chook 1.1.0 → 1.1.1

data/lib/chook/server/routes/handle_webhook_event.rb

@@ -30,7 +30,7 @@ module Chook
 
     post '/handle_webhook_event' do
       # enforce http basic auth if needed
-      protected!
+      protect_via_basic_auth!
 
       # rewind to ensure read-pointer is at the start
       request.body.rewind #

data/lib/chook/server/routes/handlers.rb

@@ -30,7 +30,6 @@ module Chook
 
     # reload the handlers
     get '/reload_handlers' do
-      protected!
       logger.info 'Reloading handlers'
       Chook::HandledEvent::Handlers.load_handlers reload: true
       'Handlers reloaded'
@@ -38,7 +37,6 @@ module Chook
 
     # used by javascript to fetch the content of a handler
     get '/handler_code/:file' do
-      protected!
       file = Chook.config.handler_dir + params[:file]
       if file.file?
         body file.read

data/lib/chook/server/routes/home.rb

@@ -29,7 +29,6 @@ module Chook
   class Server < Sinatra::Base
 
     get '/' do
-      protected!
 
       # a list of current handlers for the admin page
       @handlers_for_admin_page = []

data/lib/chook/server/routes/log.rb

@@ -41,7 +41,8 @@ module Chook
     #   https://user:passwd@chookserver.myorg.org:443/log
     #
     post '/log' do
-      protected!
+      protect_via_basic_auth!
+
       request.body.rewind # in case someone already read it
       raw = request.body.read
 
@@ -72,7 +73,6 @@ module Chook
     #
     #
     get '/subscribe_to_log_stream', provides: 'text/event-stream' do
-      protected!
       content_type 'text/event-stream'
       cache_control 'no-cache'
 
@@ -97,7 +97,6 @@ module Chook
 
     # get the log level via the admin page.
     get '/current_log_level' do
-      protected!
       Chook::Server::Log::LOG_LEVELS.invert[Chook.logger.level].to_s
     end
 

data/lib/chook/server/routes/login_logout.rb

@@ -0,0 +1,48 @@
+### Copyright 2017 Pixar
+
+###
+###    Licensed under the Apache License, Version 2.0 (the "Apache License")
+###    with the following modification; you may not use this file except in
+###    compliance with the Apache License and the following modification to it:
+###    Section 6. Trademarks. is deleted and replaced with:
+###
+###    6. Trademarks. This License does not grant permission to use the trade
+###       names, trademarks, service marks, or product names of the Licensor
+###       and its affiliates, except as required to comply with Section 4(c) of
+###       the License and to reproduce the content of the NOTICE file.
+###
+###    You may obtain a copy of the Apache License at
+###
+###        http://www.apache.org/licenses/LICENSE-2.0
+###
+###    Unless required by applicable law or agreed to in writing, software
+###    distributed under the Apache License with the above modification is
+###    distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+###    KIND, either express or implied. See the Apache License for the specific
+###    language governing permissions and limitations under the Apache License.
+###
+###
+
+module Chook
+
+  # see server.rb
+  class Server < Sinatra::Base
+
+    # reload the handlers
+    get '/logout' do
+      session[:authed_admin] = nil
+      session[:auth_failed] = nil
+      redirect '/'
+    end # get /
+
+    # reload the handlers
+    post '/login' do
+      Chook.logger.debug "Attempting to log in #{params[:username]}"
+      session[:auth_failed] = !authenticate_admin(params[:username], params[:password])
+      redirect '/'
+    end # get /
+
+
+  end # class
+
+end # module

data/lib/chook/server/views/layout.haml

@@ -34,6 +34,26 @@
               %span.def_dialect Australian/NZ informal
               %br/
               %span.def_definition a chicken or fowl
+    %hr/
+    - if Chook.config.admin_user
+      #login_logout_div
 
+      - if session[:authed_admin]
+        %a{ href: '/logout' }
+          %button#logout_btn{ type: 'button' } Log Out
+        = yield
 
-    = yield
+      - else
+        %form#login_form{ name: 'login_form', method: 'POST', action: '/login' }
+          - if Chook.config.admin_user == Chook::Server::Auth::USE_JAMF_ADMIN_USER
+            Jamf Pro
+          Username:
+          %input#username{ type: :text, name: 'username' }
+          Password:
+          %input#password{ type: :password, name: 'password' }
+          %input#login_btn{ type: :submit, value: 'Log In' }
+          - if session[:auth_failed]
+            %span#login_incorrect     Login Incorrect!
+
+    - else
+      = yield

data/lib/chook/version.rb

@@ -27,6 +27,6 @@
 module Chook
 
   ### The version of the Chook framework
-  VERSION = '1.1.0'.freeze
+  VERSION = '1.1.1'.freeze
 
 end # module

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: chook
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.1
 platform: ruby
 authors:
 - Chris Lasell
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-13 00:00:00.000000000 Z
+date: 2018-10-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
@@ -124,6 +124,7 @@ files:
 - lib/chook/handled_subjects.rb
 - lib/chook/procs.rb
 - lib/chook/server.rb
+- lib/chook/server/auth.rb
 - lib/chook/server/log.rb
 - lib/chook/server/public/css/chook.css
 - lib/chook/server/public/imgs/ChookLogoAlMcWhiggin.png
@@ -134,6 +135,7 @@ files:
 - lib/chook/server/routes/handlers.rb
 - lib/chook/server/routes/home.rb
 - lib/chook/server/routes/log.rb
+- lib/chook/server/routes/login_logout.rb
 - lib/chook/server/views/admin.haml
 - lib/chook/server/views/bak.haml
 - lib/chook/server/views/config.haml