varie migliorie

main
parent 7e17494f20
commit bc9d7afd80

@ -0,0 +1,3 @@
HOST=:8080
SECRET=secret
AUTHPDS_TOKEN=123

3
.gitignore vendored

@ -0,0 +1,3 @@
.env
bin/

@ -1,4 +1,4 @@
FROM golang:latest FROM golang:alpine
WORKDIR /app WORKDIR /app
@ -6,6 +6,6 @@ COPY go.mod go.sum ./
RUN go mod download && go mod verify RUN go mod download && go mod verify
COPY . . COPY . .
RUN go build -v -o ./bin/drone-example . RUN go build -v -o ./bin/go-maths-api .
CMD ["./bin/drone-example"] CMD ["./bin/go-maths-api"]

@ -3,29 +3,55 @@
A simple Go API whose only purpose is to check whether an user is a Maths student or not. A simple Go API whose only purpose is to check whether an user is a Maths student or not.
## Prerequisites ## Prerequisites
- An environment variable `AUTHPDS_TOKEN` containing the authentication token for the external API.
- An environment variable named `SECRET` containing the secret token for authorization.
## Docker - An environment variable `AUTHPDS_TOKEN` containing the authentication token for the external API.
- An environment variable named `SECRET` containing the secret token for authorization.
## Development
### Development
```bash shell
# Create a ".env" file from the given template and update as needed
$ cp .env.example .env
# Start the server
$ go run -v .
# Build to binary
$ go build -v -o ./bin/go-maths-api .
```
### Deploy
To build and run the image from the provided `Dockerfile`: To build and run the image from the provided `Dockerfile`:
```bash shell ```bash shell
# Create a ".env" file from the given template and update as needed
$ cp .env.example .env
$ docker build -t go-maths-api . $ docker build -t go-maths-api .
$ docker run -d --restart always -p 127.235.203.11:1099 --env 'AUTHPDS_TOKEN' --env 'SECRET' --name go-maths-api go-maths-api $ docker run -d --restart always -p 8080:8080 --name go-maths-api go-maths-api
``` ```
## Client Usage ### Client Usage
An example request to the local Docker image (with `SECRET` defined in your environment): An example request to the local Docker image (with `SECRET` defined in your environment):
```
curl -X GET "http://asdf:8080/check-maths-user?user=f.minnocci" -H "Authorization: Bearer $SECRET" ```bash shell
$ curl "localhost:8080/check-maths-user?user=f.minnocci" -H "Authorization: Bearer $SECRET"
``` ```
Successful JSON response: Successful JSON response:
``` ```json
{ {
"result": true "result": true
} }
``` ```
## Notes
- TODO: Add a small 1-day cache

@ -1,3 +1,5 @@
module git.phc.dm.unipi.it/phc/go-maths-api module git.phc.dm.unipi.it/phc/go-maths-api
go 1.21.1 go 1.21.1
require github.com/joho/godotenv v1.5.1

@ -0,0 +1,2 @@
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=

@ -3,78 +3,114 @@ package main
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io"
"log"
"net/http" "net/http"
"os" "os"
"strings" "strings"
"github.com/joho/godotenv"
)
var (
Host string
AuthPDSToken string
Secret string
) )
func main() { func main() {
http.HandleFunc("/check-maths-user", CheckMathsUserHandler) godotenv.Load()
port := ":8080"
if v, present := os.LookupEnv("HOST"); present {
Host = v
} else {
Host = ":8080"
}
if v, present := os.LookupEnv("AUTHPDS_TOKEN"); present {
AuthPDSToken = v
} else {
log.Fatal(`missing AUTHPDS_TOKEN`)
}
fmt.Printf("Listening on port %s...\n", port) if v, present := os.LookupEnv("SECRET"); present {
http.ListenAndServe(port, nil) Secret = v
} else {
log.Fatal(`missing SECRET`)
}
r := http.NewServeMux()
r.HandleFunc("/check-maths-user", checkMathsUserHandler)
log.Printf("Starting server on %s...\n", Host)
http.ListenAndServe(Host, r)
} }
func CheckMathsUserHandler(w http.ResponseWriter, r *http.Request) { func checkMathsUserHandler(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
return
}
// Get the username from the query parameters // Get the username from the query parameters
userName := r.URL.Query().Get("user") userName := r.URL.Query().Get("user")
// Get the AUTHORIZATION header value, which should include the secret token
authHeader := r.Header.Get("Authorization")
expectedAuthHeader := "Bearer " + os.Getenv("SECRET")
// Check if the provided authorization header matches the expected secret token // Check if the provided authorization header matches the expected secret token
if authHeader != expectedAuthHeader { if r.Header.Get("Authorization") != "Bearer "+Secret {
http.Error(w, "Unauthorized", http.StatusUnauthorized) http.Error(w, "Unauthorized", http.StatusUnauthorized)
return return
} }
// Get the AUTHPDS_TOKEN from an environment variable userApiUrl := fmt.Sprintf("https://api.unipi.it/authPds/api/Carriera/studente/uid/%s/", userName)
authPdsToken := os.Getenv("AUTHPDS_TOKEN")
// Make a GET request to the external API // Create a GET request to the external API
apiURL := fmt.Sprintf("https://api.unipi.it/authPds/api/Carriera/studente/uid/%s/", userName) ateneoRequest, err := http.NewRequest("GET", userApiUrl, nil)
req, err := http.NewRequest("GET", apiURL, nil)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
req.Header.Add("accept", "*/*") ateneoRequest.Header.Add("Accept", "*/*")
req.Header.Add("Authorization", "Bearer "+authPdsToken) ateneoRequest.Header.Add("Authorization", "Bearer "+AuthPDSToken)
// Execute the request // Make the request to the external API
client := &http.Client{} ateneoResponse, err := http.DefaultClient.Do(ateneoRequest)
resp, err := client.Do(req)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
defer resp.Body.Close() defer ateneoResponse.Body.Close()
// Check if the response contains the desired keywords isMatematica, err := checkUtenteDiMatematica(ateneoResponse)
body := make([]byte, 0)
_, err = resp.Body.Read(body)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
containsKeywords := false w.Header().Set("Content-Type", "application/json")
if err := json.NewEncoder(w).Encode(
map[string]any{
"result": isMatematica,
},
); err != nil {
log.Printf(`encode error: %v`, err)
return
}
}
func checkUtenteDiMatematica(r *http.Response) (bool, error) {
// Check if the response contains the desired keywords
body, err := io.ReadAll(r.Body)
if err != nil {
return false, err
}
keywords := []string{"MATEMATICA", "Mobilit", "Transizione"} keywords := []string{"MATEMATICA", "Mobilit", "Transizione"}
for _, keyword := range keywords { for _, keyword := range keywords {
if strings.Contains(string(body), keyword) { if strings.Contains(string(body), keyword) {
containsKeywords = true return true, nil
break
} }
} }
// Create a JSON response return false, nil
response := map[string]bool{
"result": containsKeywords,
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(response)
} }

Loading…
Cancel
Save