Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Tree: 5271a2084b
Branches Tags
netmaker
/
controllers
/
user.go

user.go 14 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493 
  1. package controller
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/json"
    5. 

  5. 	"errors"
    6. 

  6. 	"fmt"
    7. 

  7. 	"net/http"
    8. 

  8. 

  9. 	"github.com/gorilla/mux"
    10. 

  10. 	"github.com/gorilla/websocket"
    11. 

  11. 	"github.com/gravitl/netmaker/auth"
    12. 

  12. 	"github.com/gravitl/netmaker/logger"
    13. 

  13. 	"github.com/gravitl/netmaker/logic"
    14. 

  14. 	"github.com/gravitl/netmaker/models"
    15. 

  15. 	"github.com/gravitl/netmaker/servercfg"
    16. 

  16. )
    17. 

  17. 

  18. var (
    19. 

  19. 	upgrader = websocket.Upgrader{}
    20. 

  20. )
    21. 

  21. 

  22. func userHandlers(r *mux.Router) {
    23. 

  23. 

  24. 	r.HandleFunc("/api/users/adm/hasadmin", hasAdmin).Methods(http.MethodGet)
    25. 

  25. 	r.HandleFunc("/api/users/adm/createadmin", createAdmin).Methods(http.MethodPost)
    26. 

  26. 	r.HandleFunc("/api/users/adm/authenticate", authenticateUser).Methods(http.MethodPost)
    27. 

  27. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(updateUser)))).Methods(http.MethodPut)
    28. 

  28. 	r.HandleFunc("/api/users/networks/{username}", logic.SecurityCheck(true, http.HandlerFunc(updateUserNetworks))).Methods(http.MethodPut)
    29. 

  29. 	r.HandleFunc("/api/users/{username}/adm", logic.SecurityCheck(true, http.HandlerFunc(updateUserAdm))).Methods(http.MethodPut)
    30. 

  30. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(true, checkFreeTierLimits(users_l, http.HandlerFunc(createUser)))).Methods(http.MethodPost)
    31. 

  31. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(true, http.HandlerFunc(deleteUser))).Methods(http.MethodDelete)
    32. 

  32. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUser)))).Methods(http.MethodGet)
    33. 

  33. 	r.HandleFunc("/api/users", logic.SecurityCheck(true, http.HandlerFunc(getUsers))).Methods(http.MethodGet)
    34. 

  34. 	r.HandleFunc("/api/oauth/login", auth.HandleAuthLogin).Methods(http.MethodGet)
    35. 

  35. 	r.HandleFunc("/api/oauth/callback", auth.HandleAuthCallback).Methods(http.MethodGet)
    36. 

  36. 	r.HandleFunc("/api/oauth/headless", auth.HandleHeadlessSSO)
    37. 

  37. 	r.HandleFunc("/api/oauth/register/{regKey}", auth.RegisterHostSSO).Methods(http.MethodGet)
    38. 

  38. }
    39. 

  39. 

  40. // swagger:route POST /api/users/adm/authenticate user authenticateUser
    41. 

  41. //
    42. 

  42. // Node authenticates using its password and retrieves a JWT for authorization.
    43. 

  43. //
    44. 

  44. //			Schemes: https
    45. 

  45. //
    46. 

  46. //			Security:
    47. 

  47. //	  		oauth
    48. 

  48. //
    49. 

  49. //			Responses:
    50. 

  50. //				200: successResponse
    51. 

  51. func authenticateUser(response http.ResponseWriter, request *http.Request) {
    52. 

  52. 

  53. 	// Auth request consists of Mac Address and Password (from node that is authorizing
    54. 

  54. 	// in case of Master, auth is ignored and mac is set to "mastermac"
    55. 

  55. 	var authRequest models.UserAuthParams
    56. 

  56. 	var errorResponse = models.ErrorResponse{
    57. 

  57. 		Code: http.StatusInternalServerError, Message: "W1R3: It's not you it's me.",
    58. 

  58. 	}
    59. 

  59. 

  60. 	if !servercfg.IsBasicAuthEnabled() {
    61. 

  61. 		logic.ReturnErrorResponse(response, request, logic.FormatError(fmt.Errorf("basic auth is disabled"), "badrequest"))
    62. 

  62. 		return
    63. 

  63. 	}
    64. 

  64. 

  65. 	decoder := json.NewDecoder(request.Body)
    66. 

  66. 	decoderErr := decoder.Decode(&authRequest)
    67. 

  67. 	defer request.Body.Close()
    68. 

  68. 	if decoderErr != nil {
    69. 

  69. 		logger.Log(0, "error decoding request body: ",
    70. 

  70. 			decoderErr.Error())
    71. 

  71. 		logic.ReturnErrorResponse(response, request, errorResponse)
    72. 

  72. 		return
    73. 

  73. 	}
    74. 

  74. 	username := authRequest.UserName
    75. 

  75. 	jwt, err := logic.VerifyAuthRequest(authRequest)
    76. 

  76. 	if err != nil {
    77. 

  77. 		logger.Log(0, username, "user validation failed: ",
    78. 

  78. 			err.Error())
    79. 

  79. 		logic.ReturnErrorResponse(response, request, logic.FormatError(err, "badrequest"))
    80. 

  80. 		return
    81. 

  81. 	}
    82. 

  82. 

  83. 	if jwt == "" {
    84. 

  84. 		// very unlikely that err is !nil and no jwt returned, but handle it anyways.
    85. 

  85. 		logger.Log(0, username, "jwt token is empty")
    86. 

  86. 		logic.ReturnErrorResponse(response, request, logic.FormatError(errors.New("no token returned"), "internal"))
    87. 

  87. 		return
    88. 

  88. 	}
    89. 

  89. 

  90. 	var successResponse = models.SuccessResponse{
    91. 

  91. 		Code:    http.StatusOK,
    92. 

  92. 		Message: "W1R3: Device " + username + " Authorized",
    93. 

  93. 		Response: models.SuccessfulUserLoginResponse{
    94. 

  94. 			AuthToken: jwt,
    95. 

  95. 			UserName:  username,
    96. 

  96. 		},
    97. 

  97. 	}
    98. 

  98. 	// Send back the JWT
    99. 

  99. 	successJSONResponse, jsonError := json.Marshal(successResponse)
    100. 

  100. 

  101. 	if jsonError != nil {
    102. 

  102. 		logger.Log(0, username,
    103. 

  103. 			"error marshalling resp: ", err.Error())
    104. 

  104. 		logic.ReturnErrorResponse(response, request, errorResponse)
    105. 

  105. 		return
    106. 

  106. 	}
    107. 

  107. 	logger.Log(2, username, "was authenticated")
    108. 

  108. 	response.Header().Set("Content-Type", "application/json")
    109. 

  109. 	response.Write(successJSONResponse)
    110. 

  110. }
    111. 

  111. 

  112. // swagger:route GET /api/users/adm/hasadmin user hasAdmin
    113. 

  113. //
    114. 

  114. // Checks whether the server has an admin.
    115. 

  115. //
    116. 

  116. //			Schemes: https
    117. 

  117. //
    118. 

  118. //			Security:
    119. 

  119. //	  		oauth
    120. 

  120. //
    121. 

  121. //			Responses:
    122. 

  122. //				200: successResponse
    123. 

  123. func hasAdmin(w http.ResponseWriter, r *http.Request) {
    124. 

  124. 

  125. 	w.Header().Set("Content-Type", "application/json")
    126. 

  126. 

  127. 	hasadmin, err := logic.HasAdmin()
    128. 

  128. 	if err != nil {
    129. 

  129. 		logger.Log(0, "failed to check for admin: ", err.Error())
    130. 

  130. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    131. 

  131. 		return
    132. 

  132. 	}
    133. 

  133. 

  134. 	json.NewEncoder(w).Encode(hasadmin)
    135. 

  135. 

  136. }
    137. 

  137. 

  138. // swagger:route GET /api/users/{username} user getUser
    139. 

  139. //
    140. 

  140. // Get an individual user.
    141. 

  141. //
    142. 

  142. //			Schemes: https
    143. 

