Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Tree: 8ce7da2ce9
Branches Tags
netmaker
/
controllers
/
user.go

user.go 15 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508 
  1. package controller
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/json"
    5. 

  5. 	"errors"
    6. 

  6. 	"fmt"
    7. 

  7. 	"net/http"
    8. 

  8. 

  9. 	"github.com/gorilla/mux"
    10. 

  10. 	"github.com/gorilla/websocket"
    11. 

  11. 	"github.com/gravitl/netmaker/auth"
    12. 

  12. 	"github.com/gravitl/netmaker/logger"
    13. 

  13. 	"github.com/gravitl/netmaker/logic"
    14. 

  14. 	"github.com/gravitl/netmaker/models"
    15. 

  15. 	"github.com/gravitl/netmaker/servercfg"
    16. 

  16. )
    17. 

  17. 

  18. var (
    19. 

  19. 	upgrader = websocket.Upgrader{}
    20. 

  20. )
    21. 

  21. 

  22. // verifyJWT makes logic.VerifyJWT fakeable/mockable in tests
    23. 

  23. var verifyJWT = logic.VerifyJWT
    24. 

  24. 

  25. func userHandlers(r *mux.Router) {
    26. 

  26. 

  27. 	r.HandleFunc("/api/users/adm/hasadmin", hasAdmin).Methods(http.MethodGet)
    28. 

  28. 	r.HandleFunc("/api/users/adm/createadmin", createAdmin).Methods(http.MethodPost)
    29. 

  29. 	r.HandleFunc("/api/users/adm/authenticate", authenticateUser).Methods(http.MethodPost)
    30. 

  30. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(updateUser)))).Methods(http.MethodPut)
    31. 

  31. 	r.HandleFunc("/api/users/networks/{username}", logic.SecurityCheck(true, http.HandlerFunc(updateUserNetworks))).Methods(http.MethodPut)
    32. 

  32. 	r.HandleFunc("/api/users/{username}/adm", logic.SecurityCheck(true, http.HandlerFunc(updateUserAdm))).Methods(http.MethodPut)
    33. 

  33. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(true, checkFreeTierLimits(limitChoiceUsers, http.HandlerFunc(createUser)))).Methods(http.MethodPost)
    34. 

  34. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(true, http.HandlerFunc(deleteUser))).Methods(http.MethodDelete)
    35. 

  35. 	r.HandleFunc("/api/users/{username}", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUser)))).Methods(http.MethodGet)
    36. 

  36. 	r.HandleFunc("/api/users", logic.SecurityCheck(true, http.HandlerFunc(getUsers))).Methods(http.MethodGet)
    37. 

  37. 	r.HandleFunc("/api/oauth/login", auth.HandleAuthLogin).Methods(http.MethodGet)
    38. 

  38. 	r.HandleFunc("/api/oauth/callback", auth.HandleAuthCallback).Methods(http.MethodGet)
    39. 

  39. 	r.HandleFunc("/api/oauth/headless", auth.HandleHeadlessSSO)
    40. 

  40. 	r.HandleFunc("/api/oauth/register/{regKey}", auth.RegisterHostSSO).Methods(http.MethodGet)
    41. 

  41. }
    42. 

  42. 

  43. // swagger:route POST /api/users/adm/authenticate user authenticateUser
    44. 

  44. //
    45. 

  45. // Node authenticates using its password and retrieves a JWT for authorization.
    46. 

  46. //
    47. 

  47. //			Schemes: https
    48. 

  48. //
    49. 

  49. //			Security:
    50. 

  50. //	  		oauth
    51. 

  51. //
    52. 

  52. //			Responses:
    53. 

  53. //				200: successResponse
    54. 

  54. func authenticateUser(response http.ResponseWriter, request *http.Request) {
    55. 

  55. 

  56. 	// Auth request consists of Mac Address and Password (from node that is authorizing
    57. 

  57. 	// in case of Master, auth is ignored and mac is set to "mastermac"
    58. 

  58. 	var authRequest models.UserAuthParams
    59. 

  59. 	var errorResponse = models.ErrorResponse{
    60. 

  60. 		Code: http.StatusInternalServerError, Message: "W1R3: It's not you it's me.",
    61. 

  61. 	}
    62. 

  62. 

  63. 	if !servercfg.IsBasicAuthEnabled() {
    64. 

  64. 		logic.ReturnErrorResponse(response, request, logic.FormatError(fmt.Errorf("basic auth is disabled"), "badrequest"))
    65. 

  65. 		return
    66. 

  66. 	}
    67. 

  67. 

  68. 	decoder := json.NewDecoder(request.Body)
    69. 

  69. 	decoderErr := decoder.Decode(&authRequest)
    70. 

  70. 	defer request.Body.Close()
    71. 

  71. 	if decoderErr != nil {
    72. 

  72. 		logger.Log(0, "error decoding request body: ",
    73. 

  73. 			decoderErr.Error())
    74. 

  74. 		logic.ReturnErrorResponse(response, request, errorResponse)
    75. 

  75. 		return
    76. 

  76. 	}
    77. 

  77. 	username := authRequest.UserName
    78. 

  78. 	jwt, err := logic.VerifyAuthRequest(authRequest)
    79. 

  79. 	if err != nil {
    80. 

  80. 		logger.Log(0, username, "user validation failed: ",
    81. 

  81. 			err.Error())
    82. 

  82. 		logic.ReturnErrorResponse(response, request, logic.FormatError(err, "badrequest"))
    83. 

  83. 		return
    84. 

  84. 	}
    85. 

  85. 

  86. 	if jwt == "" {
    87. 

  87. 		// very unlikely that err is !nil and no jwt returned, but handle it anyways.
    88. 

  88. 		logger.Log(0, username, "jwt token is empty")
    89. 

  89. 		logic.ReturnErrorResponse(response, request, logic.FormatError(errors.New("no token returned"), "internal"))
    90. 

  90. 		return
    91. 

  91. 	}
    92. 

  92. 

  93. 	var successResponse = models.SuccessResponse{
    94. 

  94. 		Code:    http.StatusOK,
    95. 

  95. 		Message: "W1R3: Device " + username + " Authorized",
    96. 

  96. 		Response: models.SuccessfulUserLoginResponse{
    97. 

  97. 			AuthToken: jwt,
    98. 

  98. 			UserName:  username,
    99. 

  99. 		},
    100. 

  100. 	}
    101. 

  101. 	// Send back the JWT
    102. 

  102. 	successJSONResponse, jsonError := json.Marshal(successResponse)
    103. 

  103. 

  104. 	if jsonError != nil {
    105. 

  105. 		logger.Log(0, username,
    106. 

  106. 			"error marshalling resp: ", err.Error())
    107. 

  107. 		logic.ReturnErrorResponse(response, request, errorResponse)
    108. 

  108. 		return
    109. 

  109. 	}
    110. 

  110. 	logger.Log(2, username, "was authenticated")
    111. 

  111. 	response.Header().Set("Content-Type", "application/json")
    112. 

  112. 	response.Write(successJSONResponse)
    113. 

  113. }
    114. 

  114. 

  115. // swagger:route GET /api/users/adm/hasadmin user hasAdmin
    116. 

  116. //
    117. 

  117. // Checks whether the server has an admin.
    118. 

  118. //
    119. 

  119. //			Schemes: https
    120. 

  120. //
    121. 

  121. //			Security:
    122. 

  122. //	  		oauth
    123. 

  123. //
    124. 

  124. //			Responses:
    125. 

  125. //				200: successResponse
    126. 

  126. func hasAdmin(w http.ResponseWriter, r *http.Request) {
    127. 

  127. 

  128. 	w.Header().Set("Content-Type", "application/json")
    129. 

  129. 

  130. 	hasadmin, err := logic.HasAdmin()
    131. 

  131. 	if err != nil {
    132. 

  132. 		logger.Log(0, "failed to check for admin: ", err.Error())
    133. 

  133. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    134. 

  134. 		return
    135. 

  135. 	}
    136. 

  136. 

  137. 	json.NewEncoder(w).Encode(hasadmin)
    138. 

  138. 

  139. }
    140. 

  140. 

  141. // swagger:route GET /api/users/{username} user getUser
    142. 

  142. //
    143. 

  143. // Get an individual user.
    144. 

  144. //
    145. 

  145. //			Schemes: https
    146. 

  146. //
    147. 

  147. //			Security:
    148. 

  148. //	  		oauth
    149. 

