Mercurial > gemma
diff cmd/tokenserver/main.go @ 128:441a8ee637c5
Added claims checker + example.
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Thu, 28 Jun 2018 16:13:58 +0200 |
| parents | 44794c641277 |
| children | 0c56c56a1c44 |
line wrap: on
line diff
--- a/cmd/tokenserver/main.go Thu Jun 28 13:39:14 2018 +0200 +++ b/cmd/tokenserver/main.go Thu Jun 28 16:13:58 2018 +0200 @@ -10,6 +10,12 @@ "gemma.intevation.de/gemma/auth" ) +func sysAdmin(rw http.ResponseWriter, req *http.Request) { + claims, _ := auth.GetClaims(req) + rw.Header().Set("Content-Type", "text/plain") + fmt.Fprintf(rw, "%s is a sys_admin\n", claims.User) +} + func renew(rw http.ResponseWriter, req *http.Request) { token, _ := auth.GetToken(req) newToken, err := auth.ConnPool.Replace(token, auth.GenerateToken) @@ -60,6 +66,10 @@ mux.Handle("/", http.StripPrefix("/", http.FileServer(http.Dir(p)))) mux.HandleFunc("/api/token", token) mux.Handle("/api/logout", auth.JWTMiddleware(http.HandlerFunc(token))) + mux.Handle("/api/renew", auth.JWTMiddleware(http.HandlerFunc(renew))) + mux.Handle("/api/sys_admin", + auth.JWTMiddleware( + auth.ClaimsChecker(http.HandlerFunc(sysAdmin), auth.HasRole("sys_admin")))) addr := fmt.Sprintf("%s:%d", *host, *port) log.Fatalln(http.ListenAndServe(addr, mux))