From da42387211ed8d033d6aefe368b92cc8ff3ef896 Mon Sep 17 00:00:00 2001 From: Victor Lacasse-Beaudoin Date: Tue, 4 Jul 2023 16:05:23 -0400 Subject: [PATCH] =?UTF-8?q?WIP=20Ajouter=20config.Config=20et=20commencer?= =?UTF-8?q?=20=C3=A0=20l'implanter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 2 + cmd/server.go | 140 ++++++++++++++++++++------------------------------ 2 files changed, 58 insertions(+), 84 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5281e65..920961a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,6 +12,8 @@ ADD cmd/ cmd/ ADD api/ api/ +Add config/ config/ + RUN CGO_ENABLED=0 go build -a -installsuffix cgo -o agecem-org . # Alpine diff --git a/cmd/server.go b/cmd/server.go index ff7d4d4..9d6d349 100644 --- a/cmd/server.go +++ b/cmd/server.go @@ -23,6 +23,7 @@ import ( "github.com/spf13/viper" "git.agecem.com/agecem/agecem-org/api" + "git.agecem.com/agecem/agecem-org/config" "git.agecem.com/agecem/agecem-org/public" "github.com/labstack/echo/v4" "github.com/labstack/echo/v4/middleware" @@ -32,6 +33,8 @@ type Template struct { templates *template.Template } +var cfg config.Config + var embedFS embed.FS // serverCmd represents the server command @@ -39,6 +42,10 @@ var serverCmd = &cobra.Command{ Use: "server", Short: "Démarrer le serveur web", Run: func(cmd *cobra.Command, args []string) { + if err := viper.Unmarshal(&cfg); err != nil { + log.Fatal(err) + } + RunServer() }, } @@ -64,7 +71,7 @@ func init() { // server.documents.access_key_id - --server-documents-access-key-id serverCmd.Flags().String("server-documents-access-key-id", "", "Storage server access key id (config: server.documents.access_key_id)") - viper.BindPFlag("documents.accessKeyID", serverCmd.Flags().Lookup("documents-access-key-id")) + viper.BindPFlag("server.documents.access_key_id", serverCmd.Flags().Lookup("server-documents-access-key-id")) // server.documents.secret_access_key - --server-documents-secret-access-key serverCmd.Flags().String("server-documents-secret-access-key", "", "Storage server secret access key (config: server.documents.secret_access_key)") @@ -114,13 +121,13 @@ func RunServer() { groupV1.Use(middleware.AddTrailingSlash()) - if viper.GetBool("server.api.auth") { - if len(viper.GetString("server.api.key")) < 10 { + if cfg.Server.Api.Auth { + if len(cfg.Server.Api.Key) < 10 { log.Fatal("server.api.auth is enabled, but server.api.key is too small (needs at least 10 characters)") } groupV1.Use(middleware.KeyAuth(func(key string, c echo.Context) (bool, error) { - return subtle.ConstantTimeCompare([]byte(key), []byte(viper.GetString("server.api.key"))) == 1, nil + return subtle.ConstantTimeCompare([]byte(key), []byte(cfg.Server.Api.Key)) == 1, nil })) log.Println("Key auth for /v1 activated") @@ -130,21 +137,19 @@ func RunServer() { groupAdmin.Use(middleware.AddTrailingSlash()) - if viper.GetBool("server.admin.auth") { - username := viper.GetString("server.admin.username") - password := viper.GetString("server.admin.password") - if len(username) < 5 { + if cfg.Server.Admin.Auth { + if len(cfg.Server.Admin.Username) < 5 { log.Fatal("server.admin.auth is enabled, but server.admin.username is too small (needs at least 5 characters)") } - if len(password) < 10 { + if len(cfg.Server.Admin.Password) < 10 { log.Fatal("server.admin.auth is enabled, but server.admin.password is too small (needs at least 10 characters)") } groupAdmin.Use(middleware.BasicAuth(func(username_entered, password_entered string, c echo.Context) (bool, error) { // Be careful to use constant time comparison to prevent timing attacks - if subtle.ConstantTimeCompare([]byte(username_entered), []byte(username)) == 1 && - subtle.ConstantTimeCompare([]byte(password_entered), []byte(password)) == 1 { + if subtle.ConstantTimeCompare([]byte(username_entered), []byte(cfg.Server.Admin.Username)) == 1 && + subtle.ConstantTimeCompare([]byte(password_entered), []byte(cfg.Server.Admin.Password)) == 1 { return true, nil } return false, nil @@ -208,7 +213,7 @@ func RunServer() { groupAdmin.POST("/documents/upload", handleAdminDocumentsUploadPOST) e.Logger.Fatal(e.Start( - fmt.Sprintf(":%d", viper.GetInt("server.port")))) + fmt.Sprintf(":%d", cfg.Server.Port))) } func (t *Template) Render(w io.Writer, name string, data interface{}, c echo.Context) error { @@ -228,30 +233,26 @@ func handleV1(c echo.Context) error { // handleV1Seed créé des buckets dans minio selon la liste de buckets dans server.documents.buckets // Les buckets sont créés avec paramètres par défaut, et sont ensuite visible dans /v1/bucket. func handleV1Seed(c echo.Context) error { - documents_buckets := viper.GetStringSlice("server.documents.buckets") - documents_endpoint := viper.GetString("server.documents.endpoint") - documents_access_key_id := viper.GetString("server.documents.access_key_id") - documents_secret_access_key := viper.GetString("server.documents.secret_access_key") - documents_use_ssl := viper.GetBool("server.documents.use_ssl") - // Initialize minio client object - client, err := minio.New(documents_endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""), - Secure: documents_use_ssl, + client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{ + Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""), + Secure: cfg.Server.Documents.UseSSL, }) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ "message": "Error during minio#New", + "error": err.Error(), }) } var new_buckets []string - for _, bucket := range documents_buckets { + for _, bucket := range cfg.Server.Documents.Buckets { exists, err := client.BucketExists(context.Background(), bucket) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ "message": "Error during minio#BucketExists", + "error": err.Error(), }) } @@ -262,6 +263,7 @@ func handleV1Seed(c echo.Context) error { if err = client.MakeBucket(context.Background(), bucket, minio.MakeBucketOptions{}); err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ "message": "Error during minio#MakeBucket", + "error": err.Error(), }) } new_buckets = append(new_buckets, bucket) @@ -282,16 +284,10 @@ func handleV1Seed(c echo.Context) error { // handleV1BucketList affiche les buckets permis par server.documents.buckets, qui existent. func handleV1BucketList(c echo.Context) error { - documents_buckets := viper.GetStringSlice("server.documents.buckets") - documents_endpoint := viper.GetString("server.documents.endpoint") - documents_access_key_id := viper.GetString("server.documents.access_key_id") - documents_secret_access_key := viper.GetString("server.documents.secret_access_key") - documents_use_ssl := viper.GetBool("server.documents.use_ssl") - // Initialize minio client object - client, err := minio.New(documents_endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""), - Secure: documents_use_ssl, + client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{ + Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""), + Secure: cfg.Server.Documents.UseSSL, }) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ @@ -301,7 +297,7 @@ func handleV1BucketList(c echo.Context) error { var buckets []string - for _, bucket_name := range documents_buckets { + for _, bucket_name := range cfg.Server.Documents.Buckets { exists, err := client.BucketExists(context.Background(), bucket_name) if err != nil { return c.JSON(http.StatusInternalServerError, "Error during minio#BucketExists") @@ -316,16 +312,10 @@ func handleV1BucketList(c echo.Context) error { } func handleV1BucketRead(c echo.Context) error { - documents_buckets := viper.GetStringSlice("server.documents.buckets") - documents_endpoint := viper.GetString("server.documents.endpoint") - documents_access_key_id := viper.GetString("server.documents.access_key_id") - documents_secret_access_key := viper.GetString("server.documents.secret_access_key") - documents_use_ssl := viper.GetBool("server.documents.use_ssl") - bucket := c.Param("bucket") allowed := false - for _, bucket_allowed := range documents_buckets { + for _, bucket_allowed := range cfg.Server.Documents.Buckets { if bucket == bucket_allowed { allowed = true } @@ -345,9 +335,9 @@ func handleV1BucketRead(c echo.Context) error { defer cancel() // Initialize minio client object - client, err := minio.New(documents_endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""), - Secure: documents_use_ssl, + client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{ + Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""), + Secure: cfg.Server.Documents.UseSSL, }) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ @@ -382,12 +372,6 @@ func handleV1BucketRead(c echo.Context) error { // handleV1DocumentCreate permet d'ajouter un object dans un bucket, par multipart/form-data func handleV1DocumentCreate(c echo.Context) error { - documents_buckets := viper.GetStringSlice("server.documents.buckets") - documents_endpoint := viper.GetString("server.documents.endpoint") - documents_access_key_id := viper.GetString("server.documents.access_key_id") - documents_secret_access_key := viper.GetString("server.documents.secret_access_key") - documents_use_ssl := viper.GetBool("server.documents.use_ssl") - bucket := c.Param("bucket") form_file, err := c.FormFile("document") @@ -399,7 +383,7 @@ func handleV1DocumentCreate(c echo.Context) error { } allowed := false - for _, bucket_allowed := range documents_buckets { + for _, bucket_allowed := range cfg.Server.Documents.Buckets { if bucket == bucket_allowed { allowed = true } @@ -414,9 +398,9 @@ func handleV1DocumentCreate(c echo.Context) error { defer cancel() // Initialize minio client object - client, err := minio.New(documents_endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""), - Secure: documents_use_ssl, + client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{ + Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""), + Secure: cfg.Server.Documents.UseSSL, }) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ @@ -458,17 +442,11 @@ func handleV1DocumentCreate(c echo.Context) error { // handleV1DocumentRead permet de lire le contenu d'un fichier et protentiellement de le télécharger func handleV1DocumentRead(c echo.Context) error { - documents_buckets := viper.GetStringSlice("server.documents.buckets") - documents_endpoint := viper.GetString("server.documents.endpoint") - documents_access_key_id := viper.GetString("server.documents.access_key_id") - documents_secret_access_key := viper.GetString("server.documents.secret_access_key") - documents_use_ssl := viper.GetBool("server.documents.use_ssl") - bucket := c.Param("bucket") document := c.Param("document") allowed := false - for _, bucket_allowed := range documents_buckets { + for _, bucket_allowed := range cfg.Server.Documents.Buckets { if bucket == bucket_allowed { allowed = true } @@ -488,9 +466,9 @@ func handleV1DocumentRead(c echo.Context) error { defer cancel() // Initialize minio client object - client, err := minio.New(documents_endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""), - Secure: documents_use_ssl, + client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{ + Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""), + Secure: cfg.Server.Documents.UseSSL, }) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ @@ -543,17 +521,11 @@ func handleV1DocumentUpdate(c echo.Context) error { // handleV1DocumentDelete permet de supprimer un object func handleV1DocumentDelete(c echo.Context) error { - documents_buckets := viper.GetStringSlice("server.documents.buckets") - documents_endpoint := viper.GetString("server.documents.endpoint") - documents_access_key_id := viper.GetString("server.documents.access_key_id") - documents_secret_access_key := viper.GetString("server.documents.secret_access_key") - documents_use_ssl := viper.GetBool("server.documents.use_ssl") - bucket := c.Param("bucket") document := c.Param("document") allowed := false - for _, bucket_allowed := range documents_buckets { + for _, bucket_allowed := range cfg.Server.Documents.Buckets { if bucket == bucket_allowed { allowed = true } @@ -573,9 +545,9 @@ func handleV1DocumentDelete(c echo.Context) error { defer cancel() // Initialize minio client object - client, err := minio.New(documents_endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(documents_access_key_id, documents_secret_access_key, ""), - Secure: documents_use_ssl, + client, err := minio.New(cfg.Server.Documents.Endpoint, &minio.Options{ + Creds: credentials.NewStaticV4(cfg.Server.Documents.AccessKeyId, cfg.Server.Documents.SecretAccessKey, ""), + Secure: cfg.Server.Documents.UseSSL, }) if err != nil { return c.JSON(http.StatusInternalServerError, map[string]string{ @@ -648,9 +620,9 @@ func handleVieEtudianteOrganisme(c echo.Context) error { } func handleDocumentation(c echo.Context) error { - client, err := api.New("http", "localhost", viper.GetInt("server.port"), api.APIOptions{ - KeyAuth: viper.GetBool("server.api.auth"), - Key: viper.GetString("server.api.key"), + client, err := api.New("http", "localhost", cfg.Server.Port, api.APIOptions{ + KeyAuth: cfg.Server.Api.Auth, + Key: cfg.Server.Api.Key, }) if err != nil { return c.Render(http.StatusInternalServerError, "documentation-html", nil) @@ -720,9 +692,9 @@ func handleFormulaires(c echo.Context) error { } func handlePublicDocumentation(c echo.Context) error { - client, err := api.New("http", "localhost", viper.GetInt("server.port"), api.APIOptions{ - KeyAuth: viper.GetBool("server.api.auth"), - Key: viper.GetString("server.api.key"), + client, err := api.New("http", "localhost", cfg.Server.Port, api.APIOptions{ + KeyAuth: cfg.Server.Api.Auth, + Key: cfg.Server.Api.Key, }) if err != nil { return c.JSON(http.StatusNotFound, map[string]string{"message": "Not Found"}) @@ -756,12 +728,12 @@ func handleAdminDocumentsUpload(c echo.Context) error { } func handleAdminDocumentsUploadPOST(c echo.Context) error { - client, err := api.New("http", "localhost", viper.GetInt("server.port"), api.APIOptions{ - KeyAuth: viper.GetBool("server.api.auth"), - Key: viper.GetString("server.api.key"), - BasicAuth: viper.GetBool("server.admin.auth"), - Username: viper.GetString("server.admin.username"), - Password: viper.GetString("server.admin.password"), + client, err := api.New("http", "localhost", cfg.Server.Port, api.APIOptions{ + KeyAuth: cfg.Server.Api.Auth, + Key: cfg.Server.Api.Key, + BasicAuth: cfg.Server.Admin.Auth, + Username: cfg.Server.Admin.Username, + Password: cfg.Server.Admin.Password, }) if err != nil { return c.Render(http.StatusInternalServerError, "admin-upload-html", struct{ Message string }{Message: fmt.Sprintf("handleAdminDocumentsUploadPOST#api.New: %s", err)})