コード例 #1
0
ファイル: record.go プロジェクト: elos/gaia
func ContextualizeRecordChangesGET(ctx context.Context, db data.DB, logger services.Logger) websocket.Handler {
	return func(ws *websocket.Conn) {
		defer ws.Close()

		l := logger.WithPrefix("ContextualizeRecordChangesGET: ")

		if err := ws.Request().ParseForm(); err != nil {
			l.Printf("error parsing form: %s", err)
			return
		}

		public := ws.Request().Form.Get(publicParam)
		private := ws.Request().Form.Get(privateParam)

		if public == "" || private == "" {
			l.Print("failed to retrieve credentials")
			return
		}

		cred, err := access.Authenticate(db, public, private)
		if err != nil {
			l.Print("failed to authenticate")
			return
		}

		if u, err := cred.Owner(db); err != nil {
			l.Print("error retrieving user: %s", err)
		} else {
			RecordChangesGET(user.NewContext(ctx, u), ws, db, logger)
		}
	}
}
コード例 #2
0
ファイル: command.go プロジェクト: elos/gaia
func ContextualizeCommandWebGET(ctx context.Context, db data.DB, logger services.Logger) websocket.Handler {
	return func(c *websocket.Conn) {

		if err := c.Request().ParseForm(); err != nil {
			logger.Print("Failure parsing form")
			return
		}

		public := c.Request().Form.Get("public")
		private := c.Request().Form.Get("private")

		if public == "" || private == "" {
			logger.Print("failed to retrieve credentials")
			return
		}

		cred, err := access.Authenticate(db, public, private)
		if err != nil {
			logger.Print("failed to auth")
			return
		}

		u, _ := cred.Owner(db)
		CommandWebGET(user.NewContext(ctx, u), c, logger, db)
	}
}
コード例 #3
0
ファイル: record.go プロジェクト: elos/gaia
// Authenticate checks a request's basic authentication, and associates a *models.User with the context
// if so. Otherwise it handles responding to and closing the request.
//
//		contextWithUser, authWasSuccessful := routes.Authenticate(ctx, w, r, logger, db)
//
// Use for any requests which expect to act on behalf of a user (which is most)
func Authenticate(ctx context.Context, w http.ResponseWriter, r *http.Request, l services.Logger, db services.DB) (context.Context, bool) {
	l = l.WithPrefix("routes.Authenticate: ")
	var (
		c   *models.Credential
		u   *models.User
		err error
	)

	public, private, ok := r.BasicAuth()
	if !ok {
		l.Printf("authentication reverting from basic auth to session")
		// assume std lib didn't make a mistake, and the BasicAuth simply wasn't given
		// fall back to cookie

		if sesh, err := session(r, db); err != nil {
			switch err {
			case http.ErrNoCookie:
				l.Printf("no session cookie")
			case data.ErrNotFound:
				l.Printf("session token not found")
			default:
				l.Printf("session(r, db) error: %s", err)
			}

			l.Printf("authentication reverting from cookie to form values")
			public, private = r.FormValue(publicParam), r.FormValue(privateParam)
		} else if sesh.Valid() {
			if u, err := sesh.Owner(db); err != nil {
				l.Printf("sesh.Owner(db) error: %s", err)
				public, private = r.FormValue(publicParam), r.FormValue(privateParam)
			} else {
				return user.NewContext(ctx, u), true
			}
		} else {
			l.Printf("session no longer valid")
			public, private = r.FormValue(publicParam), r.FormValue(privateParam)
		}
	}

	if c, err = access.Authenticate(db, public, private); err != nil {
		l.Printf("authentication of (%s, %s) failed: couldn't find credential: %s", public, private, err)
		goto unauthorized // this error is on us, but it manifests as a failure to authenticate
	}

	if u, err = c.Owner(db); err != nil {
		l.Printf("authentication failed: couldn't load user's owner: %s", err)
		goto unauthorized // this error is also on us, but also manifests as a failure to authenticate
	}

	// successful authentications
	return user.NewContext(ctx, u), true

	// rejection
unauthorized:
	http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
	return nil, false
}