Mercurial > gemma

view pkg/controllers/token.go @ 904:e4b72a199258

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
New default bottleneck colors Mainly to make the stroke color one actually selectable in the ui. In addition the pink does better match the collors used on the ECDIS layer.
author Sascha Wilde <wilde@intevation.de>
date Tue, 02 Oct 2018 13:34:59 +0200
parents d9dbb6139760
children 7934b5c1a910
line wrap: on
line source

package controllers

import (
	"encoding/json"
	"fmt"
	"log"
	"net/http"

	"gemma.intevation.de/gemma/pkg/auth"
	"gemma.intevation.de/gemma/pkg/models"
)

func sendJSON(rw http.ResponseWriter, data interface{}) {
	rw.Header().Set("Content-Type", "application/json")
	if err := json.NewEncoder(rw).Encode(data); err != nil {
		log.Printf("error: %v\n", err)
	}
}

func renew(rw http.ResponseWriter, req *http.Request) {
	token, _ := auth.GetToken(req)
	newToken, err := auth.Sessions.Renew(token)
	switch {
	case err == auth.ErrNoSuchToken:
		http.NotFound(rw, req)
		return
	case err != nil:
		log.Printf("error: %v\n", err)
		http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
		return
	}

	session, _ := auth.GetSession(req)

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   newToken,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	sendJSON(rw, &result)
}

func logout(rw http.ResponseWriter, req *http.Request) {
	token, ok := auth.GetToken(req)
	if !ok || !auth.Sessions.Delete(token) {
		http.NotFound(rw, req)
		return
	}
	rw.Header().Set("Content-Type", "text/plain")
	fmt.Fprintln(rw, "token deleted")
}

func login(rw http.ResponseWriter, req *http.Request) {

	var input struct {
		User     models.UserName `json:"user"`
		Password string          `json:"password"`
	}
	defer req.Body.Close()
	if err := json.NewDecoder(req.Body).Decode(&input); err != nil {
		log.Printf("%v\n", err)
		http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
		return
	}

	if input.Password == "" {
		http.Error(rw, "Invalid credentials", http.StatusBadRequest)
		return
	}

	token, session, err := auth.GenerateSession(
		string(input.User),
		input.Password)
	if err != nil {
		log.Printf("error: %v\n", err)
		http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
		return
	}

	var result = struct {
		Token   string   `json:"token"`
		Expires int64    `json:"expires"`
		User    string   `json:"user"`
		Roles   []string `json:"roles"`
	}{
		Token:   token,
		Expires: session.ExpiresAt,
		User:    session.User,
		Roles:   session.Roles,
	}

	sendJSON(rw, &result)
}