Mercurial > gemma
view pkg/controllers/token.go @ 5718:3d497077f888 uploadwg
Implemented direct file upload as alternative import method for WG.
For testing and data corrections it is useful to be able to import
waterway gauges data directly by uploading a xml file.
author | Sascha Wilde <wilde@sha-bang.de> |
---|---|
date | Thu, 18 Apr 2024 19:23:19 +0200 |
parents | 5f47eeea988d |
children |
line wrap: on
line source
// This is Free Software under GNU Affero General Public License v >= 3.0 // without warranty, see README.md and license for details. // // SPDX-License-Identifier: AGPL-3.0-or-later // License-Filename: LICENSES/AGPL-3.0.txt // // Copyright (C) 2018 by via donau // – Österreichische Wasserstraßen-Gesellschaft mbH // Software engineering by Intevation GmbH // // Author(s): // * Sascha L. Teichmann <sascha.teichmann@intevation.de> package controllers import ( "encoding/json" "fmt" "net/http" "gemma.intevation.de/gemma/pkg/auth" "gemma.intevation.de/gemma/pkg/models" "gemma.intevation.de/gemma/pkg/log" mw "gemma.intevation.de/gemma/pkg/middleware" ) func renew(rw http.ResponseWriter, req *http.Request) { token, _ := auth.GetToken(req) newToken, err := auth.Sessions.Renew(token) switch { case err == auth.ErrNoSuchToken: http.NotFound(rw, req) return case err != nil: log.Errorf("%v\n", err) http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) return } session, _ := auth.GetSession(req) var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: newToken, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } mw.SendJSON(rw, http.StatusOK, &result) } func logout(rw http.ResponseWriter, req *http.Request) { token, ok := auth.GetToken(req) if !ok || !auth.Sessions.Delete(token) { http.NotFound(rw, req) return } rw.Header().Set("Content-Type", "text/plain") fmt.Fprintln(rw, "token deleted") } func login(rw http.ResponseWriter, req *http.Request) { var input struct { User models.UserName `json:"user"` Password string `json:"password"` } defer req.Body.Close() if err := json.NewDecoder(req.Body).Decode(&input); err != nil { log.Errorf("%v\n", err) http.Error(rw, "error: "+err.Error(), http.StatusBadRequest) return } if input.Password == "" { http.Error(rw, "Invalid credentials", http.StatusBadRequest) return } token, session, err := auth.GenerateSession( string(input.User), input.Password) if err != nil { log.Errorf("%v\n", err) http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: token, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } go deletePasswordResetRequest(session.User) mw.SendJSON(rw, http.StatusCreated, &result) }