Mercurial > gemma

view pkg/controllers/token.go @ 3681:c9e1848a516a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Handle violation of responsibility areas graceful for BN import. As many others this is an error, which should only affect the specific bottleneck failing and not the whole import.
author Sascha Wilde <wilde@intevation.de>
date Tue, 18 Jun 2019 12:43:01 +0200
parents a244b18cb916
children 4f9a1ff2c2ee
line wrap: on
line source

// This is Free Software under GNU Affero General Public License v >= 3.0
// without warranty, see README.md and license for details.
//
// SPDX-License-Identifier: AGPL-3.0-or-later
// License-Filename: LICENSES/AGPL-3.0.txt
//
// Copyright (C) 2018 by via donau
//   – Österreichische Wasserstraßen-Gesellschaft mbH
// Software engineering by Intevation GmbH
//
// Author(s):
//  * Sascha L. Teichmann <sascha.teichmann@intevation.de>

package controllers

import (
	"encoding/json"
	"fmt"
	"log"
	"net/http"

	"gemma.intevation.de/gemma/pkg/auth"
	"gemma.intevation.de/gemma/pkg/models"
)

func renew(rw http.ResponseWriter, req *http.Request) {
	token, _ := auth.GetToken(req)
	newToken, err := auth.Sessions.Renew(token)
	switch {
	case err == auth.ErrNoSuchToken:
		http.NotFound(rw, req)
		return
	case err != nil:
		log.Printf("error: %v\n", err)
		http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
		return
	}

	session, _ := auth.GetSession(req)

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   newToken,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	SendJSON(rw, http.StatusOK, &result)
}

func logout(rw http.ResponseWriter, req *http.Request) {
	token, ok := auth.GetToken(req)
	if !ok || !auth.Sessions.Delete(token) {
		http.NotFound(rw, req)
		return
	}
	rw.Header().Set("Content-Type", "text/plain")
	fmt.Fprintln(rw, "token deleted")
}

func login(rw http.ResponseWriter, req *http.Request) {

	var input struct {
		User     models.UserName `json:"user"`
		Password string          `json:"password"`
	}
	defer req.Body.Close()
	if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
		log.Printf("%v\n", err)
		http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
		return
	}

	if input.Password == "" {
		http.Error(rw, "Invalid credentials", http.StatusBadRequest)
		return
	}

	token, session, err := auth.GenerateSession(
		string(input.User),
		input.Password)
	if err != nil {
		log.Printf("error: %v\n", err)
		http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
		return
	}

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   token,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	SendJSON(rw, http.StatusCreated, &result)
}