Beispiel #1
0
func createApp(w http.ResponseWriter, req *http.Request) {
	app := &datatypes.App{}
	body, err := ioutil.ReadAll(req.Body)
	if err != nil {
		utils.Reply(r, w, "Invalid request: "+err.Error(), 500)
		return
	}
	err = json.Unmarshal(body, app)
	if err != nil {
		utils.Reply(r, w, "Invalid request: "+err.Error(), 500)
		return
	}

	if _, err := client.Get(constants.ETCD_APPS+app.Name, false, false); err == nil {
		utils.Reply(r, w, "App "+app.Name+" already exists", 409)
		return
	} else {
		out, err := json.Marshal([]string{req.Header.Get("X-Lagann-User")})
		if err != nil {
			utils.Reply(r, w, "Invalid request: "+err.Error(), 500)
			return
		}

		client.Set(constants.ETCD_APPS+app.Name+"/users", string(out), 0)
		client.Set(constants.ETCD_APPS+app.Name+"/name", app.Name, 0)

		utils.Reply(r, w, "App "+app.Name+" created", 200)
	}
}
Beispiel #2
0
func login(w http.ResponseWriter, req *http.Request) {
	if req.Method != "POST" {
		utils.Reply(r, w, "Invalid method", http.StatusMethodNotAllowed)
		return
	}

	err := req.ParseForm()
	if err != nil || req.Form.Get("password") == "" || req.Form.Get("username") == "" {
		utils.Reply(r, w, "Could not parse form "+err.Error(), http.StatusInternalServerError)
		return
	}

	password := utils.HashPassword([]byte(req.Form.Get("password")), []byte("lagann"))
	username := req.Form.Get("username")

	comppw := base64.StdEncoding.EncodeToString(password)

	storedpwnode, err := client.Get(constants.ETCD_LAGANN_USERS+username+"/password", false, false)
	if err != nil {
		utils.Reply(r, w, "No such user "+username, http.StatusNotFound)
	}

	if storedpwnode.Node.Value == comppw {
		authkey := uuid.New()

		client.Set(constants.ETCD_LAGANN_AUTHKEYS+authkey, username, 0)

		utils.Reply(r, w, "Logged in as "+username+".", 200, map[string]interface{}{
			"authkey": authkey,
			"user":    username,
		})
	}
}
Beispiel #3
0
func addSharing(w http.ResponseWriter, req *http.Request) {
	username := req.Header.Get("X-Lagann-User")
	params := req.URL.Query()
	appname := params.Get(":app")

	err := req.ParseForm()
	if err != nil {
		utils.Reply(r, w, "Internal json error", 500, err)
		return
	}

	res, err := client.Get(constants.ETCD_APPS+appname+"/users", false, false)
	if err != nil {
		utils.Reply(r, w, "No such app "+appname, 404)
		return
	}

	var allowedusers []string
	rawusers := res.Node.Value

	err = json.Unmarshal([]byte(rawusers), &allowedusers)
	if err != nil {
		utils.Reply(r, w, "Internal json error", 500, err)
		return
	}

	for _, myusername := range allowedusers {
		if strings.ToLower(username) == strings.ToLower(myusername) {
			goto okay
		}
	}

	utils.Reply(r, w, "Not allowed to modify permissions for "+appname, http.StatusUnauthorized)
	return

okay:

	toadd := req.Form.Get("user")
	allowedusers = append(allowedusers, toadd)

	bs, err := json.Marshal(allowedusers)
	if err != nil {
		utils.Reply(r, w, "Internal json error", 500, err)
		return

	}

	str := string(bs)

	_, err = client.Set(constants.ETCD_APPS+appname+"/users", str, 0)
	if err != nil {
		utils.Reply(r, w, "Internal etcd error", 500, err)
		return
	}

	utils.Reply(r, w, "User "+toadd+" added to "+appname, 200)
}
Beispiel #4
0
func register(w http.ResponseWriter, req *http.Request) {
	if req.Method != "POST" {
		utils.Reply(r, w, "Invalid method", http.StatusMethodNotAllowed)
		return
	}

	err := req.ParseForm()
	if err != nil {
		utils.Reply(r, w, "Could not parse form "+err.Error(), http.StatusInternalServerError)
		return
	}

	password := utils.HashPassword([]byte(req.Form.Get("password")), []byte("lagann"))
	key := req.Form.Get("sshkey")
	uname := req.Form.Get("username")

	fp := utils.GetFingerprint(key)

	if fp == "error" {
		utils.Reply(r, w, "Invalid SSH key", 401)
		return
	}

	if _, err := client.Get(constants.ETCD_LAGANN_USERS+uname, false, false); err == nil {
		utils.Reply(r, w, "User "+uname+" already exists", 409)
	} else {
		client.Set(constants.ETCD_BUILDER_USERS+uname+"/"+fp, key, 0)

		client.Set(constants.ETCD_LAGANN_USERS+uname+"/password",
			base64.StdEncoding.EncodeToString(password), 0)

		authkey := uuid.New()

		client.Set(constants.ETCD_LAGANN_AUTHKEYS+authkey, uname, 0)

		utils.Reply(r, w, "User "+uname+" created.", 200, map[string]interface{}{
			"authkey": authkey,
			"user":    uname,
		})
	}
}
Beispiel #5
0
// root is the handler for /. It is a simple 404 page.
func root(w http.ResponseWriter, req *http.Request) {
	utils.Reply(r, w, "No method", http.StatusNotFound)
}