sum7/warehost
sum7
/
warehost
Archived
1
0
Fork 0

add Login to API

This commit is contained in:
Martin Geno 2016-08-13 11:03:03 +02:00
parent 662c96f82e
commit 9017881f05
10 changed files with 317 additions and 7 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
webroot
config.yml

6
config.yml.example Normal file
View File

@ -0,0 +1,6 @@
---
api:
address: ::1
port: 8080
webroot: ./webroot
database: "host=localhost user=warehost dbname=warehost password=hallo sslmode=disable"

33
config/config.go Normal file
View File

@ -0,0 +1,33 @@
package config
import (
"io/ioutil"
"log"
"gopkg.in/yaml.v2"
)
// Config is the struct of the api
type Config struct {
API struct {
Address string `yaml:"address"`
Port string `yaml:"port"`
} `yaml:"api"`
Webroot string `yaml:"webroot"`
Database string `yaml:"database"`
Modules []struct {
Name string `yaml:"name"`
Database string `yaml:"database"`
} `yaml:"modules"`
}
// ReadConfigFile reads a config models by path to a yml file
func ReadConfigFile(path string) *Config {
config := &Config{}
file, _ := ioutil.ReadFile(path)
err := yaml.Unmarshal(file, &config)
if err != nil {
log.Fatal(err)
}
return config
}

73
lib/api/main.go Normal file
View File

@ -0,0 +1,73 @@
package api
import (
"bytes"
"encoding/base64"
"encoding/json"
"net/http"
"strings"
"github.com/astaxie/session"
"github.com/julienschmidt/httprouter"
)
type JsonResult struct {
Data interface{} `json:"data"`
Session struct {
Login interface{} `json:"login"`
Profil map[string]interface{} `json:"profil"`
} `json:"session"`
}
func JsonOutput(sessions *session.Manager, w http.ResponseWriter, r *http.Request, data interface{}) {
sess := sessions.SessionStart(w, r)
result := JsonResult{Data: data}
result.Session.Login = sess.Get("login")
js, err := json.Marshal(result)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
if origin := r.Header.Get("Origin"); origin != "" {
w.Header().Set("Access-Control-Allow-Origin", origin)
}
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Write(js)
}
func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
if origin := r.Header.Get("Origin"); origin != "" {
w.Header().Set("Access-Control-Allow-Origin", origin)
}
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
w.Header().Set("Access-Control-Allow-Credentials", "true")
const basicAuthPrefix string = "Basic "
// Get the Basic Authentication credentials
auth := r.Header.Get("Authorization")
if strings.HasPrefix(auth, basicAuthPrefix) {
// Check credentials
payload, err := base64.StdEncoding.DecodeString(auth[len(basicAuthPrefix):])
if err == nil {
pair := bytes.SplitN(payload, []byte(":"), 2)
if len(pair) == 2 &&
bytes.Equal(pair[1], pass) {
// Delegate request to the given handle
h(w, r, ps)
return
}
}
}
// Request Basic Authentication otherwise
w.Header().Set("WWW-Authenticate", "Basic realm=Restricted")
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
}
}

53
main.go Normal file
View File

@ -0,0 +1,53 @@
package main
import (
"flag"
"log"
"net"
"net/http"
"github.com/NYTimes/gziphandler"
"github.com/astaxie/session"
_ "github.com/astaxie/session/providers/memory"
"github.com/go-xorm/xorm"
"github.com/julienschmidt/httprouter"
_ "github.com/lib/pq"
libconfig "dev.sum7.de/sum7/warehost/config"
"dev.sum7.de/sum7/warehost/system"
)
var (
configFile string
config *libconfig.Config
dbconnection *xorm.Engine
sessions *session.Manager
)
func main() {
var err error
flag.StringVar(&configFile, "c", "config.yml", "path of configuration file")
flag.Parse()
config = libconfig.ReadConfigFile(configFile)
sessions, _ = session.NewManager("memory", "session", 3600)
go sessions.GC()
dbconnection, err = xorm.NewEngine("postgres", config.Database)
if err != nil {
log.Fatal("[system] Error database connection: ", err)
}
defer dbconnection.Close()
system.SyncModels(dbconnection)
router := httprouter.New()
system.NewAPI(config, sessions, dbconnection, router, "")
if config.Webroot != "" {
router.NotFound = gziphandler.GzipHandler(http.FileServer(http.Dir(config.Webroot)))
}
address := net.JoinHostPort(config.API.Address, config.API.Port)
log.Println("starting webserver on", address)
// TODO bad
log.Fatal(http.ListenAndServe(address, router))
}

