violet/servers/api.go

package servers

import (
	"github.com/MrMelon54/mjwt"
	"github.com/MrMelon54/mjwt/auth"
	"github.com/MrMelon54/violet/utils"
	"github.com/julienschmidt/httprouter"
	"net/http"
	"time"
)

// NewApiServer creates and runs a http server containing all the API
// endpoints for the software
//
// `/compile` - reloads all domains, routes and redirects
func NewApiServer(conf *Conf, compileTarget utils.MultiCompilable) *http.Server {
	r := httprouter.New()

	// Endpoint for compile action
	r.POST("/compile", func(rw http.ResponseWriter, req *http.Request, _ httprouter.Params) {
		if !hasPerms(conf.Verify, req, "violet:compile") {
			utils.RespondHttpStatus(rw, http.StatusForbidden)
			return
		}

		// Trigger the compile action
		compileTarget.Compile()
		rw.WriteHeader(http.StatusAccepted)
	})

	// Endpoint for domains
	r.PUT("/domain/:domain", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
		if !hasPerms(conf.Verify, req, "violet:domains") {
			utils.RespondHttpStatus(rw, http.StatusForbidden)
			return
		}

		// add domain with active state
		q := req.URL.Query()
		conf.Domains.Put(params.ByName("domain"), q.Get("active") == "1")
		conf.Domains.Compile()
	})
	r.DELETE("/domain/:domain", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
		if !hasPerms(conf.Verify, req, "violet:domains") {
			utils.RespondHttpStatus(rw, http.StatusForbidden)
			return
		}

		// add domain with active state
		q := req.URL.Query()
		conf.Domains.Put(params.ByName("domain"), q.Get("active") == "1")
		conf.Domains.Compile()
	})

	// Endpoint for acme-challenge
	r.PUT("/acme-challenge/:domain/:key/:value", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
		if !hasPerms(conf.Verify, req, "violet:acme-challenge") {
			utils.RespondHttpStatus(rw, http.StatusForbidden)
			return
		}
		domain := params.ByName("domain")
		if !conf.Domains.IsValid(domain) {
			utils.RespondVioletError(rw, http.StatusBadRequest, "Invalid ACME challenge domain")
			return
		}
		conf.Acme.Put(domain, params.ByName("key"), params.ByName("value"))
		rw.WriteHeader(http.StatusAccepted)
	})
	r.DELETE("/acme-challenge/:domain/:key", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
		if !hasPerms(conf.Verify, req, "violet:acme-challenge") {
			utils.RespondHttpStatus(rw, http.StatusForbidden)
			return
		}
		domain := params.ByName("domain")
		if !conf.Domains.IsValid(domain) {
			utils.RespondVioletError(rw, http.StatusBadRequest, "Invalid ACME challenge domain")
			return
		}
		conf.Acme.Delete(domain, params.ByName("key"))
		rw.WriteHeader(http.StatusAccepted)
	})

	// Create and run http server
	return &http.Server{
		Addr:              conf.ApiListen,
		Handler:           r,
		ReadTimeout:       time.Minute,
		ReadHeaderTimeout: time.Minute,
		WriteTimeout:      time.Minute,
		IdleTimeout:       time.Minute,
		MaxHeaderBytes:    2500,
	}
}

func hasPerms(verify mjwt.Verifier, req *http.Request, perm string) bool {
	// Get bearer token
	bearer := utils.GetBearer(req)
	if bearer == "" {
		return false
	}

	// Read claims from mjwt
	_, b, err := mjwt.ExtractClaims[auth.AccessTokenClaims](verify, bearer)
	if err != nil {
		return false
	}

	// Token must have perm
	return b.Claims.Perms.Has(perm)
}
Start writing main function 2023-04-21 03:21:46 +01:00			`package servers`

			`import (`
Add wildcard route test and update certgen library 2023-06-19 16:27:36 +01:00			`"github.com/MrMelon54/mjwt"`
			`"github.com/MrMelon54/mjwt/auth"`
Start writing main function 2023-04-21 03:21:46 +01:00			`"github.com/MrMelon54/violet/utils"`
			`"github.com/julienschmidt/httprouter"`
			`"net/http"`
			`"time"`
			`)`

Add database reading to domains list 2023-04-21 15:49:01 +01:00			`// NewApiServer creates and runs a http server containing all the API`
			`// endpoints for the software`
Start writing main function 2023-04-21 03:21:46 +01:00			`//`
Add database reading to domains list 2023-04-21 15:49:01 +01:00			// `/compile` - reloads all domains, routes and redirects
Create tables and load favicons 2023-04-22 22:18:39 +01:00			`func NewApiServer(conf Conf, compileTarget utils.MultiCompilable) http.Server {`
Start writing main function 2023-04-21 03:21:46 +01:00			`r := httprouter.New()`

