From a9addc0e8a91b84ce83470dbc6bf34bc2aed5bd4 Mon Sep 17 00:00:00 2001 From: Henrique Dias Date: Fri, 28 Dec 2018 20:15:13 +0000 Subject: [PATCH] feat: add ip on logging License: MIT Signed-off-by: Henrique Dias --- http/auth.go | 28 ++++++++++++++-------------- http/http.go | 22 +++++++++++----------- http/raw.go | 20 ++++++++++---------- http/resource.go | 42 +++++++++++++++++++++--------------------- http/share.go | 20 ++++++++++---------- http/users.go | 20 ++++++++++---------- 6 files changed, 76 insertions(+), 76 deletions(-) diff --git a/http/auth.go b/http/auth.go index 73fe6125..25210e7b 100644 --- a/http/auth.go +++ b/http/auth.go @@ -15,11 +15,11 @@ import ( func (e *Env) loginHandler(w http.ResponseWriter, r *http.Request) { user, err := e.Auther.Auth(r) if err == types.ErrNoPermission { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) } else if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) } else { - e.printToken(w, user) + e.printToken(w, r, user) } } @@ -30,24 +30,24 @@ type signupBody struct { func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) { if !e.Settings.Signup { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } if r.Body == nil { - httpErr(w, http.StatusBadRequest, nil) + httpErr(w, r, http.StatusBadRequest, nil) return } info := &signupBody{} err := json.NewDecoder(r.Body).Decode(info) if err != nil { - httpErr(w, http.StatusBadRequest, nil) + httpErr(w, r, http.StatusBadRequest, nil) return } if info.Password == "" || info.Username == "" { - httpErr(w, http.StatusBadRequest, nil) + httpErr(w, r, http.StatusBadRequest, nil) return } @@ -61,21 +61,21 @@ func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) { pwd, err := types.HashPwd(info.Password) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } user.Password = pwd err = e.Store.Users.Save(user) if err == types.ErrExist { - httpErr(w, http.StatusConflict, nil) + httpErr(w, r, http.StatusConflict, nil) return } else if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } - httpErr(w, http.StatusOK, nil) + httpErr(w, r, http.StatusOK, nil) } type userInfo struct { @@ -125,7 +125,7 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc { token, err := request.ParseFromRequestWithClaims(r, &extractor{}, &tk, keyFunc) if err != nil || !token.Valid { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } @@ -133,7 +133,7 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc { } } -func (e *Env) printToken(w http.ResponseWriter, user *types.User) { +func (e *Env) printToken(w http.ResponseWriter, r *http.Request, user *types.User) { claims := &authToken{ User: userInfo{ ID: user.ID, @@ -151,7 +151,7 @@ func (e *Env) printToken(w http.ResponseWriter, user *types.User) { signed, err := token.SignedString(e.Settings.Key) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) } else { w.Header().Set("Content-Type", "cty") w.Write([]byte(signed)) diff --git a/http/http.go b/http/http.go index 62d00123..119630fd 100644 --- a/http/http.go +++ b/http/http.go @@ -43,7 +43,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) { index := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodGet { - httpErr(w, http.StatusNotFound, nil) + httpErr(w, r, http.StatusNotFound, nil) return } @@ -54,7 +54,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) { err := index.Execute(w, data) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) } }) @@ -69,7 +69,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) { err := index.Execute(w, data) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) } })) @@ -111,24 +111,24 @@ func Handler(e *Env) http.Handler { return r } -func httpErr(w http.ResponseWriter, status int, err error) { +func httpErr(w http.ResponseWriter, r *http.Request, status int, err error) { txt := http.StatusText(status) - if err != nil { - log.Printf("%v", err) + if err != nil || status >= 400 { + log.Printf("%s: %v %s %v", r.URL.Path, status, r.RemoteAddr, err) } http.Error(w, strconv.Itoa(status)+" "+txt, status) } -func renderJSON(w http.ResponseWriter, data interface{}) { +func renderJSON(w http.ResponseWriter, r *http.Request, data interface{}) { marsh, err := json.Marshal(data) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } w.Header().Set("Content-Type", "application/json; charset=utf-8") if _, err := w.Write(marsh); err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) } } @@ -136,12 +136,12 @@ func (e *Env) getUser(w http.ResponseWriter, r *http.Request) (*types.User, bool id := r.Context().Value(keyUserID).