sermoni

"Service monitor" / cronjob status service
Log | Files | Refs
commit 6ff06aa8ea1168aa9fd8f3ad553c873a071edc76
parent 19ecf03e7709502ddf30c82b0969be571946a521
Author: Vetle Haflan <vetle@haflan.dev>
Date:   Sun, 12 Apr 2020 06:40:21 +0200

Seemingly working auth middleware

Diffstat:

Minternal/http/auth.go | 16+++++++++++-----


Minternal/http/http.go | 10++++++----


2 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/internal/http/auth.go b/internal/http/auth.go
@@ -34,12 +34,18 @@ func logoutHandler(w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte("Logged out"))
 }
 
-// Auth returns Authentication middleware for the simple sermoni auth scheme
-// This doesn' work :v
-func Auth() func(http.Handler) http.Handler {
-	return func(h http.Handler) http.Handler {
+
+// Thanks: https://github.com/mastertinner/adapters/blob/master/basicauth/basicauth.go
+func AuthHandler(store *sessions.CookieStore) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			h.ServeHTTP(w, r)
+			session, _ := store.Get(r, "session")
+			if !authorized(session) {
+				status := http.StatusUnauthorized
+				http.Error(w, http.StatusText(status), status)
+				return
+			}
+			next.ServeHTTP(w, r)
 		})
 	}
 }
diff --git a/internal/http/http.go b/internal/http/http.go
@@ -11,8 +11,8 @@ import (
 	"github.com/gorilla/sessions"
 )
 
-var store *sessions.CookieStore
 var conf *config.Config
+var store *sessions.CookieStore
 
 // StartServer initializes the session store given the session key and starts
 // the server at the given port
@@ -20,13 +20,15 @@ func StartServer(port int) {
 	conf = config.GetConfig()
 	store = sessions.NewCookieStore(conf.SessionKey)
 
+	auth := AuthHandler(store)
 	router := mux.NewRouter()
 	router.HandleFunc("/", homeHandler)
 	router.HandleFunc("/login", loginHandler)
-	router.HandleFunc("/logout", logoutHandler)
+	//router.HandleFunc("/logout", logoutHandler)
+	router.Handle("/logout", auth(http.HandlerFunc(logoutHandler)))
 
-	router.HandleFunc("/services", getServices).Methods("GET")
-	router.HandleFunc("/services", postService).Methods("POST")
+	router.Handle("/services", auth(http.HandlerFunc(getServices))).Methods("GET")
+	router.Handle("/services", auth(http.HandlerFunc(postService))).Methods("POST")
 	router.HandleFunc("/services/{id:[0-9]+}", deleteService).Methods("DELETE")
 	//router.HandleFunc("/services/{id:[0-9]+}", putService).Methods("PUT") (TODO)