Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 54174ef418 | |||
| 29d13371a8 | |||
| b71bf21b48 | |||
| ae12746ff2 | |||
| 4ffaabd6e6 | |||
| c647f76894 | |||
| c1c5d23f92 | |||
| 4263647288 | |||
| f1919d0602 | |||
| 440896ec69 | |||
| b8e028b80d |
66
auth/auth.go
66
auth/auth.go
@@ -6,11 +6,11 @@ import (
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.acooldomain.co/server-manager/backend/dbhandler"
|
||||
"git.acooldomain.co/server-manager/backend/factories"
|
||||
"git.acooldomain.co/server-manager/backend/instancemanager"
|
||||
"git.acooldomain.co/server-manager/backend/models"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/golang-jwt/jwt"
|
||||
@@ -19,6 +19,7 @@ import (
|
||||
type AuthApi struct {
|
||||
config models.GlobalConfig
|
||||
|
||||
instanceManager instancemanager.InstanceManager
|
||||
tokenHandler dbhandler.InviteTokenDbHandler
|
||||
userAuthDbHandler dbhandler.UserPassAuthanticationDbHandler
|
||||
serverAuthDbHandler dbhandler.ServersAuthorizationDbHandler
|
||||
@@ -84,13 +85,13 @@ func (con *AuthApi) LoggedIn(ctx *gin.Context) {
|
||||
}
|
||||
|
||||
type SignUpRequest struct {
|
||||
Token string
|
||||
Username string
|
||||
Password string
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
func (con AuthApi) signUp(ctx *gin.Context) {
|
||||
var request SignUpRequest
|
||||
rawToken := ctx.Query("token")
|
||||
|
||||
err := json.NewDecoder(ctx.Request.Body).Decode(&request)
|
||||
if err != nil {
|
||||
@@ -98,7 +99,7 @@ func (con AuthApi) signUp(ctx *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
token, err := con.tokenHandler.GetInviteToken(ctx, request.Token)
|
||||
token, err := con.tokenHandler.GetInviteToken(ctx, rawToken)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
@@ -115,12 +116,17 @@ func (con AuthApi) signUp(ctx *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
err = con.tokenHandler.DeleteInviteToken(ctx, token.Token)
|
||||
if err != nil {
|
||||
log.Printf("Failed to delete token %s", err)
|
||||
}
|
||||
|
||||
con.signIn(ctx)
|
||||
}
|
||||
|
||||
type SignInRequest struct {
|
||||
Username string
|
||||
Password string
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
func (con AuthApi) signIn(ctx *gin.Context) {
|
||||
@@ -169,31 +175,23 @@ func (con AuthApi) Verify(ctx *gin.Context) {
|
||||
|
||||
forwardedUri := ctx.Request.Header.Get("x-forwarded-uri")
|
||||
|
||||
pathSegments := strings.Split(forwardedUri, "/")
|
||||
fileBrowser, err := con.instanceManager.GetFileBrowserFromUrl(ctx, forwardedUri)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
|
||||
serverId, service := pathSegments[2], pathSegments[1]
|
||||
|
||||
switch service {
|
||||
case "browsers":
|
||||
fmt.Printf("%#v %s", claims, serverId)
|
||||
serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, serverId)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
if (claims.Permissions|serverPermissions)&models.Admin == models.Admin {
|
||||
ctx.Header("X-Auth-Username", claims.Username)
|
||||
log.Printf("Set header X-Username %s", claims.Username)
|
||||
ctx.Status(200)
|
||||
return
|
||||
}
|
||||
case "cloud":
|
||||
if claims.Permissions&models.Cloud == models.Cloud || claims.Permissions&models.Admin == models.Admin {
|
||||
log.Printf("Set header X-Username %s", claims.Username)
|
||||
ctx.Header("X-Auth-Username", claims.Username)
|
||||
ctx.Status(200)
|
||||
return
|
||||
}
|
||||
fmt.Printf("%#v %s", claims, fileBrowser.ServerId)
|
||||
serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, fileBrowser.ServerId)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
if (claims.Permissions|serverPermissions)&models.Admin == models.Admin {
|
||||
ctx.Header("X-Auth-Username", claims.Username)
|
||||
log.Printf("Set header X-Username %s", claims.Username)
