func SetupHTTPRoutes(server *wsevent.Server, noauth *wsevent.Server) { http.HandleFunc("/", controllers.MainHandler) http.HandleFunc("/openidcallback", controllers.LoginCallbackHandler) http.HandleFunc("/startLogin", controllers.LoginHandler) http.HandleFunc("/logout", controllers.LogoutHandler) if config.Constants.MockupAuth { http.HandleFunc("/startMockLogin/", controllers.MockLoginHandler) } http.HandleFunc("/websocket/", func(w http.ResponseWriter, r *http.Request) { if config.Constants.SteamIDWhitelist != "" { session, err := chelpers.GetSessionHTTP(r) allowed := true if err == nil { steamid, ok := session.Values["steam_id"] if !ok { allowed = false } else if !chelpers.IsSteamIDWhitelisted(steamid.(string)) { allowed = false } } else { allowed = false } if !allowed { http.Error(w, "Sorry, but you're not in the closed alpha", 403) return } } session, err := chelpers.GetSessionHTTP(r) var so *wsevent.Client if err == nil { _, ok := session.Values["steam_id"] if ok { so, err = server.NewClient(upgrader, w, r) } else { so, err = noauth.NewClient(upgrader, w, r) } } else { var estr = "Couldn't create WebSocket connection." //estr = err.Error() http.Error(w, estr, 500) return } if err != nil || so == nil { controllers.LogoutSession(w, r) return } //helpers.Logger.Debug("Connected to Socket") err = socket.SocketInit(server, noauth, so) if err != nil { controllers.LogoutSession(w, r) } }) }
func SocketHandler(w http.ResponseWriter, r *http.Request) { //check if player is in the whitelist if config.Constants.SteamIDWhitelist != "" { allowed := false session, err := chelpers.GetSessionHTTP(r) if err == nil { steamid, ok := session.Values["steam_id"] allowed = ok && chelpers.IsSteamIDWhitelisted(steamid.(string)) } if !allowed { http.Error(w, "Sorry, but you're not in the closed alpha", 403) return } } session, err := chelpers.GetSessionHTTP(r) var so *wsevent.Client if err == nil { _, ok := session.Values["steam_id"] if ok { so, err = socket.AuthServer.NewClient(upgrader, w, r) } else { so, err = socket.UnauthServer.NewClient(upgrader, w, r) } pprof.Clients.Add(1) } else { var estr = "Couldn't create WebSocket connection." //estr = err.Error() logrus.Error(err.Error()) http.Error(w, estr, 500) return } if err != nil || so == nil { login.LogoutSession(w, r) return } //logrus.Debug("Connected to Socket") err = SocketInit(so) if err != nil { login.LogoutSession(w, r) so.Close() } }
func setSession(w http.ResponseWriter, r *http.Request, steamid string) { session, _ := controllerhelpers.GetSessionHTTP(r) session.Values["steam_id"] = steamid player := &models.Player{} err := database.DB.Where("steam_id = ?", steamid).First(player).Error var playErr error if err == gorm.RecordNotFound { player, playErr = models.NewPlayer(steamid) if playErr != nil { helpers.Logger.Debug(playErr.Error()) } database.DB.Create(player) } else if err != nil { helpers.Logger.Debug("steamLogin.go:60 ", err) } session.Values["id"] = fmt.Sprint(player.ID) session.Values["role"] = player.Role session.Options.Domain = config.Constants.CookieDomain err = session.Save(r, w) }
func LogoutHandler(w http.ResponseWriter, r *http.Request) { session, _ := controllerhelpers.GetSessionHTTP(r) session.Options = &sessions.Options{MaxAge: -1} session.Save(r, w) http.Redirect(w, r, "/", 303) }
func MainHandler(w http.ResponseWriter, r *http.Request) { if controllerhelpers.IsLoggedInHTTP(r) { session, _ := controllerhelpers.GetSessionHTTP(r) var steamid = session.Values["steam_id"].(string) fmt.Fprintf(w, `<html><head></head><body>hello! You're logged in and your steam id is `+steamid+`. You can log out <a href='/logout'>here</a></body></html>`) } else { fmt.Fprintf(w, "<html><head></head><body>hello! You can log in <a href='/startLogin'>here</a></body></html>") } }
func verifyToken(r *http.Request, method string) error { token := r.Form.Get("xsrf-token") if token == "" { return errors.New("No XSRF token present in form") } session, _ := controllerhelpers.GetSessionHTTP(r) admin, _ := models.GetPlayerBySteamID(session.Values["steam_id"].(string)) valid := xsrftoken.Valid(token, config.Constants.CookieStoreSecret, admin.SteamID, method) if !valid { return errors.New("XSRF token is invalid") } return nil }
func confirmReq(w http.ResponseWriter, r *http.Request, method, title string) { templ, err := template.ParseFiles("views/admin/templates/confirm.html") if err != nil { logrus.Error(err.Error()) return } session, _ := controllerhelpers.GetSessionHTTP(r) admin, _ := models.GetPlayerBySteamID(session.Values["steam_id"].(string)) token := xsrftoken.Generate(config.Constants.CookieStoreSecret, admin.SteamID, method) templ.Execute(w, struct { URL string Title string XSRFToken string }{r.URL.String(), title, token}) }
func (Admin) AdminChangeRole(server *wsevent.Server, so *wsevent.Client, data []byte) []byte { reqerr := chelpers.FilterRequest(so, 0, true) if reqerr != nil { return reqerr.Encode() } var args struct { Steamid *string `json:"steamid"` Role *string `json:"role"` } err := chelpers.GetParams(data, &args) if err != nil { return helpers.NewTPErrorFromError(err).Encode() } role, ok := helpers.RoleMap[*args.Role] if !ok || role == helpers.RoleAdmin { return helpers.NewTPError("Invalid role parameter", 0).Encode() } otherPlayer, err := models.GetPlayerBySteamId(*args.Steamid) if err != nil { return helpers.NewTPError("Player not found.", 0).Encode() } currPlayer, _ := chelpers.GetPlayerSocket(so.Id()) models.LogAdminAction(currPlayer.ID, helpers.ActionChangeRole, otherPlayer.ID) // actual change happens otherPlayer.Role = role db.DB.Save(&otherPlayer) // rewrite session data. THIS WON'T WRITE A COOKIE SO IT ONLY WORKS WITH // STORES THAT STORE DATA IN COOKIES (AND NOT ONLY SESSION ID). session, sesserr := chelpers.GetSessionHTTP(so.Request()) if sesserr == nil { session.Values["role"] = role session.Save(so.Request(), FakeResponseWriter{}) } return chelpers.EmptySuccessJS }
func setSession(w http.ResponseWriter, r *http.Request, steamid string) error { session, _ := controllerhelpers.GetSessionHTTP(r) session.Values["steam_id"] = steamid player := &models.Player{} err := database.DB.Where("steam_id = ?", steamid).First(player).Error var playErr error if err == gorm.RecordNotFound { // Successful first-time login player, playErr = models.NewPlayer(steamid) if playErr != nil { return playErr } database.DB.Create(player) } else if err == nil { // Successful repeat login err = player.UpdatePlayerInfo() if err == nil { player.Save() } else { return err } } else if err != nil { // Failed login return err } session.Values["id"] = fmt.Sprint(player.ID) session.Values["role"] = player.Role session.Options.Domain = config.Constants.CookieDomain err = session.Save(r, w) return err }
func AdminChangeRole(so socketio.Socket) func(string) string { return chelpers.FilterRequest(so, adminChangeRoleFilter, func(params map[string]interface{}) string { roleString := params["role"].(string) steamid := params["steamid"].(string) role, ok := helpers.RoleMap[roleString] if !ok || role == helpers.RoleAdmin { bytes, _ := chelpers.BuildFailureJSON("Invalid role parameter", 0).Encode() return string(bytes) } otherPlayer, err := models.GetPlayerBySteamId(steamid) if err != nil { bytes, _ := chelpers.BuildFailureJSON("Player not found.", 0).Encode() return string(bytes) } currPlayer, _ := chelpers.GetPlayerSocket(so.Id()) models.LogAdminAction(currPlayer.ID, helpers.ActionChangeRole, otherPlayer.ID) // actual change happens otherPlayer.Role = role db.DB.Save(&otherPlayer) // rewrite session data. THiS WON'T WRITE A COOKIE SO IT ONLY WORKS WITH // STORES THAT STORE DATA IN COOKIES (AND NOT ONLY SESSION ID). session, sesserr := chelpers.GetSessionHTTP(so.Request()) if sesserr == nil { session.Values["role"] = role session.Save(so.Request(), FakeResponseWriter{}) } return chelpers.BuildEmptySuccessString() }) }
func LoginCallbackHandler(w http.ResponseWriter, r *http.Request) { fullURL := config.Constants.Domain + r.URL.String() id, err := openid.Verify(fullURL, discoveryCache, nonceStore) if err != nil { helpers.Logger.Debug(err.Error()) return } parts := strings.Split(id, "/") steamid := parts[len(parts)-1] session, _ := controllerhelpers.GetSessionHTTP(r) session.Values["steam_id"] = steamid player := &models.Player{} var playErr error err = database.DB.Where("steam_id = ?", steamid).First(player).Error if err == gorm.RecordNotFound { player, playErr = models.NewPlayer(steamid) if playErr != nil { helpers.Logger.Debug(playErr.Error()) } database.DB.Create(player) } else if err != nil { helpers.Logger.Debug("steamLogin.go:60 ", err) } session.Values["id"] = fmt.Sprint(player.ID) err = session.Save(r, w) http.Redirect(w, r, config.Constants.LoginRedirectPath, 303) }
func LoginCallbackHandler(w http.ResponseWriter, r *http.Request) { regex := regexp.MustCompile(`http://steamcommunity.com/openid/id/(\d+)`) fullURL := config.Constants.Domain + r.URL.String() idURL, err := openid.Verify(fullURL, discoveryCache, nonceStore) if err != nil { helpers.Logger.Warning("%s", err.Error()) return } parts := regex.FindStringSubmatch(idURL) if len(parts) != 2 { http.Error(w, "Steam Authentication failed, please try again.", 500) return } steamid := parts[1] if config.Constants.SteamIDWhitelist != "" && !controllerhelpers.IsSteamIDWhitelisted(steamid) { //Use a more user-friendly message later http.Error(w, "Sorry, you're not in the closed alpha.", 403) return } err = setSession(w, r, steamid) if err != nil { session, _ := controllerhelpers.GetSessionHTTP(r) session.Options = &sessions.Options{MaxAge: -1} session.Save(r, w) helpers.Logger.Error(err.Error()) http.Error(w, "Internal Server Error.", 500) return } http.Redirect(w, r, config.Constants.LoginRedirectPath, 303) }
func LogoutSession(w http.ResponseWriter, r *http.Request) { session, _ := controllerhelpers.GetSessionHTTP(r) session.Options = &sessions.Options{MaxAge: -1} session.Save(r, w) }