ovpn-certman/router/router.go

119 lines
3.2 KiB
Go
Raw Normal View History

2018-01-26 08:43:53 +01:00
package router
import (
"net/http"
"os"
"strings"
2018-01-29 09:18:19 +01:00
"git.klink.asia/paul/certman/services"
2018-01-26 08:43:53 +01:00
"git.klink.asia/paul/certman/assets"
"git.klink.asia/paul/certman/handlers"
"git.klink.asia/paul/certman/views"
"github.com/go-chi/chi"
"github.com/go-chi/chi/middleware"
"github.com/gorilla/csrf"
mw "git.klink.asia/paul/certman/middleware"
)
var (
// TODO: make this configurable
csrfCookieName = "csrf"
csrfFieldName = "csrf_token"
csrfKey = []byte("7Oj4DllZ9lTsxJnisTuWiiQBGQIzi6gX")
cookieKey = []byte("osx70sMD8HZG2ouUl8uKI4wcMugiJ2WH")
)
func HandleRoutes(provider *services.Provider) http.Handler {
2018-01-26 08:43:53 +01:00
mux := chi.NewMux()
2018-01-29 09:18:19 +01:00
//mux.Use(middleware.RequestID)
mux.Use(middleware.Logger) // log requests
mux.Use(middleware.RealIP) // use proxy headers
mux.Use(middleware.RedirectSlashes) // redirect trailing slashes
mux.Use(mw.Recoverer) // recover on panic
mux.Use(provider.Sessions.Manager.Use) // use session storage
2018-01-26 08:43:53 +01:00
// we are serving the static files directly from the assets package
2018-01-29 09:18:19 +01:00
// this either means we use the embedded files, or live-load
// from the file system (if `--tags="dev"` is used).
2018-01-26 08:43:53 +01:00
fileServer(mux, "/static", assets.Assets)
mux.Route("/", func(r chi.Router) {
if os.Getenv("ENVIRONMENT") != "test" {
r.Use(csrf.Protect(
csrfKey,
csrf.Secure(false),
csrf.CookieName(csrfCookieName),
csrf.FieldName(csrfFieldName),
2018-01-29 09:18:19 +01:00
csrf.ErrorHandler(http.HandlerFunc(handlers.CSRFErrorHandler)),
2018-01-26 08:43:53 +01:00
))
}
2018-01-29 09:18:19 +01:00
r.HandleFunc("/", v("debug"))
r.Route("/register", func(r chi.Router) {
r.Get("/", v("register"))
r.Post("/", handlers.RegisterHandler(provider))
2018-01-26 08:43:53 +01:00
})
2018-01-29 09:18:19 +01:00
r.Route("/login", func(r chi.Router) {
r.Get("/", v("login"))
r.Post("/", handlers.LoginHandler(provider))
2018-01-26 08:43:53 +01:00
})
2018-01-29 09:18:19 +01:00
//r.Post("/confirm-email/{token}", handlers.ConfirmEmailHandler(db))
r.Route("/forgot-password", func(r chi.Router) {
r.Get("/", v("forgot-password"))
r.Post("/", handlers.LoginHandler(provider))
2018-01-29 09:18:19 +01:00
})
r.Route("/certs", func(r chi.Router) {
r.Use(mw.RequireLogin(provider.Sessions))
r.Get("/", handlers.ListCertHandler(provider))
r.Post("/new", handlers.CreateCertHandler(provider))
r.HandleFunc("/download/{ID}", handlers.DownloadCertHandler(provider))
2018-01-29 09:18:19 +01:00
})
2018-01-26 08:43:53 +01:00
r.HandleFunc("/500", func(w http.ResponseWriter, req *http.Request) {
panic("500")
})
})
// what should happen if no route matches
mux.NotFound(handlers.NotFoundHandler)
return mux
}
2018-01-29 09:18:19 +01:00
// v is a helper function for quickly displaying a view
func v(template string) http.HandlerFunc {
return func(w http.ResponseWriter, req *http.Request) {
view := views.New(req)
view.Render(w, template)
}
}
2018-01-26 08:43:53 +01:00
// fileServer sets up a http.FileServer handler to serve
// static files from a http.FileSystem.
func fileServer(r chi.Router, path string, root http.FileSystem) {
if strings.ContainsAny(path, "{}*") {
panic("FileServer does not permit URL parameters.")
}
//fs := http.StripPrefix(path, http.FileServer(root))
fs := http.FileServer(root)
if path != "/" && path[len(path)-1] != '/' {
r.Get(path, http.RedirectHandler(path+"/", 301).ServeHTTP)
path += "/"
}
path += "*"
r.Get(path, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fs.ServeHTTP(w, r)
}))
}