|
||||
ctx.Status(200)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Redirect(303, fmt.Sprintf("http://%s/login", con.config.Domain))
|
||||
@@ -210,6 +208,11 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
|
||||
panic(err)
|
||||
}
|
||||
|
||||
instanceManager, err := factories.GetInstanceManager(config.InstanceManager, config.Domain)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
inviteHandler, err := factories.GetInviteTokenDbHandler(config.Authentication.UserPass.InviteTokenDatabase)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
@@ -218,6 +221,7 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
|
||||
connection := AuthApi{
|
||||
userAuthDbHandler: userAuthHandler,
|
||||
serverAuthDbHandler: serverAuthDbHandler,
|
||||
instanceManager: instanceManager,
|
||||
tokenHandler: inviteHandler,
|
||||
config: config,
|
||||
}
|
||||
|
||||
@@ -13,7 +13,7 @@ func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
|
||||
return func(ctx *gin.Context) {
|
||||
claimsPointer, exists := ctx.Get("claims")
|
||||
if !exists {
|
||||
ctx.AbortWithError(500, fmt.Errorf("Did not call LoggedIn first"))
|
||||
ctx.AbortWithError(500, fmt.Errorf("did not call LoggedIn first"))
|
||||
return
|
||||
}
|
||||
|
||||
@@ -41,6 +41,5 @@ func AuthorizationEnforcer() gin.HandlerFunc {
|
||||
if !authorized.(bool) {
|
||||
ctx.AbortWithStatus(403)
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,8 +19,6 @@ authentication:
|
||||
user_pass:
|
||||
type: "mongo"
|
||||
initial_user:
|
||||
username: ""
|
||||
password: ""
|
||||
email: ""
|
||||
mongo:
|
||||
url: "mongodb://mongo:27107"
|
||||
|
||||
@@ -21,8 +21,8 @@ type ServersAuthorizationDbHandler struct {
|
||||
collection *mongo.Collection
|
||||
}
|
||||
|
||||
func (self *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, username string) error {
|
||||
_, err := self.collection.DeleteMany(
|
||||
func (sa *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, username string) error {
|
||||
_, err := sa.collection.DeleteMany(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
@@ -32,8 +32,8 @@ func (self *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, usern
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, serverId string) error {
|
||||
_, err := self.collection.DeleteMany(
|
||||
func (sa *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, serverId string) error {
|
||||
_, err := sa.collection.DeleteMany(
|
||||
ctx,
|
||||
bson.M{
|
||||
"server_id": serverId,
|
||||
@@ -43,33 +43,33 @@ func (self *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, ser
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||
func (sa *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||
var serverPermissions ServerPermissions
|
||||
err := self.collection.FindOne(
|
||||
err := sa.collection.FindOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
},
|
||||
).Decode(&serverPermissions)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
newPermissions := serverPermissions.Permissions | permissions
|
||||
|
||||
_, err = self.collection.UpdateOne(
|
||||
_, err = sa.collection.UpdateOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
},
|
||||
bson.M{"$set": bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
"permissions": newPermissions,
|
||||
},
|
||||
bson.M{
|
||||
"$set": bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
"permissions": newPermissions,
|
||||
},
|
||||
},
|
||||
options.Update().SetUpsert(true),
|
||||
)
|
||||
@@ -77,65 +77,68 @@ func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, u
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *ServersAuthorizationDbHandler) RemovePermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||
func (sa *ServersAuthorizationDbHandler) RemovePermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||
var serverPermissions ServerPermissions
|
||||
err := self.collection.FindOne(
|
||||
err := sa.collection.FindOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
},
|
||||
).Decode(&serverPermissions)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
newPermissions := serverPermissions.Permissions | permissions ^ permissions
|
||||
|
||||
_, err = self.collection.UpdateOne(
|
||||
_, err = sa.collection.UpdateOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
},
|
||||
bson.M{"$set": bson.M{
|
||||
"permissions": newPermissions,
|
||||
},
|
||||
bson.M{
|
||||
"$set": bson.M{
|
||||
"permissions": newPermissions,
|
||||
},
|
||||
},
|
||||
)
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *ServersAuthorizationDbHandler) SetPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||
_, err := self.collection.UpdateOne(
|
||||
func (sa *ServersAuthorizationDbHandler) SetPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
|
||||
_, err := sa.collection.UpdateOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
},
|
||||
bson.M{"$set": bson.M{
|
||||
"permissions": permissions,
|
||||
},
|
||||
bson.M{
|
||||
"$set": bson.M{
|
||||
"permissions": permissions,
|
||||
},
|
||||
},
|
||||
)
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *ServersAuthorizationDbHandler) GetPermissions(ctx context.Context, username string, serverId string) (models.Permission, error) {
|
||||
func (sa *ServersAuthorizationDbHandler) GetPermissions(ctx context.Context, username string, serverId string) (models.Permission, error) {
|
||||
var serverPermissions ServerPermissions
|
||||
|
||||
err := self.collection.FindOne(
|
||||
err := sa.collection.FindOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
},
|
||||
).Decode(&serverPermissions)
|
||||
|
||||
if err != nil {
|
||||
if err == mongo.ErrNoDocuments {
|
||||
return 0, nil
|
||||
}
|
||||
return 0, err
|
||||
}
|
||||
|
||||
|
||||
@@ -25,9 +25,8 @@ type UserPassAuthenticationDbHandler struct {
|
||||
collection *mongo.Collection
|
||||
}
|
||||
|
||||
func (self *UserPassAuthenticationDbHandler) ListUsers(ctx context.Context) ([]models.User, error) {
|
||||
cursor, err := self.collection.Find(ctx, bson.M{})
|
||||
|
||||
func (i *UserPassAuthenticationDbHandler) ListUsers(ctx context.Context) ([]models.User, error) {
|
||||
cursor, err := i.collection.Find(ctx, bson.M{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -50,16 +49,14 @@ func (self *UserPassAuthenticationDbHandler) ListUsers(ctx context.Context) ([]m
|
||||
return modelUsers, nil
|
||||
}
|
||||
|
||||
func (self *UserPassAuthenticationDbHandler) AuthenticateUser(ctx context.Context, username string, password string) (*models.User, error) {
|
||||
func (i *UserPassAuthenticationDbHandler) AuthenticateUser(ctx context.Context, username string, password string) (*models.User, error) {
|
||||
var user AuthUser
|
||||
err := self.collection.FindOne(ctx, bson.M{"username": username}).Decode(&user)
|
||||
|
||||
err := i.collection.FindOne(ctx, bson.M{"username": username}).Decode(&user)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = bcrypt.CompareHashAndPassword([]byte(user.HashedPassword), []byte(password))
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -73,7 +70,7 @@ func (self *UserPassAuthenticationDbHandler) AuthenticateUser(ctx context.Contex
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (self *UserPassAuthenticationDbHandler) CreateUser(
|
||||
func (i *UserPassAuthenticationDbHandler) CreateUser(
|
||||
ctx context.Context,
|
||||
username string,
|
||||
password string,
|
||||
@@ -82,12 +79,11 @@ func (self *UserPassAuthenticationDbHandler) CreateUser(
|
||||
maxOwnedServers uint,
|
||||
) error {
|
||||
