From bb3b43960efe67fd5e9395ccfa57982dc721ef9b Mon Sep 17 00:00:00 2001 From: Vincent <vincent.steinmann@etu.hesge.ch> Date: Thu, 20 Jan 2022 17:50:17 +0100 Subject: [PATCH] Hopefully last modifications --- Dockerfile | 22 +++++++++++++ README.md | 5 ++- docker-compose.yml | 9 +++++- main.go | 78 +++++++++++++++++++++++++++++----------------- 4 files changed, 84 insertions(+), 30 deletions(-) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..56f1a66 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +# syntax=docker/dockerfile:1 + + +# Alpine is chosen for its small footprint +# compared to Ubuntu +FROM golang:1.16-alpine + +WORKDIR /app + +# Download necessary Go modules +COPY go.mod ./ +COPY go.sum ./ +RUN go mod download + +COPY *.go ./ + +RUN go build -o /AppSec + +EXPOSE 8080 + +CMD [ "/AppSec" ] + diff --git a/README.md b/README.md index 4b4a9ed..c3ed5e2 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,10 @@ Dans la dernière partie s'est faite avec un ajout d'identifiants d'authentifica Cette partie m'a posé le plus de problèmes car j'ai trouvé que les consignes à suivre n'étaient vraiment pas claires et ne donnaient pas assez d'informations (mais je parlerai des problèmes dans la conclusion). ## __Architecture__ -- certs: dossier des certificats +- certs: + - cert.pem: Certificat + - key.pem: Clés + - nginx.conf: Configurations nginx - main.go: programme principal - go.sum: liste des checksums des dépendances - go.mod: modules gérant les dépendances diff --git a/docker-compose.yml b/docker-compose.yml index 7077a8a..afefb60 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,5 +13,12 @@ services: appsec: image: appsec:latest container_name: appsec + ports: #Ajouter ces deux lignes pour publish les ports + - 0.0.0.0:8080:8080 expose: - - "8080" \ No newline at end of file + - "8080" + environment: + - USERS + - ADMIN + - PASS1 + - PASS2 diff --git a/main.go b/main.go index 662b936..655b82e 100644 --- a/main.go +++ b/main.go @@ -8,6 +8,12 @@ import ( "fmt" "os" "strings" + + "github.com/gin-contrib/static" + "github.com/joho/godotenv" + + jwtverifier "github.com/okta/okta-jwt-verifier-golang" + ) type student struct { @@ -115,17 +121,17 @@ func deleteStudentByID(c *gin.Context) { } func past_main() { - router := gin.Default() - router.GET("/teachers", getTeachers) - router.GET("/students", getStudents) - router.GET("/teachers/:id", getTeacherByID) - router.GET("/students/:id", getStudentByID) - router.POST("/teachers", postTeachers) - router.POST("/students", postStudents) - router.DELETE("/teachers/:id", deleteTeacherByID) - router.DELETE("/students/:id", deleteStudentByID) + r := gin.Default() + r.GET("/teachers", getTeachers) + r.GET("/students", getStudents) + r.GET("/teachers/:id", getTeacherByID) + r.GET("/students/:id", getStudentByID) + r.POST("/teachers", postTeachers) + r.POST("/students", postStudents) + r.DELETE("/teachers/:id", deleteTeacherByID) + r.DELETE("/students/:id", deleteStudentByID) - router.Run("localhost:8080") + r.Run("localhost:8080") } var toValidate = map[string]string{ @@ -166,26 +172,42 @@ func AddListItem(c *gin.Context) { func main() { r := gin.Default() - accounts := make(map[string]string) - - authorized := r.Group("/", gin.BasicAuth(gin.Accounts{ - "user1": "first", - "user2": "second", - })) - - authorized.GET("/secret", func(c *gin.Context) { - c.JSON(http.StatusOK, gin.H{"secret": "The secret.",}) - }) + admin = make(map[string]string) //Admin account + accGet = make(map[string]string) //Account can use only GET - os.Setenv("FOO", "1") - fmt.Println("FOO:", os.Getenv("FOO")) - fmt.Println("BAR:", os.Getenv("BAR")) + name1 := strings.Fields(os.Getenv("USERS")) + pass1 := strings.Fields(os.Getenv("PASS1")) + name2 := strings.Fields(os.Getenv("ADMIN")) + pass2 := strings.Fields(os.Getenv("PASS2")) - fmt.Println() - for _, e := range os.Environ() { - pair := strings.SplitN(e, "=", 2) - fmt.Println(pair[0]) - } + for key, value := range name1 { + tmp := pass1[key] + accountsOnlyGet[value] = tmp + + tmp2 := pass2[key] + accountsAdmins[value] = tmp2 + } + + for key, value := range name2 { + tmp := pass2[key] + accountsAdmins[value] = tmp + } + + r.Use(static.Serve("/", static.LocalFile("./todo-vue/dist", false))) + + admins := r.Group("/", gin.BasicAuth(gin.Accounts(admin))) + onlyGet := r.Group("/", gin.BasicAuth(gin.Accounts(accGet))) + + admins.POST("/students", postStudents) + admins.DELETE("/students/:id", deleteStudentByID) + onlyGet.GET("/students", getStudents) + onlyGet.GET("/students/:id", getStudentByID) + + r.GET("/teachers", getTeachers) + r.GET("/teachers/:id", getTeacherByID) + r.POST("/teachers", postTeachers) + r.DELETE("/teachers/:id", deleteTeacherByID) r.Run("0.0.0.0:8080") + } -- GitLab