func ReadConfigs() error {
if err := autoflag.Load(gofigure.DefaultLoader, &Config); err != nil {
logging.Error("Error loading configs: %v", err)
return err
}
logging.Info("Read configs: %#v", &Config)
for k, m := range Config.APIConfigs {
if conf, found := Config.apiconfs[k]; found && conf != nil {
b, err := yaml.Marshal(m)
if err == nil {
if err := yaml.Unmarshal(b, conf); err != nil {
logging.Error("Error reading config for API %s: %s", k, err)
} else {
logging.Debug("Unmarshaled API config for %s: %#v", k, conf)
}
} else {
logging.Error("Error marshalling config for API %s: %s", k, err)
}
} else {
logging.Warning("API Section %s in config file not registered with server", k)
}
}
return nil
}
func (a *API) middlewareHandler(chain *step, security SecurityScheme, renderer Renderer) func(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
// allow overriding the API's default renderer with a per-route one
if renderer == nil {
renderer = a.Renderer
}
return func(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
req := NewRequest(r)
if !a.AllowInsecure && !req.Secure {
// local requests bypass security
if req.RemoteIP != "127.0.0.1" {
http.Error(w, insecureAccessMessage, http.StatusForbidden)
return
}
}
r.ParseForm()
// Copy values from the router params to the request params
for _, v := range p {
r.Form.Set(v.Key, v.Value)
}
var ret interface{}
var err error
if security != nil {
if err = security.Validate(req); err != nil {
logging.Warning("Error validating security scheme: %s", err)
if e, ok := err.(*internalError); ok {
e.Code = ErrUnauthorized
err = e
}
}
}
if err == nil {
ret, err = chain.handle(w, req)
}
if err != Hijacked {
if err = renderer.Render(ret, err, w, req); err != nil {
logging.Error("Error rendering response: %s", err)
}
} else {
logging.Debug("Not rendering hijacked request %s", r.RequestURI)
}
}
}
// parse the locale based on Accept-Language header. If no header found or the values are invalid,
// we fall back to en-US
func (r *Request) parseLocale() {
tags, _, err := language.ParseAcceptLanguage(r.Header.Get("Accept-Language"))
if err != nil {
logging.Warning("Could not parse accept lang header: %s", err)
return
}
if len(tags) > 0 {
logging.Debug("Locale for request: %s", tags[0])
r.Locale = tags[0].String()
}
}
func (b *ConnectionLimiter) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {
num := atomic.AddInt32(&b.running, 1)
defer atomic.AddInt32(&b.running, -1)
if num > b.max {
logging.Warning("Connection limit exceeded: %d/%d", num, b.max)
return nil, vertex.ResourceUnavailableError("Connection Limit Exceeded")
}
return next(w, r)
}
func (b BasicAuth) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {
if !r.IsLocal() || !b.BypassForLocal {
user, pass, ok := r.BasicAuth()
if !ok {
logging.Debug("No auth header, denying")
b.requireAuth(w)
return nil, vertex.Hijacked
}
if user != b.User || pass != b.Password {
logging.Warning("Unmatching auth: %s/%s", user, pass)
b.requireAuth(w)
return nil, vertex.Hijacked
}
}
return next(w, r)
}