auth

Paddy 2015-07-18 Parent:0a2c3d677161 Child:b7e685839a1b

179:7bba108d2d9a Go to Latest

auth/authd/server.go

Send events when logins are verified. Add an ActionLoginVerified constant to use as the action when a login has been verified. On second thought, this should probably just be "verified", huh? Then we can reuse it across models. Oops. We also added a call to send a login verified event to NSQ when the login is verified.

Download raw file
View source Diff to previous Annotate
History
paddy@100 1 package main
paddy@100 2
paddy@100 3 import (
paddy@174 4 "encoding/base64"
paddy@100 5 "html/template"
paddy@100 6 "log"
paddy@100 7 "net/http"
paddy@157 8 "os"
paddy@100 9
paddy@107 10 "code.secondbit.org/auth.hg"
paddy@178 11 "code.secondbit.org/events.hg"
paddy@100 12 "github.com/gorilla/mux"
paddy@100 13 )
paddy@100 14
paddy@100 15 func main() {
paddy@151 16 log.SetFlags(log.LstdFlags | log.Llongfile)
paddy@170 17 log.Printf("Running version '%s'\n", auth.Version)
paddy@157 18 var config auth.Config
paddy@174 19 var jwtSecret string
paddy@174 20 var err error
paddy@174 21 if os.Getenv("JWT_SECRET") == "" {
paddy@174 22 log.Fatal("JWT_SECRET must be set.")
paddy@174 23 } else {
paddy@174 24 jwtSecret = os.Getenv("JWT_SECRET")
paddy@174 25 }
paddy@174 26 if os.Getenv("JWT_SECRET_IS_BASE64_ENCODED") == "true" {
paddy@174 27 config.JWTPrivateKey, err = base64.StdEncoding.DecodeString(jwtSecret)
paddy@174 28 if err != nil {
paddy@174 29 panic(err)
paddy@174 30 }
paddy@174 31 } else {
paddy@174 32 config.JWTPrivateKey = []byte(jwtSecret)
paddy@174 33 }
paddy@157 34 if os.Getenv("AUTH_PG_DB") != "" {
paddy@157 35 p, err := auth.NewPostgres(os.Getenv("AUTH_PG_DB"))
paddy@157 36 if err != nil {
paddy@157 37 panic(err)
paddy@157 38 }
paddy@157 39 config.ClientStore = &p
paddy@157 40 config.AuthCodeStore = &p
paddy@157 41 config.ProfileStore = &p
paddy@157 42 config.TokenStore = &p
paddy@157 43 config.SessionStore = &p
paddy@157 44 config.ScopeStore = &p
paddy@157 45 } else {
paddy@157 46 store := auth.NewMemstore()
paddy@157 47 config.ClientStore = store
paddy@157 48 config.AuthCodeStore = store
paddy@157 49 config.ProfileStore = store
paddy@157 50 config.TokenStore = store
paddy@157 51 config.SessionStore = store
paddy@157 52 config.ScopeStore = store
paddy@149 53 }
paddy@157 54 config.Template = template.Must(template.New("base").ParseGlob("./templates/*.gotmpl"))
paddy@157 55 config.LoginURI = "/login"
paddy@170 56 if os.Getenv("AUTH_NSQD_ADDR") != "" {
paddy@178 57 publisher, err := events.NewNSQPublisher("code.secondbit.org/auth/authd-"+auth.Version, os.Getenv("AUTH_NSQD_ADDR"))
paddy@170 58 if err != nil {
paddy@170 59 log.Fatal(err)
paddy@170 60 }
paddy@178 61 config.EventsPublisher = publisher
paddy@170 62 } else {
paddy@178 63 config.EventsPublisher = events.NewStdoutPublisher()
paddy@170 64 }
paddy@174 65 err = config.Init()
paddy@106 66 if err != nil {
paddy@106 67 log.Fatal(err)
paddy@106 68 }
paddy@100 69 context, err := auth.NewContext(config)
paddy@100 70 if err != nil {
paddy@100 71 panic(err)
paddy@100 72 }
paddy@149 73 err = context.CreateScopes([]auth.Scope{
paddy@173 74 auth.ScopeLoginAdmin,
paddy@174 75 {ID: "subscriptions", Name: "Manage subscriptions", Description: "Create, view, edit, and cancel your subscriptions."},
paddy@149 76 })
paddy@157 77 if err != nil && err != auth.ErrScopeAlreadyExists {
paddy@157 78 log.Fatal(err)
paddy@152 79 }
paddy@100 80
paddy@100 81 router := mux.NewRouter()
paddy@100 82 auth.RegisterOAuth2(router, context)
paddy@100 83 auth.RegisterSessionHandlers(router, context)
paddy@106 84 auth.RegisterProfileHandlers(router, context)
paddy@108 85 auth.RegisterClientHandlers(router, context)
paddy@100 86 http.Handle("/", router)
paddy@174 87 log.Println("Listening on port 9000")
paddy@174 88 log.Fatal(http.ListenAndServe("0.0.0.0:9000", nil))
paddy@100 89 }