  149. //
    150. 

  150. //			Responses:
    151. 

  151. //				200: userBodyResponse
    152. 

  152. func getUser(w http.ResponseWriter, r *http.Request) {
    153. 

  153. 	// set header.
    154. 

  154. 	w.Header().Set("Content-Type", "application/json")
    155. 

  155. 

  156. 	var params = mux.Vars(r)
    157. 

  157. 	usernameFetched := params["username"]
    158. 

  158. 	user, err := logic.GetReturnUser(usernameFetched)
    159. 

  159. 

  160. 	if err != nil {
    161. 

  161. 		logger.Log(0, usernameFetched, "failed to fetch user: ", err.Error())
    162. 

  162. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    163. 

  163. 		return
    164. 

  164. 	}
    165. 

  165. 	logger.Log(2, r.Header.Get("user"), "fetched user", usernameFetched)
    166. 

  166. 	json.NewEncoder(w).Encode(user)
    167. 

  167. }
    168. 

  168. 

  169. // swagger:route GET /api/users user getUsers
    170. 

  170. //
    171. 

  171. // Get all users.
    172. 

  172. //
    173. 

  173. //			Schemes: https
    174. 

  174. //
    175. 

  175. //			Security:
    176. 

  176. //	  		oauth
    177. 

  177. //
    178. 

  178. //			Responses:
    179. 

  179. //				200: userBodyResponse
    180. 

  180. func getUsers(w http.ResponseWriter, r *http.Request) {
    181. 

  181. 	// set header.
    182. 

  182. 	w.Header().Set("Content-Type", "application/json")
    183. 

  183. 

  184. 	users, err := logic.GetUsers()
    185. 

  185. 

  186. 	if err != nil {
    187. 

  187. 		logger.Log(0, "failed to fetch users: ", err.Error())
    188. 

  188. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    189. 

  189. 		return
    190. 

  190. 	}
    191. 

  191. 

  192. 	logic.SortUsers(users[:])
    193. 

  193. 	logger.Log(2, r.Header.Get("user"), "fetched users")
    194. 

  194. 	json.NewEncoder(w).Encode(users)
    195. 

  195. }
    196. 

  196. 

  197. // swagger:route POST /api/users/adm/createadmin user createAdmin
    198. 

  198. //
    199. 

  199. // Make a user an admin.
    200. 

  200. //
    201. 

  201. //			Schemes: https
    202. 

  202. //
    203. 

  203. //			Security:
    204. 

  204. //	  		oauth
    205. 

  205. //
    206. 

  206. //			Responses:
    207. 

  207. //				200: userBodyResponse
    208. 

  208. func createAdmin(w http.ResponseWriter, r *http.Request) {
    209. 

  209. 	w.Header().Set("Content-Type", "application/json")
    210. 

  210. 

  211. 	var admin models.User
    212. 

  212. 

  213. 	err := json.NewDecoder(r.Body).Decode(&admin)
    214. 

  214. 	if err != nil {
    215. 

  215. 

  216. 		logger.Log(0, admin.UserName, "error decoding request body: ",
    217. 

  217. 			err.Error())
    218. 

  218. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    219. 

  219. 		return
    220. 

  220. 	}
    221. 

  221. 

  222. 	if !servercfg.IsBasicAuthEnabled() {
    223. 

  223. 		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("basic auth is disabled"), "badrequest"))
    224. 

  224. 		return
    225. 

  225. 	}
    226. 

  226. 

  227. 	err = logic.CreateAdmin(&admin)
    228. 

  228. 	if err != nil {
    229. 

  229. 		logger.Log(0, admin.UserName, "failed to create admin: ",
    230. 

  230. 			err.Error())
    231. 

  231. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    232. 

  232. 		return
    233. 

  233. 	}
    234. 

  234. 

  235. 	logger.Log(1, admin.UserName, "was made a new admin")
    236. 

  236. 	json.NewEncoder(w).Encode(logic.ToReturnUser(admin))
    237. 

  237. }
    238. 

  238. 

  239. // swagger:route POST /api/users/{username} user createUser
    240. 

  240. //
    241. 

  241. // Create a user.
    242. 

  242. //
    243. 

  243. //			Schemes: https
    244. 

  244. //
    245. 

  245. //			Security:
    246. 

