From 76a1953417dfd428479cb7fc51b52f8e50b42964 Mon Sep 17 00:00:00 2001 From: tom Date: Tue, 21 Jun 2016 15:28:46 +0100 Subject: [PATCH] depreciated redis and added jwt token authentication --- auth.go | 23 +++++++++++++++++------ config.go | 16 ---------------- main.go | 41 ++++++----------------------------------- setup.go | 45 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 68 insertions(+), 57 deletions(-) delete mode 100644 config.go create mode 100644 setup.go diff --git a/auth.go b/auth.go index 5d4f504..7153145 100644 --- a/auth.go +++ b/auth.go @@ -7,6 +7,9 @@ package main import ( "fmt" "net/http" + "strings" + + "github.com/dgrijalva/jwt-go" ) func unauthorized(w http.ResponseWriter) { @@ -15,17 +18,25 @@ func unauthorized(w http.ResponseWriter) { func authMiddleware(w http.ResponseWriter, r *http.Request) { // Check Auth, Until Proper Auth Service is implemented - authToken := r.Header.Get("X-Auth-Token") - fmt.Println(authToken) + authToken := strings.Trim(r.Header.Get("Authorization"), "Bearer ") if authToken == "" { unauthorized(w) return } - user, err := db.Get(authToken).Result() - fmt.Println(user) - fmt.Println(err) - if err != nil || user == "" { + token, err := jwt.Parse(authToken, func(t *jwt.Token) (interface{}, error) { + if t.Method.Alg() != jwt.SigningMethodHS256.Alg() { + return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"]) + } + return []byte(secret), nil + }) + + if err != nil { + unauthorized(w) + return + } + + if token.Valid != true { unauthorized(w) return } diff --git a/config.go b/config.go deleted file mode 100644 index 394da8a..0000000 --- a/config.go +++ /dev/null @@ -1,16 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -package main - -type monitorConfig struct { - Host string `json:"host"` - Port string `json:"port"` -} - -type redisConfig struct { - Host string `json:"addr"` - Password string `json:"password"` - DB int64 `json:"DB"` -} diff --git a/main.go b/main.go index 1d2187f..163b4ef 100644 --- a/main.go +++ b/main.go @@ -5,50 +5,28 @@ package main import ( - "encoding/json" "fmt" - "log" "net/http" - "os" - "time" - - "gopkg.in/redis.v3" "github.com/nats-io/nats" "github.com/r3labs/sse" ) +var n *nats.Conn var s *sse.Server -var db *redis.Client +var host string +var port string +var secret string func main() { - // Open Nats connection - n, err := nats.Connect(os.Getenv("NATS_URI")) - if err != nil { - log.Println("Could not connect to nats") - return - } + setup() defer n.Close() - redisCfg := redisConfig{} - msg, err := n.Request("config.get.redis", []byte(""), 1*time.Second) - if err != nil { - panic("Cant get redis config") - } - json.Unmarshal(msg.Data, &redisCfg) - // Create new SSE server s = sse.New() s.AutoStream = true defer s.Close() - // Open DB connection - db = redis.NewClient(&redis.Options{ - Addr: redisCfg.Host, - Password: redisCfg.Password, - DB: redisCfg.DB, - }) - // Create new HTTP Server and add the route handler mux := http.NewServeMux() mux.HandleFunc("/events", authMiddleware) @@ -56,14 +34,7 @@ func main() { // Start nats handler, subscribe to all events n.Subscribe(">", natsHandler) - monitorCfg := monitorConfig{} - msg, err = n.Request("config.get.monitor", []byte(""), 1*time.Second) - if err != nil { - panic("Can't get monitor config") - } - json.Unmarshal(msg.Data, &monitorCfg) - // Start Listening - addr := fmt.Sprintf("%s:%s", monitorCfg.Host, monitorCfg.Port) + addr := fmt.Sprintf("%s:%s", host, port) http.ListenAndServe(addr, mux) } diff --git a/setup.go b/setup.go new file mode 100644 index 0000000..0a3fbd9 --- /dev/null +++ b/setup.go @@ -0,0 +1,45 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +package main + +import ( + "encoding/json" + "log" + "os" + "time" + + "github.com/nats-io/nats" +) + +type monitorConfig struct { + Host string `json:"host"` + Port string `json:"port"` +} + +func setup() { + var err error + // Open Nats connection + n, err = nats.Connect(os.Getenv("NATS_URI")) + if err != nil { + log.Println("Could not connect to nats") + return + } + + // Set the JWT Secret + secret = os.Getenv("JWT_SECRET") + if secret == "" { + panic("No JWT secret was set!") + } + + cfg := monitorConfig{} + msg, err := n.Request("config.get.monitor", []byte(""), 1*time.Second) + if err != nil { + panic("Can't get monitor config") + } + json.Unmarshal(msg.Data, &cfg) + + host = cfg.Host + port = cfg.Port +}