Mercurial Hosting > luan
annotate src/luan/host/WebHandler.java @ 1608:f7e3adae4907
add BasicAuthHandler
| author | Franklin Schmidt <fschmidt@gmail.com> |
|---|---|
| date | Sat, 01 May 2021 19:52:56 -0600 |
| parents | fa066aaa068c |
| children | 07be5015159d |
| rev | line source |
|---|---|
|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
1 package luan.host; |
| 1135 | 2 |
| 3 import java.io.File; | |
| 1501 | 4 import java.io.IOException; |
|
1402
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
5 import goodjava.logging.Logger; |
|
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
6 import goodjava.logging.LoggerFactory; |
| 1501 | 7 import goodjava.io.IoUtils; |
|
1402
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
8 import goodjava.webserver.Handler; |
|
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
9 import goodjava.webserver.Request; |
|
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
10 import goodjava.webserver.Response; |
|
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
11 import goodjava.webserver.handlers.DomainHandler; |
| 1598 | 12 import goodjava.webserver.handlers.IndexHandler; |
| 13 import goodjava.webserver.handlers.ListHandler; | |
| 14 import goodjava.webserver.handlers.ContentTypeHandler; | |
| 15 import goodjava.webserver.handlers.SafeHandler; | |
| 16 import goodjava.webserver.handlers.LogHandler; | |
|
1602
55d7b60c074d
add DirHandler to WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1600
diff
changeset
|
17 import goodjava.webserver.handlers.FileHandler; |
|
55d7b60c074d
add DirHandler to WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1600
diff
changeset
|
18 import goodjava.webserver.handlers.DirHandler; |
| 1607 | 19 import goodjava.webserver.handlers.HeadersHandler; |
|
1608
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
20 import goodjava.webserver.handlers.BasicAuthHandler; |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
21 import goodjava.webserver.handlers.RegexHandler; |
| 1330 | 22 import luan.Luan; |
| 1135 | 23 import luan.LuanException; |
| 24 import luan.LuanTable; | |
| 1330 | 25 import luan.LuanFunction; |
| 26 import luan.LuanClosure; | |
| 1335 | 27 import luan.LuanRuntimeException; |
|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
28 import luan.modules.http.LuanHandler; |
| 1598 | 29 import luan.modules.http.NotFound; |
| 1454 | 30 import luan.modules.logging.LuanLogger; |
| 1135 | 31 |
| 32 | |
|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
33 public class WebHandler implements Handler { |
| 1135 | 34 private static final Logger logger = LoggerFactory.getLogger(WebHandler.class); |
|
1600
8a717f0b7f45
add DailyRollingFileAppender.deleteAfter
Franklin Schmidt <fschmidt@gmail.com>
parents:
1599
diff
changeset
|
35 private static final long days30 = 1000L*60*60*24*30; |
| 1135 | 36 |
| 1598 | 37 private static final class MyHandler implements Handler { |
| 38 private final Handler handler; | |
| 39 final LuanHandler luanHandler; | |
| 40 | |
| 41 MyHandler(Handler handler,LuanHandler luanHandler) { | |
| 42 this.handler = handler; | |
| 43 this.luanHandler = luanHandler; | |
| 44 } | |
| 45 | |
| 46 @Override public Response handle(Request request) { | |
| 47 return handler.handle(request); | |
| 48 } | |
| 49 } | |
| 50 | |
| 1315 | 51 private static final DomainHandler.Factory factory = new DomainHandler.Factory() { |
| 52 public Handler newHandler(String domain) { | |
| 53 File dir = new File(sitesDir,domain); | |
|
1400
221eedb0f54e
fix inner class gc bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1392
diff
changeset
|
54 if( !dir.exists() ) |
| 1315 | 55 return null; |
| 56 String dirStr = dir.toString(); | |
| 1230 | 57 |
| 1315 | 58 String logDir = dirStr + "/site/private/local/logs/web"; |
| 1501 | 59 try { |
| 60 IoUtils.mkdirs(new File(logDir)); | |
| 61 } catch(IOException e) { | |
| 62 throw new RuntimeException(e); | |
| 63 } | |
| 1230 | 64 |
|
1333
25746915a241
merge Luan and LuanState
Franklin Schmidt <fschmidt@gmail.com>
parents:
1332
diff
changeset
|
65 Luan luan = new Luan(); |
|
1608
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
66 String password; |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
67 LuanLogger.startThreadLogging(luan); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
68 try { |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
69 LuanFunction fn = Luan.loadClasspath(luan,"luan/host/init.luan"); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
70 fn.call(luan,dirStr,domain); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
71 LuanTable Io = (LuanTable)luan.require("luan:Io.luan"); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
72 password = (String)Io.get(luan,"password"); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
73 if( password==null ) throw new NullPointerException(); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
74 } catch(LuanException e) { |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
75 throw new LuanRuntimeException(e); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
76 } finally { |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
77 LuanLogger.endThreadLogging(); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
78 } |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
