Mercurial > gemma
changeset 125:a98a282f00e1
Wired token generator and connection pool to token server.
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Thu, 28 Jun 2018 12:21:36 +0200 |
| parents | bb9120d28950 |
| children | 89cf2e7672ff |
| files | auth/opendb.go cmd/tokenserver/main.go config/config.go |
| diffstat | 3 files changed, 39 insertions(+), 24 deletions(-) [+] |
line wrap: on
line diff
--- a/auth/opendb.go Thu Jun 28 11:34:57 2018 +0200 +++ b/auth/opendb.go Thu Jun 28 12:21:36 2018 +0200 @@ -19,17 +19,18 @@ // dbDSN creates a data source name suitable for sql.Open on // PostgreSQL databases. func dbDSN(host string, port uint, dbname, user, password string, sslmode string) string { - return fmt.Sprintf("host='%s' port=%d dbname='%s' user='%s' password='%s' sslmode='%s'", + return fmt.Sprintf("host=%s port=%d dbname=%s user=%s password=%s sslmode=%s", dbQuote(host), port, dbQuote(dbname), dbQuote(user), dbQuote(password), sslmode) } func opendb(user, password string) (*sql.DB, error) { - return sql.Open(driver, dbDSN( + dsn := dbDSN( config.Config.DBHost, config.Config.DBPort, config.Config.DBName, user, password, - config.Config.DBSSLMode)) + config.Config.DBSSLMode) + return sql.Open(driver, dsn) } const allRoles = `
--- a/cmd/tokenserver/main.go Thu Jun 28 11:34:57 2018 +0200 +++ b/cmd/tokenserver/main.go Thu Jun 28 12:21:36 2018 +0200 @@ -6,36 +6,24 @@ "log" "net/http" "path/filepath" - "time" - jwt "github.com/dgrijalva/jwt-go" + "gemma.intevation.de/gemma/auth" ) func token(rw http.ResponseWriter, req *http.Request) { user := req.FormValue("user") password := req.FormValue("password") - _ = password - - eol := time.Now().Add(45 * time.Minute) - - token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ - "user": user, - "eol": eol.Unix(), - }) - - signingKey := []byte("very, very secret!") - - tokenString, err := token.SignedString(signingKey) + token, err := auth.GenerateToken(user, password) if err != nil { - http.Error(rw, "Signing failed", http.StatusInternalServerError) + http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) return } rw.Header().Set("Content-Type", "text/plain") - fmt.Fprintf(rw, "%s\n", tokenString) + fmt.Fprintf(rw, "%s\n", token) } func main() {
--- a/config/config.go Thu Jun 28 11:34:57 2018 +0200 +++ b/config/config.go Thu Jun 28 12:21:36 2018 +0200 @@ -1,5 +1,11 @@ package config +import ( + "log" + "os" + "strconv" +) + var Config = NewConfiguration() type Configuration struct { @@ -14,11 +20,31 @@ func NewConfiguration() *Configuration { // TODO: Load from file. return &Configuration{ - DBHost: "localhost", - DBPort: 5432, - DBName: "gemma", - DBSSLMode: "require", + DBHost: envString("GEMMA_DB_HOST", "localhost"), + DBPort: envUint("GEMMA_DB_PORT", 5432), + DBName: envString("GEMMA_DB_NAME", "gemma"), + DBSSLMode: envString("GEMMA_DB_SSL_MODE", "require"), - JWTSignKey: []byte("very, very secret!"), + JWTSignKey: []byte( + envString("GEMMA_JWT_SIGN_KEY", "SECRET! CHANGE ME!")), } } + +func envString(key, def string) string { + if v, ok := os.LookupEnv(key); ok { + return v + } + return def +} + +func envUint(key string, def uint) uint { + if v, ok := os.LookupEnv(key); ok { + x, err := strconv.ParseUint(v, 10, 64) + if err != nil { + log.Printf("warn: invalid uint env %s: %v\n", key, err) + return def + } + return uint(x) + } + return def +}