Mercurial > gemma

annotate pkg/controllers/token.go @ 960:e23ae2c83427

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Load boundary polygon of sounding result from ZIP file.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Wed, 17 Oct 2018 12:23:39 +0200
parents d9dbb6139760
children 7934b5c1a910
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
226
63dd5216eee4 Refactored gemma server to be more REST-like.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 206
diff changeset
1 package controllers
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
2
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
3 import (
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
4 "encoding/json"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
5 "fmt"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
6 "log"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
7 "net/http"
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
8
414
c1047fd04a3a Moved project specific Go packages to new pkg folder.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 333
diff changeset
9 "gemma.intevation.de/gemma/pkg/auth"
442
fc37e7072022 Moved some models used in controllers to to model package because they may be needed elsewhere (e.g. GeoServer config).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 425
diff changeset
10 "gemma.intevation.de/gemma/pkg/models"
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
11 )
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
12
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
13 func sendJSON(rw http.ResponseWriter, data interface{}) {
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
14 rw.Header().Set("Content-Type", "application/json")
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
15 if err := json.NewEncoder(rw).Encode(data); err != nil {
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
16 log.Printf("error: %v\n", err)
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
17 }
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
18 }
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
19
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
20 func renew(rw http.ResponseWriter, req *http.Request) {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
21 token, _ := auth.GetToken(req)
493
8a0737aa6ab6 The connection pool is now only a session store.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 484
diff changeset
22 newToken, err := auth.Sessions.Renew(token)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
23 switch {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
24 case err == auth.ErrNoSuchToken:
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
25 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
26 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
27 case err != nil:
536
d9dbb6139760 Log errors in JSON handler and login controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 512
diff changeset
28 log.Printf("error: %v\n", err)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
29 http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
30 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
31 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
32
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
33 session, _ := auth.GetSession(req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
34
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
35 var result = struct {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
36 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
37 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
38 User string `json:"user"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
39 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
40 }{
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
41 Token: newToken,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
42 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
43 User: session.User,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
44 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
45 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
46
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
47 sendJSON(rw, &result)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
48 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
49
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
50 func logout(rw http.ResponseWriter, req *http.Request) {
484
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
51 token, ok := auth.GetToken(req)
493
8a0737aa6ab6 The connection pool is now only a session store.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 484
diff changeset
52 if !ok || !auth.Sessions.Delete(token) {
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
53 http.NotFound(rw, req)
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
54 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
55 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
56 rw.Header().Set("Content-Type", "text/plain")
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
57 fmt.Fprintln(rw, "token deleted")
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
58 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
59
231
694f959ba3e7 Fixed bad route to /logout controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 226
diff changeset
60 func login(rw http.ResponseWriter, req *http.Request) {
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
61
484
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
62 var input struct {
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
63 User models.UserName `json:"user"`
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
64 Password string `json:"password"`
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
65 }
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
66 defer req.Body.Close()
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
67 if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
68 log.Printf("%v\n", err)
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
69 http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
70 return
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
71 }
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
72
484
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
73 if input.Password == "" {
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
74 http.Error(rw, "Invalid credentials", http.StatusBadRequest)
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
75 return
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
76 }
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
77
484
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
78 token, session, err := auth.GenerateSession(
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
79 string(input.User),
2ac37419f593 Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 442
diff changeset
80 input.Password)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
81 if err != nil {
536
d9dbb6139760 Log errors in JSON handler and login controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 512
diff changeset
82 log.Printf("error: %v\n", err)
512
7474e9922ed5 Don't tell what the reason is when login fails for database reasons.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 493
diff changeset
83 http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
84 return
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
85 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
86
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
87 var result = struct {
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
88 Token string `json:"token"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
89 Expires int64 `json:"expires"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
90 User string `json:"user"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
91 Roles []string `json:"roles"`
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
92 }{
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
93 Token: token,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
94 Expires: session.ExpiresAt,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
95 User: session.User,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
96 Roles: session.Roles,
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
97 }
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
98
286
a42f55ea0a20 Deduped some code. Don't allow empty user and empty password at login.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 231
diff changeset
99 sendJSON(rw, &result)
186
fe3a88f00b0a Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff changeset
100 }