func GetCv(w http.ResponseWriter, r *http.Request) { r.ParseForm() w.WriteHeader(200) w.Header().Set("Content-Type", "text/html; charset=utf-8") attrMap := request.GenerateBasicAttrMap(w, r) loginName := attrMap[request.LOGIN_NAME_KEY] base.Logger().Infoln(request.GetRequestInfo(r)) auth_code := r.FormValue(request.AUTH_CODE) base.Logger().Infof("Getting CV by user '%s' with input '%s'...\n", loginName, auth_code) pass, err := request.VerifyAuthCode(auth_code) if err != nil { base.Logger().Errorf("Occur error when verify auth code: %s\n", err) // w.WriteHeader(500) fmt.Fprintln(w, "Error: Something wrong when verify auth code!") return } if !pass { base.Logger().Warnf("Unauthorized CV getting by user '%s' with input '%s'.\n", loginName, auth_code) // w.WriteHeader(401) fmt.Fprintln(w, "FAIL: Wrong authorization code.") return } cvContent, err := base.GetCvContent() if err != nil { base.Logger().Errorf("Occur error when get cv content: %s.\n", err) // w.WriteHeader(500) fmt.Fprintln(w, "Error: Something wrong when get CV content!") return } fmt.Fprintln(w, cvContent) base.Logger().Infof("The CV had taken by user '%s' with input '%s'.\n", loginName, auth_code) }
func Upload(w http.ResponseWriter, r *http.Request) { base.Logger().Infoln(request.GetRequestInfo(r)) if r.Method == "GET" { token := r.Form.Get("token") t, _ := template.ParseFiles(request.GeneratePagePath("upload")) err := t.Execute(w, token) if err != nil { base.Logger().Errorln("PageWriteErr:", err) } } else { r.ParseMultipartForm(32 << 20) file, handler, err := r.FormFile("uploadfile") if err != nil { base.Logger().Errorln("UploadFileParsError:", err) return } defer file.Close() fmt.Fprintf(w, "%v", handler.Header) var buffer bytes.Buffer buffer.WriteString(os.TempDir()) buffer.WriteString("/") buffer.WriteString(handler.Filename) tempFilePath := buffer.String() f, err := os.OpenFile(tempFilePath, os.O_WRONLY|os.O_CREATE, 0666) if err != nil { base.Logger().Errorln(err) return } defer f.Close() base.Logger().Infoln("Receive a file & save to %s ...\n", tempFilePath) io.Copy(f, file) go request.DeleteTempFile(time.Duration(time.Minute*5), tempFilePath) } }
func Register(w http.ResponseWriter, r *http.Request) { r.ParseForm() base.Logger().Infoln(request.GetRequestInfo(r)) if r.Method == "GET" { attrMap := request.GenerateBasicAttrMap(w, r) encodedHint := r.FormValue("hint") if len(encodedHint) > 0 { hint := request.UrlDecoding(encodedHint) attrMap["hint"] = hint } t, _ := template.ParseFiles(request.GeneratePagePath("register")) err := t.Execute(w, attrMap) if err != nil { base.Logger().Errorln("PageWriteErr:", err) } } else { fieldMap, invalidFields := request.VerifyRegisterForm(r) base.Logger().Infoln("The field map:", fieldMap) if len(invalidFields) > 0 { hint := fmt.Sprintln("There are some invalid fields of '':", invalidFields, ".") base.Logger().Infoln(hint) encodedHint := request.UrlEncoding(hint) redirectUrl := "/register?hint=" + encodedHint http.Redirect(w, r, redirectUrl, http.StatusFound) } else { http.Redirect(w, r, "/", http.StatusFound) } } }
