func indexHandler(w http.ResponseWriter, req *http.Request) { if req.URL.Path != "/" { log.Printf("unknown path %v", req.URL.Path) http.NotFound(w, req) return } servers.Lock() defer servers.Unlock() hostname := req.FormValue("hostname") // TODO: Make a separate handler for the heartbeats. if hostname != "" { s := ServerInfo{ Hostname: hostname, Username: username, LastContact: time.Now(), } sshPort, err := strconv.Atoi(req.FormValue("sshPort")) if sshPort == 0 || err != nil { sshPort = -1 } s.SSHPort = sshPort if ip, _, err := net.SplitHostPort(req.RemoteAddr); err == nil && ip != "" { s.IP = ip } // TODO: ensure that a rogue HTTP client can't override legitimate entries. servers.Info[s.Hostname] = s log.Println("updated server", s.Hostname) io.WriteString(w, "ok") return } passport, err := login.CurrentPassport(req) if err != nil { log.Printf("Redirecting to ghlogin: %q. Referrer: %q", err, req.Referer()) http.Redirect(w, req, "/ghlogin", http.StatusFound) return } // TODO: Improve the user lookup. foundUser := false for _, user := range config.Users { if user.Email == passport.Email { foundUser = true } } if !foundUser { http.Error(w, "Nope.", http.StatusForbidden) return } err = index.Execute(w, servers.Info) if err != nil { log.Println(err) } }
// HandleAuthReadProfile shows a requested profile after authentication. func HandleAuthReadProfile(w http.ResponseWriter, r *http.Request) { passport, err := login.CurrentPassport(r) if err != nil { log.Printf("Redirecting to ghlogin: %v. Path: %q. Referrer: %q", err, r.URL.Path, r.Referer()) http.SetCookie(w, &http.Cookie{Name: "ref", Value: r.URL.Path}) http.Redirect(w, r, "/ghlogin", http.StatusFound) return } log.Println("login from user", passport.Email) readProfile(w, passport) }
func RequireAuth(handler http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { passport, err := login.CurrentPassport(req) if err != nil { log.Printf("Redirecting to ghlogin: %q. Referrer: %q", err, req.Referer()) http.Redirect(w, req, "/ghlogin", http.StatusFound) return } if passport.Email == "*****@*****.**" { handler.ServeHTTP(w, req) } else { http.Error(w, "Nope.", http.StatusForbidden) } }) }