new package dbHandler accesscontrol memeberdb and login with rights

backend/main.go

@@ -3,7 +3,6 @@ package main
 import (
 	"backend/models"
 	"backend/server"
-	"backend/user"
 	"backend/utils"
 	"flag"
 	"fmt"
@@ -14,9 +13,10 @@ import (
 	"strings"
 	"time"
 
+	AccessHandler "gitea.tecamino.com/paadi/access-handler"
+	dbApi "gitea.tecamino.com/paadi/memberDB/api"
 	"gitea.tecamino.com/paadi/tecamino-dbm/cert"
 
-	dbApi "gitea.tecamino.com/paadi/memberDB/api"
 	"gitea.tecamino.com/paadi/tecamino-logger/logging"
 	"github.com/gin-contrib/cors"
 	"github.com/gin-gonic/gin"
@@ -59,14 +59,14 @@ func main() {
 		TerminalOut: true,
 	})
 	if err != nil {
-		logger.Error("main new logger", err.Error())
+		logger.Error("main new logger", err)
 		panic(err)
 	}
 
 	//new login manager
-	userManager, err := user.NewUserManager(".")
+	accessHandler, err := AccessHandler.NewAccessHandler(".", logger)
 	if err != nil {
-		logger.Error("main login manager", err.Error())
+		logger.Error("main login manager", err)
 		panic(err)
 	}
 
@@ -74,7 +74,11 @@ func main() {
 	s := server.NewServer()
 
 	// initiate Database handler
-	dbHandler := dbApi.NewAPIHandler()
+	dbHandler, err := dbApi.NewAPIHandler(logger)
+	if err != nil {
+		logger.Error("main login manager", err)
+		panic(err)
+	}
 
 	//get local ip
 	httpString := "http://"
@@ -82,17 +86,18 @@ func main() {
 		httpString = "https://"
 
 	}
-	allowOrigins = append(allowOrigins, httpString+"localhost:9000", httpString+"localhost:9500", httpString+"127.0.0.1:9500")
+	allowOrigins = append(allowOrigins, httpString+"localhost:9000", httpString+"localhost:9500", httpString+"127.0.0.1:9500", httpString+"0.0.0.0:9500")
 
 	localIP, err := utils.GetLocalIP()
 	if err != nil {
-		logger.Error("main", fmt.Sprintf("get local ip : %s", err.Error()))
+		logger.Error("main", fmt.Sprintf("get local ip : %s", err))
 	} else {
 		allowOrigins = append(allowOrigins, fmt.Sprintf("%s%s:9000", httpString, localIP), fmt.Sprintf("%s%s:9500", httpString, localIP))
 	}
 
 	s.Routes.Use(cors.New(cors.Config{
-		AllowOrigins:     allowOrigins,
+		AllowOrigins: allowOrigins,
+		//AllowOrigins:     []string{"*"},
 		AllowMethods:     []string{"POST", "GET", "DELETE", "OPTIONS"},
 		AllowHeaders:     []string{"Origin", "Content-Type"},
 		ExposeHeaders:    []string{"Content-Length"},
@@ -100,21 +105,25 @@ func main() {
 		MaxAge:           12 * time.Hour,
 	}))
 
+	//set logger for AuthMiddleware
+	accessHandler.SetMiddlewareLogger(s.Routes)
 	api := s.Routes.Group("/api")
 	//set routes
 
 	//public
-	api.GET("/logout", userManager.Logout)
-	api.GET("/login/me", userManager.Me)
+	api.GET("/logout", accessHandler.Logout)
+	api.GET("/login/me", accessHandler.Me)
 
-	api.POST("/login", userManager.Login)
+	api.POST("/login", accessHandler.Login)
 
 	//private
-	auth := api.Group("/secure", user.AuthMiddleware())
+	auth := api.Group("", accessHandler.AuthMiddleware())
 
-	auth.GET("/users", userManager.GetUserById)
-	auth.GET("/members", dbHandler.GetMemberById)
-	auth.GET("/roles", userManager.GetRoleById)
+	role := auth.Group("", accessHandler.AuthorizeRole("/api"))
+	role.GET("/members", dbHandler.GetMember)
+
+	auth.GET("/users", accessHandler.GetUser)
+	auth.GET("/roles", accessHandler.GetRole)
 
 	auth.POST("database/open", dbHandler.OpenDatabase)
 	auth.POST("/members/add", dbHandler.AddNewMember)
@@ -122,23 +131,22 @@ func main() {
 	auth.POST("/members/delete", dbHandler.DeleteMember)
 	auth.POST("/members/import/csv", dbHandler.ImportCSV)
 
-	auth.POST("/settings/update", userManager.UpdateSettings)
+	auth.POST("/roles/add", accessHandler.AddRole)
+	auth.POST("/roles/update", accessHandler.UpdateRole)
+	auth.POST("/roles/delete", accessHandler.DeleteRole)
 
-	auth.POST("/roles/add", userManager.AddRole)
-	auth.POST("/roles/update", userManager.UpdateRole)
-	auth.POST("/roles/delete", userManager.DeleteRole)
+	auth.POST("/users/add", accessHandler.AddUser)
+	auth.POST("/users/update", accessHandler.UpdateUser)
+	auth.POST("/users/delete", accessHandler.DeleteUser)
 
-	auth.POST("/users/add", userManager.AddUser)
-	auth.POST("/users/delete", userManager.DeleteUser)
-
-	auth.POST("/login/refresh", userManager.Refresh)
+	api.POST("/login/refresh", accessHandler.Refresh)
 
 	// Serve static files
 	s.Routes.StaticFS("/assets", gin.Dir(filepath.Join(*spa, "assets"), true))
 	s.Routes.NoRoute(func(c *gin.Context) {
 		// Disallow fallback for /api paths
 		if strings.HasPrefix(c.Request.URL.Path, "/api") {
-			c.JSON(http.StatusNotFound, models.NewJsonErrorMessageResponse("API endpoint not found"))
+			c.JSON(http.StatusNotFound, models.NewJsonMessageResponse("API endpoint not found"))
 			return
 		}
 		// Try to serve file from SPA directory
@@ -155,7 +163,7 @@ func main() {
 	go func() {
 		time.Sleep(500 * time.Millisecond)
 		if err := utils.OpenBrowser(fmt.Sprintf("%slocalhost:%d", httpString, *port), logger); err != nil {
-			logger.Error("main", fmt.Sprintf("starting browser error : %s", err.Error()))
+			logger.Error("main", fmt.Sprintf("starting browser error : %s", err))
 		}
 	}()