122 lines
4.0 KiB
Go
122 lines
4.0 KiB
Go
/*
|
|
YetAnotherToDoList
|
|
Copyright © 2023 gilex-dev gilex-dev@proton.me
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, version 3.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
package server
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/99designs/gqlgen/graphql"
|
|
"github.com/99designs/gqlgen/graphql/handler"
|
|
"github.com/go-chi/chi"
|
|
"github.com/go-chi/chi/middleware"
|
|
"somepi.ddns.net/gitea/gilex-dev/YetAnotherToDoList/globals"
|
|
"somepi.ddns.net/gitea/gilex-dev/YetAnotherToDoList/graph"
|
|
"somepi.ddns.net/gitea/gilex-dev/YetAnotherToDoList/graph/model"
|
|
"somepi.ddns.net/gitea/gilex-dev/YetAnotherToDoList/server/auth"
|
|
)
|
|
|
|
func StartServer(portHTTP int, portHTTPS int, certFile string, keyFile string) {
|
|
router := chi.NewRouter()
|
|
router.Use(middleware.StripSlashes)
|
|
|
|
handleDevTools(router, portHTTP, portHTTPS) // controlled by 'dev' tag
|
|
handleFrontend(router) // controlled by 'headless' tag
|
|
router.HandleFunc("/version", func(w http.ResponseWriter, r *http.Request) {
|
|
fmt.Fprintf(w, "%s %s", globals.Version, globals.CommitHash)
|
|
})
|
|
|
|
router.HandleFunc("/auth/login", auth.IssueRefreshTokenHandler)
|
|
router.HandleFunc("/auth", auth.IssueAccessTokenHandler)
|
|
|
|
router.Group(func(r chi.Router) {
|
|
config := graph.Config{Resolvers: &graph.Resolver{}}
|
|
config.Directives.HasPrivilege = func(ctx context.Context, obj interface{}, next graphql.Resolver, privilege model.Privilege) (interface{}, error) {
|
|
switch privilege {
|
|
case model.PrivilegeIsUserCreator:
|
|
if !auth.ForContext(ctx).IsUserCreator {
|
|
return nil, fmt.Errorf("access denied: you need IsUserCreator")
|
|
|
|
}
|
|
case model.PrivilegeIsAdmin:
|
|
if !auth.ForContext(ctx).IsAdmin {
|
|
return nil, fmt.Errorf("access denied: you need IsAdmin")
|
|
}
|
|
|
|
}
|
|
// or let it pass through
|
|
return next(ctx)
|
|
}
|
|
|
|
config.Directives.AsUser = func(ctx context.Context, obj interface{}, next graphql.Resolver, id string) (interface{}, error) {
|
|
if !auth.ForContext(ctx).IsAdmin {
|
|
// block calling the next resolver
|
|
return nil, fmt.Errorf("access denied: you need IsAdmin to use the asUser directive")
|
|
}
|
|
// or let it pass through
|
|
fmt.Printf("Running as %s instead of %s\n", id, auth.ForContext(ctx).UserId) //DEBUG
|
|
auth.ForContext(ctx).UserId = id
|
|
return next(ctx)
|
|
}
|
|
|
|
srv := handler.NewDefaultServer(graph.NewExecutableSchema(config))
|
|
r.Use(auth.Middleware())
|
|
r.Handle("/api", srv)
|
|
r.HandleFunc("/protected", func(w http.ResponseWriter, r *http.Request) {
|
|
fmt.Printf("user is %+v\n", auth.ForContext(r.Context()))
|
|
})
|
|
})
|
|
// router.HandleFunc("/auth/", func(w http.ResponseWriter, r *http.Request) {
|
|
// http.Redirect(w, r, "/auth", http.StatusMovedPermanently)
|
|
// })
|
|
|
|
err := <-listen(portHTTP, portHTTPS, certFile, keyFile, router)
|
|
globals.Logger.Fatalf("Could not start serving service due to (error: %s)", err)
|
|
|
|
}
|
|
|
|
func listen(portHTTP int, portHTTPS int, certFile string, keyFile string, router *chi.Mux) chan error {
|
|
|
|
errs := make(chan error)
|
|
|
|
// Starting HTTP server
|
|
if portHTTP != -1 {
|
|
go func() {
|
|
globals.Logger.Printf("Staring HTTP service on %d ...", portHTTP)
|
|
|
|
if err := http.ListenAndServe(":"+strconv.FormatInt(int64(portHTTP), 10), router); err != nil {
|
|
errs <- err
|
|
}
|
|
|
|
}()
|
|
}
|
|
|
|
// Starting HTTPS server
|
|
if portHTTPS != -1 && certFile != "" && keyFile != "" {
|
|
go func() {
|
|
globals.Logger.Printf("Staring HTTPS service on %d ...", portHTTPS)
|
|
if err := http.ListenAndServeTLS(":"+strconv.FormatInt(int64(portHTTPS), 10), certFile, keyFile, router); err != nil {
|
|
errs <- err
|
|
}
|
|
}()
|
|
}
|
|
|
|
return errs
|
|
}
|