Fix cookie credentials bug, add prod mode

5 years ago · 5ff79cbec3
parent e97dc51f8d
commit 5ff79cbec3
8 changed files with 50 additions and 19 deletions
--- a/api/handlers.go
+++ b/api/handlers.go
@ -57,6 +57,7 @@ func sessionHandler(c *gin.Context) {
 	return
 }

+// Was used by ln-charge
 func invoiceCbHandler(c *gin.Context) {
 	invoice := ln.Invoice{}

@ -101,3 +102,21 @@ func invoiceCbHandler(c *gin.Context) {

 	return
 }
+
+func downHandler(c *gin.Context) {
+	sess := sessions.Default(c)
+
+	test := sess.Get("test")
+	log.Printf("%#v", test)
+	if test != nil {
+		sess.Clear()
+		sess.Save()
+		c.String(http.StatusOK, "I remember you")
+	} else {
+		sess.Set("test", 1)
+		sess.Save()
+		c.String(http.StatusOK, "i dont remember you")
+	}
+
+	return
+}
--- a/api/routes.go
+++ b/api/routes.go
@ -20,9 +20,9 @@ type API struct {
 func (api *API) Run() {

 	// Get last session if it exists
-	api.router.GET("/api/session", sessionHandler)
+	api.router.GET("/a/session", sessionHandler)

-	uploadRoute := api.router.Group("/api/upload")
+	uploadRoute := api.router.Group("/a/u")
 	{
 		uploadRoute.POST("", UploadCtrl.New)
 		uploadRoute.PUT(":id", UploadCtrl.Upload)
@ -31,6 +31,12 @@ func (api *API) Run() {
 		uploadRoute.GET("/poll/:id", UploadCtrl.PollStatus)
 	}

+	// Download route
+	downRoute := api.router.Group("/a/d")
+	{
+		downRoute.GET("t", downHandler)
+	}
+
 	// Websocket server
 	//api.router.GET("/ws", ws.Serve)

@ -51,7 +57,7 @@ func NewAPI() *API {
 		panic(err)
 	}

-	router.Use(sessions.Sessions("bit4sat-session", sessionStore))
+	router.Use(sessions.Sessions("bit4sat", sessionStore))

 	//
 	//
--- a/btc/price.go
+++ b/btc/price.go
@ -42,15 +42,18 @@ func getRate(currency string) (float64, error) {

 	// TODO: remove on prod and use normal client
 	// Used for connectivity problems
-	proxyUrl, err := url.Parse(config.HttpProxy)
-	if err != nil {
-		log.Fatal(err)
-	}
+	client := &http.Client{}
+	if config.Env == "dev" {

-	client := &http.Client{
-		Transport: &http.Transport{
+		proxyUrl, err := url.Parse(config.HttpProxy)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		client.Transport = &http.Transport{
 			Proxy: http.ProxyURL(proxyUrl),
-		},
+		}
+
 	}

 	resp, err := client.Get(reqUri)
--- a/config/vars.go
+++ b/config/vars.go
@ -13,6 +13,7 @@ const (
 )

 var (
+	Env,
 	StoragePath,
 	ApiPort,
 	ApiInterface,
@ -66,6 +67,7 @@ func init() {
 	flag.StringVar(&HttpProxy, "http-proxy", "", "http proxy for clients")

 	flag.StringVar(&ShortIdSalt, "short-id-salt", "bit4sat-23591", "hashid salt")
+	flag.StringVar(&Env, "env", "dev", "dev or prod")

 	//log.Printf("locking macaroon to ip %s", LockMacaroonIp)

--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -31,6 +31,7 @@ services:
            - SESSION_SECRET=Ai7fCy36UE5cb9wcmdAxxRXwYyQDsDMr6rYocA6Eava7pdiB29EusLbb9sTYWS1e
            - GRPC_SSL_CIPHER_SUITES="HIGH+ECDSA"
            - SHORT_ID_SALT=Czp6NtlGpt0ebzG1DuUND1nMftLUR77c
+            - ENV=dev

              # Used in case of ssl problems
            - HTTP_PROXY=http://tinyproxy:8888
--- a/web/Caddyfile
+++ b/web/Caddyfile
@ -10,9 +10,9 @@ header / {
 }


-proxy /d localhost:8880 

-proxy /api localhost:8880 {
+## API
+proxy /a localhost:8880 {
    transparent
 }

--- a/web/src/Upload.vue
+++ b/web/src/Upload.vue
@ -1,5 +1,5 @@
 <template>
-    <div @dragenter.stop.prevent @dragover.stop.prevent @drop.stop.prevent="drop" id="upload" class="flex flex-column ph4 pv4 ba b--dashed bw2 b--orange br4 bg-near-white mid-gray">
+    <div @dragenter.stop.prevent @dragover.stop.prevent @drop.stop.prevent="drop" id="upload" class="flex flex-column ph4 pv4 ba bw1 b--light-red br1 bg-near-white mid-gray">

        <div class="title f6 b lh-title ttu tc">drop files here</div>

--- a/web/src/api.js
+++ b/web/src/api.js
@ -5,10 +5,10 @@ import 'babel-polyfill';

 const endPoints = {

-    upload: '/api/upload',
-    session: '/api/session',
-    pollstatus: '/api/upload/poll',
-    checkstatus: '/api/upload/check'
+    upload: '/a/u',
+    session: '/a/session',
+    pollstatus: '/a/u/poll',
+    checkstatus: '/a/u/check'

 }

@ -35,7 +35,7 @@ export async function checkUploadStatus(uploadId){
    
        let req = new Request(endPoints.checkstatus + '/' + uploadId,{
            method: 'GET',
-            credentials: 'same-origin,'
+            credentials: 'same-origin'
        })

        let res = await fetch(req)
@ -56,7 +56,7 @@ export async function pollUploadStatus(uploadId){

        let req = new Request(endPoints.pollstatus + '/' + uploadId,{
            method: 'GET',
-            credentials: 'same-origin,'
+            credentials: 'same-origin'
        })

        let res = await fetch(req)