You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
122 lines
3.0 KiB
122 lines
3.0 KiB
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/dgrijalva/jwt-go"
|
|
"github.com/minio/minio-go"
|
|
)
|
|
|
|
func isAuthenticated(req *http.Request) bool {
|
|
authBackend := InitJWT()
|
|
tokenRequest, err := jwt.ParseFromRequest(req, func(token *jwt.Token) (interface{}, error) {
|
|
if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
|
|
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
|
|
}
|
|
return authBackend.PublicKey, nil
|
|
})
|
|
if err != nil {
|
|
return false
|
|
}
|
|
return tokenRequest.Valid
|
|
}
|
|
|
|
// ListBuckets - list buckets api.
|
|
func (web *WebAPI) ListBuckets(r *http.Request, args *ListBucketsArgs, reply *[]minio.BucketInfo) error {
|
|
if !isAuthenticated(r) {
|
|
return errUnAuthorizedRequest
|
|
}
|
|
client, err := minio.New("localhost:9000", web.AccessKeyID, web.SecretAccessKey, true)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
buckets, err := client.ListBuckets()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
*reply = buckets
|
|
return nil
|
|
}
|
|
|
|
// ListObjects - list objects api.
|
|
func (web *WebAPI) ListObjects(r *http.Request, args *ListObjectsArgs, reply *[]minio.ObjectInfo) error {
|
|
if !isAuthenticated(r) {
|
|
return errUnAuthorizedRequest
|
|
}
|
|
client, err := minio.New("localhost:9000", web.AccessKeyID, web.SecretAccessKey, true)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
doneCh := make(chan struct{})
|
|
defer close(doneCh)
|
|
|
|
var objects []minio.ObjectInfo
|
|
for object := range client.ListObjects(args.BucketName, args.Prefix, false, doneCh) {
|
|
if object.Err != nil {
|
|
return object.Err
|
|
}
|
|
objects = append(objects, object)
|
|
}
|
|
*reply = objects
|
|
return nil
|
|
}
|
|
|
|
// GetObjectURL - get object url.
|
|
func (web *WebAPI) GetObjectURL(r *http.Request, args *GetObjectURLArgs, reply *string) error {
|
|
if !isAuthenticated(r) {
|
|
return errUnAuthorizedRequest
|
|
}
|
|
client, err := minio.New("localhost:9000", web.AccessKeyID, web.SecretAccessKey, true)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
urlStr, err := client.PresignedGetObject(args.BucketName, args.ObjectName, time.Duration(60*60)*time.Second)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
*reply = urlStr
|
|
return nil
|
|
}
|
|
|
|
// Login - user login handler.
|
|
func (web *WebAPI) Login(r *http.Request, args *LoginArgs, reply *AuthToken) error {
|
|
authBackend := InitJWT()
|
|
if authBackend.Authenticate(args, web.AccessKeyID, web.SecretAccessKey) {
|
|
token, err := authBackend.GenerateToken(args.Username)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
reply.Token = token
|
|
return nil
|
|
}
|
|
return errUnAuthorizedRequest
|
|
}
|
|
|
|
// RefreshToken - refresh token handler.
|
|
func (web *WebAPI) RefreshToken(r *http.Request, args *LoginArgs, reply *AuthToken) error {
|
|
if isAuthenticated(r) {
|
|
authBackend := InitJWT()
|
|
token, err := authBackend.GenerateToken(args.Username)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
reply.Token = token
|
|
return nil
|
|
}
|
|
return errUnAuthorizedRequest
|
|
}
|
|
|
|
// Logout - user logout.
|
|
func (web *WebAPI) Logout(r *http.Request, arg *string, reply *string) error {
|
|
if isAuthenticated(r) {
|
|
authBackend := InitJWT()
|
|
tokenString := r.Header.Get("Authorization")
|
|
if err := authBackend.Logout(tokenString); err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
return errUnAuthorizedRequest
|
|
}
|
|
|