Skip to content
Snippets Groups Projects
Commit bb3b4396 authored by vincent.steinman's avatar vincent.steinman
Browse files

Hopefully last modifications

parent 07abc82a
No related branches found
No related tags found
No related merge requests found
# syntax=docker/dockerfile:1
# Alpine is chosen for its small footprint
# compared to Ubuntu
FROM golang:1.16-alpine
WORKDIR /app
# Download necessary Go modules
COPY go.mod ./
COPY go.sum ./
RUN go mod download
COPY *.go ./
RUN go build -o /AppSec
EXPOSE 8080
CMD [ "/AppSec" ]
...@@ -26,7 +26,10 @@ Dans la dernière partie s'est faite avec un ajout d'identifiants d'authentifica ...@@ -26,7 +26,10 @@ Dans la dernière partie s'est faite avec un ajout d'identifiants d'authentifica
Cette partie m'a posé le plus de problèmes car j'ai trouvé que les consignes à suivre n'étaient vraiment pas claires et ne donnaient pas assez d'informations (mais je parlerai des problèmes dans la conclusion). Cette partie m'a posé le plus de problèmes car j'ai trouvé que les consignes à suivre n'étaient vraiment pas claires et ne donnaient pas assez d'informations (mais je parlerai des problèmes dans la conclusion).
## __Architecture__ ## __Architecture__
- certs: dossier des certificats - certs:
- cert.pem: Certificat
- key.pem: Clés
- nginx.conf: Configurations nginx
- main.go: programme principal - main.go: programme principal
- go.sum: liste des checksums des dépendances - go.sum: liste des checksums des dépendances
- go.mod: modules gérant les dépendances - go.mod: modules gérant les dépendances
......
...@@ -13,5 +13,12 @@ services: ...@@ -13,5 +13,12 @@ services:
appsec: appsec:
image: appsec:latest image: appsec:latest
container_name: appsec container_name: appsec
ports: #Ajouter ces deux lignes pour publish les ports
- 0.0.0.0:8080:8080
expose: expose:
- "8080" - "8080"
environment:
- USERS
- ADMIN
- PASS1
- PASS2
...@@ -8,6 +8,12 @@ import ( ...@@ -8,6 +8,12 @@ import (
"fmt" "fmt"
"os" "os"
"strings" "strings"
"github.com/gin-contrib/static"
"github.com/joho/godotenv"
jwtverifier "github.com/okta/okta-jwt-verifier-golang"
) )
type student struct { type student struct {
...@@ -115,17 +121,17 @@ func deleteStudentByID(c *gin.Context) { ...@@ -115,17 +121,17 @@ func deleteStudentByID(c *gin.Context) {
} }
func past_main() { func past_main() {
router := gin.Default() r := gin.Default()
router.GET("/teachers", getTeachers) r.GET("/teachers", getTeachers)
router.GET("/students", getStudents) r.GET("/students", getStudents)
router.GET("/teachers/:id", getTeacherByID) r.GET("/teachers/:id", getTeacherByID)
router.GET("/students/:id", getStudentByID) r.GET("/students/:id", getStudentByID)
router.POST("/teachers", postTeachers) r.POST("/teachers", postTeachers)
router.POST("/students", postStudents) r.POST("/students", postStudents)
router.DELETE("/teachers/:id", deleteTeacherByID) r.DELETE("/teachers/:id", deleteTeacherByID)
router.DELETE("/students/:id", deleteStudentByID) r.DELETE("/students/:id", deleteStudentByID)
router.Run("localhost:8080") r.Run("localhost:8080")
} }
var toValidate = map[string]string{ var toValidate = map[string]string{
...@@ -166,26 +172,42 @@ func AddListItem(c *gin.Context) { ...@@ -166,26 +172,42 @@ func AddListItem(c *gin.Context) {
func main() { func main() {
r := gin.Default() r := gin.Default()
accounts := make(map[string]string) admin = make(map[string]string) //Admin account
accGet = make(map[string]string) //Account can use only GET
authorized := r.Group("/", gin.BasicAuth(gin.Accounts{ name1 := strings.Fields(os.Getenv("USERS"))
"user1": "first", pass1 := strings.Fields(os.Getenv("PASS1"))
"user2": "second", name2 := strings.Fields(os.Getenv("ADMIN"))
})) pass2 := strings.Fields(os.Getenv("PASS2"))
authorized.GET("/secret", func(c *gin.Context) { for key, value := range name1 {
c.JSON(http.StatusOK, gin.H{"secret": "The secret.",}) tmp := pass1[key]
}) accountsOnlyGet[value] = tmp
os.Setenv("FOO", "1") tmp2 := pass2[key]
fmt.Println("FOO:", os.Getenv("FOO")) accountsAdmins[value] = tmp2
fmt.Println("BAR:", os.Getenv("BAR")) }
fmt.Println() for key, value := range name2 {
for _, e := range os.Environ() { tmp := pass2[key]
pair := strings.SplitN(e, "=", 2) accountsAdmins[value] = tmp
fmt.Println(pair[0])
} }
r.Use(static.Serve("/", static.LocalFile("./todo-vue/dist", false)))
admins := r.Group("/", gin.BasicAuth(gin.Accounts(admin)))
onlyGet := r.Group("/", gin.BasicAuth(gin.Accounts(accGet)))
admins.POST("/students", postStudents)
admins.DELETE("/students/:id", deleteStudentByID)
onlyGet.GET("/students", getStudents)
onlyGet.GET("/students/:id", getStudentByID)
r.GET("/teachers", getTeachers)
r.GET("/teachers/:id", getTeacherByID)
r.POST("/teachers", postTeachers)
r.DELETE("/teachers/:id", deleteTeacherByID)
r.Run("0.0.0.0:8080") r.Run("0.0.0.0:8080")
} }
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment