wg-portal/internal/server/routes.go

package server

import (
	"net/http"

	"github.com/gin-gonic/gin"
	wgportal "github.com/h44z/wg-portal"
)

func SetupRoutes(s *Server) {
	// Startpage
	s.server.GET("/", s.GetIndex)
	s.server.GET("/favicon.ico", func(c *gin.Context) {
		file, _ := wgportal.Statics.ReadFile("assets/img/favicon.ico")
		c.Data(
			http.StatusOK,
			"image/x-icon",
			file,
		)
	})

	// Auth routes
	auth := s.server.Group("/auth")
	auth.GET("/login", s.GetLogin)
	auth.POST("/login", s.PostLogin)
	auth.GET("/logout", s.GetLogout)

	// Admin routes
	admin := s.server.Group("/admin")
	admin.Use(s.RequireAuthentication("admin"))
	admin.GET("/", s.GetAdminIndex)
	admin.GET("/device/edit", s.GetAdminEditInterface)
	admin.POST("/device/edit", s.PostAdminEditInterface)
	admin.GET("/device/download", s.GetInterfaceConfig)
	admin.GET("/device/write", s.GetSaveConfig)
	admin.GET("/device/applyglobals", s.GetApplyGlobalConfig)
	admin.GET("/peer/edit", s.GetAdminEditPeer)
	admin.POST("/peer/edit", s.PostAdminEditPeer)
	admin.GET("/peer/create", s.GetAdminCreatePeer)
	admin.POST("/peer/create", s.PostAdminCreatePeer)
	admin.GET("/peer/createldap", s.GetAdminCreateLdapPeers)
	admin.POST("/peer/createldap", s.PostAdminCreateLdapPeers)
	admin.GET("/peer/delete", s.GetAdminDeletePeer)
	admin.GET("/peer/download", s.GetPeerConfig)
	admin.GET("/peer/email", s.GetPeerConfigMail)

	admin.GET("/users/", s.GetAdminUsersIndex)
	admin.GET("/users/create", s.GetAdminUsersCreate)
	admin.POST("/users/create", s.PostAdminUsersCreate)
	admin.GET("/users/edit", s.GetAdminUsersEdit)
	admin.POST("/users/edit", s.PostAdminUsersEdit)

	// User routes
	user := s.server.Group("/user")
	user.Use(s.RequireAuthentication("")) // empty scope = all logged in users
	user.GET("/qrcode", s.GetPeerQRCode)
	user.GET("/profile", s.GetUserIndex)
	user.GET("/download", s.GetPeerConfig)
	user.GET("/email", s.GetPeerConfigMail)
	user.GET("/status", s.GetPeerStatus)
}

func (s *Server) RequireAuthentication(scope string) gin.HandlerFunc {
	return func(c *gin.Context) {
		session := GetSessionData(c)

		if !session.LoggedIn {
			// Abort the request with the appropriate error code
			c.Abort()
			c.Redirect(http.StatusSeeOther, "/auth/login?err=loginreq")
			return
		}

		if scope == "admin" && !session.IsAdmin {
			// Abort the request with the appropriate error code
			c.Abort()
			s.GetHandleError(c, http.StatusUnauthorized, "unauthorized", "not enough permissions")
			return
		}

		// default case if some randome scope was set...
		if scope != "" && !session.IsAdmin {
			// Abort the request with the appropriate error code
			c.Abort()
			s.GetHandleError(c, http.StatusUnauthorized, "unauthorized", "not enough permissions")
			return
		}

		// Continue down the chain to handler etc
		c.Next()
	}
}
initial commit 2020-11-05 13:37:51 -05:00			`package server`

			`import (`
			`"net/http"`

			`"github.com/gin-gonic/gin"`
WIP: support for multiple WireGuard devices (#2) 2021-03-21 07:36:11 -04:00			`wgportal "github.com/h44z/wg-portal"`
initial commit 2020-11-05 13:37:51 -05:00			`)`

			`func SetupRoutes(s *Server) {`
			`// Startpage`
			`s.server.GET("/", s.GetIndex)`
WIP: new user management and authentication system, use go 1.16 embed 2021-02-24 15:24:45 -05:00			`s.server.GET("/favicon.ico", func(c *gin.Context) {`
WIP: support for multiple WireGuard devices (#2) 2021-03-21 07:36:11 -04:00			`file, _ := wgportal.Statics.ReadFile("assets/img/favicon.ico")`
WIP: new user management and authentication system, use go 1.16 embed 2021-02-24 15:24:45 -05:00			`c.Data(`
			`http.StatusOK,`
			`"image/x-icon",`
			`file,`
			`)`
			`})`
initial commit 2020-11-05 13:37:51 -05:00
			`// Auth routes`
			`auth := s.server.Group("/auth")`
			`auth.GET("/login", s.GetLogin)`
			`auth.POST("/login", s.PostLogin)`
			`auth.GET("/logout", s.GetLogout)`

