Mercurial > gemma
view pkg/controllers/token.go @ 5095:e21cbb9768a2
Prevent duplicate fairway areas
In principal, there can be only one or no fairway area at each point
on the map. Since polygons from real data will often be topologically
inexact, just disallow equal geometries. This will also help to
avoid importing duplicates with concurrent imports, once the history
of fairway dimensions will be preserved.
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Wed, 25 Mar 2020 18:10:02 +0100 |
| parents | 4394daeea96a |
| children | 5f47eeea988d |
line wrap: on
line source
// This is Free Software under GNU Affero General Public License v >= 3.0 // without warranty, see README.md and license for details. // // SPDX-License-Identifier: AGPL-3.0-or-later // License-Filename: LICENSES/AGPL-3.0.txt // // Copyright (C) 2018 by via donau // – Österreichische Wasserstraßen-Gesellschaft mbH // Software engineering by Intevation GmbH // // Author(s): // * Sascha L. Teichmann <sascha.teichmann@intevation.de> package controllers import ( "encoding/json" "fmt" "log" "net/http" "gemma.intevation.de/gemma/pkg/auth" "gemma.intevation.de/gemma/pkg/models" mw "gemma.intevation.de/gemma/pkg/middleware" ) func renew(rw http.ResponseWriter, req *http.Request) { token, _ := auth.GetToken(req) newToken, err := auth.Sessions.Renew(token) switch { case err == auth.ErrNoSuchToken: http.NotFound(rw, req) return case err != nil: log.Printf("error: %v\n", err) http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) return } session, _ := auth.GetSession(req) var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: newToken, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } mw.SendJSON(rw, http.StatusOK, &result) } func logout(rw http.ResponseWriter, req *http.Request) { token, ok := auth.GetToken(req) if !ok || !auth.Sessions.Delete(token) { http.NotFound(rw, req) return } rw.Header().Set("Content-Type", "text/plain") fmt.Fprintln(rw, "token deleted") } func login(rw http.ResponseWriter, req *http.Request) { var input struct { User models.UserName `json:"user"` Password string `json:"password"` } defer req.Body.Close() if err := json.NewDecoder(req.Body).Decode(&input); err != nil { log.Printf("%v\n", err) http.Error(rw, "error: "+err.Error(), http.StatusBadRequest) return } if input.Password == "" { http.Error(rw, "Invalid credentials", http.StatusBadRequest) return } token, session, err := auth.GenerateSession( string(input.User), input.Password) if err != nil { log.Printf("error: %v\n", err) http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } var result = struct { Token string `json:"token"` Expires int64 `json:"expires"` User string `json:"user"` Roles []string `json:"roles"` }{ Token: token, Expires: session.ExpiresAt, User: session.User, Roles: session.Roles, } go deletePasswordResetRequest(session.User) mw.SendJSON(rw, http.StatusCreated, &result) }