magic, size, digest);
		char key[41] = { 0 };
		tf_base64_encode(digest, sizeof(digest), key, sizeof(key));

		const char* headers[64] = { 0 };
		int headers_count = 0;

		headers[headers_count * 2 + 0] = "Upgrade";
		headers[headers_count * 2 + 1] = "websocket";
		headers_count++;

		headers[headers_count * 2 + 0] = "Connection";
		headers[headers_count * 2 + 1] = "Upgrade";
		headers_count++;

		headers[headers_count * 2 + 0] = "Sec-WebSocket-Accept";
		headers[headers_count * 2 + 1] = key;
		headers_count++;

		tf_ssb_t* ssb = tf_task_get_ssb(tf_task_get(context));
		const char* session = tf_http_get_cookie(tf_http_request_get_header(request, "cookie"), "session");
		JSValue jwt = _authenticate_jwt(ssb, context, session);
		tf_free((void*)session);
		JSValue name = !JS_IsUndefined(jwt) ? JS_GetPropertyStr(context, jwt, "name") : JS_UNDEFINED;
		const char* name_string = !JS_IsUndefined(name) ? JS_ToCString(context, name) : NULL;
		const char* session_token = _make_session_jwt(tf_ssb_get_context(ssb), ssb, name_string);
		const char* cookie = _make_set_session_cookie_header(request, session_token);
		tf_free((void*)session_token);
		JS_FreeCString(context, name_string);
		JS_FreeValue(context, name);
		JS_FreeValue(context, jwt);
		headers[headers_count * 2 + 0] = "Set-Cookie";
		headers[headers_count * 2 + 1] = cookie ? cookie : "";
		headers_count++;

		bool send_version = !tf_http_request_get_header(request, "sec-websocket-version") || strcmp(tf_http_request_get_header(request, "sec-websocket-version"), "13") != 0;
		if (send_version)
		{
			headers[headers_count * 2 + 0] = "Sec-WebSocket-Accept";
			headers[headers_count * 2 + 1] = key;
			headers_count++;
		}
		int js_headers_count = _object_to_headers(context, argv[1], headers + headers_count * 2, tf_countof(headers) - headers_count * 2);
		headers_count += js_headers_count;

		tf_http_request_websocket_upgrade(request);
		tf_http_respond(request, 101, headers, headers_count, NULL, 0);

		for (int i = headers_count - js_headers_count; i < headers_count * 2; i++)
		{
			JS_FreeCString(context, headers[i * 2 + 0]);
			JS_FreeCString(context, headers[i * 2 + 1]);
		}

		tf_free((void*)cookie);

		request->on_message = _httpd_message_callback;
		request->on_close = _httpd_websocket_close_callback;
		request->context = context;
		request->user_data = JS_VALUE_GET_PTR(JS_DupValue(context, this_val));
	}
	else
	{
		tf_http_respond(request, 400, NULL, 0, NULL, 0);
	}
	tf_http_request_unref(request);

	return JS_UNDEFINED;
}

typedef struct _httpd_listener_t
{
	tf_tls_context_t* tls;
} httpd_listener_t;

static void _httpd_listener_cleanup(void* user_data)
{
	httpd_listener_t* listener = user_data;
	if (listener->tls)
	{
		tf_tls_context_destroy(listener->tls);
	}
	tf_free(listener);
}

typedef struct _auth_query_work_t
{
	const char* settings;
	JSValue entry;
	JSValue result;
	JSValue promise[2];
} auth_query_work_t;

static void _httpd_auth_query_work(tf_ssb_t* ssb, void* user_data)
{
	auth_query_work_t* work = user_data;
	work->settings = tf_ssb_db_get_property(ssb, "core", "settings");
}

static void _httpd_auth_query_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	auth_query_work_t* work = user_data;
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue name = JS_GetPropertyStr(context, work->entry, "name");
	const char* name_string = JS_ToCString(context, name);
	JSValue settings_value = work->settings ? JS_ParseJSON(context, work->settings, strlen(work->settings), NULL) : JS_UNDEFINED;
	JSValue out_permissions = JS_NewObject(context);
	JS_SetPropertyStr(context, work->result, "permissions", out_permissions);
	JSValue permissions = !JS_IsUndefined(settings_value) ? JS_GetPropertyStr(context, settings_value, "permissions") : JS_UNDEFINED;
	JSValue user_permissions = !JS_IsUndefined(permissions) ? JS_GetPropertyStr(context, permissions, name_string) : JS_UNDEFINED;
	int length = !JS_IsUndefined(user_permissions) ? tf_util_get_length(context, user_permissions) : 0;
	for (int i = 0; i < length; i++)
	{
		JSValue permission = JS_GetPropertyUint32(context, user_permissions, i);
		const char* permission_string = JS_ToCString(context, permission);
		JS_SetPropertyStr(context, out_permissions, permission_string, JS_TRUE);
		JS_FreeCString(context, permission_string);
		JS_FreeValue(context, permission);
	}
	JSValue error = JS_Call(context, work->promise[0], JS_UNDEFINED, 1, &work->result);
	JS_FreeValue(context, work->result);
	tf_util_report_error(context, error);
	JS_FreeValue(context, error);
	JS_FreeValue(context, work->promise[0]);
	JS_FreeValue(context, work->promise[1]);
	JS_FreeValue(context, user_permissions);
	JS_FreeValue(context, permissions);
	JS_FreeValue(context, settings_value);
	tf_free((void*)work->settings);
	JS_FreeCString(context, name_string);
	JS_FreeValue(context, name);
	tf_free(work);
}

static JSValue _httpd_auth_query(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
{
	tf_task_t* task = tf_task_get(context);
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	JSValue headers = argv[0];
	if (JS_IsUndefined(headers))
	{
		return JS_UNDEFINED;
	}

	JSValue cookie = JS_GetPropertyStr(context, headers, "cookie");
	const char* cookie_string = JS_ToCString(context, cookie);
	const char* session = tf_http_get_cookie(cookie_string, "session");
	JSValue entry = _authenticate_jwt(ssb, context, session);
	tf_free((void*)session);
	JS_FreeCString(context, cookie_string);
	JS_FreeValue(context, cookie);

	JSValue result = JS_UNDEFINED;
	if (!JS_IsUndefined(entry))
	{
		JSValue value = JS_NewObject(context);
		JS_SetPropertyStr(context, value, "session", entry);

		auth_query_work_t* work = tf_malloc(sizeof(auth_query_work_t));
		*work = (auth_query_work_t) {
			.entry = entry,
			.result = value,
		};
		result = JS_NewPromiseCapability(context, work->promise);
		tf_ssb_run_work(ssb, _httpd_auth_query_work, _httpd_auth_query_after_work, work);
	}
	return result;
}

typedef struct _magic_bytes_t
{
	const char* type;
	uint8_t bytes[12];
	uint8_t ignore[12];
} magic_bytes_t;

static bool _magic_bytes_match(const magic_bytes_t* magic, const uint8_t* actual, size_t size)
{
	if (size < sizeof(magic->bytes))
	{
		return false;
	}

	int length = (int)tf_min(sizeof(magic->bytes), size);
	for (int i = 0; i < length; i++)
	{
		if ((magic->bytes[i] & ~magic->ignore[i]) != (actual[i] & ~magic->ignore[i]))
		{
			return false;
		}
	}
	return true;
}

static const char* _httpd_mime_type_from_magic_bytes(const uint8_t* bytes, size_t size)
{
	const char* type = "application/binary";
	if (bytes)
	{
		const magic_bytes_t k_magic_bytes[] = {
			{
				.type = "image/jpeg",
				.bytes = { 0xff, 0xd8, 0xff, 0xdb },
			},
			{
				.type = "image/jpeg",
				.bytes = { 0xff, 0xd8, 0xff, 0xe0, 0x00, 0x10, 0x4a, 0x46, 0x49, 0x46, 0x00, 0x01 },
			},
			{
				.type = "image/jpeg",
				.bytes = { 0xff, 0xd8, 0xff, 0xee },
			},
			{
				.type = "image/jpeg",
				.bytes = { 0xff, 0xd8, 0xff, 0xe1, 0x00, 0x00, 0x45, 0x78, 0x69, 0x66, 0x00, 0x00 },
				.ignore = { 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
			},
			{
				.type = "image/png",
				.bytes = { 0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a },
			},
			{
				.type = "image/gif",
				.bytes = { 0x47, 0x49, 0x46, 0x38, 0x37, 0x61 },
			},
			{
				.type = "image/gif",
				.bytes = { 0x47, 0x49, 0x46, 0x38, 0x39, 0x61 },
			},
			{
				.type = "image/webp",
				.bytes = { 0x52, 0x49, 0x46, 0x46, 0x00, 0x00, 0x00, 0x00, 0x57, 0x45, 0x42, 0x50 },
				.ignore = { 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 },
			},
			{
				.type = "image/svg+xml",
				.bytes = { 0x3c, 0x73, 0x76, 0x67 },
			},
			{
				.type = "audio/mpeg",
				.bytes = { 0x00, 0x00, 0x00, 0x00, 0x66, 0x74, 0x79, 0x70, 0x6d, 0x70, 0x34, 0x32 },
				.ignore = { 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
			},
			{
				.type = "video/mp4",
				.bytes = { 0x00, 0x00, 0x00, 0x00, 0x66, 0x74, 0x79, 0x70, 0x69, 0x73, 0x6f, 0x6d },
				.ignore = { 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
			},
			{
				.type = "video/mp4",
				.bytes = { 0x00, 0x00, 0x00, 0x00, 0x66, 0x74, 0x79, 0x70, 0x6d, 0x70, 0x34, 0x32 },
				.ignore = { 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
			},
			{
				.type = "audio/midi",
				.bytes = { 0x4d, 0x54, 0x68, 0x64 },
			},
		};

		for (int i = 0; i < tf_countof(k_magic_bytes); i++)
		{
			if (_magic_bytes_match(&k_magic_bytes[i], bytes, size))
			{
				type = k_magic_bytes[i].type;
				break;
			}
		}
	}
	return type;
}

static const char* _ext_to_content_type(const char* ext, bool use_fallback)
{
	if (ext)
	{
		typedef struct _ext_type_t
		{
			const char* ext;
			const char* type;
		} ext_type_t;

