Mercurial > gemma
annotate pkg/controllers/token.go @ 481:d68dfbe768e2
Merge example configuration and that used for docker backend
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 23 Aug 2018 18:50:32 +0200 |
parents | fc37e7072022 |
children | 2ac37419f593 |
rev | line source |
---|---|
226
63dd5216eee4
Refactored gemma server to be more REST-like.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
206
diff
changeset
|
1 package controllers |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
2 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
3 import ( |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
4 "encoding/json" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
5 "fmt" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
6 "log" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
7 "net/http" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
8 |
414
c1047fd04a3a
Moved project specific Go packages to new pkg folder.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
333
diff
changeset
|
9 "gemma.intevation.de/gemma/pkg/auth" |
442
fc37e7072022
Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
425
diff
changeset
|
10 "gemma.intevation.de/gemma/pkg/models" |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
11 ) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
12 |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
13 func sendJSON(rw http.ResponseWriter, data interface{}) { |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
14 rw.Header().Set("Content-Type", "application/json") |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
15 if err := json.NewEncoder(rw).Encode(data); err != nil { |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
16 log.Printf("error: %v\n", err) |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
17 } |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
18 } |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
19 |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
20 func renew(rw http.ResponseWriter, req *http.Request) { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
21 token, _ := auth.GetToken(req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
22 newToken, err := auth.ConnPool.Renew(token) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
23 switch { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
24 case err == auth.ErrNoSuchToken: |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
25 http.NotFound(rw, req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
26 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
27 case err != nil: |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
28 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
29 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
30 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
31 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
32 session, _ := auth.GetSession(req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
33 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
34 var result = struct { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
35 Token string `json:"token"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
36 Expires int64 `json:"expires"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
37 User string `json:"user"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
38 Roles []string `json:"roles"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
39 }{ |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
40 Token: newToken, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
41 Expires: session.ExpiresAt, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
42 User: session.User, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
43 Roles: session.Roles, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
44 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
45 |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
46 sendJSON(rw, &result) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
47 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
48 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
49 func logout(rw http.ResponseWriter, req *http.Request) { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
50 token, _ := auth.GetToken(req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
51 deleted := auth.ConnPool.Delete(token) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
52 if !deleted { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
53 http.NotFound(rw, req) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
54 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
55 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
56 rw.Header().Set("Content-Type", "text/plain") |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
57 fmt.Fprintln(rw, "token deleted") |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
58 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
59 |
231
694f959ba3e7
Fixed bad route to /logout controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
60 func login(rw http.ResponseWriter, req *http.Request) { |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
61 |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
62 var ( |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
63 user = req.FormValue("user") |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
64 password = req.FormValue("password") |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
65 ) |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
66 |
442
fc37e7072022
Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
425
diff
changeset
|
67 if !models.UserName(user).IsValid() || password == "" { |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
68 http.Error(rw, "Invalid credentials", http.StatusBadRequest) |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
69 return |
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
70 } |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
71 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
72 token, session, err := auth.GenerateSession(user, password) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
73 if err != nil { |
333
154e0f5bff0a
If logging in failed send Unauthorized to client.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
286
diff
changeset
|
74 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusUnauthorized) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
75 return |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
76 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
77 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
78 var result = struct { |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
79 Token string `json:"token"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
80 Expires int64 `json:"expires"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
81 User string `json:"user"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
82 Roles []string `json:"roles"` |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
83 }{ |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
84 Token: token, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
85 Expires: session.ExpiresAt, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
86 User: session.User, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
87 Roles: session.Roles, |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
88 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
89 |
286
a42f55ea0a20
Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
231
diff
changeset
|
90 sendJSON(rw, &result) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
91 } |