mirror of
https://github.com/aljazceru/satdress.git
synced 2025-12-17 05:24:20 +01:00
Allow multiple comma-separated domains
This commit is contained in:
Gregor Pogacnik
42
api.go
42
api.go
@@ -18,6 +18,7 @@ type Response struct {
|
||||
|
||||
type SuccessClaim struct {
|
||||
Name string `json:"name"`
|
||||
Domain string `json:"domain"`
|
||||
PIN string `json:"pin"`
|
||||
Invoice string `json:"invoice"`
|
||||
}
|
||||
@@ -25,7 +26,7 @@ type SuccessClaim struct {
|
||||
// not authenticated, if correct pin is provided call returns the SuccessClaim
|
||||
func ClaimAddress(w http.ResponseWriter, r *http.Request) {
|
||||
params := parseParams(r)
|
||||
pin, inv, err := SaveName(params.Name, params, params.Pin)
|
||||
pin, inv, err := SaveName(params.Name, params.Domain, params, params.Pin)
|
||||
if err != nil {
|
||||
sendError(w, 400, "could not register name: %s", err.Error())
|
||||
return
|
||||
@@ -33,8 +34,8 @@ func ClaimAddress(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
response := Response{
|
||||
Ok: true,
|
||||
Message: fmt.Sprintf("claimed %v@%v", params.Name, s.Domain),
|
||||
Data: SuccessClaim{params.Name, pin, inv},
|
||||
Message: fmt.Sprintf("claimed %v@%v", params.Name, params.Domain),
|
||||
Data: SuccessClaim{params.Name, params.Domain, pin, inv},
|
||||
}
|
||||
|
||||
// TODO: middleware for responses that adds this header
|
||||
@@ -45,18 +46,19 @@ func ClaimAddress(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
func GetUser(w http.ResponseWriter, r *http.Request) {
|
||||
name := mux.Vars(r)["name"]
|
||||
params, err := GetName(name)
|
||||
domain := mux.Vars(r)["domain"]
|
||||
params, err := GetName(name, domain)
|
||||
if err != nil {
|
||||
sendError(w, 400, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// add pin to response because sometimes not saved in database; after first call to /api/v1/claim
|
||||
params.Pin = ComputePIN(name)
|
||||
params.Pin = ComputePIN(name, domain)
|
||||
|
||||
response := Response{
|
||||
Ok: true,
|
||||
Message: fmt.Sprintf("%v@%v found", params.Name, s.Domain),
|
||||
Message: fmt.Sprintf("%v@%v found", params.Name, domain),
|
||||
Data: params,
|
||||
}
|
||||
|
||||
@@ -68,6 +70,7 @@ func GetUser(w http.ResponseWriter, r *http.Request) {
|
||||
func UpdateUser(w http.ResponseWriter, r *http.Request) {
|
||||
params := parseParams(r)
|
||||
name := mux.Vars(r)["name"]
|
||||
domain := mux.Vars(r)["domain"]
|
||||
|
||||
// if pin not in json request body get it from header
|
||||
if params.Pin == "" {
|
||||
@@ -75,12 +78,12 @@ func UpdateUser(w http.ResponseWriter, r *http.Request) {
|
||||
params.Pin = r.Header.Get("X-Pin")
|
||||
}
|
||||
|
||||
if _, _, err := SaveName(name, params, params.Pin); err != nil {
|
||||
if _, _, err := SaveName(name, domain, params, params.Pin); err != nil {
|
||||
sendError(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
updatedParams, err := GetName(name)
|
||||
updatedParams, err := GetName(name, domain)
|
||||
if err != nil {
|
||||
sendError(w, 500, err.Error())
|
||||
return
|
||||
@@ -89,7 +92,7 @@ func UpdateUser(w http.ResponseWriter, r *http.Request) {
|
||||
// return the updated values or just http.StatusCreated?
|
||||
response := Response{
|
||||
Ok: true,
|
||||
Message: fmt.Sprintf("updated %v@%v parameters", params.Name, s.Domain),
|
||||
Message: fmt.Sprintf("updated %v@%v parameters", params.Name, domain),
|
||||
Data: updatedParams,
|
||||
}
|
||||
|
||||
@@ -100,14 +103,15 @@ func UpdateUser(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
func DeleteUser(w http.ResponseWriter, r *http.Request) {
|
||||
name := mux.Vars(r)["name"]
|
||||
if err := DeleteName(name); err != nil {
|
||||
domain := mux.Vars(r)["domain"]
|
||||
if err := DeleteName(name, domain); err != nil {
|
||||
sendError(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
response := Response{
|
||||
Ok: true,
|
||||
Message: fmt.Sprintf("deleted %v@%v", name, s.Domain),
|
||||
Message: fmt.Sprintf("deleted %v@%v", name, domain),
|
||||
Data: nil,
|
||||
}
|
||||
|
||||
@@ -119,6 +123,20 @@ func DeleteUser(w http.ResponseWriter, r *http.Request) {
|
||||
// authentication middleware
|
||||
func authenticate(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
// check domain
|
||||
domain := mux.Vars(r)["domain"]
|
||||
available := getDomains(s.Domain)
|
||||
found := false
|
||||
for _, one := range available {
|
||||
if one == domain {
|
||||
found = true
|
||||
}
|
||||
}
|
||||
if !found {
|
||||
sendError(w, 400, "could not use domain: %s", domain)
|
||||
return
|
||||
}
|
||||
|
||||
// exempt /claim from authentication check;
|
||||
if strings.HasPrefix(r.URL.Path, "/api/v1/claim") {
|
||||
next.ServeHTTP(w, r)
|
||||
@@ -136,7 +154,7 @@ func authenticate(next http.Handler) http.Handler {
|
||||
providedPin = parseParams(r).Pin
|
||||
}
|
||||
|
||||
if providedPin != ComputePIN(name) {
|
||||
if providedPin != ComputePIN(name, domain) {
|
||||
err = fmt.Errorf("wrong pin")
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user