func RequestDispatcher(w http.ResponseWriter, r *http.Request) { r.ParseForm() base.Logger().Infoln(request.GetRequestInfo(r)) attrMap := request.GenerateBasicAttrMap(w, r) currentPage := r.FormValue("page") if len(currentPage) == 0 { currentPage = base.HOME_PAGE } pageRightsTag := attrMap[currentPage] if pageRightsTag != "true" { currentPage = base.HOME_PAGE } t := template.New("welcome page") t.Funcs(template.FuncMap{ "equal": request.SimpleEqual, "match": request.MatchString, "allTrue": request.AllTrue, }) t, err := t.ParseFiles(request.GeneratePagePath(currentPage), request.GeneratePagePath("common"), request.GeneratePagePath("navbar")) if err != nil { base.Logger().Errorln("ParseFilesErr:", err) } attrMap["currentPage"] = currentPage err = t.ExecuteTemplate(w, "page", attrMap) if err != nil { base.Logger().Errorln("ExecuteTemplateErr:", err) } recordPageAccessInfo(currentPage, attrMap[request.LOGIN_NAME_KEY], uint64(1)) }
func GetAuthCodeForAdmin(w http.ResponseWriter, r *http.Request) { hj, ok := w.(http.Hijacker) if !ok { errorMsg := "The Web Server does not support Hijacking! " http.Error(w, errorMsg, http.StatusInternalServerError) go_lib.LogErrorf(errorMsg) return } conn, bufrw, err := hj.Hijack() if err != nil { errorMsg := "Internal error!" http.Error(w, errorMsg, http.StatusInternalServerError) go_lib.LogErrorf(errorMsg+" Hijacking Error: %s\n", err) return } defer conn.Close() r.ParseForm() reqType := r.FormValue("type") go_lib.LogInfoln(request.GetRequestInfo(r)) attrMap := request.GenerateBasicAttrMap(w, r) loginName := attrMap[request.LOGIN_NAME_KEY] groupName := attrMap[request.GROUP_NAME_KEY] parameterOutline := fmt.Sprintf("[loginName=%s, groupName=%s, reqType=%s]", loginName, groupName, reqType) if groupName != rights.ADMIN_USER_GROUP_NAME { errorMsg := "Authentication failed!" http.Error(w, errorMsg, http.StatusForbidden) go_lib.LogErrorf(errorMsg+" [auth code push handler] %s \n", parameterOutline) return } if reqType != "lp" { currentAuthCode, err := request.GetCurrentAuthCode() if err != nil { go_lib.LogErrorf("GetCurrentAuthCodeError: %s\n", err) } go_lib.LogInfof("Push current auth code '%s' %s \n", currentAuthCode, parameterOutline) done := pushResponse(bufrw, currentAuthCode) if !done { go_lib.LogErrorf("Pushing current auth code '%s' is failing! %s \n", currentAuthCode, parameterOutline) } } else { nacChan := make(chan string) triggerFunc := func(newAuthCode string) { nacChan <- newAuthCode } triggerId := fmt.Sprintf("long-polling|%s|%s|%d", loginName, groupName, time.Now().UnixNano()) request.AddNewAuthCodeTrigger(triggerId, triggerFunc) defer request.DelNewAuthCodeTrigger(triggerId) newAuthCode := <-nacChan // wait for new auth code generating go_lib.LogInfof("Push new auth code '%s' %s \n", newAuthCode, parameterOutline) done := pushResponse(bufrw, newAuthCode) if !done { go_lib.LogErrorf("Pushing new auth code '%s' is failing! %s \n", newAuthCode, parameterOutline) } } defer go_lib.LogInfof("The auth code push handler will be close. %s \n", parameterOutline) }
func GetUserListForAdmin(w http.ResponseWriter, r *http.Request) { hj, ok := w.(http.Hijacker) if !ok { errorMsg := "The Web Server does not support Hijacking! " http.Error(w, errorMsg, http.StatusInternalServerError) go_lib.LogErrorf(errorMsg) return } conn, bufrw, err := hj.Hijack() if err != nil { errorMsg := "Internal error!" http.Error(w, errorMsg, http.StatusInternalServerError) go_lib.LogErrorf(errorMsg+" Hijacking Error: %s\n", err) return } defer conn.Close() r.ParseForm() go_lib.LogInfoln(request.GetRequestInfo(r)) attrMap := request.GenerateBasicAttrMap(w, r) loginName := attrMap[request.LOGIN_NAME_KEY] groupName := attrMap[request.GROUP_NAME_KEY] parameterOutline := fmt.Sprintf("[loginName=%s, groupName=%s]", loginName, groupName) if groupName != rights.ADMIN_USER_GROUP_NAME { errorMsg := "Authentication