Mercurial > gemma
changeset 2690:ef59a4255670
Added http middlewares to connect to db and parse input as JSON. This complements the JSONHandler which is for JSON in to JSON out. The new middlewares are for JSON in to abitrary out.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Fri, 15 Mar 2019 16:45:34 +0100 |
parents | 8f919fe629f9 |
children | 023a607c4bcc |
files | pkg/middleware/dbconn.go pkg/middleware/json.go |
diffstat | 2 files changed, 117 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/pkg/middleware/dbconn.go Fri Mar 15 16:45:34 2019 +0100 @@ -0,0 +1,61 @@ +// This is Free Software under GNU Affero General Public License v >= 3.0 +// without warranty, see README.md and license for details. +// +// SPDX-License-Identifier: AGPL-3.0-or-later +// License-Filename: LICENSES/AGPL-3.0.txt +// +// Copyright (C) 2019 by via donau +// – Österreichische Wasserstraßen-Gesellschaft mbH +// Software engineering by Intevation GmbH +// +// Author(s): +// * Sascha L. Teichmann <sascha.teichmann@intevation.de> + +package middleware + +import ( + "context" + "database/sql" + "fmt" + "log" + "net/http" + + "gemma.intevation.de/gemma/pkg/auth" +) + +type wrapDBKeyType int + +const wrapDBKey wrapDBKeyType = 0 + +func GetDBConn(req *http.Request) *sql.Conn { + if conn, ok := req.Context().Value(wrapDBKey).(*sql.Conn); ok { + return conn + } + return nil +} + +func DBConn(next http.Handler) http.Handler { + + return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + token, ok := auth.GetToken(req) + if !ok { + http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) + return + } + session := auth.Sessions.Session(token) + if session == nil { + http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) + return + } + parent := req.Context() + if err := auth.RunAs(parent, session.User, func(conn *sql.Conn) error { + ctx := context.WithValue(parent, wrapDBKey, conn) + req = req.WithContext(ctx) + next.ServeHTTP(rw, req) + return nil + }); err != nil { + log.Printf("error: %v\n", err) + http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) + } + }) +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/pkg/middleware/json.go Fri Mar 15 16:45:34 2019 +0100 @@ -0,0 +1,56 @@ +// This is Free Software under GNU Affero General Public License v >= 3.0 +// without warranty, see README.md and license for details. +// +// SPDX-License-Identifier: AGPL-3.0-or-later +// License-Filename: LICENSES/AGPL-3.0.txt +// +// Copyright (C) 2019 by via donau +// – Österreichische Wasserstraßen-Gesellschaft mbH +// Software engineering by Intevation GmbH +// +// Author(s): +// * Sascha L. Teichmann <sascha.teichmann@intevation.de> + +package middleware + +import ( + "context" + "encoding/json" + "io" + "net/http" +) + +type jsonInputKeyType int + +const jsonInputKey jsonInputKeyType = 0 + +const DefaultLimit = 2048 + +func GetJSONInput(req *http.Request) interface{} { + return req.Context().Value(jsonInputKey) +} + +func JSONInput(next http.Handler, input func(*http.Request) interface{}, limit int64) http.Handler { + + return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + dst := input(req) + defer req.Body.Close() + var r io.Reader + switch { + case limit == 0: + r = io.LimitReader(req.Body, DefaultLimit) + case limit > 0: + r = io.LimitReader(req.Body, limit) + default: + r = req.Body + } + if err := json.NewDecoder(r).Decode(dst); err != nil { + http.Error(rw, "error: "+err.Error(), http.StatusBadRequest) + return + } + parent := req.Context() + ctx := context.WithValue(parent, jsonInputKey, input) + req = req.WithContext(ctx) + next.ServeHTTP(rw, req) + }) +}