Dropping cookie, stick with headers.
This commit is contained in:
Matthew Dillon
parent
02f46aab11
commit
63a690903c
4 changed files with 19 additions and 26 deletions
18
api/auth.go
18
api/auth.go
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/dgrijalva/jwt-go"
|
"github.com/dgrijalva/jwt-go"
|
||||||
"github.com/gorilla/mux"
|
"github.com/gorilla/mux"
|
||||||
|
|
@ -56,26 +57,17 @@ func (h authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
// Even though writeJSON sets the content type, we need to set it here because
|
// Even though writeJSON sets the content type, we need to set it here because
|
||||||
// calls to WriteHeader write out the entire header.
|
// calls to WriteHeader write out the entire header.
|
||||||
w.Header().Set("content-type", "application/json; charset=utf-8")
|
w.Header().Set("content-type", "application/json; charset=utf-8")
|
||||||
tokenCookie, err := r.Cookie(tokenName)
|
|
||||||
switch {
|
|
||||||
case err == http.ErrNoCookie:
|
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
|
||||||
writeJSON(w, Error{errPleaseLogIn})
|
|
||||||
return
|
|
||||||
case err != nil:
|
|
||||||
w.WriteHeader(http.StatusInternalServerError)
|
|
||||||
writeJSON(w, Error{errWhileParsingCookie})
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
if tokenCookie.Value == "" {
|
authHeader := r.Header.Get("Authorization")
|
||||||
|
if authHeader == "" {
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
writeJSON(w, Error{errPleaseLogIn})
|
writeJSON(w, Error{errPleaseLogIn})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
s := strings.Split(authHeader, " ")
|
||||||
|
|
||||||
// Validate the token
|
// Validate the token
|
||||||
token, err := jwt.Parse(tokenCookie.Value, func(token *jwt.Token) (interface{}, error) {
|
token, err := jwt.Parse(s[1], func(token *jwt.Token) (interface{}, error) {
|
||||||
return verifyKey, nil
|
return verifyKey, nil
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,9 +2,10 @@ package api
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/cookiejar"
|
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
|
||||||
|
|
@ -19,12 +20,11 @@ func init() {
|
||||||
|
|
||||||
var (
|
var (
|
||||||
serveMux = http.NewServeMux()
|
serveMux = http.NewServeMux()
|
||||||
cookieJar, _ = cookiejar.New(nil)
|
|
||||||
httpClient = http.Client{
|
httpClient = http.Client{
|
||||||
Transport: (*muxTransport)(serveMux),
|
Transport: (*muxTransport)(serveMux),
|
||||||
Jar: cookieJar,
|
|
||||||
}
|
}
|
||||||
apiClient = models.NewClient(&httpClient)
|
apiClient = models.NewClient(&httpClient)
|
||||||
|
testToken models.UserSession
|
||||||
)
|
)
|
||||||
|
|
||||||
func setup() {
|
func setup() {
|
||||||
|
|
@ -34,6 +34,10 @@ func setup() {
|
||||||
resp, _ := httpClient.PostForm(u.String(),
|
resp, _ := httpClient.PostForm(u.String(),
|
||||||
url.Values{"username": {"test_user"}, "password": {"password"}})
|
url.Values{"username": {"test_user"}, "password": {"password"}})
|
||||||
defer resp.Body.Close()
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
if err := json.NewDecoder(resp.Body).Decode(&testToken); err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
type muxTransport http.ServeMux
|
type muxTransport http.ServeMux
|
||||||
|
|
@ -43,6 +47,7 @@ type muxTransport http.ServeMux
|
||||||
func (t *muxTransport) RoundTrip(req *http.Request) (*http.Response, error) {
|
func (t *muxTransport) RoundTrip(req *http.Request) (*http.Response, error) {
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
rw.Body = new(bytes.Buffer)
|
rw.Body = new(bytes.Buffer)
|
||||||
|
req.Header.Set("Authorization", fmt.Sprintf("Bearer %v", testToken.Token))
|
||||||
(*http.ServeMux)(t).ServeHTTP(rw, req)
|
(*http.ServeMux)(t).ServeHTTP(rw, req)
|
||||||
return &http.Response{
|
return &http.Response{
|
||||||
StatusCode: rw.Code,
|
StatusCode: rw.Code,
|
||||||
|
|
|
||||||
11
api/users.go
11
api/users.go
|
|
@ -68,6 +68,7 @@ func serveAuthenticateUser(w http.ResponseWriter, r *http.Request) error {
|
||||||
|
|
||||||
user_session, err := store.Users.Authenticate(username, password)
|
user_session, err := store.Users.Authenticate(username, password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -77,16 +78,10 @@ func serveAuthenticateUser(w http.ResponseWriter, r *http.Request) error {
|
||||||
t.Claims["exp"] = time.Now().Add(time.Minute * 1).Unix()
|
t.Claims["exp"] = time.Now().Add(time.Minute * 1).Unix()
|
||||||
tokenString, err := t.SignedString(signKey)
|
tokenString, err := t.SignedString(signKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
w.WriteHeader(http.StatusInternalServerError)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
user_session.Token = tokenString
|
||||||
http.SetCookie(w, &http.Cookie{
|
|
||||||
Name: tokenName,
|
|
||||||
Value: tokenString,
|
|
||||||
Path: "/",
|
|
||||||
RawExpires: "0",
|
|
||||||
})
|
|
||||||
|
|
||||||
return writeJSON(w, user_session)
|
return writeJSON(w, user_session)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -53,6 +53,7 @@ type UsersService interface {
|
||||||
}
|
}
|
||||||
|
|
||||||
type UserSession struct {
|
type UserSession struct {
|
||||||
|
Token string `json:"token"`
|
||||||
AccessLevel string `json:"access_level"`
|
AccessLevel string `json:"access_level"`
|
||||||
Genus string `json:"genus"`
|
Genus string `json:"genus"`
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Reference in a new issue