Mercurial > gemma

view pkg/controllers/token.go @ 5490:5f47eeea988d logging

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Use own logging package.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Mon, 20 Sep 2021 17:45:39 +0200
parents 4394daeea96a
children
line wrap: on
line source

// This is Free Software under GNU Affero General Public License v >= 3.0
// without warranty, see README.md and license for details.
//
// SPDX-License-Identifier: AGPL-3.0-or-later
// License-Filename: LICENSES/AGPL-3.0.txt
//
// Copyright (C) 2018 by via donau
//   – Österreichische Wasserstraßen-Gesellschaft mbH
// Software engineering by Intevation GmbH
//
// Author(s):
//  * Sascha L. Teichmann <sascha.teichmann@intevation.de>

package controllers

import (
	"encoding/json"
	"fmt"
	"net/http"

	"gemma.intevation.de/gemma/pkg/auth"
	"gemma.intevation.de/gemma/pkg/models"

	"gemma.intevation.de/gemma/pkg/log"
	mw "gemma.intevation.de/gemma/pkg/middleware"
)

func renew(rw http.ResponseWriter, req *http.Request) {
	token, _ := auth.GetToken(req)
	newToken, err := auth.Sessions.Renew(token)
	switch {
	case err == auth.ErrNoSuchToken:
		http.NotFound(rw, req)
		return
	case err != nil:
		log.Errorf("%v\n", err)
		http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
		return
	}

	session, _ := auth.GetSession(req)

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   newToken,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	mw.SendJSON(rw, http.StatusOK, &result)
}

func logout(rw http.ResponseWriter, req *http.Request) {
	token, ok := auth.GetToken(req)
	if !ok || !auth.Sessions.Delete(token) {
		http.NotFound(rw, req)
		return
	}
	rw.Header().Set("Content-Type", "text/plain")
	fmt.Fprintln(rw, "token deleted")
}

func login(rw http.ResponseWriter, req *http.Request) {

	var input struct {
		User     models.UserName `json:"user"`
		Password string          `json:"password"`
	}
	defer req.Body.Close()
	if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
		log.Errorf("%v\n", err)
		http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
		return
	}

	if input.Password == "" {
		http.Error(rw, "Invalid credentials", http.StatusBadRequest)
		return
	}

	token, session, err := auth.GenerateSession(
		string(input.User),
		input.Password)
	if err != nil {
		log.Errorf("%v\n", err)
		http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
		return
	}

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   token,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	go deletePasswordResetRequest(session.User)

	mw.SendJSON(rw, http.StatusCreated, &result)
}