func createApp(w http.ResponseWriter, req *http.Request) { app := &datatypes.App{} body, err := ioutil.ReadAll(req.Body) if err != nil { utils.Reply(r, w, "Invalid request: "+err.Error(), 500) return } err = json.Unmarshal(body, app) if err != nil { utils.Reply(r, w, "Invalid request: "+err.Error(), 500) return } if _, err := client.Get(constants.ETCD_APPS+app.Name, false, false); err == nil { utils.Reply(r, w, "App "+app.Name+" already exists", 409) return } else { out, err := json.Marshal([]string{req.Header.Get("X-Lagann-User")}) if err != nil { utils.Reply(r, w, "Invalid request: "+err.Error(), 500) return } client.Set(constants.ETCD_APPS+app.Name+"/users", string(out), 0) client.Set(constants.ETCD_APPS+app.Name+"/name", app.Name, 0) utils.Reply(r, w, "App "+app.Name+" created", 200) } }
func login(w http.ResponseWriter, req *http.Request) { if req.Method != "POST" { utils.Reply(r, w, "Invalid method", http.StatusMethodNotAllowed) return } err := req.ParseForm() if err != nil || req.Form.Get("password") == "" || req.Form.Get("username") == "" { utils.Reply(r, w, "Could not parse form "+err.Error(), http.StatusInternalServerError) return } password := utils.HashPassword([]byte(req.Form.Get("password")), []byte("lagann")) username := req.Form.Get("username") comppw := base64.StdEncoding.EncodeToString(password) storedpwnode, err := client.Get(constants.ETCD_LAGANN_USERS+username+"/password", false, false) if err != nil { utils.Reply(r, w, "No such user "+username, http.StatusNotFound) } if storedpwnode.Node.Value == comppw { authkey := uuid.New() client.Set(constants.ETCD_LAGANN_AUTHKEYS+authkey, username, 0) utils.Reply(r, w, "Logged in as "+username+".", 200, map[string]interface{}{ "authkey": authkey, "user": username, }) } }
func addSharing(w http.ResponseWriter, req *http.Request) { username := req.Header.Get("X-Lagann-User") params := req.URL.Query() appname := params.Get(":app") err := req.ParseForm() if err != nil { utils.Reply(r, w, "Internal json error", 500, err) return } res, err := client.Get(constants.ETCD_APPS+appname+"/users", false, false) if err != nil { utils.Reply(r, w, "No such app "+appname, 404) return } var allowedusers []string rawusers := res.Node.Value err = json.Unmarshal([]byte(rawusers), &allowedusers) if err != nil { utils.Reply(r, w, "Internal json error", 500, err) return } for _, myusername := range allowedusers { if strings.ToLower(username) == strings.ToLower(myusername) { goto okay } } utils.Reply(r, w, "Not allowed to modify permissions for "+appname, http.StatusUnauthorized) return okay: toadd := req.Form.Get("user") allowedusers = append(allowedusers, toadd) bs, err := json.Marshal(allowedusers) if err != nil { utils.Reply(r, w, "Internal json error", 500, err) return } str := string(bs) _, err = client.Set(constants.ETCD_APPS+appname+"/users", str, 0) if err != nil { utils.Reply(r, w, "Internal etcd error", 500, err) return } utils.Reply(r, w, "User "+toadd+" added to "+appname, 200) }
func register(w http.ResponseWriter, req *http.Request) { if req.Method != "POST" { utils.Reply(r, w, "Invalid method", http.StatusMethodNotAllowed) return } err := req.ParseForm() if err != nil { utils.Reply(r, w, "Could not parse form "+err.Error(), http.StatusInternalServerError) return } password := utils.HashPassword([]byte(req.Form.Get("password")), []byte("lagann")) key := req.Form.Get("sshkey") uname := req.Form.Get("username") fp := utils.GetFingerprint(key) if fp == "error" { utils.Reply(r, w, "Invalid SSH key", 401) return } if _, err := client.Get(constants.ETCD_LAGANN_USERS+uname, false, false); err == nil { utils.Reply(r, w, "User "+uname+" already exists", 409) } else { client.Set(constants.ETCD_BUILDER_USERS+uname+"/"+fp, key, 0) client.Set(constants.ETCD_LAGANN_USERS+uname+"/password", base64.StdEncoding.EncodeToString(password), 0) authkey := uuid.New() client.Set(constants.ETCD_LAGANN_AUTHKEYS+authkey, uname, 0) utils.Reply(r, w, "User "+uname+" created.", 200, map[string]interface{}{ "authkey": authkey, "user": uname, }) } }
// root is the handler for /. It is a simple 404 page. func root(w http.ResponseWriter, req *http.Request) { utils.Reply(r, w, "No method", http.StatusNotFound) }