WIP Ajouter config.Config et commencer à l'implanter
This commit is contained in:
parent
64c91b3aeb
commit
da42387211
2 changed files with 58 additions and 84 deletions
|
@ -12,6 +12,8 @@ ADD cmd/ cmd/
|
|||
|
||||
ADD api/ api/
|
||||
|
||||
Add config/ config/
|
||||
|
||||
RUN CGO_ENABLED=0 go build -a -installsuffix cgo -o agecem-org .
|
||||
|
||||
# Alpine
|
||||
|
|
140
cmd/server.go
140
cmd/server.go
|
@ -23,6 +23,7 @@ import (
|
|||
"github.com/spf13/viper"
|
||||
|
||||
"git.agecem.com/agecem/agecem-org/api"
|
||||
"git.agecem.com/agecem/agecem-org/config"
|
||||
"git.agecem.com/agecem/agecem-org/public"
|
||||
"github.com/labstack/echo/v4"
|
||||
"github.com/labstack/echo/v4/middleware"
|
||||
|
@ -32,6 +33,8 @@ type Template struct {
|
|||
templates *template.Template
|
||||
}
|
||||
|
||||
var cfg config.Config
|
||||
|
||||
var embedFS embed.FS
|
||||
|
||||
// serverCmd represents the server command
|
||||
|
@ -39,6 +42,10 @@ var serverCmd = &cobra.Command{
|
|||
Use: "server",
|
||||
Short: "Démarrer le serveur web",
|
||||
Run: func(cmd *cobra.Command, args []string) {
|
||||
if err := viper.Unmarshal(&cfg); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
RunServer()
|
||||
},
|
||||
}
|
||||
|
@ -64,7 +71,7 @@ func init() {
|
|||
|
||||
// server.documents.access_key_id - --server-documents-access-key-id
|
||||
serverCmd.Flags().String("server-documents-access-key-id", "", "Storage server access key id (config: server.documents.access_key_id)")
|
||||
viper.BindPFlag("documents.accessKeyID", serverCmd.Flags().Lookup("documents-access-key-id"))
|
||||
viper.BindPFlag("server.documents.access_key_id", serverCmd.Flags().Lookup("server-documents-access-key-id"))
|
||||
|
||||
// server.documents.secret_access_key - --server-documents-secret-access-key
|
||||
serverCmd.Flags().String("server-documents-secret-access-key", "", "Storage server secret access key (config: server.documents.secret_access_key)")
|
||||
|
@ -114,13 +121,13 @@ func RunServer() {
|
|||
|
||||
groupV1.Use(middleware.AddTrailingSlash())
|
||||
|
||||
if viper.GetBool("server.api.auth") {
|
||||
if len(viper.GetString("server.api.key")) < 10 {
|
||||
if cfg.Server.Api.Auth {
|
||||
if len(cfg.Server.Api.Key) < 10 {
|
||||
log.Fatal("server.api.auth is enabled, but server.api.key is too small (needs at least 10 characters)")
|
||||
}
|
||||
|
||||
groupV1.Use(middleware.KeyAuth(func(key string, c echo.Context) (bool, error) {
|
||||
return subtle.ConstantTimeCompare([]byte(key), []byte(viper.GetString("server.api.key"))) == 1, nil
|
||||
return subtle.ConstantTimeCompare([]byte(key), []byte(cfg.Server.Api.Key)) == 1, nil
|
||||
}))
|
||||
|
||||
log.Println("Key auth for /v1 activated")
|
||||
|
@ -130,21 +137,19 @@ func RunServer() {
|
|||
|
||||
groupAdmin.Use(middleware.AddTrailingSlash())
|
||||
|
||||
if viper.GetBool("server.admin.auth") {
|
||||
username := viper.GetString("server.admin.username")
|
||||
password := viper.GetString("server.admin.password")
|
||||
if len(username) < 5 {
|
||||
if cfg.Server.Admin.Auth {
|
||||
if len(cfg.Server.Admin.Username) < 5 {
|
||||
log.Fatal("server.admin.auth is enabled, but server.admin.username is too small (needs at least 5 characters)")
|
||||
}
|
||||
|
||||
if len(password) < 10 {
|
||||
if len(cfg.Server.Admin.Password) < 10 {
|
||||
log.Fatal("server.admin.auth is enabled, but server.admin.password is too small (needs at least 10 characters)")
|
||||
}
|
||||
|
||||
groupAdmin.Use(middleware.BasicAuth(func(username_entered, password_entered string, c echo.Context) (bool, error) {
|
||||
// Be careful to use constant time comparison to prevent timing attacks
|
||||
if subtle.ConstantTimeCompare([]byte(username_entered), []byte(username)) == 1 &&
|
||||
subtle.ConstantTimeCompare([]byte(password_entered), []byte(password)) == 1 {
|
||||
if subtle.ConstantTimeCompare([]byte(username_entered), []byte(cfg.Server.Admin.Username)) == 1 &&
|
||||
subtle.ConstantTimeCompare([]byte(password_entered), []byte(cfg.Server.Admin.Password)) == 1 {
|
||||
return true, nil
|
||||
}
|
||||
return false, nil
|
||||
|
@ -208,7 +213,7 @@ func RunServer() {
|
|||
groupAdmin.POST("/documents/upload", handleAdminDocumentsUploadPOST)
|
||||
|
||||
e.Logger.Fatal(e.Start(
|
||||
fmt.Sprintf(":%d", viper.GetInt("server.port"))))
|
||||
fmt.Sprintf(":%d", cfg.Server.Port)))
|
||||
}
|
||||
|
||||
func (t *Template) Render(w io.Writer, name string, data interface{}, c echo.Context) error {
|
||||
|
@ -228,30 +233,26 @@ func handleV1(c echo.Context) error {
|
|||
// handleV1Seed créé des buckets dans minio selon la liste de buckets dans server.documents.buckets
|
||||
// Les buckets sont créés avec paramètres par défaut, et sont ensuite visible dans /v1/bucket.
|
||||
func handleV1Seed(c echo.Context) error {
|
||||
documents_buckets := viper.GetStringSlice("server.documents.buckets")
|
||||
documents_endpoint := viper.GetString("server.documents.endpoint")
|
||||
documents_access_key_id := viper.GetString("server.documents.access_key_id")
|
||||
documents_secret_access_key := viper.GetString("server.documents.secret_access_key")
|
||||
documents_use_ssl := viper.GetBool("server.documents.use_ssl")
|
||||
|
||||
// Initialize minio client object
|
||||
client, err := minio.New(documents_endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""),
|
||||
Secure: documents_use_ssl,
|
||||
client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""),
|
||||
Secure: cfg.Server.Documents.UseSSL,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
"message": "Error during minio#New",
|
||||
"error": err.Error(),
|
||||
})
|
||||
}
|
||||
|
||||
var new_buckets []string
|
||||
|
||||
for _, bucket := range documents_buckets {
|
||||
for _, bucket := range cfg.Server.Documents.Buckets {
|
||||
exists, err := client.BucketExists(context.Background(), bucket)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
"message": "Error during minio#BucketExists",
|
||||
"error": err.Error(),
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -262,6 +263,7 @@ func handleV1Seed(c echo.Context) error {
|
|||
if err = client.MakeBucket(context.Background(), bucket, minio.MakeBucketOptions{}); err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
"message": "Error during minio#MakeBucket",
|
||||
"error": err.Error(),
|
||||
})
|
||||
}
|
||||
new_buckets = append(new_buckets, bucket)
|
||||
|
@ -282,16 +284,10 @@ func handleV1Seed(c echo.Context) error {
|
|||
|
||||
// handleV1BucketList affiche les buckets permis par server.documents.buckets, qui existent.
|
||||
func handleV1BucketList(c echo.Context) error {
|
||||
documents_buckets := viper.GetStringSlice("server.documents.buckets")
|
||||
documents_endpoint := viper.GetString("server.documents.endpoint")
|
||||
documents_access_key_id := viper.GetString("server.documents.access_key_id")
|
||||
documents_secret_access_key := viper.GetString("server.documents.secret_access_key")
|
||||
documents_use_ssl := viper.GetBool("server.documents.use_ssl")
|
||||
|
||||
// Initialize minio client object
|
||||
client, err := minio.New(documents_endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""),
|
||||
Secure: documents_use_ssl,
|
||||
client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""),
|
||||
Secure: cfg.Server.Documents.UseSSL,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
|
@ -301,7 +297,7 @@ func handleV1BucketList(c echo.Context) error {
|
|||
|
||||
var buckets []string
|
||||
|
||||
for _, bucket_name := range documents_buckets {
|
||||
for _, bucket_name := range cfg.Server.Documents.Buckets {
|
||||
exists, err := client.BucketExists(context.Background(), bucket_name)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, "Error during minio#BucketExists")
|
||||
|
@ -316,16 +312,10 @@ func handleV1BucketList(c echo.Context) error {
|
|||
}
|
||||
|
||||
func handleV1BucketRead(c echo.Context) error {
|
||||
documents_buckets := viper.GetStringSlice("server.documents.buckets")
|
||||
documents_endpoint := viper.GetString("server.documents.endpoint")
|
||||
documents_access_key_id := viper.GetString("server.documents.access_key_id")
|
||||
documents_secret_access_key := viper.GetString("server.documents.secret_access_key")
|
||||
documents_use_ssl := viper.GetBool("server.documents.use_ssl")
|
||||
|
||||
bucket := c.Param("bucket")
|
||||
|
||||
allowed := false
|
||||
for _, bucket_allowed := range documents_buckets {
|
||||
for _, bucket_allowed := range cfg.Server.Documents.Buckets {
|
||||
if bucket == bucket_allowed {
|
||||
allowed = true
|
||||
}
|
||||
|
@ -345,9 +335,9 @@ func handleV1BucketRead(c echo.Context) error {
|
|||
defer cancel()
|
||||
|
||||
// Initialize minio client object
|
||||
client, err := minio.New(documents_endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""),
|
||||
Secure: documents_use_ssl,
|
||||
client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""),
|
||||
Secure: cfg.Server.Documents.UseSSL,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
|
@ -382,12 +372,6 @@ func handleV1BucketRead(c echo.Context) error {
|
|||
|
||||
// handleV1DocumentCreate permet d'ajouter un object dans un bucket, par multipart/form-data
|
||||
func handleV1DocumentCreate(c echo.Context) error {
|
||||
documents_buckets := viper.GetStringSlice("server.documents.buckets")
|
||||
documents_endpoint := viper.GetString("server.documents.endpoint")
|
||||
documents_access_key_id := viper.GetString("server.documents.access_key_id")
|
||||
documents_secret_access_key := viper.GetString("server.documents.secret_access_key")
|
||||
documents_use_ssl := viper.GetBool("server.documents.use_ssl")
|
||||
|
||||
bucket := c.Param("bucket")
|
||||
|
||||
form_file, err := c.FormFile("document")
|
||||
|
@ -399,7 +383,7 @@ func handleV1DocumentCreate(c echo.Context) error {
|
|||
}
|
||||
|
||||
allowed := false
|
||||
for _, bucket_allowed := range documents_buckets {
|
||||
for _, bucket_allowed := range cfg.Server.Documents.Buckets {
|
||||
if bucket == bucket_allowed {
|
||||
allowed = true
|
||||
}
|
||||
|
@ -414,9 +398,9 @@ func handleV1DocumentCreate(c echo.Context) error {
|
|||
defer cancel()
|
||||
|
||||
// Initialize minio client object
|
||||
client, err := minio.New(documents_endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""),
|
||||
Secure: documents_use_ssl,
|
||||
client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""),
|
||||
Secure: cfg.Server.Documents.UseSSL,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
|
@ -458,17 +442,11 @@ func handleV1DocumentCreate(c echo.Context) error {
|
|||
|
||||
// handleV1DocumentRead permet de lire le contenu d'un fichier et protentiellement de le télécharger
|
||||
func handleV1DocumentRead(c echo.Context) error {
|
||||
documents_buckets := viper.GetStringSlice("server.documents.buckets")
|
||||
documents_endpoint := viper.GetString("server.documents.endpoint")
|
||||
documents_access_key_id := viper.GetString("server.documents.access_key_id")
|
||||
documents_secret_access_key := viper.GetString("server.documents.secret_access_key")
|
||||
