Mercurial > gemma

annotate pkg/controllers/token.go @ 481:d68dfbe768e2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge example configuration and that used for docker backend
author Tom Gottfried <tom@intevation.de>
date Thu, 23 Aug 2018 18:50:32 +0200
parents fc37e7072022
children 2ac37419f593
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
226
63dd5216eee4 Refactored gemma server to be more REST-like.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 206
diff changeset
1 package controllers
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
2
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
3 import (
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
4 "encoding/json"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
5 "fmt"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
6 "log"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
7 "net/http"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
8
414
c1047fd04a3a Moved project specific Go packages to new pkg folder.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 333
diff changeset
9 "gemma.intevation.de/gemma/pkg/auth"
442
fc37e7072022 Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 425
diff changeset
10 "gemma.intevation.de/gemma/pkg/models"
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
11 )
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
12
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
13 func sendJSON(rw http.ResponseWriter, data interface{}) {
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
14 rw.Header().Set("Content-Type", "application/json")
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
15 if err := json.NewEncoder(rw).Encode(data); err != nil {
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
16 log.Printf("error: %v\n", err)
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
17 }
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
18 }
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
19
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
20 func renew(rw http.ResponseWriter, req *http.Request) {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
21 token, _ := auth.GetToken(req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
22 newToken, err := auth.ConnPool.Renew(token)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
23 switch {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
24 case err == auth.ErrNoSuchToken:
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
25 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
26 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
27 case err != nil:
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
28 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
29 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
30 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
31
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
32 session, _ := auth.GetSession(req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
33
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
34 var result = struct {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
35 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
36 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
37 User string `json:"user"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
38 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
39 }{
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
40 Token: newToken,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
41 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
42 User: session.User,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
43 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
44 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
45
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
46 sendJSON(rw, &result)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
47 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
48
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
49 func logout(rw http.ResponseWriter, req *http.Request) {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
50 token, _ := auth.GetToken(req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
51 deleted := auth.ConnPool.Delete(token)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
52 if !deleted {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
53 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
54 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
55 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
56 rw.Header().Set("Content-Type", "text/plain")
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
57 fmt.Fprintln(rw, "token deleted")
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
58 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
59
231
694f959ba3e7 Fixed bad route to /logout controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 226
diff changeset
60 func login(rw http.ResponseWriter, req *http.Request) {
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
61
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
62 var (
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
63 user = req.FormValue("user")
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
64 password = req.FormValue("password")
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
65 )
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
66
442
fc37e7072022 Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 425
diff changeset
67 if !models.UserName(user).IsValid() || password == "" {
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
68 http.Error(rw, "Invalid credentials", http.StatusBadRequest)
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
69 return
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
70 }
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
71
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
72 token, session, err := auth.GenerateSession(user, password)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
73 if err != nil {
333
154e0f5bff0a If logging in failed send Unauthorized to client.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 286
diff changeset
74 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusUnauthorized)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
75 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
76 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
77
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
78 var result = struct {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
79 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
80 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
81 User string `json:"user"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
82 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
83 }{
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
84 Token: token,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
85 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
86 User: session.User,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
87 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
88 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
89
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
90 sendJSON(rw, &result)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
91 }