MCorange/wings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update middleware logic

Browse Source
This commit is contained in:
Dane Everitt
2020-12-15 20:19:09 -08:00
parent 84c05efaa5
commit acd6dc62d0
10 changed files with 175 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
router/router.go
View File

@@ -9,10 +9,9 @@ import (
func Configure() *gin.Engine {
gin.SetMode("release")
m := Middleware{}
router := gin.New()
router.Use(gin.Recovery())
router.Use(SetAccessControlHeaders)
router.Use(gin.Recovery(), m.ErrorHandler(), m.SetAccessControlHeaders())
// @todo log this into a different file so you can setup IP blocking for abusive requests and such.
// This should still dump requests in debug mode since it does help with understanding the request
// lifecycle and quickly seeing what was called leading to the logs. However, it isn't feasible to mix
@@ -40,16 +39,16 @@ func Configure() *gin.Engine {
// This route is special it sits above all of the other requests because we are
// using a JWT to authorize access to it, therefore it needs to be publicly
// accessible.
router.GET("/api/servers/:server/ws", ServerExists, getServerWebsocket)
router.GET("/api/servers/:server/ws", m.ServerExists(), getServerWebsocket)
// This request is called by another daemon when a server is going to be transferred out.
// This request does not need the AuthorizationMiddleware as the panel should never call it
// and requests are authenticated through a JWT the panel issues to the other daemon.
router.GET("/api/servers/:server/archive", ServerExists, getServerArchive)
router.GET("/api/servers/:server/archive", m.ServerExists(), getServerArchive)
// All of the routes beyond this mount will use an authorization middleware
// and will not be accessible without the correct Authorization header provided.
protected := router.Use(AuthorizationMiddleware)
protected := router.Use(m.RequireAuthorization())
protected.POST("/api/update", postUpdateConfiguration)
protected.GET("/api/system", getSystemInformation)
protected.GET("/api/servers", getAllServers)
@@ -59,7 +58,7 @@ func Configure() *gin.Engine {
// These are server specific routes, and require that the request be authorized, and
// that the server exist on the Daemon.
server := router.Group("/api/servers/:server")
server.Use(AuthorizationMiddleware, ServerExists)
server.Use(m.RequireAuthorization(), m.ServerExists())
{
server.GET("", getServer)
server.PATCH("", patchServer)