Jobs & Workflows
https://armen.surge.sh
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
91 lines
2.5 KiB
91 lines
2.5 KiB
/* |
|
------------------------------------------------------------------------------------------------------------------------ |
|
####### api ####### Copyright (c) 2021 mls-361 ##################################################### MIT License ####### |
|
------------------------------------------------------------------------------------------------------------------------ |
|
*/ |
|
|
|
package api |
|
|
|
import ( |
|
"net/http" |
|
"strings" |
|
|
|
"forge.chapril.org/mls-361/jsonapi" |
|
|
|
"forge.chapril.org/armen/armen/internal/components" |
|
) |
|
|
|
func setHeaderWWWAuthenticate(r *jsonapi.Request) { |
|
r.SetHeader("WWW-Authenticate", `Basic realm="Give username and password"`) |
|
} |
|
|
|
func mwAuth(next jsonapi.Handler, crypto components.Crypto) jsonapi.Handler { |
|
return jsonapi.HandlerFunc(func(r *jsonapi.Request) { |
|
username, password, ok := r.BasicAuth() |
|
if !ok { |
|
setHeaderWWWAuthenticate(r) |
|
r.RenderError(http.StatusUnauthorized, "no basic auth present") |
|
return |
|
} |
|
|
|
value, err := crypto.DecryptString(password) |
|
|
|
if err != nil || value != username { |
|
setHeaderWWWAuthenticate(r) |
|
r.RenderError(http.StatusUnauthorized, "invalid username or password") |
|
return |
|
} |
|
|
|
if strings.HasPrefix(r.URL.RequestURI(), "/api/admin/") && username != "cli" { |
|
status := http.StatusUnauthorized |
|
r.RenderError(status, http.StatusText(status)) |
|
return |
|
} |
|
|
|
next.Serve(r) |
|
}) |
|
} |
|
|
|
func mwDebug(next jsonapi.Handler, logger components.Logger) jsonapi.Handler { |
|
return jsonapi.HandlerFunc(func(r *jsonapi.Request) { |
|
logger.Debug( //:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |
|
"Request", |
|
"id", r.ID(), |
|
"from", r.RemoteAddr, |
|
"method", r.Method, |
|
"uri", r.URL.RequestURI(), |
|
) |
|
|
|
next.Serve(r) |
|
|
|
logger.Debug( //:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |
|
"Response", |
|
"id", r.ID(), |
|
"status", r.Status(), |
|
) |
|
}) |
|
} |
|
|
|
func mwTrace(next jsonapi.Handler, logger components.Logger) jsonapi.Handler { |
|
return jsonapi.HandlerFunc(func(r *jsonapi.Request) { |
|
logger.Trace( //:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |
|
"Request", |
|
"id", r.ID(), |
|
"from", r.RemoteAddr, |
|
"method", r.Method, |
|
"uri", r.URL.RequestURI(), |
|
) |
|
|
|
next.Serve(r) |
|
|
|
logger.Trace( //:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |
|
"Response", |
|
"id", r.ID(), |
|
"status", r.Status(), |
|
) |
|
}) |
|
} |
|
|
|
/* |
|
######################################################################################################## @(°_°)@ ####### |
|
*/
|
|
|