gemma: pkg/controllers/token.go annotate

annotate pkg/controllers/token.go @ 3678:8f58851927c0

client: make layer factory only return new layer config for individual maps instead of each time it is invoked. The purpose of the factory was to support multiple maps with individual layers. But returning a new config each time it is invoked leads to bugs that rely on the layer's state. Now this factory reuses the same objects it created before, per map.

author	Markus Kottlaender <markus@intevation.de>
date	Mon, 17 Jun 2019 17:31:35 +0200
parents	a244b18cb916
children	4f9a1ff2c2ee

rev	line source
1017 a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	1 // This is Free Software under GNU Affero General Public License v >= 3.0
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	2 // without warranty, see README.md and license for details.
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	3 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	4 // SPDX-License-Identifier: AGPL-3.0-or-later
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	5 // License-Filename: LICENSES/AGPL-3.0.txt
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	6 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	7 // Copyright (C) 2018 by via donau
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	8 // – Österreichische Wasserstraßen-Gesellschaft mbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	9 // Software engineering by Intevation GmbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	10 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	11 // Author(s):
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	12 // * Sascha L. Teichmann <sascha.teichmann@intevation.de>
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	13
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 206 diff changeset	14 package controllers
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	15
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	16 import (
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	17 "encoding/json"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	18 "fmt"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	19 "log"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	20 "net/http"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	21
414 c1047fd04a3a Moved project specific Go packages to new pkg folder. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 333 diff changeset	22 "gemma.intevation.de/gemma/pkg/auth"
442 fc37e7072022 Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 425 diff changeset	23 "gemma.intevation.de/gemma/pkg/models"
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	24 )
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	25
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	26 func renew(rw http.ResponseWriter, req *http.Request) {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	27 token, _ := auth.GetToken(req)
493 8a0737aa6ab6 The connection pool is now only a session store. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 484 diff changeset	28 newToken, err := auth.Sessions.Renew(token)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	29 switch {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	30 case err == auth.ErrNoSuchToken:
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	31 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	32 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	33 case err != nil:
536 d9dbb6139760 Log errors in JSON handler and login controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 512 diff changeset	34 log.Printf("error: %v\n", err)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	35 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	36 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	37 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	38
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	39 session, _ := auth.GetSession(req)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	40
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	41 var result = struct {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	42 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	43 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	44 User string `json:"user"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	45 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	46 }{
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	47 Token: newToken,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	48 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	49 User: session.User,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	50 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	51 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	52
979 7934b5c1a910 Finally enqueue sounding result import job to import jobs. Sascha L. Teichmann <teichmann@intevation.de> parents: 536 diff changeset	53 SendJSON(rw, http.StatusOK, &result)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	54 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	55
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	56 func logout(rw http.ResponseWriter, req *http.Request) {
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	57 token, ok := auth.GetToken(req)
493 8a0737aa6ab6 The connection pool is now only a session store. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 484 diff changeset	58 if !ok \|\| !auth.Sessions.Delete(token) {
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	59 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	60 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	61 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	62 rw.Header().Set("Content-Type", "text/plain")
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	63 fmt.Fprintln(rw, "token deleted")
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	64 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	65
231 694f959ba3e7 Fixed bad route to /logout controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 226 diff changeset	66 func login(rw http.ResponseWriter, req *http.Request) {
286 a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	67
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	68 var input struct {
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	69 User models.UserName `json:"user"`
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	70 Password string `json:"password"`
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	71 }
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	72 defer req.Body.Close()
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	73 if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	74 log.Printf("%v\n", err)
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	75 http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	76 return
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	77 }
286 a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	78
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	79 if input.Password == "" {
286 a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	80 http.Error(rw, "Invalid credentials", http.StatusBadRequest)
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	81 return
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	82 }
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	83
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	84 token, session, err := auth.GenerateSession(
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	85 string(input.User),
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	86 input.Password)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	87 if err != nil {
536 d9dbb6139760 Log errors in JSON handler and login controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 512 diff changeset	88 log.Printf("error: %v\n", err)
512 7474e9922ed5 Don't tell what the reason is when login fails for database reasons. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 493 diff changeset	89 http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	90 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	91 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	92
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	93 var result = struct {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	94 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	95 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	96 User string `json:"user"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	97 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	98 }{
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	99 Token: token,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	100 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	101 User: session.User,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	102 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	103 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	104
979 7934b5c1a910 Finally enqueue sounding result import job to import jobs. Sascha L. Teichmann <teichmann@intevation.de> parents: 536 diff changeset	105 SendJSON(rw, http.StatusCreated, &result)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	106 }

Mercurial > gemma

annotate pkg/controllers/token.go @ 3678:8f58851927c0