  246. //	  		oauth
    247. 

  247. //
    248. 

  248. //			Responses:
    249. 

  249. //				200: userBodyResponse
    250. 

  250. func createUser(w http.ResponseWriter, r *http.Request) {
    251. 

  251. 	w.Header().Set("Content-Type", "application/json")
    252. 

  252. 

  253. 	var user models.User
    254. 

  254. 	err := json.NewDecoder(r.Body).Decode(&user)
    255. 

  255. 	if err != nil {
    256. 

  256. 		logger.Log(0, user.UserName, "error decoding request body: ",
    257. 

  257. 			err.Error())
    258. 

  258. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    259. 

  259. 		return
    260. 

  260. 	}
    261. 

  261. 

  262. 	err = logic.CreateUser(&user)
    263. 

  263. 	if err != nil {
    264. 

  264. 		logger.Log(0, user.UserName, "error creating new user: ",
    265. 

  265. 			err.Error())
    266. 

  266. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    267. 

  267. 		return
    268. 

  268. 	}
    269. 

  269. 	logger.Log(1, user.UserName, "was created")
    270. 

  270. 	json.NewEncoder(w).Encode(logic.ToReturnUser(user))
    271. 

  271. }
    272. 

  272. 

  273. // swagger:route PUT /api/users/networks/{username} user updateUserNetworks
    274. 

  274. //
    275. 

  275. // Updates the networks of the given user.
    276. 

  276. //
    277. 

  277. //			Schemes: https
    278. 

  278. //
    279. 

  279. //			Security:
    280. 

  280. //	  		oauth
    281. 

  281. //
    282. 

  282. //			Responses:
    283. 

  283. //				200: userBodyResponse
    284. 

  284. func updateUserNetworks(w http.ResponseWriter, r *http.Request) {
    285. 

  285. 	w.Header().Set("Content-Type", "application/json")
    286. 

  286. 	var params = mux.Vars(r)
    287. 

  287. 	// start here
    288. 

  288. 	username := params["username"]
    289. 

  289. 	user, err := logic.GetUser(username)
    290. 

  290. 	if err != nil {
    291. 

  291. 		logger.Log(0, username,
    292. 

  292. 			"failed to update user networks: ", err.Error())
    293. 

  293. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    294. 

  294. 		return
    295. 

  295. 	}
    296. 

  296. 	userChange := &models.User{}
    297. 

  297. 	// we decode our body request params
    298. 

  298. 	err = json.NewDecoder(r.Body).Decode(userChange)
    299. 

  299. 	if err != nil {
    300. 

  300. 		logger.Log(0, username, "error decoding request body: ",
    301. 

  301. 			err.Error())
    302. 

  302. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    303. 

  303. 		return
    304. 

  304. 	}
    305. 

  305. 	err = logic.UpdateUserNetworks(userChange.Networks, userChange.Groups, userChange.IsAdmin, &models.ReturnUser{
    306. 

  306. 		Groups:   user.Groups,
    307. 

  307. 		IsAdmin:  user.IsAdmin,
    308. 

  308. 		Networks: user.Networks,
    309. 

  309. 		UserName: user.UserName,
    310. 

  310. 	})
    311. 

  311. 

  312. 	if err != nil {
    313. 

  313. 		logger.Log(0, username,
    314. 

  314. 			"failed to update user networks: ", err.Error())
    315. 

  315. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    316. 

  316. 		return
    317. 

  317. 	}
    318. 

  318. 	logger.Log(1, username, "status was updated")
    319. 

  319. 	// re-read and return the new user struct
    320. 

  320. 	returnUser, err := logic.GetReturnUser(username)
    321. 

  321. 	if err != nil {
    322. 

  322. 		logger.Log(0, username, "failed to fetch user: ", err.Error())
    323. 

  323. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    324. 

  324. 		return
    325. 

  325. 	}
    326. 

  326. 	json.NewEncoder(w).Encode(returnUser)
    327. 

  327. }
    328. 

  328. 

  329. // swagger:route PUT /api/users/{username} user updateUser
    330. 

  330. //
    331. 

  331. // Update a user.
    332. 

  332. //
    333. 

  333. //			Schemes: https
    334. 

  334. //
    335. 

  335. //			Security:
    336. 

  336. //	  		oauth
    337. 

  337. //
    338. 

  338. //			Responses:
    339. 

  339. //				200: userBodyResponse
    340. 

  340. func updateUser(w http.ResponseWriter, r *http.Request) {
    341. 

  341. 	w.Header().Set("Content-Type", "application/json")
    342. 

  342. 	var params = mux.Vars(r)
    343. 

  343. 	// start here
    344. 

  344. 	jwtUser, _, isadmin, err := verifyJWT(r.Header.Get("Authorization"))
    345. 

  345. 	if err != nil {
    346. 

  346. 		logger.Log(0, "verifyJWT error", err.Error())
    347. 

  347. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    348. 

  348. 		return
    349. 

  349. 	}
    350. 

  350. 	username := params["username"]
    351. 

  351. 	if username != jwtUser && !isadmin {
    352. 

  352. 		logger.Log(0, "non-admin user", jwtUser, "attempted to update user", username)
    353. 

  353. 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not authorizied"), "unauthorized"))
    354. 

  354. 		return
    355. 

  355. 	}
    356. 

  356. 	user, err := logic.GetUser(username)
    357. 

  357. 	if err != nil {
    358. 

  358. 		logger.Log(0, username,
    359. 

  359. 			"failed to update user info: ", err.Error())
    360. 

  360. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    361. 

  361. 		return
    362. 

  362. 	}
    363. 

  363. 	if auth.IsOauthUser(user) == nil {
    364. 

  364. 		err := fmt.Errorf("cannot update user info for oauth user %s", username)
    365. 

  365. 		logger.Log(0, err.Error())
    366. 

  366. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
    367. 

  367. 		return
    368. 

  368. 	}
    369. 

  369. 	var userchange models.User
    370. 

  370. 	// we decode our body request params
    371. 

  371. 	err = json.NewDecoder(r.Body).Decode(&userchange)
    372. 

  372. 	if err != nil {
    373. 

  373. 		logger.Log(0, username, "error decoding request body: ",
    374. 

  374. 			err.Error())
    375. 

  375. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    376. 

  376. 		return
    377. 

  377. 	}
    378. 

  378. 	if userchange.IsAdmin && !isadmin {
    379. 

  379. 		logger.Log(0, "non-admin user", jwtUser, "attempted get admin privilages")
    380. 

  380. 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not authorizied"), "unauthorized"))
    381. 

  381. 		return
    382. 

  382. 	}
    383. 

  383. 	userchange.Networks = nil
    384. 

  384. 	user, err = logic.UpdateUser(&userchange, user)
    385. 

  385. 	if err != nil {
    386. 

  386. 		logger.Log(0, username,
    387. 

  387. 			"failed to update user info: ", err.Error())
    388. 

  388. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    389. 

  389. 		return
    390. 

  390. 	}
    391. 

  391. 	logger.Log(1, username, "was updated")
    392. 

  392. 	json.NewEncoder(w).Encode(logic.ToReturnUser(*user))
    393. 

  393. }
    394. 

  394. 

  395. // swagger:route PUT /api/users/{username}/adm user updateUserAdm
    396. 

  396. //
    397. 

  397. // Updates the given admin user's info (as long as the user is an admin).
    398. 

  398. //
    399. 

  399. //			Schemes: https
    400. 

  400. //
    401. 

  401. //			Security:
    402. 

  402. //	  		oauth
    403. 

  403. //
    404. 

  404. //			Responses:
    405. 

  405. //				200: userBodyResponse
    406. 

  406. func updateUserAdm(w http.ResponseWriter, r *http.Request) {
    407. 

  407. 	w.Header().Set("Content-Type", "application/json")
    408. 

  408. 	var params = mux.Vars(r)
    409. 

  409. 	// start here
    410. 

  410. 	username := params["username"]
    411. 

  411. 	user, err := logic.GetUser(username)
    412. 

  412. 	if err != nil {
    413. 

  413. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    414. 

  414. 		return
    415. 

  415. 	}
    416. 

  416. 	if auth.IsOauthUser(user) == nil {
    417. 

  417. 		err := fmt.Errorf("cannot update user info for oauth user %s", username)
    418. 

  418. 		logger.Log(0, err.Error())
    419. 

  419. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
    420. 

  420. 		return
    421. 

  421. 	}
    422. 