79 security(luan,dirStr); |
| 1598 | 80 LuanHandler luanHandler = new LuanHandler(luan,domain); |
| 81 | |
|
1605
ef9d96aeb541
use FileHandler in WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1602
diff
changeset
|
82 FileHandler fileHandler = new FileHandler(dirStr+"/site/"); |
|
ef9d96aeb541
use FileHandler in WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1602
diff
changeset
|
83 Handler handler = new ListHandler( luanHandler, fileHandler ); |
| 1607 | 84 handler = new ContentTypeHandler(handler); |
|
1605
ef9d96aeb541
use FileHandler in WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1602
diff
changeset
|
85 handler = new IndexHandler(handler); |
|
ef9d96aeb541
use FileHandler in WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1602
diff
changeset
|
86 DirHandler dirHandler = new DirHandler(fileHandler); |
| 1598 | 87 Handler notFoundHander = new NotFound(luanHandler); |
| 1607 | 88 notFoundHander = new ContentTypeHandler(notFoundHander); |
|
1602
55d7b60c074d
add DirHandler to WebHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1600
diff
changeset
|
89 handler = new ListHandler( handler, dirHandler, notFoundHander ); |
|
1608
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
90 Handler auth = new BasicAuthHandler(handler,"Private","admin",password); |
|
f7e3adae4907
add BasicAuthHandler
Franklin Schmidt <fschmidt@gmail.com>
parents:
1607
diff
changeset
|
91 handler = new RegexHandler("^/private/",auth,handler); |
| 1607 | 92 handler = new HeadersHandler(handler); |
| 1598 | 93 handler = new SafeHandler(handler); |
|
1600
8a717f0b7f45
add DailyRollingFileAppender.deleteAfter
Franklin Schmidt <fschmidt@gmail.com>
parents:
1599
diff
changeset
|
94 handler = new LogHandler(handler,LogHandler.dirLogger(new File(logDir),days30)); |
| 1598 | 95 |
| 96 return new MyHandler(handler,luanHandler); | |
| 1230 | 97 } |
| 1315 | 98 }; |
| 1230 | 99 |
| 1330 | 100 public static String securityPassword = "password"; // change for security |
| 1315 | 101 private static final DomainHandler domainHandler = new DomainHandler(factory); |
| 1202 | 102 private static String sitesDir = null; |
| 1135 | 103 |
|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
104 public WebHandler(String dir) { |
| 1135 | 105 if( sitesDir != null ) |
| 106 throw new RuntimeException("already set"); | |
| 107 if( !new File(dir).exists() ) | |
| 108 throw new RuntimeException(); | |
| 1230 | 109 sitesDir = dir; |
| 1454 | 110 LuanLogger.initThreadLogging(); |
| 1135 | 111 } |
| 112 | |
| 1315 | 113 @Override public Response handle(Request request) { |
| 114 return domainHandler.handle(request); | |
| 1135 | 115 } |
| 116 | |
| 1578 | 117 public static Object callSite(String domain,String fnName,Object... args) throws LuanException { |
| 1598 | 118 MyHandler handler = (MyHandler)domainHandler.getHandler(domain); |
| 119 return handler.luanHandler.call_rpc(fnName,args); | |
| 1135 | 120 } |
| 121 | |
| 1315 | 122 public static void removeHandler(String domain) { |
| 123 domainHandler.removeHandler(domain); | |
| 1135 | 124 } |
| 125 | |
| 1330 | 126 public static void loadHandler(String domain) throws LuanException { |
| 127 try { | |
| 128 domainHandler.getHandler(domain); | |
| 129 } catch(LuanRuntimeException e) { | |
| 1335 | 130 throw (LuanException)e.getCause(); |
| 1330 | 131 } |
| 1135 | 132 } |
| 133 | |
|
1333
25746915a241
merge Luan and LuanState
Franklin Schmidt <fschmidt@gmail.com>
parents:
1332
diff
changeset
|
134 private static final void security(Luan luan,String dir) { |
|
1174
bdf27aa2a65c
fix luanhost security bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1136
diff
changeset
|
135 final String siteUri = "file:" + dir + "/site"; |
| 1330 | 136 Luan.Security security = new Luan.Security() { |
|
1333
25746915a241
merge Luan and LuanState
Franklin Schmidt <fschmidt@gmail.com>
parents:
1332
diff
changeset
|
137 public void check(Luan luan,LuanClosure closure,String op,Object... args) |
| 1330 | 138 throws LuanException |
| 139 { | |
| 140 if( op.equals("uri") ) { | |
| 141 String name = (String)args[0]; | |
| 142 if( name.startsWith("file:") ) { | |
| 143 if( name.contains("..") ) | |
| 144 throw new LuanException("Security violation - '"+name+"' contains '..'"); | |
| 145 if( !(name.equals(siteUri) || name.startsWith(siteUri+"/")) ) | |
| 146 throw new LuanException("Security violation - '"+name+"' outside of site dir"); | |
| 147 } | |
| 148 else if( name.startsWith("classpath:luan/host/") ) { | |
| 149 throw new LuanException("Security violation"); | |
| 150 } | |
| 151 else if( name.startsWith("os:") || name.startsWith("bash:") ) { | |
| 152 throw new LuanException("Security violation"); | |
| 153 } | |
| 154 } else { | |
| 155 String name = closure.sourceName; | |
| 156 if( !( | |
| 157 name.startsWith("luan:") | |
| 158 || name.startsWith("classpath:") | |
| 159 || name.matches("^file:[^/]+$") | |
| 160 ) ) | |
| 161 throw new LuanException("Security violation - only luan:* modules can load Java"); | |
| 162 if( name.equals("luan:logging/Logging") ) | |
| 163 throw new LuanException("Security violation - cannot reload Logging"); | |
| 1135 | 164 } |
| 165 } | |
| 166 }; | |
| 1330 | 167 Luan.setSecurity(luan,security); |
| 1135 | 168 } |
| 169 | |
| 170 } |