documents_use_ssl := viper.GetBool("server.documents.use_ssl")
|
||||
|
||||
bucket := c.Param("bucket")
|
||||
document := c.Param("document")
|
||||
|
||||
allowed := false
|
||||
for _, bucket_allowed := range documents_buckets {
|
||||
for _, bucket_allowed := range cfg.Server.Documents.Buckets {
|
||||
if bucket == bucket_allowed {
|
||||
allowed = true
|
||||
}
|
||||
|
@ -488,9 +466,9 @@ func handleV1DocumentRead(c echo.Context) error {
|
|||
defer cancel()
|
||||
|
||||
// Initialize minio client object
|
||||
client, err := minio.New(documents_endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""),
|
||||
Secure: documents_use_ssl,
|
||||
client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""),
|
||||
Secure: cfg.Server.Documents.UseSSL,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
|
@ -543,17 +521,11 @@ func handleV1DocumentUpdate(c echo.Context) error {
|
|||
|
||||
// handleV1DocumentDelete permet de supprimer un object
|
||||
func handleV1DocumentDelete(c echo.Context) error {
|
||||
documents_buckets := viper.GetStringSlice("server.documents.buckets")
|
||||
documents_endpoint := viper.GetString("server.documents.endpoint")
|
||||
documents_access_key_id := viper.GetString("server.documents.access_key_id")
|
||||
documents_secret_access_key := viper.GetString("server.documents.secret_access_key")
|
||||
documents_use_ssl := viper.GetBool("server.documents.use_ssl")
|
||||
|
||||
bucket := c.Param("bucket")
|
||||
document := c.Param("document")
|
||||
|
||||
allowed := false
|
||||
for _, bucket_allowed := range documents_buckets {
|
||||
for _, bucket_allowed := range cfg.Server.Documents.Buckets {
|
||||
if bucket == bucket_allowed {
|
||||
allowed = true
|
||||
}
|
||||
|
@ -573,9 +545,9 @@ func handleV1DocumentDelete(c echo.Context) error {
|
|||
defer cancel()
|
||||
|
||||
// Initialize minio client object
|
||||
client, err := minio.New(documents_endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""),
|
||||
Secure: documents_use_ssl,
|
||||
client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{
|
||||
Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""),
|
||||
Secure: cfg.Server.Documents.UseSSL,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, map[string]string{
|
||||
|
@ -648,9 +620,9 @@ func handleVieEtudianteOrganisme(c echo.Context) error {
|
|||
}
|
||||
|
||||
func handleDocumentation(c echo.Context) error {
|
||||
client, err := api.New("http", "localhost", viper.GetInt("server.port"), api.APIOptions{
|
||||
KeyAuth: viper.GetBool("server.api.auth"),
|
||||
Key: viper.GetString("server.api.key"),
|
||||
client, err := api.New("http", "localhost", cfg.Server.Port, api.APIOptions{
|
||||
KeyAuth: cfg.Server.Api.Auth,
|
||||
Key: cfg.Server.Api.Key,
|
||||
})
|
||||
if err != nil {
|
||||
return c.Render(http.StatusInternalServerError, "documentation-html", nil)
|
||||
|
@ -720,9 +692,9 @@ func handleFormulaires(c echo.Context) error {
|
|||
}
|
||||
|
||||
func handlePublicDocumentation(c echo.Context) error {
|
||||
client, err := api.New("http", "localhost", viper.GetInt("server.port"), api.APIOptions{
|
||||
KeyAuth: viper.GetBool("server.api.auth"),
|
||||
Key: viper.GetString("server.api.key"),
|
||||
client, err := api.New("http", "localhost", cfg.Server.Port, api.APIOptions{
|
||||
KeyAuth: cfg.Server.Api.Auth,
|
||||
Key: cfg.Server.Api.Key,
|
||||
})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusNotFound, map[string]string{"message": "Not Found"})
|
||||
|
@ -756,12 +728,12 @@ func handleAdminDocumentsUpload(c echo.Context) error {
|
|||
}
|
||||
|
||||
func handleAdminDocumentsUploadPOST(c echo.Context) error {
|
||||
client, err := api.New("http", "localhost", viper.GetInt("server.port"), api.APIOptions{
|
||||
KeyAuth: viper.GetBool("server.api.auth"),
|
||||
Key: viper.GetString("server.api.key"),
|
||||
BasicAuth: viper.GetBool("server.admin.auth"),
|
||||
Username: viper.GetString("server.admin.username"),
|
||||
Password: viper.GetString("server.admin.password"),
|
||||
client, err := api.New("http", "localhost", cfg.Server.Port, api.APIOptions{
|
||||
KeyAuth: cfg.Server.Api.Auth,
|
||||
Key: cfg.Server.Api.Key,
|
||||
BasicAuth: cfg.Server.Admin.Auth,
|
||||
Username: cfg.Server.Admin.Username,
|
||||
Password: cfg.Server.Admin.Password,
|
||||
})
|
||||
if err != nil {
|
||||
return c.Render(http.StatusInternalServerError, "admin-upload-html", struct{ Message string }{Message: fmt.Sprintf("handleAdminDocumentsUploadPOST#api.New: %s", err)})
|
||||
|
|
Loading…
Reference in a new issue