/
main.go
112 lines (93 loc) · 2.96 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package web
import (
"encoding/gob"
"net/http"
"runtime"
"github.com/gin-contrib/static"
"github.com/gin-contrib/pprof"
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin"
"github.com/gorilla/websocket"
"github.com/notion/bastion/config"
"golang.org/x/oauth2"
)
var (
upgrader = websocket.Upgrader{
CheckOrigin: func(r *http.Request) bool { return true },
}
)
// Serve Starts the web server and all of its handlers
func Serve(addr string, env *config.Env) {
oauthConfig := oauth2.Config{}
env.Vconfig.SetDefault("OauthCredentials", &oauthConfig)
env.Vconfig.UnmarshalKey("OauthCredentials", &oauthConfig)
store := cookie.NewStore([]byte(env.Vconfig.GetString("cookiesecret")))
store.Options(sessions.Options{
MaxAge: 1 * 60 * 60,
Path: "/",
})
gob.Register(&oauth2.Token{})
gob.Register(&config.User{})
r := gin.Default()
r.Use(sessions.Sessions("session", store))
r.Use(static.Serve("/", static.LocalFile("web/static", false)))
r.LoadHTMLGlob("web/templates/*")
if env.Vconfig.GetBool("debug.web.enabled") {
runtime.SetBlockProfileRate(1)
runtime.SetMutexProfileFraction(1)
pprof.Register(r)
r.GET("/api/opensessions", openSessions(env))
}
authedGroup := r.Group("/", authMiddleware(env))
{
authedGroup.GET("", index(env, oauthConfig))
authedGroup.GET("/logout", logout(env))
authedGroup.GET("/sessions", sessionTempl(env))
authedGroup.GET("/livesessions", liveSessionTempl(env))
authedGroup.GET("/users", userTempl(env))
authedGroup.GET("/authrules", authRuleTempl(env))
authedGroup.GET("/authenticated", authTempl(env))
authedGroup.GET("/otp", otpTempl(env))
authedGroup.GET("/setupotp", setupOtpTempl(env))
apiGroup := authedGroup.Group("/api")
{
apiGroup.GET("/livesessions", liveSession(env))
userGroup := apiGroup.Group("/users")
{
userGroup.GET("", user(env))
userGroup.POST("/:id", updateUser(env))
userGroup.GET("/:id/keys", downloadKey(env))
}
authRulesGroup := apiGroup.Group("/authrules")
{
authRulesGroup.GET("", authRule(env))
authRulesGroup.POST("/:id", updateAuthRule(env))
authRulesGroup.GET("/:id/delete", deleteAuthRule(env))
}
wsGroup := apiGroup.Group("/ws")
{
wsGroup.GET("/livesessions/:id", liveSessionWS(env))
wsGroup.GET("/livesessions/:id/:sid", liveSessionWS(env))
}
apiGroup.GET("/disconnect/:id", disconnectLiveSession(env))
apiGroup.GET("/disconnect/:id/:sid", disconnectLiveSession(env))
apiGroup.GET("/sessions", session(env))
apiGroup.GET("/sessions/:id", sessionID(env))
apiGroup.POST("/otp", checkOtp(env))
apiGroup.GET("/setupotp", setupotp(env))
}
}
env.Green.Println("Running HTTP server at:", addr)
env.Red.Fatal(r.Run(addr))
}
func ginifyHandlerFunc(h http.HandlerFunc) gin.HandlerFunc {
return func(c *gin.Context) {
h(c.Writer, c.Request)
}
}
func ginifyHandler(h http.Handler) gin.HandlerFunc {
return func(c *gin.Context) {
h.ServeHTTP(c.Writer, c.Request)
}
}