From 98d9d8a899ba6299e2b3ad33208ffaca2a5bd1d2 Mon Sep 17 00:00:00 2001 From: Chris Sexton Date: Sun, 15 Mar 2020 06:44:27 -0400 Subject: [PATCH] users: Merge WIP into users --- go.mod | 3 ++- go.sum | 3 +++ web/routes.go | 47 +++++++++++++++++++++++++++++++++++++++++------ 3 files changed, 46 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index fc3cdcb..2af1902 100644 --- a/go.mod +++ b/go.mod @@ -9,8 +9,9 @@ require ( github.com/jmoiron/sqlx v1.2.0 github.com/mattn/go-sqlite3 v1.11.0 github.com/rs/zerolog v1.16.0 + github.com/speps/go-hashids v2.0.0+incompatible github.com/stretchr/graceful v1.2.15 - golang.org/x/crypto v0.0.0-20191107222254-f4817d981bb6 // indirect + golang.org/x/crypto v0.0.0-20191107222254-f4817d981bb6 golang.org/x/sys v0.0.0-20191029155521-f43be2a4598c // indirect google.golang.org/appengine v1.6.5 // indirect ) diff --git a/go.sum b/go.sum index 5868d24..364f0fb 100644 --- a/go.sum +++ b/go.sum @@ -62,6 +62,9 @@ github.com/rs/zerolog v1.16.0/go.mod h1:9nvC1axdVrAHcu/s9taAVfBuIdTZLVQmKQyvrUjF github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/speps/go-hashids v1.0.0 h1:jdFC07PrExRM4Og5Ev4411Tox75aFpkC77NlmutadNI= +github.com/speps/go-hashids v2.0.0+incompatible h1:kSfxGfESueJKTx0mpER9Y/1XHl+FVQjtCqRyYcviFbw= +github.com/speps/go-hashids v2.0.0+incompatible/go.mod h1:P7hqPzMdnZOfyIk+xrlG1QaSMw+gCBdHKsBDnhpaZvc= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= diff --git a/web/routes.go b/web/routes.go index ebf69ee..dc294e3 100644 --- a/web/routes.go +++ b/web/routes.go @@ -1,17 +1,19 @@ package web import ( + "fmt" "net/http" "os" "time" + "github.com/gorilla/handlers" + "github.com/gorilla/mux" + "github.com/rs/zerolog/log" + "code.chrissexton.org/cws/cabinet/db" packr "github.com/gobuffalo/packr/v2" - "github.com/gorilla/handlers" - "github.com/gorilla/mux" - "github.com/rs/zerolog/log" "github.com/stretchr/graceful" ) @@ -36,13 +38,46 @@ func New(addr string, db *db.Database, box *packr.Box) *Web { return w } +type AuthMiddleware struct{} + +func (aw *AuthMiddleware) Middleware(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Header.Get("X-Auth-Key") == "" { + w.WriteHeader(401) + fmt.Fprint(w, "invalid login") + } + log.Debug().Msgf("This shit is authed!") + next.ServeHTTP(w, r) + }) +} + func (web *Web) routeSetup() http.Handler { r := mux.NewRouter() api := r.PathPrefix("/v1/").Subrouter() + auth := AuthMiddleware{} + + authedApi := r.PathPrefix("/v1/").Subrouter() + authedApi.Use(auth.Middleware) + + api.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) { + log.Debug().Msg("test json") + }).Methods(http.MethodPost).HeadersRegexp("Content-Type", `application/json.*`) + + api.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) { + log.Debug().Msg("test markdown") + }).Methods(http.MethodPost).HeadersRegexp("Content-Type", `application/markdown.*`) + + // curl 'http://127.0.0.1:8080/v1/test' -X POST -H 'Accept: application/json, text/plain, */*' --compressed -H 'Content-Type: application/json;charset=utf-8' --data '{ "test": 1 }' + api.HandleFunc("/entries", web.allEntries).Methods(http.MethodGet) - api.HandleFunc("/entries", web.newEntry).Methods(http.MethodPost) - api.HandleFunc("/entries/{slug}", web.removeEntry).Methods(http.MethodDelete) - api.HandleFunc("/entries/{slug}", web.editEntry).Methods(http.MethodPut) + authedApi.HandleFunc("/entries", web.newEntry).Methods(http.MethodPost) + authedApi.HandleFunc("/entries", web.newEntry).Methods(http.MethodPost). + HeadersRegexp("Content-Type", "application/(text|json).*") + //authedApi.HandleFunc("/entries", web.newMarkdownEntry).Methods(http.MethodPost). + // HeadersRegexp("Content-Type", "application/markdown.*") + authedApi.HandleFunc("/entries/{slug}", web.removeEntry).Methods(http.MethodDelete) + authedApi.HandleFunc("/entries/{slug}", web.editEntry).Methods(http.MethodPut) + api.HandleFunc("/entries/{slug}", web.getEntry).Methods(http.MethodGet) api.HandleFunc("/auth", web.auth).Methods(http.MethodPost) r.PathPrefix("/").HandlerFunc(web.indexHandler("/index.html"))