Implement basic API scoping
This commit is contained in:
Tom
parent
064ae2f564
commit
9db53d39c4
21 changed files with 519 additions and 264 deletions
|
|
@ -2,12 +2,10 @@ package config
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"github.com/FAU-CDI/wisski-distillery/internal/config/validators"
|
||||
"github.com/tkw1536/pkglib/httpx"
|
||||
"golang.org/x/net/idna"
|
||||
)
|
||||
|
||||
|
|
@ -31,26 +29,6 @@ type HTTPConfig struct {
|
|||
API validators.NullableBool `yaml:"api" validate:"bool" default:"false"`
|
||||
}
|
||||
|
||||
var apiNotEnabled = httpx.Response{
|
||||
StatusCode: http.StatusForbidden,
|
||||
Body: []byte(`{"message":"API is not enabled"}`),
|
||||
}
|
||||
|
||||
func (hcfg HTTPConfig) APIDecorator(methods ...string) func(http.Handler) http.Handler {
|
||||
methods = append(methods, "OPTIONS") // always permit the options method!
|
||||
|
||||
if !hcfg.API.Value {
|
||||
return func(http.Handler) http.Handler {
|
||||
return httpx.PermitMethods(apiNotEnabled, methods...)
|
||||
}
|
||||
}
|
||||
|
||||
// permit only the specified methods
|
||||
return func(h http.Handler) http.Handler {
|
||||
return httpx.PermitMethods(h, methods...)
|
||||
}
|
||||
}
|
||||
|
||||
// JoinPath returns the root public url joined with the provided parts.
|
||||
func (hcfg HTTPConfig) JoinPath(elem ...string) *url.URL {
|
||||
u := url.URL{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue