Routine Commit

jaybeecave · jaybeecave · commit 7d5767e9e0e7 · 2019-11-21T12:29:07.000+13:00
diff --git a/router.go b/router.go
@@ -12,39 +12,35 @@ import (
 	flow "github.com/nerdynz/flow"
 	"github.com/nerdynz/security"
 	"github.com/nerdynz/view"
-	"github.com/sirupsen/logrus"
+	"github.com/unrolled/render"
 )
 
 // CustomRouter wraps gorilla mux with database, redis and renderer
 type CustomRouter struct {
 	// Router *mux.Router
 	Mux         *bone.Mux
+	Renderer    *render.Render
+	Key         security.Key
 	Store       *datastore.Datastore
-	AuthHandler func(store *datastore.Datastore, fn http.HandlerFunc, authMethod string) http.HandlerFunc
+	AuthHandler func(w http.ResponseWriter, req *http.Request, ctx *flow.Context, store *datastore.Datastore, fn CustomHandlerFunc, authMethod string)
 }
 
-func New(store *datastore.Datastore) *CustomRouter {
+type CustomHandlerFunc func(w http.ResponseWriter, req *http.Request, ctx *flow.Context, store *datastore.Datastore)
+
+func New(renderer *render.Render, s *datastore.Datastore, key security.Key) *CustomRouter {
 	customRouter := &CustomRouter{}
 	r := bone.New()
 	r.CaseSensitive = false
-	// r.Handle("/public/", http.StripPrefix("/public/", http.FileServer(http.Dir("./public/"))))
-	// r.Handle("/assets/", http.StripPrefix("/assets/", http.FileServer(http.Dir("./assets/"))))
-	// r.Handle("/attachments/", http.StripPrefix("/attachments/", http.FileServer(http.Dir(store.Settings.AttachmentsFolder))))
 	customRouter.Mux = r
-	customRouter.Store = store
+	customRouter.Store = s
+	customRouter.Key = key
+	customRouter.Renderer = renderer
 	customRouter.AuthHandler = authenticate
 	return customRouter
 }
 
-func CustomAuth(store *datastore.Datastore, authFn func(store *datastore.Datastore, fn http.HandlerFunc, authMethod string) http.HandlerFunc) *CustomRouter {
-	customRouter := &CustomRouter{}
-	r := bone.New()
-	r.CaseSensitive = false
-	// r.Handle("/public/", http.StripPrefix("/public/", http.FileServer(http.Dir("./public/"))))
-	// r.Handle("/assets/", http.StripPrefix("/assets/", http.FileServer(http.Dir("./assets/"))))
-	// r.Handle("/attachments/", http.StripPrefix("/attachments/", http.FileServer(http.Dir(store.Settings.AttachmentsFolder))))
-	customRouter.Mux = r
-	customRouter.Store = store
+func CustomAuth(renderer *render.Render, s *datastore.Datastore, key security.Key, authFn func(w http.ResponseWriter, req *http.Request, ctx *flow.Context, store *datastore.Datastore, fn CustomHandlerFunc, authMethod string)) *CustomRouter {
+	customRouter := New(renderer, s, key)
 	customRouter.AuthHandler = authFn
 	return customRouter
 }
@@ -57,55 +53,56 @@ func (customRouter *CustomRouter) Application(route string, path string) *bone.R
 
 func (customRouter *CustomRouter) GET(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.GetFunc(route, customRouter.customHandler("GET", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.GetFunc(route, customRouter.handler("GET", routeFunc, securityType))
 }
 
 // POST - Post handler
 func (customRouter *CustomRouter) POST(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.PostFunc(route, customRouter.customHandler("POST", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.PostFunc(route, customRouter.handler("POST", routeFunc, securityType))
 }
 
 // PST - Post handler with pst for tidier lines
 func (customRouter *CustomRouter) PST(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.PostFunc(route, customRouter.customHandler("POST", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.PostFunc(route, customRouter.handler("POST", routeFunc, securityType))
 }
 