View File

@ -1,7 +0,0 @@
package main
import "fmt"
func main(){
fmt.Println("RunServer")
}

97
system/api.go Normal file
View File

@ -0,0 +1,97 @@
package system
import (
"encoding/json"
"log"
"net/http"
"strconv"
"github.com/astaxie/session"
"github.com/go-xorm/xorm"
"github.com/julienschmidt/httprouter"
libconfig "dev.sum7.de/sum7/warehost/config"
libapi "dev.sum7.de/sum7/warehost/lib/api"
libpassword "dev.sum7.de/sum7/warehost/lib/password"
)
//API keep data in module global
type API struct {
config *libconfig.Config
sessions *session.Manager
dbconnection *xorm.Engine
}
// NewAPI sets the routes to the api functions
func NewAPI(config *libconfig.Config, sessions *session.Manager, dbconnection *xorm.Engine, router *httprouter.Router, prefix string) {
api := &API{config: config, sessions: sessions, dbconnection: dbconnection}
router.GET(prefix+"/status", api.Status)
router.GET(prefix+"/login", api.Login)
router.GET(prefix+"/login/:id", api.FakeLogin)
router.GET(prefix+"/logout", api.Logout)
}
// Status to get Login and Server status
func (api *API) Status(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
result, err := api.dbconnection.Count(new(Login))
connection := false
if err != nil {
log.Print("[error][system]-status: get login count: ", err)
} else {
if result > 0 {
connection = true
}
}
libapi.JsonOutput(api.sessions, w, r, connection)
}
// Logout current user
func (api *API) Logout(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
api.sessions.SessionDestroy(w, r)
libapi.JsonOutput(api.sessions, w, r, true)
}
// Login of system
func (api *API) Login(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
sess := api.sessions.SessionStart(w, r)
var requestlogin RequestLogin
err := json.NewDecoder(r.Body).Decode(&requestlogin)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
log.Println("[system]-login error fetch request")
return
}
var login = Login{Username: requestlogin.Username}
_, err = api.dbconnection.Get(&login)
if err != nil {
result := false
if login.Active {
output, _ := libpassword.Validate(login.Password, requestlogin.Password)
if output {
result = true
sess.Set("login", login)
}
}
libapi.JsonOutput(api.sessions, w, r, result)
} else {
http.Error(w, err.Error(), http.StatusInternalServerError)
log.Println("[system]-login error fetch database")
libapi.JsonOutput(api.sessions, w, r, true)
}
}
// FakeLogin is a API test function
func (api *API) FakeLogin(w http.ResponseWriter, r *http.Request, params httprouter.Params) {
id, _ := strconv.ParseInt(params.ByName("id"), 10, 64)
sess := api.sessions.SessionStart(w, r)
var login = Login{}
_, err := api.dbconnection.Id(id).Get(&login)
result := false
if err != nil {
log.Print("[system] Error get login count: ", err)
} else {
sess.Set("login", login)
result = true
}
libapi.JsonOutput(api.sessions, w, r, result)
}

53
system/models.go Normal file
View File

@ -0,0 +1,53 @@
package system
import (
"log"
"time"
libpassword "dev.sum7.de/sum7/warehost/lib/password"
"github.com/go-xorm/xorm"
)
// Login object for request
type RequestLogin struct {
Username string `json:"username"`
Password string `json:"password"`
}
// Login found
type Login struct {
Id int64 `json:"id"`
Username string `xorm:"varchar(255) not null unique 'mail'" json:"username"`
Password string `xorm:"varchar(255) not null 'password'" json:"-"`
Active bool `xorm:"boolean default false 'active'" json:"active"`
Code string `xorm:"varchar(255) 'code'" json:"-"`
Superadmin bool `xorm:"boolean default false 'superadmin'" json:"superadmin"`
CreateAt time.Time `xorm:"timestampz 'createat'" json:"createat"`
LastLoginAt time.Time `xorm:"timestampz 'lastloginat'" json:"lastloginat"`
}
func SyncModels(dbconnection *xorm.Engine) {
err := dbconnection.Sync(new(Login))
if err != nil {
log.Print("[system] Error create table \"login\": ", err)
}
result, err := dbconnection.Count(new(Login))
if err != nil {
log.Print("[system] Error get \"login\" count: ", err)
}
if result <= 0 {
login := new(Login)
login.Username = "root"
login.Password = libpassword.NewHesh("root")
login.CreateAt = time.Now()
login.Active = true
login.Superadmin = true
_, err := dbconnection.Insert(login)
if err == nil {
log.Print("[system] Create user \"root\"")
} else {
log.Print("[system] Error cound not first user: ", err)
}
}
}