Esempio n. 1
0
File: auth.go Progetto: jawr/wall
func New(db *pgstore.Store) httpHandler {
	str = db
	cfg := config.Get()
	sessionName = cfg.GetString("session_name")
	return func(h http.Handler) http.Handler {
		return http.HandlerFunc(
			func(w http.ResponseWriter, r *http.Request) {
				session, err := GetSession(r)
				if err != nil {
					log.Println("no session.")
					utils.Error(err, w)
					return
				}
				if t, ok := session.Values["expires"]; ok {
					if time.Now().Before(t.(time.Time)) {
						// authed
						var u users.User
						if _u, ok := session.Values["user"]; ok {
							u = _u.(users.User)
							w.Header().Set("X-User", u.ID)
						}
						w.Header().Set("X-Expires", t.(time.Time).Format("2006-01-02T15:04:05"))
						h.ServeHTTP(w, r)
						return
					}
				}
				h.ServeHTTP(w, r)

			},
		)
	}
}
Esempio n. 2
0
// create connection string uses config.json to create a conenction string. Warning, can panic
func CreateConnectionString() string {
	cfg := config.Get()
	user := cfg.GetString("db_pg_user")
	pass := cfg.GetString("db_pg_pass")
	name := cfg.GetString("db_pg_name")
	host := cfg.GetString("db_pg_host")
	port := cfg.GetInt("db_pg_port")
	if len(user+pass+name) == 0 {
		panic("error setup config file for database connection")
	}
	connStr := fmt.Sprintf("user=%s password=%s dbname=%s sslmode=disable",
		user,
		pass,
		name,
	)
	if len(host) > 0 {
		connStr += fmt.Sprintf(" host=%s", host)
	}
	if port > 0 {
		connStr += fmt.Sprintf(" port=%d", port)
	}
	return connStr
}
Esempio n. 3
0
File: rest.go Progetto: jawr/wall
func Start() error {
	cfg := config.Get()
	key := cfg.GetString("session_secret")

	connStr := connection.CreateConnectionString()
	sessionDB := pgstore.NewStore(connStr, []byte(key))
	defer sessionDB.Close()
	sessionDB.Options = &sessions.Options{
		Path: "/",
	}

	router := mux.NewRouter()
	sub := router.PathPrefix("/api/v1").Subrouter()
	links.Setup(sub)
	auth.Setup(sub)

	authoriser := auth.New(sessionDB)
	h := authoriser(router)

	log.Println("Starting rest service...")
	err := http.ListenAndServe("127.0.0.1:8100", h)
	log.Println("Stoping rest service...")
	return err
}
Esempio n. 4
0
File: auth.go Progetto: jawr/wall
func Auth(w http.ResponseWriter, r *http.Request) {
	var params = r.URL.Query()
	var code = params.Get("code")
	if len(code) == 0 {
		utils.Error(errors.New("No code supplied for auth."), w)
		return
	}

	cfg := config.Get()
	clientID := cfg.GetString("google_client_id")
	clientSecret := cfg.GetString("google_client_secret")
	conf := &oauth2.Config{
		ClientID:     clientID,
		ClientSecret: clientSecret,
		RedirectURL:  "postmessage",
		Scopes: []string{
			"https://www.googleapis.com/auth/plus.login",
			"https://www.googleapis.com/auth/plus.profile.emails.read",
		},
		Endpoint: google.Endpoint,
	}

	tok, err := conf.Exchange(oauth2.NoContext, code)
	if err != nil {
		utils.Error(errors.New("Unable to exchange code for a token."), w)
		return
	}

	if !tok.Valid() {
		// 401
		utils.Error(errors.New("Invalid token."), w)
		return
	}

	client := conf.Client(oauth2.NoContext, tok)
	service, err := plus.New(client)
	if err != nil {
		utils.Error(errors.New("Unable to create a transport client."), w)
		return
	}

	gplusID, err := decodeIDToken(tok.Extra("id_token").(string))
	if err != nil {
		utils.Error(errors.New("Unable to decode ID Token."), w)
		return
	}

	people := service.People.Get(gplusID)
	person, err := people.Do()
	if err != nil {
		log.Println(err)
		utils.Error(errors.New("Unable to get Google Plus profile"), w)
		return
	}

	user, err := users.GetByID(person.Id)
	if err != nil {
		user, err = users.New(person.DisplayName, person.Id)
		if err != nil {
			log.Println(err)
			utils.Error(errors.New("Unable to create new user in the database"), w)
			return
		}
	}

	log.Printf("Person: %+v\n", person)
	// logged in
	session, err := GetSession(r)
	if err != nil {
		log.Println(err)
		utils.Error(errors.New("Unable to get session."), w)
		return
	}
	session.Values["expires"] = time.Now().Add(time.Hour * 24)
	session.Values["user"] = user
	session.Options.MaxAge = 86400 * 30

	if err := str.Save(r, w, session); err != nil {
		log.Println(err)
		utils.Error(errors.New("Unable to save session."), w)
		return
	}

	utils.ToJSON(user, err, w)
}