tenseleyflow/shithub / bcbbbbf

+	if err := h.d.Render.RenderPage(w, r, page, data); err != nil {

+	"github.com/tenseleyFlow/shithub/internal/web/middleware"

+	// Viewer + CSRFToken mirror the fields _nav.html branches on. Typed

+	// page-data structs must populate them explicitly — the renderer

+	// only auto-injects for map[string]any data.

+	Viewer    middleware.CurrentUser

+	CSRFToken string

+		Title:     "Welcome",

+		Version:   version.Version,

+		Commit:    version.Commit,

+		BuiltAt:   version.BuiltAt,

+		LogoSVG:   template.HTML(h.logoSVG), // #nosec G203 — embedded server-owned asset

+		Viewer:    middleware.CurrentUserFromContext(r.Context()),

+		CSRFToken: middleware.CSRFTokenForRequest(r),

+	if err := h.render.RenderPage(w, r, "hello", data); err != nil {

+	if err := h.d.Render.RenderPage(w, r, "profile/view", data); err != nil {

+	if err := h.d.Render.RenderPage(w, r, "profile/suspended", map[string]any{

+	if err := h.d.Render.RenderPage(w, r, "repo/new", map[string]any{

+//

+// Prefer RenderPage when a *http.Request is in scope — it auto-injects the

+// viewer (current logged-in user) into map data so partials like _nav.html

+// can branch on .Viewer without every handler remembering to thread it.

+// RenderPage is the request-aware Render: when data is a map[string]any, it

+// injects "Viewer" (from middleware.CurrentUserFromContext) and "CSRFToken"

+// (the per-request token) if the caller hasn't set them. The nav partial's

+// sign-out form uses the token, so every layout-rendered page needs it.

+// Typed-struct callers must include those fields themselves — we don't

+// reflect-mutate to avoid surprising aliasing.

+func (r *Renderer) RenderPage(w io.Writer, req *http.Request, name string, data any) error {

+	if m, ok := data.(map[string]any); ok {

+		if _, present := m["Viewer"]; !present {

+			m["Viewer"] = middleware.CurrentUserFromContext(req.Context())

+		}

+		if _, present := m["CSRFToken"]; !present {

+			m["CSRFToken"] = middleware.CSRFTokenForRequest(req)

+		}

+		data = m

+	}

+	return r.Render(w, name, data)

+}

+

+  align-items: center;

+}

+

+/* User-menu dropdown — uses native <details>/<summary> so it works without JS. */

+.shithub-user-menu { position: relative; }

+.shithub-user-menu > summary {

+  list-style: none;

+  display: inline-flex;

+  align-items: center;

+  gap: 0.5rem;

+  padding: 0.25rem 0.6rem;

+  border: 1px solid var(--border-default);

+  border-radius: 6px;

+  background: transparent;

+  cursor: pointer;

+  font-size: 0.875rem;

+  color: var(--fg-default);

+}

+.shithub-user-menu > summary::-webkit-details-marker { display: none; }

+.shithub-user-menu-avatar {

+  width: 24px;

+  height: 24px;

+  border-radius: 50%;

+  display: block;

+  background: var(--canvas-default);

+}

+.shithub-user-menu-name { font-weight: 500; }

+.shithub-user-menu-panel {

+  position: absolute;

+  right: 0;

+  top: calc(100% + 0.35rem);

+  min-width: 220px;

+  background: var(--canvas-default);

+  border: 1px solid var(--border-default);

+  border-radius: 6px;

+  padding: 0.4rem 0;

+  box-shadow: 0 8px 24px rgba(0, 0, 0, 0.12);

+  z-index: 50;

+  display: flex;

+  flex-direction: column;

+}

+.shithub-user-menu-header {

+  padding: 0.5rem 0.85rem;

+  font-size: 0.8rem;

+  color: var(--fg-muted);

+  border-bottom: 1px solid var(--border-default);

+  margin-bottom: 0.25rem;

+}

+.shithub-user-menu-panel a,

+.shithub-user-menu-signout button {

+  display: block;

+  text-align: left;

+  width: 100%;

+  padding: 0.45rem 0.85rem;

+  background: transparent;

+  border: 0;

+  color: var(--fg-default);

+  font-size: 0.875rem;

+  cursor: pointer;

+}

+.shithub-user-menu-panel a:hover,

+.shithub-user-menu-signout button:hover {

+  background: var(--canvas-subtle);

+  text-decoration: none;

+}

+.shithub-user-menu-signout { margin: 0; padding: 0; border-top: 1px solid var(--border-default); margin-top: 0.25rem; }

+

+.hello-greeting {

+  margin: 1rem auto 1.5rem;

+  padding: 0.85rem 1rem;

+  border: 1px solid var(--border-default);

+  border-radius: 6px;

+  background: var(--canvas-subtle);

+  max-width: 32rem;

+  text-align: left;

+.hello-greeting p { margin: 0 0 0.5rem; }

+.hello-quicklinks { display: flex; gap: 1rem; flex-wrap: wrap; font-size: 0.9rem; }

+  {{- if .Viewer.ID }}

+    <a href="/new" class="shithub-button shithub-button-ghost" title="New repository">+ New</a>

+    <details class="shithub-user-menu">

+      <summary aria-label="User menu" aria-haspopup="menu">

+        <img src="/avatars/{{ .Viewer.Username }}" alt="" class="shithub-user-menu-avatar" width="24" height="24">

+        <span class="shithub-user-menu-name">{{ .Viewer.Username }}</span>

+      </summary>

+      <div class="shithub-user-menu-panel" role="menu">

+        <div class="shithub-user-menu-header">

+          Signed in as <strong>@{{ .Viewer.Username }}</strong>

+        </div>

+        <a role="menuitem" href="/{{ .Viewer.Username }}">Your profile</a>

+        <a role="menuitem" href="/{{ .Viewer.Username }}?tab=repositories">Your repositories</a>

+        <a role="menuitem" href="/settings/profile">Settings</a>

+        <form method="POST" action="/logout" class="shithub-user-menu-signout">

+          <input type="hidden" name="csrf_token" value="{{ .CSRFToken }}">

+          <button type="submit" role="menuitem">Sign out</button>

+        </form>

+      </div>

+    </details>

+  {{- else }}

+  {{- end }}

+  {{ if .Viewer.ID }}

+  <div class="hello-greeting">

+    <p>Signed in as <strong>@{{ .Viewer.Username }}</strong>.</p>

+    <nav class="hello-quicklinks" aria-label="Account quick links">

+      <a href="/{{ .Viewer.Username }}">Your profile</a>

+      <a href="/new">New repository</a>

+      <a href="/settings/profile">Settings</a>

+    </nav>

+  </div>

+  {{ end }}

+