Mercurial > gemma

view pkg/controllers/token.go @ 5718:3d497077f888 uploadwg

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implemented direct file upload as alternative import method for WG. For testing and data corrections it is useful to be able to import waterway gauges data directly by uploading a xml file.
author Sascha Wilde <wilde@sha-bang.de>
date Thu, 18 Apr 2024 19:23:19 +0200
parents 5f47eeea988d
children
line wrap: on
line source

// This is Free Software under GNU Affero General Public License v >= 3.0
// without warranty, see README.md and license for details.
//
// SPDX-License-Identifier: AGPL-3.0-or-later
// License-Filename: LICENSES/AGPL-3.0.txt
//
// Copyright (C) 2018 by via donau
//   – Österreichische Wasserstraßen-Gesellschaft mbH
// Software engineering by Intevation GmbH
//
// Author(s):
//  * Sascha L. Teichmann <sascha.teichmann@intevation.de>

package controllers

import (
	"encoding/json"
	"fmt"
	"net/http"

	"gemma.intevation.de/gemma/pkg/auth"
	"gemma.intevation.de/gemma/pkg/models"

	"gemma.intevation.de/gemma/pkg/log"
	mw "gemma.intevation.de/gemma/pkg/middleware"
)

func renew(rw http.ResponseWriter, req *http.Request) {
	token, _ := auth.GetToken(req)
	newToken, err := auth.Sessions.Renew(token)
	switch {
	case err == auth.ErrNoSuchToken:
		http.NotFound(rw, req)
		return
	case err != nil:
		log.Errorf("%v\n", err)
		http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
		return
	}

	session, _ := auth.GetSession(req)

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   newToken,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	mw.SendJSON(rw, http.StatusOK, &result)
}

func logout(rw http.ResponseWriter, req *http.Request) {
	token, ok := auth.GetToken(req)
	if !ok || !auth.Sessions.Delete(token) {
		http.NotFound(rw, req)
		return
	}
	rw.Header().Set("Content-Type", "text/plain")
	fmt.Fprintln(rw, "token deleted")
}

func login(rw http.ResponseWriter, req *http.Request) {

	var input struct {
		User     models.UserName `json:"user"`
		Password string          `json:"password"`
	}
	defer req.Body.Close()
	if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
		log.Errorf("%v\n", err)
		http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
		return
	}

	if input.Password == "" {
		http.Error(rw, "Invalid credentials", http.StatusBadRequest)
		return
	}

	token, session, err := auth.GenerateSession(
		string(input.User),
		input.Password)
	if err != nil {
		log.Errorf("%v\n", err)
		http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
		return
	}

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   token,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	go deletePasswordResetRequest(session.User)

	mw.SendJSON(rw, http.StatusCreated, &result)
}