You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

295 lines
5.4 KiB
Go

2 years ago
package routes
import (
"bytes"
"fmt"
"log"
"time"
"git.phc.dm.unipi.it/phc/storage/config"
"git.phc.dm.unipi.it/phc/storage/database"
"git.phc.dm.unipi.it/phc/storage/utils"
"github.com/gofiber/fiber/v2"
)
2 years ago
func (r *Router) Api(api fiber.Router) {
adminSessions := map[string]struct{}{}
isAdminMiddleware := func(c *fiber.Ctx) error {
if _, found := adminSessions[c.Cookies("sid")]; !found {
return fmt.Errorf("invalid session token")
}
return c.Next()
}
2 years ago
isAPIKeyMiddleware := func(c *fiber.Ctx) error {
if _, isAdmin := adminSessions[c.Cookies("sid")]; !isAdmin { // if admin continue
2 years ago
token := c.Cookies("token")
if token == "" {
return fmt.Errorf("no api token")
}
if err := r.Database.CheckAPIKey(token); err != nil { // otherwise also check api token
return err
}
}
return c.Next()
}
//
// Setup "/api/monitor" routes
//
monitorRoute := api.Group("/monitor")
monitorRoute.Use(isAdminMiddleware)
r.ApiMonitor(monitorRoute)
api.Post("/login", func(c *fiber.Ctx) error {
var form struct {
Password string `form:"password"`
}
if err := c.BodyParser(&form); err != nil {
return err
}
if form.Password != config.AdminPassword {
return c.JSON("invalid credentials")
}
token := utils.GenerateRandomString(32)
adminSessions[token] = struct{}{}
c.Cookie(&fiber.Cookie{
Name: "sid",
Value: token,
Path: "/",
Expires: time.Now().Add(3 * 24 * time.Hour),
})
return c.Redirect("/")
})
2 years ago
api.Get("/status", func(c *fiber.Ctx) error {
return c.JSON("ok")
})
api.Get("/current-user",
func(c *fiber.Ctx) error {
if _, found := adminSessions[c.Cookies("sid")]; !found {
return c.JSON("anonymous")
}
return c.JSON("admin")
})
api.Get("/dashboard-state",
isAdminMiddleware,
func(c *fiber.Ctx) error {
state, err := r.Database.GetDashboardState()
if err != nil {
return err
}
return c.JSON(state)
})
api.Post("/dashboard-state",
isAdminMiddleware,
func(c *fiber.Ctx) error {
var state database.DashboardState
if err := c.BodyParser(&state); err != nil {
return err
}
if err := r.Database.SetDashboardState(state); err != nil {
return err
}
return c.JSON("ok")
})
api.Get("/buckets",
isAdminMiddleware,
func(c *fiber.Ctx) error {
buckets, err := r.Database.AllBuckets()
if err != nil {
return err
}
return c.JSON(buckets)
})
api.Post("/buckets",
isAdminMiddleware,
func(c *fiber.Ctx) error {
var req struct {
Bucket string `json:"bucket"`
Path string `json:"path"`
}
log.Printf("%v", string(c.Body()))
if err := c.BodyParser(&req); err != nil {
return err
}
2 years ago
settings := &database.JsonBucketSettings{}
if req.Path != "" {
2 years ago
settings.Path = req.Path
}
2 years ago
if err := r.Database.CreateBucket(req.Bucket, settings); err != nil {
return err
}
return c.JSON("ok")
})
api.Get("/buckets/:bucket",
isAPIKeyMiddleware,
func(c *fiber.Ctx) error {
bucket := c.Params("bucket")
objects, err := r.Database.AllBucketObjects(bucket)
if err != nil {
return err
}
return c.JSON(objects)
})
2 years ago
api.Get("/buckets/:bucket/settings",
isAdminMiddleware,
func(c *fiber.Ctx) error {
bucket := c.Params("bucket")
settings, err := r.Database.GetBucketSettings(bucket)
if err != nil {
return err
}
return c.JSON(settings)
})
api.Post("/buckets/:bucket/settings",
isAdminMiddleware,
func(c *fiber.Ctx) error {
bucket := c.Params("bucket")
var settings *database.JsonBucketSettings
if err := c.BodyParser(&settings); err != nil {
return err
}
if err := r.Database.SetBucketSettings(bucket, settings); err != nil {
return err
}
return c.JSON("ok")
})
api.Post("/buckets/:bucket",
isAPIKeyMiddleware,
func(c *fiber.Ctx) error {
bucket := c.Params("bucket")
ff, err := c.FormFile("file")
if err != nil {
return err
}
mf, err := ff.Open()
if err != nil {
return err
}
id, err := r.Database.CreateBucketObject(bucket, mf)
if err != nil {
return err
}
return c.JSON(fiber.Map{
"bucket": bucket,
"id": id,
})
})
api.Get("/buckets/:bucket/:id",
isAPIKeyMiddleware,
func(c *fiber.Ctx) error {
bucket := c.Params("bucket")
id := c.Params("id")
buf := &bytes.Buffer{}
if err := r.Database.GetBucketObject(bucket, id, buf); err != nil {
return err
}
return c.SendStream(buf)
})
2 years ago
api.Delete("/buckets/:bucket/:id",
isAPIKeyMiddleware,
func(c *fiber.Ctx) error {
bucket := c.Params("bucket")
id := c.Params("id")
if err := r.Database.DeleteBucketObject(bucket, id); err != nil {
return err
}
return c.JSON("ok")
})
//
// API Keys
//
api.Get("/api-keys",
isAdminMiddleware,
func(c *fiber.Ctx) error {
apiKeys, err := r.Database.AllAPIKeys()
if err != nil {
return err
}
return c.JSON(apiKeys)
})
api.Post("/api-keys",
isAdminMiddleware,
func(c *fiber.Ctx) error {
key, err := r.Database.CreateAPIKey()
if err != nil {
return err
}
return c.JSON(key)
})
api.Delete("/api-keys/:key",
isAdminMiddleware,
func(c *fiber.Ctx) error {
if err := r.Database.RemoveAPIKey(c.Params("key")); err != nil {
return err
}
return c.JSON("ok")
})
api.Get("/api-keys/:key",
isAdminMiddleware,
func(c *fiber.Ctx) error {
if err := r.Database.CheckAPIKey(c.Params("key")); err != nil {
return err
}
return c.JSON("valid")
})
2 years ago
}