@@ -14,12 +14,38 @@ import (
1414/* all routes for all features are registered here */
1515func RegisterRoutes (mux * http.ServeMux , sessionManager * session.Manager ) {
1616
17+ /* move it to config file */
1718 allowedOrigin := []string {"http://localhost:3000" }
1819 allowedMethods := []string {"GET" , "POST" , "OPTIONS" }
19- allowedHeaders := []string {"Content-Type" , "Authorization" }
20+ allowedHeaders := []string {"*" }
21+
22+ /* for monitoring the state of overall server and laclm backend */
23+ mux .Handle ("GET /health" , http .HandlerFunc (
24+ middleware .CORSMiddleware (
25+ middleware .LoggingMiddleware (health .HealthHandler ),
26+ allowedOrigin ,
27+ allowedMethods ,
28+ allowedHeaders ,
29+ ),
30+ ))
31+
32+ /* handle OPTIONS preflight requests for /health */
33+ mux .HandleFunc ("OPTIONS /health" ,
34+ middleware .CORSMiddleware (
35+ func (w http.ResponseWriter , r * http.Request ) {
36+ /*
37+ This handler will never be called because CORSMiddleware handles OPTIONS
38+ but we need it for the route to be registered
39+ */
40+ },
41+ allowedOrigin ,
42+ allowedMethods ,
43+ allowedHeaders ,
44+ ),
45+ )
2046
2147 /* for logging into the backend and creating a session */
22- mux .HandleFunc ("POST /login" ,
48+ mux .HandleFunc ("POST /auth/ login" ,
2349 middleware .CORSMiddleware (
2450 middleware .LoggingMiddleware (
2551 auth .LoginHandler (sessionManager ),
@@ -30,8 +56,8 @@ func RegisterRoutes(mux *http.ServeMux, sessionManager *session.Manager) {
3056 ),
3157 )
3258
33- /* handle OPTIONS preflight requests for /login */
34- mux .HandleFunc ("OPTIONS /login" ,
59+ /* handle OPTIONS preflight requests for /auth/ login */
60+ mux .HandleFunc ("OPTIONS /auth/ login" ,
3561 middleware .CORSMiddleware (
3662 func (w http.ResponseWriter , r * http.Request ) {
3763 /*
@@ -45,11 +71,60 @@ func RegisterRoutes(mux *http.ServeMux, sessionManager *session.Manager) {
4571 ),
4672 )
4773
48- /* for monitoring the state of overall server and laclm backend */
49- mux .Handle ("GET /health" , http .HandlerFunc (
50- middleware .LoggingMiddleware (health .HealthHandler ),
74+ /* for logging out of the backend and expiring the session */
75+ mux .HandleFunc ("GET /auth/logout" ,
76+ middleware .CORSMiddleware (
77+ middleware .LoggingMiddleware (
78+ auth .LogoutHandler (sessionManager ),
79+ ),
80+ allowedOrigin ,
81+ allowedMethods ,
82+ allowedHeaders ,
83+ ),
84+ )
85+
86+ /* handle OPTIONS preflight requests for /auth/logout */
87+ mux .HandleFunc ("OPTIONS /auth/logout" ,
88+ middleware .CORSMiddleware (
89+ func (w http.ResponseWriter , r * http.Request ) {
90+ /*
91+ This handler will never be called because CORSMiddleware handles OPTIONS
92+ but we need it for the route to be registered
93+ */
94+ },
95+ allowedOrigin ,
96+ allowedMethods ,
97+ allowedHeaders ,
98+ ),
99+ )
100+
101+ /* for verifying if a token is valid or not */
102+ mux .Handle ("GET /auth/token/validate" , http .HandlerFunc (
103+ middleware .CORSMiddleware (
104+ middleware .LoggingMiddleware (
105+ auth .ValidateToken ,
106+ ),
107+ allowedOrigin ,
108+ allowedMethods ,
109+ allowedHeaders ,
110+ ),
51111 ))
52112
113+ /* handle OPTIONS preflight requests for /auth/token/validate */
114+ mux .HandleFunc ("OPTIONS /auth/token/validate" ,
115+ middleware .CORSMiddleware (
116+ func (w http.ResponseWriter , r * http.Request ) {
117+ /*
118+ This handler will never be called because CORSMiddleware handles OPTIONS
119+ but we need it for the route to be registered
120+ */
121+ },
122+ allowedOrigin ,
123+ allowedMethods ,
124+ allowedHeaders ,
125+ ),
126+ )
127+
53128 /* for listing files in a directory */
54129 mux .Handle ("POST /traverse/list-files" , http .HandlerFunc (
55130 middleware .LoggingMiddleware (
@@ -64,48 +139,147 @@ func RegisterRoutes(mux *http.ServeMux, sessionManager *session.Manager) {
64139 ),
65140 ))
66141
67- /* for fetching list of all users in the LDAP server */
142+ /*
143+ for fetching list of users matching the query in the LDAP server
144+ supports URL params: q (Query)
145+ */
68146 mux .Handle ("GET /users/ldap/search" , http .HandlerFunc (
69- middleware .LoggingMiddleware (
70- middleware .AuthenticationMiddleware (search .SearchUsersHandler ),
147+ middleware .CORSMiddleware (
148+ middleware .LoggingMiddleware (
149+ middleware .AuthenticationMiddleware (search .SearchUsersHandler ),
150+ ),
151+ allowedOrigin ,
152+ allowedMethods ,
153+ allowedHeaders ,
71154 ),
72155 ))
156+
157+ /* handle OPTIONS preflight requests for /users/ldap/search */
158+ mux .HandleFunc ("OPTIONS /users/ldap/search" ,
159+ middleware .CORSMiddleware (
160+ func (w http.ResponseWriter , r * http.Request ) {
161+ /*
162+ This handler will never be called because CORSMiddleware handles OPTIONS
163+ but we need it for the route to be registered
