diff --git a/plugin/remote/bitbucket/bitbucket.go b/plugin/remote/bitbucket/bitbucket.go index 21f7fb8f..a80a062a 100644 --- a/plugin/remote/bitbucket/bitbucket.go +++ b/plugin/remote/bitbucket/bitbucket.go @@ -43,7 +43,7 @@ func (r *Bitbucket) Authorize(res http.ResponseWriter, req *http.Request) (*mode RequestTokenURL: "https://bitbucket.org/api/1.0/oauth/request_token/", AuthorizationURL: "https://bitbucket.org/!api/1.0/oauth/authenticate", AccessTokenURL: "https://bitbucket.org/api/1.0/oauth/access_token/", - CallbackURL: httputil.GetScheme(req) + "://" + httputil.GetHost(req) + "/login/bitbucket.org", + CallbackURL: httputil.GetScheme(req) + "://" + httputil.GetHost(req) + "/api/auth/bitbucket.org", ConsumerKey: r.Client, ConsumerSecret: r.Secret, } diff --git a/plugin/remote/github/github.go b/plugin/remote/github/github.go index 73e6c1a8..63c2c8e4 100644 --- a/plugin/remote/github/github.go +++ b/plugin/remote/github/github.go @@ -59,7 +59,7 @@ func (r *GitHub) Authorize(res http.ResponseWriter, req *http.Request) (*model.L Scope: DefaultScope, AuthURL: fmt.Sprintf("%s/login/oauth/authorize", r.URL), TokenURL: fmt.Sprintf("%s/login/oauth/access_token", r.URL), - RedirectURL: fmt.Sprintf("%s/login/%s", httputil.GetURL(req), r.GetKind()), + RedirectURL: fmt.Sprintf("%s/api/auth/%s", httputil.GetURL(req), r.GetKind()), } // get the OAuth code diff --git a/server/app/index.html b/server/app/index.html index d29ec2dd..6e97fe66 100644 --- a/server/app/index.html +++ b/server/app/index.html @@ -13,14 +13,14 @@ - +
- - + +
@@ -31,25 +31,25 @@ - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + diff --git a/server/app/scripts/app.js b/server/app/scripts/app.js index 6db21490..c47b68ff 100644 --- a/server/app/scripts/app.js +++ b/server/app/scripts/app.js @@ -5,9 +5,10 @@ var app = angular.module('app', [ 'ui.filters' ]); + app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($routeProvider, $locationProvider, $httpProvider) { $routeProvider.when('/', { - templateUrl: '/views/home.html', + templateUrl: '/static/views/home.html', controller: 'HomeController', title: 'Dashboard', resolve: { @@ -17,31 +18,31 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/sync', { - templateUrl: '/views/sync.html', + templateUrl: '/static/views/sync.html', controller: 'SyncController', title: 'Sync' }) .when('/login', { - templateUrl: '/views/login.html', + templateUrl: '/static/views/login.html', controller: 'LoginController', title: 'Login', }) .when('/gitlab', { - templateUrl: '/views/login_gitlab.html', + templateUrl: '/static/views/login_gitlab.html', title: 'GitLab Login', }) .when('/setup', { - templateUrl: '/views/setup.html', + templateUrl: '/static/views/setup.html', controller: 'SetupController', title: 'Setup' }) .when('/setup/:remote', { - templateUrl: '/views/setup.html', + templateUrl: '/static/views/setup.html', controller: 'SetupController', title: 'Setup' }) .when('/account/profile', { - templateUrl: '/views/account.html', + templateUrl: '/static/views/account.html', controller: 'UserController', title: 'Profile', resolve: { @@ -51,7 +52,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/account/repos', { - templateUrl: '/views/repo_list.html', + templateUrl: '/static/views/repo_list.html', controller: 'AccountReposController', title: 'Repositories', resolve: { @@ -61,7 +62,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/admin/users/add', { - templateUrl: '/views/users_add.html', + templateUrl: '/static/views/users_add.html', controller: 'UserAddController', title: 'Add User', resolve: { @@ -71,7 +72,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/admin/users/:host/:login', { - templateUrl: '/views/users_edit.html', + templateUrl: '/static/views/users_edit.html', controller: 'UserEditController', title: 'Edit User', resolve: { @@ -81,7 +82,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/admin/users', { - templateUrl: '/views/users.html', + templateUrl: '/static/views/users.html', controller: 'UsersController', title: 'System Users', resolve: { @@ -91,7 +92,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/admin/settings', { - templateUrl: '/views/config.html', + templateUrl: '/static/views/config.html', controller: 'ConfigController', title: 'System Settings', resolve: { @@ -101,7 +102,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/:remote/:owner/:name/settings', { - templateUrl: '/views/repo_edit.html', + templateUrl: '/static/views/repo_edit.html', controller: 'RepoConfigController', title: 'Repository Settings', resolve: { @@ -111,7 +112,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/:remote/:owner/:name/:branch/:commit', { - templateUrl: '/views/commit.html', + templateUrl: '/static/views/commit.html', controller: 'CommitController', title: 'Recent Commits', resolve: { @@ -121,7 +122,7 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro } }) .when('/:remote/:owner/:name', { - templateUrl: '/views/repo.html', + templateUrl: '/static/views/repo.html', controller: 'RepoController', title: 'Recent Commits', resolve: { @@ -140,10 +141,26 @@ app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($ro // use the HTML5 History API $locationProvider.html5Mode(true); + // First, parse the query string + var params = {}, queryString = location.hash.substring(1), + regex = /([^&=]+)=([^&]*)/g, m; + while (m = regex.exec(queryString)) { + params[decodeURIComponent(m[1])] = decodeURIComponent(m[2]); + } + + + // if the user is authenticated we should add Basic + // auth token to each request. + if (params.access_token) { + $httpProvider.defaults.headers.common.Authorization = 'Bearer '+params.access_token; + window.history.replaceState( {} , document.title, '/sync' ); + } + + $httpProvider.interceptors.push(function($q, $location) { return { 'responseError': function(rejection) { - if (rejection.status == 401 && rejection.config.url != "/v1/user") { + if (rejection.status == 401 && rejection.config.url != "/api/user") { $location.path('/login'); } return $q.reject(rejection); @@ -179,7 +196,7 @@ app.controller("AccountReposController", function($scope, $http, user) { $scope.user = user; // get the user details - $http({method: 'GET', url: '/v1/user/repos'}). + $http({method: 'GET', url: '/api/user/repos'}). success(function(data, status, headers, config) { $scope.repos = (typeof data==='string')?[]:data; }). @@ -224,7 +241,7 @@ app.controller("CommitController", function($scope, $http, $routeParams, stdout, }); // load the repo meta-data - $http({method: 'GET', url: '/v1/repos/'+remote+'/'+owner+"/"+name}). + $http({method: 'GET', url: '/api/repos/'+remote+'/'+owner+"/"+name}). success(function(data, status, headers, config) { $scope.repo = data; }). @@ -233,12 +250,12 @@ app.controller("CommitController", function($scope, $http, $routeParams, stdout, }); // load the repo commit data - $http({method: 'GET', url: '/v1/repos/'+remote+'/'+owner+"/"+name+"/branches/"+branch+"/commits/"+commit}). + $http({method: 'GET', url: '/api/repos/'+remote+'/'+owner+"/"+name+"/branches/"+branch+"/commits/"+commit}). success(function(data, status, headers, config) { $scope.commit = data; if (data.status!='Started' && data.status!='Pending') { - $http({method: 'GET', url: '/v1/repos/'+remote+'/'+owner+"/"+name+"/branches/"+branch+"/commits/"+commit+"/console"}). + $http({method: 'GET', url: '/api/repos/'+remote+'/'+owner+"/"+name+"/branches/"+branch+"/commits/"+commit+"/console"}). success(function(data, status, headers, config) { var lineFormatter = new Drone.LineFormatter(); var el = document.querySelector('#output'); @@ -261,7 +278,7 @@ app.controller("CommitController", function($scope, $http, $routeParams, stdout, }); $scope.rebuildCommit = function() { - $http({method: 'POST', url: '/v1/repos/'+remote+'/'+owner+'/'+name+'/'+'branches/'+branch+'/'+'commits/'+commit+'/?action=rebuild' }) + $http({method: 'POST', url: '/api/repos/'+remote+'/'+owner+'/'+name+'/'+'branches/'+branch+'/'+'commits/'+commit+'/?action=rebuild' }) } diff --git a/server/app/scripts/controllers/home.js b/server/app/scripts/controllers/home.js index 84285f34..18d612ac 100644 --- a/server/app/scripts/controllers/home.js +++ b/server/app/scripts/controllers/home.js @@ -6,7 +6,7 @@ angular.module('app').controller("HomeController", function($scope, $http, feed) // todo toast notification }); - $http({method: 'GET', url: '/v1/user/feed'}). + $http({method: 'GET', url: '/api/user/feed'}). success(function(data, status, headers, config) { $scope.feed = (typeof data==='string')?[]:data; }). @@ -14,7 +14,7 @@ angular.module('app').controller("HomeController", function($scope, $http, feed) console.log(data); }); - $http({method: 'GET', url: '/v1/user/repos'}). + $http({method: 'GET', url: '/api/user/repos'}). success(function(data, status, headers, config) { $scope.repos = (typeof data==='string')?[]:data; }). diff --git a/server/app/scripts/controllers/repo.js b/server/app/scripts/controllers/repo.js index 0799ede3..34d16298 100644 --- a/server/app/scripts/controllers/repo.js +++ b/server/app/scripts/controllers/repo.js @@ -42,7 +42,7 @@ angular.module('app').controller("RepoController", function($scope, $http, $rout $scope.activate = function() { // request to create a new repository - $http({method: 'POST', url: '/v1/repos/'+repo.host+'/'+repo.owner+"/"+repo.name }). + $http({method: 'POST', url: '/api/repos/'+repo.host+'/'+repo.owner+"/"+repo.name }). success(function(data, status, headers, config) { $scope.repo = data; }). @@ -79,7 +79,7 @@ angular.module('app').controller("RepoConfigController", function($scope, $http, // load the repo meta-data // request admin details for the repository as well. - $http({method: 'GET', url: '/v1/repos/'+remote+'/'+owner+"/"+name+"?admin=1"}). + $http({method: 'GET', url: '/api/repos/'+remote+'/'+owner+"/"+name+"?admin=1"}). success(function(data, status, headers, config) { $scope.repo = data; }). @@ -89,7 +89,7 @@ angular.module('app').controller("RepoConfigController", function($scope, $http, $scope.save = function() { // request to create a new repository - $http({method: 'PUT', url: '/v1/repos/'+remote+'/'+owner+"/"+name, data: $scope.repo }). + $http({method: 'PUT', url: '/api/repos/'+remote+'/'+owner+"/"+name, data: $scope.repo }). success(function(data, status, headers, config) { delete $scope.failure; }). diff --git a/server/app/scripts/controllers/setup.js b/server/app/scripts/controllers/setup.js index b555dfe4..07469ad3 100644 --- a/server/app/scripts/controllers/setup.js +++ b/server/app/scripts/controllers/setup.js @@ -27,7 +27,7 @@ angular.module('app').controller("SetupController", function($scope, $http, $rou // todo(bradrydzewski) move this to the remote.js service. $scope.save = function() { // request to create a new repository - $http({method: 'POST', url: '/v1/remotes', data: $scope.remote }). + $http({method: 'POST', url: '/api/remotes', data: $scope.remote }). success(function(data, status, headers, config) { delete $scope.failure; $location.path("/login"); diff --git a/server/app/scripts/controllers/user.js b/server/app/scripts/controllers/user.js index 73f574a0..e8b5769c 100644 --- a/server/app/scripts/controllers/user.js +++ b/server/app/scripts/controllers/user.js @@ -5,7 +5,7 @@ angular.module('app').controller("UserController", function($scope, $http, user) $scope.account = user; // get the user details - $http({method: 'GET', url: '/v1/user'}). + $http({method: 'GET', url: '/api/user'}). success(function(data, status, headers, config) { $scope.user = data; $scope.userTemp = { @@ -19,7 +19,7 @@ angular.module('app').controller("UserController", function($scope, $http, user) $scope.save = function() { // request to create a new repository - $http({method: 'PUT', url: '/v1/user', data: $scope.userTemp }). + $http({method: 'PUT', url: '/api/user', data: $scope.userTemp }). success(function(data, status, headers, config) { delete $scope.failure; $scope.user = data; diff --git a/server/app/scripts/controllers/users.js b/server/app/scripts/controllers/users.js index 5f1fca84..74036382 100644 --- a/server/app/scripts/controllers/users.js +++ b/server/app/scripts/controllers/users.js @@ -4,7 +4,7 @@ angular.module('app').controller("UsersController", function($scope, $http, user $scope.user = user; - $http({method: 'GET', url: '/v1/users'}). + $http({method: 'GET', url: '/api/users'}). success(function(data, status, headers, config) { $scope.users = data; }). diff --git a/server/app/scripts/services/auth.js b/server/app/scripts/services/auth.js index 8aab0e7c..0c2b7ccd 100644 --- a/server/app/scripts/services/auth.js +++ b/server/app/scripts/services/auth.js @@ -16,7 +16,7 @@ angular.module('app').service('authService', function($q, $http) { } // else we need to fetch from the server - $http({method: 'GET', url: '/v1/user'}). + $http({method: 'GET', url: '/api/user'}). success(function(data) { _this.user=data; defer.resolve(_this.user); diff --git a/server/app/scripts/services/conf.js b/server/app/scripts/services/conf.js index 1e77094f..9b8b6ed3 100644 --- a/server/app/scripts/services/conf.js +++ b/server/app/scripts/services/conf.js @@ -4,7 +4,7 @@ angular.module('app').service('confService', function($q, $http) { return{ getConfig : function() { var defer = $q.defer(); - var route = '/v1/config'; + var route = '/api/config'; $http.get(route).success(function(data){ defer.resolve(data); }); diff --git a/server/app/scripts/services/feed.js b/server/app/scripts/services/feed.js index a12090cf..07cb1b77 100644 --- a/server/app/scripts/services/feed.js +++ b/server/app/scripts/services/feed.js @@ -3,7 +3,7 @@ angular.module('app').service('feed', ['$http', '$window', function($http, $window) { var proto = ($window.location.protocol == 'https:' ? 'wss' : 'ws'); - var route = [proto, "://", $window.location.host, '/ws/user'].join(''); + var route = [proto, "://", $window.location.host, '/api/stream/user'].join(''); var wsCallback = undefined; var ws = new WebSocket(route); diff --git a/server/app/scripts/services/remote.js b/server/app/scripts/services/remote.js index 21f6e08f..1ea07fff 100644 --- a/server/app/scripts/services/remote.js +++ b/server/app/scripts/services/remote.js @@ -4,10 +4,10 @@ angular.module('app').service('remotes', ['$http', function($http) { this.get = function() { - return $http.get('/v1/remotes'); + return $http.get('/api/remotes'); }; this.getLogins = function() { - return $http.get('/v1/logins'); + return $http.get('/api/logins'); }; }]); \ No newline at end of file diff --git a/server/app/scripts/services/repo.js b/server/app/scripts/services/repo.js index 924b96a3..3f842067 100644 --- a/server/app/scripts/services/repo.js +++ b/server/app/scripts/services/repo.js @@ -7,7 +7,7 @@ angular.module('app').service('repos', ['$q', '$http', function($q, $http) { // @deprecated this.getRepo = function(host, owner, name) { var defer = $q.defer(); - var route = '/v1/repos/'+host+'/'+owner+'/'+name; + var route = '/api/repos/'+host+'/'+owner+'/'+name; $http.get(route).success(function(data){ defer.resolve(data); }); @@ -16,30 +16,30 @@ angular.module('app').service('repos', ['$q', '$http', function($q, $http) { // Gets a repository by host, owner and name. this.get = function(host, owner, name) { - return $http.get('/v1/repos/'+host+'/'+owner+'/'+name); + return $http.get('/api/repos/'+host+'/'+owner+'/'+name); }; // Gets a repository by host, owner and name. this.feed = function(host, owner, name) { - return $http.get('/v1/repos/'+host+'/'+owner+'/'+name+'/feed'); + return $http.get('/api/repos/'+host+'/'+owner+'/'+name+'/feed'); }; // Updates an existing repository this.update = function(repo) { // todo(bradrydzewski) add repo to the request body - return $http.post('/v1/repos/'+repo.host+'/'+repo.owner+'/'+repo.name); + return $http.post('/api/repos/'+repo.host+'/'+repo.owner+'/'+repo.name); }; // Activates a repository on the backend, registering post-commit // hooks with the remote hosting service (ie github). this.activate = function(repo) { // todo(bradrydzewski) add repo to the request body - return $http.post('/v1/repos/'+repo.host+'/'+repo.owner+'/'+repo.name); + return $http.post('/api/repos/'+repo.host+'/'+repo.owner+'/'+repo.name); }; // Deactivate a repository sets the active flag to false, instructing // the system to ignore all post-commit hooks for the repository. this.deactivate = function(repo) { - return $http.delete('/v1/repos/'+repo.host+'/'+repo.owner+'/'+repo.name); + return $http.delete('/api/repos/'+repo.host+'/'+repo.owner+'/'+repo.name); }; }]); \ No newline at end of file diff --git a/server/app/scripts/services/stdout.js b/server/app/scripts/services/stdout.js index 72543ae5..32ae92b1 100644 --- a/server/app/scripts/services/stdout.js +++ b/server/app/scripts/services/stdout.js @@ -8,7 +8,7 @@ angular.module('app').service('stdout', ['$window', function($window) { callback = _callback; var proto = ($window.location.protocol == 'https:' ? 'wss' : 'ws'); - var route = [proto, "://", $window.location.host, '/ws/stdout/', path].join(''); + var route = [proto, "://", $window.location.host, '/api/feed/stdout/', path].join(''); websocket = new WebSocket(route); websocket.onmessage = function(event) { diff --git a/server/app/scripts/services/user.js b/server/app/scripts/services/user.js index 2938c919..2185b83e 100644 --- a/server/app/scripts/services/user.js +++ b/server/app/scripts/services/user.js @@ -2,15 +2,15 @@ angular.module('app').service('users', ['$http', function($http) { this.getCurrent = function() { - return $http.get('/v1/user'); + return $http.get('/api/user'); }; this.get = function(host, login) { - return $http.get('/v1/users/'+host+'/'+login); + return $http.get('/api/users/'+host+'/'+login); }; this.create = function(host, login) { - return $http.post('/v1/users/'+host+'/'+login); + return $http.post('/api/users/'+host+'/'+login); }; this.delete = function(host, login) { - return $http.delete('/v1/users/'+host+'/'+login); + return $http.delete('/api/users/'+host+'/'+login); }; }]); \ No newline at end of file diff --git a/server/app/views/login.html b/server/app/views/login.html index c02c74a1..b0f51c42 100644 --- a/server/app/views/login.html +++ b/server/app/views/login.html @@ -11,7 +11,7 @@ minor modifications to the style that only apply to this view
- + {{ remote.type | remoteName }} diff --git a/server/app/views/login_gitlab.html b/server/app/views/login_gitlab.html index c24d5387..c9892e50 100644 --- a/server/app/views/login_gitlab.html +++ b/server/app/views/login_gitlab.html @@ -9,7 +9,7 @@ minor modifications to the style that only apply to this view
-
+
diff --git a/server/handler/login.go b/server/handler/login.go index 04a22e41..90c757c0 100644 --- a/server/handler/login.go +++ b/server/handler/login.go @@ -1,6 +1,7 @@ package handler import ( + "encoding/json" "log" "net/http" "time" @@ -156,3 +157,20 @@ func GetLogin(c web.C, w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, redirect, http.StatusSeeOther) } + +// GetLoginList accepts a request to retrive a list of +// all OAuth login options. +// +// GET /api/remotes/login +// +func GetLoginList(c web.C, w http.ResponseWriter, r *http.Request) { + var list = remote.Registered() + var logins []interface{} + for _, item := range list { + logins = append(logins, struct { + Type string `json:"type"` + Host string `json:"host"` + }{item.GetKind(), item.GetHost()}) + } + json.NewEncoder(w).Encode(&logins) +} diff --git a/server/handler/worker.go b/server/handler/worker.go index 56fbe6f1..09e4d3cc 100644 --- a/server/handler/worker.go +++ b/server/handler/worker.go @@ -4,9 +4,9 @@ import ( "encoding/json" "net/http" - "github.com/drone/drone-dart/worker" - "github.com/drone/drone-dart/worker/director" - "github.com/drone/drone-dart/worker/pool" + "github.com/drone/drone/server/worker" + "github.com/drone/drone/server/worker/director" + "github.com/drone/drone/server/worker/pool" "github.com/goji/context" "github.com/zenazn/goji/web" ) diff --git a/server/main.go b/server/main.go index 3c158cab..e3a9257e 100644 --- a/server/main.go +++ b/server/main.go @@ -8,16 +8,12 @@ import ( "strings" "github.com/drone/config" - //"github.com/drone/drone/server/database" "github.com/drone/drone/server/handler" "github.com/drone/drone/server/middleware" - //"github.com/drone/drone/server/pubsub" - //"github.com/drone/drone/server/session" - //"github.com/drone/drone/server/worker" + "github.com/drone/drone/server/pubsub" "github.com/drone/drone/shared/build/log" - //"github.com/drone/drone/shared/model" - //"github.com/GeertJohan/go.rice" + "github.com/GeertJohan/go.rice" "code.google.com/p/go.net/context" webcontext "github.com/goji/context" @@ -66,6 +62,8 @@ var ( // director worker *director.Director + pub *pubsub.PubSub + nodes StringArr db *sql.DB @@ -105,6 +103,7 @@ func main() { workers.Allocate(docker.New()) worker = director.New() + pub = pubsub.NewPubSub() /* if nodes == nil || len(nodes) == 0 { worker.NewWorker(workerc, users, repos, commits, pubsub, &model.Server{}).Start() @@ -117,6 +116,7 @@ func main() { } */ + goji.Get("/api/logins", handler.GetLoginList) goji.Get("/api/stream/stdout/:id", handler.WsConsole) goji.Get("/api/stream/user", handler.WsUser) goji.Get("/api/auth/:host", handler.GetLogin) @@ -164,6 +164,14 @@ func main() { work.Get("/api/workers", handler.GetWorkers) goji.Handle("/api/work*", work) + // Include static resources + assets := rice.MustFindBox("app").HTTPBox() + assetserve := http.FileServer(rice.MustFindBox("app").HTTPBox()) + http.Handle("/static/", http.StripPrefix("/static", assetserve)) + goji.Get("/*", func(c web.C, w http.ResponseWriter, r *http.Request) { + w.Write(assets.MustBytes("index.html")) + }) + // Add middleware and serve goji.Use(ContextMiddleware) goji.Use(middleware.SetHeaders) @@ -187,6 +195,7 @@ func ContextMiddleware(c *web.C, h http.Handler) http.Handler { ctx = blobstore.NewContext(ctx, database.NewBlobstore(db)) ctx = pool.NewContext(ctx, workers) ctx = director.NewContext(ctx, worker) + ctx = pubsub.NewContext(ctx, pub) // add the context to the goji web context webcontext.Set(c, ctx) diff --git a/server/session/session.go b/server/session/session.go index ab31c5fc..924b0d69 100644 --- a/server/session/session.go +++ b/server/session/session.go @@ -1,6 +1,7 @@ package session import ( + "fmt" "net/http" "time" @@ -19,14 +20,13 @@ var secret = securecookie.GenerateRandomKey(32) // http.Request. The user details will be stored as either // a simple API token or JWT bearer token. func GetUser(c context.Context, r *http.Request) *model.User { - var token = r.FormValue("access_token") switch { - case len(token) == 0: - return nil - case len(token) == 32: + case r.Header.Get("Authorization") != "": + return getUserBearer(c, r) + case r.FormValue("access_token") != "": return getUserToken(c, r) default: - return getUserBearer(c, r) + return nil } } @@ -52,17 +52,20 @@ func getUserToken(c context.Context, r *http.Request) *model.User { // getUserBearer gets the currently authenticated user for the given // bearer token (JWT) func getUserBearer(c context.Context, r *http.Request) *model.User { - var tokenstr = r.FormValue("access_token") + var tokenstr = r.Header.Get("Authorization") + fmt.Sscanf(tokenstr, "Bearer %s", &tokenstr) + var token, err = jwt.Parse(tokenstr, func(t *jwt.Token) (interface{}, error) { return secret, nil }) - if err != nil || token.Valid { + if err != nil || !token.Valid { + println("invalid token") return nil } - var userid, ok = token.Claims["user_id"].(int64) + var userid, ok = token.Claims["user_id"].(float64) if !ok { return nil } - var user, _ = datastore.GetUser(c, userid) + var user, _ = datastore.GetUser(c, int64(userid)) return user }