handlerware

package
v0.1.31 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 23, 2023 License: Apache-2.0 Imports: 16 Imported by: 6

Documentation

Index

Constants

View Source
const (
	// AdminGroup is the group name for an important group that grants admin privs.
	AdminGroup = "admin"
)

Variables

View Source
var (
	// CtxMakerCallback creates a context.Context as the app would like (i.e. with timeouts etc.)
	// The user can override this via their init() block, but the default isn't terrible.
	CtxMakerCallback = func(r *http.Request) context.Context {
		return r.Context()
	}
)
View Source
var (
	// RequireTls will redirect non-https URLs to the https equiv. Enabled by default.
	RequireTls = true
)
View Source
var (
	Templates *template.Template
)

Functions

func CreateSession

func CreateSession(ctx context.Context, w http.ResponseWriter, r *http.Request, sesh UserSession)

func GetTemplates

func GetTemplates(ctx context.Context) *template.Template

GetFoo: given a context, extracts the object (or panics; should not be optional). May return nil.

func InitGroup

func InitGroup(g, csvMembers string)

InitGroup will populate a particular group, given a CSV string of emails. The group `admin` is particularly important.

func InitSessionStore

func InitSessionStore(key, prevkey string)

InitSessionStore *must* be called in the caller's init() block.

func InitTemplates added in v0.1.12

func InitTemplates(templateDir string)

InitTemplates *must* be invoked by the caller. The single arg should contain a dir structure of template. It must be relative to the appengine module root, which is the git repo root. Setting this to a bad value, or where templates fail to parse, will cause a panic.

func IsInGroup

func IsInGroup(group, email string) bool

func IsTrustedRequest added in v0.1.17

func IsTrustedRequest(r *http.Request) bool

IsTrustedRequest checks whether the request came from a trusted source - i.e. some other appengine component or service. (see https://cloud.google.com/appengine/docs/flexible/nodejs/scheduling-jobs-with-cron-yaml#validating_cron_requests, https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_app_engine_task_request_headers)

func OverwriteSessionToNil

func OverwriteSessionToNil(ctx context.Context, w http.ResponseWriter, r *http.Request)

func ParseRecursive added in v0.1.15

func ParseRecursive(t *template.Template, dir string) *template.Template

ParseRecursive walks the directory structure, loading all the files it finds. Will panic on failure. Follows symlinks.

Types

type BaseHandler

type BaseHandler func(http.ResponseWriter, *http.Request)

func WithAdmin

func WithAdmin(ch ContextHandler) BaseHandler

WithAdmin ensures that the caller has admin privs - either by being a user in the AdminGroup, or by having a HTTP header that indicates the request came from a trusted part of our appengine world.

func WithCtx

func WithCtx(ch ContextHandler) BaseHandler

WithCtx is the outermost wrapper, which returns a BaseHandler suitable for http.HandleFunc; the rest of the handlerware works on ContextHandlers, and can be chained. This handler will enforce TLS if needed, create the context.Context, and inject the templates into that context, before calling whatever is next in the chain.

func WithGroup

func WithGroup(g string, ch ContextHandler) BaseHandler

WithGroup builds on WithSession; it also asserts that the user is a member of a particular group

func WithSession

func WithSession(ch ContextHandler) BaseHandler

WithSession is the primary piece of handlerware. It ensures a user is logged in, redirecting to a fallback handler if they're not. A usersession is built, and injected into the context.

type ContextHandler

type ContextHandler func(context.Context, http.ResponseWriter, *http.Request)
var (
	// CookieName is what the calling app wants its session token to be kept in.
	CookieName = "choc_chip"

	// NoSessionHandler is executed when the user doesn't have a session.
	NoSessionHandler ContextHandler
)

func EnsureAdmin

func EnsureAdmin(ch ContextHandler) ContextHandler

EnsureAdmin validates that the request has admin privileges, and runs the handler (or returns 401). Privileges are either that the user is logged in, and is an admin; or that the request came from an appengine cron job or a cloud tasks queue.

func EnsureGroup

func EnsureGroup(g string, ch ContextHandler) ContextHandler

EnsureGroup asserts that the user is logged in, and is a member of the specified group; if not, then 401.

func EnsureSession

func EnsureSession(ch ContextHandler) ContextHandler

EnsureSession checks that there is a user session, and if so runs the specified handler; else it runs the `NoSessionHandler` (which presumably starts a login flow). Adds some debug logging into a cookie, to try and illuminate how users end up without sessions.

func EnsureSessionOrFallback

func EnsureSessionOrFallback(ch, fallback ContextHandler) ContextHandler

EnsureSessionOrFallback lets the caller specify which contexthandler to run when the session is not found.

func WithoutCtx

func WithoutCtx(bh BaseHandler) ContextHandler

WithoutCtx lets us strip out the context, so we can wrap regular BaseHandlers. This is mostly just so internal cron URLs can be wrapped inside WithAdmin().

type CrumbTrail

type CrumbTrail struct {
	// contains filtered or unexported fields
}

func (*CrumbTrail) Add

func (ct *CrumbTrail) Add(c string)

func (CrumbTrail) String

func (ct CrumbTrail) String() string

type CtxMaker

type CtxMaker func(*http.Request) context.Context

type UserSession

type UserSession struct {
	Email     string    // case sensitive, sadly
	CreatedAt time.Time // when the user last went through the OAuth2 dance
}

Pretty much all handlers should expect to be able to pluck this object out of their Context; see handlerware.go

func GetUserSession

func GetUserSession(ctx context.Context) (UserSession, bool)

func (UserSession) IsAdmin

func (us UserSession) IsAdmin() bool

func (UserSession) IsEmpty

func (us UserSession) IsEmpty() bool

func (UserSession) IsInGroup

func (us UserSession) IsInGroup(g string) bool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL