github.com/crowdsecurity/crowdsec@v1.6.1/pkg/apiserver/controllers/controller.go (about)

     1  package controllers
     2  
     3  import (
     4  	"context"
     5  	"net"
     6  	"net/http"
     7  
     8  	"github.com/alexliesenfeld/health"
     9  	"github.com/gin-gonic/gin"
    10  	log "github.com/sirupsen/logrus"
    11  
    12  	v1 "github.com/crowdsecurity/crowdsec/pkg/apiserver/controllers/v1"
    13  	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
    14  	"github.com/crowdsecurity/crowdsec/pkg/csplugin"
    15  	"github.com/crowdsecurity/crowdsec/pkg/database"
    16  	"github.com/crowdsecurity/crowdsec/pkg/models"
    17  )
    18  
    19  type Controller struct {
    20  	Ectx                          context.Context
    21  	DBClient                      *database.Client
    22  	Router                        *gin.Engine
    23  	Profiles                      []*csconfig.ProfileCfg
    24  	AlertsAddChan                 chan []*models.Alert
    25  	DecisionDeleteChan            chan []*models.Decision
    26  	PluginChannel                 chan csplugin.ProfileAlert
    27  	Log                           *log.Logger
    28  	ConsoleConfig                 *csconfig.ConsoleConfig
    29  	TrustedIPs                    []net.IPNet
    30  	HandlerV1                     *v1.Controller
    31  	DisableRemoteLapiRegistration bool
    32  }
    33  
    34  func (c *Controller) Init() error {
    35  	if err := c.NewV1(); err != nil {
    36  		return err
    37  	}
    38  
    39  	/* if we have a V2, just add
    40  
    41  	if err := c.NewV2(); err != nil {
    42  		return err
    43  	}
    44  
    45  	*/
    46  
    47  	return nil
    48  }
    49  
    50  // endpoint for health checking
    51  func serveHealth() http.HandlerFunc {
    52  	checker := health.NewChecker(
    53  		// just simple up/down status is enough
    54  		health.WithDisabledDetails(),
    55  		// no caching required
    56  		health.WithDisabledCache(),
    57  	)
    58  
    59  	return health.NewHandler(checker)
    60  }
    61  
    62  func (c *Controller) NewV1() error {
    63  	var err error
    64  
    65  	v1Config := v1.ControllerV1Config{
    66  		DbClient:           c.DBClient,
    67  		Ctx:                c.Ectx,
    68  		ProfilesCfg:        c.Profiles,
    69  		DecisionDeleteChan: c.DecisionDeleteChan,
    70  		AlertsAddChan:      c.AlertsAddChan,
    71  		PluginChannel:      c.PluginChannel,
    72  		ConsoleConfig:      *c.ConsoleConfig,
    73  		TrustedIPs:         c.TrustedIPs,
    74  	}
    75  
    76  	c.HandlerV1, err = v1.New(&v1Config)
    77  	if err != nil {
    78  		return err
    79  	}
    80  
    81  	c.Router.GET("/health", gin.WrapF(serveHealth()))
    82  	c.Router.Use(v1.PrometheusMiddleware())
    83  	c.Router.HandleMethodNotAllowed = true
    84  	c.Router.NoRoute(func(ctx *gin.Context) {
    85  		ctx.AbortWithStatus(http.StatusNotFound)
    86  	})
    87  	c.Router.NoMethod(func(ctx *gin.Context) {
    88  		ctx.AbortWithStatus(http.StatusMethodNotAllowed)
    89  	})
    90  
    91  	groupV1 := c.Router.Group("/v1")
    92  	groupV1.POST("/watchers", c.HandlerV1.AbortRemoteIf(c.DisableRemoteLapiRegistration), c.HandlerV1.CreateMachine)
    93  	groupV1.POST("/watchers/login", c.HandlerV1.Middlewares.JWT.Middleware.LoginHandler)
    94  
    95  	jwtAuth := groupV1.Group("")
    96  	jwtAuth.GET("/refresh_token", c.HandlerV1.Middlewares.JWT.Middleware.RefreshHandler)
    97  	jwtAuth.Use(c.HandlerV1.Middlewares.JWT.Middleware.MiddlewareFunc(), v1.PrometheusMachinesMiddleware())
    98  	{
    99  		jwtAuth.POST("/alerts", c.HandlerV1.CreateAlert)
   100  		jwtAuth.GET("/alerts", c.HandlerV1.FindAlerts)
   101  		jwtAuth.HEAD("/alerts", c.HandlerV1.FindAlerts)
   102  		jwtAuth.GET("/alerts/:alert_id", c.HandlerV1.FindAlertByID)
   103  		jwtAuth.HEAD("/alerts/:alert_id", c.HandlerV1.FindAlertByID)
   104  		jwtAuth.DELETE("/alerts/:alert_id", c.HandlerV1.DeleteAlertByID)
   105  		jwtAuth.DELETE("/alerts", c.HandlerV1.DeleteAlerts)
   106  		jwtAuth.DELETE("/decisions", c.HandlerV1.DeleteDecisions)
   107  		jwtAuth.DELETE("/decisions/:decision_id", c.HandlerV1.DeleteDecisionById)
   108  		jwtAuth.GET("/heartbeat", c.HandlerV1.HeartBeat)
   109  	}
   110  
   111  	apiKeyAuth := groupV1.Group("")
   112  	apiKeyAuth.Use(c.HandlerV1.Middlewares.APIKey.MiddlewareFunc(), v1.PrometheusBouncersMiddleware())
   113  	{
   114  		apiKeyAuth.GET("/decisions", c.HandlerV1.GetDecision)
   115  		apiKeyAuth.HEAD("/decisions", c.HandlerV1.GetDecision)
   116  		apiKeyAuth.GET("/decisions/stream", c.HandlerV1.StreamDecision)
   117  		apiKeyAuth.HEAD("/decisions/stream", c.HandlerV1.StreamDecision)
   118  	}
   119  
   120  	return nil
   121  }
   122  
   123  /*
   124  func (c *Controller) NewV2() error {
   125  	handlerV2, err := v2.New(c.DBClient, c.Ectx)
   126  	if err != nil {
   127  		return err
   128  	}
   129  
   130  	v2 := c.Router.Group("/v2")
   131  	v2.POST("/watchers", handlerV2.CreateMachine)
   132  	v2.POST("/watchers/login", handlerV2.Middlewares.JWT.Middleware.LoginHandler)
   133  
   134  	jwtAuth := v2.Group("")
   135  	jwtAuth.GET("/refresh_token", handlerV2.Middlewares.JWT.Middleware.RefreshHandler)
   136  	jwtAuth.Use(handlerV2.Middlewares.JWT.Middleware.MiddlewareFunc())
   137  	{
   138  		jwtAuth.POST("/alerts", handlerV2.CreateAlert)
   139  		jwtAuth.GET("/alerts", handlerV2.FindAlerts)
   140  		jwtAuth.DELETE("/alerts", handlerV2.DeleteAlerts)
   141  		jwtAuth.DELETE("/decisions", handlerV2.DeleteDecisions)
   142  		jwtAuth.DELETE("/decisions/:decision_id", handlerV2.DeleteDecisionById)
   143  	}
   144  
   145  	apiKeyAuth := v2.Group("")
   146  	apiKeyAuth.Use(handlerV2.Middlewares.APIKey.MiddlewareFuncV2())
   147  	{
   148  		apiKeyAuth.GET("/decisions", handlerV2.GetDecision)
   149  		apiKeyAuth.GET("/decisions/stream", handlerV2.StreamDecision)
   150  	}
   151  
   152  	return nil
   153  }
   154  
   155  */