hashedPassword, err := dbhandler.HashPassword(password)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
_, err = self.collection.InsertOne(ctx, &AuthUser{
|
||||
_, err = i.collection.InsertOne(ctx, &AuthUser{
|
||||
Username: username,
|
||||
HashedPassword: hashedPassword,
|
||||
Permissions: permissions,
|
||||
@@ -98,16 +94,16 @@ func (self *UserPassAuthenticationDbHandler) CreateUser(
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *UserPassAuthenticationDbHandler) CountUsers(ctx context.Context) (uint, error) {
|
||||
count, err := self.collection.CountDocuments(ctx, bson.M{})
|
||||
func (i *UserPassAuthenticationDbHandler) CountUsers(ctx context.Context) (uint, error) {
|
||||
count, err := i.collection.CountDocuments(ctx, bson.M{})
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return uint(count), nil
|
||||
}
|
||||
|
||||
func (self *UserPassAuthenticationDbHandler) RemoveUser(ctx context.Context, username string) error {
|
||||
_, err := self.collection.DeleteOne(
|
||||
func (i *UserPassAuthenticationDbHandler) RemoveUser(ctx context.Context, username string) error {
|
||||
_, err := i.collection.DeleteOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
@@ -117,12 +113,12 @@ func (self *UserPassAuthenticationDbHandler) RemoveUser(ctx context.Context, use
|
||||
return err
|
||||
}
|
||||
|
||||
func (self *UserPassAuthenticationDbHandler) SetPermissions(
|
||||
func (i *UserPassAuthenticationDbHandler) SetPermissions(
|
||||
ctx context.Context,
|
||||
username string,
|
||||
permissions models.Permission,
|
||||
) error {
|
||||
_, err := self.collection.UpdateOne(
|
||||
_, err := i.collection.UpdateOne(
|
||||
ctx,
|
||||
bson.M{
|
||||
"username": username,
|
||||
@@ -149,9 +145,9 @@ func NewUserPassAuthHandler(config models.MongoDBConfig) (*UserPassAuthenticatio
|
||||
}
|
||||
|
||||
type InviteToken struct {
|
||||
Email string `json:"email"`
|
||||
Token string `json:"token"`
|
||||
Permissions models.Permission `json:"permissions"`
|
||||
Email string `bson:"email"`
|
||||
Token string `bson:"token"`
|
||||
Permissions models.Permission `bson:"permissions"`
|
||||
}
|
||||
|
||||
type InviteTokenDbHandler struct {
|
||||
@@ -159,15 +155,14 @@ type InviteTokenDbHandler struct {
|
||||
collection *mongo.Collection
|
||||
}
|
||||
|
||||
func (self *ServersDbHandler) SaveInviteToken(ctx context.Context, email string, permissions models.Permission) (string, error) {
|
||||
func (i *InviteTokenDbHandler) SaveInviteToken(ctx context.Context, email string, permissions models.Permission) (string, error) {
|
||||
token := uuid.NewString()
|
||||
|
||||
_, err := self.collection.InsertOne(ctx, &InviteToken{
|
||||
_, err := i.collection.InsertOne(ctx, &InviteToken{
|
||||
Permissions: permissions,
|
||||
Email: email,
|
||||
Token: token,
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@@ -175,9 +170,14 @@ func (self *ServersDbHandler) SaveInviteToken(ctx context.Context, email string,
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func (self *ServersDbHandler) GetInviteToken(ctx context.Context, token string) (*dbhandler.InviteToken, error) {
|
||||
func (i *InviteTokenDbHandler) DeleteInviteToken(ctx context.Context, token string) error {
|
||||
_, err := i.collection.DeleteOne(ctx, bson.M{"token": token})
|
||||
return err
|
||||
}
|
||||
|
||||
func (i *InviteTokenDbHandler) GetInviteToken(ctx context.Context, token string) (*dbhandler.InviteToken, error) {
|
||||
var inviteToken InviteToken
|
||||
err := self.collection.FindOne(ctx, bson.M{"token": token}).Decode(&inviteToken)
|
||||
err := i.collection.FindOne(ctx, bson.M{"token": token}).Decode(&inviteToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -40,4 +40,5 @@ type UserPassAuthanticationDbHandler interface {
|
||||
type InviteTokenDbHandler interface {
|
||||
