func (s *server) index(res http.ResponseWriter, req *http.Request) { defer trace.End(trace.Begin("")) ctx := context.Background() sess, err := s.getSessionFromRequest(req) v := vicadmin.NewValidator(ctx, &vchConfig, sess) tmpl, err := template.ParseFiles("dashboard.html") err = tmpl.ExecuteTemplate(res, "dashboard.html", v) if err != nil { log.Errorf("Error parsing template: %s", err) } }
// renders the page for login and handles authorization requests func (s *server) loginPage(res http.ResponseWriter, req *http.Request) { defer trace.End(trace.Begin("")) ctx := context.Background() if req.Method == "POST" { // take the form data and use it to try to authenticate with vsphere // create a userconfig userconfig := session.Config{ Insecure: false, Thumbprint: rootConfig.Thumbprint, Keepalive: rootConfig.Keepalive, ClusterPath: rootConfig.ClusterPath, DatacenterPath: rootConfig.DatacenterPath, DatastorePath: rootConfig.DatastorePath, HostPath: rootConfig.Config.HostPath, PoolPath: rootConfig.PoolPath, } user := url.UserPassword(req.FormValue("username"), req.FormValue("password")) serviceURL, err := soap.ParseURL(rootConfig.Service) if err != nil { // this could happen for a number of reasons but most likely for a plain ol' auth failure log.Errorf("vSphere service URL was not a valid format; parsing returned error: %s", err) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } serviceURL.User = user userconfig.Service = serviceURL.String() // check login usersession, err := vSphereSessionGet(&userconfig) if err != nil || usersession == nil { // something went wrong or we could not authenticate log.Warnf("User %s from %s failed to authenticated at %s", user, req.RemoteAddr, time.Now()) http.Error(res, "Authentication failed due to incorrect credential(s)", 400) return } // successful login above; user is authenticated // log out, disregard errors usersession.Client.Logout(context.Background()) // create a token to save as an encrypted & signed cookie websession, err := s.uss.cookies.Get(req, sessionCookieKey) if websession == nil { log.Errorf("Web session object could not be created due to error %s", err) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } // save user config locally usersess := s.uss.Add(websession.ID, &userconfig) timeNow, err := usersess.created.MarshalText() if err != nil { log.Errorf("Failed to unmarshal time object %+v into text due to error: %s", usersess.created, err) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } websession.Values[sessionCreationTimeKey] = string(timeNow) websession.Values[sessionKey] = websession.ID remoteAddr := strings.SplitN(req.RemoteAddr, ":", 2) if len(remoteAddr) != 2 { // TODO: ctrl+f RemoteAddr and move this routine to helper log.Errorf("Format of IP address %s (should be IP:PORT) not recognized", req.RemoteAddr) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } websession.Values[ipAddressKey] = remoteAddr[0] if err := websession.Save(req, res); err != nil { log.Errorf("\"%s\" occurred while trying to save session to browser", err.Error()) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } // redirect to dashboard http.Redirect(res, req, "/", http.StatusTemporaryRedirect) return } // Render login page (shows up on non-POST requests): sess, err := client(&rootConfig) if err != nil { log.Errorf("Could not render login page due to vSphere connection error: %s", err.Error()) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } v := vicadmin.NewValidator(ctx, &vchConfig, sess) tmpl, err := template.ParseFiles("auth.html") err = tmpl.ExecuteTemplate(res, "auth.html", v) if err != nil { log.Errorf("Error parsing template: %s", err) http.Error(res, genericErrorMessage, http.StatusInternalServerError) return } }