(uint) user, err := e.Store.Users.Get(id) if err == types.ErrNotExist { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return nil, false } if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return nil, false } diff --git a/http/raw.go b/http/raw.go index 81fc77e5..456dd6fc 100644 --- a/http/raw.go +++ b/http/raw.go @@ -66,13 +66,13 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) { } if !user.Perm.Download { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } file, err := types.NewFileInfo(user, path) if err != nil { - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) return } @@ -83,13 +83,13 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) { filenames, err := parseQueryFiles(r, file, user) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } extension, ar, err := parseQueryAlgorithm(r) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -102,7 +102,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) { err = ar.Create(w) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } defer ar.Close() @@ -110,21 +110,21 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) { for _, fname := range filenames { info, err := user.Fs.Stat(fname) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } // get file's name for the inside of the archive internalName, err := archiver.NameInArchive(info, fname, fname) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } // open the file file, err := user.Fs.Open(fname) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -138,7 +138,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) { }) file.Close() if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } } @@ -147,7 +147,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) { func fileHandler(w http.ResponseWriter, r *http.Request, file *types.File, user *types.User) { fd, err := user.Fs.Open(file.Path) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } defer fd.Close() diff --git a/http/resource.go b/http/resource.go index dd018bc6..8d16858d 100644 --- a/http/resource.go +++ b/http/resource.go @@ -42,7 +42,7 @@ func (e *Env) getResourceData(w http.ResponseWriter, r *http.Request, prefix str } if !user.IsAllowed(path) { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return "", nil, false } @@ -57,7 +57,7 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) { file, err := types.NewFileInfo(user, path) if err != nil { - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) return } @@ -68,11 +68,11 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) { file.Listing.Sort = sort file.Listing.Order = order } else { - httpErr(w, http.StatusBadRequest, err) + httpErr(w, r, http.StatusBadRequest, err) return } file.Listing.ApplySort() - renderJSON(w, file) + renderJSON(w, r, file) return } @@ -87,10 +87,10 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) { if checksum := r.URL.Query().Get("checksum"); checksum != "" { err = file.Checksum(checksum) if err == types.ErrInvalidOption { - httpErr(w, http.StatusBadRequest, nil) + httpErr(w, r, http.StatusBadRequest, nil) return } else if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -98,7 +98,7 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) { file.Content = "" } - renderJSON(w, file) + renderJSON(w, r, file) } func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) { @@ -108,7 +108,7 @@ func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) { } if path == "/" || !user.Perm.Delete { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } @@ -117,7 +117,7 @@ func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) { }, "delete", path, "", user) if err != nil { - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) return } @@ -131,12 +131,12 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) { } if !user.Perm.Create && r.Method == http.MethodPost { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } if !user.Perm.Modify && r.Method == http.MethodPut { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } @@ -147,10 +147,10 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) { // For directories, only allow POST for creation. if strings.HasSuffix(r.URL.Path, "/") { if r.Method == http.MethodPut { - httpErr(w, http.StatusMethodNotAllowed, nil) + httpErr(w, r, http.StatusMethodNotAllowed, nil) } else { err := user.Fs.MkdirAll(path, 0775) - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) } return @@ -158,7 +158,7 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodPost && r.URL.Query().Get("override") != "true" { if _, err := user.Fs.Stat(path); err == nil { - httpErr(w, http.StatusConflict, nil) + httpErr(w, r, http.StatusConflict, nil) return } } @@ -187,11 +187,11 