Remove dependency on django_markwhat and showdown

This simplifies deployments since django_markwhat has a tendency to
create conflicting requirements that makes upgrades harder. Showdown
doesn't have that problem, but this way we have a single defined
markdown process instead of having two subtly different ones.

Most of the code behind this adapted from the pgweb project that went
through this some months ago.

Fixes #72

1 files changed, 17 insertions, 0 deletions

diff --git a/postgresqleu/util/views.py b/postgresqleu/util/views.py
index 521fc331..6eb2300e 100644
--- a/postgresqleu/util/views.py
+++ b/postgresqleu/util/views.py
@@ -1,9 +1,26 @@
 from django.views.decorators.csrf import csrf_exempt
 from django.shortcuts import get_object_or_404
+from django.contrib.auth.decorators import login_required
+from django.http import HttpResponse, Http404
 
 from postgresqleu.confreg.models import MessagingProvider
 from postgresqleu.util.messaging import get_messaging
 from postgresqleu.util.messaging.twitter import process_twitter_webhook
+from postgresqleu.util.markup import pgmarkdown
+
+
+# Anybody logged in can do a markdown preview, since it's a safe operation
+# and this way we don't need any db access.
+@login_required
+@csrf_exempt
+def markdown_preview(request):
+    if request.method != 'POST':
+        return HttpResponse("POST only please", status=405)
+
+    if request.headers.get('x-preview', None) != 'md':
+        raise Http404()
+
+    return HttpResponse(pgmarkdown(request.body.decode('utf8', 'ignore')))
 
 
 @csrf_exempt