added auth check
This commit is contained in:
parent
28ff9006df
commit
af488ab5fe
@ -6,6 +6,7 @@ import (
|
|||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/golang-jwt/jwt"
|
||||||
"github.com/graph-gophers/dataloader"
|
"github.com/graph-gophers/dataloader"
|
||||||
"github.com/minio/minio-go/v7"
|
"github.com/minio/minio-go/v7"
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
@ -108,3 +109,17 @@ func getParentDir(id string) string {
|
|||||||
|
|
||||||
return nomalizeID(parent)
|
return nomalizeID(parent)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func isAuth(ctx context.Context) (bool, error) {
|
||||||
|
token, ok := ctx.Value("jwt").(*jwt.Token)
|
||||||
|
|
||||||
|
if !ok {
|
||||||
|
return false, fmt.Errorf("Unauthorized")
|
||||||
|
}
|
||||||
|
|
||||||
|
if token.Valid {
|
||||||
|
return true, nil
|
||||||
|
} else {
|
||||||
|
return false, fmt.Errorf("Unauthorized")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@ -53,7 +53,9 @@ func initHttp(resolveContext context.Context, schema graphql.Schema, address str
|
|||||||
parsedToken, err := parseJWT(token)
|
parsedToken, err := parseJWT(token)
|
||||||
|
|
||||||
if err == nil && parsedToken.Valid {
|
if err == nil && parsedToken.Valid {
|
||||||
r.WithContext(context.WithValue(r.Context(), "jwt", parsedToken))
|
newRequest := r.WithContext(context.WithValue(r.Context(), "jwt", parsedToken))
|
||||||
|
h.ServeHTTP(rw, newRequest)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -62,7 +64,8 @@ func initHttp(resolveContext context.Context, schema graphql.Schema, address str
|
|||||||
})
|
})
|
||||||
|
|
||||||
r.HandleFunc("/api/graphql", func(rw http.ResponseWriter, r *http.Request) {
|
r.HandleFunc("/api/graphql", func(rw http.ResponseWriter, r *http.Request) {
|
||||||
gqlHandler.ContextHandler(resolveContext, rw, r)
|
token := r.Context().Value("jwt")
|
||||||
|
gqlHandler.ContextHandler(context.WithValue(resolveContext, "jwt", token), rw, r)
|
||||||
})
|
})
|
||||||
|
|
||||||
r.HandleFunc("/api/file", func(rw http.ResponseWriter, r *http.Request) {
|
r.HandleFunc("/api/file", func(rw http.ResponseWriter, r *http.Request) {
|
||||||
@ -82,6 +85,11 @@ func initHttp(resolveContext context.Context, schema graphql.Schema, address str
|
|||||||
}
|
}
|
||||||
|
|
||||||
func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
|
func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
|
||||||
|
if is, _ := isAuth(r.Context()); !is {
|
||||||
|
rw.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
s3Client := ctx.Value("s3Client").(*minio.Client)
|
s3Client := ctx.Value("s3Client").(*minio.Client)
|
||||||
id := r.URL.Query().Get("id")
|
id := r.URL.Query().Get("id")
|
||||||
|
|
||||||
@ -121,6 +129,11 @@ func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func httpPostFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
|
func httpPostFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
|
||||||
|
if is, _ := isAuth(r.Context()); !is {
|
||||||
|
rw.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
s3Client := ctx.Value("s3Client").(*minio.Client)
|
s3Client := ctx.Value("s3Client").(*minio.Client)
|
||||||
|
|
||||||
id := r.URL.Query().Get("id")
|
id := r.URL.Query().Get("id")
|
||||||
|
|||||||
@ -21,6 +21,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
path, ok := p.Args["path"].(string)
|
path, ok := p.Args["path"].(string)
|
||||||
|
|
||||||
if !ok {
|
if !ok {
|
||||||
@ -42,6 +46,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
path, ok := p.Args["path"].(string)
|
path, ok := p.Args["path"].(string)
|
||||||
|
|
||||||
if !ok {
|
if !ok {
|
||||||
@ -63,6 +71,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
id, ok := p.Args["id"].(string)
|
id, ok := p.Args["id"].(string)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("Failed to parse args")
|
return nil, fmt.Errorf("Failed to parse args")
|
||||||
@ -86,6 +98,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
id, ok := p.Args["id"].(string)
|
id, ok := p.Args["id"].(string)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("Failed to parse args")
|
return nil, fmt.Errorf("Failed to parse args")
|
||||||
@ -107,6 +123,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
src, ok := p.Args["src"].(string)
|
src, ok := p.Args["src"].(string)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("Failed to parse args")
|
return nil, fmt.Errorf("Failed to parse args")
|
||||||
@ -132,6 +152,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
src, ok := p.Args["src"].(string)
|
src, ok := p.Args["src"].(string)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("Failed to parse args")
|
return nil, fmt.Errorf("Failed to parse args")
|
||||||
@ -154,6 +178,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
path, ok := p.Args["path"].(string)
|
path, ok := p.Args["path"].(string)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("Failed to parse args")
|
return nil, fmt.Errorf("Failed to parse args")
|
||||||
@ -172,6 +200,10 @@ func graphqlSchema() (graphql.Schema, error) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
|
||||||
|
if is, err := isAuth(p.Context); !is {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
path, ok := p.Args["path"].(string)
|
path, ok := p.Args["path"].(string)
|
||||||
|
|
||||||
if !ok {
|
if !ok {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user