 // PUT - Put handler
 func (customRouter *CustomRouter) PUT(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.PutFunc(route, customRouter.customHandler("PUT", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.PutFunc(route, customRouter.handler("PUT", routeFunc, securityType))
 }
 
 // PATCH - Patch handler
 func (customRouter *CustomRouter) PATCH(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.PatchFunc(route, customRouter.customHandler("PATCH", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.PatchFunc(route, customRouter.handler("PATCH", routeFunc, securityType))
 }
 
 // OPTIONS - Options handler
 func (customRouter *CustomRouter) OPTIONS(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.OptionsFunc(route, customRouter.customHandler("OPTIONS", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.OptionsFunc(route, customRouter.handler("OPTIONS", routeFunc, securityType))
 }
 
 // DELETE - Delete handler
 func (customRouter *CustomRouter) DELETE(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.DeleteFunc(route, customRouter.customHandler("DELETE", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.DeleteFunc(route, customRouter.handler("DELETE", routeFunc, securityType))
 }
 
 // DEL - Delete handler
 func (customRouter *CustomRouter) DEL(route string, routeFunc CustomHandlerFunc, securityType string) *bone.Route {
 	//route = strings.ToLower(route)
-	return customRouter.Mux.DeleteFunc(route, customRouter.customHandler("DELETE", customRouter.Store, routeFunc, securityType))
+	return customRouter.Mux.DeleteFunc(route, customRouter.handler("DELETE", routeFunc, securityType))
 }
 
-func (customRouter *CustomRouter) customHandler(reqType string, store *datastore.Datastore, fn CustomHandlerFunc, authMethod string) http.HandlerFunc {
-	return customRouter.AuthHandler(store, func(w http.ResponseWriter, req *http.Request) {
-		fn(flow.New(w, req, store))
-	}, authMethod)
+func (customRouter *CustomRouter) handler(reqType string, fn CustomHandlerFunc, authMethod string) http.HandlerFunc {
+	return func(w http.ResponseWriter, req *http.Request) {
+		flow := flow.New(w, req, customRouter.Renderer, customRouter.Store, customRouter.Key)
+		customRouter.AuthHandler(w, req, flow, customRouter.Store, fn, authMethod)
+	}
 }
 
 // // DefaultHandler wraps default http functions in auth it does not pass the data store to them
@@ -115,88 +112,75 @@ func (customRouter *CustomRouter) customHandler(reqType string, store *datastore
 // 	}, authMethod)
 // }
 
