Created
July 1, 2016 02:41
-
-
Save natdm/2f5cc9b29b9896bba5f5e6697fd182cd to your computer and use it in GitHub Desktop.
Secure Routes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package routes | |
import ( | |
"encoding/base64" | |
. "mobilebid/controllers" | |
"net/http" | |
"os" | |
db "mobilebid/database" | |
env "mobilebid/environment" | |
"github.com/auth0/go-jwt-middleware" | |
"github.com/codegangsta/negroni" | |
jwt "github.com/dgrijalva/jwt-go" | |
"github.com/gorilla/mux" | |
) | |
var jwtMiddle *jwtmiddleware.JWTMiddleware | |
type dbHandler func(db.AppDB) http.HandlerFunc | |
func init() { | |
jwtMiddle = jwtmiddleware.New(jwtmiddleware.Options{ | |
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) { | |
decoded, err := base64.URLEncoding.DecodeString(os.Getenv(env.Auth0ClientSecret)) | |
if err != nil { | |
return nil, err | |
} | |
return decoded, nil | |
}, | |
}) | |
} | |
//attachDB closure takes a db.AppDB interface | |
// Returns a function accepting a dbHandler, which will then return a Negroni handler. | |
func attachDB(DB db.AppDB) func(dbHandler) *negroni.Negroni { | |
return func(handler dbHandler) *negroni.Negroni { | |
return negroni.New( | |
negroni.HandlerFunc(jwtMiddle.HandlerWithNext), | |
negroni.Wrap(http.HandlerFunc(handler(DB))), | |
) | |
} | |
} | |
// SetAuthenticatedRoutes returns the *mux.Router with middleware passed to each route from jwt to authenticate. | |
func SetAuthenticatedRoutes(r *mux.Router, DB db.AppDB) *mux.Router { | |
auth := attachDB(DB) | |
r.Handle("/auth_user", auth(BidLogin)).Methods("POST") | |
r.Handle("/portal/e/{event}", auth(GetEvent)).Methods("GET") //Get event specific GetEventInformation | |
//Get all events for that user ID | |
r.Handle("/portal/events/{user_id}", auth(GetAllEventsForUser)).Methods("GET") | |
r.Handle("/portal/event_types", auth(GetEventTypes)).Methods("GET") //Get all event types | |
r.Handle("/portal/bid_items/{user_id}", auth(GetBidItemsForBidderID)).Methods("GET") //Get all bid items for a user ID | |
r.Handle("/portal/create_event", auth(CreateEventAndImages)).Methods("POST") | |
r.Handle("/portal/item", auth(InsertBidItem)).Methods("POST") //Inserts a single item in to the bid_items database | |
//Inserts a single item in to the bid_items database | |
r.Handle("/portal/insert_retrieve", auth(InsertAndRetrieveBidItems)).Methods("POST") | |
//Retrieves items for an event | |
r.Handle("/event/{event_key}", auth(GetBidItemsForEvent)).Methods("GET") | |
//Retrieves items for an event | |
r.Handle("/items/{event_id}", auth(GetBidItemsForEvent)).Methods("GET") | |
//Retrieves items for an event | |
r.Handle("/portal/archive_item/{event_id}/{user_id}", auth(ArchiveItem)).Methods("GET") | |
r.Handle("/portal/archive_event/{event_id}/{user_id}", auth(ArchiveEvent)).Methods("GET") | |
r.Handle("/findevent", auth(GetEventKey)).Methods("POST") | |
r.Handle("/watch", auth(ChangeWatch)).Methods("POST") | |
r.Handle("/notifications", auth(GetNotifications)).Methods("POST") | |
r.Handle("/notification", auth(UpdateNotification)).Methods("POST") | |
r.Handle("/opt/phone/{user_id}/{opt}", auth(UpdateOptPhone)).Methods("GET") | |
r.Handle("/opt/email/{user_id}/{opt}", auth(UpdateOptEmail)).Methods("GET") | |
r.Handle("/update/phone/{user_id}/{phone}", auth(UpdatePhone)).Methods("GET") | |
r.Handle("/update/email/{user_id}/{email}", auth(UpdateEmail)).Methods("GET") | |
r.Handle("/update/opt_in_notified/{user_id}/{opt}", auth(UpdateOptInNotified)).Methods("GET") | |
r.Handle("/createBillableBidder", auth(CreateBillableBidObject)).Methods("POST") | |
r.Handle("/updateCCWarning/{user_id}", auth(UpdateCCWarning)).Methods("GET") | |
// r.Handle("/charges/{acct}", auth(ChargesFromDest)).Methods("GET") | |
return r | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment