mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-11 23:54:22 +08:00
2e8d95e80e
* user mgmt models * define user roles * define models for new user mgmt and groups * oauth debug log * initialize user role after db conn * print oauth token in debug log * user roles CRUD apis * user groups CRUD Apis * additional api checks * add additional scopes * add additional scopes url * add additional scopes url * rm additional scopes url * setup middlleware permission checks * integrate permission check into middleware * integrate permission check into middleware * check for headers for subjects * refactor user role models * refactor user groups models * add new user to pending user via RAC login * untracked * allow multiple groups for an user * change json tag * add debug headers * refer network controls form roles, add debug headers * refer network controls form roles, add debug headers * replace auth checks, add network id to role model * nodes handler * migration funcs * invoke sync users migration func * add debug logs * comment middleware * fix get all nodes api * add debug logs * fix middleware error nil check * add new func to get username from jwt * fix jwt parsing * abort on error * allow multiple network roles * allow multiple network roles * add migration func * return err if jwt parsing fails * set global check to true when accessing user apis * set netid for acls api calls * set netid for acls api calls * update role and groups routes * add validation checks * add invite flow apis and magic links * add invited user via oauth signup automatically * create invited user on oauth signup, with groups in the invite * add group validation for user invite * update create user handler with new role mgmt * add validation checks * create user invites tables * add error logging for email invite * fix invite singup url * debug log * get query params from url * get query params from url * add query escape * debug log * debug log * fix user signup via invite api * set admin field for backward compatbility * use new role id for user apis * deprecate use of old admin fields * deprecate usage of old user fields * add user role as service user if empty * setup email sender * delete invite after user singup * add plaform user role * redirect on invite verification link * fix invite redirect * temporary redirect * fix invite redirect * point invite link to frontend * fix query params lookup * add resend support, configure email interface types * fix groups and user creation * validate user groups, add check for metrics api in middleware * add invite url to invite model * migrate rac apis to new user mgmt * handle network nodes * add platform user to default role * fix user role migration * add default on rag creation and cleanup after deletion * fix rac apis * change to invite code param * filter nodes and hosts based on user network access * extend create user group req to accomodate users * filter network based on user access * format oauth error * move user roles and groups * fix get user v1 api * move user mgmt func to pro * add user auth type to user model * fix roles init * remove platform role from group object * list only platform roles * add network roles to invite req * create default groups and roles * fix middleware for global access * create default role * fix nodes filter with global network roles * block selfupdate of groups and network roles * delete netID if net roles are empty * validate user roles nd groups on update * set extclient permission scope when rag vpn access is set * allow deletion of roles and groups * replace _ with - in role naming convention * fix failover middleware mgmt * format oauth templates * fetch route temaplate * return err if user wrong login type * check user groups on rac apis * fix rac apis * fix resp msg * add validation checks for admin invite * return oauth type * format group err msg * fix html tag * clean up default groups * create default rag role * add UI name to roles * remove default net group from user when deleted * reorder migration funcs * fix duplicacy of hosts * check old field for migration * from pro to ce make all secondary users admins * from pro to ce make all secondary users admins * revert: from pro to ce make all secondary users admins * make sure downgrades work * fix pending users approval * fix duplicate hosts * fix duplicate hosts entries * fix cache reference issue * feat: configure FRONTEND_URL during installation * disable user vpn access when network roles are modified * rm vpn acces when roles or groups are deleted * add http to frontend url * revert crypto version * downgrade crytpo version * add platform id check on user invites --------- Co-authored-by: the_aceix <aceixsmartx@gmail.com>
97 lines
2.4 KiB
Go
97 lines
2.4 KiB
Go
package controller
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
"os"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/gorilla/handlers"
|
|
"github.com/gorilla/mux"
|
|
"github.com/gravitl/netmaker/logger"
|
|
m "github.com/gravitl/netmaker/migrate"
|
|
"github.com/gravitl/netmaker/servercfg"
|
|
)
|
|
|
|
// HttpMiddlewares - middleware functions for REST interactions
|
|
var HttpMiddlewares = []mux.MiddlewareFunc{
|
|
userMiddleWare,
|
|
}
|
|
|
|
// HttpHandlers - handler functions for REST interactions
|
|
var HttpHandlers = []interface{}{
|
|
nodeHandlers,
|
|
userHandlers,
|
|
networkHandlers,
|
|
dnsHandlers,
|
|
fileHandlers,
|
|
serverHandlers,
|
|
extClientHandlers,
|
|
ipHandlers,
|
|
loggerHandlers,
|
|
hostHandlers,
|
|
enrollmentKeyHandlers,
|
|
legacyHandlers,
|
|
}
|
|
|
|
func HandleRESTRequests(wg *sync.WaitGroup, ctx context.Context) {
|
|
defer wg.Done()
|
|
|
|
r := mux.NewRouter()
|
|
// Currently allowed dev origin is all. Should change in prod
|
|
// should consider analyzing the allowed methods further
|
|
headersOk := handlers.AllowedHeaders(
|
|
[]string{
|
|
"Access-Control-Allow-Origin",
|
|
"X-Requested-With",
|
|
"Content-Type",
|
|
"authorization",
|
|
"From-Ui",
|
|
},
|
|
)
|
|
originsOk := handlers.AllowedOrigins(strings.Split(servercfg.GetAllowedOrigin(), ","))
|
|
methodsOk := handlers.AllowedMethods(
|
|
[]string{http.MethodGet, http.MethodPut, http.MethodPost, http.MethodDelete},
|
|
)
|
|
|
|
for _, middleware := range HttpMiddlewares {
|
|
r.Use(middleware)
|
|
}
|
|
|
|
for _, handler := range HttpHandlers {
|
|
handler.(func(*mux.Router))(r)
|
|
}
|
|
|
|
port := servercfg.GetAPIPort()
|
|
|
|
srv := &http.Server{
|
|
Addr: ":" + port,
|
|
Handler: handlers.CORS(originsOk, headersOk, methodsOk)(r),
|
|
}
|
|
go func() {
|
|
err := srv.ListenAndServe()
|
|
if err != nil {
|
|
logger.Log(0, err.Error())
|
|
}
|
|
}()
|
|
if os.Getenv("MIGRATE_EMQX") == "true" {
|
|
logger.Log(0, "migrating emqx...")
|
|
time.Sleep(time.Second * 2)
|
|
m.MigrateEmqx()
|
|
}
|
|
logger.Log(0, "REST Server successfully started on port ", port, " (REST)")
|
|
|
|
// Block main routine until a signal is received
|
|
// As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
|
|
<-ctx.Done()
|
|
// After receiving CTRL+C Properly stop the server
|
|
logger.Log(0, "Stopping the REST server...")
|
|
if err := srv.Shutdown(context.TODO()); err != nil {
|
|
logger.Log(0, "REST shutdown error occurred -", err.Error())
|
|
}
|
|
logger.Log(0, "REST Server closed.")
|
|
logger.DumpFile(fmt.Sprintf("data/netmaker.log.%s", time.Now().Format(logger.TimeFormatDay)))
|
|
}
|