2016-07-21 17:57:38 +01:00
|
|
|
// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// This software (Documize Community Edition) is licensed under
|
|
|
|
|
// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
|
|
|
|
|
//
|
|
|
|
|
// You can operate outside the AGPL restrictions by purchasing
|
|
|
|
|
// Documize Enterprise Edition and obtaining a commercial license
|
|
|
|
|
// by contacting <sales@documize.com>.
|
|
|
|
|
//
|
|
|
|
|
// https://documize.com
|
|
|
|
|
|
|
|
|
|
package endpoint
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"net/http"
|
|
|
|
|
"os"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/codegangsta/negroni"
|
2017-07-21 14:53:32 +01:00
|
|
|
"github.com/documize/api/wordsmith/log"
|
2017-07-19 18:47:01 +01:00
|
|
|
"github.com/documize/community/core/api"
|
2016-07-21 17:57:38 +01:00
|
|
|
"github.com/documize/community/core/api/plugins"
|
|
|
|
|
"github.com/documize/community/core/database"
|
2017-07-21 14:53:32 +01:00
|
|
|
"github.com/documize/community/core/env"
|
2016-07-21 17:57:38 +01:00
|
|
|
"github.com/documize/community/core/web"
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var testHost string // used during automated testing
|
|
|
|
|
|
|
|
|
|
// Serve the Documize endpoint.
|
2017-07-21 14:53:32 +01:00
|
|
|
func Serve(rt env.Runtime, ready chan struct{}) {
|
2016-07-21 17:57:38 +01:00
|
|
|
err := plugins.LibSetup()
|
|
|
|
|
if err != nil {
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Error("Terminating before running - invalid plugin.json", err)
|
2016-07-21 17:57:38 +01:00
|
|
|
os.Exit(1)
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-19 18:47:01 +01:00
|
|
|
log.Info(fmt.Sprintf("Starting %s version %s", api.Runtime.Product.Title, api.Runtime.Product.Version))
|
2016-07-21 17:57:38 +01:00
|
|
|
|
2017-07-19 18:47:01 +01:00
|
|
|
switch api.Runtime.Flags.SiteMode {
|
2016-07-21 17:57:38 +01:00
|
|
|
case web.SiteModeOffline:
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Serving OFFLINE web app")
|
2016-07-21 17:57:38 +01:00
|
|
|
case web.SiteModeSetup:
|
2016-07-22 16:22:06 +01:00
|
|
|
Add(RoutePrefixPrivate, "setup", []string{"POST", "OPTIONS"}, nil, database.Create)
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Serving SETUP web app")
|
2016-07-21 17:57:38 +01:00
|
|
|
case web.SiteModeBadDB:
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Serving BAD DATABASE web app")
|
2016-07-21 17:57:38 +01:00
|
|
|
default:
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Starting web app")
|
2016-07-21 17:57:38 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
router := mux.NewRouter()
|
|
|
|
|
|
|
|
|
|
// "/api/public/..."
|
|
|
|
|
router.PathPrefix(RoutePrefixPublic).Handler(negroni.New(
|
|
|
|
|
negroni.HandlerFunc(cors),
|
|
|
|
|
negroni.Wrap(buildRoutes(RoutePrefixPublic)),
|
|
|
|
|
))
|
|
|
|
|
|
|
|
|
|
// "/api/..."
|
|
|
|
|
router.PathPrefix(RoutePrefixPrivate).Handler(negroni.New(
|
|
|
|
|
negroni.HandlerFunc(Authorize),
|
|
|
|
|
negroni.Wrap(buildRoutes(RoutePrefixPrivate)),
|
|
|
|
|
))
|
|
|
|
|
|
|
|
|
|
// "/..."
