Redo auth flags

2018-07-28 12:01:33 +02:00
parent 99401065a7
commit c02fec809f
6 changed files with 53 additions and 35 deletions
--- a/auth/flags.go
+++ b/auth/flags.go
@@ -0,0 +1,27 @@
+package auth
+
+import (
+	"github.com/namsral/flag"
+	"github.com/pkg/errors"
+)
+
+type (
+	configuration struct {
+		jwtSecret string
+	}
+)
+
+var config configuration
+
+func (c configuration) validate() error {
+	if c.jwtSecret == "" {
+		return errors.New("JWT Secret not set for AUTH")
+	}
+
+	return nil
+}
+
+// Flags should be called from main to register flags
+func Flags() {
+	flag.StringVar(&config.jwtSecret, "auth-jwt-secret", "", "JWT Secret")
+}
--- a/auth/jwt.go
+++ b/auth/jwt.go
@@ -11,10 +11,14 @@ type jwt struct {
 	tokenAuth *jwtauth.JWTAuth
 }

-func JWT(secret []byte) *jwt {
-	jwt := &jwt{tokenAuth: jwtauth.New("HS256", secret, nil)}
+func JWT() (*jwt, error) {
+	if err := config.validate(); err != nil {
+		return nil, err
+	}

-	return jwt
+	jwt := &jwt{tokenAuth: jwtauth.New("HS256", []byte(config.jwtSecret), nil)}
+
+	return jwt, nil
 }

 // Verifies JWT and stores it into context
--- a/cmd/crm/flags.go
+++ b/cmd/crm/flags.go
@@ -3,29 +3,27 @@ package main
 import (
 	_ "github.com/joho/godotenv/autoload"
 	"github.com/namsral/flag"
-
-	"github.com/crusttech/crust/rbac"
-	"os"
 )

 type configuration struct {
-	httpAddr  string
-	dbDSN     string
-	jwtSecret string
+	httpAddr string
+	dbDSN    string
 }

-func flags(prefix string) configuration {
+func flags(prefix string, mountFlags ...func()) configuration {
 	var config configuration

 	p := func(s string) string {
 		return prefix + "-" + s
 	}

-	config.jwtSecret = os.Getenv("JWT_SECRET")
-
 	flag.StringVar(&config.httpAddr, p("http-addr"), ":3000", "Listen address for HTTP server")
 	flag.StringVar(&config.dbDSN, p("db-dsn"), "crust:crust@tcp(db1:3306)/crust?collation=utf8mb4_general_ci", "DSN for database connection")
-	rbac.Flags()
+
+	for _, mount := range mountFlags {
+		mount()
+	}
+
 	flag.Parse()

 	return config
--- a/cmd/crm/main.go
+++ b/cmd/crm/main.go
@@ -11,7 +11,7 @@ import (

 	"github.com/crusttech/crust/auth"
 	"github.com/crusttech/crust/crm/rest"
-	"github.com/labstack/gommon/random"
+	"github.com/crusttech/crust/rbac"
 	"github.com/titpetric/factory"
 )

@@ -25,7 +25,7 @@ func handleError(err error, message string) {
 }

 func main() {
-	config := flags("crm")
+	config := flags("crm", rbac.Flags, auth.Flags)

 	// log to stdout not stderr
 	log.SetOutput(os.Stdout)
@@ -48,14 +48,10 @@ func main() {
 	r := chi.NewRouter()

 	// JWT Auth
-	jwtAuth := auth.JWT([]byte(config.jwtSecret))
+	jwtAuth, err := auth.JWT()
+	handleError(err, "Error creating JWT Auth object")
 	r.Use(jwtAuth.Verifier(), jwtAuth.Authenticator())

-	if len(config.jwtSecret) == 0 {
-		println("Environment variable JWT_SECRET not set! Add next line to your .env file:")
-		println("JWR_SECRET=" + random.String(64, random.Alphabetic))
-	}
-
 	// mount routes
 	MountRoutes(r, routeOptions, rest.MountRoutes(jwtAuth))
 	http.Serve(listener, r)
--- a/cmd/sam/flags.go
+++ b/cmd/sam/flags.go
@@ -3,13 +3,11 @@ package main
 import (
 	_ "github.com/joho/godotenv/autoload"
 	"github.com/namsral/flag"
-	"os"
 )

 type configuration struct {
-	httpAddr  string
-	dbDSN     string
-	jwtSecret string
+	httpAddr string
+	dbDSN    string
 }

 func flags(prefix string, mountFlags ...func()) configuration {
@@ -19,13 +17,13 @@ func flags(prefix string, mountFlags ...func()) configuration {
 		return prefix + "-" + s
 	}

-	config.jwtSecret = os.Getenv("JWT_SECRET")
-
 	flag.StringVar(&config.httpAddr, p("http-addr"), ":3000", "Listen address for HTTP server")
 	flag.StringVar(&config.dbDSN, p("db-dsn"), "crust:crust@tcp(db1:3306)/crust?collation=utf8mb4_general_ci", "DSN for database connection")
+
 	for _, mount := range mountFlags {
 		mount()
 	}
+
 	flag.Parse()
 	return config
 }
--- a/cmd/sam/main.go
+++ b/cmd/sam/main.go
@@ -13,7 +13,6 @@ import (
 	"github.com/crusttech/crust/rbac"
 	"github.com/crusttech/crust/sam/rest"
 	"github.com/crusttech/crust/sam/websocket"
-	"github.com/labstack/gommon/random"
 	"github.com/titpetric/factory"
 )

@@ -27,7 +26,7 @@ func handleError(err error, message string) {
 }

 func main() {
-	config := flags("sam", rbac.Flags, websocket.Flags)
+	config := flags("sam", auth.Flags, rbac.Flags, websocket.Flags)

 	// log to stdout not stderr
 	log.SetOutput(os.Stdout)
@@ -50,14 +49,10 @@ func main() {
 	r := chi.NewRouter()

 	// JWT Auth
-	jwtAuth := auth.JWT([]byte(config.jwtSecret))
+	jwtAuth, err := auth.JWT()
+	handleError(err, "Error creating JWT Auth object")
 	r.Use(jwtAuth.Verifier(), jwtAuth.Authenticator())

-	if len(config.jwtSecret) == 0 {
-		println("Environment variable JWT_SECRET not set! Add next line to your .env file:")
-		println("JWR_SECRET=" + random.String(64, random.Alphabetic))
-	}
-
 	// mount REST & WS routes
 	MountRoutes(r, routeOptions, rest.MountRoutes(jwtAuth), websocket.MountRoutes())