add jwt token validation
This commit is contained in:
behrooz
Binary file not shown.
2
db/db.go
2
db/db.go
@@ -14,7 +14,7 @@ var (
|
||||
)
|
||||
|
||||
func InitDB() {
|
||||
clientOptions := options.Client().ApplyURI("mongodb://root:example@192.168.2.177:27017/")
|
||||
clientOptions := options.Client().ApplyURI("mongodb://root:example@localhost:27017/")
|
||||
client, err := mongo.Connect(context.TODO(), clientOptions)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
|
||||
6
go.mod
6
go.mod
@@ -8,7 +8,10 @@ require (
|
||||
github.com/gorilla/mux v1.7.3
|
||||
github.com/rs/cors v1.11.0
|
||||
golang.org/x/crypto v0.32.0
|
||||
k8s.io/api v0.31.0
|
||||
k8s.io/apimachinery v0.31.0
|
||||
k8s.io/client-go v0.31.0
|
||||
k8s.io/kubectl v0.31.2
|
||||
)
|
||||
|
||||
require (
|
||||
@@ -86,13 +89,10 @@ require (
|
||||
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
|
||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
k8s.io/api v0.31.0 // indirect
|
||||
k8s.io/apiextensions-apiserver v0.31.2 // indirect
|
||||
k8s.io/apiserver v0.31.0 // indirect
|
||||
k8s.io/client-go v0.31.0 // indirect
|
||||
k8s.io/klog/v2 v2.130.1 // indirect
|
||||
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
|
||||
k8s.io/kubectl v0.31.2 // indirect
|
||||
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
|
||||
oras.land/oras-go/v2 v2.5.0 // indirect
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.4.4-0.20241211184406-7bf59b3d70ee // indirect
|
||||
|
||||
@@ -16,6 +16,7 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v4"
|
||||
appsv1 "k8s.io/api/apps/v1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
"k8s.io/kubectl/pkg/scheme"
|
||||
@@ -31,6 +32,13 @@ import (
|
||||
"k8s.io/client-go/tools/remotecommand"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
ID string `json:"id,omitempty"`
|
||||
Username string `json:"username"`
|
||||
Email string `json:"email"`
|
||||
Password string `json:"password,omitempty"`
|
||||
}
|
||||
|
||||
type Cluster struct {
|
||||
ID primitive.ObjectID `bson:"_id,omitempty"`
|
||||
Name string `json:"name"`
|
||||
@@ -175,14 +183,27 @@ func human(d time.Duration) string {
|
||||
return fmt.Sprintf("%ds", secs)
|
||||
}
|
||||
|
||||
var jwtKey = []byte("mysecret123")
|
||||
|
||||
func DecodeJwt(tokenString *string, user *User) {
|
||||
claims := jwt.MapClaims{}
|
||||
_, err := jwt.ParseWithClaims(*tokenString, claims, func(token *jwt.Token) (interface{}, error) {
|
||||
return []byte(jwtKey), nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return
|
||||
}
|
||||
|
||||
user.Username = claims["username"].(string)
|
||||
}
|
||||
|
||||
func CreateClusterHandler(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
var cluster Cluster
|
||||
_ = json.NewDecoder(r.Body).Decode(&cluster)
|
||||
|
||||
var header Header
|
||||
header.Authorization = r.Header.Get("Authorization")
|
||||
|
||||
// vclusterCollection := db.Vclusters_details.FindOne(context.TODO(), bson.M{"name": Cluster.Name}).Decode(&existsCluster)
|
||||
|
||||
if cluster.Name == "" || cluster.ControlPlane == "" || cluster.PlatformVersion == "" || cluster.Cpu == "" || cluster.Memory == "" {
|
||||
@@ -268,6 +289,18 @@ func getClientset(w http.ResponseWriter, clustername string) (*kubernetes.Client
|
||||
|
||||
func ListUserClusters(w http.ResponseWriter, r *http.Request) {
|
||||
// var cluster Cluster
|
||||
|
||||
var header Header
|
||||
var user User
|
||||
header.Authorization = r.Header.Get("Authorization")
|
||||
DecodeJwt(&header.Authorization, &user)
|
||||
|
||||
count, err := db.UserCollection.CountDocuments(context.TODO(), bson.M{"username": user.Username})
|
||||
if err != nil || count <= 0 {
|
||||
http.Error(w, `{"message": "Invalid username "}`, http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
_, clusterList := argohandler.ListUserClusters("userid")
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
|
||||
Reference in New Issue
Block a user