// Handler that clients can use to get a jwt token.
// Payload needs to be json in the form of {"username": "******", "password": "******"}.
// Reply will be of the form {"token": "TOKEN"}.
func (mw *JWTMiddleware) LoginHandler(writer rest.ResponseWriter, request *rest.Request) {
login_vals := login{}
err := request.DecodeJsonPayload(&login_vals)
if err != nil {
apiutils.WriteRestError(writer, apierrors.NewBadRequest(err.Error()))
return
}
if login_vals.Username == "" {
apiutils.WriteRestError(writer,
apierrors.NewInvalid("login", "",
fielderrors.ValidationErrorList{
fielderrors.NewFieldRequired("username")}))
return
}
if login_vals.Password == "" {
apiutils.WriteRestError(writer,
apierrors.NewInvalid("login", "",
fielderrors.ValidationErrorList{
fielderrors.NewFieldRequired("password")}))
return
}
if !mw.Authenticator(login_vals.Username, login_vals.Password) {
mw.unauthorized(writer)
return
}
token := jwt.New(jwt.GetSigningMethod(mw.SigningAlgorithm))
if mw.PayloadFunc != nil {
for key, value := range mw.PayloadFunc(login_vals.Username) {
token.Claims[key] = value
}
}
token.Claims["id"] = login_vals.Username
token.Claims["exp"] = time.Now().Add(mw.Timeout).Unix()
if mw.MaxRefresh != 0 {
token.Claims["orig_iat"] = time.Now().Unix()
}
tokenString, err := token.SignedString(mw.Key)
if err != nil {
mw.unauthorized(writer)
return
}
writer.WriteJson(&map[string]string{"token": tokenString})
}
// CreateSuggestion .
func CreateSuggestion(w rest.ResponseWriter, r *rest.Request) {
form := shared.BrowserSuggestionTokenRequest{}
err := r.DecodeJsonPayload(&form)
if err != nil {
// apiError(w, err.Error(), http.StatusInternalServerError)
apiutils.WriteRestError(w, err)
return
}
var invalids fielderrors.ValidationErrorList
// parse and validate url.
URL := strings.TrimSpace(form.URL)
if URL == "" {
invalids = append(invalids, fielderrors.NewFieldRequired("URL"))
// apiError(w, "no or empty URL", http.StatusBadRequest)
}
u, err := url.Parse(URL)
if err != nil {
invalids = append(invalids, fielderrors.NewFieldInvalid("URL", URL, err.Error()))
// apiError(w, fmt.Sprintf("%s is not a valid URL", URL), http.StatusBadRequest)
}
host := u.Host
if strings.Contains(host, ":") {
host, _, err = net.SplitHostPort(u.Host)
if err != nil {
invalids = append(invalids, fielderrors.NewFieldInvalid("URL", URL, err.Error()))
}
}
if !shared.AcceptedURL(u) {
invalids = append(invalids, fielderrors.NewFieldValueNotSupported("URL", URL, nil))
}
if len(invalids) > 0 {
apiutils.WriteRestError(w, apierrors.NewInvalid("create-suggestion", "URL", invalids))
return
}
s := client.NewSuggestion(u.String())
defer s.DoneAddingSamples()
measurers, err := measure.DefaultMeasurements(form.URL)
if err != nil {
apiutils.WriteRestError(w, apierrors.NewInternalError(err))
return
}
for _, v := range measurers {
m, err := v.Measure()
if err != nil {
lg.Errorf("could not measure: %s", err.Error())
} else {
switch m.Type() {
case sampletypes.DNSQuery, sampletypes.HTTPHeader:
err = s.AddMeasurement(m)
if err != nil {
lg.Errorln(err.Error())
return
}
default:
lg.Warningf("unsupported sample type: %s", m.Type().String())
}
}
}
}
func PostConnection(w rest.ResponseWriter, r *rest.Request) {
form := ConnectionSetting{}
err := r.DecodeJsonPayload(&form)
if err != nil {
apiutils.WriteRestError(w, apierrors.NewBadRequest(err.Error()))
return
}
err = clientconfig.Update(func(conf *clientconfig.Config) error {
all := conf.Settings.Connections
var connection shared.Connection // decoded connection
var invalids fielderrors.ValidationErrorList
// Verify that the encoded field is set
{
if form.Encoded == "" {
invalids = append(invalids, fielderrors.NewFieldRequired("encoded"))
}
}
// verify that the connection is decodeable
{
var err error
connection, err = shared.DecodeConnection(form.Encoded)
if err != nil {
invalids = append(invalids, fielderrors.NewFieldInvalid("encoded", form.Encoded, "invalid formatting"))
}
}
// validate that the id exists, if supplied
foundIdx := 0
{
if form.ID != "" {
found := false
for k, v := range all {
if v.ID == form.ID {
found = true
foundIdx = k
}
}
if !found {
invalids = append(invalids, fielderrors.NewFieldNotFound("id", form.ID))
}
}
}
// validate that the connection doesnt alreay exist
{
encoded, err := connection.Encode()
if err != nil {
apiutils.WriteRestError(w, err)
return nil
}
found := false
for _, v := range all {
enc2, err := v.Encode()
if err != nil {
lg.Errorln(err)
continue
}
if enc2 == encoded {
found = true
}
}
if found {
invalids = append(invalids, fielderrors.NewFieldDuplicate("encoded", form.Encoded))
}
}
// end of field validations
if len(invalids) > 0 {
apiutils.WriteRestError(w, apierrors.NewInvalid("post-connection", "", invalids))
return nil
}
// add connection to settings and save
if form.ID == "" {
connection.EnsureID()
conf.Settings.Connections = append(conf.Settings.Connections, connection)
} else {
conf.Settings.Connections[foundIdx] = connection
}
service.UpdateConnections(conf.Settings.Connections)
return nil
})
if err != nil {
lg.Errorln(err)
}
clientconfig.Write()
w.WriteJson(true)
}
