Commit c47161efbc4d1ab59950fb2180d6fe69b3c5ab2a
1 parent
e1fbb41f91
Exists in
master
and in
1 other branch
fixed bug: UnauthorizedResponse was sending HTTP 500 message
Showing
1 changed file
with
2 additions
and
2 deletions
Show diff stats
http_utility.go
| 1 | package webutility | 1 | package webutility |
| 2 | 2 | ||
| 3 | import ( | 3 | import ( |
| 4 | "net/http" | 4 | "net/http" |
| 5 | "encoding/json" | 5 | "encoding/json" |
| 6 | ) | 6 | ) |
| 7 | 7 | ||
| 8 | const templateHttpErr500_EN = "An internal server error has occurred." | 8 | const templateHttpErr500_EN = "An internal server error has occurred." |
| 9 | const templateHttpErr500_RS = "Došlo je do greške na serveru." | 9 | const templateHttpErr500_RS = "Došlo je do greške na serveru." |
| 10 | const templateHttpErr400_EN = "Bad request: invalid request body." | 10 | const templateHttpErr400_EN = "Bad request: invalid request body." |
| 11 | const templateHttpErr400_RS = "Neispravan zahtev." | 11 | const templateHttpErr400_RS = "Neispravan zahtev." |
| 12 | const templateHttpErr401_EN = "Unauthorized request." | 12 | const templateHttpErr401_EN = "Unauthorized request." |
| 13 | const templateHttpErr401_RS = "Neautorizovan zahtev." | 13 | const templateHttpErr401_RS = "Neautorizovan zahtev." |
| 14 | 14 | ||
| 15 | type httpError struct { | 15 | type httpError struct { |
| 16 | Error []HttpErrorDesc `json:"error"` | 16 | Error []HttpErrorDesc `json:"error"` |
| 17 | Request string `json:"request"` | 17 | Request string `json:"request"` |
| 18 | } | 18 | } |
| 19 | 19 | ||
| 20 | type HttpErrorDesc struct { | 20 | type HttpErrorDesc struct { |
| 21 | Lang string `json:"lang"` | 21 | Lang string `json:"lang"` |
| 22 | Desc string `json:"description"` | 22 | Desc string `json:"description"` |
| 23 | } | 23 | } |
| 24 | 24 | ||
| 25 | // ErrorResponse writes HTTP error to w. | 25 | // ErrorResponse writes HTTP error to w. |
| 26 | func ErrorResponse(w http.ResponseWriter, r *http.Request, code int, desc []HttpErrorDesc) { | 26 | func ErrorResponse(w http.ResponseWriter, r *http.Request, code int, desc []HttpErrorDesc) { |
| 27 | err := httpError{ desc, r.Method + " " + r.URL.Path } | 27 | err := httpError{ desc, r.Method + " " + r.URL.Path } |
| 28 | w.WriteHeader(code) | 28 | w.WriteHeader(code) |
| 29 | json.NewEncoder(w).Encode(err) | 29 | json.NewEncoder(w).Encode(err) |
| 30 | } | 30 | } |
| 31 | 31 | ||
| 32 | // BadRequestResponse writes HTTP error 400 to w. | 32 | // BadRequestResponse writes HTTP error 400 to w. |
| 33 | func BadRequestResponse(w http.ResponseWriter, req *http.Request) { | 33 | func BadRequestResponse(w http.ResponseWriter, req *http.Request) { |
| 34 | ErrorResponse(w, req, http.StatusBadRequest, []HttpErrorDesc{ | 34 | ErrorResponse(w, req, http.StatusBadRequest, []HttpErrorDesc{ |
| 35 | { "en", templateHttpErr400_EN }, | 35 | { "en", templateHttpErr400_EN }, |
| 36 | { "rs", templateHttpErr400_RS }, | 36 | { "rs", templateHttpErr400_RS }, |
| 37 | }) | 37 | }) |
| 38 | } | 38 | } |
| 39 | 39 | ||
| 40 | // InternalSeverErrorResponse writes HTTP error 500 to w. | 40 | // InternalSeverErrorResponse writes HTTP error 500 to w. |
| 41 | func InternalServerErrorResponse(w http.ResponseWriter, req *http.Request) { | 41 | func InternalServerErrorResponse(w http.ResponseWriter, req *http.Request) { |
| 42 | ErrorResponse(w, req, http.StatusInternalServerError, []HttpErrorDesc{ | 42 | ErrorResponse(w, req, http.StatusInternalServerError, []HttpErrorDesc{ |
| 43 | { "en", templateHttpErr500_EN }, | 43 | { "en", templateHttpErr500_EN }, |
| 44 | { "rs", templateHttpErr500_RS }, | 44 | { "rs", templateHttpErr500_RS }, |
| 45 | }) | 45 | }) |
| 46 | } | 46 | } |
| 47 | 47 | ||
| 48 | // UnauthorizedError writes HTTP error 401 to w. | 48 | // UnauthorizedError writes HTTP error 401 to w. |
| 49 | func UnauthorizedResponse(w http.ResponseWriter, req *http.Request) { | 49 | func UnauthorizedResponse(w http.ResponseWriter, req *http.Request) { |
| 50 | ErrorResponse(w, req, http.StatusUnauthorized, []HttpErrorDesc{ | 50 | ErrorResponse(w, req, http.StatusUnauthorized, []HttpErrorDesc{ |
| 51 | { "en", templateHttpErr500_EN }, | 51 | { "en", templateHttpErr401_EN }, |
| 52 | { "rs", templateHttpErr500_RS }, | 52 | { "rs", templateHttpErr401_RS }, |
| 53 | }) | 53 | }) |
| 54 | } | 54 | } |
| 55 | 55 | ||
| 56 | // TODO: Check for content type | 56 | // TODO: Check for content type |
| 57 | // Sets common headers, checks for token validity and performs access control. | 57 | // Sets common headers, checks for token validity and performs access control. |
| 58 | func WrapHandler(handlerFunc http.HandlerFunc, auth bool) http.HandlerFunc { | 58 | func WrapHandler(handlerFunc http.HandlerFunc, auth bool) http.HandlerFunc { |
| 59 | return func(w http.ResponseWriter, req *http.Request) { | 59 | return func(w http.ResponseWriter, req *http.Request) { |
| 60 | w.Header().Set("Access-Control-Allow-Origin", "*") | 60 | w.Header().Set("Access-Control-Allow-Origin", "*") |
| 61 | 61 | ||
| 62 | w.Header().Set("Access-Control-Allow-Methods", | 62 | w.Header().Set("Access-Control-Allow-Methods", |
| 63 | "POST, GET, PUT, DELETE, OPTIONS") | 63 | "POST, GET, PUT, DELETE, OPTIONS") |
| 64 | 64 | ||
| 65 | w.Header().Set("Access-Control-Allow-Headers", | 65 | w.Header().Set("Access-Control-Allow-Headers", |
| 66 | `Accept, Content-Type, Content-Length, | 66 | `Accept, Content-Type, Content-Length, |
| 67 | Accept-Encoding, X-CSRF-Token, Authorization`) | 67 | Accept-Encoding, X-CSRF-Token, Authorization`) |
| 68 | 68 | ||
| 69 | w.Header().Set("Content-Type", "application/json; charset=utf-8") | 69 | w.Header().Set("Content-Type", "application/json; charset=utf-8") |
| 70 | 70 | ||
| 71 | if req.Method == "OPTIONS" { | 71 | if req.Method == "OPTIONS" { |
| 72 | return | 72 | return |
| 73 | } | 73 | } |
| 74 | 74 | ||
| 75 | if auth { | 75 | if auth { |
| 76 | token := req.Header.Get("Authorization") | 76 | token := req.Header.Get("Authorization") |
| 77 | if _, err := ParseAPIToken(token); err != nil { | 77 | if _, err := ParseAPIToken(token); err != nil { |
| 78 | UnauthorizedResponse(w, req) | 78 | UnauthorizedResponse(w, req) |
| 79 | return | 79 | return |
| 80 | } | 80 | } |
| 81 | } | 81 | } |
| 82 | 82 | ||
| 83 | err := req.ParseForm() | 83 | err := req.ParseForm() |
| 84 | if err != nil { | 84 | if err != nil { |
| 85 | BadRequestResponse(w, req) | 85 | BadRequestResponse(w, req) |
| 86 | return | 86 | return |
| 87 | } | 87 | } |
| 88 | 88 | ||
| 89 | // execute HandlerFunc | 89 | // execute HandlerFunc |
| 90 | handlerFunc(w, req) | 90 | handlerFunc(w, req) |
| 91 | } | 91 | } |
| 92 | } | 92 | } |
| 93 | 93 | ||
| 94 | // NotFoundHandler writes HTTP error 404 to w. | 94 | // NotFoundHandler writes HTTP error 404 to w. |
| 95 | func NotFoundHandler(w http.ResponseWriter, req *http.Request) { | 95 | func NotFoundHandler(w http.ResponseWriter, req *http.Request) { |
| 96 | ErrorResponse(w, req, http.StatusNotFound, []HttpErrorDesc{ | 96 | ErrorResponse(w, req, http.StatusNotFound, []HttpErrorDesc{ |
| 97 | { "en", "Not found." }, | 97 | { "en", "Not found." }, |
| 98 | { "rs", "Traženi resurs ne postoji." }, | 98 | { "rs", "Traženi resurs ne postoji." }, |
| 99 | }) | 99 | }) |
| 100 | } | 100 | } |
| 101 | 101 |