app

package

v0.0.0-...-195a7bd Latest Latest Go to latest Published: Aug 16, 2019 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/l3njo/dropnote-api

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type App
- func (a *App) Init(u URI)
- func (a *App) Run()
type URI

Constants ¶

This section is empty.

Variables ¶

View Source

var JwtAuthentication = func(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		notAuth := []string{createUser, authUser, getNotes}
		mayAuth := []string{createNote, getNote}
		requestPath := r.URL.Path

		for _, value := range notAuth {

			if value == requestPath {
				next.ServeHTTP(w, r)
				return
			}

			if strings.Contains(requestPath, "/actions/") || strings.Contains(requestPath, "/assets/") || strings.Contains(requestPath, "/forms/") {
				next.ServeHTTP(w, r)
				return
			}
		}

		tokenHeader := r.Header.Get("Authorization")

		if tokenHeader == "" {
			for _, value := range mayAuth {
				if value == requestPath {
					next.ServeHTTP(w, r)
				}

				prefix := strings.TrimSuffix(value, "{id}")
				suffix := strings.TrimPrefix(requestPath, prefix)
				isUUID := false
				if _, err := uuid.FromString(suffix); err == nil {
					isUUID = true
				}
				if strings.HasPrefix(requestPath, prefix) && isUUID {
					next.ServeHTTP(w, r)
					return
				}
			}

			resp := u.Message(false, "Missing auth token")
			w.WriteHeader(http.StatusForbidden)
			w.Header().Add("Content-Type", "application/json")
			u.Respond(w, resp)
			return
		}

		splitted := strings.Split(tokenHeader, " ")
		if len(splitted) != 2 {
			resp := u.Message(false, "Invalid/Malformed auth token")
			w.WriteHeader(http.StatusForbidden)
			w.Header().Add("Content-Type", "application/json")
			u.Respond(w, resp)
			return
		}

		tokenPart := splitted[1]
		tk := &models.Token{}

		token, err := jwt.ParseWithClaims(tokenPart, tk, func(token *jwt.Token) (interface{}, error) {
			return []byte(os.Getenv("token_password")), nil
		})

		if err != nil {
			resp := u.Message(false, "Malformed authentication token")
			w.WriteHeader(http.StatusForbidden)
			w.Header().Add("Content-Type", "application/json")
			u.Respond(w, resp)
			return
		}

		if !token.Valid {
			resp := u.Message(false, "Token is not valid.")
			w.WriteHeader(http.StatusForbidden)
			w.Header().Add("Content-Type", "application/json")
			u.Respond(w, resp)
			return
		}

		ctx := context.WithValue(r.Context(), controllers.UserKey, tk.UserID)
		r = r.WithContext(ctx)
		next.ServeHTTP(w, r)
	})
}

JwtAuthentication checks validity of the JWT

Functions ¶

This section is empty.

Types ¶

type App ¶

type App struct {
	Router *mux.Router
	DB     *gorm.DB
	Port   string
}

App holds details about router, database and port

func (*App) Init ¶

func (a *App) Init(u URI)

Init sets up database and routes

func (*App) Run ¶

func (a *App) Run()

Run serves the API on a specified port

type URI ¶

type URI struct {
	Host, User, Name, Pass string
}

URI holds database connection credentials

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL