示例#1
0
// Handler that clients can use to get a jwt token.
// Payload needs to be json in the form of {"username": "******", "password": "******"}.
// Reply will be of the form {"token": "TOKEN"}.
func (mw *JWTMiddleware) LoginHandler(writer rest.ResponseWriter, request *rest.Request) {
	login_vals := login{}
	err := request.DecodeJsonPayload(&login_vals)

	if err != nil {
		apiutils.WriteRestError(writer, apierrors.NewBadRequest(err.Error()))
		return
	}

	if login_vals.Username == "" {
		apiutils.WriteRestError(writer,
			apierrors.NewInvalid("login", "",
				fielderrors.ValidationErrorList{
					fielderrors.NewFieldRequired("username")}))
		return
	}
	if login_vals.Password == "" {
		apiutils.WriteRestError(writer,
			apierrors.NewInvalid("login", "",
				fielderrors.ValidationErrorList{
					fielderrors.NewFieldRequired("password")}))
		return
	}

	if !mw.Authenticator(login_vals.Username, login_vals.Password) {
		mw.unauthorized(writer)
		return
	}

	token := jwt.New(jwt.GetSigningMethod(mw.SigningAlgorithm))

	if mw.PayloadFunc != nil {
		for key, value := range mw.PayloadFunc(login_vals.Username) {
			token.Claims[key] = value
		}
	}

	token.Claims["id"] = login_vals.Username
	token.Claims["exp"] = time.Now().Add(mw.Timeout).Unix()
	if mw.MaxRefresh != 0 {
		token.Claims["orig_iat"] = time.Now().Unix()
	}
	tokenString, err := token.SignedString(mw.Key)

	if err != nil {
		mw.unauthorized(writer)
		return
	}

	writer.WriteJson(&map[string]string{"token": tokenString})
}
示例#2
0
文件: api.go 项目: thomasf/alkasir
func PostConnection(w rest.ResponseWriter, r *rest.Request) {
	form := ConnectionSetting{}
	err := r.DecodeJsonPayload(&form)
	if err != nil {
		apiutils.WriteRestError(w, apierrors.NewBadRequest(err.Error()))
		return
	}

	err = clientconfig.Update(func(conf *clientconfig.Config) error {

		all := conf.Settings.Connections

		var connection shared.Connection // decoded connection
		var invalids fielderrors.ValidationErrorList

		// Verify that the encoded field is set
		{
			if form.Encoded == "" {
				invalids = append(invalids, fielderrors.NewFieldRequired("encoded"))
			}
		}

		// verify that the connection is decodeable
		{
			var err error
			connection, err = shared.DecodeConnection(form.Encoded)
			if err != nil {
				invalids = append(invalids, fielderrors.NewFieldInvalid("encoded", form.Encoded, "invalid formatting"))
			}
		}

		// validate that the id exists, if supplied
		foundIdx := 0
		{
			if form.ID != "" {
				found := false
				for k, v := range all {
					if v.ID == form.ID {
						found = true
						foundIdx = k
					}
				}
				if !found {
					invalids = append(invalids, fielderrors.NewFieldNotFound("id", form.ID))
				}
			}
		}

		// validate that the connection doesnt alreay exist
		{
			encoded, err := connection.Encode()
			if err != nil {
				apiutils.WriteRestError(w, err)
				return nil
			}

			found := false
			for _, v := range all {
				enc2, err := v.Encode()
				if err != nil {
					lg.Errorln(err)
					continue
				}
				if enc2 == encoded {
					found = true
				}
			}
			if found {
				invalids = append(invalids, fielderrors.NewFieldDuplicate("encoded", form.Encoded))
			}
		}

		// end of field validations
		if len(invalids) > 0 {
			apiutils.WriteRestError(w, apierrors.NewInvalid("post-connection", "", invalids))
			return nil
		}

		// add connection to settings and save
		if form.ID == "" {
			connection.EnsureID()
			conf.Settings.Connections = append(conf.Settings.Connections, connection)
		} else {
			conf.Settings.Connections[foundIdx] = connection
		}
		service.UpdateConnections(conf.Settings.Connections)
		return nil
	})
	if err != nil {
		lg.Errorln(err)
	}
	clientconfig.Write()
	w.WriteJson(true)

