r.Route before r.Use
This commit is contained in:
parent
7dff34e6e3
commit
6810c6f86d
|
|
@ -29,11 +29,14 @@ var presenters = make(chan *Challenge)
|
||||||
var cleanups = make(chan *Challenge)
|
var cleanups = make(chan *Challenge)
|
||||||
|
|
||||||
func RouteStatic(r chi.Router) chi.Router {
|
func RouteStatic(r chi.Router) chi.Router {
|
||||||
r.Use(middleware.Logger)
|
r.Route("/", func(r chi.Router) {
|
||||||
r.Use(middleware.Timeout(15 * time.Second))
|
|
||||||
r.Use(middleware.Recoverer)
|
|
||||||
|
|
||||||
r.Get("/.well-known/acme-challenge/{token}", getACMEChallenges)
|
r.Use(middleware.Logger)
|
||||||
|
r.Use(middleware.Timeout(15 * time.Second))
|
||||||
|
r.Use(middleware.Recoverer)
|
||||||
|
|
||||||
|
r.Get("/.well-known/acme-challenge/{token}", getACMEChallenges)
|
||||||
|
})
|
||||||
|
|
||||||
return r
|
return r
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -29,90 +29,94 @@ func RouteAdmin(authURL string, r chi.Router) {
|
||||||
|
|
||||||
authorizer = NewAuthorizer(authURL)
|
authorizer = NewAuthorizer(authURL)
|
||||||
|
|
||||||
r.Use(middleware.Logger)
|
r.Route("/", func(r chi.Router) {
|
||||||
//r.Use(middleware.Timeout(120 * time.Second))
|
r.Use(middleware.Logger)
|
||||||
r.Use(middleware.Recoverer)
|
//r.Use(middleware.Timeout(120 * time.Second))
|
||||||
|
r.Use(middleware.Recoverer)
|
||||||
|
|
||||||
r.Use(func(next http.Handler) http.Handler {
|
/*
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
r.Use(func(next http.Handler) http.Handler {
|
||||||
next.ServeHTTP(w, r)
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
})
|
next.ServeHTTP(w, r)
|
||||||
})
|
})
|
||||||
|
|
||||||
r.Mount("/ws", http.HandlerFunc(upgradeWebsocket))
|
|
||||||
|
|
||||||
r.HandleFunc("/api/ping", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
||||||
if dbg.Debug {
|
|
||||||
fmt.Fprintf(os.Stderr, "[debug] hit /api/ping and replying\n")
|
|
||||||
}
|
|
||||||
w.Header().Set("Content-Type", "application/json")
|
|
||||||
w.Write(apiPingContent)
|
|
||||||
}))
|
|
||||||
|
|
||||||
parsedAuthURL, err := url.Parse(authURL)
|
|
||||||
if nil != err {
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
proxyHandler := httputil.NewSingleHostReverseProxy(parsedAuthURL)
|
|
||||||
proxyHandleFunc := func(w http.ResponseWriter, r *http.Request) {
|
|
||||||
r.URL.Path = strings.TrimPrefix(r.URL.Path, "/api")
|
|
||||||
proxyHandler.ServeHTTP(w, r)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Proxy mgmt server Registration & Authentication
|
|
||||||
r.Get("/api/inspect", proxyHandleFunc)
|
|
||||||
r.Post("/api/register-device", proxyHandleFunc)
|
|
||||||
r.Post("/api/register-device/*", proxyHandleFunc)
|
|
||||||
|
|
||||||
// Proxy mgmt server ACME DNS 01 Challenges
|
|
||||||
r.Get("/api/dns/*", proxyHandleFunc)
|
|
||||||
r.Post("/api/dns/*", proxyHandleFunc)
|
|
||||||
r.Delete("/api/dns/*", proxyHandleFunc)
|
|
||||||
r.Get("/api/http/*", proxyHandleFunc)
|
|
||||||
r.Post("/api/http/*", proxyHandleFunc)
|
|
||||||
r.Delete("/api/http/*", proxyHandleFunc)
|
|
||||||
r.Get("/api/acme-relay/*", proxyHandleFunc)
|
|
||||||
r.Post("/api/acme-relay/*", proxyHandleFunc)
|
|
||||||
r.Delete("/api/acme-relay/*", proxyHandleFunc)
|
|
||||||
|
|
||||||
r.Route("/api", func(r chi.Router) {
|
|
||||||
// TODO token needs a globally unique subject
|
|
||||||
|
|
||||||
r.Use(func(next http.Handler) http.Handler {
|
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
||||||
w.Header().Set("Content-Type", "application/json")
|
|
||||||
grants, err := authorizer(r)
|
|
||||||
if nil != err {
|
|
||||||
log.Println("authorization failed", err)
|
|
||||||
w.Write(apiNotAuthorizedContent)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO define Admins in a better way
|
|
||||||