SaveInviteToken(ctx context.Context, email string, permissions models.Permission) (string, error)
|
||||
GetInviteToken(ctx context.Context, token string) (*InviteToken, error)
|
||||
DeleteInviteToken(ctx context.Context, token string) error
|
||||
}
|
||||
|
||||
2
go.mod
2
go.mod
@@ -60,6 +60,8 @@ require (
|
||||
go.opentelemetry.io/otel/metric v1.35.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.35.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.35.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
go.uber.org/zap v1.27.0 // indirect
|
||||
golang.org/x/oauth2 v0.28.0 // indirect
|
||||
golang.org/x/sync v0.11.0 // indirect
|
||||
golang.org/x/time v0.11.0 // indirect
|
||||
|
||||
4
go.sum
4
go.sum
@@ -196,6 +196,10 @@ go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt
|
||||
go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
|
||||
go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
|
||||
go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
|
||||
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
|
||||
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
||||
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
||||
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||
golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
|
||||
golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
|
||||
golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
|
||||
|
||||
@@ -656,6 +656,10 @@ func (im *InstanceManager) StopFileBrowser(ctx context.Context, serverId string)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (im *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
|
||||
return im.GetFileBrowser(ctx, strings.Split(url, "/")[1])
|
||||
}
|
||||
|
||||
func NewInstanceManager(config models.DockerInstanceManagerConfig, siteDomain string) (*InstanceManager, error) {
|
||||
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
||||
if err != nil {
|
||||
|
||||
@@ -59,6 +59,7 @@ type InstanceManager interface {
|
||||
|
||||
// Read Only
|
||||
GetFileBrowser(ctx context.Context, serverId string) (*models.FileBrowser, error)
|
||||
GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error)
|
||||
ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error)
|
||||
|
||||
// Status Changing
|
||||
|
||||
@@ -3,6 +3,7 @@ package kubernetes
|
||||
import (
|
||||
"context"
|
||||
"io"
|
||||
"log"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
@@ -250,22 +251,24 @@ func (i *InstanceManager) InteractiveTerminal(ctx context.Context, serverId stri
|
||||
req := i.coreV1Cli.CoreV1().RESTClient().
|
||||
Post().
|
||||
Resource("pods").
|
||||
Namespace(i.Config.Namespace).
|
||||
Name(serverId).
|
||||
Namespace(i.Config.Namespace).
|
||||
SubResource("attach").
|
||||
VersionedParams(&corev1.PodAttachOptions{
|
||||
Container: "server",
|
||||
Stdin: true,
|
||||
Stdout: true,
|
||||
Stderr: true,
|
||||
TTY: true,
|
||||
Stdin: true,
|
||||
Stdout: true,
|
||||
Stderr: true,
|
||||
TTY: true,
|
||||
}, clientgoscheme.ParameterCodec)
|
||||
|
||||
executor, err := remotecommand.NewSPDYExecutor(i.restCfg, "POST", req.URL())
|
||||
go func() {
|
||||
defer stdoutWriter.Close()
|
||||
defer stdinReader.Close()
|
||||
_ = executor.StreamWithContext(ctx, remotecommand.StreamOptions{Stdin: stdinReader, Stdout: stdoutWriter, Stderr: stdoutWriter, Tty: true, TerminalSizeQueue: queue})
|
||||
err := executor.StreamWithContext(ctx, remotecommand.StreamOptions{Stdin: stdinReader, Stdout: stdoutWriter, Stderr: stdoutWriter, Tty: true, TerminalSizeQueue: queue})
|
||||
if err != nil {
|
||||
log.Printf("Failed to attach %e", err)
|
||||
}
|
||||
}()
|
||||
|
||||
if err != nil {
|
||||
@@ -296,6 +299,18 @@ func (i *InstanceManager) GetFileBrowser(ctx context.Context, serverId string) (
|
