Mercurial > gemma
view pkg/controllers/token.go @ 2317:8a8680e70d2e
Cleanup schema for reference water levels
Remove duplicate lookup table and leave an out-commented foreign key
constraint to make clear what should be referenced.
The removed comment in surveys.go mostly became obsolete and was
otherwise trying to explain SQL basics.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Mon, 18 Feb 2019 18:45:12 +0100 |
parents | a244b18cb916 |
children | 4f9a1ff2c2ee |
line wrap: on
line source
// This is Free Software under GNU Affero General Public License v >= 3.0 // without warranty, see README.md and license for details. // // SPDX-License-Identifier: AGPL-3.0-or-later // License-Filename: LICENSES/AGPL-3.0.txt // // Copyright (C) 2018 by via donau // – Österreichische Wasserstraßen-Gesellschaft mbH // Software engineering by Intevation GmbH // // Author(s): // * Sascha L. Teichmann <sascha.teichmann@intevation.de> package controllers import ( "encoding/json" "fmt" "log" "net/http" "gemma.intevation.de/gemma/pkg/auth" "gemma.intevation.de/gemma/pkg/models" ) func renew(rw http.ResponseWriter, req *http.Request) { token, _ := auth.GetToken(req) newToken, err := auth.Sessions.Renew(token) switch { case err == auth.ErrNoSuchToken: http.NotFound(rw, req) return case err != nil: log.Printf("error: %v\n", err) http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) return } session, _ := auth.GetSession(req) var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: newToken, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } SendJSON(rw, http.StatusOK, &result) } func logout(rw http.ResponseWriter, req *http.Request) { token, ok := auth.GetToken(req) if !ok || !auth.Sessions.Delete(token) { http.NotFound(rw, req) return } rw.Header().Set("Content-Type", "text/plain") fmt.Fprintln(rw, "token deleted") } func login(rw http.ResponseWriter, req *http.Request) { var input struct { User models.UserName `json:"user"` Password string `json:"password"` } defer req.Body.Close() if err := json.NewDecoder(req.Body).Decode(&input); err != nil { log.Printf("%v\n", err) http.Error(rw, "error: "+err.Error(), http.StatusBadRequest) return } if input.Password == "" { http.Error(rw, "Invalid credentials", http.StatusBadRequest) return } token, session, err := auth.GenerateSession( string(input.User), input.Password) if err != nil { log.Printf("error: %v\n", err) http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: token, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } SendJSON(rw, http.StatusCreated, &result) }