token-handler: handle authorization through Epita CRI LDAP

token-validator/auth.go

@@ -0,0 +1,77 @@
+package main
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+
+	"github.com/julienschmidt/httprouter"
+)
+
+func init() {
+	router.GET("/auth", authHandler(apiHandler(validateAuthToken, printStudent)))
+	router.POST("/auth", apiHandler(checkAuth))
+}
+
+func printStudent(std *Student, r *http.Request) error {
+	if std != nil {
+		return errors.New(fmt.Sprintf("%s", *std))
+	} else {
+		return nil
+	}
+}
+
+func validateAuthToken(_ httprouter.Params, _ []byte) (interface{}, error) {
+	return false, nil
+}
+
+type loginForm struct {
+	Username string
+	Password string
+}
+
+func checkAuth(_ httprouter.Params, body []byte) (interface{}, error) {
+	var lf loginForm
+	if err := json.Unmarshal(body, &lf); err != nil {
+		return nil, err
+	}
+
+	if r, err := http.NewRequest("GET", "https://owncloud.srs.epita.fr/remote.php/webdav/", nil); err != nil {
+		return nil, err
+	} else {
+		r.SetBasicAuth(lf.Username, lf.Password)
+
+		if resp, err := http.DefaultClient.Do(r); err != nil {
+			return nil, err
+		} else {
+			defer resp.Body.Close()
+
+			if resp.StatusCode == http.StatusOK {
+				var std Student
+				if !studentExists(lf.Username) {
+					if std, err = NewStudent(lf.Username); err != nil {
+						return nil, err
+					}
+				} else if std, err = getStudentByLogin(lf.Username); err != nil {
+					return nil, err
+				}
+
+				session, err := std.NewSession()
+				if err != nil {
+					return nil, err
+				}
+
+				res := map[string]interface{}{}
+				res["status"] = "OK"
+				res["id_session"] = session.Id
+
+				return res, nil
+			} else {
+				return nil, errors.New(`{"status": "Invalid username or password"}`)
+			}
+		}
+
+		return nil, nil
+	}
+}