mirror of
https://github.com/harness/drone.git
synced 2025-05-05 05:51:56 +08:00
4668e94027
This change adds the initial stepping stones for harness integration: - Authentication: JWT/PAT/SAT support - Authorization: ACL integration (acl currently denies requests as gitness hasn't been integrated yet) - Remote Clients for Token, User, ServiceAccount, ACL - User Integration: Syncs harness users during authentication if unknown - SA integration: syncs harness service accounts during authentication if unknown - Initial harness API: THIS WILL BE CHANGED IN THE FUTURE! - single harness subpackage (all marked with harness build flag) - harness & standalone wire + make build commands
86 lines
2.0 KiB
Go
86 lines
2.0 KiB
Go
// Copyright 2021 Harness Inc. All rights reserved.
|
|
// Use of this source code is governed by the Polyform Free Trial License
|
|
// that can be found in the LICENSE.md file for this repository.
|
|
|
|
package users
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/harness/gitness/internal/api/render"
|
|
"github.com/harness/gitness/internal/store"
|
|
"github.com/harness/gitness/types"
|
|
"github.com/harness/gitness/types/check"
|
|
"github.com/rs/zerolog/hlog"
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
"github.com/dchest/uniuri"
|
|
)
|
|
|
|
type userCreateInput struct {
|
|
UID string `json:"uid"`
|
|
Name string `json:"name"`
|
|
Email string `json:"email"`
|
|
Password string `json:"password"`
|
|
Admin bool `json:"admin"`
|
|
}
|
|
|
|
// HandleCreate returns an http.HandlerFunc that processes an http.Request
|
|
// to create the named user account in the system.
|
|
func HandleCreate(userStore store.UserStore) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
log := hlog.FromRequest(r)
|
|
|
|
in := new(userCreateInput)
|
|
err := json.NewDecoder(r.Body).Decode(in)
|
|
if err != nil {
|
|
render.BadRequestf(w, "Invalid request body: %s.", err)
|
|
return
|
|
}
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(in.Password), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
log.Err(err).
|
|
Str("uid", in.UID).
|
|
Msg("Failed to hash password")
|
|
|
|
render.InternalError(w)
|
|
return
|
|
}
|
|
|
|
user := &types.User{
|
|
UID: in.UID,
|
|
Name: in.Name,
|
|
Email: in.Email,
|
|
Admin: in.Admin,
|
|
Password: string(hash),
|
|
Salt: uniuri.NewLen(uniuri.UUIDLen),
|
|
Created: time.Now().UnixMilli(),
|
|
Updated: time.Now().UnixMilli(),
|
|
}
|
|
if err = check.User(user); err != nil {
|
|
log.Debug().Err(err).
|
|
Str("uid", user.UID).
|
|
Msg("invalid user input")
|
|
|
|
render.UserfiedErrorOrInternal(w, err)
|
|
return
|
|
}
|
|
|
|
err = userStore.Create(ctx, user)
|
|
if err != nil {
|
|
log.Err(err).
|
|
Str("uid", user.UID).
|
|
Msg("failed to create user")
|
|
|
|
render.UserfiedErrorOrInternal(w, err)
|
|
return
|
|
}
|
|
|
|
render.JSON(w, http.StatusOK, user)
|
|
}
|
|
}
|