fic/server
2
0
Fork 0
Code Issues Pull Requests 10 Releases Wiki Activity

frontend: don't use path to give team's ID, use a dedicated header
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
nemunaire 2021-02-05 16:57:23 +01:00
parent f4dcaa23a3
commit 0d792dcd8f
5 changed files with 53 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
configs/nginx-demo.conf
View File

@ -180,55 +180,49 @@ server {
location /submit/ { location /submit/ {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/submit/(.*)$ /submission/$team/$1 break; proxy_pass http://frontend:8080/submission;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /submit/issue { location /submit/issue {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/submit/.*$ /issue/$team break; proxy_pass http://frontend:8080/issue;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /submit/name { location /submit/name {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/submit/.*$ /chname/$team break; proxy_pass http://frontend:8080/chname;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /registration { location /registration {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/registration /registration/$team break;
proxy_pass http://frontend:8080; proxy_pass http://frontend:8080;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /openhint/ { location /openhint/ {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/openhint/(.*)$ /openhint/$team/$1 break; proxy_pass http://frontend:8080;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /wantchoices/ { location /wantchoices/ {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/wantchoices/(.*)$ /wantchoices/$team/$1 break; proxy_pass http://frontend:8080;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
} }

28
configs/nginx-prod.conf
View File

@ -172,55 +172,49 @@ server {
location /submit/ { location /submit/ {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/submit/(.*)$ /submission/$team/$1 break; proxy_pass http://frontend:8080/submission;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /submit/issue { location /submit/issue {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/submit/.*$ /issue/$team break; proxy_pass http://frontend:8080/issue;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /submit/name { location /submit/name {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/submit/.*$ /chname/$team break; proxy_pass http://frontend:8080/chname;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /registration { location /registration {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/registration /registration/$team break;
proxy_pass http://frontend:8080; proxy_pass http://frontend:8080;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /openhint/ { location /openhint/ {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/openhint/(.*)$ /openhint/$team/$1 break; proxy_pass http://frontend:8080;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
location /wantchoices/ { location /wantchoices/ {
include fic-auth.conf; include fic-auth.conf;
rewrite ^/wantchoices/(.*)$ /wantchoices/$team/$1 break; proxy_pass http://frontend:8080;
proxy_pass http://frontend:8080/;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-FIC-Team $team;
proxy_redirect off; proxy_redirect off;
} }
} }

13
frontend/main.go
View File

@ -54,13 +54,13 @@ func main() {
settings.LoadAndWatchSettings(path.Join(settings.SettingsDir, settings.SettingsFile), reloadSettings) settings.LoadAndWatchSettings(path.Join(settings.SettingsDir, settings.SettingsFile), reloadSettings)
// Register handlers // Register handlers
http.Handle(fmt.Sprintf("%s/chname/", *prefix), http.StripPrefix(fmt.Sprintf("%s/chname/", *prefix), submissionTeamChecker{"name change", ChNameHandler, *teamsDir})) http.Handle(fmt.Sprintf("%s/chname/", *prefix), http.StripPrefix(fmt.Sprintf("%s/chname/", *prefix), submissionTeamChecker{"name change", ChNameHandler, *teamsDir, *simulator}))
http.Handle(fmt.Sprintf("%s/issue/", *prefix), http.StripPrefix(fmt.Sprintf("%s/issue/", *prefix), submissionTeamChecker{"issue", IssueHandler, *teamsDir})) http.Handle(fmt.Sprintf("%s/issue/", *prefix), http.StripPrefix(fmt.Sprintf("%s/issue/", *prefix), submissionTeamChecker{"issue", IssueHandler, *teamsDir, *simulator}))
http.Handle(fmt.Sprintf("%s/openhint/", *prefix), http.StripPrefix(fmt.Sprintf("%s/openhint/", *prefix), submissionTeamChecker{"opening hint", HintHandler, *teamsDir})) http.Handle(fmt.Sprintf("%s/openhint/", *prefix), http.StripPrefix(fmt.Sprintf("%s/openhint/", *prefix), submissionTeamChecker{"opening hint", HintHandler, *teamsDir, *simulator}))
http.Handle(fmt.Sprintf("%s/wantchoices/", *prefix), http.StripPrefix(fmt.Sprintf("%s/wantchoices/", *prefix), submissionTeamChecker{"wantint choices", WantChoicesHandler, *teamsDir})) http.Handle(fmt.Sprintf("%s/wantchoices/", *prefix), http.StripPrefix(fmt.Sprintf("%s/wantchoices/", *prefix), submissionTeamChecker{"wantint choices", WantChoicesHandler, *teamsDir, *simulator}))
http.Handle(fmt.Sprintf("%s/registration/", *prefix), http.StripPrefix(fmt.Sprintf("%s/registration/", *prefix), submissionChecker{"registration", RegistrationHandler})) http.Handle(fmt.Sprintf("%s/registration", *prefix), http.StripPrefix(fmt.Sprintf("%s/registration", *prefix), submissionChecker{"registration", RegistrationHandler}))
http.Handle(fmt.Sprintf("%s/resolution/", *prefix), http.StripPrefix(fmt.Sprintf("%s/resolution/", *prefix), ResolutionHandler{})) http.Handle(fmt.Sprintf("%s/resolution/", *prefix), http.StripPrefix(fmt.Sprintf("%s/resolution/", *prefix), ResolutionHandler{}))
http.Handle(fmt.Sprintf("%s/submission/", *prefix), http.StripPrefix(fmt.Sprintf("%s/submission/", *prefix), submissionTeamChecker{"submission", SubmissionHandler, *teamsDir})) http.Handle(fmt.Sprintf("%s/submission/", *prefix), http.StripPrefix(fmt.Sprintf("%s/submission/", *prefix), submissionTeamChecker{"submission", SubmissionHandler, *teamsDir, *simulator}))
if *simulator != "" { if *simulator != "" {
if _, err := os.Stat(path.Join(*teamsDir, *simulator)); os.IsNotExist(err) { if _, err := os.Stat(path.Join(*teamsDir, *simulator)); os.IsNotExist(err) {
@ -120,7 +120,6 @@ loop:
} }
} }
log.Print("The service is shutting down...") log.Print("The service is shutting down...")
srv.Shutdown(context.Background()) srv.Shutdown(context.Background())
log.Println("done") log.Println("done")

