Esempio n. 1
0
func byHeader(router *wcg.Router, configure func()) {
	router.Before(wcg.NewNamedHandler("HeaderAuth", func(res *wcg.Response, req *wcg.Request) {
		if !request.ByGuest(req) { // already authenticated
			req.Logger.Warnf("request.Authorize is called more than once.")
			return
		}
		// req.Logger.Infof("Token Authorization: %s", tokenString)
		if request.IsTask(req) {
			req.User = request.NewTaskUser(req)
		} else if request.IsCron(req) {
			req.User = request.CronUser
		} else {
			authorizeByAPIToken(req)
		}
	}))
	configure()
}
Esempio n. 2
0
func setupAPIUsers(app *server.App) {
	var API = app.API()

	API.GET("/me/",
		server.Handler(func(req *wcg.Request) response.Response {
			if req.User == nil || request.ByGuest(req) {
				return response.NewJSONResponse(nil)
			}
			return response.NewJSONResponse(req.User)
		}))

	API.POST("/me/gates/",
		server.Handler(func(req *wcg.Request) response.Response {
			keys := strings.Split(req.Form("keys"), ",")
			result := gates.EvalKeys(req, keys...)
			return response.NewJSONResponse(result)
		}))
}
Esempio n. 3
0
func bySession(router *wcg.Router, configure func()) {
	fbconfig := facebook.NewAuthConfig("dummy", "dumyy", "")
	fbconfig.RedirectURL = "/login/facebook/callback"
	fbconfig.ContextFactory = func(res *wcg.Response, req *wcg.Request) context.Context {
		return gae.NewContext(req)
	}
	fbconfig.UnauthorizedHandler = wcg.AnonymousHandler(func(res *wcg.Response, req *wcg.Request) {
		res.TemplatesWithStatus(401, nil, "permrejected.html", "header.html", "footer.html")
	})
	fbconfig.AuthorizedHandler = wcg.AnonymousHandler(func(res *wcg.Response, req *wcg.Request) {
		ref, _ := req.Session.Get("LoginRef")
		if ref != "" && strings.HasPrefix(ref, "/") {
			res.Redirect(wcg.AbsoluteURL(req, ref), http.StatusFound)
		} else {
			res.Redirect("/", http.StatusFound)
		}
	})
	fbconfig.InvalidatedHandler = wcg.AnonymousHandler(func(res *wcg.Response, req *wcg.Request) {
		req.Logger.Debugf("Guest user access.")
	})
	fbconfig.Scopes = []string{}
	fbauth, fbcallback, fbvalidates, fblogout := middleware.OAuth2(fbconfig)

	// set routes
	router.Before(wcg.NewNamedHandler("facebook.validate", func(res *wcg.Response, req *wcg.Request) {
		if !request.ByGuest(req) { // already authenticated
			return
		}
		if req.Session == nil {
			return
		}
		// Check the fbconfig from ServerConfig
		fbapp := configs.GetMultiValues(
			req,
			"facebook_app_id",
			"facebook_app_secret",
			"facebook_page_id",
		)
		if fbapp[0] != "" && fbapp[1] != "" {
			fbconfig.ClientID = fbapp[0]
			fbconfig.ClientSecret = fbapp[1]
			fbvalidates.Process(res, req)
		}
	}))

	router.GET("/login/facebook", wcg.NewNamedHandler("facebook.login.auth", func(res *wcg.Response, req *wcg.Request) {
		if !isFBConfigured(fbconfig) {
			return
		}
		req.Session.Set("LoginRef", req.Query("ref"))
		fbauth.Process(res, req)
	}))

	router.GET("/login/facebook/callback", wcg.NewNamedHandler("facebook.login.callback", func(res *wcg.Response, req *wcg.Request) {
		if !isFBConfigured(fbconfig) {
			return
		}
		fbcallback.Process(res, req)
	}))

	router.POST("/logout/facebook", wcg.NewNamedHandler("facebook.logout", func(res *wcg.Response, req *wcg.Request) {
		if !isFBConfigured(fbconfig) {
			return
		}
		fblogout.Process(res, req)
		res.Redirect("/", http.StatusFound)
	}))

	configure()
}