github.com/pavlo67/common@v0.5.3/common/auth/auth_server_http/endpoints.go (about) 1 package auth_server_http 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "io/ioutil" 7 "net/http" 8 9 "github.com/pavlo67/common/common" 10 "github.com/pavlo67/common/common/auth" 11 "github.com/pavlo67/common/common/errors" 12 "github.com/pavlo67/common/common/server_http" 13 ) 14 15 var Endpoints = server_http.Endpoints{ 16 authenticateEndpoint, 17 setCredsEndpoint, 18 } 19 20 //var bodyParams = json.RawMessage(`{ 21 // "in": "body", 22 // "name": "credentials", 23 // "description": "user's email/login & password'", 24 // "schema": { 25 // "type": "object", 26 // "required":"password", 27 // "properties": { 28 // "email": {"type": "string"}, 29 // "nickname": {"type": "string"}, 30 // "password": {"type": "string"} 31 // ... 32 // } 33 // } 34 // 35 //}`) 36 37 var authenticateEndpoint = server_http.Endpoint{ 38 EndpointDescription: server_http.EndpointDescription{ 39 InternalKey: auth.IntefaceKeyAuthenticate, 40 Method: "POST", 41 }, 42 43 //BodyParams: bodyParams, 44 WorkerHTTP: func(serverOp server_http.Operator, req *http.Request, _ server_http.PathParams, _ *auth.Identity) (server_http.Response, error) { 45 46 credsJSON, err := ioutil.ReadAll(req.Body) 47 if err != nil { 48 return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongBodyKey, common.Map{"error": errors.Wrap(err, "can't read body")}), req) 49 } 50 51 var toAuth auth.Creds 52 if err = json.Unmarshal(credsJSON, &toAuth); err != nil { 53 return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongJSONKey, common.Map{"error": errors.Wrapf(err, "can't unmarshal body: %s", credsJSON)}), req) 54 } 55 toAuth[auth.CredsIP] = req.RemoteAddr 56 57 actor, err := authOp.Authenticate(toAuth) 58 if err != nil { 59 return server_http.ResponseRESTError(0, err, req) 60 } else if actor == nil || actor.Identity == nil { 61 return server_http.ResponseRESTError(0, auth.ErrNotAuthenticated, req) 62 } 63 64 toSet := auth.Creds{ 65 auth.CredsNickname: actor.Nickname, 66 auth.CredsID: string(actor.ID), 67 } 68 69 if len(actor.Roles) > 0 { 70 rolesJSON, err := json.Marshal(actor.Roles) 71 if err != nil { 72 return server_http.ResponseRESTError(0, err, req) 73 } 74 toSet[auth.CredsRolesJSON] = string(rolesJSON) 75 } 76 77 jwtCreds, err := authJWTOp.SetCreds(auth.Actor{}, toSet) 78 if err != nil || jwtCreds == nil { 79 return server_http.ResponseRESTError(0, fmt.Errorf("got %#v / %s", jwtCreds, err), req) 80 } 81 actor.Creds = *jwtCreds 82 83 return server_http.ResponseRESTOk(http.StatusOK, actor, req) 84 }, 85 } 86 87 var setCredsEndpoint = server_http.Endpoint{ 88 EndpointDescription: server_http.EndpointDescription{ 89 InternalKey: auth.IntefaceKeySetCreds, 90 Method: "POST", 91 }, 92 93 WorkerHTTP: func(serverOp server_http.Operator, req *http.Request, _ server_http.PathParams, identity *auth.Identity) (server_http.Response, error) { 94 95 credsJSON, err := ioutil.ReadAll(req.Body) 96 if err != nil { 97 return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongBodyKey, common.Map{"error": errors.Wrap(err, "can't read body")}), req) 98 } 99 100 var toSet auth.Creds 101 if err = json.Unmarshal(credsJSON, &toSet); err != nil { 102 return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongJSONKey, common.Map{"error": errors.Wrapf(err, "can't unmarshal body: %s", credsJSON)}), req) 103 } 104 toSet[auth.CredsIP] = req.RemoteAddr 105 106 creds, err := authOp.SetCreds(auth.Actor{Identity: identity}, toSet) 107 if err != nil { 108 return server_http.ResponseRESTError(0, err, req) 109 } 110 111 return server_http.ResponseRESTOk(http.StatusOK, creds, req) 112 }, 113 }