Mercurial > gemma
view controllers/routes.go @ 319:ac760b0f22a9
Add special role for password reset
As password reset is exposed without requiring a login, let this role
have privileges limited to reseting passwords, and only reseting passwords.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 02 Aug 2018 13:06:39 +0200 |
parents | 69e291f26bbd |
children | bd292a554b6e |
line wrap: on
line source
package controllers import ( "net/http" "gemma.intevation.de/gemma/auth" "github.com/gorilla/mux" ) func BindRoutes(m *mux.Router) { api := m.PathPrefix("/api").Subrouter() var ( sysAdmin = auth.EnsureRole("sys_admin") all = auth.EnsureRole("sys_admin", "waterway_admin", "waterway_user") ) api.Handle("/users", all(&JSONHandler{ Handle: listUsers, })).Methods(http.MethodGet) api.Handle("/users", sysAdmin(&JSONHandler{ Input: func() interface{} { return new(User) }, Handle: createUser, })).Methods(http.MethodPost) api.Handle("/users/{user}", all(&JSONHandler{ Handle: listUser, })).Methods(http.MethodGet) api.Handle("/users/{user}", all(&JSONHandler{ Input: func() interface{} { return new(User) }, Handle: updateUser, })).Methods(http.MethodPut) api.Handle("/users/{user}", sysAdmin(&JSONHandler{ Handle: deleteUser, })).Methods(http.MethodDelete) api.Handle("/users/passwordreset", &JSONHandler{ Input: func() interface{} { return new(PWResetUser) }, Handle: passwordResetRequest, }).Methods(http.MethodPost) api.Handle("/users/passwordreset/{hash}", &JSONHandler{ Handle: passwordReset, }).Methods(http.MethodGet) api.HandleFunc("/login", login). Methods(http.MethodGet, http.MethodPost) api.Handle("/logout", auth.SessionMiddleware(http.HandlerFunc(logout))). Methods(http.MethodGet, http.MethodPost) api.Handle("/renew", auth.SessionMiddleware(http.HandlerFunc(renew))). Methods(http.MethodGet, http.MethodPost) }