		const ext_type_t k_types[] = {
			{ .ext = ".html", .type = "text/html; charset=UTF-8" },
			{ .ext = ".js", .type = "text/javascript; charset=UTF-8" },
			{ .ext = ".mjs", .type = "text/javascript; charset=UTF-8" },
			{ .ext = ".css", .type = "text/css; charset=UTF-8" },
			{ .ext = ".png", .type = "image/png" },
			{ .ext = ".json", .type = "application/json" },
			{ .ext = ".map", .type = "application/json" },
			{ .ext = ".svg", .type = "image/svg+xml" },
		};

		for (int i = 0; i < tf_countof(k_types); i++)
		{
			if (strcmp(ext, k_types[i].ext) == 0)
			{
				return k_types[i].type;
			}
		}
	}
	return use_fallback ? "application/binary" : NULL;
}

static void _httpd_request_finalizer(JSRuntime* runtime, JSValue value)
{
	tf_http_request_t* request = JS_GetOpaque(value, _httpd_request_class_id);
	tf_http_request_unref(request);
}

static void _httpd_endpoint_trace(tf_http_request_t* request)
{
	if (_httpd_redirect(request))
	{
		return;
	}

	tf_task_t* task = request->user_data;
	tf_trace_t* trace = tf_task_get_trace(task);
	char* json = tf_trace_export(trace);
	const char* headers[] = {
		"Content-Type",
		"application/json; charset=utf-8",
		"Access-Control-Allow-Origin",
		"*",
	};
	tf_http_respond(request, 200, headers, tf_countof(headers) / 2, json, json ? strlen(json) : 0);
	tf_free(json);
}

static void _httpd_endpoint_mem(tf_http_request_t* request)
{
	if (_httpd_redirect(request))
	{
		return;
	}

	char* response = NULL;
	size_t length = 0;

	int count = 0;
	tf_mem_allocation_t* alloc = tf_mem_summarize_allocations(&count);
	for (int i = 0; i < count; i++)
	{
		const char* stack = tf_util_backtrace_to_string(alloc[i].frames, alloc[i].frames_count);
		int line = snprintf(NULL, 0, "%zd bytes in %d allocations\n%s\n\n", alloc[i].size, alloc[i].count, stack);
		response = tf_resize_vec(response, length + line);
		snprintf(response + length, line, "%zd bytes in %d allocations\n%s\n\n", alloc[i].size, alloc[i].count, stack);
		length += line - 1;
		tf_free((void*)stack);
	}
	tf_free(alloc);

	const char* headers[] = {
		"Content-Type",
		"text/plain; charset=utf-8",
		"Access-Control-Allow-Origin",
		"*",
	};
	tf_http_respond(request, 200, headers, tf_countof(headers) / 2, response, length);
	tf_free(response);
}

static const char* _after(const char* text, const char* prefix)
{
	size_t prefix_length = strlen(prefix);
	if (text && strncmp(text, prefix, prefix_length) == 0)
	{
		return text + prefix_length;
	}
	return NULL;
}

static double _time_spec_to_double(const uv_timespec_t* time_spec)
{
	return (double)time_spec->tv_sec + (double)(time_spec->tv_nsec) / 1e9;
}

typedef struct _http_file_t
{
	tf_http_request_t* request;
	char etag[512];
} http_file_t;

static bool _ends_with(const char* a, const char* suffix)
{
	if (!a || !suffix)
	{
		return false;
	}
	size_t alen = strlen(a);
	size_t suffixlen = strlen(suffix);
	return alen >= suffixlen && strcmp(a + alen - suffixlen, suffix) == 0;
}

static void _httpd_endpoint_static_read(tf_task_t* task, const char* path, int result, const void* data, void* user_data)
{
	http_file_t* file = user_data;
	tf_http_request_t* request = file->request;
	if (result >= 0)
	{
		if (strcmp(path, "core/tfrpc.js") == 0 || _ends_with(path, "core/tfrpc.js"))
		{
			const char* content_type = _ext_to_content_type(strrchr(path, '.'), true);
			const char* headers[] = {
				"Content-Type",
				content_type,
				"etag",
				file->etag,
				"Access-Control-Allow-Origin",
				"null",
			};
			tf_http_respond(request, 200, headers, tf_countof(headers) / 2, data, result);
		}
		else
		{
			const char* content_type = _ext_to_content_type(strrchr(path, '.'), true);
			const char* headers[] = {
				"Content-Type",
				content_type,
				"etag",
				file->etag,
			};
			tf_http_respond(request, 200, headers, tf_countof(headers) / 2, data, result);
		}
	}
	else
	{
		const char* k_payload = tf_http_status_text(404);
		tf_http_respond(request, 404, NULL, 0, k_payload, strlen(k_payload));
	}
	tf_http_request_unref(request);
	tf_free(file);
}

static void _httpd_endpoint_static_stat(tf_task_t* task, const char* path, int result, const uv_stat_t* stat, void* user_data)
{
	tf_http_request_t* request = user_data;
	const char* match = tf_http_request_get_header(request, "if-none-match");
	if (result != 0)
	{
		const char* k_payload = tf_http_status_text(404);
		tf_http_respond(request, 404, NULL, 0, k_payload, strlen(k_payload));
		tf_http_request_unref(request);
	}
	else
	{
		char etag[512];
		snprintf(etag, sizeof(etag), "\"%f_%zd\"", _time_spec_to_double(&stat->st_mtim), (size_t)stat->st_size);
		if (match && strcmp(match, etag) == 0)
		{
			tf_http_respond(request, 304, NULL, 0, NULL, 0);
			tf_http_request_unref(request);
		}
		else
		{
			http_file_t* file = tf_malloc(sizeof(http_file_t));
			*file = (http_file_t) { .request = request };
			static_assert(sizeof(file->etag) == sizeof(etag), "Size mismatch");
			memcpy(file->etag, etag, sizeof(etag));
			tf_file_read(task, path, _httpd_endpoint_static_read, file);
		}
	}
}

static void _httpd_endpoint_static(tf_http_request_t* request)
{
	if (request->path && strncmp(request->path, "/.well-known/", strlen("/.well-known/")) && _httpd_redirect(request))
	{
		return;
	}

	const char* k_static_files[] = {
		"index.html",
		"client.js",
		"tildefriends.svg",
		"jszip.min.js",
		"style.css",
		"tfrpc.js",
		"w3.css",
	};

	const char* k_map[][2] = {
		{ "/static/", "core/" },
		{ "/lit/", "deps/lit/" },
		{ "/codemirror/", "deps/codemirror/" },
		{ "/prettier/", "deps/prettier/" },
		{ "/speedscope/", "deps/speedscope/" },
		{ "/.well-known/", "data/global/.well-known/" },
	};

	bool is_core = false;
	const char* after = NULL;
	const char* file_path = NULL;
	for (int i = 0; i < tf_countof(k_map) && !after; i++)
	{
		const char* next_after = _after(request->path, k_map[i][0]);
		if (next_after)
		{
			after = next_after;
			file_path = k_map[i][1];
			is_core = after && i == 0;
		}
	}

	if ((!after || !*after) && request->path[strlen(request->path) - 1] == '/')
	{
		after = "index.html";
		if (!file_path)
		{
			file_path = "core/";
			is_core = true;
		}
	}

	if (!after || strstr(after, ".."))
	{
		const char* k_payload = tf_http_status_text(404);
		tf_http_respond(request, 404, NULL, 0, k_payload, strlen(k_payload));
		return;
	}

	if (is_core)
	{
		bool found = false;
		for (int i = 0; i < tf_countof(k_static_files); i++)
		{
			if (strcmp(after, k_static_files[i]) == 0)
			{
				found = true;
				break;
			}
		}

		if (!found)
		{
			const char* k_payload = tf_http_status_text(404);
			tf_http_respond(request, 404, NULL, 0, k_payload, strlen(k_payload));
			return;
		}
	}

	tf_task_t* task = request->user_data;
	const char* root_path = tf_task_get_root_path(task);
	size_t size = (root_path ? strlen(root_path) + 1 : 0) + strlen(file_path) + strlen(after) + 1;
	char* path = alloca(size);
	snprintf(path, size, "%s%s%s%s", root_path ? root_path : "", root_path ? "/" : "", file_path, after);
	tf_http_request_ref(request);
	tf_file_stat(task, path, _httpd_endpoint_static_stat, request);
}

static void _httpd_endpoint_add_slash(tf_http_request_t* request)
{
	const char* host = tf_http_request_get_header(request, "x-forwarded-host");
	if (!host)
	{
		host = tf_http_request_get_header(request, "host");
	}
	char url[1024];
	snprintf(url, sizeof(url), "%s%s%s/", request->is_tls ? "https://" : "http://", host, request->path);
	const char* headers[] = {
		"Location",
		url,
	};
	tf_http_respond(request, 303, headers, tf_countof(headers) / 2, "", 0);
}

typedef struct _user_app_t
{
	const char* user;
	const char* app;
} user_app_t;

static user_app_t* _parse_user_app_from_path(const char* path, const char* expected_suffix)
{
	if (!path || path[0] != '/' || path[1] != '~')
	{
		return NULL;
	}

	size_t length = strlen(path);
	size_t suffix_length = expected_suffix ? strlen(expected_suffix) : 0;
	if (length < suffix_length || strcmp(path + length - suffix_length, expected_suffix) != 0)
	{
		return NULL;
	}

	const char* slash = strchr(path + 2, '/');
	if (!slash)
	{
		return NULL;
	}

	const char* user = path + 2;
	size_t user_length = (size_t)(slash - user);
	const char* app = slash + 1;
	size_t app_length = (size_t)(length - suffix_length - user_length - 3);
	user_app_t* result = tf_malloc(sizeof(user_app_t) + user_length + 1 + app_length + 1);

