added file browser to auth verify, setting up from clients
Some checks failed
Build and Push Docker Image / Build image (push) Has been cancelled
Some checks failed
Build and Push Docker Image / Build image (push) Has been cancelled
This commit is contained in:
parent
4ffaabd6e6
commit
ae12746ff2
31
auth/auth.go
31
auth/auth.go
@ -6,11 +6,11 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"git.acooldomain.co/server-manager/backend/dbhandler"
|
"git.acooldomain.co/server-manager/backend/dbhandler"
|
||||||
"git.acooldomain.co/server-manager/backend/factories"
|
"git.acooldomain.co/server-manager/backend/factories"
|
||||||
|
"git.acooldomain.co/server-manager/backend/instancemanager"
|
||||||
"git.acooldomain.co/server-manager/backend/models"
|
"git.acooldomain.co/server-manager/backend/models"
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
"github.com/golang-jwt/jwt"
|
"github.com/golang-jwt/jwt"
|
||||||
@ -19,6 +19,7 @@ import (
|
|||||||
type AuthApi struct {
|
type AuthApi struct {
|
||||||
config models.GlobalConfig
|
config models.GlobalConfig
|
||||||
|
|
||||||
|
instanceManager instancemanager.InstanceManager
|
||||||
tokenHandler dbhandler.InviteTokenDbHandler
|
tokenHandler dbhandler.InviteTokenDbHandler
|
||||||
userAuthDbHandler dbhandler.UserPassAuthanticationDbHandler
|
userAuthDbHandler dbhandler.UserPassAuthanticationDbHandler
|
||||||
serverAuthDbHandler dbhandler.ServersAuthorizationDbHandler
|
serverAuthDbHandler dbhandler.ServersAuthorizationDbHandler
|
||||||
@ -169,14 +170,14 @@ func (con AuthApi) Verify(ctx *gin.Context) {
|
|||||||
|
|
||||||
forwardedUri := ctx.Request.Header.Get("x-forwarded-uri")
|
forwardedUri := ctx.Request.Header.Get("x-forwarded-uri")
|
||||||
|
|
||||||
pathSegments := strings.Split(forwardedUri, "/")
|
fileBrowser, err := con.instanceManager.GetFileBrowserFromUrl(ctx, forwardedUri)
|
||||||
|
if err != nil {
|
||||||
|
ctx.AbortWithError(500, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
serverId, service := pathSegments[2], pathSegments[1]
|
fmt.Printf("%#v %s", claims, fileBrowser.ServerId)
|
||||||
|
serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, fileBrowser.ServerId)
|
||||||
switch service {
|
|
||||||
case "browsers":
|
|
||||||
fmt.Printf("%#v %s", claims, serverId)
|
|
||||||
serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, serverId)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.AbortWithError(500, err)
|
ctx.AbortWithError(500, err)
|
||||||
return
|
return
|
||||||
@ -187,14 +188,6 @@ func (con AuthApi) Verify(ctx *gin.Context) {
|
|||||||
ctx.Status(200)
|
ctx.Status(200)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
case "cloud":
|
|
||||||
if claims.Permissions&models.Cloud == models.Cloud || claims.Permissions&models.Admin == models.Admin {
|
|
||||||
log.Printf("Set header X-Username %s", claims.Username)
|
|
||||||
ctx.Header("X-Auth-Username", claims.Username)
|
|
||||||
ctx.Status(200)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx.Redirect(303, fmt.Sprintf("http://%s/login", con.config.Domain))
|
ctx.Redirect(303, fmt.Sprintf("http://%s/login", con.config.Domain))
|
||||||
}
|
}
|
||||||
@ -210,6 +203,11 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
|
|||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
instanceManager, err := factories.GetInstanceManager(config.InstanceManager, config.Domain)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
inviteHandler, err := factories.GetInviteTokenDbHandler(config.Authentication.UserPass.InviteTokenDatabase)
|
inviteHandler, err := factories.GetInviteTokenDbHandler(config.Authentication.UserPass.InviteTokenDatabase)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
@ -218,6 +216,7 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
|
|||||||
connection := AuthApi{
|
connection := AuthApi{
|
||||||
userAuthDbHandler: userAuthHandler,
|
userAuthDbHandler: userAuthHandler,
|
||||||
serverAuthDbHandler: serverAuthDbHandler,
|
serverAuthDbHandler: serverAuthDbHandler,
|
||||||
|
instanceManager: instanceManager,
|
||||||
tokenHandler: inviteHandler,
|
tokenHandler: inviteHandler,
|
||||||
config: config,
|
config: config,
|
||||||
}
|
}
|
||||||
|
|||||||
@ -656,6 +656,10 @@ func (im *InstanceManager) StopFileBrowser(ctx context.Context, serverId string)
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (im *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
|
||||||
|
return im.GetFileBrowser(ctx, strings.Split(url, "/")[1])
|
||||||
|
}
|
||||||
|
|
||||||
func NewInstanceManager(config models.DockerInstanceManagerConfig, siteDomain string) (*InstanceManager, error) {
|
func NewInstanceManager(config models.DockerInstanceManagerConfig, siteDomain string) (*InstanceManager, error) {
|
||||||
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@ -59,6 +59,7 @@ type InstanceManager interface {
|
|||||||
|
|
||||||
// Read Only
|
// Read Only
|
||||||
GetFileBrowser(ctx context.Context, serverId string) (*models.FileBrowser, error)
|
GetFileBrowser(ctx context.Context, serverId string) (*models.FileBrowser, error)
|
||||||
|
GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error)
|
||||||
ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error)
|
ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error)
|
||||||
|
|
||||||
// Status Changing
|
// Status Changing
|
||||||
|
|||||||
@ -299,6 +299,18 @@ func (i *InstanceManager) GetFileBrowser(ctx context.Context, serverId string) (
|
|||||||
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (i *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
|
||||||
|
serverManager := &servermanagerv1.ServerManager{}
|
||||||
|
urlSegments := strings.Split(url, "/")
|
||||||
|
namespace, serverId := urlSegments[1], urlSegments[2]
|
||||||
|
err := i.client.Get(ctx, client.ObjectKey{Namespace: namespace, Name: serverId}, serverManager)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
||||||
|
}
|
||||||
|
|
||||||
func (i *InstanceManager) ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error) {
|
func (i *InstanceManager) ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error) {
|
||||||
serverManagers := &servermanagerv1.ServerManagerList{}
|
serverManagers := &servermanagerv1.ServerManagerList{}
|
||||||
err := i.client.List(ctx, serverManagers, &client.ListOptions{Namespace: i.Config.Namespace})
|
err := i.client.List(ctx, serverManagers, &client.ListOptions{Namespace: i.Config.Namespace})
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user