Exemple #1
0
func (s *server) index(res http.ResponseWriter, req *http.Request) {
	defer trace.End(trace.Begin(""))
	ctx := context.Background()
	sess, err := s.getSessionFromRequest(req)
	v := vicadmin.NewValidator(ctx, &vchConfig, sess)

	tmpl, err := template.ParseFiles("dashboard.html")
	err = tmpl.ExecuteTemplate(res, "dashboard.html", v)
	if err != nil {
		log.Errorf("Error parsing template: %s", err)
	}
}
Exemple #2
0
// renders the page for login and handles authorization requests
func (s *server) loginPage(res http.ResponseWriter, req *http.Request) {
	defer trace.End(trace.Begin(""))
	ctx := context.Background()
	if req.Method == "POST" {
		// take the form data and use it to try to authenticate with vsphere

		// create a userconfig
		userconfig := session.Config{
			Insecure:       false,
			Thumbprint:     rootConfig.Thumbprint,
			Keepalive:      rootConfig.Keepalive,
			ClusterPath:    rootConfig.ClusterPath,
			DatacenterPath: rootConfig.DatacenterPath,
			DatastorePath:  rootConfig.DatastorePath,
			HostPath:       rootConfig.Config.HostPath,
			PoolPath:       rootConfig.PoolPath,
		}
		user := url.UserPassword(req.FormValue("username"), req.FormValue("password"))
		serviceURL, err := soap.ParseURL(rootConfig.Service)
		if err != nil {
			// this could happen for a number of reasons but most likely for a plain ol' auth failure
			log.Errorf("vSphere service URL was not a valid format; parsing returned error: %s", err)
			http.Error(res, genericErrorMessage, http.StatusInternalServerError)
			return
		}

		serviceURL.User = user
		userconfig.Service = serviceURL.String()

		// check login
		usersession, err := vSphereSessionGet(&userconfig)
		if err != nil || usersession == nil {
			// something went wrong or we could not authenticate
			log.Warnf("User %s from %s failed to authenticated at %s", user, req.RemoteAddr, time.Now())
			http.Error(res, "Authentication failed due to incorrect credential(s)", 400)
			return
		}

		// successful login above; user is authenticated
		// log out, disregard errors
		usersession.Client.Logout(context.Background())

		// create a token to save as an encrypted & signed cookie
		websession, err := s.uss.cookies.Get(req, sessionCookieKey)
		if websession == nil {
			log.Errorf("Web session object could not be created due to error %s", err)
			http.Error(res, genericErrorMessage, http.StatusInternalServerError)
			return
		}

		// save user config locally
		usersess := s.uss.Add(websession.ID, &userconfig)

		timeNow, err := usersess.created.MarshalText()
		if err != nil {
			log.Errorf("Failed to unmarshal time object %+v into text due to error: %s", usersess.created, err)
			http.Error(res, genericErrorMessage, http.StatusInternalServerError)
			return
		}

		websession.Values[sessionCreationTimeKey] = string(timeNow)
		websession.Values[sessionKey] = websession.ID

		remoteAddr := strings.SplitN(req.RemoteAddr, ":", 2)
		if len(remoteAddr) != 2 { // TODO: ctrl+f RemoteAddr and move this routine to helper
			log.Errorf("Format of IP address %s (should be IP:PORT) not recognized", req.RemoteAddr)
			http.Error(res, genericErrorMessage, http.StatusInternalServerError)
			return
		}
		websession.Values[ipAddressKey] = remoteAddr[0]

		if err := websession.Save(req, res); err != nil {
			log.Errorf("\"%s\" occurred while trying to save session to browser", err.Error())
			http.Error(res, genericErrorMessage, http.StatusInternalServerError)
			return
		}

		// redirect to dashboard
		http.Redirect(res, req, "/", http.StatusTemporaryRedirect)
		return
	}

	// Render login page (shows up on non-POST requests):
	sess, err := client(&rootConfig)
	if err != nil {
		log.Errorf("Could not render login page due to vSphere connection error: %s", err.Error())
		http.Error(res, genericErrorMessage, http.StatusInternalServerError)
		return
	}
	v := vicadmin.NewValidator(ctx, &vchConfig, sess)
	tmpl, err := template.ParseFiles("auth.html")
	err = tmpl.ExecuteTemplate(res, "auth.html", v)
	if err != nil {
		log.Errorf("Error parsing template: %s", err)
		http.Error(res, genericErrorMessage, http.StatusInternalServerError)
		return
	}
}