}
示例#3
0
文件: api.go 项目: thomasf/alkasir
// CreateSuggestion .
func CreateSuggestion(w rest.ResponseWriter, r *rest.Request) {

	form := shared.BrowserSuggestionTokenRequest{}
	err := r.DecodeJsonPayload(&form)
	if err != nil {
		// apiError(w, err.Error(), http.StatusInternalServerError)
		apiutils.WriteRestError(w, err)
		return
	}

	var invalids fielderrors.ValidationErrorList

	// parse and validate url.
	URL := strings.TrimSpace(form.URL)
	if URL == "" {
		invalids = append(invalids, fielderrors.NewFieldRequired("URL"))
		// apiError(w, "no or empty URL", http.StatusBadRequest)

	}
	u, err := url.Parse(URL)
	if err != nil {
		invalids = append(invalids, fielderrors.NewFieldInvalid("URL", URL, err.Error()))
		// apiError(w, fmt.Sprintf("%s is not a valid URL", URL), http.StatusBadRequest)

	}

	host := u.Host
	if strings.Contains(host, ":") {
		host, _, err = net.SplitHostPort(u.Host)
		if err != nil {
			invalids = append(invalids, fielderrors.NewFieldInvalid("URL", URL, err.Error()))
		}
	}

	if !shared.AcceptedURL(u) {
		invalids = append(invalids, fielderrors.NewFieldValueNotSupported("URL", URL, nil))
	}

	if len(invalids) > 0 {
		apiutils.WriteRestError(w, apierrors.NewInvalid("create-suggestion", "URL", invalids))
		return
	}

	s := client.NewSuggestion(u.String())
	defer s.DoneAddingSamples()
	measurers, err := measure.DefaultMeasurements(form.URL)
	if err != nil {
		apiutils.WriteRestError(w, apierrors.NewInternalError(err))
		return
	}

	for _, v := range measurers {
		m, err := v.Measure()
		if err != nil {
			lg.Errorf("could not measure: %s", err.Error())
		} else {
			switch m.Type() {
			case sampletypes.DNSQuery, sampletypes.HTTPHeader:
				err = s.AddMeasurement(m)
				if err != nil {
					lg.Errorln(err.Error())
					return
				}
			default:
				lg.Warningf("unsupported sample type: %s", m.Type().String())
			}
		}
	}
}
示例#4
0
func TestNewInvalid(t *testing.T) {
	testCases := []struct {
		Err     *fielderrors.ValidationError
		Details *api.StatusDetails
	}{
		{
			fielderrors.NewFieldDuplicate("field[0].name", "bar"),
			&api.StatusDetails{
				Kind: "kind",
				Name: "name",
				Causes: []api.StatusCause{{
					Type:  api.CauseTypeFieldValueDuplicate,
					Field: "field[0].name",
				}},
			},
		},
		{
			fielderrors.NewFieldInvalid("field[0].name", "bar", "detail"),
			&api.StatusDetails{
				Kind: "kind",
				Name: "name",
				Causes: []api.StatusCause{{
					Type:  api.CauseTypeFieldValueInvalid,
					Field: "field[0].name",
				}},
			},
		},
		{
			fielderrors.NewFieldNotFound("field[0].name", "bar"),
			&api.StatusDetails{
				Kind: "kind",
				Name: "name",
				Causes: []api.StatusCause{{
					Type:  api.CauseTypeFieldValueNotFound,
					Field: "field[0].name",
				}},
			},
		},
		{
			fielderrors.NewFieldValueNotSupported("field[0].name", "bar", nil),
			&api.StatusDetails{
				Kind: "kind",
				Name: "name",
				Causes: []api.StatusCause{{
					Type:  api.CauseTypeFieldValueNotSupported,
					Field: "field[0].name",
				}},
			},
		},
		{
			fielderrors.NewFieldRequired("field[0].name"),
			&api.StatusDetails{
				Kind: "kind",
				Name: "name",
				Causes: []api.StatusCause{{
					Type:  api.CauseTypeFieldValueRequired,
					Field: "field[0].name",
				}},
			},
		},
	}
	for i, testCase := range testCases {
		vErr, expected := testCase.Err, testCase.Details
		expected.Causes[0].Message = vErr.Error()
		err := NewInvalid("kind", "name", fielderrors.ValidationErrorList{vErr})
		status := err.(*StatusError).ErrStatus
		if status.Code != 422 || status.Reason != api.StatusReasonInvalid {
			t.Errorf("%d: unexpected status: %#v", i, status)
		}
		if !reflect.DeepEqual(expected, status.Details) {
			t.Errorf("%d: expected %#v, got %#v", i, expected, status.Details)
		}
	}
}