nicoeri/filebrowser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add ip on logging

Browse Source 
License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
This commit is contained in:
Henrique Dias 2018-12-28 20:15:13 +00:00
parent 6403bbdc57
commit a9addc0e8a
6 changed files with 76 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
http/auth.go
View File

@ -15,11 +15,11 @@ import (
func (e *Env) loginHandler(w http.ResponseWriter, r *http.Request) {
user, err := e.Auther.Auth(r)
if err == types.ErrNoPermission {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
} else if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
} else {
e.printToken(w, user)
e.printToken(w, r, user)
}
}
@ -30,24 +30,24 @@ type signupBody struct {
func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) {
if !e.Settings.Signup {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
if r.Body == nil {
httpErr(w, http.StatusBadRequest, nil)
httpErr(w, r, http.StatusBadRequest, nil)
return
}
info := &signupBody{}
err := json.NewDecoder(r.Body).Decode(info)
if err != nil {
httpErr(w, http.StatusBadRequest, nil)
httpErr(w, r, http.StatusBadRequest, nil)
return
}
if info.Password == "" || info.Username == "" {
httpErr(w, http.StatusBadRequest, nil)
httpErr(w, r, http.StatusBadRequest, nil)
return
}
@ -61,21 +61,21 @@ func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) {
pwd, err := types.HashPwd(info.Password)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
user.Password = pwd
err = e.Store.Users.Save(user)
if err == types.ErrExist {
httpErr(w, http.StatusConflict, nil)
httpErr(w, r, http.StatusConflict, nil)
return
} else if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
httpErr(w, http.StatusOK, nil)
httpErr(w, r, http.StatusOK, nil)
}
type userInfo struct {
@ -125,7 +125,7 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc {
token, err := request.ParseFromRequestWithClaims(r, &extractor{}, &tk, keyFunc)
if err != nil || !token.Valid {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
@ -133,7 +133,7 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc {
}
}
func (e *Env) printToken(w http.ResponseWriter, user *types.User) {
func (e *Env) printToken(w http.ResponseWriter, r *http.Request, user *types.User) {
claims := &authToken{
User: userInfo{
ID: user.ID,
@ -151,7 +151,7 @@ func (e *Env) printToken(w http.ResponseWriter, user *types.User) {
signed, err := token.SignedString(e.Settings.Key)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
} else {
w.Header().Set("Content-Type", "cty")
w.Write([]byte(signed))

22
http/http.go
View File

@ -43,7 +43,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) {
index := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
httpErr(w, http.StatusNotFound, nil)
httpErr(w, r, http.StatusNotFound, nil)
return
}
@ -54,7 +54,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) {
err := index.Execute(w, data)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
}
})
@ -69,7 +69,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) {
err := index.Execute(w, data)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
}
}))
@ -111,24 +111,24 @@ func Handler(e *Env) http.Handler {
return r
}
func httpErr(w http.ResponseWriter, status int, err error) {
func httpErr(w http.ResponseWriter, r *http.Request, status int, err error) {
txt := http.StatusText(status)
if err != nil {
log.Printf("%v", err)
if err != nil || status >= 400 {
log.Printf("%s: %v %s %v", r.URL.Path, status, r.RemoteAddr, err)
}
http.Error(w, strconv.Itoa(status)+" "+txt, status)
}
func renderJSON(w http.ResponseWriter, data interface{}) {
func renderJSON(w http.ResponseWriter, r *http.Request, data interface{}) {
marsh, err := json.Marshal(data)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
w.Header().Set("Content-Type", "application/json; charset=utf-8")
if _, err := w.Write(marsh); err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
}
}
@ -136,12 +136,12 @@ func (e *Env) getUser(w http.ResponseWriter, r *http.Request) (*types.User, bool
id := r.Context().Value(keyUserID).(uint)
user, err := e.Store.Users.Get(id)
if err == types.ErrNotExist {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return nil, false
}
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return nil, false
}

20
http/raw.go
View File

@ -66,13 +66,13 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
}
if !user.Perm.Download {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
file, err := types.NewFileInfo(user, path)
if err != nil {
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
return
}
@ -83,13 +83,13 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
filenames, err := parseQueryFiles(r, file, user)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
extension, ar, err := parseQueryAlgorithm(r)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -102,7 +102,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
err = ar.Create(w)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
defer ar.Close()
@ -110,21 +110,21 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
for _, fname := range filenames {
info, err := user.Fs.Stat(fname)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
// get file's name for the inside of the archive
internalName, err := archiver.NameInArchive(info, fname, fname)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
// open the file
file, err := user.Fs.Open(fname)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -138,7 +138,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
})
file.Close()
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
}
@ -147,7 +147,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
func fileHandler(w http.ResponseWriter, r *http.Request, file *types.File, user *types.User) {
fd, err := user.Fs.Open(file.Path)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
defer fd.Close()

42
http/resource.go
View File

@ -42,7 +42,7 @@ func (e *Env) getResourceData(w http.ResponseWriter, r *http.Request, prefix str
}
if !user.IsAllowed(path) {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return "", nil, false
}
@ -57,7 +57,7 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
file, err := types.NewFileInfo(user, path)
if err != nil {
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
return
}
@ -68,11 +68,11 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
file.Listing.Sort = sort
file.Listing.Order = order
} else {
httpErr(w, http.StatusBadRequest, err)
httpErr(w, r, http.StatusBadRequest, err)
return
}
file.Listing.ApplySort()
renderJSON(w, file)
renderJSON(w, r, file)
return
}
@ -87,10 +87,10 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
if checksum := r.URL.Query().Get("checksum"); checksum != "" {
err = file.Checksum(checksum)
if err == types.ErrInvalidOption {
httpErr(w, http.StatusBadRequest, nil)
httpErr(w, r, http.StatusBadRequest, nil)
return
} else if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -98,7 +98,7 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
file.Content = ""
}
renderJSON(w, file)
renderJSON(w, r, file)
}
func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
@ -108,7 +108,7 @@ func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
}
if path == "/" || !user.Perm.Delete {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
@ -117,7 +117,7 @@ func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
}, "delete", path, "", user)
if err != nil {
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
return
}
@ -131,12 +131,12 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
}
if !user.Perm.Create && r.Method == http.MethodPost {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
if !user.Perm.Modify && r.Method == http.MethodPut {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
@ -147,10 +147,10 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
// For directories, only allow POST for creation.
if strings.HasSuffix(r.URL.Path, "/") {
if r.Method == http.MethodPut {
httpErr(w, http.StatusMethodNotAllowed, nil)
httpErr(w, r, http.StatusMethodNotAllowed, nil)
} else {
err := user.Fs.MkdirAll(path, 0775)
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
}
return
@ -158,7 +158,7 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodPost && r.URL.Query().Get("override") != "true" {
if _, err := user.Fs.Stat(path); err == nil {
httpErr(w, http.StatusConflict, nil)
httpErr(w, r, http.StatusConflict, nil)
return
}
}
@ -187,11 +187,11 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
}, "upload", path, "", user)
if err != nil {
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
return
}
httpErr(w, http.StatusOK, nil)
httpErr(w, r, http.StatusOK, nil)
}
func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
@ -205,26 +205,26 @@ func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
dst, err := url.QueryUnescape(dst)
if err != nil {
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
return
}
if dst == "/" || src == "/" {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
switch action {
case "copy":
if !user.Perm.Create {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
case "rename":
default:
action = "rename"
if !user.Perm.Rename {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
}
@ -238,7 +238,7 @@ func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
return user.Fs.Rename(src, dst)
}, "action", src, dst, user)
httpErr(w, httpFsErr(err), err)
httpErr(w, r, httpFsErr(err), err)
}
func handleSortOrder(w http.ResponseWriter, r *http.Request, scope string) (sort string, order string, err error) {

20
http/share.go
View File

@ -21,7 +21,7 @@ func (e *Env) getShareData(w http.ResponseWriter, r *http.Request, prefix string
}
if !user.Perm.Share {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return "", false
}
@ -36,12 +36,12 @@ func (e *Env) shareGetHandler(w http.ResponseWriter, r *http.Request) {
s, err := e.Store.Share.GetByPath(path)
if err == types.ErrNotExist {
renderJSON(w, []*types.ShareLink{})
renderJSON(w, r, []*types.ShareLink{})
return
}
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -52,7 +52,7 @@ func (e *Env) shareGetHandler(w http.ResponseWriter, r *http.Request) {
}
}
renderJSON(w, s)
renderJSON(w, r, s)
}
func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
@ -62,7 +62,7 @@ func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
}
if !user.Perm.Share {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
@ -75,7 +75,7 @@ func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
err := e.Store.Share.Delete(hash)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
}
@ -102,7 +102,7 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) {
bytes := make([]byte, 6)
_, err := rand.Read(bytes)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -117,7 +117,7 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) {
if expire != "" {
num, err := strconv.Atoi(expire)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -137,9 +137,9 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) {
}
if err := e.Store.Share.Save(s); err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
renderJSON(w, s)
renderJSON(w, r, s)
}

20
http/users.go
View File

@ -25,13 +25,13 @@ func (e *Env) usersGetHandler(w http.ResponseWriter, r *http.Request) {
}
if !user.Perm.Admin {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return
}
users, err := e.Store.Users.Gets()
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
@ -43,7 +43,7 @@ func (e *Env) usersGetHandler(w http.ResponseWriter, r *http.Request) {
return users[i].ID < users[j].ID
})
renderJSON(w, users)
renderJSON(w, r, users)
}
func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.User, uint, bool) {
@ -54,12 +54,12 @@ func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.Us
id, err := getUserID(r)
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return nil, 0, false
}
if user.ID != id && !user.Perm.Admin {
httpErr(w, http.StatusForbidden, nil)
httpErr(w, r, http.StatusForbidden, nil)
return nil, 0, false
}
@ -74,17 +74,17 @@ func (e *Env) userGetHandler(w http.ResponseWriter, r *http.Request) {
u, err := e.Store.Users.Get(id)
if err == types.ErrNotExist {
httpErr(w, http.StatusNotFound, nil)
httpErr(w, r, http.StatusNotFound, nil)
return
}
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
return
}
u.Password = ""
renderJSON(w, u)
renderJSON(w, r, u)
}
func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) {
@ -95,12 +95,12 @@ func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) {
err := e.Store.Users.Delete(id)
if err == types.ErrNotExist {
httpErr(w, http.StatusNotFound, nil)
httpErr(w, r, http.StatusNotFound, nil)
return
}
if err != nil {
httpErr(w, http.StatusInternalServerError, err)
httpErr(w, r, http.StatusInternalServerError, err)
}
}