added a bit of zap logging

auth/auth.go

@@ -6,11 +6,11 @@ import (
 	"fmt"
 	"log"
 	"net/http"
-	"strings"
 	"time"
 
 	"git.acooldomain.co/server-manager/backend/dbhandler"
 	"git.acooldomain.co/server-manager/backend/factories"
+	"git.acooldomain.co/server-manager/backend/instancemanager"
 	"git.acooldomain.co/server-manager/backend/models"
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
@@ -19,6 +19,7 @@ import (
 type AuthApi struct {
 	config models.GlobalConfig
 
+	instanceManager     instancemanager.InstanceManager
 	tokenHandler        dbhandler.InviteTokenDbHandler
 	userAuthDbHandler   dbhandler.UserPassAuthanticationDbHandler
 	serverAuthDbHandler dbhandler.ServersAuthorizationDbHandler
@@ -115,6 +116,11 @@ func (con AuthApi) signUp(ctx *gin.Context) {
 		return
 	}
 
+	err = con.tokenHandler.DeleteInviteToken(ctx, token.Token)
+	if err != nil {
+		log.Printf("Failed to delete token %s", err)
+	}
+
 	con.signIn(ctx)
 }
 
@@ -169,31 +175,23 @@ func (con AuthApi) Verify(ctx *gin.Context) {
 
 	forwardedUri := ctx.Request.Header.Get("x-forwarded-uri")
 
-	pathSegments := strings.Split(forwardedUri, "/")
+	fileBrowser, err := con.instanceManager.GetFileBrowserFromUrl(ctx, forwardedUri)
+	if err != nil {
+		ctx.AbortWithError(500, err)
+		return
+	}
 
-	serverId, service := pathSegments[2], pathSegments[1]
+	fmt.Printf("%#v %s", claims, fileBrowser.ServerId)
-
+	serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, fileBrowser.ServerId)
-	switch service {
+	if err != nil {
-	case "browsers":
+		ctx.AbortWithError(500, err)
-		fmt.Printf("%#v %s", claims, serverId)
+		return
-		serverPermissions, err := con.serverAuthDbHandler.GetPermissions(ctx, claims.Username, serverId)
+	}
-		if err != nil {
+	if (claims.Permissions|serverPermissions)&models.Admin == models.Admin {
-			ctx.AbortWithError(500, err)
+		ctx.Header("X-Auth-Username", claims.Username)
-			return
+		log.Printf("Set header X-Username %s", claims.Username)
-		}
+		ctx.Status(200)
-		if (claims.Permissions|serverPermissions)&models.Admin == models.Admin {
+		return
-			ctx.Header("X-Auth-Username", claims.Username)
-			log.Printf("Set header X-Username %s", claims.Username)
-			ctx.Status(200)
-			return
-		}
-	case "cloud":
-		if claims.Permissions&models.Cloud == models.Cloud || claims.Permissions&models.Admin == models.Admin {
-			log.Printf("Set header X-Username %s", claims.Username)
-			ctx.Header("X-Auth-Username", claims.Username)
-			ctx.Status(200)
-			return
-		}
 	}
 
 	ctx.Redirect(303, fmt.Sprintf("http://%s/login", con.config.Domain))
@@ -210,6 +208,11 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
 		panic(err)
 	}
 
+	instanceManager, err := factories.GetInstanceManager(config.InstanceManager, config.Domain)
+	if err != nil {
+		panic(err)
+	}
+
 	inviteHandler, err := factories.GetInviteTokenDbHandler(config.Authentication.UserPass.InviteTokenDatabase)
 	if err != nil {
 		panic(err)
@@ -218,6 +221,7 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) gin.HandlerFu
 	connection := AuthApi{
 		userAuthDbHandler:   userAuthHandler,
 		serverAuthDbHandler: serverAuthDbHandler,
+		instanceManager:     instanceManager,
 		tokenHandler:        inviteHandler,
 		config:              config,
 	}

auth/utils.go

@@ -13,7 +13,7 @@ func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
 	return func(ctx *gin.Context) {
 		claimsPointer, exists := ctx.Get("claims")
 		if !exists {
-			ctx.AbortWithError(500, fmt.Errorf("Did not call LoggedIn first"))
+			ctx.AbortWithError(500, fmt.Errorf("did not call LoggedIn first"))
 			return
 		}
 
@@ -41,6 +41,5 @@ func AuthorizationEnforcer() gin.HandlerFunc {
 		if !authorized.(bool) {
 			ctx.AbortWithStatus(403)
 		}
-
 	}
 }

dbhandler/mongo/servers_authorization.go

@@ -21,8 +21,8 @@ type ServersAuthorizationDbHandler struct {
 	collection *mongo.Collection
 }
 
