func ExampleLogin() {
m := martini.Classic()
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
m.Use(oauth2.Google(
goauth2.Client("client_id", "client_secret"),
goauth2.RedirectURL("redirect_url"),
goauth2.Scope("https://www.googleapis.com/auth/drive"),
))
// Tokens are injected to the handlers
m.Get("/", func(tokens oauth2.Tokens) string {
if tokens.Expired() {
return "not logged in, or the access token is expired"
}
return "logged in"
})
// Routes that require a logged in user
// can be protected with oauth2.LoginRequired handler.
// If the user is not authenticated, they will be
// redirected to the login path.
m.Get("/restrict", oauth2.LoginRequired, func(tokens oauth2.Tokens) string {
return tokens.Access()
})
m.Run()
}
//InitRoutes - initialize the mappings for controllers against valid routes
func InitRoutes(m *martini.ClassicMartini, redisConn Doer, mongoConn pezdispenser.MongoCollectionGetter, authClient AuthRequestCreator) {
setOauthConfig()
keyGen := NewKeyGen(redisConn, &GUIDMake{})
m.Use(render.Renderer())
m.Use(martini.Static(StaticPath))
m.Use(oauth2.Google(OauthConfig))
authKey := NewAuthKeyV1(keyGen)
m.Get("/info", authKey.Get())
m.Get(ValidKeyCheck, NewValidateV1(keyGen).Get())
m.Get("/me", oauth2.LoginRequired, DomainCheck, NewMeController().Get())
m.Get("/", oauth2.LoginRequired, DomainCheck, func(params martini.Params, log *log.Logger, r render.Render, tokens oauth2.Tokens) {
userInfo := GetUserInfo(tokens)
r.HTML(SuccessStatus, "index", userInfo)
})
m.Post("/sandbox", oauth2.LoginRequired, DomainCheck, NewSandBoxController().Post())
m.Group(URLAuthBaseV1, func(r martini.Router) {
r.Put(APIKey, authKey.Put())
r.Get(APIKey, authKey.Get())
r.Delete(APIKey, authKey.Delete())
}, oauth2.LoginRequired, DomainCheck)
m.Group(URLOrgBaseV1, func(r martini.Router) {
pcfOrg := NewOrgController(mongoConn, authClient)
r.Put(OrgUser, pcfOrg.Put())
r.Get(OrgUser, pcfOrg.Get())
}, oauth2.LoginRequired, DomainCheck)
}
func NewAuthenticator(conf *Conf) Authenticator {
var authenticator Authenticator
if conf.Auth.Info.Service == "google" {
handler := oauth2.Google(&gooauth2.Options{
ClientID: conf.Auth.Info.ClientId,
ClientSecret: conf.Auth.Info.ClientSecret,
RedirectURL: conf.Auth.Info.RedirectURL,
Scopes: []string{"email"},
})
authenticator = &GoogleAuth{&BaseAuth{handler, conf}}
} else if conf.Auth.Info.Service == "github" {
handler := GithubGeneral(&gooauth2.Options{
ClientID: conf.Auth.Info.ClientId,
ClientSecret: conf.Auth.Info.ClientSecret,
RedirectURL: conf.Auth.Info.RedirectURL,
Scopes: []string{"read:org"},
}, conf)
authenticator = &GitHubAuth{&BaseAuth{handler, conf}}
} else {
panic("unsupported authentication method")
}
return authenticator
}
func (s *Server) Run() error {
m := martini.Classic()
m.Use(sessions.Sessions("session", sessions.NewCookieStore([]byte(s.Conf.Auth.Session.Key))))
m.Use(oauth2.Google(&gooauth2.Options{
ClientID: s.Conf.Auth.Google.ClientId,
ClientSecret: s.Conf.Auth.Google.ClientSecret,
RedirectURL: s.Conf.Auth.Google.RedirectURL,
Scopes: []string{"email"},
}))
m.Use(loginRequired())
m.Use(restrictDomain(s.Conf.Domain))
for i := range s.Conf.Proxies {
p := s.Conf.Proxies[i]
if strings.HasSuffix(p.Path, "/") == false {
p.Path += "/"
}
strip_path := p.Path
if strings.HasSuffix(p.Path, "**") == false {
p.Path += "**"
}
u, err := url.Parse(p.Dest)
if err != nil {
return err
}
proxy := httputil.NewSingleHostReverseProxy(u)
if p.Strip {
m.Any(p.Path, http.StripPrefix(strip_path, proxyHandleWrapper(u, proxy)))
} else {
m.Any(p.Path, proxyHandleWrapper(u, proxy))
}
log.Printf("register proxy path:%s dest:%s", strip_path, u.String())
}
path, err := filepath.Abs(s.Conf.Htdocs)
if err != nil {
return err
}
log.Printf("starting static file server for: %s", path)
fileServer := http.FileServer(http.Dir(path))
m.Get("/**", fileServer.ServeHTTP)
log.Printf("starting server at %s", s.Conf.Addr)
if s.Conf.SSL.Cert != "" && s.Conf.SSL.Key != "" {
return http.ListenAndServeTLS(s.Conf.Addr, s.Conf.SSL.Cert, s.Conf.SSL.Key, m)
} else {
return http.ListenAndServe(s.Conf.Addr, m)
}
}
// InitGoogle initializes Google endpoint for oauth2
func InitGoogle() {
m.Use(sessions.Sessions("tinycv", sessions.NewCookieStore([]byte("Eogoofie7aV0ouyae3ieBeefaij9mohj"))))
m.Use(martinioauth2.Google(
&oauth2.Config{
ClientID: "716025935670-v79abqso61n9loh6b6n9btktj73cb5qr.apps.googleusercontent.com",
ClientSecret: "7BiYjPxvKlkiQFJzVWqYNVqo",
Scopes: []string{"https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/userinfo.profile"},
RedirectURL: config.AppUrl + "/oauth2callback",
},
))
}
func NewServer(databaseName string) *martini.ClassicMartini {
m := martini.Classic()
c := config.GetConfig()
// Setup middleware
m.Use(db.DB(databaseName))
m.Use(render.Renderer())
m.Use(cors.Allow(&cors.Options{
AllowOrigins: []string{"http://localhost*"},
AllowMethods: []string{"POST", "GET"},
AllowHeaders: []string{"Origin"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
}))
// Google OAuth
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte(c.Cookie_Auth),
[]byte(c.Cookie_Enc))))
m.Use(oauth2.Google(
goauth2.Client(c.Client_Id, c.Client_Secret),
goauth2.RedirectURL(c.OAuth_Callback),
goauth2.Scope("email"),
))
// Static Assets
m.Use(martini.Static("frontend/dist"))
// Setup event routes
m.Get(`/events`, controllers.GetAllEvents)
m.Get(`/events/:id`, controllers.GetEvent)
m.Post(`/events`, binding.Json(models.Event{}), binding.ErrorHandler, controllers.AddEvent)
// Setup comment routes
m.Get(`/events/:event_id/comments`, controllers.GetAllComments)
m.Post(`/events/:event_id/comments`, binding.Json(models.Comment{}), binding.ErrorHandler, controllers.AddComment)
// User route for Oauth
m.Get(`/users`, oauth2.LoginRequired, controllers.GetLoggedInUser)
// TODO Update, Delete for events
//m.Put(`/events/:id`, UpdateEvent)
//m.Delete(`/events/:id`, DeleteEvent)
// Add the router action
return m
}
