diff options
author | Alex Auvolat <alex@adnab.me> | 2020-02-10 15:26:02 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2020-02-10 15:26:02 +0100 |
commit | 9a6e24aea0c0229b9b30dcf0136228bda34e4690 (patch) | |
tree | e2b9dbbb98861f556b050f52d26f064fb2cc9b77 /main.go | |
parent | 7ab5451a3f5865a6cb3ef0979da979b9496ce990 (diff) | |
download | guichet-9a6e24aea0c0229b9b30dcf0136228bda34e4690.tar.gz guichet-9a6e24aea0c0229b9b30dcf0136228bda34e4690.zip |
Containerize
Diffstat (limited to 'main.go')
-rw-r--r-- | main.go | 76 |
1 files changed, 36 insertions, 40 deletions
@@ -3,7 +3,6 @@ package main import ( "crypto/rand" "crypto/tls" - "encoding/base64" "encoding/json" "flag" "fmt" @@ -21,7 +20,6 @@ import ( type ConfigFile struct { HttpBindAddr string `json:"http_bind_addr"` - SessionKey string `json:"session_key"` LdapServerAddr string `json:"ldap_server_addr"` LdapTLS bool `json:"ldap_tls"` @@ -31,7 +29,7 @@ type ConfigFile struct { GroupBaseDN string `json:"group_base_dn"` GroupNameAttr string `json:"group_name_attr"` - AdminAccount string `json:"admin_account"` + AdminAccount string `json:"admin_account"` GroupCanInvite string `json:"group_can_invite"` GroupCanAdmin string `json:"group_can_admin"` } @@ -45,15 +43,8 @@ const SESSION_NAME = "guichet_session" var store sessions.Store = nil func readConfig() ConfigFile { - key_bytes := make([]byte, 32) - n, err := rand.Read(key_bytes) - if err != nil || n != 32 { - log.Fatal(err) - } - config_file := ConfigFile{ HttpBindAddr: ":9991", - SessionKey: base64.StdEncoding.EncodeToString(key_bytes), LdapServerAddr: "ldap://127.0.0.1:389", LdapTLS: false, BaseDN: "dc=example,dc=com", @@ -66,7 +57,7 @@ func readConfig() ConfigFile { GroupCanAdmin: "gid=admin,ou=groups,dc=example,dc=com", } - _, err = os.Stat(*configFlag) + _, err := os.Stat(*configFlag) if os.IsNotExist(err) { // Generate default config file log.Printf("Generating default config file as %s", *configFlag) @@ -106,7 +97,13 @@ func main() { config_file := readConfig() config = &config_file - store = sessions.NewFilesystemStore("", []byte(config.SessionKey)) + + session_key := make([]byte, 32) + n, err := rand.Read(session_key) + if err != nil || n != 32 { + log.Fatal(err) + } + store = sessions.NewCookieStore(session_key) r := mux.NewRouter() r.HandleFunc("/", handleHome) @@ -123,7 +120,7 @@ func main() { r.Handle("/static/{file:.*}", http.StripPrefix("/static/", staticfiles)) log.Printf("Starting HTTP server on %s", config.HttpBindAddr) - err := http.ListenAndServe(config.HttpBindAddr, logRequest(r)) + err = http.ListenAndServe(config.HttpBindAddr, logRequest(r)) if err != nil { log.Fatal("Cannot start http server: ", err) } @@ -149,28 +146,28 @@ func logRequest(handler http.Handler) http.Handler { } func checkLogin(w http.ResponseWriter, r *http.Request) *LoginStatus { + var login_info *LoginInfo + session, err := store.Get(r, SESSION_NAME) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return nil + if err == nil { + username, ok := session.Values["login_username"] + password, ok2 := session.Values["login_password"] + user_dn, ok3 := session.Values["login_dn"] + + if ok && ok2 && ok3 { + login_info = &LoginInfo{ + DN: user_dn.(string), + Username: username.(string), + Password: password.(string), + } + } } - username, ok := session.Values["login_username"] - password, ok2 := session.Values["login_password"] - user_dn, ok3 := session.Values["login_dn"] - - var login_info *LoginInfo - if !(ok && ok2 && ok3) { + if login_info == nil { login_info = handleLogin(w, r) if login_info == nil { return nil } - } else { - login_info = &LoginInfo{ - DN: user_dn.(string), - Username: username.(string), - Password: password.(string), - } } l := ldapOpen(w) @@ -193,8 +190,8 @@ func checkLogin(w http.ResponseWriter, r *http.Request) *LoginStatus { } loginStatus := &LoginStatus{ - Info: login_info, - conn: l, + Info: login_info, + conn: l, } requestKind := "(objectClass=organizationalPerson)" @@ -245,11 +242,11 @@ func ldapOpen(w http.ResponseWriter) *ldap.Conn { // Page handlers ---- type HomePageData struct { - Login *LoginStatus + Login *LoginStatus WelcomeName string - CanAdmin bool - CanInvite bool - BaseDN string + CanAdmin bool + CanInvite bool + BaseDN string } func handleHome(w http.ResponseWriter, r *http.Request) { @@ -272,10 +269,10 @@ func handleHome(w http.ResponseWriter, r *http.Request) { } data := &HomePageData{ - Login: login, - CanAdmin: can_admin, - CanInvite: can_invite, - BaseDN: config.BaseDN, + Login: login, + CanAdmin: can_admin, + CanInvite: can_invite, + BaseDN: config.BaseDN, WelcomeName: login.UserEntry.GetAttributeValue("givenname"), } if data.WelcomeName == "" { @@ -346,8 +343,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo { // Successfully logged in, save it to session session, err := store.Get(r, SESSION_NAME) if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return nil + session, _ = store.New(r, SESSION_NAME) } session.Values["login_username"] = username |