From 6b0c268a1484eb0282df519c7c87fd17f9cc74ce Mon Sep 17 00:00:00 2001 From: Roland Osborne Date: Mon, 17 Jan 2022 13:42:17 -0800 Subject: [PATCH] extending httpUtil --- net/server/internal/addAccount_endpoint.go | 4 ++-- net/server/internal/addNodeAccount_endpoint.go | 2 +- net/server/internal/auth.go | 6 +++--- net/server/internal/getAccountToken_endpoint.go | 2 +- net/server/internal/getAccountUsername_endpoint.go | 2 +- net/server/internal/getNodeConfig_endpoint.go | 2 +- net/server/internal/httpUtil.go | 7 +++++++ net/server/internal/setNodeClaim_endpoint.go | 2 +- net/server/internal/setNodeConfig_endpoint.go | 11 +++-------- 9 files changed, 20 insertions(+), 18 deletions(-) diff --git a/net/server/internal/addAccount_endpoint.go b/net/server/internal/addAccount_endpoint.go index 963318c1..41479d11 100644 --- a/net/server/internal/addAccount_endpoint.go +++ b/net/server/internal/addAccount_endpoint.go @@ -9,13 +9,13 @@ import ( func AddAccount(w http.ResponseWriter, r *http.Request) { - if _, err := bearerAccountToken(r); err != nil { + if _, err := BearerAccountToken(r); err != nil { LogMsg("authentication failed") w.WriteHeader(http.StatusUnauthorized) return } - username, password, err := basicCredentials(r); + username, password, err := BasicCredentials(r); if err != nil { LogMsg("invalid basic credentials") w.WriteHeader(http.StatusUnauthorized) diff --git a/net/server/internal/addNodeAccount_endpoint.go b/net/server/internal/addNodeAccount_endpoint.go index 02f06f98..afc94e8b 100644 --- a/net/server/internal/addNodeAccount_endpoint.go +++ b/net/server/internal/addNodeAccount_endpoint.go @@ -8,7 +8,7 @@ import ( func AddNodeAccount(w http.ResponseWriter, r *http.Request) { - if !adminLogin(r) { + if !AdminLogin(r) { LogMsg("invalid admin credentials"); w.WriteHeader(http.StatusUnauthorized); return diff --git a/net/server/internal/auth.go b/net/server/internal/auth.go index 38a2d994..6f7ce043 100644 --- a/net/server/internal/auth.go +++ b/net/server/internal/auth.go @@ -9,7 +9,7 @@ import ( "databag/internal/store" ) -func adminLogin(r *http.Request) bool { +func AdminLogin(r *http.Request) bool { // extract request auth username, password, ok := r.BasicAuth(); @@ -36,7 +36,7 @@ func adminLogin(r *http.Request) bool { return true; } -func bearerAccountToken(r *http.Request) (store.AccountToken, error) { +func BearerAccountToken(r *http.Request) (store.AccountToken, error) { // parse bearer authentication auth := r.Header.Get("Authorization") @@ -48,7 +48,7 @@ func bearerAccountToken(r *http.Request) (store.AccountToken, error) { return accountToken, err } -func basicCredentials(r *http.Request) (string, []byte, error) { +func BasicCredentials(r *http.Request) (string, []byte, error) { var username string var password []byte diff --git a/net/server/internal/getAccountToken_endpoint.go b/net/server/internal/getAccountToken_endpoint.go index 08c9f7be..024b7673 100644 --- a/net/server/internal/getAccountToken_endpoint.go +++ b/net/server/internal/getAccountToken_endpoint.go @@ -6,7 +6,7 @@ import ( func GetAccountToken(w http.ResponseWriter, r *http.Request) { - accountToken, err := bearerAccountToken(r); + accountToken, err := BearerAccountToken(r); if err != nil { LogMsg("token not found"); w.WriteHeader(http.StatusNotFound) diff --git a/net/server/internal/getAccountUsername_endpoint.go b/net/server/internal/getAccountUsername_endpoint.go index 3ef5dd3f..de9806ed 100644 --- a/net/server/internal/getAccountUsername_endpoint.go +++ b/net/server/internal/getAccountUsername_endpoint.go @@ -11,7 +11,7 @@ type accountUsername struct { func GetAccountUsername(w http.ResponseWriter, r *http.Request) { - _, err := bearerAccountToken(r); + _, err := BearerAccountToken(r); if err != nil { LogMsg("authentication failed") w.WriteHeader(http.StatusUnauthorized) diff --git a/net/server/internal/getNodeConfig_endpoint.go b/net/server/internal/getNodeConfig_endpoint.go index a0beaa79..3ab640c4 100644 --- a/net/server/internal/getNodeConfig_endpoint.go +++ b/net/server/internal/getNodeConfig_endpoint.go @@ -7,7 +7,7 @@ import ( func GetNodeConfig(w http.ResponseWriter, r *http.Request) { // validate login - if !adminLogin(r) { + if !AdminLogin(r) { LogMsg("SetNodeConfig - invalid admin credentials"); w.WriteHeader(http.StatusUnauthorized); return diff --git a/net/server/internal/httpUtil.go b/net/server/internal/httpUtil.go index 4971cf1c..b2275bd2 100644 --- a/net/server/internal/httpUtil.go +++ b/net/server/internal/httpUtil.go @@ -62,3 +62,10 @@ func SetCredentials(r *http.Request, login string) { r.Header.Add("Credentials", "Basic " + auth) } +func ParseRequest(r *http.Request, w http.ResponseWriter, obj interface{}) error { + r.Body = http.MaxBytesReader(w, r.Body, APP_BODYLIMIT) + dec := json.NewDecoder(r.Body) + dec.DisallowUnknownFields() + return dec.Decode(&obj) +} + diff --git a/net/server/internal/setNodeClaim_endpoint.go b/net/server/internal/setNodeClaim_endpoint.go index 267180a4..f3a5a23c 100644 --- a/net/server/internal/setNodeClaim_endpoint.go +++ b/net/server/internal/setNodeClaim_endpoint.go @@ -20,7 +20,7 @@ func SetNodeClaim(w http.ResponseWriter, r *http.Request) { return } - username, password, res := basicCredentials(r); + username, password, res := BasicCredentials(r); if res != nil { LogMsg("invalid credenitals"); w.WriteHeader(http.StatusBadRequest) diff --git a/net/server/internal/setNodeConfig_endpoint.go b/net/server/internal/setNodeConfig_endpoint.go index 0f612067..fc3cc395 100644 --- a/net/server/internal/setNodeConfig_endpoint.go +++ b/net/server/internal/setNodeConfig_endpoint.go @@ -2,7 +2,6 @@ package databag import ( "log" - "encoding/json" "net/http" "gorm.io/gorm" "gorm.io/gorm/clause" @@ -12,19 +11,15 @@ import ( func SetNodeConfig(w http.ResponseWriter, r *http.Request) { // validate login - if !adminLogin(r) { + if !AdminLogin(r) { log.Printf("SetNodeConfig - invalid admin credentials"); w.WriteHeader(http.StatusUnauthorized); return } // parse node config - r.Body = http.MaxBytesReader(w, r.Body, APP_BODYLIMIT) - dec := json.NewDecoder(r.Body) - dec.DisallowUnknownFields() - var config NodeConfig; - res := dec.Decode(&config); - if res != nil { + var config NodeConfig + if ParseRequest(r, w, &config) != nil { w.WriteHeader(http.StatusBadRequest) return }