	*result = (user_app_t) {
		.user = (char*)(result + 1),
		.app = (char*)(result + 1) + user_length + 1,
	};
	memcpy((char*)result->user, user, user_length);
	((char*)result->user)[user_length] = '\0';
	memcpy((char*)result->app, app, app_length);
	((char*)result->app)[app_length] = '\0';

	if (!_is_name_valid(result->user) || !_is_name_valid(result->app))
	{
		tf_free(result);
		result = NULL;
	}

	return result;
}

typedef struct _app_blob_t
{
	tf_http_request_t* request;
	bool found;
	bool not_modified;
	bool use_handler;
	bool use_static;
	void* data;
	size_t size;
	char app_blob_id[k_blob_id_len];
	const char* file;
	user_app_t* user_app;
	char etag[256];
} app_blob_t;

static void _httpd_endpoint_app_blob_work(tf_ssb_t* ssb, void* user_data)
{
	app_blob_t* data = user_data;
	tf_http_request_t* request = data->request;
	if (request->path[0] == '/' && request->path[1] == '~')
	{
		const char* last_slash = strchr(request->path + 1, '/');
		if (last_slash)
		{
			last_slash = strchr(last_slash + 1, '/');
		}
		data->user_app = last_slash ? _parse_user_app_from_path(request->path, last_slash) : NULL;
		if (data->user_app)
		{
			size_t path_length = strlen("path:") + strlen(data->user_app->app) + 1;
			char* app_path = tf_malloc(path_length);
			snprintf(app_path, path_length, "path:%s", data->user_app->app);
			const char* value = tf_ssb_db_get_property(ssb, data->user_app->user, app_path);
			tf_string_set(data->app_blob_id, sizeof(data->app_blob_id), value);
			tf_free(app_path);
			tf_free((void*)value);
			data->file = last_slash + 1;
		}
	}
	else if (request->path[0] == '/' && request->path[1] == '&')
	{
		const char* end = strstr(request->path, ".sha256/");
		if (end)
		{
			snprintf(data->app_blob_id, sizeof(data->app_blob_id), "%.*s", (int)(end + strlen(".sha256") - request->path - 1), request->path + 1);
			data->file = end + strlen(".sha256/");
		}
	}

	char* app_blob = NULL;
	size_t app_blob_size = 0;
	if (*data->app_blob_id && tf_ssb_db_blob_get(ssb, data->app_blob_id, (uint8_t**)&app_blob, &app_blob_size))
	{
		JSMallocFunctions funcs = { 0 };
		tf_get_js_malloc_functions(&funcs);
		JSRuntime* runtime = JS_NewRuntime2(&funcs, NULL);
		JSContext* context = JS_NewContext(runtime);

		JSValue app_object = JS_ParseJSON(context, app_blob, app_blob_size, NULL);
		JSValue files = JS_GetPropertyStr(context, app_object, "files");
		JSValue blob_id = JS_GetPropertyStr(context, files, data->file);
		if (JS_IsUndefined(blob_id))
		{
			blob_id = JS_GetPropertyStr(context, files, "handler.js");
			if (!JS_IsUndefined(blob_id))
			{
				data->use_handler = true;
			}
		}
		else
		{
			const char* blob_id_str = JS_ToCString(context, blob_id);
			if (blob_id_str)
			{
				snprintf(data->etag, sizeof(data->etag), "\"%s\"", blob_id_str);
				const char* match = tf_http_request_get_header(data->request, "if-none-match");
				if (match && strcmp(match, data->etag) == 0)
				{
					data->not_modified = true;
				}
				else
				{
					data->found = tf_ssb_db_blob_get(ssb, blob_id_str, (uint8_t**)&data->data, &data->size);
				}
			}
			JS_FreeCString(context, blob_id_str);
		}
		JS_FreeValue(context, blob_id);
		JS_FreeValue(context, files);
		JS_FreeValue(context, app_object);

		JS_FreeContext(context);
		JS_FreeRuntime(runtime);
		tf_free(app_blob);
	}
}

static void _httpd_call_app_handler(tf_ssb_t* ssb, tf_http_request_t* request, const char* app_blob_id, const char* path, const char* package_owner, const char* app)
{
	JSContext* context = tf_ssb_get_context(ssb);
	JSValue global = JS_GetGlobalObject(context);
	JSValue exports = JS_GetPropertyStr(context, global, "exports");
	JSValue call_app_handler = JS_GetPropertyStr(context, exports, "callAppHandler");

	JSValue response = _httpd_make_response_object(context, request);
	tf_http_request_ref(request);
	JSValue handler_blob_id = JS_NewString(context, app_blob_id);
	JSValue path_value = JS_NewString(context, path);
	JSValue package_owner_value = JS_NewString(context, package_owner);
	JSValue app_value = JS_NewString(context, app);
	JSValue query_value = request->query ? JS_NewString(context, request->query) : JS_UNDEFINED;

	JSValue headers = JS_NewObject(context);
	for (int i = 0; i < request->headers_count; i++)
	{
		char name[256] = "";
		snprintf(name, sizeof(name), "%.*s", (int)request->headers[i].name_len, request->headers[i].name);
		JS_SetPropertyStr(context, headers, name, JS_NewStringLen(context, request->headers[i].value, request->headers[i].value_len));
	}

	JSValue args[] = {
		response,
		handler_blob_id,
		path_value,
		query_value,
		headers,
		package_owner_value,
		app_value,
	};

	JSValue result = JS_Call(context, call_app_handler, JS_NULL, tf_countof(args), args);
	tf_util_report_error(context, result);
	JS_FreeValue(context, result);

	JS_FreeValue(context, headers);
	JS_FreeValue(context, query_value);
	JS_FreeValue(context, app_value);
	JS_FreeValue(context, package_owner_value);
	JS_FreeValue(context, handler_blob_id);
	JS_FreeValue(context, path_value);
	JS_FreeValue(context, response);
	JS_FreeValue(context, call_app_handler);
	JS_FreeValue(context, exports);
	JS_FreeValue(context, global);
}

static void _httpd_endpoint_app_blob_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	app_blob_t* data = user_data;
	if (data->not_modified)
	{
		tf_http_respond(data->request, 304, NULL, 0, NULL, 0);
	}
	else if (data->use_static)
	{
		_httpd_endpoint_static(data->request);
	}
	else if (data->use_handler)
	{
		_httpd_call_app_handler(ssb, data->request, data->app_blob_id, data->file, data->user_app->user, data->user_app->app);
	}
	else if (data->found)
	{
		const char* mime_type = _ext_to_content_type(strrchr(data->request->path, '.'), false);
		if (!mime_type)
		{
			mime_type = _httpd_mime_type_from_magic_bytes(data->data, data->size);
		}
		const char* headers[] = {
			"Access-Control-Allow-Origin",
			"*",
			"Content-Security-Policy",
			"sandbox allow-downloads allow-top-navigation-by-user-activation",
			"Content-Type",
			mime_type ? mime_type : "application/binary",
			"etag",
			data->etag,
		};
		tf_http_respond(data->request, 200, headers, tf_countof(headers) / 2, data->data, data->size);
	}
	tf_free(data->user_app);
	tf_free(data->data);
	tf_http_request_unref(data->request);
	tf_free(data);
}

static void _httpd_endpoint_app_blob(tf_http_request_t* request)
{
	tf_http_request_ref(request);
	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	app_blob_t* data = tf_malloc(sizeof(app_blob_t));
	*data = (app_blob_t) { .request = request };
	tf_ssb_run_work(ssb, _httpd_endpoint_app_blob_work, _httpd_endpoint_app_blob_after_work, data);
}

static bool _has_property(JSContext* context, JSValue object, const char* name)
{
	JSAtom atom = JS_NewAtom(context, name);
	bool result = JS_HasProperty(context, object, atom) > 0;
	JS_FreeAtom(context, atom);
	return result;
}

static void _httpd_endpoint_app_index_work(tf_ssb_t* ssb, void* user_data)
{
	app_blob_t* data = user_data;
	data->use_static = true;
	user_app_t* user_app = data->user_app;

	size_t app_path_length = strlen("path:") + strlen(user_app->app) + 1;
	char* app_path = tf_malloc(app_path_length);
	snprintf(app_path, app_path_length, "path:%s", user_app->app);
	const char* app_blob_id = tf_ssb_db_get_property(ssb, user_app->user, app_path);
	tf_free(app_path);

	uint8_t* app_blob = NULL;
	size_t app_blob_size = 0;

	if (tf_ssb_db_blob_get(ssb, app_blob_id, &app_blob, &app_blob_size))
	{
		JSMallocFunctions funcs = { 0 };
		tf_get_js_malloc_functions(&funcs);
		JSRuntime* runtime = JS_NewRuntime2(&funcs, NULL);
		JSContext* context = JS_NewContext(runtime);

		JSValue app = JS_ParseJSON(context, (const char*)app_blob, app_blob_size, NULL);
		JSValue files = JS_GetPropertyStr(context, app, "files");

		if (!_has_property(context, files, "app.js"))
		{
			JSValue index = JS_GetPropertyStr(context, files, "index.html");
			if (JS_IsString(index))
			{
				const char* index_string = JS_ToCString(context, index);
				tf_ssb_db_blob_get(ssb, index_string, (uint8_t**)&data->data, &data->size);
				JS_FreeCString(context, index_string);
			}
			JS_FreeValue(context, index);
		}

		JS_FreeValue(context, files);
		JS_FreeValue(context, app);

		JS_FreeContext(context);
		JS_FreeRuntime(runtime);

		tf_free(app_blob);
	}
	tf_free((void*)app_blob_id);
}

static char* _replace(const char* original, size_t size, const char* find, const char* replace, size_t* out_size)
{
	char* pos = strstr(original, find);
	if (!pos)
	{
		return tf_strdup(original);
	}

	size_t replace_length = strlen(replace);
	size_t find_length = strlen(find);
	size_t new_size = size + replace_length - find_length;
	char* buffer = tf_malloc(new_size);
	memcpy(buffer, original, pos - original);
	memcpy(buffer + (pos - original), replace, replace_length);
	memcpy(buffer + (pos - original) + replace_length, pos + find_length, size - (pos - original) - find_length);
	*out_size = new_size;
	return buffer;
}

static char* _append_raw(char* document, size_t* current_size, const char* data, size_t size)
{
	document = tf_resize_vec(document, *current_size + size);
	memcpy(document + *current_size, data, size);
	document[*current_size + size] = '\0';
	*current_size += size;
	return document;
}

static char* _append_encoded(char* document, const char* data, size_t size, size_t* out_size)
{
	size_t current_size = strlen(document);
	int accum = 0;
	for (int i = 0; (size_t)i < size; i++)
	{
		switch (data[i])
		{
		case '"':
			if (i > accum)
			{
				document = _append_raw(document, &current_size, data + accum, i - accum);
			}
			document = _append_raw(document, &current_size, "&quot;", strlen("&quot;"));
			accum = i + 1;
			break;
		case '\'':
			if (i > accum)
			{
				document = _append_raw(document, &current_size, data + accum, i - accum);
			}
			document = _append_raw(document, &current_size, "&#x27;", strlen("&#x27;"));
			accum = i + 1;
			break;
		case '<':
			if (i > accum)
			{
				document = _append_raw(document, &current_size, data + accum, i - accum);
			}
			document = _append_raw(document, &current_size, "&lt;", strlen("&lt;"));
			accum = i + 1;
			break;
		case '>':
			if (i > accum)
			{
				document = _append_raw(document, &current_size, data + accum, i - accum);
			}
			document = _append_raw(document, &current_size, "&gt;", strlen("&gt;"));
			accum = i + 1;
			break;
		case '&':
			if (i > accum)
			{
				document = _append_raw(document, &current_size, data + accum, i - accum);
			}
			document = _append_raw(document, &current_size, "&amp;", strlen("&amp;"));
			accum = i + 1;
			break;
		default:
			break;
		}
	}
	*out_size = current_size;
	return document;
}

static void _httpd_endpoint_app_index_file_read(tf_task_t* task, const char* path, int result, const void* data, void* user_data)
{
	app_blob_t* state = user_data;
	if (result > 0)
	{
		char* replacement = tf_strdup("<iframe srcdoc=\"");
		size_t replacement_size = 0;
		replacement = _append_encoded(replacement, state->data, state->size, &replacement_size);
		_append_raw(replacement, &replacement_size, "\"", 1);

		size_t size = 0;
		char* document = _replace(data, result, "<iframe", replacement, &size);
		const char* headers[] = {
			"Content-Type",
			"text/html; charset=utf-8",
		};
		tf_http_respond(state->request, 200, headers, tf_countof(headers) / 2, document, size);
		tf_free(replacement);
		tf_free(document);
	}
	tf_free(state->data);
	tf_free(state->user_app);
	tf_http_request_unref(state->request);
	tf_free(state);
}

static void _httpd_endpoint_app_index_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	app_blob_t* data = user_data;
	if (data->data)
	{
		tf_task_t* task = data->request->user_data;
		const char* root_path = tf_task_get_root_path(task);
		size_t size = (root_path ? strlen(root_path) + 1 : 0) + strlen("core/index.html") + 1;
		char* path = alloca(size);
		snprintf(path, size, "%s%score/index.html", root_path ? root_path : "", root_path ? "/" : "");
		tf_file_read(task, path, _httpd_endpoint_app_index_file_read, data);
	}
	else
	{
		_httpd_endpoint_static(data->request);
		tf_free(data->user_app);
		tf_http_request_unref(data->request);
		tf_free(data);
	}
}

static void _httpd_endpoint_app_index(tf_http_request_t* request)
{
	user_app_t* user_app = _parse_user_app_from_path(request->path, "/");
	if (!user_app)
	{
		return _httpd_endpoint_static(request);
	}

	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	app_blob_t* data = tf_malloc(sizeof(app_blob_t));
	(*data) = (app_blob_t) { .request = request, .user_app = user_app };
	tf_http_request_ref(request);
	tf_ssb_run_work(ssb, _httpd_endpoint_app_index_work, _httpd_endpoint_app_index_after_work, data);
}

typedef struct _view_t
{
	tf_http_request_t* request;
	const char** form_data;
	void* data;
	size_t size;
	char etag[256];
	char notify_want_blob_id[k_blob_id_len];
	bool not_modified;
} view_t;

static bool _is_filename_safe(const char* filename)
{
	if (!filename)
	{
		return NULL;
	}
	for (const char* p = filename; *p; p++)
	{
		if ((*p <= 'a' && *p >= 'z') && (*p <= 'A' && *p >= 'Z') && (*p <= '0' && *p >= '9') && *p != '.' && *p != '-' && *p != '_')
		{
			return false;
		}
	}
	return strlen(filename) < 256;
}

static void _httpd_endpoint_view_work(tf_ssb_t* ssb, void* user_data)
{
	view_t* view = user_data;
	tf_http_request_t* request = view->request;
	char blob_id[k_blob_id_len] = "";

	user_app_t* user_app = _parse_user_app_from_path(request->path, "/view");
	if (user_app)
	{
		size_t app_path_length = strlen("path:") + strlen(user_app->app) + 1;
		char* app_path = tf_malloc(app_path_length);
		snprintf(app_path, app_path_length, "path:%s", user_app->app);
		const char* value = tf_ssb_db_get_property(ssb, user_app->user, app_path);
		tf_string_set(blob_id, sizeof(blob_id), value);
		tf_free(app_path);
		tf_free((void*)value);
	}
	else if (request->path[0] == '/' && request->path[1] == '&')
	{
		snprintf(blob_id, sizeof(blob_id), "%.*s", (int)(strlen(request->path) - strlen("/view") - 1), request->path + 1);
	}
	tf_free(user_app);

	if (*blob_id)
	{
		snprintf(view->etag, sizeof(view->etag), "\"%s\"", blob_id);
		const char* if_none_match = tf_http_request_get_header(request, "if-none-match");
		char match[258];
		snprintf(match, sizeof(match), "\"%s\"", blob_id);
		if (if_none_match && strcmp(if_none_match, match) == 0)
		{
			view->not_modified = true;
		}
		else
		{
			if (!tf_ssb_db_blob_get(ssb, blob_id, (uint8_t**)&view->data, &view->size))
			{
				sqlite3* db = tf_ssb_acquire_db_writer(ssb);
				tf_ssb_db_add_blob_wants(db, blob_id);
				tf_ssb_release_db_writer(ssb, db);
				tf_string_set(view->notify_want_blob_id, sizeof(view->notify_want_blob_id), blob_id);
			}
		}
	}
}

static void _httpd_endpoint_view_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	view_t* view = user_data;
	const char* filename = _form_data_get(view->form_data, "filename");
	if (!_is_filename_safe(filename))
	{
		filename = NULL;
	}
	char content_disposition[512] = "";
	if (filename)
	{
		snprintf(content_disposition, sizeof(content_disposition), "attachment; filename=%s", filename);
	}
	const char* headers[] = {
		"Content-Security-Policy",
		"sandbox allow-downloads allow-top-navigation-by-user-activation",
		"Content-Type",
		view->data ? _httpd_mime_type_from_magic_bytes(view->data, view->size) : "text/plain",
		"etag",
		view->etag,
		filename ? "Content-Disposition" : NULL,
		filename ? content_disposition : NULL,
	};
	int count = filename ? tf_countof(headers) / 2 : (tf_countof(headers) / 2 - 1);
	if (view->not_modified)
	{
		tf_http_respond(view->request, 304, headers, count, NULL, 0);
	}
	else if (view->data)
	{
		tf_http_respond(view->request, 200, headers, count, view->data, view->size);
		tf_free(view->data);
	}
	else
	{
		const char* k_payload = tf_http_status_text(404);
		tf_http_respond(view->request, 404, NULL, 0, k_payload, strlen(k_payload));
	}

	if (*view->notify_want_blob_id)
	{
		tf_ssb_notify_blob_want_added(ssb, view->notify_want_blob_id);
	}

	tf_free(view->form_data);
	tf_http_request_unref(view->request);
	tf_free(view);
}

static void _httpd_endpoint_view(tf_http_request_t* request)
{
	tf_http_request_ref(request);
	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	view_t* view = tf_malloc(sizeof(view_t));
	*view = (view_t) { .request = request, .form_data = _form_data_decode(request->query, request->query ? strlen(request->query) : 0) };
	tf_ssb_run_work(ssb, _httpd_endpoint_view_work, _httpd_endpoint_view_after_work, view);
}

typedef struct _save_t
{
	tf_http_request_t* request;
	int response;
	char blob_id[k_blob_id_len];
} save_t;

static void _httpd_endpoint_save_work(tf_ssb_t* ssb, void* user_data)
{
	save_t* save = user_data;
	tf_http_request_t* request = save->request;
	const char* session = tf_http_get_cookie(tf_http_request_get_header(request, "cookie"), "session");

	JSMallocFunctions funcs = { 0 };
	tf_get_js_malloc_functions(&funcs);
	JSRuntime* runtime = JS_NewRuntime2(&funcs, NULL);
	JSContext* context = JS_NewContext(runtime);

	JSValue jwt = _authenticate_jwt(ssb, context, session);
	JSValue user = JS_GetPropertyStr(context, jwt, "name");
	const char* user_string = JS_ToCString(context, user);

	if (user_string && _is_name_valid(user_string))
	{
		user_app_t* user_app = _parse_user_app_from_path(request->path, "/save");
		if (user_app)
		{
			if (strcmp(user_string, user_app->user) == 0 || (strcmp(user_app->user, "core") == 0 && tf_ssb_db_user_has_permission(ssb, NULL, user_string, "administration")))
			{
				size_t path_length = strlen("path:") + strlen(user_app->app) + 1;
				char* app_path = tf_malloc(path_length);
				snprintf(app_path, path_length, "path:%s", user_app->app);

				const char* old_blob_id = tf_ssb_db_get_property(ssb, user_app->user, app_path);

				JSValue new_app = JS_ParseJSON(context, request->body, request->content_length, NULL);
				tf_util_report_error(context, new_app);
				if (JS_IsObject(new_app))
				{
					uint8_t* old_blob = NULL;
					size_t old_blob_size = 0;
					if (tf_ssb_db_blob_get(ssb, old_blob_id, &old_blob, &old_blob_size))
					{
						JSValue old_app = JS_ParseJSON(context, (const char*)old_blob, old_blob_size, NULL);
						if (JS_IsObject(old_app))
						{
							JSAtom previous = JS_NewAtom(context, "previous");
							JS_DeleteProperty(context, old_app, previous, 0);
							JS_DeleteProperty(context, new_app, previous, 0);

							JSValue old_app_json = JS_JSONStringify(context, old_app, JS_NULL, JS_NULL);
							JSValue new_app_json = JS_JSONStringify(context, new_app, JS_NULL, JS_NULL);
							const char* old_app_str = JS_ToCString(context, old_app_json);
							const char* new_app_str = JS_ToCString(context, new_app_json);

							if (old_app_str && new_app_str && strcmp(old_app_str, new_app_str) == 0)
							{
								snprintf(save->blob_id, sizeof(save->blob_id), "/%s", old_blob_id);
								save->response = 200;
							}

							JS_FreeCString(context, old_app_str);
							JS_FreeCString(context, new_app_str);
							JS_FreeValue(context, old_app_json);
							JS_FreeValue(context, new_app_json);
							JS_FreeAtom(context, previous);
						}
						JS_FreeValue(context, old_app);
						tf_free(old_blob);
					}

					if (!save->response)
					{
						if (old_blob_id)
						{
							JS_SetPropertyStr(context, new_app, "previous", JS_NewString(context, old_blob_id));
						}
						JSValue new_app_json = JS_JSONStringify(context, new_app, JS_NULL, JS_NULL);
						size_t new_app_length = 0;
						const char* new_app_str = JS_ToCStringLen(context, &new_app_length, new_app_json);

						char blob_id[k_blob_id_len] = { 0 };
						if (tf_ssb_db_blob_store(ssb, (const uint8_t*)new_app_str, new_app_length, blob_id, sizeof(blob_id), NULL) &&
							tf_ssb_db_set_property(ssb, user_app->user, app_path, blob_id))
						{
							tf_ssb_db_add_value_to_array_property(ssb, user_app->user, "apps", user_app->app);
							tf_string_set(save->blob_id, sizeof(save->blob_id), blob_id);
							save->response = 200;
						}
						else
						{
							tf_printf("Blob store or property set failed.\n");
							save->response = 500;
						}

						JS_FreeCString(context, new_app_str);
						JS_FreeValue(context, new_app_json);
					}
				}
				else
				{
					save->response = 400;
				}
				JS_FreeValue(context, new_app);

				tf_free(app_path);
				tf_free((void*)old_blob_id);
			}
			else
			{
				save->response = 403;
			}
			tf_free(user_app);
		}
		else if (strcmp(request->path, "/save") == 0)
		{
			char blob_id[k_blob_id_len] = { 0 };
			if (tf_ssb_db_blob_store(ssb, request->body, request->content_length, blob_id, sizeof(blob_id), NULL))
			{
				tf_string_set(save->blob_id, sizeof(save->blob_id), blob_id);
				save->response = 200;
			}
			else
			{
				tf_printf("Blob store failed.\n");
				save->response = 500;
			}
		}
		else
		{
			save->response = 400;
		}
	}
	else
	{
		save->response = 401;
	}

	tf_free((void*)session);
	JS_FreeCString(context, user_string);
	JS_FreeValue(context, user);
	JS_FreeValue(context, jwt);
	JS_FreeContext(context);
	JS_FreeRuntime(runtime);
}

static void _httpd_endpoint_save_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	save_t* save = user_data;
	tf_http_request_t* request = save->request;
	if (*save->blob_id)
	{
		char body[256] = "";
		int length = snprintf(body, sizeof(body), "/%s", save->blob_id);
		tf_http_respond(request, 200, NULL, 0, body, length);
	}
	tf_http_request_unref(request);
	tf_free(save);
}

static void _httpd_endpoint_save(tf_http_request_t* request)
{
	tf_http_request_ref(request);
	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	save_t* save = tf_malloc(sizeof(save_t));
	*save = (save_t) {
		.request = request,
	};
	tf_ssb_run_work(ssb, _httpd_endpoint_save_work, _httpd_endpoint_save_after_work, save);
}

typedef struct _delete_t
{
	tf_http_request_t* request;
	const char* session;
	int response;
} delete_t;

static void _httpd_endpoint_delete_work(tf_ssb_t* ssb, void* user_data)
{
	delete_t* delete = user_data;
	tf_http_request_t* request = delete->request;

	JSMallocFunctions funcs = { 0 };
	tf_get_js_malloc_functions(&funcs);
	JSRuntime* runtime = JS_NewRuntime2(&funcs, NULL);
	JSContext* context = JS_NewContext(runtime);

	JSValue jwt = _authenticate_jwt(ssb, context, delete->session);
	JSValue user = JS_GetPropertyStr(context, jwt, "name");
	const char* user_string = JS_ToCString(context, user);
	if (user_string && _is_name_valid(user_string))
	{
		user_app_t* user_app = _parse_user_app_from_path(request->path, "/delete");
		if (user_app)
		{
			if (strcmp(user_string, user_app->user) == 0 || (strcmp(user_app->user, "core") == 0 && tf_ssb_db_user_has_permission(ssb, NULL, user_string, "administration")))
			{
				size_t path_length = strlen("path:") + strlen(user_app->app) + 1;
				char* app_path = tf_malloc(path_length);
				snprintf(app_path, path_length, "path:%s", user_app->app);

				bool changed = false;
				changed = tf_ssb_db_remove_value_from_array_property(ssb, user_string, "apps", user_app->app) || changed;
				changed = tf_ssb_db_remove_property(ssb, user_string, app_path) || changed;
				delete->response = changed ? 200 : 404;
				tf_free(app_path);
			}
			else
			{
				delete->response = 401;
			}
		}
		else
		{
			delete->response = 404;
		}
		tf_free(user_app);
	}
	else
	{
		delete->response = 401;
	}

	JS_FreeCString(context, user_string);
	JS_FreeValue(context, user);
	JS_FreeValue(context, jwt);
	JS_FreeContext(context);
	JS_FreeRuntime(runtime);
}

static void _httpd_endpoint_delete_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	delete_t* delete = user_data;
	const char* k_payload = tf_http_status_text(delete->response ? delete->response : 404);
	tf_http_respond(delete->request, delete->response ? delete->response : 404, NULL, 0, k_payload, strlen(k_payload));
	tf_http_request_unref(delete->request);
	tf_free((void*)delete->session);
	tf_free(delete);
}

static void _httpd_endpoint_delete(tf_http_request_t* request)
{
	tf_http_request_ref(request);
	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	delete_t* delete = tf_malloc(sizeof(delete_t));
	*delete = (delete_t) {
		.request = request,
		.session = tf_http_get_cookie(tf_http_request_get_header(request, "cookie"), "session"),
	};
	tf_ssb_run_work(ssb, _httpd_endpoint_delete_work, _httpd_endpoint_delete_after_work, delete);
}

static void _httpd_endpoint_root_callback(const char* path, void* user_data)
{
	tf_http_request_t* request = user_data;
	const char* headers[] = {
		"Location",
		path ? path : "/~core/apps/",
	};
	tf_http_respond(request, 303, headers, tf_countof(headers) / 2, NULL, 0);
	tf_http_request_unref(request);
}

static void _httpd_endpoint_root(tf_http_request_t* request)
{
	const char* host = tf_http_request_get_header(request, "x-forwarded-host");
	if (!host)
	{
		host = tf_http_request_get_header(request, "host");
	}
	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	tf_http_request_ref(request);
	tf_ssb_db_resolve_index_async(ssb, host, _httpd_endpoint_root_callback, request);
}

static void _httpd_endpoint_robots_txt(tf_http_request_t* request)
{
	if (_httpd_redirect(request))
	{
		return;
	}
	char* response = "User-Agent: *\n"
					 "Disallow: /*/*/edit\n"
					 "Allow: /\n";
	const char* headers[] = { "Content-Type", "text/plain; charset=utf-8" };
	tf_http_respond(request, 200, headers, tf_countof(headers) / 2, response, response ? strlen(response) : 0);
}

static void _httpd_endpoint_debug(tf_http_request_t* request)
{
	if (_httpd_redirect(request))
	{
		return;
	}

	tf_task_t* task = request->user_data;
	char* response = tf_task_get_debug(task);
	const char* headers[] = {
		"Content-Type",
		"application/json; charset=utf-8",
		"Access-Control-Allow-Origin",
		"*",
	};
	tf_http_respond(request, 200, headers, tf_countof(headers) / 2, response, response ? strlen(response) : 0);
	tf_free(response);
}

const char** _form_data_decode(const char* data, int length)
{
	int key_max = 1;
	for (int i = 0; i < length; i++)
	{
		if (data[i] == '&')
		{
			key_max++;
		}
	}

	int write_length = length + 1;
	char** result = tf_malloc(sizeof(const char*) * (key_max + 1) * 2 + write_length);
	char* result_buffer = ((char*)result) + sizeof(const char*) * (key_max + 1) * 2;

	char* write_pos = result_buffer;
	int count = 0;
	int i = 0;
	while (i < length)
	{
		result[count++] = write_pos;
		while (i < length)
		{
			if (data[i] == '+')
			{
				*write_pos++ = ' ';
				i++;
			}
			else if (data[i] == '%' && i + 2 < length)
			{
				*write_pos++ = (char)strtoul((const char[]) { data[i + 1], data[i + 2], 0 }, NULL, 16);
				i += 3;
			}
			else if (data[i] == '=')
			{
				if (count % 2 == 0)
				{
					result[count++] = "";
				}
				i++;
				break;
			}
			else if (data[i] == '&')
			{
				if (count % 2 != 0)
				{
					result[count++] = "";
				}
				i++;
				break;
			}
			else
			{
				*write_pos++ = data[i++];
			}
		}
		*write_pos++ = '\0';
	}

	result[count++] = NULL;
	result[count++] = NULL;

	return (const char**)result;
}

const char* _form_data_get(const char** form_data, const char* key)
{
	for (int i = 0; form_data[i]; i += 2)
	{
		if (form_data[i] && strcmp(form_data[i], key) == 0)
		{
			return form_data[i + 1];
		}
	}
	return NULL;
}

typedef struct _login_request_t
{
	tf_http_request_t* request;
	const char* name;
	const char* error;
	const char* settings;
	const char* code_of_conduct;
	bool have_administrator;
	bool session_is_new;

	char location_header[1024];
	const char* set_cookie_header;

	int pending;
} login_request_t;

static const char* _make_set_session_cookie_header(tf_http_request_t* request, const char* session_cookie)
{
	const char* k_pattern = "session=%s; path=/; Max-Age=%" PRId64 "; %sSameSite=Strict; HttpOnly";
	int length = session_cookie ? snprintf(NULL, 0, k_pattern, session_cookie, k_refresh_interval, request->is_tls ? "Secure; " : "") : 0;
	char* cookie = length ? tf_malloc(length + 1) : NULL;
	if (cookie)
	{
		snprintf(cookie, length + 1, k_pattern, session_cookie, k_refresh_interval, request->is_tls ? "Secure; " : "");
	}
	return cookie;
}

static void _login_release(login_request_t* login)
{
	int ref_count = --login->pending;
	if (ref_count == 0)
	{
		tf_free((void*)login->name);
		tf_free((void*)login->code_of_conduct);
		tf_free((void*)login->set_cookie_header);
		tf_free(login);
	}
}

static void _httpd_endpoint_login_file_read_callback(tf_task_t* task, const char* path, int result, const void* data, void* user_data)
{
	login_request_t* login = user_data;
	tf_http_request_t* request = login->request;
	if (result >= 0)
	{
		const char* headers[] = {
			"Content-Type",
			"text/html; charset=utf-8",
			"Set-Cookie",
			login->set_cookie_header ? login->set_cookie_header : "",
		};
		const char* replace_me = "$AUTH_DATA";
		const char* auth = strstr(data, replace_me);
		if (auth)
		{
			JSContext* context = tf_task_get_context(task);
			JSValue object = JS_NewObject(context);
			JS_SetPropertyStr(context, object, "session_is_new", JS_NewBool(context, login->session_is_new));
			JS_SetPropertyStr(context, object, "name", login->name ? JS_NewString(context, login->name) : JS_UNDEFINED);
			JS_SetPropertyStr(context, object, "error", login->error ? JS_NewString(context, login->error) : JS_UNDEFINED);
			JS_SetPropertyStr(context, object, "code_of_conduct", login->code_of_conduct ? JS_NewString(context, login->code_of_conduct) : JS_UNDEFINED);
			JS_SetPropertyStr(context, object, "have_administrator", JS_NewBool(context, login->have_administrator));
			JSValue object_json = JS_JSONStringify(context, object, JS_NULL, JS_NULL);
			size_t json_length = 0;
			const char* json = JS_ToCStringLen(context, &json_length, object_json);

			char* copy = tf_malloc(result + json_length);
			int replace_start = (auth - (const char*)data);
			int replace_end = (auth - (const char*)data) + (int)strlen(replace_me);
			memcpy(copy, data, replace_start);
			memcpy(copy + replace_start, json, json_length);
			memcpy(copy + replace_start + json_length, ((const char*)data) + replace_end, result - replace_end);
			tf_http_respond(request, 200, headers, tf_countof(headers) / 2, copy, replace_start + json_length + (result - replace_end));
			tf_free(copy);

