martin/databag
1
0
Fork 0
mirror of https://github.com/balzack/databag.git synced 2025-02-14 12:39:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

extending httpUtil

Browse Source
This commit is contained in:
Roland Osborne 2022-01-17 13:42:17 -08:00
parent 491b86fba9
commit 6b0c268a14
9 changed files with 20 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/server/internal/addAccount_endpoint.go
View File

@ -9,13 +9,13 @@ import (
func AddAccount(w http.ResponseWriter, r *http.Request) {
if _, err := bearerAccountToken(r); err != nil {
if _, err := BearerAccountToken(r); err != nil {
LogMsg("authentication failed")
w.WriteHeader(http.StatusUnauthorized)
return
}
username, password, err := basicCredentials(r);
username, password, err := BasicCredentials(r);
if err != nil {
LogMsg("invalid basic credentials")
w.WriteHeader(http.StatusUnauthorized)

2
net/server/internal/addNodeAccount_endpoint.go
View File

@ -8,7 +8,7 @@ import (
func AddNodeAccount(w http.ResponseWriter, r *http.Request) {
if !adminLogin(r) {
if !AdminLogin(r) {
LogMsg("invalid admin credentials");
w.WriteHeader(http.StatusUnauthorized);
return

6
net/server/internal/auth.go
View File

@ -9,7 +9,7 @@ import (
"databag/internal/store"
)
func adminLogin(r *http.Request) bool {
func AdminLogin(r *http.Request) bool {
// extract request auth
username, password, ok := r.BasicAuth();
@ -36,7 +36,7 @@ func adminLogin(r *http.Request) bool {
return true;
}
func bearerAccountToken(r *http.Request) (store.AccountToken, error) {
func BearerAccountToken(r *http.Request) (store.AccountToken, error) {
// parse bearer authentication
auth := r.Header.Get("Authorization")
@ -48,7 +48,7 @@ func bearerAccountToken(r *http.Request) (store.AccountToken, error) {
return accountToken, err
}
func basicCredentials(r *http.Request) (string, []byte, error) {
func BasicCredentials(r *http.Request) (string, []byte, error) {
var username string
var password []byte

2
net/server/internal/getAccountToken_endpoint.go
View File

@ -6,7 +6,7 @@ import (
func GetAccountToken(w http.ResponseWriter, r *http.Request) {
accountToken, err := bearerAccountToken(r);
accountToken, err := BearerAccountToken(r);
if err != nil {
LogMsg("token not found");
w.WriteHeader(http.StatusNotFound)

2
net/server/internal/getAccountUsername_endpoint.go
View File

@ -11,7 +11,7 @@ type accountUsername struct {
func GetAccountUsername(w http.ResponseWriter, r *http.Request) {
_, err := bearerAccountToken(r);
_, err := BearerAccountToken(r);
if err != nil {
LogMsg("authentication failed")
w.WriteHeader(http.StatusUnauthorized)

2
net/server/internal/getNodeConfig_endpoint.go
View File

@ -7,7 +7,7 @@ import (
func GetNodeConfig(w http.ResponseWriter, r *http.Request) {
// validate login
if !adminLogin(r) {
if !AdminLogin(r) {
LogMsg("SetNodeConfig - invalid admin credentials");
w.WriteHeader(http.StatusUnauthorized);
return

7
net/server/internal/httpUtil.go
View File

@ -62,3 +62,10 @@ func SetCredentials(r *http.Request, login string) {
r.Header.Add("Credentials", "Basic " + auth)
}
func ParseRequest(r *http.Request, w http.ResponseWriter, obj interface{}) error {
r.Body = http.MaxBytesReader(w, r.Body, APP_BODYLIMIT)
dec := json.NewDecoder(r.Body)
dec.DisallowUnknownFields()
return dec.Decode(&obj)
}

2
net/server/internal/setNodeClaim_endpoint.go
View File

@ -20,7 +20,7 @@ func SetNodeClaim(w http.ResponseWriter, r *http.Request) {
return
}
username, password, res := basicCredentials(r);
username, password, res := BasicCredentials(r);
if res != nil {
LogMsg("invalid credenitals");
w.WriteHeader(http.StatusBadRequest)

11
net/server/internal/setNodeConfig_endpoint.go
View File

@ -2,7 +2,6 @@ package databag
import (
"log"
"encoding/json"
"net/http"
"gorm.io/gorm"
"gorm.io/gorm/clause"
@ -12,19 +11,15 @@ import (
func SetNodeConfig(w http.ResponseWriter, r *http.Request) {
// validate login
if !adminLogin(r) {
if !AdminLogin(r) {
log.Printf("SetNodeConfig - invalid admin credentials");
w.WriteHeader(http.StatusUnauthorized);
return
}
// parse node config
r.Body = http.MaxBytesReader(w, r.Body, APP_BODYLIMIT)
dec := json.NewDecoder(r.Body)
dec.DisallowUnknownFields()
var config NodeConfig;
res := dec.Decode(&config);
if res != nil {
var config NodeConfig
if ParseRequest(r, w, &config) != nil {
w.WriteHeader(http.StatusBadRequest)
return
}