From 50c4d8b945649dd1cb53f280bcdb11c052751946 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Tue, 13 Feb 2024 22:25:50 -0500 Subject: [PATCH] refactor: clean up use of auth middleware in s5 --- api/s5/s5.go | 43 ++++++++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 17 deletions(-) diff --git a/api/s5/s5.go b/api/s5/s5.go index c64253c..1a4bf87 100644 --- a/api/s5/s5.go +++ b/api/s5/s5.go @@ -118,7 +118,16 @@ func byteHandler(b []byte) jape.Handler { } func getRoutes(s *S5API) map[string]jape.Handler { - tusHandler := BuildS5TusApi(s.identity, s.accounts, s.storage) + authMiddlewareOpts := middleware.AuthMiddlewareOptions{ + Identity: s.identity, + Accounts: s.accounts, + Config: s.config, + Purpose: account.JWTPurposeLogin, + } + + authMw := authMiddleware(authMiddlewareOpts) + + tusHandler := BuildS5TusApi(authMw, s.storage) tusOptionsHandler := func(c jape.Context) { c.ResponseWriter.WriteHeader(http.StatusOK) @@ -142,7 +151,7 @@ func getRoutes(s *S5API) map[string]jape.Handler { panic(err) } - wrappedTusHandler := middleware.ApplyMiddlewares(tusOptionsHandler, tusCors, middleware.AuthMiddleware(s.identity, s.accounts)) + wrappedTusHandler := middleware.ApplyMiddlewares(tusOptionsHandler, tusCors, authMw) swaggerFiles, _ := fs.Sub(swagfs, "embed") swaggerServ := http.FileServer(http.FS(swaggerFiles)) @@ -164,13 +173,13 @@ func getRoutes(s *S5API) map[string]jape.Handler { "POST /s5/account/register": s.httpHandler.accountRegister, "GET /s5/account/login": s.httpHandler.accountLoginChallenge, "POST /s5/account/login": s.httpHandler.accountLogin, - "GET /s5/account": middleware.ApplyMiddlewares(s.httpHandler.accountInfo, middleware.AuthMiddleware(s.identity, s.accounts)), - "GET /s5/account/stats": middleware.ApplyMiddlewares(s.httpHandler.accountStats, middleware.AuthMiddleware(s.identity, s.accounts)), - "GET /s5/account/pins.bin": middleware.ApplyMiddlewares(s.httpHandler.accountPins, middleware.AuthMiddleware(s.identity, s.accounts)), + "GET /s5/account": middleware.ApplyMiddlewares(s.httpHandler.accountInfo, authMw), + "GET /s5/account/stats": middleware.ApplyMiddlewares(s.httpHandler.accountStats, authMw), + "GET /s5/account/pins.bin": middleware.ApplyMiddlewares(s.httpHandler.accountPins, authMw), // Upload API - "POST /s5/upload": middleware.ApplyMiddlewares(s.httpHandler.smallFileUpload, middleware.AuthMiddleware(s.identity, s.accounts)), - "POST /s5/upload/directory": middleware.ApplyMiddlewares(s.httpHandler.directoryUpload, middleware.AuthMiddleware(s.identity, s.accounts)), + "POST /s5/upload": middleware.ApplyMiddlewares(s.httpHandler.smallFileUpload, authMw), + "POST /s5/upload/directory": middleware.ApplyMiddlewares(s.httpHandler.directoryUpload, authMw), // Tus API "POST /s5/upload/tus": tusHandler, @@ -181,22 +190,22 @@ func getRoutes(s *S5API) map[string]jape.Handler { "OPTIONS /s5/upload/tus/:id": wrappedTusHandler, // Download API - "GET /s5/blob/:cid": middleware.ApplyMiddlewares(s.httpHandler.downloadBlob, middleware.AuthMiddleware(s.identity, s.accounts)), + "GET /s5/blob/:cid": middleware.ApplyMiddlewares(s.httpHandler.downloadBlob, authMw), "GET /s5/metadata/:cid": s.httpHandler.downloadMetadata, "GET /s5/download/:cid": middleware.ApplyMiddlewares(s.httpHandler.downloadFile, cors.Default().Handler), // Pins API - "POST /s5/pin/:cid": middleware.ApplyMiddlewares(s.httpHandler.accountPin, middleware.AuthMiddleware(s.identity, s.accounts)), - "DELETE /s5/delete/:cid": middleware.ApplyMiddlewares(s.httpHandler.accountPinDelete, middleware.AuthMiddleware(s.identity, s.accounts)), + "POST /s5/pin/:cid": middleware.ApplyMiddlewares(s.httpHandler.accountPin, authMw), + "DELETE /s5/delete/:cid": middleware.ApplyMiddlewares(s.httpHandler.accountPinDelete, authMw), // Debug API - "GET /s5/debug/download_urls/:cid": middleware.ApplyMiddlewares(s.httpHandler.debugDownloadUrls, middleware.AuthMiddleware(s.identity, s.accounts)), - "GET /s5/debug/storage_locations/:hash": middleware.ApplyMiddlewares(s.httpHandler.debugStorageLocations, middleware.AuthMiddleware(s.identity, s.accounts)), + "GET /s5/debug/download_urls/:cid": middleware.ApplyMiddlewares(s.httpHandler.debugDownloadUrls, authMw), + "GET /s5/debug/storage_locations/:hash": middleware.ApplyMiddlewares(s.httpHandler.debugStorageLocations, authMw), // Registry API - "GET /s5/registry": middleware.ApplyMiddlewares(s.httpHandler.registryQuery, middleware.AuthMiddleware(s.identity, s.accounts)), - "POST /s5/registry": middleware.ApplyMiddlewares(s.httpHandler.registrySet, middleware.AuthMiddleware(s.identity, s.accounts)), - "GET /s5/registry/subscription": middleware.ApplyMiddlewares(s.httpHandler.registrySubscription, middleware.AuthMiddleware(s.identity, s.accounts)), + "GET /s5/registry": middleware.ApplyMiddlewares(s.httpHandler.registryQuery, authMw), + "POST /s5/registry": middleware.ApplyMiddlewares(s.httpHandler.registrySet, authMw), + "GET /s5/registry/subscription": middleware.ApplyMiddlewares(s.httpHandler.registrySubscription, authMw), "GET /swagger.json": byteHandler(jsonDoc), "GET /swagger": swaggerRedirect, @@ -254,7 +263,7 @@ func BuildTusCors() func(h http.Handler) http.Handler { return mw.Handler } -func BuildS5TusApi(identity ed25519.PrivateKey, accounts *account.AccountServiceDefault, storage *storage.StorageServiceDefault) jape.Handler { +func BuildS5TusApi(authMw middleware.HttpMiddlewareFunc, storage *storage.StorageServiceDefault) jape.Handler { // Create a jape.Handler for your tusHandler tusJapeHandler := func(c jape.Context) { tusHandler := storage.Tus() @@ -284,7 +293,7 @@ func BuildS5TusApi(identity ed25519.PrivateKey, accounts *account.AccountService } // Apply the middlewares to the tusJapeHandler - tusHandler := middleware.ApplyMiddlewares(tusJapeHandler, BuildTusCors(), middleware.AuthMiddleware(identity, accounts), injectJwt, protocolMiddleware, stripPrefix, middleware.ProxyMiddleware) + tusHandler := middleware.ApplyMiddlewares(tusJapeHandler, BuildTusCors(), authMw, injectJwt, protocolMiddleware, stripPrefix, middleware.ProxyMiddleware) return tusHandler }