github.com/jancarloviray/community@v0.41.1-0.20170124221257-33a66c87cf2f/core/api/endpoint/server.go

github.com/jancarloviray/community@v0.41.1-0.20170124221257-33a66c87cf2f/core/api/endpoint/server.go (about)

     1  // Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
     2  //
     3  // This software (Documize Community Edition) is licensed under
     4  // GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
     5  //
     6  // You can operate outside the AGPL restrictions by purchasing
     7  // Documize Enterprise Edition and obtaining a commercial license
     8  // by contacting <sales@documize.com>.
     9  //
    10  // https://documize.com
    11  
    12  package endpoint
    13  
    14  import (
    15  	"fmt"
    16  	"net/http"
    17  	"os"
    18  	"strings"
    19  
    20  	"github.com/codegangsta/negroni"
    21  	"github.com/documize/community/core"
    22  	"github.com/documize/community/core/api/plugins"
    23  	"github.com/documize/community/core/database"
    24  	"github.com/documize/community/core/environment"
    25  	"github.com/documize/community/core/log"
    26  	"github.com/documize/community/core/web"
    27  	"github.com/gorilla/mux"
    28  )
    29  
    30  var port, certFile, keyFile, forcePort2SSL string
    31  
    32  // Product details app edition and version
    33  var Product core.ProdInfo
    34  
    35  func init() {
    36  	Product = core.Product()
    37  	environment.GetString(&certFile, "cert", false, "the cert.pem file used for https", nil)
    38  	environment.GetString(&keyFile, "key", false, "the key.pem file used for https", nil)
    39  	environment.GetString(&port, "port", false, "http/https port number", nil)
    40  	environment.GetString(&forcePort2SSL, "forcesslport", false, "redirect given http port number to TLS", nil)
    41  }
    42  
    43  var testHost string // used during automated testing
    44  
    45  // Serve the Documize endpoint.
    46  func Serve(ready chan struct{}) {
    47  	err := plugins.LibSetup()
    48  
    49  	if err != nil {
    50  		log.Error("Terminating before running - invalid plugin.json", err)
    51  		os.Exit(1)
    52  	}
    53  
    54  	log.Info(fmt.Sprintf("Starting %s version %s", Product.Title, Product.Version))
    55  
    56  	switch web.SiteMode {
    57  	case web.SiteModeOffline:
    58  		log.Info("Serving OFFLINE web app")
    59  	case web.SiteModeSetup:
    60  		Add(RoutePrefixPrivate, "setup", []string{"POST", "OPTIONS"}, nil, database.Create)
    61  		log.Info("Serving SETUP web app")
    62  	case web.SiteModeBadDB:
    63  		log.Info("Serving BAD DATABASE web app")
    64  	default:
    65  		log.Info("Starting web app")
    66  	}
    67  
    68  	router := mux.NewRouter()
    69  
    70  	// "/api/public/..."
    71  	router.PathPrefix(RoutePrefixPublic).Handler(negroni.New(
    72  		negroni.HandlerFunc(cors),
    73  		negroni.Wrap(buildRoutes(RoutePrefixPublic)),
    74  	))
    75  
    76  	// "/api/..."
    77  	router.PathPrefix(RoutePrefixPrivate).Handler(negroni.New(
    78  		negroni.HandlerFunc(Authorize),
    79  		negroni.Wrap(buildRoutes(RoutePrefixPrivate)),
    80  	))
    81  
    82  	// "/..."