  143. //
    144. 

  144. //			Security:
    145. 

  145. //	  		oauth
    146. 

  146. //
    147. 

  147. //			Responses:
    148. 

  148. //				200: userBodyResponse
    149. 

  149. func getUser(w http.ResponseWriter, r *http.Request) {
    150. 

  150. 	// set header.
    151. 

  151. 	w.Header().Set("Content-Type", "application/json")
    152. 

  152. 

  153. 	var params = mux.Vars(r)
    154. 

  154. 	usernameFetched := params["username"]
    155. 

  155. 	user, err := logic.GetUser(usernameFetched)
    156. 

  156. 

  157. 	if err != nil {
    158. 

  158. 		logger.Log(0, usernameFetched, "failed to fetch user: ", err.Error())
    159. 

  159. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    160. 

  160. 		return
    161. 

  161. 	}
    162. 

  162. 	logger.Log(2, r.Header.Get("user"), "fetched user", usernameFetched)
    163. 

  163. 	json.NewEncoder(w).Encode(user)
    164. 

  164. }
    165. 

  165. 

  166. // swagger:route GET /api/users user getUsers
    167. 

  167. //
    168. 

  168. // Get all users.
    169. 

  169. //
    170. 

  170. //			Schemes: https
    171. 

  171. //
    172. 

  172. //			Security:
    173. 

  173. //	  		oauth
    174. 

  174. //
    175. 

  175. //			Responses:
    176. 

  176. //				200: userBodyResponse
    177. 

  177. func getUsers(w http.ResponseWriter, r *http.Request) {
    178. 

  178. 	// set header.
    179. 

  179. 	w.Header().Set("Content-Type", "application/json")
    180. 

  180. 

  181. 	users, err := logic.GetUsers()
    182. 

  182. 

  183. 	if err != nil {
    184. 

  184. 		logger.Log(0, "failed to fetch users: ", err.Error())
    185. 

  185. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    186. 

  186. 		return
    187. 

  187. 	}
    188. 

  188. 

  189. 	logic.SortUsers(users[:])
    190. 

  190. 	logger.Log(2, r.Header.Get("user"), "fetched users")
    191. 

  191. 	json.NewEncoder(w).Encode(users)
    192. 

  192. }
    193. 

  193. 

  194. // swagger:route POST /api/users/adm/createadmin user createAdmin
    195. 

  195. //
    196. 

  196. // Make a user an admin.
    197. 

  197. //
    198. 

  198. //			Schemes: https
    199. 

  199. //
    200. 

  200. //			Security:
    201. 

  201. //	  		oauth
    202. 

  202. //
    203. 

  203. //			Responses:
    204. 

  204. //				200: userBodyResponse
    205. 

  205. func createAdmin(w http.ResponseWriter, r *http.Request) {
    206. 

  206. 	w.Header().Set("Content-Type", "application/json")
    207. 

  207. 

  208. 	var admin models.User
    209. 

  209. 

  210. 	err := json.NewDecoder(r.Body).Decode(&admin)
    211. 

  211. 	if err != nil {
    212. 

  212. 

  213. 		logger.Log(0, admin.UserName, "error decoding request body: ",
    214. 

  214. 			err.Error())
    215. 

  215. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    216. 

  216. 		return
    217. 

  217. 	}
    218. 

  218. 

  219. 	if !servercfg.IsBasicAuthEnabled() {
    220. 

  220. 		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("basic auth is disabled"), "badrequest"))
    221. 

  221. 		return
    222. 

  222. 	}
    223. 

  223. 

  224. 	err = logic.CreateAdmin(&admin)
    225. 

  225. 	if err != nil {
    226. 

  226. 		logger.Log(0, admin.UserName, "failed to create admin: ",
    227. 

  227. 			err.Error())
    228. 

  228. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    229. 

  229. 		return
    230. 

  230. 	}
    231. 

  231. 

  232. 	logger.Log(1, admin.UserName, "was made a new admin")
    233. 

  233. 	json.NewEncoder(w).Encode(admin)
    234. 

  234. }
    235. 

  235. 

  236. // swagger:route POST /api/users/{username} user createUser
    237. 

