github.com/jancarloviray/community@v0.41.1-0.20170124221257-33a66c87cf2f/core/api/endpoint/server.go (about) 1 // Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved. 2 // 3 // This software (Documize Community Edition) is licensed under 4 // GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html 5 // 6 // You can operate outside the AGPL restrictions by purchasing 7 // Documize Enterprise Edition and obtaining a commercial license 8 // by contacting <sales@documize.com>. 9 // 10 // https://documize.com 11 12 package endpoint 13 14 import ( 15 "fmt" 16 "net/http" 17 "os" 18 "strings" 19 20 "github.com/codegangsta/negroni" 21 "github.com/documize/community/core" 22 "github.com/documize/community/core/api/plugins" 23 "github.com/documize/community/core/database" 24 "github.com/documize/community/core/environment" 25 "github.com/documize/community/core/log" 26 "github.com/documize/community/core/web" 27 "github.com/gorilla/mux" 28 ) 29 30 var port, certFile, keyFile, forcePort2SSL string 31 32 // Product details app edition and version 33 var Product core.ProdInfo 34 35 func init() { 36 Product = core.Product() 37 environment.GetString(&certFile, "cert", false, "the cert.pem file used for https", nil) 38 environment.GetString(&keyFile, "key", false, "the key.pem file used for https", nil) 39 environment.GetString(&port, "port", false, "http/https port number", nil) 40 environment.GetString(&forcePort2SSL, "forcesslport", false, "redirect given http port number to TLS", nil) 41 } 42 43 var testHost string // used during automated testing 44 45 // Serve the Documize endpoint. 46 func Serve(ready chan struct{}) { 47 err := plugins.LibSetup() 48 49 if err != nil { 50 log.Error("Terminating before running - invalid plugin.json", err) 51 os.Exit(1) 52 } 53 54 log.Info(fmt.Sprintf("Starting %s version %s", Product.Title, Product.Version)) 55 56 switch web.SiteMode { 57 case web.SiteModeOffline: 58 log.Info("Serving OFFLINE web app") 59 case web.SiteModeSetup: 60 Add(RoutePrefixPrivate, "setup", []string{"POST", "OPTIONS"}, nil, database.Create) 61 log.Info("Serving SETUP web app") 62 case web.SiteModeBadDB: 63 log.Info("Serving BAD DATABASE web app") 64 default: 65 log.Info("Starting web app") 66 } 67 68 router := mux.NewRouter() 69 70 // "/api/public/..." 71 router.PathPrefix(RoutePrefixPublic).Handler(negroni.New( 72 negroni.HandlerFunc(cors), 73 negroni.Wrap(buildRoutes(RoutePrefixPublic)), 74 )) 75 76 // "/api/..." 77 router.PathPrefix(RoutePrefixPrivate).Handler(negroni.New( 78 negroni.HandlerFunc(Authorize), 79 negroni.Wrap(buildRoutes(RoutePrefixPrivate)), 80 )) 81 82 // "/..." 83 router.PathPrefix(RoutePrefixRoot).Handler(negroni.New( 84 negroni.HandlerFunc(cors), 85 negroni.Wrap(buildRoutes(RoutePrefixRoot)), 86 )) 87 88 n := negroni.New() 89 n.Use(negroni.NewStatic(web.StaticAssetsFileSystem())) 90 n.Use(negroni.HandlerFunc(cors)) 91 n.Use(negroni.HandlerFunc(metrics)) 92 n.UseHandler(router) 93 ready <- struct{}{} 94 95 if certFile == "" && keyFile == "" { 96 if port == "" { 97 port = "80" 98 } 99 100 log.Info("Starting non-SSL server on " + port) 101 102 n.Run(testHost + ":" + port) 103 } else { 104 if port == "" { 105 port = "443" 106 } 107 108 if forcePort2SSL != "" { 109 log.Info("Starting non-SSL server on " + forcePort2SSL + " and redirecting to SSL server on " + port) 110 111 go func() { 112 err := http.ListenAndServe(":"+forcePort2SSL, http.HandlerFunc( 113 func(w http.ResponseWriter, req *http.Request) { 114 var host = strings.Replace(req.Host, forcePort2SSL, port, 1) + req.RequestURI 115 http.Redirect(w, req, "https://"+host, http.StatusMovedPermanently) 116 })) 117 if err != nil { 118 log.Error("ListenAndServe on "+forcePort2SSL, err) 119 } 120 }() 121 } 122 123 log.Info("Starting SSL server on " + port + " with " + certFile + " " + keyFile) 124 125 // myTLSConfig := &tls.Config{ 126 // CipherSuites: []uint16{ 127 // tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, 128 // tls.TLS_RSA_WITH_AES_128_CBC_SHA, 129 // tls.TLS_RSA_WITH_AES_256_CBC_SHA, 130 // // tls.TLS_RSA_WITH_AES_128_CBC_SHA256, 131 // // tls.TLS_RSA_WITH_AES_256_CBC_SHA256, 132 // tls.TLS_RSA_WITH_AES_128_GCM_SHA256, 133 // tls.TLS_RSA_WITH_AES_256_GCM_SHA384, 134 // tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 135 // tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 136 // // tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 137 // // tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 138 // tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 139 // tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384}} 140 // // tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}} 141 // myTLSConfig.PreferServerCipherSuites = true 142 143 server := &http.Server{Addr: ":" + port, Handler: n /*, TLSConfig: myTLSConfig*/} 144 server.SetKeepAlivesEnabled(true) 145 if err := server.ListenAndServeTLS(certFile, keyFile); err != nil { 146 log.Error("ListenAndServeTLS on "+port, err) 147 } 148 } 149 } 150 151 func cors(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) { 152 w.Header().Set("Access-Control-Allow-Origin", "*") 153 w.Header().Set("Access-Control-Allow-Methods", "PUT, GET, POST, DELETE, OPTIONS, PATCH") 154 w.Header().Set("Access-Control-Allow-Headers", "host, content-type, accept, authorization, origin, referer, user-agent, cache-control, x-requested-with") 155 w.Header().Set("Access-Control-Expose-Headers", "x-documize-version") 156 157 if r.Method == "OPTIONS" { 158 if _, err := w.Write([]byte("")); err != nil { 159 log.Error("cors", err) 160 } 161 return 162 } 163 164 next(w, r) 165 } 166 167 func metrics(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) { 168 169 w.Header().Add("X-Documize-Version", Product.Version) 170 w.Header().Add("Cache-Control", "no-cache") 171 172 // Prevent page from being displayed in an iframe 173 w.Header().Add("X-Frame-Options", "DENY") 174 175 // Force SSL delivery 176 // if certFile != "" && keyFile != "" { 177 // w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains") 178 // } 179 180 next(w, r) 181 } 182 183 func version(w http.ResponseWriter, r *http.Request) { 184 if _, err := w.Write([]byte(Product.Version)); err != nil { 185 log.Error("versionHandler", err) 186 } 187 }