// WebServer starts the web server and serves GET & POST requests
func (u *Uchiwa) WebServer(publicPath *string, auth auth.Config) {
// private endpoints
http.Handle("/delete_client", auth.Authenticate(http.HandlerFunc(u.deleteClientHandler)))
http.Handle("/get_aggregate", auth.Authenticate(http.HandlerFunc(u.getAggregateHandler)))
http.Handle("/get_aggregate_by_issued", auth.Authenticate(http.HandlerFunc(u.getAggregateByIssuedHandler)))
http.Handle("/get_client", auth.Authenticate(http.HandlerFunc(u.getClientHandler)))
http.Handle("/get_config", auth.Authenticate(http.HandlerFunc(u.getConfigHandler)))
http.Handle("/get_sensu", auth.Authenticate(http.HandlerFunc(u.getSensuHandler)))
http.Handle("/post_event", auth.Authenticate(http.HandlerFunc(u.postEventHandler)))
http.Handle("/stashes", auth.Authenticate(http.HandlerFunc(u.stashHandler)))
http.Handle("/stashes/delete", auth.Authenticate(http.HandlerFunc(u.stashDeleteHandler)))
// static files
http.Handle("/", http.FileServer(http.Dir(*publicPath)))
// public endpoints
http.Handle("/config/auth", http.HandlerFunc(u.configAuthHandler))
http.Handle("/health", http.HandlerFunc(u.healthHandler))
http.Handle("/health/", http.HandlerFunc(u.healthHandler))
http.Handle("/login", auth.GetIdentification())
listen := fmt.Sprintf("%s:%d", u.Config.Uchiwa.Host, u.Config.Uchiwa.Port)
logger.Infof("Uchiwa is now listening on %s", listen)
logger.Fatal(http.ListenAndServe(listen, nil))
}
// WebServer starts the web server and serves GET & POST requests
func WebServer(config *Config, publicPath *string) {
if config.Uchiwa.User != "" && config.Uchiwa.Pass != "" {
http.Handle("/delete_client", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(deleteClientHandler)))
http.Handle("/delete_stash", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(deleteStashHandler)))
http.Handle("/get_client", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(getClientHandler)))
http.Handle("/get_config", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(getConfigHandler)))
http.Handle("/get_sensu", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(getSensuHandler)))
http.Handle("/post_event", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(postEventHandler)))
http.Handle("/post_stash", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(postStashHandler)))
http.Handle("/", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.FileServer(http.Dir(*publicPath))))
} else {
http.Handle("/delete_client", http.HandlerFunc(deleteClientHandler))
http.Handle("/delete_stash", http.HandlerFunc(deleteStashHandler))
http.Handle("/get_client", http.HandlerFunc(getClientHandler))
http.Handle("/get_config", http.HandlerFunc(getConfigHandler))
http.Handle("/get_sensu", http.HandlerFunc(getSensuHandler))
http.Handle("/post_event", http.HandlerFunc(postEventHandler))
http.Handle("/post_stash", http.HandlerFunc(postStashHandler))
http.Handle("/", http.FileServer(http.Dir(*publicPath)))
}
http.Handle("/health", http.HandlerFunc(healthHandler))
http.Handle("/health/", http.HandlerFunc(healthHandler))
listen := fmt.Sprintf("%s:%d", config.Uchiwa.Host, config.Uchiwa.Port)
logger.Infof("Uchiwa is now listening on %s", listen)
http.ListenAndServe(listen, nil)
}
// LoadConfig function loads a specified configuration file and return a Config struct
func LoadConfig(path string) (*Config, error) {
logger.Infof("Loading configuration file %s", path)
c := new(Config)
file, err := os.Open(path)
if err != nil {
if len(path) > 1 {
return nil, fmt.Errorf("Error: could not read config file %s.", path)
}
}
decoder := json.NewDecoder(file)
err = decoder.Decode(c)
if err != nil {
return nil, fmt.Errorf("Error decoding file %s: %s", path, err)
}
c.initGlobal()
c.initSensu()
return c, nil
}
// GetIdentification retrieves the user & pass from a POST and authenticates the user against the Identification driver
func (a *Config) GetIdentification() http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != "POST" {
http.Redirect(w, r, "/#/login", http.StatusFound)
return
}
decoder := json.NewDecoder(r.Body)
var data interface{}
err := decoder.Decode(&data)
if err != nil {
logger.Warningf("Could not decode the body: %s", err)
http.Error(w, "", http.StatusInternalServerError)
return
}
m, ok := data.(map[string]interface{})
if !ok {
logger.Warningf("Could not assert the body: %s", err)
http.Error(w, "", http.StatusInternalServerError)
return
}
u := m["user"].(string)
p := m["pass"].(string)
if u == "" || p == "" {
logger.Info("Authentication failed: user and password must not be empty")
http.Error(w, "", http.StatusUnauthorized)
return
}
// validate the user with the Login authentication driver
user, err := a.Driver(u, p)
if err != nil {
logger.Infof("Authentication failed: %s", err)
http.Error(w, "", http.StatusUnauthorized)
return
}
// obfuscate the user's salt & hash
user.PasswordHash = ""
user.PasswordSalt = ""
token, err := GetToken(&user.Role)
if err != nil {
logger.Warningf("Authentication failed, could not create the token: %s", err)
http.Error(w, "", http.StatusInternalServerError)
return
}
// Add token to the user struct
user.Token = token
j, err := json.Marshal(user)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
w.Write(j)
return
})
}
