Ejemplo n.º 1
0
func main() {
	defer log.Flush()
	flag.Parse()
	log.StartLogging()
	var sessionStore session.Store
	if *useEtcd {
		sessionStore = session.NewEtcdStore(*etcdAddr)
	} else {
		sessionStore = session.NewInMemoryStore()
	}
	auth := auth.New(auth.NewInMemoryStore())
	// TODO(jwall): This is totally cheating and should be removed once
	// we have real storage backends.
	if err := auth.NewUser("rtp-debug", "rtp rules!"); err != nil {
		log.Fatal(err)
	}
	muxer.HandleFunc("/quitquitquit", quitQuitQuitHandler)
	// TODO(jwall): handle codecs.
	muxer.Handle("/_api/login", rest.New(&LoginHandler{ss: sessionStore}, auth))
	muxer.Handle("/_api/logout", rest.New(&LogoutHandler{ss: sessionStore}, auth))
	muxer.Handle("/_api/backendAddress", rest.New(&BackendAddressHandler{}, auth))
	muxer.Handle("/{path:.*}", http.FileServer(DefaultIndex{dir: http.Dir(*staticDir)}))
	// Note(jwall): to test this for now:
	// curl -v -H 'Content-Type: application/json' --data '{"Username":"******","Password":"******"}' http://localhost:8080/_api/login
	http.Handle("/", muxer)
	log.Infof("Server now listening on %v", *addr)
	log.Fatal(http.ListenAndServe(*addr, nil))
}
Ejemplo n.º 2
0
func (d DefaultIndex) Open(name string) (http.File, error) {
	log.Infof("Request: %v", name)
	f, err := d.dir.Open(name)
	if err != nil {
		f, err = d.dir.Open("/index.html")
	}
	return f, err
}
Ejemplo n.º 3
0
func (h *LoginHandler) Post(ctx rest.Context) (int, interface{}) {
	log.Infof("Handling login request %q")
	ar := AuthRequest{}
	ctx.Deserialize(&ar)
	status := 200
	// Check for a cookie already present.
	c := getSessionCookie(ctx)
	if c == nil {
		c = &http.Cookie{}
		c.Name = authCookieName
		c.Value = simpleUUID4()
		// TODO(jwall): Session expiration?
		sess, err := h.ss.StartSession(c.Value)
		if err != nil {
			panic("Can't create user session. Something is very wrong!!!" + err.Error())
		}
		sess.Values[usernameKey] = ar.Username
		err = h.ss.Save(sess)
		if err != nil {
			panic("Can't save user session. Something is very wrong!!!" + err.Error())
		}
	} else {
		sess, err := h.ss.Get(c.Value)
		if err != nil || sess == nil {
			panic("Error Getting session " + err.Error())
		}
		if ar.Username != sess.Values[usernameKey].(string) {
			// Status 409 Conflict.
			// There is a conflict with the current session username
			// and the requested login username.
			return 409, nil
		}
	}
	if ok, err := ctx.Auth.Authenticate(ar.Username, ar.Password); ok {
		ctx.Header().Add("Set-Cookie", c.String())
	} else {
		log.Errorf("Unable to authenticate %q err %q", ar.Username, err)
		status = 403
	}
	return status, nil
}