    83  	router.PathPrefix(RoutePrefixRoot).Handler(negroni.New(
    84  		negroni.HandlerFunc(cors),
    85  		negroni.Wrap(buildRoutes(RoutePrefixRoot)),
    86  	))
    87  
    88  	n := negroni.New()
    89  	n.Use(negroni.NewStatic(web.StaticAssetsFileSystem()))
    90  	n.Use(negroni.HandlerFunc(cors))
    91  	n.Use(negroni.HandlerFunc(metrics))
    92  	n.UseHandler(router)
    93  	ready <- struct{}{}
    94  
    95  	if certFile == "" && keyFile == "" {
    96  		if port == "" {
    97  			port = "80"
    98  		}
    99  
   100  		log.Info("Starting non-SSL server on " + port)
   101  
   102  		n.Run(testHost + ":" + port)
   103  	} else {
   104  		if port == "" {
   105  			port = "443"
   106  		}
   107  
   108  		if forcePort2SSL != "" {
   109  			log.Info("Starting non-SSL server on " + forcePort2SSL + " and redirecting to SSL server on  " + port)
   110  
   111  			go func() {
   112  				err := http.ListenAndServe(":"+forcePort2SSL, http.HandlerFunc(
   113  					func(w http.ResponseWriter, req *http.Request) {
   114  						var host = strings.Replace(req.Host, forcePort2SSL, port, 1) + req.RequestURI
   115  						http.Redirect(w, req, "https://"+host, http.StatusMovedPermanently)
   116  					}))
   117  				if err != nil {
   118  					log.Error("ListenAndServe on "+forcePort2SSL, err)
   119  				}
   120  			}()
   121  		}
   122  
   123  		log.Info("Starting SSL server on " + port + " with " + certFile + " " + keyFile)
   124  
   125  		// myTLSConfig := &tls.Config{
   126  		// 	CipherSuites: []uint16{
   127  		// 		tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
   128  		// 		tls.TLS_RSA_WITH_AES_128_CBC_SHA,
   129  		// 		tls.TLS_RSA_WITH_AES_256_CBC_SHA,
   130  		// 		// tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
   131  		// 		// tls.TLS_RSA_WITH_AES_256_CBC_SHA256,
   132  		// 		tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
   133  		// 		tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
   134  		// 		tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
   135  		// 		tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
   136  		// 		// tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
   137  		// 		// tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
   138  		// 		tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
   139  		// 		tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384}}
   140  		// // tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}}
   141  		// myTLSConfig.PreferServerCipherSuites = true
   142  
   143  		server := &http.Server{Addr: ":" + port, Handler: n /*, TLSConfig: myTLSConfig*/}
   144  		server.SetKeepAlivesEnabled(true)
   145  		if err := server.ListenAndServeTLS(certFile, keyFile); err != nil {
   146  			log.Error("ListenAndServeTLS on "+port, err)
   147  		}
   148  	}
   149  }
   150  
   151  func cors(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
   152  	w.Header().Set("Access-Control-Allow-Origin", "*")
   153  	w.Header().Set("Access-Control-Allow-Methods", "PUT, GET, POST, DELETE, OPTIONS, PATCH")
   154  	w.Header().Set("Access-Control-Allow-Headers", "host, content-type, accept, authorization, origin, referer, user-agent, cache-control, x-requested-with")
   155  	w.Header().Set("Access-Control-Expose-Headers", "x-documize-version")
   156  
   157  	if r.Method == "OPTIONS" {
   158  		if _, err := w.Write([]byte("")); err != nil {
   159  			log.Error("cors", err)
   160  		}
   161  		return
   162  	}
   163  
   164  	next(w, r)
   165  }
   166  
   167  func metrics(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
   168  
   169  	w.Header().Add("X-Documize-Version", Product.Version)
   170  	w.Header().Add("Cache-Control", "no-cache")
   171  
   172  	// Prevent page from being displayed in an iframe
   173  	w.Header().Add("X-Frame-Options", "DENY")
   174  
   175  	// Force SSL delivery
   176  	// if certFile != "" && keyFile != "" {
   177  	// 	w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
   178  	// }
   179  
   180  	next(w, r)
   181  }
   182  
   183  func version(w http.ResponseWriter, r *http.Request) {
   184  	if _, err := w.Write([]byte(Product.Version)); err != nil {
   185  		log.Error("versionHandler", err)
   186  	}
   187  }