registerHandlers registers HTTP handlers.
(e *echo.Echo, a *App)
| 31 | |
| 32 | // registerHandlers registers HTTP handlers. |
| 33 | func initHTTPHandlers(e *echo.Echo, a *App) { |
| 34 | // Default error handler. |
| 35 | e.HTTPErrorHandler = func(err error, c echo.Context) { |
| 36 | // Generic, non-echo error. Log it. |
| 37 | if _, ok := err.(*echo.HTTPError); !ok { |
| 38 | a.log.Println(err.Error()) |
| 39 | } |
| 40 | e.DefaultHTTPErrorHandler(err, c) |
| 41 | } |
| 42 | |
| 43 | // Configure CORS middleware if domains are configured. |
| 44 | if corsOrigins := trustedURLsToCORSOrigins(a.cfg.Security.TrustedURLs); len(corsOrigins) > 0 { |
| 45 | e.Use(middleware.CORSWithConfig(middleware.CORSConfig{ |
| 46 | AllowOrigins: corsOrigins, |
| 47 | AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept}, |
| 48 | })) |
| 49 | } |
| 50 | |
| 51 | // ================================================================= |
| 52 | // Authenticated non /api handlers. |
| 53 | { |
| 54 | // Attach a middleware to the group that checks for auth. |
| 55 | g := e.Group("", a.auth.Middleware, func(next echo.HandlerFunc) echo.HandlerFunc { |
| 56 | return func(c echo.Context) error { |
| 57 | u := c.Get(auth.UserHTTPCtxKey) |
| 58 | |
| 59 | // On no-auth, redirect to login page |
| 60 | if _, ok := u.(*echo.HTTPError); ok { |
| 61 | u, _ := url.Parse(a.urlCfg.LoginURL) |
| 62 | q := url.Values{} |
| 63 | q.Set("next", c.Request().RequestURI) |
| 64 | u.RawQuery = q.Encode() |
| 65 | return c.Redirect(http.StatusTemporaryRedirect, u.String()) |
| 66 | } |
| 67 | |
| 68 | return next(c) |
| 69 | } |
| 70 | }) |
| 71 | |
| 72 | // Authenticated endpoints. |
| 73 | g.GET(path.Join(uriAdmin, ""), a.AdminPage) |
| 74 | g.GET(path.Join(uriAdmin, "/custom.css"), serveCustomAppearance("admin.custom_css")) |
| 75 | g.GET(path.Join(uriAdmin, "/custom.js"), serveCustomAppearance("admin.custom_js")) |
| 76 | g.GET(path.Join(uriAdmin, "/*"), a.AdminPage) |
| 77 | } |
| 78 | |
| 79 | // ================================================================= |
| 80 | // Authenticated /api/* handlers. |
| 81 | { |
| 82 | var ( |
| 83 | // Permission check middleware. |
| 84 | pm = a.auth.Perm |
| 85 | |
| 86 | // Attach a middleware to the group that checks for auth. |
| 87 | g = e.Group("", a.auth.Middleware, func(next echo.HandlerFunc) echo.HandlerFunc { |
| 88 | return func(c echo.Context) error { |
| 89 | u := c.Get(auth.UserHTTPCtxKey) |
| 90 |
no test coverage detected