			JS_FreeCString(context, json);
			JS_FreeValue(context, object_json);
			JS_FreeValue(context, object);
		}
		else
		{
			tf_http_respond(request, 200, headers, tf_countof(headers) / 2, data, result);
		}
	}
	else
	{
		const char* k_payload = tf_http_status_text(404);
		tf_http_respond(request, 404, NULL, 0, k_payload, strlen(k_payload));
	}
	tf_http_request_unref(request);
	_login_release(login);
}

static bool _string_property_equals(JSContext* context, JSValue object, const char* name, const char* value)
{
	JSValue object_value = JS_GetPropertyStr(context, object, name);
	const char* object_value_string = JS_ToCString(context, object_value);
	bool equals = object_value_string && strcmp(object_value_string, value) == 0;
	JS_FreeCString(context, object_value_string);
	JS_FreeValue(context, object_value);
	return equals;
}

static JSValue _authenticate_jwt(tf_ssb_t* ssb, JSContext* context, const char* jwt)
{
	if (!jwt)
	{
		return JS_UNDEFINED;
	}

	int dot[2] = { 0 };
	int dot_count = 0;
	for (int i = 0; jwt[i]; i++)
	{
		if (jwt[i] == '.')
		{
			if (dot_count >= tf_countof(dot))
			{
				return JS_UNDEFINED;
			}
			dot[dot_count++] = i;
		}
	}
	if (dot_count != 2)
	{
		return JS_UNDEFINED;
	}

	uint8_t header[256] = { 0 };
	size_t actual_length = 0;
	if (sodium_base642bin(header, sizeof(header), jwt, dot[0], NULL, &actual_length, NULL, sodium_base64_VARIANT_URLSAFE_NO_PADDING) != 0 || actual_length >= sizeof(header))
	{
		return JS_UNDEFINED;
	}

	header[actual_length] = '\0';
	JSValue header_value = JS_ParseJSON(context, (const char*)header, actual_length, NULL);
	bool header_valid = _string_property_equals(context, header_value, "typ", "JWT") && _string_property_equals(context, header_value, "alg", "HS256");
	JS_FreeValue(context, header_value);
	if (!header_valid)
	{
		return JS_UNDEFINED;
	}

	char public_key_b64[k_id_base64_len] = { 0 };
	tf_ssb_whoami(ssb, public_key_b64, sizeof(public_key_b64));

	const char* payload = jwt + dot[0] + 1;
	size_t payload_length = dot[1] - dot[0] - 1;
	if (!tf_ssb_hmacsha256_verify(public_key_b64, payload, payload_length, jwt + dot[1] + 1, true))
	{
		return JS_UNDEFINED;
	}

	uint8_t payload_bin[256];
	size_t actual_payload_length = 0;
	if (sodium_base642bin(payload_bin, sizeof(payload_bin), payload, payload_length, NULL, &actual_payload_length, NULL, sodium_base64_VARIANT_URLSAFE_NO_PADDING) != 0 ||
		actual_payload_length >= sizeof(payload_bin))
	{
		return JS_UNDEFINED;
	}

	payload_bin[actual_payload_length] = '\0';
	JSValue parsed = JS_ParseJSON(context, (const char*)payload_bin, actual_payload_length, NULL);
	JSValue exp = JS_GetPropertyStr(context, parsed, "exp");
	int64_t exp_value = 0;
	JS_ToInt64(context, &exp_value, exp);
	if (time(NULL) >= exp_value)
	{
		JS_FreeValue(context, parsed);
		return JS_UNDEFINED;
	}

	return parsed;
}

static bool _session_is_authenticated_as_user(JSContext* context, JSValue session)
{
	bool result = false;
	JSValue user = JS_GetPropertyStr(context, session, "name");
	const char* user_string = JS_ToCString(context, user);
	result = user_string && strcmp(user_string, "guest") != 0;
	JS_FreeCString(context, user_string);
	JS_FreeValue(context, user);
	return result;
}

static bool _is_name_valid(const char* name)
{
	if (!name || !((*name >= 'a' && *name <= 'z') || (*name >= 'A' && *name <= 'Z')))
	{
		return false;
	}
	for (const char* p = name; *p; p++)
	{
		bool in_range = (*p >= 'a' && *p <= 'z') || (*p >= 'A' && *p <= 'Z') || (*p >= '0' && *p <= '9');
		if (!in_range)
		{
			return false;
		}
	}
	return true;
}

static const char* _make_session_jwt(JSContext* context, tf_ssb_t* ssb, const char* name)
{
	if (!name || !*name)
	{
		return NULL;
	}

	uv_timespec64_t now = { 0 };
	uv_clock_gettime(UV_CLOCK_REALTIME, &now);

	const char* header_json = "{\"alg\":\"HS256\",\"typ\":\"JWT\"}";
	char header_base64[256];
	sodium_bin2base64(header_base64, sizeof(header_base64), (uint8_t*)header_json, strlen(header_json), sodium_base64_VARIANT_URLSAFE_NO_PADDING);

	JSValue payload = JS_NewObject(context);
	JS_SetPropertyStr(context, payload, "name", JS_NewString(context, name));
	JS_SetPropertyStr(context, payload, "exp", JS_NewInt64(context, now.tv_sec * 1000 + now.tv_nsec / 1000000LL + k_refresh_interval));
	JSValue payload_json = JS_JSONStringify(context, payload, JS_NULL, JS_NULL);
	size_t payload_length = 0;
	const char* payload_string = JS_ToCStringLen(context, &payload_length, payload_json);
	char payload_base64[256];
	sodium_bin2base64(payload_base64, sizeof(payload_base64), (uint8_t*)payload_string, payload_length, sodium_base64_VARIANT_URLSAFE_NO_PADDING);

	char* result = NULL;
	uint8_t signature[crypto_sign_BYTES];
	unsigned long long signature_length = 0;
	char signature_base64[256] = { 0 };

	uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };
	tf_ssb_get_private_key(ssb, private_key, sizeof(private_key));

	if (crypto_sign_detached(signature, &signature_length, (const uint8_t*)payload_base64, strlen(payload_base64), private_key) == 0)
	{
		sodium_bin2base64(signature_base64, sizeof(signature_base64), signature, sizeof(signature), sodium_base64_VARIANT_URLSAFE_NO_PADDING);
		size_t size = strlen(header_base64) + 1 + strlen(payload_base64) + 1 + strlen(signature_base64) + 1;
		result = tf_malloc(size);
		snprintf(result, size, "%s.%s.%s", header_base64, payload_base64, signature_base64);
	}
	sodium_memzero(private_key, sizeof(private_key));

	JS_FreeCString(context, payload_string);
	JS_FreeValue(context, payload_json);
	JS_FreeValue(context, payload);

	return result;
}

static bool _verify_password(const char* password, const char* hash)
{
	char buffer[7 + 22 + 31 + 1];
	const char* out_hash = crypt_rn(password, hash, buffer, sizeof(buffer));
	return out_hash && strcmp(hash, out_hash) == 0;
}

static bool _make_administrator_if_first(tf_ssb_t* ssb, JSContext* context, const char* account_name_copy, bool may_become_first_admin)
{
	const char* settings = tf_ssb_db_get_property(ssb, "core", "settings");
	JSValue settings_value = settings && *settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
	if (JS_IsUndefined(settings_value))
	{
		settings_value = JS_NewObject(context);
	}

	bool have_administrator = false;
	JSValue permissions = JS_GetPropertyStr(context, settings_value, "permissions");

	JSPropertyEnum* ptab = NULL;
	uint32_t plen = 0;
	JS_GetOwnPropertyNames(context, &ptab, &plen, permissions, JS_GPN_STRING_MASK);
	for (int i = 0; i < (int)plen; i++)
	{
		JSPropertyDescriptor desc = { 0 };
		if (JS_GetOwnProperty(context, &desc, permissions, ptab[i].atom) == 1)
		{
			int permission_length = tf_util_get_length(context, desc.value);
			for (int i = 0; i < permission_length; i++)
			{
				JSValue entry = JS_GetPropertyUint32(context, desc.value, i);
				const char* permission = JS_ToCString(context, entry);
				if (permission && strcmp(permission, "administration") == 0)
				{
					have_administrator = true;
				}
				JS_FreeCString(context, permission);
				JS_FreeValue(context, entry);
			}
			JS_FreeValue(context, desc.setter);
			JS_FreeValue(context, desc.getter);
			JS_FreeValue(context, desc.value);
		}
	}
	for (uint32_t i = 0; i < plen; ++i)
	{
		JS_FreeAtom(context, ptab[i].atom);
	}
	js_free(context, ptab);

	if (!have_administrator && may_become_first_admin)
	{
		if (JS_IsUndefined(permissions))
		{
			permissions = JS_NewObject(context);
			JS_SetPropertyStr(context, settings_value, "permissions", JS_DupValue(context, permissions));
		}
		JSValue user = JS_GetPropertyStr(context, permissions, account_name_copy);
		if (JS_IsUndefined(user))
		{
			user = JS_NewArray(context);
			JS_SetPropertyStr(context, permissions, account_name_copy, JS_DupValue(context, user));
		}
		JS_SetPropertyUint32(context, user, tf_util_get_length(context, user), JS_NewString(context, "administration"));
		JS_FreeValue(context, user);

