2019-05-15 19:25:51 +02:00

117 lines
3.4 KiB

package router
import (
mw "github.com/zom-bi/ovpn-certman/middleware"
var (
// TODO: make this configurable
csrfCookieName = "csrf"
csrfFieldName = "csrf_token"
csrfKey = securecookie.GenerateRandomKey(32)
func HandleRoutes(provider *services.Provider) http.Handler {
mux := chi.NewMux()
mux.Use(middleware.Logger) // log requests
mux.Use(middleware.RealIP) // use proxy headers
mux.Use(middleware.RedirectSlashes) // redirect trailing slashes
mux.Use(mw.Recoverer) // recover on panic
mux.Use(provider.Sessions.LoadAndSave) // use session storage
// TODO: move this code away from here
oauth2Config := &oauth2.Config{
ClientID: os.Getenv("OAUTH2_CLIENT_ID"),
ClientSecret: os.Getenv("OAUTH2_CLIENT_SECRET"),
Scopes: []string{"read_user"},
RedirectURL: os.Getenv("OAUTH2_REDIRECT_URL"),
Endpoint: oauth2.Endpoint{
AuthURL: os.Getenv("OAUTH2_AUTH_URL"),
TokenURL: os.Getenv("OAUTH2_TOKEN_URL"),
// we are serving the static files directly from the assets package
// this either means we use the embedded files, or live-load
// from the file system (if `--tags="dev"` is used).
fileServer(mux, "/static", assets.Assets)
mux.Route("/", func(r chi.Router) {
if os.Getenv("ENVIRONMENT") != "test" {
r.HandleFunc("/", http.RedirectHandler("certs", http.StatusFound).ServeHTTP)
r.Route("/login", func(r chi.Router) {
r.Get("/", handlers.GetLoginHandler(provider, oauth2Config))
r.Get("/oauth2/redirect", handlers.OAuth2Endpoint(provider, oauth2Config))
r.Route("/certs", func(r chi.Router) {
r.Get("/", handlers.ListClientsHandler(provider))
r.Post("/new", handlers.CreateCertHandler(provider))
r.HandleFunc("/download/{name}", handlers.DownloadCertHandler(provider))
r.Post("/delete/{name}", handlers.DeleteCertHandler(provider))
r.Get("/unconfigured-backend", handlers.NotFoundHandler)
// what should happen if no route matches
return mux
// v is a helper function for quickly displaying a view
func v(template string) http.HandlerFunc {
return func(w http.ResponseWriter, req *http.Request) {
view := views.New(req)
view.Render(w, template)
// fileServer sets up a http.FileServer handler to serve
// static files from a http.FileSystem.
func fileServer(r chi.Router, path string, root http.FileSystem) {
if strings.ContainsAny(path, "{}*") {
panic("FileServer does not permit URL parameters.")
//fs := http.StripPrefix(path, http.FileServer(root))
fs := http.FileServer(root)
if path != "/" && path[len(path)-1] != '/' {
r.Get(path, http.RedirectHandler(path+"/", 301).ServeHTTP)
path += "/"
path += "*"
r.Get(path, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fs.ServeHTTP(w, r)