2022-08-30 02:30:36 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
|
|
"github.com/go-chi/chi/v5/middleware"
|
2022-09-24 19:33:38 +00:00
|
|
|
"github.com/hay-kot/homebox/backend/internal/config"
|
|
|
|
"github.com/hay-kot/homebox/backend/internal/services"
|
|
|
|
"github.com/hay-kot/homebox/backend/pkgs/server"
|
2022-09-03 18:38:35 +00:00
|
|
|
"github.com/rs/zerolog/log"
|
2022-08-30 02:30:36 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func (a *app) setGlobalMiddleware(r *chi.Mux) {
|
|
|
|
// =========================================================================
|
|
|
|
// Middleware
|
|
|
|
r.Use(middleware.RequestID)
|
|
|
|
r.Use(middleware.RealIP)
|
|
|
|
r.Use(mwStripTrailingSlash)
|
|
|
|
|
|
|
|
// Use struct logger in production for requests, but use
|
|
|
|
// pretty console logger in development.
|
|
|
|
if a.conf.Mode == config.ModeDevelopment {
|
2022-09-03 18:38:35 +00:00
|
|
|
r.Use(a.mwSummaryLogger)
|
2022-08-30 02:30:36 +00:00
|
|
|
} else {
|
|
|
|
r.Use(a.mwStructLogger)
|
|
|
|
}
|
|
|
|
r.Use(middleware.Recoverer)
|
|
|
|
|
|
|
|
// Set a timeout value on the request context (ctx), that will signal
|
|
|
|
// through ctx.Done() that the request has timed out and further
|
|
|
|
// processing should be stopped.
|
|
|
|
r.Use(middleware.Timeout(60 * time.Second))
|
|
|
|
}
|
|
|
|
|
|
|
|
// mwAuthToken is a middleware that will check the database for a stateful token
|
|
|
|
// and attach it to the request context with the user, or return a 401 if it doesn't exist.
|
|
|
|
func (a *app) mwAuthToken(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
requestToken := r.Header.Get("Authorization")
|
|
|
|
|
|
|
|
if requestToken == "" {
|
|
|
|
server.RespondUnauthorized(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
requestToken = strings.TrimPrefix(requestToken, "Bearer ")
|
2022-08-31 02:11:23 +00:00
|
|
|
usr, err := a.services.User.GetSelf(r.Context(), requestToken)
|
2022-08-30 02:30:36 +00:00
|
|
|
|
|
|
|
// Check the database for the token
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
server.RespondUnauthorized(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-08-30 18:05:11 +00:00
|
|
|
r = r.WithContext(services.SetUserCtx(r.Context(), usr, requestToken))
|
2022-08-30 02:30:36 +00:00
|
|
|
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
// mwAdminOnly is a middleware that extends the mwAuthToken middleware to only allow
|
|
|
|
// requests from superusers.
|
2022-09-03 18:40:25 +00:00
|
|
|
// func (a *app) mwAdminOnly(next http.Handler) http.Handler {
|
|
|
|
// mw := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// usr := services.UseUserCtx(r.Context())
|
|
|
|
|
|
|
|
// if !usr.IsSuperuser {
|
|
|
|
// server.RespondUnauthorized(w)
|
|
|
|
// return
|
|
|
|
// }
|
|
|
|
|
|
|
|
// next.ServeHTTP(w, r)
|
|
|
|
// })
|
|
|
|
// return a.mwAuthToken(mw)
|
|
|
|
// }
|
2022-08-30 02:30:36 +00:00
|
|
|
|
|
|
|
// mqStripTrailingSlash is a middleware that will strip trailing slashes from the request path.
|
|
|
|
func mwStripTrailingSlash(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
r.URL.Path = strings.TrimSuffix(r.URL.Path, "/")
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2022-09-04 06:19:13 +00:00
|
|
|
type StatusRecorder struct {
|
|
|
|
http.ResponseWriter
|
|
|
|
Status int
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *StatusRecorder) WriteHeader(status int) {
|
|
|
|
r.Status = status
|
|
|
|
r.ResponseWriter.WriteHeader(status)
|
|
|
|
}
|
|
|
|
|
2022-08-30 02:30:36 +00:00
|
|
|
func (a *app) mwStructLogger(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2022-09-04 06:19:13 +00:00
|
|
|
record := &StatusRecorder{ResponseWriter: w, Status: http.StatusOK}
|
|
|
|
next.ServeHTTP(record, r)
|
|
|
|
|
2022-08-30 02:30:36 +00:00
|
|
|
scheme := "http"
|
|
|
|
if r.TLS != nil {
|
|
|
|
scheme = "https"
|
|
|
|
}
|
|
|
|
|
|
|
|
url := fmt.Sprintf("%s://%s%s %s", scheme, r.Host, r.RequestURI, r.Proto)
|
|
|
|
|
2022-09-03 18:38:35 +00:00
|
|
|
log.Info().
|
|
|
|
Str("id", middleware.GetReqID(r.Context())).
|
|
|
|
Str("url", url).
|
|
|
|
Str("method", r.Method).
|
|
|
|
Str("remote_addr", r.RemoteAddr).
|
2022-09-04 06:19:13 +00:00
|
|
|
Int("status", record.Status).
|
|
|
|
Msg(url)
|
2022-09-03 18:38:35 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *app) mwSummaryLogger(next http.Handler) http.Handler {
|
2022-09-04 06:19:13 +00:00
|
|
|
bold := func(s string) string { return "\033[1m" + s + "\033[0m" }
|
|
|
|
orange := func(s string) string { return "\033[33m" + s + "\033[0m" }
|
|
|
|
aqua := func(s string) string { return "\033[36m" + s + "\033[0m" }
|
|
|
|
red := func(s string) string { return "\033[31m" + s + "\033[0m" }
|
|
|
|
green := func(s string) string { return "\033[32m" + s + "\033[0m" }
|
|
|
|
|
|
|
|
fmtCode := func(code int) string {
|
|
|
|
switch {
|
|
|
|
case code >= 500:
|
|
|
|
return red(fmt.Sprintf("%d", code))
|
|
|
|
case code >= 400:
|
|
|
|
return orange(fmt.Sprintf("%d", code))
|
|
|
|
case code >= 300:
|
|
|
|
return aqua(fmt.Sprintf("%d", code))
|
|
|
|
default:
|
|
|
|
return green(fmt.Sprintf("%d", code))
|
|
|
|
}
|
2022-09-03 18:38:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2022-09-04 06:19:13 +00:00
|
|
|
record := &StatusRecorder{ResponseWriter: w, Status: http.StatusOK}
|
|
|
|
next.ServeHTTP(record, r) // Blocks until the next handler returns.
|
|
|
|
|
2022-09-03 18:38:35 +00:00
|
|
|
scheme := "http"
|
|
|
|
if r.TLS != nil {
|
|
|
|
scheme = "https"
|
|
|
|
}
|
|
|
|
|
|
|
|
url := fmt.Sprintf("%s://%s%s %s", scheme, r.Host, r.RequestURI, r.Proto)
|
2022-08-30 02:30:36 +00:00
|
|
|
|
2022-09-04 06:19:13 +00:00
|
|
|
log.Info().
|
|
|
|
Msgf("%s %s %s",
|
|
|
|
bold(orange(""+r.Method+"")),
|
|
|
|
aqua(url),
|
|
|
|
bold(fmtCode(record.Status)),
|
|
|
|
)
|
2022-08-30 02:30:36 +00:00
|
|
|
})
|
|
|
|
}
|