Mercurial > gemma
annotate pkg/controllers/token.go @ 414:c1047fd04a3a
Moved project specific Go packages to new pkg folder.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Wed, 15 Aug 2018 17:30:50 +0200 |
parents | controllers/token.go@154e0f5bff0a |
children | c70ddc6eb168 |
rev | line source |
---|---|
226
63dd5216eee4
Refactored gemma server to be more REST-like.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
206
diff
changeset
|
1 package controllers |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
2 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
3 import ( |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
4 "encoding/json" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
5 "fmt" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
6 "log" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
7 "net/http" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
8 |
414
c1047fd04a3a
Moved project specific Go packages to new pkg folder.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
333
diff
changeset
|
9 "gemma.intevation.de/gemma/pkg/auth" |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
10 ) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
11 |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
12 func sendJSON(rw http.ResponseWriter, data interface{}) { |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
13 rw.Header().Set("Content-Type", "application/json") |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
14 if err := json.NewEncoder(rw).Encode(data); err != nil { |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
15 log.Printf("error: %v\n", err) |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
16 } |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
17 } |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
18 |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
19 func renew(rw http.ResponseWriter, req *http.Request) { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
20 token, _ := auth.GetToken(req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
21 newToken, err := auth.ConnPool.Renew(token) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
22 switch { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
23 case err == auth.ErrNoSuchToken: |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
24 http.NotFound(rw, req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
25 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
26 case err != nil: |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
27 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
28 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
29 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
30 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
31 session, _ := auth.GetSession(req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
32 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
33 var result = struct { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
34 Token string `json:"token"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
35 Expires int64 `json:"expires"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
36 User string `json:"user"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
37 Roles []string `json:"roles"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
38 }{ |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
39 Token: newToken, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
40 Expires: session.ExpiresAt, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
41 User: session.User, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
42 Roles: session.Roles, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
43 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
44 |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
45 sendJSON(rw, &result) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
46 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
47 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
48 func logout(rw http.ResponseWriter, req *http.Request) { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
49 token, _ := auth.GetToken(req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
50 deleted := auth.ConnPool.Delete(token) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
51 if !deleted { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
52 http.NotFound(rw, req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
53 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
54 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
55 rw.Header().Set("Content-Type", "text/plain") |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
56 fmt.Fprintln(rw, "token deleted") |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
57 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
58 |
231
694f959ba3e7
Fixed bad route to /logout controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
59 func login(rw http.ResponseWriter, req *http.Request) { |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
60 |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
61 var ( |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
62 user = req.FormValue("user") |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
63 password = req.FormValue("password") |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
64 ) |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
65 |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
66 if user == "" || password == "" { |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
67 http.Error(rw, "Invalid credentials", http.StatusBadRequest) |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
68 return |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
69 } |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
70 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
71 token, session, err := auth.GenerateSession(user, password) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
72 if err != nil { |
333
154e0f5bff0a
If logging in failed send Unauthorized to client.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
286
diff
changeset
|
73 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusUnauthorized) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
74 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
75 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
76 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
77 var result = struct { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
78 Token string `json:"token"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
79 Expires int64 `json:"expires"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
80 User string `json:"user"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
81 Roles []string `json:"roles"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
82 }{ |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
83 Token: token, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
84 Expires: session.ExpiresAt, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
85 User: session.User, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
86 Roles: session.Roles, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
87 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
88 |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
89 sendJSON(rw, &result) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
90 } |