gemma: pkg/controllers/token.go annotate

annotate pkg/controllers/token.go @ 1017:a244b18cb916

Added GNU Affero General Public License. Adjusted the headers of the Go files to be AGPLv3.

author	Sascha L. Teichmann <sascha.teichmann@intevation.de>
date	Tue, 23 Oct 2018 18:15:14 +0200
parents	7934b5c1a910
children	4f9a1ff2c2ee

rev	line source
1017 a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	1 // This is Free Software under GNU Affero General Public License v >= 3.0
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	2 // without warranty, see README.md and license for details.
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	3 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	4 // SPDX-License-Identifier: AGPL-3.0-or-later
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	5 // License-Filename: LICENSES/AGPL-3.0.txt
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	6 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	7 // Copyright (C) 2018 by via donau
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	8 // – Österreichische Wasserstraßen-Gesellschaft mbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	9 // Software engineering by Intevation GmbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	10 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	11 // Author(s):
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	12 // * Sascha L. Teichmann <sascha.teichmann@intevation.de>
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 979 diff changeset	13
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 206 diff changeset	14 package controllers
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	15
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	16 import (
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	17 "encoding/json"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	18 "fmt"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	19 "log"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	20 "net/http"
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	21
414 c1047fd04a3a Moved project specific Go packages to new pkg folder. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 333 diff changeset	22 "gemma.intevation.de/gemma/pkg/auth"
442 fc37e7072022 Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 425 diff changeset	23 "gemma.intevation.de/gemma/pkg/models"
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	24 )
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	25
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	26 func renew(rw http.ResponseWriter, req *http.Request) {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	27 token, _ := auth.GetToken(req)
493 8a0737aa6ab6 The connection pool is now only a session store. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 484 diff changeset	28 newToken, err := auth.Sessions.Renew(token)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	29 switch {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	30 case err == auth.ErrNoSuchToken:
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	31 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	32 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	33 case err != nil:
536 d9dbb6139760 Log errors in JSON handler and login controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 512 diff changeset	34 log.Printf("error: %v\n", err)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	35 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	36 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	37 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	38
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	39 session, _ := auth.GetSession(req)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	40
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	41 var result = struct {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	42 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	43 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	44 User string `json:"user"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	45 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	46 }{
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	47 Token: newToken,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	48 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	49 User: session.User,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	50 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	51 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	52
979 7934b5c1a910 Finally enqueue sounding result import job to import jobs. Sascha L. Teichmann <teichmann@intevation.de> parents: 536 diff changeset	53 SendJSON(rw, http.StatusOK, &result)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	54 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	55
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	56 func logout(rw http.ResponseWriter, req *http.Request) {
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	57 token, ok := auth.GetToken(req)
493 8a0737aa6ab6 The connection pool is now only a session store. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 484 diff changeset	58 if !ok \|\| !auth.Sessions.Delete(token) {
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	59 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	60 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	61 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	62 rw.Header().Set("Content-Type", "text/plain")
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	63 fmt.Fprintln(rw, "token deleted")
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	64 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	65
231 694f959ba3e7 Fixed bad route to /logout controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 226 diff changeset	66 func login(rw http.ResponseWriter, req *http.Request) {
286 a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	67
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	68 var input struct {
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	69 User models.UserName `json:"user"`
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	70 Password string `json:"password"`
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	71 }
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	72 defer req.Body.Close()
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	73 if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	74 log.Printf("%v\n", err)
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	75 http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	76 return
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	77 }
286 a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	78
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	79 if input.Password == "" {
286 a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	80 http.Error(rw, "Invalid credentials", http.StatusBadRequest)
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	81 return
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 231 diff changeset	82 }
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	83
484 2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	84 token, session, err := auth.GenerateSession(
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	85 string(input.User),
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET). Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 442 diff changeset	86 input.Password)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	87 if err != nil {
536 d9dbb6139760 Log errors in JSON handler and login controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 512 diff changeset	88 log.Printf("error: %v\n", err)
512 7474e9922ed5 Don't tell what the reason is when login fails for database reasons. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 493 diff changeset	89 http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	90 return
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	91 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	92
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	93 var result = struct {
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	94 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	95 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	96 User string `json:"user"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	97 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	98 }{
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	99 Token: token,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	100 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	101 User: session.User,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	102 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	103 }
fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	104
979 7934b5c1a910 Finally enqueue sounding result import job to import jobs. Sascha L. Teichmann <teichmann@intevation.de> parents: 536 diff changeset	105 SendJSON(rw, http.StatusCreated, &result)
186 fe3a88f00b0a Experimental user creation support. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	106 }

Mercurial > gemma

annotate pkg/controllers/token.go @ 1017:a244b18cb916