if "*" != grants.Subject {
|
|
||||||
log.Println("only admins allowed", err)
|
|
||||||
w.Write(apiNotAuthorizedContent)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
next.ServeHTTP(w, r)
|
|
||||||
})
|
})
|
||||||
|
*/
|
||||||
|
|
||||||
|
r.Mount("/ws", http.HandlerFunc(upgradeWebsocket))
|
||||||
|
|
||||||
|
r.HandleFunc("/api/ping", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
if dbg.Debug {
|
||||||
|
fmt.Fprintf(os.Stderr, "[debug] hit /api/ping and replying\n")
|
||||||
|
}
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
w.Write(apiPingContent)
|
||||||
|
}))
|
||||||
|
|
||||||
|
parsedAuthURL, err := url.Parse(authURL)
|
||||||
|
if nil != err {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
proxyHandler := httputil.NewSingleHostReverseProxy(parsedAuthURL)
|
||||||
|
proxyHandleFunc := func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
r.URL.Path = strings.TrimPrefix(r.URL.Path, "/api")
|
||||||
|
proxyHandler.ServeHTTP(w, r)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Proxy mgmt server Registration & Authentication
|
||||||
|
r.Get("/api/inspect", proxyHandleFunc)
|
||||||
|
r.Post("/api/register-device", proxyHandleFunc)
|
||||||
|
r.Post("/api/register-device/*", proxyHandleFunc)
|
||||||
|
|
||||||
|
// Proxy mgmt server ACME DNS 01 Challenges
|
||||||
|
r.Get("/api/dns/*", proxyHandleFunc)
|
||||||
|
r.Post("/api/dns/*", proxyHandleFunc)
|
||||||
|
r.Delete("/api/dns/*", proxyHandleFunc)
|
||||||
|
r.Get("/api/http/*", proxyHandleFunc)
|
||||||
|
r.Post("/api/http/*", proxyHandleFunc)
|
||||||
|
r.Delete("/api/http/*", proxyHandleFunc)
|
||||||
|
r.Get("/api/acme-relay/*", proxyHandleFunc)
|
||||||
|
r.Post("/api/acme-relay/*", proxyHandleFunc)
|
||||||
|
r.Delete("/api/acme-relay/*", proxyHandleFunc)
|
||||||
|
|
||||||
|
r.Route("/api", func(r chi.Router) {
|
||||||
|
// TODO token needs a globally unique subject
|
||||||
|
|
||||||
|
r.Use(func(next http.Handler) http.Handler {
|
||||||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
grants, err := authorizer(r)
|
||||||
|
if nil != err {
|
||||||
|
log.Println("authorization failed", err)
|
||||||
|
w.Write(apiNotAuthorizedContent)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO define Admins in a better way
|
||||||
|
if "*" != grants.Subject {
|
||||||
|
log.Println("only admins allowed", err)
|
||||||
|
w.Write(apiNotAuthorizedContent)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
next.ServeHTTP(w, r)
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
r.Get("/subscribers", getAllSubscribers)
|
||||||
|
r.Get("/subscribers/{subject}", getSubscribers)
|
||||||
|
r.Delete("/subscribers/{subject}", delSubscribers)
|
||||||
|
r.NotFound(apiNotFoundHandler)
|
||||||
})
|
})
|
||||||
|
|
||||||
r.Get("/subscribers", getAllSubscribers)
|
adminUI := http.FileServer(admin.AdminFS)
|
||||||
r.Get("/subscribers/{subject}", getSubscribers)
|
r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
|
||||||
r.Delete("/subscribers/{subject}", delSubscribers)
|
//rctx := chi.RouteContext(r.Context())
|
||||||
r.NotFound(apiNotFoundHandler)
|
//pathPrefix := strings.TrimSuffix(rctx.RoutePattern(), "/*")
|
||||||
})
|
//fs := http.StripPrefix(pathPrefix, http.FileServer(root))
|
||||||
|
fmt.Println("Request Path:", r.URL.Path)
|
||||||
adminUI := http.FileServer(admin.AdminFS)
|
adminUI.ServeHTTP(w, r)
|
||||||
r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
|
})
|
||||||
//rctx := chi.RouteContext(r.Context())
|
|
||||||
//pathPrefix := strings.TrimSuffix(rctx.RoutePattern(), "/*")
|
|
||||||
//fs := http.StripPrefix(pathPrefix, http.FileServer(root))
|
|
||||||
fmt.Println("Request Path:", r.URL.Path)
|
|
||||||
adminUI.ServeHTTP(w, r)
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue