Hopefully last modifications

Dockerfile

+# syntax=docker/dockerfile:1
+
+
+# Alpine is chosen for its small footprint
+# compared to Ubuntu
+FROM golang:1.16-alpine
+
+WORKDIR /app
+
+# Download necessary Go modules
+COPY go.mod ./
+COPY go.sum ./
+RUN go mod download
+
+COPY *.go ./
+
+RUN go build -o /AppSec
+
+EXPOSE 8080
+
+CMD [ "/AppSec" ]
+

README.md

@@ -26,7 +26,10 @@ Dans la dernière partie s'est faite avec un ajout d'identifiants d'authentifica
 Cette partie m'a posé le plus de problèmes car j'ai trouvé que les consignes à suivre n'étaient vraiment pas claires et ne donnaient pas assez d'informations (mais je parlerai des problèmes dans la conclusion).
 
 ## __Architecture__ 
-- certs: dossier des certificats
+- certs: 
+    - cert.pem: Certificat
+    - key.pem: Clés
+    - nginx.conf: Configurations nginx
 - main.go: programme principal
 - go.sum: liste des checksums des dépendances
 - go.mod: modules gérant les dépendances

docker-compose.yml

@@ -13,5 +13,12 @@ services:
   appsec:
     image: appsec:latest
     container_name: appsec
+    ports: #Ajouter ces deux lignes pour publish les ports
+      - 0.0.0.0:8080:8080
     expose:
       - "8080"
+    environment:
+      - USERS
+      - ADMIN
+      - PASS1
+      - PASS2

main.go

@@ -8,6 +8,12 @@ import (
 	"fmt"
     "os"
     "strings"
+
+	"github.com/gin-contrib/static"
+	"github.com/joho/godotenv"
+
+	jwtverifier "github.com/okta/okta-jwt-verifier-golang"
+
 )
 
 type student struct {
@@ -115,17 +121,17 @@ func deleteStudentByID(c *gin.Context) {
 }
 
 func past_main() {
-	router := gin.Default()
-	router.GET("/teachers", getTeachers)
-	router.GET("/students", getStudents)
-	router.GET("/teachers/:id", getTeacherByID)
-	router.GET("/students/:id", getStudentByID)
-	router.POST("/teachers", postTeachers)
-	router.POST("/students", postStudents)
-	router.DELETE("/teachers/:id", deleteTeacherByID)
-	router.DELETE("/students/:id", deleteStudentByID)
+	r := gin.Default()
+	r.GET("/teachers", getTeachers)
+	r.GET("/students", getStudents)
+	r.GET("/teachers/:id", getTeacherByID)
+	r.GET("/students/:id", getStudentByID)
+	r.POST("/teachers", postTeachers)
+	r.POST("/students", postStudents)
+	r.DELETE("/teachers/:id", deleteTeacherByID)
+	r.DELETE("/students/:id", deleteStudentByID)
 
-	router.Run("localhost:8080")
+	r.Run("localhost:8080")
 }
 
 var toValidate = map[string]string{
@@ -166,26 +172,42 @@ func AddListItem(c *gin.Context) {
 
 func main() {
 	r := gin.Default()
-	accounts := make(map[string]string)
+	admin = make(map[string]string) //Admin account
+	accGet = make(map[string]string) //Account can use only GET
 
-	authorized := r.Group("/", gin.BasicAuth(gin.Accounts{
-		"user1": "first",
-		"user2": "second",
-	}))
+	name1 := strings.Fields(os.Getenv("USERS"))
+	pass1 := strings.Fields(os.Getenv("PASS1"))
+	name2 := strings.Fields(os.Getenv("ADMIN"))
+	pass2 := strings.Fields(os.Getenv("PASS2"))
 	
-	authorized.GET("/secret", func(c *gin.Context) {
-		c.JSON(http.StatusOK, gin.H{"secret": "The secret.",})
-	})
+	for key, value := range name1 {
+		tmp := pass1[key]
+		accountsOnlyGet[value] = tmp
 
-	os.Setenv("FOO", "1")
-    fmt.Println("FOO:", os.Getenv("FOO"))
-    fmt.Println("BAR:", os.Getenv("BAR"))
+		tmp2 := pass2[key]
+		accountsAdmins[value] = tmp2
+	}
 
-	fmt.Println()
-    for _, e := range os.Environ() {
-        pair := strings.SplitN(e, "=", 2)
-        fmt.Println(pair[0])
+	for key, value := range name2 {
+		tmp := pass2[key]
+		accountsAdmins[value] = tmp
 	}
 
+	r.Use(static.Serve("/", static.LocalFile("./todo-vue/dist", false)))
+
+	admins := r.Group("/", gin.BasicAuth(gin.Accounts(admin)))
+	onlyGet := r.Group("/", gin.BasicAuth(gin.Accounts(accGet)))
+
+	admins.POST("/students", postStudents)
+	admins.DELETE("/students/:id", deleteStudentByID)
+	onlyGet.GET("/students", getStudents)
+	onlyGet.GET("/students/:id", getStudentByID)
+
+	r.GET("/teachers", getTeachers)
+	r.GET("/teachers/:id", getTeacherByID)
+	r.POST("/teachers", postTeachers)
+	r.DELETE("/teachers/:id", deleteTeacherByID)
+
 	r.Run("0.0.0.0:8080")
+
 }