-func (self *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, username string) error {
+func (sa *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, username string) error {
-	_, err := self.collection.DeleteMany(
+	_, err := sa.collection.DeleteMany(
 		ctx,
 		bson.M{
 			"username": username,
@@ -32,8 +32,8 @@ func (self *ServersAuthorizationDbHandler) RemoveUser(ctx context.Context, usern
 	return err
 }
 
-func (self *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, serverId string) error {
+func (sa *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, serverId string) error {
-	_, err := self.collection.DeleteMany(
+	_, err := sa.collection.DeleteMany(
 		ctx,
 		bson.M{
 			"server_id": serverId,
@@ -43,33 +43,33 @@ func (self *ServersAuthorizationDbHandler) RemoveServer(ctx context.Context, ser
 	return err
 }
 
-func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
+func (sa *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
 	var serverPermissions ServerPermissions
-	err := self.collection.FindOne(
+	err := sa.collection.FindOne(
 		ctx,
 		bson.M{
 			"username":  username,
 			"server_id": serverId,
 		},
 	).Decode(&serverPermissions)
-
 	if err != nil {
 		return err
 	}
 
 	newPermissions := serverPermissions.Permissions | permissions
 
-	_, err = self.collection.UpdateOne(
+	_, err = sa.collection.UpdateOne(
 		ctx,
 		bson.M{
 			"username":  username,
 			"server_id": serverId,
 		},
-		bson.M{"$set": bson.M{
+		bson.M{
-			"username":    username,
+			"$set": bson.M{
-			"server_id":   serverId,
+				"username":    username,
-			"permissions": newPermissions,
+				"server_id":   serverId,
-		},
+				"permissions": newPermissions,
+			},
 		},
 		options.Update().SetUpsert(true),
 	)
@@ -77,65 +77,68 @@ func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, u
 	return err
 }
 
-func (self *ServersAuthorizationDbHandler) RemovePermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
+func (sa *ServersAuthorizationDbHandler) RemovePermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
 	var serverPermissions ServerPermissions
-	err := self.collection.FindOne(
+	err := sa.collection.FindOne(
 		ctx,
 		bson.M{
 			"username":  username,
 			"server_id": serverId,
 		},
 	).Decode(&serverPermissions)
-
 	if err != nil {
 		return err
 	}
 
 	newPermissions := serverPermissions.Permissions | permissions ^ permissions
 
-	_, err = self.collection.UpdateOne(
+	_, err = sa.collection.UpdateOne(
 		ctx,
 		bson.M{
 			"username":  username,
 			"server_id": serverId,
 		},
-		bson.M{"$set": bson.M{
+		bson.M{
-			"permissions": newPermissions,
+			"$set": bson.M{
-		},
+				"permissions": newPermissions,
+			},
 		},
 	)
 
 	return err
 }
 
-func (self *ServersAuthorizationDbHandler) SetPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
+func (sa *ServersAuthorizationDbHandler) SetPermissions(ctx context.Context, username string, serverId string, permissions models.Permission) error {
-	_, err := self.collection.UpdateOne(
+	_, err := sa.collection.UpdateOne(
 		ctx,
 		bson.M{
 			"username":  username,
 			"server_id": serverId,
 		},
-		bson.M{"$set": bson.M{
+		bson.M{
-			"permissions": permissions,
+			"$set": bson.M{
-		},
+				"permissions": permissions,
+			},
 		},
 	)
 
 	return err
 }
 
-func (self *ServersAuthorizationDbHandler) GetPermissions(ctx context.Context, username string, serverId string) (models.Permission, error) {
+func (sa *ServersAuthorizationDbHandler) GetPermissions(ctx context.Context, username string, serverId string) (models.Permission, error) {
 	var serverPermissions ServerPermissions
 
-	err := self.collection.FindOne(
+	err := sa.collection.FindOne(
 		ctx,
 		bson.M{
 			"username":  username,
 			"server_id": serverId,
 		},
 	).Decode(&serverPermissions)
-
 	if err != nil {
+		if err == mongo.ErrNoDocuments {
+			return 0, nil
+		}
 		return 0, err
 	}
 

dbhandler/mongo/user_pass_authentication.go

@@ -170,6 +170,11 @@ func (i *InviteTokenDbHandler) SaveInviteToken(ctx context.Context, email string
 	return token, nil
 }
 
