func SetupAuth(martini *martini.ClassicMartini) {
os.Mkdir(backendfile, 0755)
backend_, err := httpauth.NewLeveldbAuthBackend(backendfile)
if err != nil {
log.Fatal(err.Error())
}
backend = backend_
roles = make(map[string]httpauth.Role)
roles["user"] = 30
roles["admin"] = 80
aaa, err = httpauth.NewAuthorizer(backend, []byte("cookie-encryption-key"), "user", roles)
if err != nil {
log.Fatal(err.Error())
}
users, err := backend.Users()
if err != nil || len(users) == 0 {
// create a default user
hash, err := bcrypt.GenerateFromPassword([]byte("toor"), bcrypt.DefaultCost)
//hash, err := bcrypt.GenerateFromPassword([]byte("l4ngu4g3"), bcrypt.DefaultCost)
if err != nil {
panic(err)
}
defaultUser := httpauth.UserData{Username: "******", Email: "", Hash: hash, Role: "admin"}
//defaultUser := httpauth.UserData{Username: "******", Email: "", Hash: hash, Role: "admin"}
err = backend.SaveUser(defaultUser)
if err != nil {
panic(err)
}
}
martini.Post("/auth/login", doLogin)
martini.Get("/auth/logout", doLogout)
martini.Get("/auth/token", doGetToken)
martini.Post("/auth/user", AssertRole("admin"), doAddUser)
martini.Get("/auth/currentuser", doGetCurrentUser)
martini.Get("/auth/user", AssertRole("admin"), doGetUsers)
martini.Get("/auth/user/:username", AssertRole("admin"), doGetUser)
martini.Put("/auth/user/:username", AssertRole("admin"), doUpdateUser)
martini.Delete("/auth/user/:username", AssertRole("admin"), doDeleteUser)
martini.Post("/auth/user/:username/allow", AssertRole("admin"), doAllow)
martini.Post("/auth/user/:username/forbid", AssertRole("admin"), doForbid)
}
func main() {
var err error
os.Mkdir(backendfile, 0755)
defer os.Remove(backendfile)
// create the backend
backend, err = httpauth.NewLeveldbAuthBackend(backendfile)
if err != nil {
panic(err)
}
// create some default roles
roles = make(map[string]httpauth.Role)
roles["user"] = 30
roles["admin"] = 80
aaa, err = httpauth.NewAuthorizer(backend, []byte("cookie-encryption-key"), "user", roles)
// create a default user
hash, err := bcrypt.GenerateFromPassword([]byte("adminadmin"), bcrypt.DefaultCost)
if err != nil {
panic(err)
}
defaultUser := httpauth.UserData{Username: "******", Email: "admin@localhost", Hash: hash, Role: "admin"}
err = backend.SaveUser(defaultUser)
if err != nil {
panic(err)
}
// set up routers and route handlers
r := mux.NewRouter()
r.HandleFunc("/login", getLogin).Methods("GET")
r.HandleFunc("/register", postRegister).Methods("POST")
r.HandleFunc("/login", postLogin).Methods("POST")
r.HandleFunc("/admin", handleAdmin).Methods("GET")
r.HandleFunc("/add_user", postAddUser).Methods("POST")
r.HandleFunc("/change", postChange).Methods("POST")
r.HandleFunc("/", handlePage).Methods("GET") // authorized page
r.HandleFunc("/logout", handleLogout)
http.Handle("/", r)
fmt.Printf("Server running on port %d\n", port)
http.ListenAndServe(fmt.Sprintf(":%d", port), nil)
}