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) { }, "upload", path, "", user) if err != nil { - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) return } - httpErr(w, http.StatusOK, nil) + httpErr(w, r, http.StatusOK, nil) } func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) { @@ -205,26 +205,26 @@ func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) { dst, err := url.QueryUnescape(dst) if err != nil { - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) return } if dst == "/" || src == "/" { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } switch action { case "copy": if !user.Perm.Create { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } case "rename": default: action = "rename" if !user.Perm.Rename { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } } @@ -238,7 +238,7 @@ func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) { return user.Fs.Rename(src, dst) }, "action", src, dst, user) - httpErr(w, httpFsErr(err), err) + httpErr(w, r, httpFsErr(err), err) } func handleSortOrder(w http.ResponseWriter, r *http.Request, scope string) (sort string, order string, err error) { diff --git a/http/share.go b/http/share.go index 8ad7de81..a52f7741 100644 --- a/http/share.go +++ b/http/share.go @@ -21,7 +21,7 @@ func (e *Env) getShareData(w http.ResponseWriter, r *http.Request, prefix string } if !user.Perm.Share { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return "", false } @@ -36,12 +36,12 @@ func (e *Env) shareGetHandler(w http.ResponseWriter, r *http.Request) { s, err := e.Store.Share.GetByPath(path) if err == types.ErrNotExist { - renderJSON(w, []*types.ShareLink{}) + renderJSON(w, r, []*types.ShareLink{}) return } if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -52,7 +52,7 @@ func (e *Env) shareGetHandler(w http.ResponseWriter, r *http.Request) { } } - renderJSON(w, s) + renderJSON(w, r, s) } func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) { @@ -62,7 +62,7 @@ func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) { } if !user.Perm.Share { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } @@ -75,7 +75,7 @@ func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) { err := e.Store.Share.Delete(hash) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } } @@ -102,7 +102,7 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) { bytes := make([]byte, 6) _, err := rand.Read(bytes) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -117,7 +117,7 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) { if expire != "" { num, err := strconv.Atoi(expire) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -137,9 +137,9 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) { } if err := e.Store.Share.Save(s); err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } - renderJSON(w, s) + renderJSON(w, r, s) } diff --git a/http/users.go b/http/users.go index d3c7d3c9..6cf181ec 100644 --- a/http/users.go +++ b/http/users.go @@ -25,13 +25,13 @@ func (e *Env) usersGetHandler(w http.ResponseWriter, r *http.Request) { } if !user.Perm.Admin { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return } users, err := e.Store.Users.Gets() if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } @@ -43,7 +43,7 @@ func (e *Env) usersGetHandler(w http.ResponseWriter, r *http.Request) { return users[i].ID < users[j].ID }) - renderJSON(w, users) + renderJSON(w, r, users) } func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.User, uint, bool) { @@ -54,12 +54,12 @@ func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.Us id, err := getUserID(r) if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return nil, 0, false } if user.ID != id && !user.Perm.Admin { - httpErr(w, http.StatusForbidden, nil) + httpErr(w, r, http.StatusForbidden, nil) return nil, 0, false } @@ -74,17 +74,17 @@ func (e *Env) userGetHandler(w http.ResponseWriter, r *http.Request) { u, err := e.Store.Users.Get(id) if err == types.ErrNotExist { - httpErr(w, http.StatusNotFound, nil) + httpErr(w, r, http.StatusNotFound, nil) return } if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) return } u.Password = "" - renderJSON(w, u) + renderJSON(w, r, u) } func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) { @@ -95,12 +95,12 @@ func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) { err := e.Store.Users.Delete(id) if err == types.ErrNotExist { - httpErr(w, http.StatusNotFound, nil) + httpErr(w, r, http.StatusNotFound, nil) return } if err != nil { - httpErr(w, http.StatusInternalServerError, err) + httpErr(w, r, http.StatusInternalServerError, err) } }