wip
This commit is contained in:
parent
5b18551826
commit
d89ce46a47
6 changed files with 197 additions and 12 deletions
67
polyculeconnect/controller/ui/approval.go
Normal file
67
polyculeconnect/controller/ui/approval.go
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
package ui
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/services/approval"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
const (
|
||||
ApprovalRoute = "/approval"
|
||||
rememberKey = "remember"
|
||||
)
|
||||
|
||||
type ApprovalController struct {
|
||||
l *logrus.Logger
|
||||
downstreamController http.Handler
|
||||
srv approval.ApprovalService
|
||||
}
|
||||
|
||||
func NewApprovalController(l *logrus.Logger, downstream http.Handler, srv approval.ApprovalService) *ApprovalController {
|
||||
return &ApprovalController{
|
||||
l: l,
|
||||
downstreamController: downstream,
|
||||
srv: srv,
|
||||
}
|
||||
}
|
||||
|
||||
func (ac *ApprovalController) handleGetApproval(r *http.Request) {
|
||||
ac.l.Debug("Checking if approval is remembered")
|
||||
|
||||
remembered, err := ac.srv.IsRemembered(r.Context(), approval.Claim{Email: "kilgore@kilgore.trout", ClientID: "9854d42da9cd91369a293758d514178c73d2b9774971d8965945ab2b81e83e69"})
|
||||
if err != nil {
|
||||
ac.l.Errorf("Failed to check if approval is remembered: %s", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
if remembered {
|
||||
ac.l.Info("Approval is remembered, skipping approval page")
|
||||
return
|
||||
} else {
|
||||
ac.l.Info("Approval is not remembered, continuing")
|
||||
}
|
||||
}
|
||||
|
||||
func (ac *ApprovalController) handlePostApproval(r *http.Request) {
|
||||
ac.l.Debug("Handling POST approval request")
|
||||
if err := r.ParseForm(); err != nil {
|
||||
ac.l.Errorf("Failed to parse request form: %s", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
if remember := r.Form.Get(rememberKey); remember == "on" {
|
||||
if err := ac.srv.Remember(r.Context(), approval.Claim{Email: "kilgore@kilgore.trout", ClientID: "9854d42da9cd91369a293758d514178c73d2b9774971d8965945ab2b81e83e69"}); err != nil {
|
||||
ac.l.Errorf("Failed to remember approval request: %s", err.Error())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (ac *ApprovalController) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == http.MethodPost {
|
||||
ac.handlePostApproval(r)
|
||||
} else if r.Method == http.MethodGet {
|
||||
ac.handleGetApproval(r)
|
||||
}
|
||||
ac.downstreamController.ServeHTTP(w, r)
|
||||
}
|
||||
|
|
@ -11,6 +11,7 @@ import (
|
|||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/controller/ui"
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/middlewares"
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/services/approval"
|
||||
dex_server "github.com/dexidp/dex/server"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
|
@ -63,8 +64,11 @@ func New(appConf *config.AppConfig, dexSrv *dex_server.Server, logger *logrus.Lo
|
|||
panic(fmt.Errorf("unexpected listening mode %v", appConf.ServerMode))
|
||||
}
|
||||
|
||||
approvalSrv := approval.New(appConf)
|
||||
|
||||
controllers := map[string]http.Handler{
|
||||
ui.StaticRoute: middlewares.WithLogger(&ui.StaticController{}, logger),
|
||||
"/approval": middlewares.WithLogger(ui.NewApprovalController(logger, dexSrv, approvalSrv), logger),
|
||||
"/": middlewares.WithLogger(ui.NewIndexController(logger, dexSrv), logger),
|
||||
}
|
||||
|
||||
|
|
|
|||
81
polyculeconnect/services/approval/approval.go
Normal file
81
polyculeconnect/services/approval/approval.go
Normal file
|
|
@ -0,0 +1,81 @@
|
|||
package approval
|
||||
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/services/db"
|
||||
)
|
||||
|
||||
const (
|
||||
insertRememberApproval = `INSERT INTO stored_approvals (email, client_id, expiry) VALUES (?, ?, ?)`
|
||||
getApproval = `SELECT expiry FROM stored_approvalts WHERE email = ? AND client_id = ?`
|
||||
dbTimeout = 30 * time.Second
|
||||
approvalExpiration = 30 * 24 * time.Hour
|
||||
)
|
||||
|
||||
type Claim struct {
|
||||
Email string
|
||||
ClientID string
|
||||
}
|
||||
|
||||
type ApprovalService interface {
|
||||
Remember(ctx context.Context, claim Claim) error
|
||||
IsRemembered(ctx context.Context, claim Claim) (bool, error)
|
||||
}
|
||||
|
||||
type concreteApprovalService struct {
|
||||
conf *config.AppConfig
|
||||
}
|
||||
|
||||
func (cas *concreteApprovalService) Remember(ctx context.Context, claim Claim) error {
|
||||
db, err := db.Connect(cas.conf)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to connect to db: %w", err)
|
||||
}
|
||||
|
||||
queryCtx, cancel := context.WithTimeout(ctx, dbTimeout)
|
||||
defer cancel()
|
||||
|
||||
tx, err := db.BeginTx(queryCtx, nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to begin transaction: %w", err)
|
||||
}
|
||||
|
||||
expiry := time.Now().UTC().Add(approvalExpiration)
|
||||
_, err = tx.Exec(insertRememberApproval, claim.Email, claim.ClientID, expiry)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to insert approval in DB: %w", err)
|
||||
}
|
||||
|
||||
if err := tx.Commit(); err != nil {
|
||||
return fmt.Errorf("failed to commit transaction: %w", err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cas *concreteApprovalService) IsRemembered(ctx context.Context, claim Claim) (bool, error) {
|
||||
db, err := db.Connect(cas.conf)
|
||||
if err != nil {
|
||||
return false, fmt.Errorf("failed to connect to db: %w", err)
|
||||
}
|
||||
|
||||
row := db.QueryRow(getApproval, claim.Email, claim.ClientID)
|
||||
var expiry time.Time
|
||||
if err := row.Scan(&expiry); err != nil {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
return false, nil
|
||||
}
|
||||
return false, fmt.Errorf("failed to run query: %w", err)
|
||||
}
|
||||
|
||||
return time.Now().UTC().Before(expiry), nil
|
||||
}
|
||||
|
||||
func New(conf *config.AppConfig) ApprovalService {
|
||||
return &concreteApprovalService{conf: conf}
|
||||
}
|
||||
27
polyculeconnect/services/db/db.go
Normal file
27
polyculeconnect/services/db/db.go
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
package db
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
||||
)
|
||||
|
||||
type concreteDBService struct {
|
||||
}
|
||||
|
||||
func connectSQLite(path string) (*sql.DB, error) {
|
||||
return sql.Open("sqlite3", path)
|
||||
}
|
||||
|
||||
func Connect(conf *config.AppConfig) (*sql.DB, error) {
|
||||
switch conf.StorageType {
|
||||
case string(config.Memory):
|
||||
return nil, errors.New("no db for memory mode")
|
||||
case string(config.SQLite):
|
||||
return connectSQLite(conf.StorageConfig.File)
|
||||
default:
|
||||
return nil, fmt.Errorf("unsupported storage mode %q", conf.StorageType)
|
||||
}
|
||||
}
|
||||
|
|
@ -1,5 +1,10 @@
|
|||
let approvalForm = document.getElementById("approvalform");
|
||||
function submitApproval(approve) {
|
||||
if (approve) {
|
||||
document.getElementById("approval").value = "approve";
|
||||
} else {
|
||||
document.getElementById("approval").value = "rejected";
|
||||
}
|
||||
|
||||
approvalForm.addEventListener("submit", (e) => {
|
||||
handleSuccess();
|
||||
});
|
||||
document.getElementById("approvalform").submit();
|
||||
}
|
||||
|
|
@ -16,18 +16,19 @@
|
|||
{{ end }}
|
||||
</div>
|
||||
|
||||
<div class="form-buttons" id="approvalform">
|
||||
<form method="post" class="container-form">
|
||||
|
||||
<div class="form-buttons">
|
||||
<form method="post" class="container-form" id="approvalform">
|
||||
<div>
|
||||
<input type="checkbox" id="rememberme" name="remember" class="form-checkbox">
|
||||
<label for="remember-me" class="form-checkbox-label">Remember my choice</label>
|
||||
</div>
|
||||
<input type="hidden" name="req" value="{{ .AuthReqID }}" />
|
||||
<input type="hidden" name="approval" value="approve">
|
||||
<button type="submit" class="button button-accept">
|
||||
<input id="approval" type="hidden" name="approval" value="approve">
|
||||
<button onclick="submitApproval(true)" class="button button-accept">
|
||||
<span>Grant Access</span>
|
||||
</button>
|
||||
</form>
|
||||
<form method="post" class="container-form">
|
||||
<input type="hidden" name="req" value="{{ .AuthReqID }}" />
|
||||
<input type="hidden" name="approval" value="rejected">
|
||||
<button type="submit" class="button button-cancel">
|
||||
<button onclick="submitApproval(false)" class="button button-cancel">
|
||||
<span>Cancel</span>
|
||||
</button>
|
||||
</form>
|
||||
|
|
|
|||
Loading…
Reference in a new issue