Add database reading to domains list 2023-04-21 15:49:01 +01:00			`// Endpoint for compile action`
Start writing main function 2023-04-21 03:21:46 +01:00			`r.POST("/compile", func(rw http.ResponseWriter, req *http.Request, _ httprouter.Params) {`
Write lots of tests 2023-06-04 22:28:48 +01:00			`if !hasPerms(conf.Verify, req, "violet:compile") {`
Start writing main function 2023-04-21 03:21:46 +01:00			`utils.RespondHttpStatus(rw, http.StatusForbidden)`
			`return`
			`}`

Write lots of tests 2023-06-04 22:28:48 +01:00			`// Trigger the compile action`
			`compileTarget.Compile()`
			`rw.WriteHeader(http.StatusAccepted)`
			`})`

Rework compilable system with the rescheduler library 2023-06-20 16:48:04 +01:00			`// Endpoint for domains`
			`r.PUT("/domain/:domain", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {`
			`if !hasPerms(conf.Verify, req, "violet:domains") {`
			`utils.RespondHttpStatus(rw, http.StatusForbidden)`
			`return`
			`}`

			`// add domain with active state`
			`q := req.URL.Query()`
			`conf.Domains.Put(params.ByName("domain"), q.Get("active") == "1")`
Add domains compile after put and delete api call 2023-06-20 16:59:39 +01:00			`conf.Domains.Compile()`
Rework compilable system with the rescheduler library 2023-06-20 16:48:04 +01:00			`})`
			`r.DELETE("/domain/:domain", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {`
			`if !hasPerms(conf.Verify, req, "violet:domains") {`
			`utils.RespondHttpStatus(rw, http.StatusForbidden)`
			`return`
			`}`

			`// add domain with active state`
			`q := req.URL.Query()`
			`conf.Domains.Put(params.ByName("domain"), q.Get("active") == "1")`
Add domains compile after put and delete api call 2023-06-20 16:59:39 +01:00			`conf.Domains.Compile()`
Rework compilable system with the rescheduler library 2023-06-20 16:48:04 +01:00			`})`

Write lots of tests 2023-06-04 22:28:48 +01:00			`// Endpoint for acme-challenge`
			`r.PUT("/acme-challenge/:domain/:key/:value", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {`
			`if !hasPerms(conf.Verify, req, "violet:acme-challenge") {`
Start writing main function 2023-04-21 03:21:46 +01:00			`utils.RespondHttpStatus(rw, http.StatusForbidden)`
			`return`
			`}`
Write lots of tests 2023-06-04 22:28:48 +01:00			`domain := params.ByName("domain")`
			`if !conf.Domains.IsValid(domain) {`
			`utils.RespondVioletError(rw, http.StatusBadRequest, "Invalid ACME challenge domain")`
			`return`
			`}`
			`conf.Acme.Put(domain, params.ByName("key"), params.ByName("value"))`
			`rw.WriteHeader(http.StatusAccepted)`
			`})`
			`r.DELETE("/acme-challenge/:domain/:key", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {`
			`if !hasPerms(conf.Verify, req, "violet:acme-challenge") {`
Start writing main function 2023-04-21 03:21:46 +01:00			`utils.RespondHttpStatus(rw, http.StatusForbidden)`
			`return`
			`}`
Write lots of tests 2023-06-04 22:28:48 +01:00			`domain := params.ByName("domain")`
			`if !conf.Domains.IsValid(domain) {`
			`utils.RespondVioletError(rw, http.StatusBadRequest, "Invalid ACME challenge domain")`
			`return`
			`}`
			`conf.Acme.Delete(domain, params.ByName("key"))`
Start writing main function 2023-04-21 03:21:46 +01:00			`rw.WriteHeader(http.StatusAccepted)`
			`})`

			`// Create and run http server`
Write lots of tests 2023-06-04 22:28:48 +01:00			`return &http.Server{`
Comments! 2023-04-24 01:35:23 +01:00			`Addr: conf.ApiListen,`
Start writing main function 2023-04-21 03:21:46 +01:00			`Handler: r,`
			`ReadTimeout: time.Minute,`
			`ReadHeaderTimeout: time.Minute,`
			`WriteTimeout: time.Minute,`
			`IdleTimeout: time.Minute,`
			`MaxHeaderBytes: 2500,`
			`}`
Write lots of tests 2023-06-04 22:28:48 +01:00			`}`

Add wildcard route test and update certgen library 2023-06-19 16:27:36 +01:00			`func hasPerms(verify mjwt.Verifier, req *http.Request, perm string) bool {`
Write lots of tests 2023-06-04 22:28:48 +01:00			`// Get bearer token`
			`bearer := utils.GetBearer(req)`
			`if bearer == "" {`
			`return false`
			`}`

			`// Read claims from mjwt`
			`_, b, err := mjwt.ExtractClaims[auth.AccessTokenClaims](verify, bearer)`
			`if err != nil {`
			`return false`
			`}`

			`// Token must have perm`
			`return b.Claims.Perms.Has(perm)`
Start writing main function 2023-04-21 03:21:46 +01:00			`}`