func getAllApps(ctx context.Context, w http.ResponseWriter, r *http.Request) { userID, _ := util.GetUserIDFromContext(ctx) apps, err := data.DB.App.FindAllApps(userID) if err != nil { utils.Respond(w, 400, err) } else { utils.Respond(w, 200, apps) } }
func removeApp(ctx context.Context, w http.ResponseWriter, r *http.Request) { userID, _ := util.GetUserIDFromContext(ctx) appID, _ := util.GetParamValueAsID(ctx, "appID") err := data.DB.App.RemoveApp(appID, userID) if err == nil { utils.Respond(w, 200, nil) } else { utils.Respond(w, 400, err) } }
func createApp(ctx context.Context, w http.ResponseWriter, r *http.Request) { createAppReq := ctx.Value(constants.CtxKeyParsedBody).(*createAppRequest) app, err := data.DB.App.CreateNewApp(1, *createAppReq.Name) if err == nil { utils.Respond(w, 200, app) } else { utils.Respond(w, 400, err) } }
func updateApp(ctx context.Context, w http.ResponseWriter, r *http.Request) { userID, _ := util.GetUserIDFromContext(ctx) appID, _ := util.GetParamValueAsID(ctx, "appID") updateAppReq := ctx.Value(constants.CtxKeyParsedBody).(*updateAppRequest) err := data.DB.App.UpdateApp(appID, updateAppReq.Name, updateAppReq.PublicKey, updateAppReq.PrivateKey, updateAppReq.Private, userID) if err == nil { utils.Respond(w, 200, nil) } else { utils.Respond(w, 400, err) } }
func createRelease(ctx context.Context, w http.ResponseWriter, r *http.Request) { //get userID and appID userID, _ := util.GetUserIDFromContext(ctx) appID, _ := util.GetParamValueAsID(ctx, "appID") //grabing release request createReleaseReq := ctx.Value(constants.CtxKeyParsedBody).(*createReleaseRequest) //try to create release and return created release record release, err := data.DB.Release.CreateRelease(*createReleaseReq.Version, *createReleaseReq.Platform, createReleaseReq.Note, userID, appID) if err == nil { utils.Respond(w, 200, release) } else { utils.Respond(w, 400, err) } }
func (ja *JwtAuth) Handle(paramAliases ...string) func(chi.Handler) chi.Handler { return func(next chi.Handler) chi.Handler { hfn := func(ctx context.Context, w http.ResponseWriter, r *http.Request) { var tokenStr string var err error // Get token from query params tokenStr = r.URL.Query().Get("jwt") // Get token from other query param aliases if tokenStr == "" && paramAliases != nil && len(paramAliases) > 0 { for _, p := range paramAliases { tokenStr = r.URL.Query().Get(p) if tokenStr != "" { break } } } // Get token from authorization header if tokenStr == "" { bearer := r.Header.Get("Authorization") if len(bearer) > 7 && strings.ToUpper(bearer[0:6]) == "BEARER" { tokenStr = bearer[7:] } } // Get token from cookie if tokenStr == "" { cookie, err := r.Cookie("jwt") if err == nil { tokenStr = cookie.Value } } // Token is required, cya if tokenStr == "" { err = errUnauthorized } // Verify the token token, err := ja.Decode(tokenStr) if err != nil || !token.Valid || token.Method != ja.signer { utils.Respond(w, 401, errUnauthorized) return } ctx = context.WithValue(ctx, "jwt", token.Raw) ctx = context.WithValue(ctx, "jwt.token", token) next.ServeHTTPC(ctx, w, r) } return chi.HandlerFunc(hfn) } }
//BodyParser loads builder with maxSize and tries to load the message. //if for some reason it can't parse the message, it will return an error. //if successful, it will put the processed data into context with key 'json_body' func BodyParser(builder func() interface{}, maxSize int64) func(chi.Handler) chi.Handler { return func(next chi.Handler) chi.Handler { return chi.HandlerFunc(func(ctx context.Context, w http.ResponseWriter, r *http.Request) { to := builder() if err := utils.StreamJSONToStructWithLimit(r.Body, to, maxSize); err != nil { utils.Respond(w, 422, err) return } //check for required fields if err := utils.JSONValidation(to); err != nil { utils.Respond(w, 400, err) return } ctx = context.WithValue(ctx, constants.CtxKeyParsedBody, to) next.ServeHTTPC(ctx, w, r) }) } }
func acceptAppToken(ctx context.Context, w http.ResponseWriter, r *http.Request) { userID, _ := util.GetUserIDFromContext(ctx) appID, _ := util.GetParamValueAsID(ctx, "appID") appTokenReq := ctx.Value(constants.CtxKeyParsedBody).(*appTokenRequest) //decode jwt token token, err := security.TokenAuth.Decode(*appTokenReq.Token) if err != nil || !token.Valid { utils.RespondEx(w, nil, 401, errors.ErrorAuthorizeAccess) return } tokenAppID, err := strconv.ParseInt(token.Claims["app_id"].(string), 10, 64) if err != nil || tokenAppID != appID { utils.RespondEx(w, nil, 402, errors.ErrorAuthorizeAccess) return } tokenPermission, err := data.GetPermissionByName(token.Claims["permission"].(string)) if err != nil || tokenPermission == data.ANONYMOUSE { utils.RespondEx(w, nil, 403, errors.ErrorAuthorizeAccess) return } //check if user has already have an access if data.DB.App.HasPermission(appID, userID, data.ADMIN, data.OWNER, data.MEMBER) { utils.RespondEx(w, nil, 404, errors.ErrorAlreadyAcceessed) return } //try to grand access to app with authorized permission if !data.DB.App.GrantAccess(appID, userID, tokenPermission) { utils.RespondEx(w, nil, 405, errors.ErrorAppNotFound) return } utils.Respond(w, 200, nil) }
func logout(ctx context.Context, w http.ResponseWriter, r *http.Request) { security.RemoveJwtCookie(w) utils.Respond(w, 200, nil) }