||||
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
||||
}
|
||||
|
||||
func (i *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
|
||||
serverManager := &servermanagerv1.ServerManager{}
|
||||
urlSegments := strings.Split(url, "/")
|
||||
namespace, serverId := urlSegments[2], urlSegments[3]
|
||||
err := i.client.Get(ctx, client.ObjectKey{Namespace: namespace, Name: serverId}, serverManager)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
|
||||
}
|
||||
|
||||
func (i *InstanceManager) ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error) {
|
||||
serverManagers := &servermanagerv1.ServerManagerList{}
|
||||
err := i.client.List(ctx, serverManagers, &client.ListOptions{Namespace: i.Config.Namespace})
|
||||
|
||||
26
logger/logger.go
Normal file
26
logger/logger.go
Normal file
@@ -0,0 +1,26 @@
|
||||
package logger
|
||||
|
||||
import (
|
||||
"os"
|
||||
|
||||
"go.uber.org/zap"
|
||||
"go.uber.org/zap/zapcore"
|
||||
)
|
||||
|
||||
var Logger *zap.Logger
|
||||
|
||||
func init() {
|
||||
var cfg zap.Config
|
||||
if os.Getenv("DEBUG") == "true" {
|
||||
cfg = zap.NewDevelopmentConfig()
|
||||
} else {
|
||||
cfg = zap.NewProductionConfig()
|
||||
}
|
||||
cfg.EncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
|
||||
var err error
|
||||
Logger, err = cfg.Build()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer Logger.Sync() // flushes buffer, if any
|
||||
}
|
||||
12
mail/mail.go
12
mail/mail.go
@@ -22,12 +22,12 @@ func NewMailClient(config models.EmailConfig) *MailClient {
|
||||
}
|
||||
}
|
||||
|
||||
func (self *MailClient) SendMail(
|
||||
func (mc *MailClient) SendMail(
|
||||
recipient string,
|
||||
subject string,
|
||||
content string,
|
||||
) error {
|
||||
from := mail.Address{Name: "", Address: self.mailConfig.FromEmail}
|
||||
from := mail.Address{Name: "", Address: mc.mailConfig.FromEmail}
|
||||
to := mail.Address{Name: "", Address: recipient}
|
||||
|
||||
headers := make(map[string]string)
|
||||
@@ -41,21 +41,21 @@ func (self *MailClient) SendMail(
|
||||
}
|
||||
message += "\r\n" + content
|
||||
|
||||
conn, err := tls.Dial("tcp", self.mailConfig.Server+":465", &tls.Config{ServerName: self.mailConfig.Server})
|
||||
conn, err := tls.Dial("tcp", mc.mailConfig.Server+":465", &tls.Config{ServerName: mc.mailConfig.Server})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
client, err := smtp.NewClient(conn, self.mailConfig.Server)
|
||||
client, err := smtp.NewClient(conn, mc.mailConfig.Server)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err = client.Auth(*self.auth); err != nil {
|
||||
if err = client.Auth(*mc.auth); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err = client.Mail(self.mailConfig.FromEmail); err != nil {
|
||||
if err = client.Mail(mc.mailConfig.FromEmail); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
||||
@@ -2,9 +2,7 @@ package servers
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
@@ -14,9 +12,11 @@ import (
|
||||
"git.acooldomain.co/server-manager/backend/dbhandler"
|
||||
"git.acooldomain.co/server-manager/backend/factories"
|
||||
instancemanager "git.acooldomain.co/server-manager/backend/instancemanager"
|
||||
"git.acooldomain.co/server-manager/backend/logger"
|
||||
"git.acooldomain.co/server-manager/backend/models"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/gorilla/websocket"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
var upgrader = websocket.Upgrader{
|
||||
@@ -193,16 +193,12 @@ func (con ServersApi) GetServers(ctx *gin.Context) {
|
||||
server := serverConfigsMap[instanceServer.Id]
|
||||
|
||||
var image ImageInfo
|
||||
log.Printf("server=%#v\t|\tinstanceServer=%#v", server, instanceServer)
|
||||
|
||||
if instanceServer.Running {
|
||||
image = ImageInfo{
|
||||