+func (i *InviteTokenDbHandler) DeleteInviteToken(ctx context.Context, token string) error {
+	_, err := i.collection.DeleteOne(ctx, bson.M{"token": token})
+	return err
+}
+
 func (i *InviteTokenDbHandler) GetInviteToken(ctx context.Context, token string) (*dbhandler.InviteToken, error) {
 	var inviteToken InviteToken
 	err := i.collection.FindOne(ctx, bson.M{"token": token}).Decode(&inviteToken)

dbhandler/user_pass_auth.go

@@ -40,4 +40,5 @@ type UserPassAuthanticationDbHandler interface {
 type InviteTokenDbHandler interface {
 	SaveInviteToken(ctx context.Context, email string, permissions models.Permission) (string, error)
 	GetInviteToken(ctx context.Context, token string) (*InviteToken, error)
+	DeleteInviteToken(ctx context.Context, token string) error
 }

go.mod

@@ -60,6 +60,8 @@ require (
 	go.opentelemetry.io/otel/metric v1.35.0 // indirect
 	go.opentelemetry.io/otel/sdk v1.35.0 // indirect
 	go.opentelemetry.io/otel/trace v1.35.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/oauth2 v0.28.0 // indirect
 	golang.org/x/sync v0.11.0 // indirect
 	golang.org/x/time v0.11.0 // indirect

go.sum

@@ -196,6 +196,10 @@ go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt
 go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
 go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
 go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
+go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
+go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
 golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=

instancemanager/docker/instance_manager.go

@@ -656,6 +656,10 @@ func (im *InstanceManager) StopFileBrowser(ctx context.Context, serverId string)
 	return nil
 }
 
+func (im *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
+	return im.GetFileBrowser(ctx, strings.Split(url, "/")[1])
+}
+
 func NewInstanceManager(config models.DockerInstanceManagerConfig, siteDomain string) (*InstanceManager, error) {
 	apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
 	if err != nil {

instancemanager/instance_manager.go

@@ -59,6 +59,7 @@ type InstanceManager interface {
 
 	// Read Only
 	GetFileBrowser(ctx context.Context, serverId string) (*models.FileBrowser, error)
+	GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error)
 	ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error)
 
 	// Status Changing

instancemanager/kubernetes/instance_manager.go

@@ -299,6 +299,18 @@ func (i *InstanceManager) GetFileBrowser(ctx context.Context, serverId string) (
 	return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
 }
 
+func (i *InstanceManager) GetFileBrowserFromUrl(ctx context.Context, url string) (*models.FileBrowser, error) {
+	serverManager := &servermanagerv1.ServerManager{}
+	urlSegments := strings.Split(url, "/")
+	namespace, serverId := urlSegments[2], urlSegments[3]
+	err := i.client.Get(ctx, client.ObjectKey{Namespace: namespace, Name: serverId}, serverManager)
+	if err != nil {
+		return nil, err
+	}
+
+	return &models.FileBrowser{ServerId: serverManager.Name, Id: serverManager.Name, Url: serverManager.Status.Browser.Url}, nil
+}
+
 func (i *InstanceManager) ListFileBrowsers(ctx context.Context) ([]models.FileBrowser, error) {
 	serverManagers := &servermanagerv1.ServerManagerList{}
 	err := i.client.List(ctx, serverManagers, &client.ListOptions{Namespace: i.Config.Namespace})

logger/logger.go

@@ -0,0 +1,26 @@
+package logger
+
+import (
+	"os"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+)
+
+var Logger *zap.Logger
+
+func init() {
+	var cfg zap.Config
+	if os.Getenv("DEBUG") == "true" {
+		cfg = zap.NewDevelopmentConfig()
+	} else {
+		cfg = zap.NewProductionConfig()
+	}
+	cfg.EncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
+	var err error
+	Logger, err = cfg.Build()
+	if err != nil {
+		panic(err)
+	}
+	defer Logger.Sync() // flushes buffer, if any
+}

servers/servers.go

@@ -2,9 +2,7 @@ package servers
 
 import (
 	"encoding/json"
-	"errors"
 	"fmt"
-	"log"
 	"net/http"
 	"strconv"
 	"strings"
@@ -14,9 +12,11 @@ import (
 	"git.acooldomain.co/server-manager/backend/dbhandler"
 	"git.acooldomain.co/server-manager/backend/factories"
 	instancemanager "git.acooldomain.co/server-manager/backend/instancemanager"
+	"git.acooldomain.co/server-manager/backend/logger"
 	"git.acooldomain.co/server-manager/backend/models"
 	"github.com/gin-gonic/gin"
 	"github.com/gorilla/websocket"
+	"go.uber.org/zap"
 )
 
 var upgrader = websocket.Upgrader{
@@ -193,16 +193,12 @@ func (con ServersApi) GetServers(ctx *gin.Context) {
 		server := serverConfigsMap[instanceServer.Id]
 
 		var image ImageInfo
-		log.Printf("server=%#v\t|\tinstanceServer=%#v", server, instanceServer)
-
 		if instanceServer.Running {
 			image = ImageInfo{
 				Name:    instanceServer.RunningImage.Registry,
 				Version: instanceServer.RunningImage.Tag,
 			}
 		} else {
-			log.Printf("serverImage:%#v", server.Image)
-
 			image = ImageInfo{
 				Name:    server.Image.Registry,
 				Version: server.Image.Tag,
@@ -246,6 +242,7 @@ func (con ServersApi) DeleteServer(ctx *gin.Context) {
 
 	err = con.ServersDbHandler.DeleteServer(ctx, serverId)
 	if err != nil {
+		logger.Logger.Error("Failed to delete server", zap.String("ServerId", serverId), zap.Error(err))
 		ctx.AbortWithError(501, err)
 		return
 	}
@@ -262,13 +259,15 @@ func (con ServersApi) RunCommand(ctx *gin.Context) {
 	err := json.NewDecoder(ctx.Request.Body).Decode(&request)
 	if err != nil {
 		ctx.AbortWithError(500, err)
+		return
 	}
 
 	serverId := ctx.Param("server_id")
-	log.Print("Writing command \"", request.Command, "\"")
+	logger.Logger.Info("Writing command", zap.String("ServerId", serverId), zap.String("Command", request.Command))
 
 	consolePointer, err := con.InstanceManager.InteractiveTerminal(ctx, serverId)
 	if err != nil {
+		logger.Logger.Error("Failed getting terminal", zap.String("ServerId", serverId), zap.String("Command", request.Command), zap.Error(err))
 		ctx.AbortWithError(500, err)
 		return
 	}
@@ -278,10 +277,12 @@ func (con ServersApi) RunCommand(ctx *gin.Context) {
 
 	_, err = console.Conn.Write([]byte(request.Command + "\n"))
 	if err != nil {
+		logger.Logger.Error("Failed writing command", zap.String("ServerId", serverId), zap.String("Command", request.Command), zap.Error(err))
 		ctx.AbortWithError(500, err)
 		return
 	}
 
+	logger.Logger.Info("Successfully wrote command", zap.String("ServerId", serverId), zap.String("Command", request.Command))
 	ctx.JSON(200, "OK")
 }
 
@@ -301,8 +302,9 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
 
 	defer func() {
 		if err != nil {
-			log.Printf("The latest error is %s", err)
+			logger.Logger.Error("Interactive Terminal latest error", zap.Error(err))
 		}
+
 		close(websocketRead)
 		close(containerRead)
 	}()
@@ -375,7 +377,7 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
 			case "insert":
 				_, err = hijacked.Conn.Write([]byte(Command.Arguments))
 				if err != nil {
-					log.Printf("Write to docker failed %s", errors.Unwrap(err))
+					logger.Logger.Error("Write to docker failed", zap.Error(err))
 
 					stop = true
 					break
@@ -400,13 +402,13 @@ func (con ServersApi) AttachServer(ctx *gin.Context) {
 
 				err2 = hijacked.ResizerFunc(width, height)
 				if err2 != nil {
-					log.Printf("Failed to resize container to %dx%d: %s", width, height, err)
+					logger.Logger.Error("Failed to resize container", zap.Uint("width", width), zap.Uint("height", height), zap.Error(err))
 				}
 			}
 		case data := <-containerRead:
 			err := ws.WriteJSON(data)
 			if err != nil {
-				log.Printf("Write to socket failed %s", errors.Unwrap(err))
+				logger.Logger.Error("Write to socket failed", zap.Error(err))
 				stop = true
 			}
 		}
@@ -442,7 +444,7 @@ func (con ServersApi) UpdateServer(ctx *gin.Context) {
 	for user, permissions := range request.UserPermissions {
 		err = con.ServerAuthorization.SetPermissions(ctx, user, serverId, permissions)
 		if err != nil {
-			log.Printf("failed to change user %s permissions for server %s due to %e", user, serverId, err)
+			logger.Logger.Error("failed to change user's server permissions", zap.String("user", user), zap.String("ServerId", serverId), zap.Error(err))
 			continue
 		}
 	}