  422. 	var userchange models.User
    423. 

  423. 	// we decode our body request params
    424. 

  424. 	err = json.NewDecoder(r.Body).Decode(&userchange)
    425. 

  425. 	if err != nil {
    426. 

  426. 		logger.Log(0, username, "error decoding request body: ",
    427. 

  427. 			err.Error())
    428. 

  428. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    429. 

  429. 		return
    430. 

  430. 	}
    431. 

  431. 	if !user.IsAdmin {
    432. 

  432. 		logger.Log(0, username, "not an admin user")
    433. 

  433. 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not a admin user"), "badrequest"))
    434. 

  434. 	}
    435. 

  435. 	user, err = logic.UpdateUser(&userchange, user)
    436. 

  436. 	if err != nil {
    437. 

  437. 		logger.Log(0, username,
    438. 

  438. 			"failed to update user (admin) info: ", err.Error())
    439. 

  439. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    440. 

  440. 		return
    441. 

  441. 	}
    442. 

  442. 	logger.Log(1, username, "was updated (admin)")
    443. 

  443. 	json.NewEncoder(w).Encode(logic.ToReturnUser(*user))
    444. 

  444. }
    445. 

  445. 

  446. // swagger:route DELETE /api/users/{username} user deleteUser
    447. 

  447. //
    448. 

  448. // Delete a user.
    449. 

  449. //
    450. 

  450. //			Schemes: https
    451. 

  451. //
    452. 

  452. //			Security:
    453. 

  453. //	  		oauth
    454. 

  454. //
    455. 

  455. //			Responses:
    456. 

  456. //				200: userBodyResponse
    457. 

  457. func deleteUser(w http.ResponseWriter, r *http.Request) {
    458. 

  458. 	// Set header
    459. 

  459. 	w.Header().Set("Content-Type", "application/json")
    460. 

  460. 

  461. 	// get params
    462. 

  462. 	var params = mux.Vars(r)
    463. 

  463. 

  464. 	username := params["username"]
    465. 

  465. 

  466. 	success, err := logic.DeleteUser(username)
    467. 

  467. 	if err != nil {
    468. 

  468. 		logger.Log(0, username,
    469. 

  469. 			"failed to delete user: ", err.Error())
    470. 

  470. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
    471. 

  471. 		return
    472. 

  472. 	} else if !success {
    473. 

  473. 		err := errors.New("delete unsuccessful")
    474. 

  474. 		logger.Log(0, username, err.Error())
    475. 

  475. 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
    476. 

  476. 		return
    477. 

  477. 	}
    478. 

  478. 

  479. 	logger.Log(1, username, "was deleted")
    480. 

  480. 	json.NewEncoder(w).Encode(params["username"] + " deleted.")
    481. 

  481. }
    482. 

  482. 

  483. // Called when vpn client dials in to start the auth flow and first stage is to get register URL itself
    484. 

  484. func socketHandler(w http.ResponseWriter, r *http.Request) {
    485. 

  485. 	// Upgrade our raw HTTP connection to a websocket based one
    486. 

  486. 	conn, err := upgrader.Upgrade(w, r, nil)
    487. 

  487. 	if err != nil {
    488. 

  488. 		logger.Log(0, "error during connection upgrade for node sign-in:", err.Error())
    489. 

  489. 		return
    490. 

  490. 	}
    491. 

  491. 	if conn == nil {
    492. 

  492. 		logger.Log(0, "failed to establish web-socket connection during node sign-in")
    493. 

  493. 		return
    494. 

  494. 	}
    495. 

  495. 	// Start handling the session
    496. 

  496. 	go auth.SessionHandler(conn)
    497. 

  497. }
    498. 

  498. 

  499. // getHeaderNetworks returns a slice of networks parsed form the request header.
    500. 

  500. func getHeaderNetworks(r *http.Request) ([]string, error) {
    501. 

  501. 	headerNetworks := r.Header.Get("networks")
    502. 

  502. 	networksSlice := []string{}
    503. 

  503. 	err := json.Unmarshal([]byte(headerNetworks), &networksSlice)
    504. 

  504. 	if err != nil {
    505. 

  505. 		return nil, err
    506. 

  506. 	}
    507. 

  507. 	return networksSlice, nil
    508. 

  508. }
    509.