Name: instanceServer.RunningImage.Registry,
|
||||
Version: instanceServer.RunningImage.Tag,
|
||||
}
|
||||
} else {
|
||||
log.Printf("serverImage:%#v", server.Image)
|
||||
|
||||
image = ImageInfo{
|
||||
Name: server.Image.Registry,
|
||||
Version: server.Image.Tag,
|
||||
@@ -246,6 +242,7 @@ func (con ServersApi) DeleteServer(ctx *gin.Context) {
|
||||
|
||||
err = con.ServersDbHandler.DeleteServer(ctx, serverId)
|
||||
if err != nil {
|
||||
logger.Logger.Error("Failed to delete server", zap.String("ServerId", serverId), zap.Error(err))
|
||||
ctx.AbortWithError(501, err)
|
||||
return
|
||||
}
|
||||
@@ -262,13 +259,15 @@ func (con ServersApi) RunCommand(ctx *gin.Context) {
|
||||
err := json.NewDecoder(ctx.Request.Body).Decode(&request)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
|
||||
serverId := ctx.Param("server_id")
|
||||
log.Print("Writing command \"", request.Command, "\"")
|
||||
logger.Logger.Info("Writing command", zap.String("ServerId", serverId), zap.String("Command", request.Command))
|
||||
|
||||
consolePointer, err := con.InstanceManager.InteractiveTerminal(ctx, serverId)
|
||||
if err != nil {
|
||||
logger.Logger.Error("Failed getting terminal", zap.String("ServerId", serverId), zap.String("Command", request.Command), zap.Error(err))
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
@@ -278,10 +277,12 @@ func (con ServersApi) RunCommand(ctx *gin.Context) {
|
||||
|
||||
_, err = console.Conn.Write([]byte(request.Command + "\n"))
|
||||
if err != nil {
|
||||
logger.Logger.Error("Failed writing command", zap.String("ServerId", serverId), zap.String("Command", request.Command), zap.Error(err))
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
|
||||
logger.Logger.Info("Successfully wrote command", zap.String("ServerId", serverId), zap.String("Command", request.Command))
|
||||
ctx.JSON(200, "OK")
|
||||
}
|
||||
|
||||
@@ -301,8 +302,9 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
|
||||
|
||||
defer func() {
|
||||
if err != nil {
|
||||
log.Printf("The latest error is %s", err)
|
||||
logger.Logger.Error("Interactive Terminal latest error", zap.Error(err))
|
||||
}
|
||||
|
||||
close(websocketRead)
|
||||
close(containerRead)
|
||||
}()
|
||||
@@ -375,7 +377,7 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
|
||||
case "insert":
|
||||
_, err = hijacked.Conn.Write([]byte(Command.Arguments))
|
||||
if err != nil {
|
||||
log.Printf("Write to docker failed %s", errors.Unwrap(err))
|
||||
logger.Logger.Error("Write to docker failed", zap.Error(err))
|
||||
|
||||
stop = true
|
||||
break
|
||||
@@ -400,13 +402,13 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
|
||||
|
||||
err2 = hijacked.ResizerFunc(width, height)
|
||||
if err2 != nil {
|
||||
log.Printf("Failed to resize container to %dx%d: %s", width, height, err)
|
||||
logger.Logger.Error("Failed to resize container", zap.Uint("width", width), zap.Uint("height", height), zap.Error(err))
|
||||
}
|
||||
}
|
||||
case data := <-containerRead:
|
||||
err := ws.WriteJSON(data)
|
||||
if err != nil {
|
||||
log.Printf("Write to socket failed %s", errors.Unwrap(err))
|
||||
logger.Logger.Error("Write to socket failed", zap.Error(err))
|
||||
stop = true
|
||||
}
|
||||
}
|
||||
@@ -442,7 +444,7 @@ func (con ServersApi) UpdateServer(ctx *gin.Context) {
|
||||
for user, permissions := range request.UserPermissions {
|
||||
err = con.ServerAuthorization.SetPermissions(ctx, user, serverId, permissions)
|
||||
if err != nil {
|
||||
log.Printf("failed to change user %s permissions for server %s due to %e", user, serverId, err)
|
||||
logger.Logger.Error("failed to change user's server permissions", zap.String("user", user), zap.String("ServerId", serverId), zap.Error(err))
|
||||
continue
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user