Mercurial > gemma
view pkg/controllers/token.go @ 819:dcad6628a8ee
morphtool reference not checed in! o_O
author | Thomas Junk <thomas.junk@intevation.de> |
---|---|
date | Thu, 27 Sep 2018 17:48:01 +0200 |
parents | d9dbb6139760 |
children | 7934b5c1a910 |
line wrap: on
line source
package controllers import ( "encoding/json" "fmt" "log" "net/http" "gemma.intevation.de/gemma/pkg/auth" "gemma.intevation.de/gemma/pkg/models" ) func sendJSON(rw http.ResponseWriter, data interface{}) { rw.Header().Set("Content-Type", "application/json") if err := json.NewEncoder(rw).Encode(data); err != nil { log.Printf("error: %v\n", err) } } func renew(rw http.ResponseWriter, req *http.Request) { token, _ := auth.GetToken(req) newToken, err := auth.Sessions.Renew(token) switch { case err == auth.ErrNoSuchToken: http.NotFound(rw, req) return case err != nil: log.Printf("error: %v\n", err) http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) return } session, _ := auth.GetSession(req) var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: newToken, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } sendJSON(rw, &result) } func logout(rw http.ResponseWriter, req *http.Request) { token, ok := auth.GetToken(req) if !ok || !auth.Sessions.Delete(token) { http.NotFound(rw, req) return } rw.Header().Set("Content-Type", "text/plain") fmt.Fprintln(rw, "token deleted") } func login(rw http.ResponseWriter, req *http.Request) { var input struct { User models.UserName `json:"user"` Password string `json:"password"` } defer req.Body.Close() if err := json.NewDecoder(req.Body).Decode(&input); err != nil { log.Printf("%v\n", err) http.Error(rw, "error: "+err.Error(), http.StatusBadRequest) return } if input.Password == "" { http.Error(rw, "Invalid credentials", http.StatusBadRequest) return } token, session, err := auth.GenerateSession( string(input.User), input.Password) if err != nil { log.Printf("error: %v\n", err) http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: token, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } sendJSON(rw, &result) }