// Get HTTP get method
func (c *AuthUser) Get(req *Request) {
// get the username/password
user := req.r.URL.Query().Get("user")
pass := req.r.URL.Query().Get("pass")
// fetch the user form the db
var u *config.User
var err error
c.pipeline.ViewConfig(func(ac *config.AppConfig) {
u, err = ac.Provider().GetUserByUserName(user)
})
if err != nil {
http.Error(req.w, err.Error(), http.StatusBadRequest)
logrus.Error(err)
return
}
// if the user does not have the correct password, fail
if !config.CheckUserPassword(u, pass) {
http.Error(req.w, "invalid password", http.StatusBadRequest)
return
}
token := GlobalSession.Put(u.UserName)
// encode the response as json
buff, err := json.Marshal(map[string]string{
"token": token,
})
if err != nil {
http.Error(req.w, err.Error(), http.StatusInternalServerError)
logrus.Error(err)
return
}
req.w.Write(buff)
}
func authUser(confProvider config.Provider, r *http.Request) (*config.User, error) {
// check for a session token
session := r.Header.Get(SESSION_HEADER_NAME)
// create user doesn't require auth
if r.URL.Path == "/api/user" && r.Method == "POST" {
return confProvider.GetUserByUserName("admin")
}
// fetch the user id from the session store for this token
if session != "" {
userName, err := GlobalSession.Get(session)
if err != nil {
return nil, err
}
// get the user by the given id
return confProvider.GetUser(userName)
}
user, password, ok := r.BasicAuth()
if !ok {
return nil, fmt.Errorf("Auth not provided")
}
// fetch the user
u, err := confProvider.GetUserByUserName(user)
if err != nil {
return nil, err
}
// check to see if the password is correct
if !config.CheckUserPassword(u, password) {
return nil, fmt.Errorf("The provided password is incorrect for user %s", user)
}
return u, nil
}
