teach/atsebay.t
Archived
1
0
Fork 0
Code Issues Pull requests Releases Activity

v1 done

Browse source
This commit is contained in:
nemunaire 2020-03-08 01:06:44 +01:00
parent f073e69417
commit 0a79763f69
17 changed files with 460 additions and 159 deletions
Download patch file Download diff file Expand all files Collapse all files

32
handler.go
View file

@ -40,7 +40,7 @@ func (r APIResponse) WriteResponse(w http.ResponseWriter) {
w.Write(bts)
} else if j, err := json.Marshal(r.response); err != nil {
w.Header().Set("Content-Type", "application/json")
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}", err), http.StatusInternalServerError)
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}", err.Error()), http.StatusInternalServerError)
} else {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
@ -77,17 +77,17 @@ func rawHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params, []
if cookie, err := r.Cookie("auth"); err == nil {
if sessionid, err := base64.StdEncoding.DecodeString(cookie.Value); err != nil {
w.Header().Set("Content-Type", "application/json")
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusNotAcceptable)
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err.Error()), http.StatusNotAcceptable)
return
} else if session, err := getSession(sessionid); err != nil {
w.Header().Set("Content-Type", "application/json")
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusUnauthorized)
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err.Error()), http.StatusUnauthorized)
return
} else if session.IdUser == nil {
user = nil
} else if std, err := getUser(int(*session.IdUser)); err != nil {
w.Header().Set("Content-Type", "application/json")
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err), http.StatusUnauthorized)
http.Error(w, fmt.Sprintf(`{"errmsg": %q}`, err.Error()), http.StatusUnauthorized)
return
} else {
user = &std
@ -98,7 +98,7 @@ func rawHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params, []
for _, a := range access {
if err := a(user, r); err != nil {
w.Header().Set("Content-Type", "application/json")
http.Error(w, fmt.Sprintf(`{"errmsg":%q}`, err), http.StatusForbidden)
http.Error(w, fmt.Sprintf(`{"errmsg":%q}`, err.err.Error()), http.StatusForbidden)
return
}
}
@ -159,10 +159,7 @@ func formatApiResponse(i interface{}, err error) HTTPResponse {
func apiAuthHandler(f func(*User, httprouter.Params, []byte) HTTPResponse, access ...func(*User, *http.Request) *APIErrorResponse) func(http.ResponseWriter, *http.Request, httprouter.Params) {
return rawHandler(formatResponseHandler(func (r *http.Request, ps httprouter.Params, b []byte) HTTPResponse {
if cookie, err := r.Cookie("auth"); err != nil {
return APIErrorResponse{
status: http.StatusForbidden,
err: errors.New("Authorization required"),
}
return f(nil, ps, b)
} else if sessionid, err := base64.StdEncoding.DecodeString(cookie.Value); err != nil {
return APIErrorResponse{
status: http.StatusBadRequest,
@ -174,10 +171,7 @@ func apiAuthHandler(f func(*User, httprouter.Params, []byte) HTTPResponse, acces
err: err,
}
} else if session.IdUser == nil {
return APIErrorResponse{
status: http.StatusForbidden,
err: errors.New("Authorization required"),
}
return f(nil, ps, b)
} else if std, err := getUser(int(*session.IdUser)); err != nil {
return APIErrorResponse{
status: http.StatusInternalServerError,
@ -189,6 +183,18 @@ func apiAuthHandler(f func(*User, httprouter.Params, []byte) HTTPResponse, acces
}), access...)
}
func loggedUser(u *User, r *http.Request) *APIErrorResponse {
if u != nil {
return nil
} else {
ret := &APIErrorResponse{
status: http.StatusForbidden,
err: errors.New("Permission Denied"),
}
return ret
}
}
func adminRestricted(u *User, r *http.Request) *APIErrorResponse {
if u != nil && u.IsAdmin {
return nil