failed!" http.Error(w, errorMsg, http.StatusForbidden) go_lib.LogErrorf(errorMsg+" [user list handler] %s \n", parameterOutline) return } var respBuffer bytes.Buffer users, err := rights.FindUser("*") if err != nil { go_lib.LogErrorf("FindUserError: %s\n", err) } else { b, err := json.Marshal(users) if err != nil { go_lib.LogErrorf("JsonMarshalError (source=%v): %s\n", users, err) } else { respBuffer.WriteString(string(b)) } } resp := respBuffer.String() done := pushResponse(bufrw, resp) if !done { go_lib.LogErrorf("Pushing user list '%s' is failing! %s \n", resp, parameterOutline) } }
func Logout(w http.ResponseWriter, r *http.Request) { r.ParseForm() base.Logger().Infoln(request.GetRequestInfo(r)) hmSession, err := session.GetMatchedSession(w, r) if err != nil { base.Logger().Errorln("GetSessionErr:", err) } if hmSession != nil { loginName, err := hmSession.Get(session.SESSION_GRANTORS_KEY) if err != nil { base.Logger().Errorln("GetLoginNameErr:", err) } done, err := hmSession.Destroy() if err != nil { base.Logger().Errorln("DestroySessionErr:", err) } else { base.Logger().Infof("Logout: User '%s' logout. (result=%v)\n", loginName, done) } } else { base.Logger().Infoln("Logout: Current visitor has yet login.\n") } http.Redirect(w, r, "/", http.StatusFound) }
func Login(w http.ResponseWriter, r *http.Request) { r.ParseForm() base.Logger().Infoln(request.GetRequestInfo(r)) attrMap := request.GenerateBasicAttrMap(w, r) loginName := attrMap[request.LOGIN_NAME_KEY] if r.Method == "GET" { token := request.GenerateToken(r, loginName) base.Logger().Infof("Token: %v\n", token) request.SaveToken(token) attrMap := request.GenerateBasicAttrMap(w, r) attrMap[request.TOKEN_KEY] = token.Key hint := r.FormValue(request.HINT_KEY) if len(hint) > 0 { attrMap[request.HINT_KEY] = hint } t, err := template.ParseFiles(request.GeneratePagePath("login"), request.GeneratePagePath("common")) if err != nil { base.Logger().Errorln("TemplateParseErr:", err) } err = t.ExecuteTemplate(w, "page", attrMap) if err != nil { base.Logger().Errorln("PageWriteErr:", err) } } else { r.ParseForm() tokenKey := r.Form.Get(request.TOKEN_KEY) base.Logger().Infoln("Token Key:", tokenKey) validToken := request.CheckToken(tokenKey) if !validToken { base.Logger().Warnf("Invalid token key '%s' ! Ignore the login request.", tokenKey) r.Method = "GET" http.Redirect(w, r, r.URL.Path, http.StatusFound) return } else { request.RemoveToken(tokenKey) } loginName = template.HTMLEscapeString(r.Form.Get(request.LOGIN_NAME_KEY)) base.Logger().Infoln("login - loginName:", loginName) password := template.HTMLEscapeString(r.Form.Get(request.PASSWORD_KEY)) base.Logger().Infoln("login - password:"******"remember-me") base.Logger().Infoln("login - remember-me:", rememberMe) validLogin, err := rights.VerifyUser(loginName, password) base.Logger().Infoln("Verify user:"******"/" if err != nil { base.Logger().Errorf("VerifyUserError (loginName=%s): %s\n", loginName, err) redirectPath = r.URL.Path } else { if validLogin { longTerm := len(rememberMe) == 0 || rememberMe != "y" _, err = session.NewSession(loginName, longTerm, w, r) if err != nil { base.Logger().Errorf("SetSessionError (loginName=%s): %s\n", loginName, err) } } else { hint := "Wrong login name or password." redirectPath = request.AppendParameter(r.URL.Path, map[string]string{request.HINT_KEY: hint}) } } base.Logger().Infof("RPATH: %s\n", redirectPath) http.Redirect(w, r, redirectPath, http.StatusFound) } }