func SetupHTTPRoutes(server *wsevent.Server, noauth *wsevent.Server) {
http.HandleFunc("/", controllers.MainHandler)
http.HandleFunc("/openidcallback", controllers.LoginCallbackHandler)
http.HandleFunc("/startLogin", controllers.LoginHandler)
http.HandleFunc("/logout", controllers.LogoutHandler)
if config.Constants.MockupAuth {
http.HandleFunc("/startMockLogin/", controllers.MockLoginHandler)
}
http.HandleFunc("/websocket/", func(w http.ResponseWriter, r *http.Request) {
if config.Constants.SteamIDWhitelist != "" {
session, err := chelpers.GetSessionHTTP(r)
allowed := true
if err == nil {
steamid, ok := session.Values["steam_id"]
if !ok {
allowed = false
} else if !chelpers.IsSteamIDWhitelisted(steamid.(string)) {
allowed = false
}
} else {
allowed = false
}
if !allowed {
http.Error(w, "Sorry, but you're not in the closed alpha", 403)
return
}
}
session, err := chelpers.GetSessionHTTP(r)
var so *wsevent.Client
if err == nil {
_, ok := session.Values["steam_id"]
if ok {
so, err = server.NewClient(upgrader, w, r)
} else {
so, err = noauth.NewClient(upgrader, w, r)
}
} else {
var estr = "Couldn't create WebSocket connection."
//estr = err.Error()
http.Error(w, estr, 500)
return
}
if err != nil || so == nil {
controllers.LogoutSession(w, r)
return
}
//helpers.Logger.Debug("Connected to Socket")
err = socket.SocketInit(server, noauth, so)
if err != nil {
controllers.LogoutSession(w, r)
}
})
}
func SocketHandler(w http.ResponseWriter, r *http.Request) {
//check if player is in the whitelist
if config.Constants.SteamIDWhitelist != "" {
allowed := false
session, err := chelpers.GetSessionHTTP(r)
if err == nil {
steamid, ok := session.Values["steam_id"]
allowed = ok && chelpers.IsSteamIDWhitelisted(steamid.(string))
}
if !allowed {
http.Error(w, "Sorry, but you're not in the closed alpha", 403)
return
}
}
session, err := chelpers.GetSessionHTTP(r)
var so *wsevent.Client
if err == nil {
_, ok := session.Values["steam_id"]
if ok {
so, err = socket.AuthServer.NewClient(upgrader, w, r)
} else {
so, err = socket.UnauthServer.NewClient(upgrader, w, r)
}
pprof.Clients.Add(1)
} else {
var estr = "Couldn't create WebSocket connection."
//estr = err.Error()
logrus.Error(err.Error())
http.Error(w, estr, 500)
return
}
if err != nil || so == nil {
login.LogoutSession(w, r)
return
}
//logrus.Debug("Connected to Socket")
err = SocketInit(so)
if err != nil {
login.LogoutSession(w, r)
so.Close()
}
}
func SocketHandler(w http.ResponseWriter, r *http.Request) {
token, err := chelpers.GetToken(r)
if err != nil && err != http.ErrNoCookie { //invalid jwt token
logrus.Errorf("Error reading JWT: %v", err)
token = nil
}
//check if player is in the whitelist
if config.Constants.SteamIDWhitelist != "" {
if token == nil {
// player isn't logged in,
// and access is restricted to logged in people
http.Error(w, "Not logged in", http.StatusForbidden)
return
}
if !chelpers.IsSteamIDWhitelisted(token.Claims.(*chelpers.TF2StadiumClaims).SteamID) {
http.Error(w, "you're not in the beta", http.StatusForbidden)
return
}
}
var so *wsevent.Client
if token != nil { //received valid jwt
so, err = socket.AuthServer.NewClient(upgrader, w, r)
} else {
so, err = socket.UnauthServer.NewClient(upgrader, w, r)
}
if err != nil {
return
}
so.Token = token
//logrus.Debug("Connected to Socket")
err = SocketInit(so)
if err != nil {
logrus.Error(err)
so.Close()
return
}
}
func LoginCallbackHandler(w http.ResponseWriter, r *http.Request) {
regex := regexp.MustCompile(`http://steamcommunity.com/openid/id/(\d+)`)
fullURL := config.Constants.Domain + r.URL.String()
idURL, err := openid.Verify(fullURL, discoveryCache, nonceStore)
if err != nil {
helpers.Logger.Warning("%s", err.Error())
return
}
parts := regex.FindStringSubmatch(idURL)
if len(parts) != 2 {
http.Error(w, "Steam Authentication failed, please try again.", 500)
return
}
steamid := parts[1]
if config.Constants.SteamIDWhitelist != "" &&
!controllerhelpers.IsSteamIDWhitelisted(steamid) {
//Use a more user-friendly message later
http.Error(w, "Sorry, you're not in the closed alpha.", 403)
return
}
err = setSession(w, r, steamid)
if err != nil {
session, _ := controllerhelpers.GetSessionHTTP(r)
session.Options = &sessions.Options{MaxAge: -1}
session.Save(r, w)
helpers.Logger.Error(err.Error())
http.Error(w, "Internal Server Error.", 500)
return
}
http.Redirect(w, r, config.Constants.LoginRedirectPath, 303)
}
func SteamLoginCallbackHandler(w http.ResponseWriter, r *http.Request) {
refererURL := r.URL.Query().Get("referer")
publicURL, _ := url.Parse(config.Constants.PublicAddress)
// this wouldnt be used anymore, so modify it directly
r.URL.Scheme = publicURL.Scheme
r.URL.Host = publicURL.Host
idURL, err := openid.Verify(r.URL.String(), discoveryCache, nonceStore)
if err != nil {
logrus.Error("Error verifying openid", err)
http.Error(w, err.Error(), 500)
return
}
parts := reSteamID.FindStringSubmatch(idURL)
logrus.Info("Steam auth callback: ", idURL)
if len(parts) != 2 {
logrus.Errorf("Steam Authentication failed. Response: %s", idURL)
http.Error(w, "Steam Authentication failed, please try again.", 500)
return
}
steamid := parts[1]
if config.Constants.SteamIDWhitelist != "" &&
!controllerhelpers.IsSteamIDWhitelisted(steamid) {
//Use a more user-friendly message later
logrus.Errorf("User %s not in whitelist", steamid)
http.Error(w, "Sorry, you're not in the closed alpha.", 403)
return
}
p, err := player.GetPlayerBySteamID(steamid)
if err != nil {
p, err = player.NewPlayer(steamid)
if err != nil {
logrus.Error(err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
return
}
database.DB.Create(p)
}
go func() {
if time.Since(p.ProfileUpdatedAt) >= 1*time.Hour {
err := p.UpdatePlayerInfo()
if err != nil {
logrus.Error(err)
}
}
}()
key := controllerhelpers.NewToken(p)
cookie := &http.Cookie{
Name: "auth-jwt",
Value: key,
Path: "/",
Domain: config.Constants.CookieDomain,
Expires: time.Now().Add(30 * 24 * time.Hour),
HttpOnly: true,
Secure: config.Constants.SecureCookies,
}
http.SetCookie(w, cookie)
if refererURL != "" {
http.Redirect(w, r, refererURL, 303)
return
}
http.Redirect(w, r, config.Constants.LoginRedirectPath, 303)
}
