2019-11-11 00:26:36 +00:00
|
|
|
package web
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2020-03-15 13:40:47 +00:00
|
|
|
"fmt"
|
2019-11-11 00:26:36 +00:00
|
|
|
"net/http"
|
|
|
|
|
|
|
|
"code.chrissexton.org/cws/cabinet/auth"
|
2020-03-15 13:40:47 +00:00
|
|
|
"code.chrissexton.org/cws/cabinet/config"
|
|
|
|
|
2019-11-11 00:26:36 +00:00
|
|
|
"github.com/rs/zerolog/log"
|
|
|
|
)
|
|
|
|
|
|
|
|
func (web *Web) auth(w http.ResponseWriter, r *http.Request) {
|
|
|
|
name := r.Header.Get("X-user-name")
|
|
|
|
password := r.Header.Get("X-user-password")
|
|
|
|
|
|
|
|
user, err := auth.Get(web.db, name)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(500)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if user.Validate(password) {
|
2020-03-15 13:40:47 +00:00
|
|
|
resp := struct {
|
|
|
|
Status bool
|
|
|
|
User auth.User
|
|
|
|
}{
|
|
|
|
true,
|
|
|
|
*user,
|
|
|
|
}
|
|
|
|
j, err := json.Marshal(resp)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(500)
|
|
|
|
log.Error().Err(err).Msg("Error encoding json response")
|
|
|
|
return
|
|
|
|
}
|
2019-11-11 00:26:36 +00:00
|
|
|
w.WriteHeader(200)
|
2020-03-15 13:40:47 +00:00
|
|
|
w.Write(j)
|
2019-11-11 00:26:36 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
w.WriteHeader(401)
|
|
|
|
resp := struct {
|
|
|
|
Status bool
|
|
|
|
Message string
|
|
|
|
}{Message: "incorrect credentials"}
|
|
|
|
j, err := json.Marshal(resp)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(500)
|
2020-03-15 13:40:47 +00:00
|
|
|
log.Error().Err(err).Msg("Error encoding json response")
|
|
|
|
return
|
2019-11-11 00:26:36 +00:00
|
|
|
}
|
|
|
|
w.Write(j)
|
|
|
|
}
|
2020-03-15 13:40:47 +00:00
|
|
|
|
|
|
|
func (web *Web) newUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
secret := r.Header.Get("X-secret")
|
|
|
|
if secret != config.Get("secret", "abc123") {
|
|
|
|
w.WriteHeader(401)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
dec := json.NewDecoder(r.Body)
|
|
|
|
req := struct {
|
|
|
|
Username string
|
|
|
|
Password string
|
|
|
|
}{}
|
|
|
|
err := dec.Decode(&req)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(500)
|
|
|
|
fmt.Fprint(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
_, err = auth.New(web.db, req.Username, req.Password)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(500)
|
|
|
|
fmt.Fprint(w, err)
|
|
|
|
log.Error().Err(err).Msg("Could not create user")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
w.WriteHeader(200)
|
|
|
|
}
|