8
frontend/register.go
View File

@ -15,11 +15,13 @@ func RegistrationHandler(w http.ResponseWriter, r *http.Request, sURL []string)
return return
} }
if len(sURL) < 1 || len(sURL[0]) == 0 { teamInitialName := "-"
http.Error(w, "{\"errmsg\":\"Arguments manquants.\"}", http.StatusBadRequest) if t := r.Header.Get("X-FIC-Team"); t != "" {
teamInitialName = t
} else {
http.Error(w, "{\"errmsg\":\"Votre jeton d'authentification semble invalide. Contactez l'équipe serveur.\"}", http.StatusInternalServerError)
return return
} }
teamInitialName := sURL[0]
// Check request type and size // Check request type and size
if r.Method != "POST" { if r.Method != "POST" {

36
frontend/submissions.go
View File

@ -10,24 +10,29 @@ import (
type submissionHandler func(w http.ResponseWriter, r *http.Request, sURL []string) type submissionHandler func(w http.ResponseWriter, r *http.Request, sURL []string)
type submissionChecker struct{ type submissionChecker struct {
kind string kind string
next submissionHandler next submissionHandler
} }
type submissionTeamHandler func(w http.ResponseWriter, r *http.Request, team string, sURL []string) type submissionTeamHandler func(w http.ResponseWriter, r *http.Request, team string, sURL []string)
type submissionTeamChecker struct{ type submissionTeamChecker struct {
kind string kind string
next submissionTeamHandler next submissionTeamHandler
teamsDir string teamsDir string
simulator string
} }
func (c submissionChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (c submissionChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if addr := r.Header.Get("X-Forwarded-For"); addr != "" { if addr := r.Header.Get("X-Forwarded-For"); addr != "" {
r.RemoteAddr = addr r.RemoteAddr = addr
} }
log.Printf("%s \"%s %s\" => %s [%s]\n", r.RemoteAddr, r.Method, r.URL.Path, c.kind, r.UserAgent()) team := "-"
if t := r.Header.Get("X-FIC-Team"); t != "" {
team = t
}
log.Printf("%s %s \"%s %s\" => %s [%s]\n", r.RemoteAddr, team, r.Method, r.URL.Path, c.kind, r.UserAgent())
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
@ -41,21 +46,20 @@ func (c submissionChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
} }
// Extract URL arguments // Extract URL arguments
var sURL = strings.Split(r.URL.Path, "/") var sURL = strings.Split(strings.TrimPrefix(r.URL.Path, "/"), "/")
c.next(w, r, sURL) c.next(w, r, sURL)
} }
func (c submissionTeamChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (c submissionTeamChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
submissionChecker{c.kind, func(w http.ResponseWriter, r *http.Request, sURL []string){ submissionChecker{c.kind, func(w http.ResponseWriter, r *http.Request, sURL []string) {
if len(sURL) < 1 { team := c.simulator
http.Error(w, "{\"errmsg\":\"Arguments manquants.\"}", http.StatusBadRequest) if t := r.Header.Get("X-FIC-Team"); t != "" {
return team = t
} }
team := sURL[0]
// Check team validity and existance // Check team validity and existance
if len(team) < 1 || team == "public" { if len(team) < 1 || team == "-" || team == "public" {
log.Println("INVALID TEAM:", team) log.Println("INVALID TEAM:", team)
http.Error(w, "{\"errmsg\":\"Équipe inexistante.\"}", http.StatusBadRequest) http.Error(w, "{\"errmsg\":\"Équipe inexistante.\"}", http.StatusBadRequest)
return return
@ -65,6 +69,6 @@ func (c submissionTeamChecker) ServeHTTP(w http.ResponseWriter, r *http.Request)
return return
} }
c.next(w, r, team, sURL[1:]) c.next(w, r, team, sURL)
}}.ServeHTTP(w, r) }}.ServeHTTP(w, r)
} }