mirror of
https://github.com/Kugelschieber/migo.git
synced 2026-01-18 06:40:29 +00:00
197 lines
4.7 KiB
Go
197 lines
4.7 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"embed"
|
|
"encoding/pem"
|
|
"fmt"
|
|
"github.com/Kugelschieber/migo/api"
|
|
"github.com/Kugelschieber/migo/db"
|
|
"github.com/go-chi/chi/v5"
|
|
"github.com/go-chi/chi/v5/middleware"
|
|
"github.com/go-chi/cors"
|
|
"github.com/go-chi/jwtauth/v5"
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
"os/signal"
|
|
"path/filepath"
|
|
"time"
|
|
)
|
|
|
|
var (
|
|
//go:embed admin/dist/index.html
|
|
index []byte
|
|
|
|
//go:embed admin/dist/favicon.ico
|
|
favicon []byte
|
|
|
|
//go:embed admin/dist/assets
|
|
assets embed.FS
|
|
|
|
jwtAuth *jwtauth.JWTAuth
|
|
)
|
|
|
|
func init() {
|
|
generateRSAKeys()
|
|
|
|
jwtAuth = jwtauth.New("RS256", pubKey, loadRSAPrivateKey())
|
|
_, tokenString, err := jwtAuth.Encode(map[string]interface{}{"test": 42})
|
|
|
|
if err != nil {
|
|
log.Fatalf("test: %v", err)
|
|
}
|
|
|
|
fmt.Println(tokenString)
|
|
}
|
|
|
|
func generateRSAKeys() {
|
|
err := os.Mkdir("secrets", 0755)
|
|
|
|
if os.IsExist(err) {
|
|
return
|
|
} else if err != nil {
|
|
log.Fatalf("Error creating secrets directory: %v", err)
|
|
}
|
|
|
|
filename := "jwt"
|
|
key, err := rsa.GenerateKey(rand.Reader, 4096)
|
|
|
|
if err != nil {
|
|
log.Fatalf("Error generating RSA key: %v", err)
|
|
}
|
|
|
|
pub := key.Public()
|
|
keyPEM := pem.EncodeToMemory(
|
|
&pem.Block{
|
|
Type: "RSA PRIVATE KEY",
|
|
Bytes: x509.MarshalPKCS1PrivateKey(key),
|
|
},
|
|
)
|
|
pubPEM := pem.EncodeToMemory(
|
|
&pem.Block{
|
|
Type: "RSA PUBLIC KEY",
|
|
Bytes: x509.MarshalPKCS1PublicKey(pub.(*rsa.PublicKey)),
|
|
},
|
|
)
|
|
|
|
if err := os.WriteFile("secrets/"+filename+".rsa", keyPEM, 0700); err != nil {
|
|
log.Fatalf("Error writing private RSA key: %v", err)
|
|
}
|
|
|
|
if err := os.WriteFile("secrets/"+filename+".rsa.pub", pubPEM, 0755); err != nil {
|
|
log.Fatalf("Error writing public RSA key: %v", err)
|
|
}
|
|
}
|
|
|
|
func loadRSAPrivateKey(path string) *rsa.PrivateKey {
|
|
data, err := os.ReadFile(path)
|
|
|
|
if err != nil {
|
|
log.Fatalf("Error loading RSA key '%s': %v", path, err)
|
|
}
|
|
|
|
block, _ := pem.Decode(data)
|
|
|
|
if block == nil {
|
|
log.Fatalf("Error decoding RSA key '%s': %v", path, err)
|
|
}
|
|
|
|
key, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
|
|
if err != nil {
|
|
log.Fatalf("Error parsing RSA key '%s': %v", path, err)
|
|
}
|
|
|
|
return key
|
|
}
|
|
|
|
func main() {
|
|
if err := db.Init(); err != nil {
|
|
log.Fatalf("Error initializing database: %v", err)
|
|
}
|
|
|
|
defer db.Close()
|
|
dev := os.Getenv("MIGO_DEV") != ""
|
|
router := chi.NewRouter()
|
|
router.Use(middleware.Recoverer)
|
|
router.Use(middleware.Compress(5))
|
|
router.Use(cors.Handler(cors.Options{
|
|
AllowedOrigins: []string{"https://*", "http://*"},
|
|
AllowedMethods: []string{http.MethodGet, http.MethodPost, http.MethodPut, http.MethodDelete, http.MethodOptions},
|
|
AllowedHeaders: []string{"*"},
|
|
AllowCredentials: true,
|
|
MaxAge: 86400,
|
|
}))
|
|
router.Group(func(r chi.Router) {
|
|
r.Use(jwtauth.Verifier(jwtAuth))
|
|
r.Use(jwtauth.Authenticator)
|
|
r.Route("/api/v1", func(r chi.Router) {
|
|
r.Get("/debug", api.DebugHandler)
|
|
})
|
|
})
|
|
router.Handle("/admin", http.RedirectHandler("/admin/", http.StatusFound))
|
|
router.Route("/admin/", func(r chi.Router) {
|
|
if dev {
|
|
r.Handle("/assets/*", http.StripPrefix("/admin/assets/", http.FileServer(http.Dir("cmd/admin/dist/assets"))))
|
|
r.Get("/favicon.ico", func(w http.ResponseWriter, r *http.Request) {
|
|
http.ServeFile(w, r, "cmd/admin/dist/favicon.ico")
|
|
})
|
|
r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
|
|
http.ServeFile(w, r, "cmd/admin/dist/index.html")
|
|
})
|
|
} else {
|
|
fs := http.FileServer(http.FS(assets))
|
|
r.Handle("/assets/*", http.StripPrefix("/admin/assets/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
r.URL.Path = filepath.Join("admin/dist/assets", r.URL.Path)
|
|
fs.ServeHTTP(w, r)
|
|
})))
|
|
r.Get("/favicon.ico", func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Set("Content-Type", "image/x-icon")
|
|
|
|
if _, err := w.Write(favicon); err != nil {
|
|
w.WriteHeader(http.StatusNotFound)
|
|
}
|
|
})
|
|
r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Set("Content-Type", "text/html")
|
|
|
|
if _, err := w.Write(index); err != nil {
|
|
w.WriteHeader(http.StatusNotFound)
|
|
}
|
|
})
|
|
}
|
|
})
|
|
router.Get("/", func(w http.ResponseWriter, r *http.Request) {
|
|
// TODO
|
|
_, _ = w.Write([]byte("<h1>Hello World!</h1>"))
|
|
})
|
|
server := &http.Server{
|
|
Handler: router,
|
|
Addr: os.Getenv("MIGO_HOST"),
|
|
WriteTimeout: 30 * time.Second,
|
|
ReadTimeout: 30 * time.Second,
|
|
}
|
|
go func() {
|
|
sigint := make(chan os.Signal, 1)
|
|
signal.Notify(sigint, os.Interrupt)
|
|
<-sigint
|
|
log.Println("Shutting down server")
|
|
ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
|
|
|
|
if err := server.Shutdown(ctx); err != nil {
|
|
log.Printf("Error shutting down server gracefully: %v", err)
|
|
}
|
|
|
|
cancel()
|
|
}()
|
|
log.Println("Starting server")
|
|
|
|
if err := server.ListenAndServe(); err != nil {
|
|
log.Fatalf("Error starting server: %v", err)
|
|
}
|
|
}
|