|
|
|
|
|
router.PathPrefix(RoutePrefixRoot).Handler(negroni.New(
|
|
|
|
|
negroni.HandlerFunc(cors),
|
|
|
|
|
negroni.Wrap(buildRoutes(RoutePrefixRoot)),
|
|
|
|
|
))
|
|
|
|
|
|
|
|
|
|
n := negroni.New()
|
|
|
|
|
n.Use(negroni.NewStatic(web.StaticAssetsFileSystem()))
|
|
|
|
|
n.Use(negroni.HandlerFunc(cors))
|
|
|
|
|
n.Use(negroni.HandlerFunc(metrics))
|
|
|
|
|
n.UseHandler(router)
|
|
|
|
|
ready <- struct{}{}
|
|
|
|
|
|
2017-07-19 18:47:01 +01:00
|
|
|
if !api.Runtime.Flags.SSLEnabled() {
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Starting non-SSL server on " + api.Runtime.Flags.HTTPPort)
|
2017-07-19 18:47:01 +01:00
|
|
|
n.Run(testHost + ":" + api.Runtime.Flags.HTTPPort)
|
2016-07-21 17:57:38 +01:00
|
|
|
} else {
|
2017-07-19 18:47:01 +01:00
|
|
|
if api.Runtime.Flags.ForceHTTPPort2SSL != "" {
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Starting non-SSL server on " + api.Runtime.Flags.ForceHTTPPort2SSL + " and redirecting to SSL server on " + api.Runtime.Flags.HTTPPort)
|
2016-07-21 17:57:38 +01:00
|
|
|
|
|
|
|
|
go func() {
|
2017-07-19 18:47:01 +01:00
|
|
|
err := http.ListenAndServe(":"+api.Runtime.Flags.ForceHTTPPort2SSL, http.HandlerFunc(
|
2016-07-21 17:57:38 +01:00
|
|
|
func(w http.ResponseWriter, req *http.Request) {
|
2017-05-19 11:36:28 +01:00
|
|
|
w.Header().Set("Connection", "close")
|
2017-07-19 18:47:01 +01:00
|
|
|
var host = strings.Replace(req.Host, api.Runtime.Flags.ForceHTTPPort2SSL, api.Runtime.Flags.HTTPPort, 1) + req.RequestURI
|
2016-07-21 17:57:38 +01:00
|
|
|
http.Redirect(w, req, "https://"+host, http.StatusMovedPermanently)
|
|
|
|
|
}))
|
|
|
|
|
if err != nil {
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Error("ListenAndServe on "+api.Runtime.Flags.ForceHTTPPort2SSL, err)
|
2016-07-21 17:57:38 +01:00
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Info("Starting SSL server on " + api.Runtime.Flags.HTTPPort + " with " + api.Runtime.Flags.SSLCertFile + " " + api.Runtime.Flags.SSLKeyFile)
|
2016-07-21 17:57:38 +01:00
|
|
|
|
2017-04-16 14:56:13 +01:00
|
|
|
// TODO: https://blog.gopheracademy.com/advent-2016/exposing-go-on-the-internet/
|
2016-09-21 11:46:45 -07:00
|
|
|
|
2017-07-19 18:47:01 +01:00
|
|
|
server := &http.Server{Addr: ":" + api.Runtime.Flags.HTTPPort, Handler: n /*, TLSConfig: myTLSConfig*/}
|
2016-07-21 17:57:38 +01:00
|
|
|
server.SetKeepAlivesEnabled(true)
|
2017-07-21 14:53:32 +01:00
|
|
|
|
2017-07-19 18:47:01 +01:00
|
|
|
if err := server.ListenAndServeTLS(api.Runtime.Flags.SSLCertFile, api.Runtime.Flags.SSLKeyFile); err != nil {
|
2017-07-21 14:53:32 +01:00
|
|
|
rt.Log.Error("ListenAndServeTLS on "+api.Runtime.Flags.HTTPPort, err)
|
2016-07-21 17:57:38 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func cors(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
|
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*")
|
|
|
|
|
w.Header().Set("Access-Control-Allow-Methods", "PUT, GET, POST, DELETE, OPTIONS, PATCH")
|
|
|
|
|
w.Header().Set("Access-Control-Allow-Headers", "host, content-type, accept, authorization, origin, referer, user-agent, cache-control, x-requested-with")
|
2017-04-27 12:49:32 +01:00
|
|
|
w.Header().Set("Access-Control-Expose-Headers", "x-documize-version, x-documize-status")
|
2016-07-21 17:57:38 +01:00
|
|
|
|
|
|
|
|
if r.Method == "OPTIONS" {
|
2017-07-19 18:47:01 +01:00
|
|
|
w.Header().Add("X-Documize-Version", api.Runtime.Product.Version)
|
2017-04-13 16:22:19 +01:00
|
|
|
w.Header().Add("Cache-Control", "no-cache")
|
|
|
|
|
|
2017-07-21 14:53:32 +01:00
|
|
|
w.Write([]byte(""))
|
|
|
|
|
|
2016-07-21 17:57:38 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
next(w, r)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func metrics(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
|
2017-07-19 18:47:01 +01:00
|
|
|
w.Header().Add("X-Documize-Version", api.Runtime.Product.Version)
|
2016-07-21 17:57:38 +01:00
|
|
|
w.Header().Add("Cache-Control", "no-cache")
|
|
|
|
|
// Prevent page from being displayed in an iframe
|
|
|
|
|
w.Header().Add("X-Frame-Options", "DENY")
|
|
|
|
|
|
|
|
|
|
// Force SSL delivery
|
|
|
|
|
// if certFile != "" && keyFile != "" {
|
|
|
|
|
// w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
next(w, r)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func version(w http.ResponseWriter, r *http.Request) {
|
2017-07-21 14:53:32 +01:00
|
|
|
w.Write([]byte(api.Runtime.Product.Version))
|
2016-07-21 17:57:38 +01:00
|
|
|
}
|
