// Starts a simple REST listener that will get and set user credentials.
func StartAuthListener(addr string, auth *auth.Authenticator) {
handler := func(r http.ResponseWriter, rq *http.Request) {
username := rq.URL.Path[1:]
method := rq.Method
log.Printf("AUTH: %s %q", method, username)
var err error
if rq.URL.Path == "/" {
// Root URL: Supports POSTing user info
switch method {
case "POST":
err = putUser(r, rq, auth, "")
default:
err = kBadMethodError
}
} else if username == "_session" {
// /_session: Generate login session for user
switch method {
case "POST":
err = createUserSession(r, rq, auth)
default:
err = kBadMethodError
}
} else {
// Otherwise: Interpret path as username.
if username == "GUEST" {
username = ""
}
switch method {
case "GET":
user, _ := auth.GetUser(username)
if user == nil {
err = kNotFoundError
break
}
bytes, _ := json.Marshal(user)
r.Write(bytes)
case "PUT":
err = putUser(r, rq, auth, username)
case "DELETE":
user, _ := auth.GetUser(username)
if user == nil || auth.DeleteUser(user) != nil {
err = kNotFoundError
}
default:
err = kBadMethodError
}
}
if err != nil {
status, message := base.ErrorAsHTTPStatus(err)
r.WriteHeader(status)
r.Header().Set("Content-Type", "application/json")
r.WriteHeader(status)
jsonOut, _ := json.Marshal(map[string]interface{}{"error": status, "reason": message})
r.Write(jsonOut)
}
}
go http.ListenAndServe(addr, http.HandlerFunc(handler))
}