  237. //
    238. 

  238. // Create a user.
    239. 

  239. //
    240. 

  240. //			Schemes: https
    241. 

  241. //
    242. 

  242. //			Security:
    243. 

  243. //	  		oauth
    244. 

  244. //
    245. 

  245. //			Responses:
    246. 

  246. //				200: userBodyResponse
    247. 

  247. func createUser(w http.ResponseWriter, r *http.Request) {
    248. 

  248. 	w.Header().Set("Content-Type", "application/json")
    249. 

  249. 

  250. 	var user models.User
    251. 

  251. 	err := json.NewDecoder(r.Body).Decode(&user)
    252. 

  252. 	if err != nil {
    253. 

  253. 		logger.Log(0, user.UserName, "error decoding request body: ",
    254. 

  254. 			err.Error())
    255. 

  255. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    256. 

  256. 		return
    257. 

  257. 	}
    258. 

  258. 

  259. 	err = logic.CreateUser(&user)
    260. 

  260. 	if err != nil {
    261. 

  261. 		logger.Log(0, user.UserName, "error creating new user: ",
    262. 

  262. 			err.Error())
    263. 

  263. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    264. 

  264. 		return
    265. 

  265. 	}
    266. 

  266. 	logger.Log(1, user.UserName, "was created")
    267. 

  267. 	json.NewEncoder(w).Encode(user)
    268. 

  268. }
    269. 

  269. 

  270. // swagger:route PUT /api/users/networks/{username} user updateUserNetworks
    271. 

  271. //
    272. 

  272. // Updates the networks of the given user.
    273. 

  273. //
    274. 

  274. //			Schemes: https
    275. 

  275. //
    276. 

  276. //			Security:
    277. 

  277. //	  		oauth
    278. 

  278. //
    279. 

  279. //			Responses:
    280. 

  280. //				200: userBodyResponse
    281. 

  281. func updateUserNetworks(w http.ResponseWriter, r *http.Request) {
    282. 

  282. 	w.Header().Set("Content-Type", "application/json")
    283. 

  283. 	var params = mux.Vars(r)
    284. 

  284. 	// start here
    285. 

  285. 	username := params["username"]
    286. 

  286. 	user, err := logic.GetUser(username)
    287. 

  287. 	if err != nil {
    288. 

  288. 		logger.Log(0, username,
    289. 

  289. 			"failed to update user networks: ", err.Error())
    290. 

  290. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    291. 

  291. 		return
    292. 

  292. 	}
    293. 

  293. 	userChange := &models.User{}
    294. 

  294. 	// we decode our body request params
    295. 

  295. 	err = json.NewDecoder(r.Body).Decode(userChange)
    296. 

  296. 	if err != nil {
    297. 

  297. 		logger.Log(0, username, "error decoding request body: ",
    298. 

  298. 			err.Error())
    299. 

  299. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    300. 

  300. 		return
    301. 

  301. 	}
    302. 

  302. 	err = logic.UpdateUserNetworks(userChange.Networks, userChange.Groups, userChange.IsAdmin, &models.ReturnUser{
    303. 

  303. 		Groups:   user.Groups,
    304. 

  304. 		IsAdmin:  user.IsAdmin,
    305. 

  305. 		Networks: user.Networks,
    306. 

  306. 		UserName: user.UserName,
    307. 

  307. 	})
    308. 

  308. 

  309. 	if err != nil {
    310. 

  310. 		logger.Log(0, username,
    311. 

  311. 			"failed to update user networks: ", err.Error())
    312. 

  312. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    313. 

  313. 		return
    314. 

  314. 	}
    315. 

  315. 	logger.Log(1, username, "status was updated")
    316. 

  316. 	// re-read and return the new user struct
    317. 

  317. 	if userChange, err = logic.GetUser(username); err != nil {
    318. 

  318. 		logger.Log(0, username, "failed to fetch user: ", err.Error())
    319. 

  319. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    320. 

  320. 		return
    321. 

  321. 	}
    322. 

  322. 	json.NewEncoder(w).Encode(userChange)
    323. 

  323. }
    324. 

