Exemplo n.º 1
0
// WebServer starts the web server and serves GET & POST requests
func (u *Uchiwa) WebServer(publicPath *string, auth auth.Config) {

	// private endpoints
	http.Handle("/delete_client", auth.Authenticate(http.HandlerFunc(u.deleteClientHandler)))
	http.Handle("/get_aggregate", auth.Authenticate(http.HandlerFunc(u.getAggregateHandler)))
	http.Handle("/get_aggregate_by_issued", auth.Authenticate(http.HandlerFunc(u.getAggregateByIssuedHandler)))
	http.Handle("/get_client", auth.Authenticate(http.HandlerFunc(u.getClientHandler)))
	http.Handle("/get_config", auth.Authenticate(http.HandlerFunc(u.getConfigHandler)))
	http.Handle("/get_sensu", auth.Authenticate(http.HandlerFunc(u.getSensuHandler)))
	http.Handle("/post_event", auth.Authenticate(http.HandlerFunc(u.postEventHandler)))
	http.Handle("/stashes", auth.Authenticate(http.HandlerFunc(u.stashHandler)))
	http.Handle("/stashes/delete", auth.Authenticate(http.HandlerFunc(u.stashDeleteHandler)))

	// static files
	http.Handle("/", http.FileServer(http.Dir(*publicPath)))

	// public endpoints
	http.Handle("/config/auth", http.HandlerFunc(u.configAuthHandler))
	http.Handle("/health", http.HandlerFunc(u.healthHandler))
	http.Handle("/health/", http.HandlerFunc(u.healthHandler))
	http.Handle("/login", auth.GetIdentification())

	listen := fmt.Sprintf("%s:%d", u.Config.Uchiwa.Host, u.Config.Uchiwa.Port)
	logger.Infof("Uchiwa is now listening on %s", listen)
	logger.Fatal(http.ListenAndServe(listen, nil))
}
Exemplo n.º 2
0
// WebServer starts the web server and serves GET & POST requests
func WebServer(config *Config, publicPath *string) {
	if config.Uchiwa.User != "" && config.Uchiwa.Pass != "" {
		http.Handle("/delete_client", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(deleteClientHandler)))
		http.Handle("/delete_stash", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(deleteStashHandler)))
		http.Handle("/get_client", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(getClientHandler)))
		http.Handle("/get_config", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(getConfigHandler)))
		http.Handle("/get_sensu", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(getSensuHandler)))
		http.Handle("/post_event", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(postEventHandler)))
		http.Handle("/post_stash", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.HandlerFunc(postStashHandler)))
		http.Handle("/", httpauth.SimpleBasicAuth(config.Uchiwa.User, config.Uchiwa.Pass)(http.FileServer(http.Dir(*publicPath))))
	} else {
		http.Handle("/delete_client", http.HandlerFunc(deleteClientHandler))
		http.Handle("/delete_stash", http.HandlerFunc(deleteStashHandler))
		http.Handle("/get_client", http.HandlerFunc(getClientHandler))
		http.Handle("/get_config", http.HandlerFunc(getConfigHandler))
		http.Handle("/get_sensu", http.HandlerFunc(getSensuHandler))
		http.Handle("/post_event", http.HandlerFunc(postEventHandler))
		http.Handle("/post_stash", http.HandlerFunc(postStashHandler))
		http.Handle("/", http.FileServer(http.Dir(*publicPath)))
	}

	http.Handle("/health", http.HandlerFunc(healthHandler))
	http.Handle("/health/", http.HandlerFunc(healthHandler))

	listen := fmt.Sprintf("%s:%d", config.Uchiwa.Host, config.Uchiwa.Port)
	logger.Infof("Uchiwa is now listening on %s", listen)
	http.ListenAndServe(listen, nil)
}
Exemplo n.º 3
0
// LoadConfig function loads a specified configuration file and return a Config struct
func LoadConfig(path string) (*Config, error) {
	logger.Infof("Loading configuration file %s", path)
	c := new(Config)
	file, err := os.Open(path)
	if err != nil {
		if len(path) > 1 {
			return nil, fmt.Errorf("Error: could not read config file %s.", path)
		}
	}

	decoder := json.NewDecoder(file)
	err = decoder.Decode(c)
	if err != nil {
		return nil, fmt.Errorf("Error decoding file %s: %s", path, err)
	}

	c.initGlobal()
	c.initSensu()

	return c, nil
}
Exemplo n.º 4
0
// GetIdentification retrieves the user & pass from a POST and authenticates the user against the Identification driver
func (a *Config) GetIdentification() http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if r.Method != "POST" {
			http.Redirect(w, r, "/#/login", http.StatusFound)
			return
		}

		decoder := json.NewDecoder(r.Body)
		var data interface{}
		err := decoder.Decode(&data)
		if err != nil {
			logger.Warningf("Could not decode the body: %s", err)
			http.Error(w, "", http.StatusInternalServerError)
			return
		}

		m, ok := data.(map[string]interface{})
		if !ok {
			logger.Warningf("Could not assert the body: %s", err)
			http.Error(w, "", http.StatusInternalServerError)
			return
		}

		u := m["user"].(string)
		p := m["pass"].(string)
		if u == "" || p == "" {
			logger.Info("Authentication failed: user and password must not be empty")
			http.Error(w, "", http.StatusUnauthorized)
			return
		}

		// validate the user with the Login authentication driver
		user, err := a.Driver(u, p)
		if err != nil {
			logger.Infof("Authentication failed: %s", err)
			http.Error(w, "", http.StatusUnauthorized)
			return
		}

		// obfuscate the user's salt & hash
		user.PasswordHash = ""
		user.PasswordSalt = ""

		token, err := GetToken(&user.Role)
		if err != nil {
			logger.Warningf("Authentication failed, could not create the token: %s", err)
			http.Error(w, "", http.StatusInternalServerError)
			return
		}

		// Add token to the user struct
		user.Token = token

		j, err := json.Marshal(user)
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		w.Header().Set("Content-Type", "application/json")
		w.Write(j)
		return
	})
}