-func authenticate(store *datastore.Datastore, fn http.HandlerFunc, authMethod string) http.HandlerFunc {
-	return func(w http.ResponseWriter, req *http.Request) {
-		// canonical host
-		if store.Settings.CanonicalURL != "" && store.Settings.ServerIsLVE { // set in ENV
-			canonical := store.Settings.CanonicalURL
-			root := strings.ToLower(req.Host)
-			if !strings.HasSuffix(root, "/") {
-				root += "/"
+func authenticate(w http.ResponseWriter, req *http.Request, ctx *flow.Context, store *datastore.Datastore, fn CustomHandlerFunc, authMethod string) {
+	// canonical host
+	canonical := ctx.Settings.Get("CANNONICAL_URL")
+	if canonical != "" && ctx.Settings.IsProduction() { // set in ENV
+		root := strings.ToLower(req.Host)
+		if !strings.HasSuffix(root, "/") {
+			root += "/"
+		}
+		if !strings.HasSuffix(canonical, "/") {
+			canonical += "/"
+		}
+		// logrus.Info("root", root)
+		// logrus.Info("root", canonical)
+		if canonical != root {
+			redirectURL := "http://"
+			if ctx.Settings.GetBool("IS_HTTPS") {
+				redirectURL = "https://"
 			}
-			if !strings.HasSuffix(canonical, "/") {
-				canonical += "/"
+			redirectURL += strings.TrimRight(canonical, "/")
+			if req.URL.Path != "" {
+				redirectURL += req.URL.Path
+				// logrus.Info("0", redirectURL)
 			}
-			// logrus.Info("root", root)
-			// logrus.Info("root", canonical)
-			if canonical != root {
-				redirectURL := "http://"
-				if store.Settings.IsSecured {
-					redirectURL = "https://"
-				}
-				redirectURL += strings.TrimRight(canonical, "/")
-				if req.URL.Path != "" {
-					redirectURL += req.URL.Path
-					// logrus.Info("0", redirectURL)
-				}
-				if req.URL.RawQuery != "" {
-					redirectURL += "?" + req.URL.RawQuery
-					// logrus.Info("2", redirectURL)
-				}
-				if req.URL.Fragment != "" {
-					redirectURL += "#" + req.URL.Fragment
-					// logrus.Info("2", redirectURL)
-				}
-
-				http.Redirect(w, req, redirectURL, http.StatusMovedPermanently)
-				return
+			if req.URL.RawQuery != "" {
+				redirectURL += "?" + req.URL.RawQuery
+				// logrus.Info("2", redirectURL)
+			}
+			if req.URL.Fragment != "" {
+				redirectURL += "#" + req.URL.Fragment
+				// logrus.Info("2", redirectURL)
 			}
-		}
-
-		// CSRF
-		// if store.Settings.CheckCSRFViaReferrer {
 
-		// }
-		if authMethod == security.NoAuth {
-			fn(w, req)
+			http.Redirect(w, req, redirectURL, http.StatusMovedPermanently)
 			return
 		}
+	}
 
-		tableName := "person" // default
-		api := bone.GetValue(req, "api")
-		if api == "api" || api == "admin" {
-			// default - backwards compatibility
-			tableName = "person" // we already did this above, this is just for clarity. the default should ALWAYS BE person
-		} else if api != "" {
-			tableName = api
-		}
+	if authMethod == security.NoAuth {
+		fn(w, req, ctx, store)
+		return
+	}
 
-		// if we are at this point then we want a login
-		// check for a logged in user. We always check this incase we need it
-		loggedInUser, err := security.New(req, store).LoggedInUser()
-		if err != nil {
-			if err.Error() == "redis: nil" {
-				// ignore it, its expired from cache
-			} else {
-				logrus.Error("Something wrong with Auth", err)
-			}
-		}
-		if loggedInUser != nil && loggedInUser.TableName == tableName { // we are in the correct section of the website
-			fn(w, req)
-			return
+	// if we are at this point then we want a login
+	loggedInUser, _, err := ctx.Padlock.LoggedInUser()
+	if err != nil {
+		if err.Error() == "redis: nil" {
+			// ignore it, its expired from cache
+			ctx.ErrorJSON(http.StatusForbidden, "Login Expired", err)
+		} else {
+			ctx.ErrorJSON(http.StatusForbidden, "Auth Failure", err)
 		}
+		return
+	}
 
-		// if we have reached this point then the user doesn't have access
-		if authMethod == security.Disallow {
-			view.JSON(w, http.StatusForbidden, "Not Logged In")
-			return
-		} else if authMethod == security.Redirect {
-			http.Redirect(w, req, "/Login", http.StatusFound)
-		}
+	if loggedInUser != nil {
+		fn(w, req, ctx, store)
+		return
 	}
-}
 
-type CustomHandlerFunc func(context *flow.Context)
+	// if we have reached this point then the user doesn't have access
+	if authMethod == security.Disallow {
+		ctx.ErrorJSON(http.StatusForbidden, "You're not currently logged in", err)
+		return
+
+	}
+	if authMethod == security.Redirect {
+		ctx.Redirect("/Login", http.StatusSeeOther)
+	}
+}
 
 func appHandler(file string) func(w http.ResponseWriter, req *http.Request) {
 	return func(w http.ResponseWriter, req *http.Request) {