  324. 

  325. // swagger:route PUT /api/users/{username} user updateUser
    326. 

  326. //
    327. 

  327. // Update a user.
    328. 

  328. //
    329. 

  329. //			Schemes: https
    330. 

  330. //
    331. 

  331. //			Security:
    332. 

  332. //	  		oauth
    333. 

  333. //
    334. 

  334. //			Responses:
    335. 

  335. //				200: userBodyResponse
    336. 

  336. func updateUser(w http.ResponseWriter, r *http.Request) {
    337. 

  337. 	w.Header().Set("Content-Type", "application/json")
    338. 

  338. 	var params = mux.Vars(r)
    339. 

  339. 	// start here
    340. 

  340. 	jwtUser, _, isadmin, err := logic.VerifyJWT(r.Header.Get("Authorization"))
    341. 

  341. 	if err != nil {
    342. 

  342. 		logger.Log(0, "verifyJWT error", err.Error())
    343. 

  343. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    344. 

  344. 		return
    345. 

  345. 	}
    346. 

  346. 	username := params["username"]
    347. 

  347. 	if username != jwtUser && !isadmin {
    348. 

  348. 		logger.Log(0, "non-admin user", jwtUser, "attempted to update user", username)
    349. 

  349. 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not authorizied"), "unauthorized"))
    350. 

  350. 		return
    351. 

  351. 	}
    352. 

  352. 	user, err := logic.GetUser(username)
    353. 

  353. 	if err != nil {
    354. 

  354. 		logger.Log(0, username,
    355. 

  355. 			"failed to update user info: ", err.Error())
    356. 

  356. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    357. 

  357. 		return
    358. 

  358. 	}
    359. 

  359. 	if auth.IsOauthUser(user) == nil {
    360. 

  360. 		err := fmt.Errorf("cannot update user info for oauth user %s", username)
    361. 

  361. 		logger.Log(0, err.Error())
    362. 

  362. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
    363. 

  363. 		return
    364. 

  364. 	}
    365. 

  365. 	var userchange models.User
    366. 

  366. 	// we decode our body request params
    367. 

  367. 	err = json.NewDecoder(r.Body).Decode(&userchange)
    368. 

  368. 	if err != nil {
    369. 

  369. 		logger.Log(0, username, "error decoding request body: ",
    370. 

  370. 			err.Error())
    371. 

  371. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    372. 

  372. 		return
    373. 

  373. 	}
    374. 

  374. 	if userchange.IsAdmin && !isadmin {
    375. 

  375. 		logger.Log(0, "non-admin user", jwtUser, "attempted get admin privilages")
    376. 

  376. 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not authorizied"), "unauthorized"))
    377. 

  377. 		return
    378. 

  378. 	}
    379. 

  379. 	userchange.Networks = nil
    380. 

  380. 	user, err = logic.UpdateUser(&userchange, user)
    381. 

  381. 	if err != nil {
    382. 

  382. 		logger.Log(0, username,
    383. 

  383. 			"failed to update user info: ", err.Error())
    384. 

  384. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    385. 

  385. 		return
    386. 

  386. 	}
    387. 

  387. 	logger.Log(1, username, "was updated")
    388. 

  388. 	json.NewEncoder(w).Encode(user)
    389. 

  389. }
    390. 

  390. 

  391. // swagger:route PUT /api/users/{username}/adm user updateUserAdm
    392. 

  392. //
    393. 

  393. // Updates the given admin user's info (as long as the user is an admin).
    394. 

  394. //
    395. 

  395. //			Schemes: https
    396. 

  396. //
    397. 

  397. //			Security:
    398. 

  398. //	  		oauth
    399. 

  399. //
    400. 

  400. //			Responses:
    401. 

  401. //				200: userBodyResponse
    402. 

  402. func updateUserAdm(w http.ResponseWriter, r *http.Request) {
    403. 

  403. 	w.Header().Set("Content-Type", "application/json")
    404. 

  404. 	var params = mux.Vars(r)
    405. 

  405. 	// start here
    406. 

  406. 	username := params["username"]
    407. 

