Esempio n. 1
0
func SetupAuth(martini *martini.ClassicMartini) {
	os.Mkdir(backendfile, 0755)
	backend_, err := httpauth.NewLeveldbAuthBackend(backendfile)
	if err != nil {
		log.Fatal(err.Error())
	}
	backend = backend_

	roles = make(map[string]httpauth.Role)
	roles["user"] = 30
	roles["admin"] = 80

	aaa, err = httpauth.NewAuthorizer(backend, []byte("cookie-encryption-key"), "user", roles)
	if err != nil {
		log.Fatal(err.Error())
	}

	users, err := backend.Users()
	if err != nil || len(users) == 0 {
		// create a default user
		hash, err := bcrypt.GenerateFromPassword([]byte("toor"), bcrypt.DefaultCost)
		//hash, err := bcrypt.GenerateFromPassword([]byte("l4ngu4g3"), bcrypt.DefaultCost)
		if err != nil {
			panic(err)
		}
		defaultUser := httpauth.UserData{Username: "******", Email: "", Hash: hash, Role: "admin"}
		//defaultUser := httpauth.UserData{Username: "******", Email: "", Hash: hash, Role: "admin"}
		err = backend.SaveUser(defaultUser)
		if err != nil {
			panic(err)
		}
	}

	martini.Post("/auth/login", doLogin)
	martini.Get("/auth/logout", doLogout)
	martini.Get("/auth/token", doGetToken)

	martini.Post("/auth/user", AssertRole("admin"), doAddUser)

	martini.Get("/auth/currentuser", doGetCurrentUser)
	martini.Get("/auth/user", AssertRole("admin"), doGetUsers)
	martini.Get("/auth/user/:username", AssertRole("admin"), doGetUser)

	martini.Put("/auth/user/:username", AssertRole("admin"), doUpdateUser)
	martini.Delete("/auth/user/:username", AssertRole("admin"), doDeleteUser)
	martini.Post("/auth/user/:username/allow", AssertRole("admin"), doAllow)
	martini.Post("/auth/user/:username/forbid", AssertRole("admin"), doForbid)

}
Esempio n. 2
0
func main() {
	var err error
	os.Mkdir(backendfile, 0755)
	defer os.Remove(backendfile)

	// create the backend
	backend, err = httpauth.NewLeveldbAuthBackend(backendfile)
	if err != nil {
		panic(err)
	}

	// create some default roles
	roles = make(map[string]httpauth.Role)
	roles["user"] = 30
	roles["admin"] = 80
	aaa, err = httpauth.NewAuthorizer(backend, []byte("cookie-encryption-key"), "user", roles)

	// create a default user
	hash, err := bcrypt.GenerateFromPassword([]byte("adminadmin"), bcrypt.DefaultCost)
	if err != nil {
		panic(err)
	}
	defaultUser := httpauth.UserData{Username: "******", Email: "admin@localhost", Hash: hash, Role: "admin"}
	err = backend.SaveUser(defaultUser)
	if err != nil {
		panic(err)
	}

	// set up routers and route handlers
	r := mux.NewRouter()
	r.HandleFunc("/login", getLogin).Methods("GET")
	r.HandleFunc("/register", postRegister).Methods("POST")
	r.HandleFunc("/login", postLogin).Methods("POST")
	r.HandleFunc("/admin", handleAdmin).Methods("GET")
	r.HandleFunc("/add_user", postAddUser).Methods("POST")
	r.HandleFunc("/change", postChange).Methods("POST")
	r.HandleFunc("/", handlePage).Methods("GET") // authorized page
	r.HandleFunc("/logout", handleLogout)

	http.Handle("/", r)
	fmt.Printf("Server running on port %d\n", port)
	http.ListenAndServe(fmt.Sprintf(":%d", port), nil)
}