From 290cb1edc6846256441cb2c85b2a3350fd20b4aa Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 28 Nov 2019 14:36:49 +0100 Subject: [PATCH] manage auth and add secret --- auth/auth.go | 2 +- config/config.go | 30 +++++++++++++++++------------- server.go | 17 +++++++++++------ templates/index.tmpl | 3 ++- 4 files changed, 31 insertions(+), 21 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 50d4795..c16903e 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -30,7 +30,7 @@ func LogIn(username string, password string) (ok bool, user map[string]string) { GroupFilter: "(memberUid=%s)", Attributes: conf.LDAP.Attributes, } - log.Print(ldapclient) + defer ldapclient.Close() ok, user, err := ldapclient.Authenticate(username, password) diff --git a/config/config.go b/config/config.go index 1b55d54..2fab939 100644 --- a/config/config.go +++ b/config/config.go @@ -5,25 +5,28 @@ import ( ini "gopkg.in/ini.v1" ) + // Config is the config type Config struct { - HTTP HTTPConfig - LDAP LDAPConfig + HTTP HTTPConfig + LDAP LDAPConfig } + // HTTPConfig is the http config type HTTPConfig struct { - Address string - + Address string + Secret string } + // LDAPConfig is the ldap config type LDAPConfig struct { - Base string - Host string - Port int - BindDN string - BindPassword string - UserFilter string - Attributes []string + Base string + Host string + Port int + BindDN string + BindPassword string + UserFilter string + Attributes []string } // NewFromFile retrieves the configuration from the given file @@ -38,11 +41,12 @@ func NewFromFile(filepath string) (*Config, error) { } return config, nil } + // NewDefault set a default config func NewDefault() *Config { return &Config{ HTTP: HTTPConfig{ - Address: ":3001", + Address: ":3001", }, LDAP: LDAPConfig{ Base: "dc=example,dc=com", @@ -53,9 +57,9 @@ func NewDefault() *Config { UserFilter: "(uid=%s)", Attributes: []string{"givenName", "sn", "mail", "uid"}, }, - } } + // Dump return the config dump func Dump(config *Config, w io.Writer) error { cfg := ini.Empty() diff --git a/server.go b/server.go index 6a76d9d..5d1f95a 100644 --- a/server.go +++ b/server.go @@ -23,6 +23,7 @@ type User struct { } var configFile = "server.conf" +var secret string func main() { @@ -32,6 +33,7 @@ func main() { if conferr != nil { conf = config.NewDefault() } + secret = conf.HTTP.Secret bdd.InitDB() @@ -52,19 +54,18 @@ func main() { // ServerHTTP is the entry point to all requests func (u *User) ServeHTTP(w http.ResponseWriter, r *http.Request) { - if err := r.ParseForm(); err != nil { log.Printf("ParseForm() err: %v", err) } else { u.Auth(r.FormValue("user"), r.FormValue("password")) } - if u.Name == "" { - LogInPage(w, r) + if r.Method == http.MethodPost && r.Form.Get("option") != "" && r.Form.Get("key") == "hBObfzuTOTv6BjLUxzXaV5MUeNsTdivY" { + VoteEndPoint(w, r) return } - if r.Method == http.MethodPost && r.Form.Get("option") != "" { - VoteEndPoint(w, r) + if u.Name == "" { + LogInPage(w, r) return } if r.URL.Path == "/" { @@ -84,6 +85,9 @@ func (u *User) Auth(user string, pass string) bool { if auth { u.Name = user u.Password = pass + } else { + u.Name = "" + u.Password = "" } // auth := true // u.Name = "mlamalle" @@ -107,11 +111,12 @@ func LogInPage(w http.ResponseWriter, r *http.Request) { // HomePage is the homepage of the app func HomePage(w http.ResponseWriter, r *http.Request) { type HomeData struct { + Key string Foods foodlist.FoodOfTheDay Votes vote.VotesOfTheDay } - datas := HomeData{foodlist.GetFoodOfTheDay(), vote.GetVotesOfTheDay()} + datas := HomeData{secret, foodlist.GetFoodOfTheDay(), vote.GetVotesOfTheDay()} paths := []string{ "./templates/index.tmpl", diff --git a/templates/index.tmpl b/templates/index.tmpl index 350ccba..71e3d23 100644 --- a/templates/index.tmpl +++ b/templates/index.tmpl @@ -9,7 +9,8 @@