			`// Admin routes`
			`admin := s.server.Group("/admin")`
WIP: new user management and authentication system, use go 1.16 embed 2021-02-24 15:24:45 -05:00			`admin.Use(s.RequireAuthentication("admin"))`
initial commit 2020-11-05 13:37:51 -05:00			`admin.GET("/", s.GetAdminIndex)`
wip: create/update/... 2020-11-07 04:31:48 -05:00			`admin.GET("/device/edit", s.GetAdminEditInterface)`
			`admin.POST("/device/edit", s.PostAdminEditInterface)`
wip: cleanup 2020-11-10 03:31:02 -05:00			`admin.GET("/device/download", s.GetInterfaceConfig)`
support different interface types: client and server mode 2021-04-05 12:38:38 -04:00			`admin.GET("/device/write", s.GetSaveConfig)`
many small improvements 2020-11-10 16:23:05 -05:00			`admin.GET("/device/applyglobals", s.GetApplyGlobalConfig)`
wip: create/update/... 2020-11-07 04:31:48 -05:00			`admin.GET("/peer/edit", s.GetAdminEditPeer)`
			`admin.POST("/peer/edit", s.PostAdminEditPeer)`
			`admin.GET("/peer/create", s.GetAdminCreatePeer)`
			`admin.POST("/peer/create", s.PostAdminCreatePeer)`
wip: create/update/... 2020-11-07 14:32:25 -05:00			`admin.GET("/peer/createldap", s.GetAdminCreateLdapPeers)`
wip: create/update/... 2020-11-08 04:26:18 -05:00			`admin.POST("/peer/createldap", s.PostAdminCreateLdapPeers)`
wip: create/update/delete... 2020-11-09 05:17:19 -05:00			`admin.GET("/peer/delete", s.GetAdminDeletePeer)`
wip: cleanup 2020-11-10 03:31:02 -05:00			`admin.GET("/peer/download", s.GetPeerConfig)`
			`admin.GET("/peer/email", s.GetPeerConfigMail)`
initial commit 2020-11-05 13:37:51 -05:00
WIP: new user management and authentication system, use go 1.16 embed 2021-02-24 15:24:45 -05:00			`admin.GET("/users/", s.GetAdminUsersIndex)`
			`admin.GET("/users/create", s.GetAdminUsersCreate)`
			`admin.POST("/users/create", s.PostAdminUsersCreate)`
			`admin.GET("/users/edit", s.GetAdminUsersEdit)`
			`admin.POST("/users/edit", s.PostAdminUsersEdit)`

initial commit 2020-11-05 13:37:51 -05:00			`// User routes`
			`user := s.server.Group("/user")`
			`user.Use(s.RequireAuthentication("")) // empty scope = all logged in users`
wip: cleanup 2020-11-10 03:31:02 -05:00			`user.GET("/qrcode", s.GetPeerQRCode)`
wip: many small fixes and improvements... 2020-11-09 17:24:14 -05:00			`user.GET("/profile", s.GetUserIndex)`
wip: cleanup 2020-11-10 03:31:02 -05:00			`user.GET("/download", s.GetPeerConfig)`
			`user.GET("/email", s.GetPeerConfigMail)`
many small improvements 2020-11-10 16:23:05 -05:00			`user.GET("/status", s.GetPeerStatus)`
initial commit 2020-11-05 13:37:51 -05:00			`}`

			`func (s *Server) RequireAuthentication(scope string) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
WIP: new user management and authentication system, use go 1.16 embed 2021-02-24 15:24:45 -05:00			`session := GetSessionData(c)`
initial commit 2020-11-05 13:37:51 -05:00
			`if !session.LoggedIn {`
			`// Abort the request with the appropriate error code`
			`c.Abort()`
wip: cleanup 2020-11-10 03:31:02 -05:00			`c.Redirect(http.StatusSeeOther, "/auth/login?err=loginreq")`
initial commit 2020-11-05 13:37:51 -05:00			`return`
			`}`

WIP: new user management and authentication system, use go 1.16 embed 2021-02-24 15:24:45 -05:00			`if scope == "admin" && !session.IsAdmin {`
			`// Abort the request with the appropriate error code`
			`c.Abort()`
			`s.GetHandleError(c, http.StatusUnauthorized, "unauthorized", "not enough permissions")`
			`return`
			`}`

			`// default case if some randome scope was set...`
			`if scope != "" && !session.IsAdmin {`
initial commit 2020-11-05 13:37:51 -05:00			`// Abort the request with the appropriate error code`
			`c.Abort()`
wip: cleanup 2020-11-10 03:31:02 -05:00			`s.GetHandleError(c, http.StatusUnauthorized, "unauthorized", "not enough permissions")`
initial commit 2020-11-05 13:37:51 -05:00			`return`
			`}`

			`// Continue down the chain to handler etc`
			`c.Next()`
			`}`
			`}`