  407. 	user, err := logic.GetUser(username)
    408. 

  408. 	if err != nil {
    409. 

  409. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    410. 

  410. 		return
    411. 

  411. 	}
    412. 

  412. 	if auth.IsOauthUser(user) != nil {
    413. 

  413. 		err := fmt.Errorf("cannot update user info for oauth user %s", username)
    414. 

  414. 		logger.Log(0, err.Error())
    415. 

  415. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
    416. 

  416. 		return
    417. 

  417. 	}
    418. 

  418. 	var userchange models.User
    419. 

  419. 	// we decode our body request params
    420. 

  420. 	err = json.NewDecoder(r.Body).Decode(&userchange)
    421. 

  421. 	if err != nil {
    422. 

  422. 		logger.Log(0, username, "error decoding request body: ",
    423. 

  423. 			err.Error())
    424. 

  424. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    425. 

  425. 		return
    426. 

  426. 	}
    427. 

  427. 	if !user.IsAdmin {
    428. 

  428. 		logger.Log(0, username, "not an admin user")
    429. 

  429. 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not a admin user"), "badrequest"))
    430. 

  430. 	}
    431. 

  431. 	user, err = logic.UpdateUser(&userchange, user)
    432. 

  432. 	if err != nil {
    433. 

  433. 		logger.Log(0, username,
    434. 

  434. 			"failed to update user (admin) info: ", err.Error())
    435. 

  435. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    436. 

  436. 		return
    437. 

  437. 	}
    438. 

  438. 	logger.Log(1, username, "was updated (admin)")
    439. 

  439. 	json.NewEncoder(w).Encode(user)
    440. 

  440. }
    441. 

  441. 

  442. // swagger:route DELETE /api/users/{username} user deleteUser
    443. 

  443. //
    444. 

  444. // Delete a user.
    445. 

  445. //
    446. 

  446. //			Schemes: https
    447. 

  447. //
    448. 

  448. //			Security:
    449. 

  449. //	  		oauth
    450. 

  450. //
    451. 

  451. //			Responses:
    452. 

  452. //				200: userBodyResponse
    453. 

  453. func deleteUser(w http.ResponseWriter, r *http.Request) {
    454. 

  454. 	// Set header
    455. 

  455. 	w.Header().Set("Content-Type", "application/json")
    456. 

  456. 

  457. 	// get params
    458. 

  458. 	var params = mux.Vars(r)
    459. 

  459. 

  460. 	username := params["username"]
    461. 

  461. 

  462. 	success, err := logic.DeleteUser(username)
    463. 

  463. 	if err != nil {
    464. 

  464. 		logger.Log(0, username,
    465. 

  465. 			"failed to delete user: ", err.Error())
    466. 

  466. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    467. 

  467. 		return
    468. 

  468. 	} else if !success {
    469. 

  469. 		err := errors.New("delete unsuccessful")
    470. 

  470. 		logger.Log(0, username, err.Error())
    471. 

  471. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    472. 

  472. 		return
    473. 

  473. 	}
    474. 

  474. 

  475. 	logger.Log(1, username, "was deleted")
    476. 

  476. 	json.NewEncoder(w).Encode(params["username"] + " deleted.")
    477. 

  477. }
    478. 

  478. 

  479. // Called when vpn client dials in to start the auth flow and first stage is to get register URL itself
    480. 

  480. func socketHandler(w http.ResponseWriter, r *http.Request) {
    481. 

  481. 	// Upgrade our raw HTTP connection to a websocket based one
    482. 

  482. 	conn, err := upgrader.Upgrade(w, r, nil)
    483. 

  483. 	if err != nil {
    484. 

  484. 		logger.Log(0, "error during connection upgrade for node sign-in:", err.Error())
    485. 

  485. 		return
    486. 

  486. 	}
    487. 

  487. 	if conn == nil {
    488. 

  488. 		logger.Log(0, "failed to establish web-socket connection during node sign-in")
    489. 

  489. 		return
    490. 

  490. 	}
    491. 

  491. 	// Start handling the session
    492. 

  492. 	go auth.SessionHandler(conn)
    493. 

  493. }
    494.