164+ */
165+ },
166+ allowedOrigin ,
167+ allowedMethods ,
168+ allowedHeaders ,
169+ ),
170+ )
73171
74- /* websocket connection for streaming user session data from Redis */
172+ /*
173+ websocket connection for streaming user session data from Redis
174+ supports URL pamars: token (JWT authentication)
175+ */
75176 mux .Handle ("/users/session" , http .HandlerFunc (
76177 middleware .LoggingMiddleware (
77178 /* you need authentication via query parameter */
78179 middleware .AuthenticationQueryMiddleware (sessionManager .StreamUserSession ),
79180 ),
80181 ))
81182
82- /* websocket connection for streaming user transactions data from Redis */
183+ /*
184+ websocket connection for streaming user transactions data from Redis
185+ supports URL pamars: token (JWT authentication)
186+ */
83187 mux .Handle ("/users/transactions/results" , http .HandlerFunc (
84188 middleware .LoggingMiddleware (
85189 middleware .AuthenticationQueryMiddleware (sessionManager .StreamUserTransactionsResults ),
86190 ),
87191 ))
88192
89- /* websocket connection for streaming user transactions data from Redis */
193+ /*
194+ websocket connection for streaming user transactions data from Redis
195+ supports URL pamars: token (JWT authentication)
196+ */
90197 mux .Handle ("/users/transactions/pending" , http .HandlerFunc (
91198 middleware .LoggingMiddleware (
92199 middleware .AuthenticationQueryMiddleware (sessionManager .StreamUserTransactionsPending ),
93200 ),
94201 ))
95202
96- /* ARCHIVE WILL BE MADE POST REQUEST */
203+ /* ARCHIVE WILL BE MADE POST REQUEST -> Header based Authentication */
97204
98205 /* websocket connection for streaming user session data from PostgreSQL database (archived sessions) */
99- mux .Handle ("/users/archive/session" , http .HandlerFunc (
100- middleware .LoggingMiddleware (
101- middleware .AuthenticationMiddleware (sessionManager .StreamUserArchiveSessions ),
206+ mux .Handle ("GET /users/archive/session" , http .HandlerFunc (
207+ middleware .CORSMiddleware (
208+ middleware .LoggingMiddleware (
209+ middleware .AuthenticationMiddleware (sessionManager .StreamUserArchiveSessions ),
210+ ),
211+ allowedOrigin ,
212+ allowedMethods ,
213+ allowedHeaders ,
102214 ),
103215 ))
104216
217+ /* handle OPTIONS preflight requests for /users/archive/session */
218+ mux .HandleFunc ("OPTIONS /users/archive/session" ,
219+ middleware .CORSMiddleware (
220+ func (w http.ResponseWriter , r * http.Request ) {
221+ /*
222+ This handler will never be called because CORSMiddleware handles OPTIONS
223+ but we need it for the route to be registered
224+ */
225+ },
226+ allowedOrigin ,
227+ allowedMethods ,
228+ allowedHeaders ,
229+ ),
230+ )
231+
105232 /* websocket connection for streaming user transactions data from PostgreSQL database (archived sessions) */
106- mux .Handle ("/users/archive/transactions/pending" , http .HandlerFunc (
107- middleware .LoggingMiddleware (
108- middleware .AuthenticationMiddleware (sessionManager .StreamUserArchivePendingTransactions ),
233+ mux .Handle ("GET /users/archive/transactions/results" , http .HandlerFunc (
234+ middleware .CORSMiddleware (
235+ middleware .LoggingMiddleware (
236+ middleware .AuthenticationMiddleware (sessionManager .StreamUserArchiveResultsTransactions ),
237+ ),
238+ allowedOrigin ,
239+ allowedMethods ,
240+ allowedHeaders ,
241+ ),
242+ ))
243+
244+ /* handle OPTIONS preflight requests for /users/archive/transactions/results */
245+ mux .HandleFunc ("OPTIONS /users/archive/transactions/results" ,
246+ middleware .CORSMiddleware (
247+ func (w http.ResponseWriter , r * http.Request ) {
248+ /*
249+ This handler will never be called because CORSMiddleware handles OPTIONS
250+ but we need it for the route to be registered
251+ */
252+ },
253+ allowedOrigin ,
254+ allowedMethods ,
255+ allowedHeaders ,
256+ ),
257+ )
258+
259+ /* websocket connection for streaming user transactions data from PostgreSQL database (archived sessions) */
260+ mux .Handle ("GET /users/archive/transactions/pending" , http .HandlerFunc (
261+ middleware .CORSMiddleware (
262+ middleware .LoggingMiddleware (
263+ middleware .AuthenticationMiddleware (sessionManager .StreamUserArchivePendingTransactions ),
264+ ),
265+ allowedOrigin ,
266+ allowedMethods ,
267+ allowedHeaders ,
109268 ),
110269 ))
270+
271+ /* handle OPTIONS preflight requests for /users/archive/transactions/pending */
272+ mux .HandleFunc ("OPTIONS /users/archive/transactions/pending" ,
273+ middleware .CORSMiddleware (
274+ func (w http.ResponseWriter , r * http.Request ) {
275+ /*
276+ This handler will never be called because CORSMiddleware handles OPTIONS
277+ but we need it for the route to be registered
278+ */
279+ },
280+ allowedOrigin ,
281+ allowedMethods ,
282+ allowedHeaders ,
283+ ),
284+ )
111285}
0 commit comments