token-validator: wg tunnel API interface

token-validator/handler.go

@@ -5,6 +5,7 @@ import (
 	"crypto/sha512"
 	"encoding/base64"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"log"
@@ -156,6 +157,22 @@ func apiHandler(f DispatchFunction, access ...func(*Student, *http.Request) erro
 	return rawHandler(func (_ *http.Request, ps httprouter.Params, b []byte) (interface{}, error) { return f(ps, b) }, access...)
 }
 
+func apiAuthHandler(f func(Student, httprouter.Params, []byte) (interface{}, error), access ...func(*Student, *http.Request) error) func(http.ResponseWriter, *http.Request, httprouter.Params) {
+	return rawHandler(func (r *http.Request, ps httprouter.Params, b []byte) (interface{}, error) {
+		if flds := strings.Fields(r.Header.Get("Authorization")); len(flds) != 2 || flds[0] != "Bearer" {
+			return nil, errors.New("Authorization required")
+		} else if sessionid, err := base64.StdEncoding.DecodeString(flds[1]); err != nil {
+			return nil, err
+		} else if session, err := getSession(sessionid); err != nil {
+			return nil, err
+		} else if std, err := getStudent(int(session.IdStudent)); err != nil {
+			return nil, err
+		} else {
+			return f(std, ps, b)
+		}
+	}, access...)
+}
+
 func studentHandler(f func(Student, []byte) (interface{}, error)) func(httprouter.Params, []byte) (interface{}, error) {
 	return func(ps httprouter.Params, body []byte) (interface{}, error) {
 		if sid, err := strconv.Atoi(string(ps.ByName("sid"))); err != nil {