Commit 92ff0002 authored by Eric's avatar Eric

[update] add AuthDecorator

parent 774c4ac4
...@@ -18,6 +18,7 @@ var ( ...@@ -18,6 +18,7 @@ var (
ContextKeySystemUser = &contextKey{"systemUser"} ContextKeySystemUser = &contextKey{"systemUser"}
ContextKeySSHSession = &contextKey{"sshSession"} ContextKeySSHSession = &contextKey{"sshSession"}
ContextKeyLocalAddr = &contextKey{"localAddr"} ContextKeyLocalAddr = &contextKey{"localAddr"}
ContextKeyRemoteAddr = &contextKey{"RemoteAddr"}
ContextKeySSHCtx = &contextKey{"sshCtx"} ContextKeySSHCtx = &contextKey{"sshCtx"}
ContextKeySeed = &contextKey{"seed"} ContextKeySeed = &contextKey{"seed"}
ContextKeyToken = &contextKey{"token"} ContextKeyToken = &contextKey{"token"}
......
package httpd package httpd
import ( import (
"context"
"fmt"
"html/template" "html/template"
"log" "log"
"net/http" "net/http"
"strings"
"github.com/LeeEirc/elfinder" "github.com/LeeEirc/elfinder"
socketio "github.com/googollee/go-socket.io" socketio "github.com/googollee/go-socket.io"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"cocogo/pkg/cctx"
"cocogo/pkg/logger"
"cocogo/pkg/model"
"cocogo/pkg/service"
) )
func AuthDecorator(handler http.HandlerFunc) http.HandlerFunc {
return func(responseWriter http.ResponseWriter, request *http.Request) {
cookies := strings.Split(request.Header.Get("Cookie"), ";")
var csrfToken string
var sessionid string
var remoteIP string
for _, line := range cookies {
if strings.Contains(line, "csrftoken") {
csrfToken = strings.Split(line, "=")[1]
}
if strings.Contains(line, "sessionid") {
sessionid = strings.Split(line, "=")[1]
}
}
user, err := service.CheckUserCookie(sessionid, csrfToken)
if err != nil {
loginUrl := fmt.Sprintf("/users/login/?next=%s", request.URL.Path)
http.Redirect(responseWriter, request, loginUrl, http.StatusFound)
return
}
xForwardFors := strings.Split(request.Header.Get("X-Forwarded-For"), ",")
if len(xForwardFors) >= 1 {
remoteIP = xForwardFors[0]
} else {
remoteIP = strings.Split(request.RemoteAddr, ":")[0]
}
ctx := context.WithValue(request.Context(), cctx.ContextKeyUser, user)
ctx = context.WithValue(ctx, cctx.ContextKeyRemoteAddr, remoteIP)
handler(responseWriter, request.WithContext(ctx))
}
}
func OnElfinderConnect(s socketio.Conn) error { func OnElfinderConnect(s socketio.Conn) error {
u := s.URL() u := s.URL()
sid := u.Query().Get("sid") sid := u.Query().Get("sid")
...@@ -38,6 +78,9 @@ func sftpFinder(wr http.ResponseWriter, req *http.Request) { ...@@ -38,6 +78,9 @@ func sftpFinder(wr http.ResponseWriter, req *http.Request) {
} }
func sftpHostConnectorView(wr http.ResponseWriter, req *http.Request) { func sftpHostConnectorView(wr http.ResponseWriter, req *http.Request) {
user := req.Context().Value(cctx.ContextKeyUser).(*model.User)
remoteIP := req.Context().Value(cctx.ContextKeyRemoteAddr).(string)
logger.Debugf("user: %s; remote ip: %s; create connector", user.Name, remoteIP)
con := elfinder.NewElFinderConnector([]elfinder.Volume{&elfinder.DefaultVolume}) con := elfinder.NewElFinderConnector([]elfinder.Volume{&elfinder.DefaultVolume})
con.ServeHTTP(wr, req) con.ServeHTTP(wr, req)
} }
...@@ -4,38 +4,17 @@ import ( ...@@ -4,38 +4,17 @@ import (
"errors" "errors"
"fmt" "fmt"
"io" "io"
"net/http"
"strings" "strings"
"github.com/gliderlabs/ssh" "github.com/gliderlabs/ssh"
"github.com/googollee/go-socket.io" socketio "github.com/googollee/go-socket.io"
"github.com/satori/go.uuid" uuid "github.com/satori/go.uuid"
"cocogo/pkg/logger" "cocogo/pkg/logger"
"cocogo/pkg/proxy" "cocogo/pkg/proxy"
"cocogo/pkg/service" "cocogo/pkg/service"
) )
func AuthDecorator(handler http.HandlerFunc) http.HandlerFunc {
return func(responseWriter http.ResponseWriter, request *http.Request) {
cookies := strings.Split(request.Header.Get("Cookie"), ";")
var csrfToken string
var sessionid string
for _, line := range cookies {
if strings.Contains(line, "csrftoken") {
csrfToken = strings.Split(line, "=")[1]
}
if strings.Contains(line, "sessionid") {
sessionid = strings.Split(line, "=")[1]
}
}
_, err := service.CheckUserCookie(sessionid, csrfToken)
if err != nil {
http.Redirect(responseWriter, request, "", http.StatusFound)
}
}
}
// OnConnectHandler 当websocket连接后触发 // OnConnectHandler 当websocket连接后触发
func OnConnectHandler(s socketio.Conn) error { func OnConnectHandler(s socketio.Conn) error {
// 首次连接 1.获取当前用户的信息 // 首次连接 1.获取当前用户的信息
......
...@@ -42,10 +42,10 @@ func StartHTTPServer() { ...@@ -42,10 +42,10 @@ func StartHTTPServer() {
router.PathPrefix("/static/").Handler(http.StripPrefix("/static/", fs)) router.PathPrefix("/static/").Handler(http.StripPrefix("/static/", fs))
router.Handle("/socket.io/", server) router.Handle("/socket.io/", server)
router.HandleFunc("/coco/elfinder/sftp/{host}/", sftpHostFinder) router.HandleFunc("/coco/elfinder/sftp/{host}/", AuthDecorator(sftpHostFinder))
router.HandleFunc("/coco/elfinder/sftp/", sftpFinder) router.HandleFunc("/coco/elfinder/sftp/", AuthDecorator(sftpFinder))
router.HandleFunc("/coco/elfinder/sftp/connector/{host}/", router.HandleFunc("/coco/elfinder/sftp/connector/{host}/",
sftpHostConnectorView).Methods("GET", "POST") AuthDecorator(sftpHostConnectorView)).Methods("GET", "POST")
addr := net.JoinHostPort(conf.BindHost, conf.HTTPPort) addr := net.JoinHostPort(conf.BindHost, conf.HTTPPort)
logger.Debug("Start HTTP server at ", addr) logger.Debug("Start HTTP server at ", addr)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment