barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-28 12:45:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: do not crash when docker is not connected

Browse Source
This commit is contained in:
Stavros
2025-02-02 19:34:02 +02:00
parent b3aac26644
commit fe594d2755
3 changed files with 32 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
internal/api/api.go
View File

@@ -107,7 +107,10 @@ func (api *API) SetupRoutes() {
log.Debug().Msg("Authenticated") log.Debug().Msg("Authenticated")
appAllowed, appAllowedErr := api.Auth.ResourceAllowed(userContext, host) appAllowed, appAllowedErr := api.Auth.ResourceAllowed(userContext, host)
if handleApiError(c, "Failed to check if resource is allowed", appAllowedErr) {
log.Debug().Bool("appAllowed", appAllowed).Msg("Checking if user is allowed")
if api.handleError(c, "Failed to check if resource is allowed", appAllowedErr) {
return return
} }
@@ -117,7 +120,7 @@ func (api *API) SetupRoutes() {
Username: userContext.Username, Username: userContext.Username,
Resource: strings.Split(host, ".")[0], Resource: strings.Split(host, ".")[0],
}) })
if handleApiError(c, "Failed to build query", queryErr) { if api.handleError(c, "Failed to build query", queryErr) {
return return
} }
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, queries.Encode())) c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, queries.Encode()))
@@ -299,7 +302,7 @@ func (api *API) SetupRoutes() {
tailscaleQuery, tailscaleQueryErr := query.Values(types.TailscaleQuery{ tailscaleQuery, tailscaleQueryErr := query.Values(types.TailscaleQuery{
Code: (1000 + rand.IntN(9000)), // doesn't need to be secure, just there to avoid caching Code: (1000 + rand.IntN(9000)), // doesn't need to be secure, just there to avoid caching
}) })
if handleApiError(c, "Failed to build query", tailscaleQueryErr) { if api.handleError(c, "Failed to build query", tailscaleQueryErr) {
return return
} }
c.JSON(200, gin.H{ c.JSON(200, gin.H{
@@ -322,7 +325,7 @@ func (api *API) SetupRoutes() {
bindErr := c.BindUri(&providerName) bindErr := c.BindUri(&providerName)
if handleApiError(c, "Failed to bind URI", bindErr) { if api.handleError(c, "Failed to bind URI", bindErr) {
return return
} }
@@ -351,7 +354,7 @@ func (api *API) SetupRoutes() {
log.Debug().Msg("Got token") log.Debug().Msg("Got token")
if handleApiError(c, "Failed to exchange token", tokenErr) { if api.handleError(c, "Failed to exchange token", tokenErr) {
return return
} }
@@ -359,7 +362,7 @@ func (api *API) SetupRoutes() {
log.Debug().Str("email", email).Msg("Got email") log.Debug().Str("email", email).Msg("Got email")
if handleApiError(c, "Failed to get user", emailErr) { if api.handleError(c, "Failed to get user", emailErr) {
return return
} }
@@ -368,7 +371,7 @@ func (api *API) SetupRoutes() {
unauthorizedQuery, unauthorizedQueryErr := query.Values(types.UnauthorizedQuery{ unauthorizedQuery, unauthorizedQueryErr := query.Values(types.UnauthorizedQuery{
Username: email, Username: email,
}) })
if handleApiError(c, "Failed to build query", unauthorizedQueryErr) { if api.handleError(c, "Failed to build query", unauthorizedQueryErr) {
return return
} }
c.Redirect(http.StatusPermanentRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, unauthorizedQuery.Encode())) c.Redirect(http.StatusPermanentRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, unauthorizedQuery.Encode()))
@@ -400,7 +403,7 @@ func (api *API) SetupRoutes() {
log.Debug().Msg("Got redirect query") log.Debug().Msg("Got redirect query")
if handleApiError(c, "Failed to build query", redirectQueryErr) { if api.handleError(c, "Failed to build query", redirectQueryErr) {
return return
} }
@@ -413,6 +416,15 @@ func (api *API) Run() {
api.Router.Run(fmt.Sprintf("%s:%d", api.Config.Address, api.Config.Port)) api.Router.Run(fmt.Sprintf("%s:%d", api.Config.Address, api.Config.Port))
} }
func (api *API) handleError(c *gin.Context, msg string, err error) bool {
if err != nil {
log.Error().Err(err).Msg(msg)
c.Redirect(http.StatusPermanentRedirect, fmt.Sprintf("%s/error", api.Config.AppURL))
return true
}
return false
}
func zerolog() gin.HandlerFunc { func zerolog() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
tStart := time.Now() tStart := time.Now()
@@ -436,12 +448,3 @@ func zerolog() gin.HandlerFunc {
} }
} }
} }
func handleApiError(c *gin.Context, msg string, err error) bool {
if err != nil {
log.Error().Err(err).Msg(msg)
c.Redirect(http.StatusPermanentRedirect, "/error")
return true
}
return false
}

7
internal/auth/auth.go
View File

@@ -97,6 +97,13 @@ func (auth *Auth) UserAuthConfigured() bool {
} }
func (auth *Auth) ResourceAllowed(context types.UserContext, host string) (bool, error) { func (auth *Auth) ResourceAllowed(context types.UserContext, host string) (bool, error) {
isConnected := auth.Docker.DockerConnected()
if !isConnected {
log.Debug().Msg("Docker not connected, allowing access")
return true, nil
}
appId := strings.Split(host, ".")[0] appId := strings.Split(host, ".")[0]
containers, containersErr := auth.Docker.GetContainers() containers, containersErr := auth.Docker.GetContainers()

5
internal/docker/docker.go
View File

@@ -49,3 +49,8 @@ func (docker *Docker) InspectContainer(containerId string) (types.ContainerJSON,
return inspect, nil return inspect, nil
} }
func (docker *Docker) DockerConnected() bool {
_, err := docker.Client.Ping(docker.Context)
return err == nil
}