		JSValue settings_json = JS_JSONStringify(context, settings_value, JS_NULL, JS_NULL);
		const char* settings_string = JS_ToCString(context, settings_json);
		tf_ssb_db_set_property(ssb, "core", "settings", settings_string);
		JS_FreeCString(context, settings_string);
		JS_FreeValue(context, settings_json);
	}

	JS_FreeValue(context, permissions);
	JS_FreeValue(context, settings_value);
	tf_free((void*)settings);
	return have_administrator;
}

static void _httpd_endpoint_login_work(tf_ssb_t* ssb, void* user_data)
{
	login_request_t* login = user_data;
	tf_http_request_t* request = login->request;

	JSMallocFunctions funcs = { 0 };
	tf_get_js_malloc_functions(&funcs);
	JSRuntime* runtime = JS_NewRuntime2(&funcs, NULL);
	JSContext* context = JS_NewContext(runtime);

	const char* session = tf_http_get_cookie(tf_http_request_get_header(request, "cookie"), "session");
	const char** form_data = _form_data_decode(request->query, request->query ? strlen(request->query) : 0);
	const char* account_name_copy = NULL;
	JSValue jwt = _authenticate_jwt(ssb, context, session);

	if (_session_is_authenticated_as_user(context, jwt))
	{
		const char* return_url = _form_data_get(form_data, "return");
		if (return_url)
		{
			tf_string_set(login->location_header, sizeof(login->location_header), return_url);
		}
		else
		{
			snprintf(login->location_header, sizeof(login->location_header), "%s%s/", request->is_tls ? "https://" : "http://", tf_http_request_get_header(request, "host"));
		}
		goto done;
	}

	const char* send_session = tf_strdup(session);
	bool session_is_new = false;
	const char* login_error = NULL;
	bool may_become_first_admin = false;
	if (strcmp(request->method, "POST") == 0)
	{
		session_is_new = true;
		const char** post_form_data = _form_data_decode(request->body, request->content_length);
		const char* submit = _form_data_get(post_form_data, "submit");
		if (submit && strcmp(submit, "Login") == 0)
		{
			const char* account_name = _form_data_get(post_form_data, "name");
			account_name_copy = tf_strdup(account_name);
			const char* password = _form_data_get(post_form_data, "password");
			const char* new_password = _form_data_get(post_form_data, "new_password");
			const char* confirm = _form_data_get(post_form_data, "confirm");
			const char* change = _form_data_get(post_form_data, "change");
			const char* form_register = _form_data_get(post_form_data, "register");
			char account_passwd[256] = { 0 };
			bool have_account = tf_ssb_db_get_account_password_hash(ssb, _form_data_get(post_form_data, "name"), account_passwd, sizeof(account_passwd));

			if (form_register && strcmp(form_register, "1") == 0)
			{
				bool registered = false;
				if (!_is_name_valid(account_name))
				{
					login_error = "Invalid username.  Usernames must contain only letters from the English alphabet and digits and must start with a letter.";
				}
				else
				{
					if (!have_account && _is_name_valid(account_name) && password && confirm && strcmp(password, confirm) == 0)
					{
						sqlite3* db = tf_ssb_acquire_db_writer(ssb);
						registered = tf_ssb_db_register_account(tf_ssb_get_loop(ssb), db, context, account_name, password);
						tf_ssb_release_db_writer(ssb, db);
						if (registered)
						{
							tf_free((void*)send_session);
							send_session = _make_session_jwt(context, ssb, account_name);
							may_become_first_admin = true;
						}
					}
				}
				if (!registered && !login_error)
				{
					login_error = "Error registering account.";
				}
			}
			else if (change && strcmp(change, "1") == 0)
			{
				bool set = false;
				if (have_account && _is_name_valid(account_name) && new_password && confirm && strcmp(new_password, confirm) == 0 && _verify_password(password, account_passwd))
				{
					sqlite3* db = tf_ssb_acquire_db_writer(ssb);
					set = tf_ssb_db_set_account_password(tf_ssb_get_loop(ssb), db, context, account_name, new_password);
					tf_ssb_release_db_writer(ssb, db);
					if (set)
					{
						tf_free((void*)send_session);
						send_session = _make_session_jwt(context, ssb, account_name);
					}
				}
				if (!set)
				{
					login_error = "Error changing password.";
				}
			}
			else
			{
				if (have_account && *account_passwd && _verify_password(password, account_passwd))
				{
					tf_free((void*)send_session);
					send_session = _make_session_jwt(context, ssb, account_name);
					may_become_first_admin = true;
				}
				else
				{
					login_error = "Invalid username or password.";
				}
			}
		}
		else
		{
			tf_free((void*)send_session);
			send_session = _make_session_jwt(context, ssb, "guest");
		}
		tf_free(post_form_data);
	}

	bool have_administrator = _make_administrator_if_first(ssb, context, account_name_copy, may_become_first_admin);

	if (session_is_new && _form_data_get(form_data, "return") && !login_error)
	{
		const char* return_url = _form_data_get(form_data, "return");
		if (return_url)
		{
			tf_string_set(login->location_header, sizeof(login->location_header), return_url);
		}
		else
		{
			snprintf(login->location_header, sizeof(login->location_header), "%s%s/", request->is_tls ? "https://" : "http://", tf_http_request_get_header(request, "host"));
		}
		login->set_cookie_header = _make_set_session_cookie_header(request, send_session);
		tf_free((void*)send_session);
	}
	else
	{

		login->name = account_name_copy;
		login->error = login_error;
		login->set_cookie_header = _make_set_session_cookie_header(request, send_session);
		tf_free((void*)send_session);
		login->session_is_new = session_is_new;
		login->have_administrator = have_administrator;
		login->settings = tf_ssb_db_get_property(ssb, "core", "settings");

		if (login->settings)
		{
			JSValue settings_value = JS_ParseJSON(context, login->settings, strlen(login->settings), NULL);
			JSValue code_of_conduct_value = JS_GetPropertyStr(context, settings_value, "code_of_conduct");
			const char* code_of_conduct = JS_ToCString(context, code_of_conduct_value);
			const char* result = tf_strdup(code_of_conduct);
			JS_FreeCString(context, code_of_conduct);
			JS_FreeValue(context, code_of_conduct_value);
			JS_FreeValue(context, settings_value);
			tf_free((void*)login->settings);
			login->settings = NULL;
			login->code_of_conduct = result;
		}

		login->pending++;
		tf_http_request_ref(request);
		tf_file_read(login->request->user_data, "core/auth.html", _httpd_endpoint_login_file_read_callback, login);

		account_name_copy = NULL;
	}

done:
	tf_free((void*)session);
	tf_free(form_data);
	tf_free((void*)account_name_copy);
	JS_FreeValue(context, jwt);

	JS_FreeContext(context);
	JS_FreeRuntime(runtime);
}

static void _httpd_endpoint_login_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	login_request_t* login = user_data;
	tf_http_request_t* request = login->request;
	if (login->pending == 1)
	{
		if (*login->location_header)
		{
			const char* headers[] = {
				"Location",
				login->location_header,
				"Set-Cookie",
				login->set_cookie_header ? login->set_cookie_header : "",
			};
			tf_http_respond(request, 303, headers, tf_countof(headers) / 2, NULL, 0);
		}
	}
	tf_http_request_unref(request);
	_login_release(login);
}

static void _httpd_endpoint_login(tf_http_request_t* request)
{
	tf_task_t* task = request->user_data;
	tf_http_request_ref(request);

	tf_ssb_t* ssb = tf_task_get_ssb(task);
	login_request_t* login = tf_malloc(sizeof(login_request_t));
	*login = (login_request_t) {
		.request = request,
	};
	login->pending++;
	tf_ssb_run_work(ssb, _httpd_endpoint_login_work, _httpd_endpoint_login_after_work, login);
}

static void _httpd_endpoint_logout(tf_http_request_t* request)
{
	const char* k_set_cookie = request->is_tls ? "session=; path=/; Secure; SameSite=Strict; expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly"
											   : "session=; path=/; SameSite=Strict; expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly";
	const char* k_location_format = "/login%s%s";
	int length = snprintf(NULL, 0, k_location_format, request->query ? "?" : "", request->query);
	char* location = alloca(length + 1);
	snprintf(location, length + 1, k_location_format, request->query ? "?" : "", request->query ? request->query : "");
	const char* headers[] = {
		"Set-Cookie",
		k_set_cookie,
		"Location",
		location,
	};
	tf_http_respond(request, 303, headers, tf_countof(headers) / 2, NULL, 0);
}

typedef struct _auto_login_t
{
	tf_http_request_t* request;
	bool autologin;
	const char* users;
} auto_login_t;

static void _httpd_auto_login_work(tf_ssb_t* ssb, void* user_data)
{
	auto_login_t* request = user_data;
	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
	tf_ssb_db_get_global_setting_bool(db, "autologin", &request->autologin);
	tf_ssb_release_db_reader(ssb, db);

	if (request->autologin)
	{
		request->users = tf_ssb_db_get_property(ssb, "auth", "users");
		if (request->users && strcmp(request->users, "[]") == 0)
		{
			tf_free((void*)request->users);
			request->users = NULL;
		}

		if (!request->users)
		{
			JSMallocFunctions funcs = { 0 };
			tf_get_js_malloc_functions(&funcs);
			JSRuntime* runtime = JS_NewRuntime2(&funcs, NULL);
			JSContext* context = JS_NewContext(runtime);
			static const char* k_account_name = "mobile";
			sqlite3* db = tf_ssb_acquire_db_writer(ssb);
			bool registered = tf_ssb_db_register_account(tf_ssb_get_loop(ssb), db, context, k_account_name, k_account_name);
			tf_ssb_release_db_writer(ssb, db);
			if (registered)
			{
				_make_administrator_if_first(ssb, context, k_account_name, true);
			}
			JS_FreeContext(context);
			JS_FreeRuntime(runtime);

			request->users = tf_ssb_db_get_property(ssb, "auth", "users");
		}
	}
}

static void _httpd_auto_login_after_work(tf_ssb_t* ssb, int status, void* user_data)
{
	auto_login_t* work = user_data;
	JSContext* context = tf_ssb_get_context(ssb);
	const char* session_token = NULL;
	if (!work->autologin)
	{
		const char* k_payload = tf_http_status_text(404);
		tf_http_respond(work->request, 404, NULL, 0, k_payload, strlen(k_payload));
	}
	else
	{
		if (work->users)
		{
			JSValue json = JS_ParseJSON(context, work->users, strlen(work->users), NULL);
			JSValue user = JS_GetPropertyUint32(context, json, 0);
			const char* user_string = JS_ToCString(context, user);
			session_token = _make_session_jwt(context, ssb, user_string);
			JS_FreeCString(context, user_string);
			JS_FreeValue(context, user);
			JS_FreeValue(context, json);
		}
		if (session_token)
		{
			const char* cookie = _make_set_session_cookie_header(work->request, session_token);
			tf_free((void*)session_token);
			const char* headers[] = {
				"Set-Cookie",
				cookie,
				"Location",
				"/",
			};
			tf_http_respond(work->request, 303, headers, tf_countof(headers) / 2, NULL, 0);
			tf_free((void*)cookie);
		}
		else
		{
			const char* headers[] = {
				"Location",
				"/",
			};
			tf_http_respond(work->request, 303, headers, tf_countof(headers) / 2, NULL, 0);
		}
	}
	tf_http_request_unref(work->request);
	tf_free((void*)work->users);
	tf_free(work);
}

static void _httpd_endpoint_login_auto(tf_http_request_t* request)
{
	tf_task_t* task = request->user_data;
	tf_http_request_ref(request);
	tf_ssb_t* ssb = tf_task_get_ssb(task);

	auto_login_t* work = tf_malloc(sizeof(auto_login_t));
	*work = (auto_login_t) { .request = request };
	tf_ssb_run_work(ssb, _httpd_auto_login_work, _httpd_auto_login_after_work, work);
}

static void _httpd_endpoint_app_socket(tf_http_request_t* request)
{
	tf_task_t* task = request->user_data;
	tf_ssb_t* ssb = tf_task_get_ssb(task);

	JSContext* context = tf_ssb_get_context(ssb);
	JSValue global = JS_GetGlobalObject(context);
	JSValue exports = JS_GetPropertyStr(context, global, "exports");
	JSValue app_socket = JS_GetPropertyStr(context, exports, "app_socket");

	JSValue request_object = JS_NewObject(context);
	JSValue headers = JS_NewObject(context);
	for (int i = 0; i < request->headers_count; i++)
	{
		JS_SetPropertyStr(context, headers, request->headers[i].name, JS_NewString(context, request->headers[i].value));
	}
	JS_SetPropertyStr(context, request_object, "headers", headers);

	JSValue response = _httpd_make_response_object(context, request);
	tf_http_request_ref(request);

	JSValue args[] = {
		request_object,
		response,
	};

	JSValue result = JS_Call(context, app_socket, JS_NULL, tf_countof(args), args);
	tf_util_report_error(context, result);
	JS_FreeValue(context, result);

	for (int i = 0; i < tf_countof(args); i++)
	{
		JS_FreeValue(context, args[i]);
	}

	JS_FreeValue(context, app_socket);
	JS_FreeValue(context, exports);
	JS_FreeValue(context, global);
}

static void _httpd_free_user_data(void* user_data)
{
	tf_free(user_data);
}

static const char* _httpd_read_file(tf_task_t* task, const char* path)
{
	const char* actual = tf_task_get_path_with_root(task, path);
	const size_t k_max_read = 8 * 1024 * 1024;
	char* result = NULL;
	char* buffer = tf_malloc(k_max_read);
	FILE* file = fopen(actual, "rb");
	if (file)
	{
		size_t size = fread(buffer, 1, k_max_read, file);
		result = tf_malloc(size + 1);
		memcpy(result, buffer, size);
		result[size] = '\0';
		fclose(file);
	}
	tf_free(buffer);
	tf_free((char*)actual);
	return result;
}

void tf_httpd_register(JSContext* context)
{
	JS_NewClassID(&_httpd_request_class_id);
	JSClassDef request_def = {
		.class_name = "Request",
		.finalizer = &_httpd_request_finalizer,
	};
	if (JS_NewClass(JS_GetRuntime(context), _httpd_request_class_id, &request_def) != 0)
	{
		fprintf(stderr, "Failed to register Request.\n");
	}

	JSValue global = JS_GetGlobalObject(context);
	JSValue httpd = JS_NewObject(context);
	JS_SetPropertyStr(context, httpd, "auth_query", JS_NewCFunction(context, _httpd_auth_query, "auth_query", 1));
	JS_SetPropertyStr(context, global, "httpd", httpd);
	JS_FreeValue(context, global);
}

tf_http_t* tf_httpd_create(JSContext* context)
{
	tf_task_t* task = tf_task_get(context);
	tf_ssb_t* ssb = tf_task_get_ssb(task);
	uv_loop_t* loop = tf_task_get_loop(task);
	tf_http_t* http = tf_http_create(loop);
	tf_http_set_trace(http, tf_task_get_trace(task));

	int64_t http_port = 0;
	int64_t https_port = 0;
	char out_http_port_file[512] = "";
	bool local_only = false;
	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
	tf_ssb_db_get_global_setting_int64(db, "http_port", &http_port);
	tf_ssb_db_get_global_setting_int64(db, "https_port", &https_port);
	tf_ssb_db_get_global_setting_string(db, "out_http_port_file", out_http_port_file, sizeof(out_http_port_file));
	tf_ssb_db_get_global_setting_bool(db, "http_local_only", &local_only);
	tf_ssb_release_db_reader(ssb, db);

	if (https_port)
	{
		http_user_data_t* user_data = tf_http_get_user_data(http);
		if (!user_data)
		{
			user_data = tf_malloc(sizeof(http_user_data_t));
			memset(user_data, 0, sizeof(http_user_data_t));
			tf_http_set_user_data(http, user_data, _httpd_free_user_data);
		}
		sqlite3* db = tf_ssb_acquire_db_reader(ssb);
		tf_ssb_db_get_global_setting_string(db, "http_redirect", user_data->redirect, sizeof(user_data->redirect));
		tf_ssb_release_db_reader(ssb, db);

		/* Workaround. */
		if (strcmp(user_data->redirect, "0") == 0)
		{
			*user_data->redirect = '\0';
		}
	}

	tf_http_add_handler(http, "/", _httpd_endpoint_root, NULL, task);
	tf_http_add_handler(http, "/codemirror/*", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/lit/*", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/prettier/*", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/speedscope/*", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/static/*", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/.well-known/*", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/&*.sha256", _httpd_endpoint_add_slash, NULL, task);
	tf_http_add_handler(http, "/&*.sha256/", _httpd_endpoint_static, NULL, task);
	tf_http_add_handler(http, "/&*.sha256/view", _httpd_endpoint_view, NULL, task);
	tf_http_add_handler(http, "/&*.sha256/*", _httpd_endpoint_app_blob, NULL, task);
	tf_http_add_handler(http, "/~{word}/{word}", _httpd_endpoint_add_slash, NULL, task);
	tf_http_add_handler(http, "/~{word}/{word}/", _httpd_endpoint_app_index, NULL, task);
	tf_http_add_handler(http, "/~{word}/{word}/save", _httpd_endpoint_save, NULL, task);
	tf_http_add_handler(http, "/~{word}/{word}/delete", _httpd_endpoint_delete, NULL, task);
	tf_http_add_handler(http, "/~{word}/{word}/view", _httpd_endpoint_view, NULL, task);
	tf_http_add_handler(http, "/~{word}/{word}/*", _httpd_endpoint_app_blob, NULL, task);
	tf_http_add_handler(http, "/save", _httpd_endpoint_save, NULL, task);

	tf_http_add_handler(http, "/robots.txt", _httpd_endpoint_robots_txt, NULL, NULL);
	tf_http_add_handler(http, "/debug", _httpd_endpoint_debug, NULL, task);
	tf_http_add_handler(http, "/mem", _httpd_endpoint_mem, NULL, task);
	tf_http_add_handler(http, "/trace", _httpd_endpoint_trace, NULL, task);

	tf_http_add_handler(http, "/login/logout", _httpd_endpoint_logout, NULL, task);
	tf_http_add_handler(http, "/login/auto", _httpd_endpoint_login_auto, NULL, task);
	tf_http_add_handler(http, "/login", _httpd_endpoint_login, NULL, task);

	tf_http_add_handler(http, "/app/socket", _httpd_endpoint_app_socket, NULL, task);

	if (http_port > 0 || *out_http_port_file)
	{
		httpd_listener_t* listener = tf_malloc(sizeof(httpd_listener_t));
		*listener = (httpd_listener_t) { 0 };
		int assigned_port = tf_http_listen(http, http_port, local_only, NULL, _httpd_listener_cleanup, listener);
		tf_printf(CYAN "~😎 Tilde Friends" RESET " " YELLOW VERSION_NUMBER RESET " is now up at " MAGENTA "http://127.0.0.1:%d/" RESET ".\n", assigned_port);

		if (*out_http_port_file)
		{
			const char* actual_http_port_file = tf_task_get_path_with_root(task, out_http_port_file);
			FILE* file = fopen(actual_http_port_file, "wb");
			if (file)
			{
				fprintf(file, "%d", assigned_port);
				fclose(file);
				tf_printf("Wrote the port file: %s.\n", out_http_port_file);
			}
			else
			{
				tf_printf("Failed to open %s for write: %s.\n", out_http_port_file, strerror(errno));
			}
			tf_free((char*)actual_http_port_file);
		}

		if (https_port)
		{
			const char* k_certificate = "data/httpd/certificate.pem";
			const char* k_private_key = "data/httpd/privatekey.pem";
			const char* certificate = _httpd_read_file(task, k_certificate);
			const char* private_key = _httpd_read_file(task, k_private_key);
			if (certificate && private_key)
			{
				tf_tls_context_t* tls = tf_tls_context_create();
				tf_tls_context_set_certificate(tls, certificate);
				tf_tls_context_set_private_key(tls, private_key);
				httpd_listener_t* listener = tf_malloc(sizeof(httpd_listener_t));
				*listener = (httpd_listener_t) { .tls = tls };
				int assigned_port = tf_http_listen(http, https_port, local_only, tls, _httpd_listener_cleanup, listener);
				tf_printf(CYAN "~😎 Tilde Friends" RESET " " YELLOW VERSION_NUMBER RESET " is now up at " MAGENTA "https://127.0.0.1:%d/" RESET ".\n", assigned_port);
			}
			tf_free((char*)certificate);
			tf_free((char*)private_key);
		}
	}
	return http;
}

void tf_httpd_destroy(tf_http_t* http)
{
	tf_http_destroy(http);
}