Admin UI: replace gin with mux (#8420)

* Replace admin gin router with mux * Update layout_templ.go * Harden admin handlers * Add login CSRF handling * Fix filer copy naming conflict * address comments * address comments
2026-02-23 19:11:17 -08:00
parent e596542295
commit 8d59ef41d5
29 changed files with 1843 additions and 1596 deletions
--- a/weed/admin/dash/middleware.go
+++ b/weed/admin/dash/middleware.go
@@ -4,109 +4,129 @@ import (
 	"net/http"
 	"strings"

-	"github.com/gin-contrib/sessions"
-	"github.com/gin-gonic/gin"
+	"github.com/gorilla/mux"
+	"github.com/gorilla/sessions"
 )

-// setAuthContext sets username and role in context for use in handlers
-func setAuthContext(c *gin.Context, username, role interface{}) {
-	c.Set("username", username)
-	if role != nil {
-		c.Set("role", role)
-	} else {
-		// Default to admin for backward compatibility
-		c.Set("role", "admin")
-	}
+const sessionName = "admin-session"
+
+// SessionName returns the cookie session name used by the admin UI.
+func SessionName() string {
+	return sessionName
 }

-// RequireAuth checks if user is authenticated
-func RequireAuth() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		session := sessions.Default(c)
-		authenticated := session.Get("authenticated")
-		username := session.Get("username")
-		role := session.Get("role")
+type sessionValidationErrorKind int

-		if authenticated != true || username == nil {
-			c.Redirect(http.StatusTemporaryRedirect, "/login")
-			c.Abort()
-			return
-		}
+const (
+	sessionValidationErrorKindUnauthenticated sessionValidationErrorKind = iota
+	sessionValidationErrorKindSessionInit
+)

-		csrfToken, err := getOrCreateSessionCSRFToken(session)
-		if err != nil {
-			c.Redirect(http.StatusTemporaryRedirect, "/login?error=Unable to initialize session")
-			c.Abort()
-			return
-		}
-
-		// Set username and role in context for use in handlers
-		setAuthContext(c, username, role)
-		c.Set("csrf_token", csrfToken)
-		c.Next()
-	}
+type sessionValidationError struct {
+	kind sessionValidationErrorKind
+	err  error
 }

-// RequireAuthAPI checks if user is authenticated for API endpoints
-// Returns JSON error instead of redirecting to login page
-func RequireAuthAPI() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		session := sessions.Default(c)
-		authenticated := session.Get("authenticated")
-		username := session.Get("username")
-		role := session.Get("role")
-
-		if authenticated != true || username == nil {
-			c.JSON(http.StatusUnauthorized, gin.H{
-				"error":   "Authentication required",
-				"message": "Please log in to access this endpoint",
-			})
-			c.Abort()
-			return
-		}
-
-		csrfToken, err := getOrCreateSessionCSRFToken(session)
-		if err != nil {
-			c.JSON(http.StatusInternalServerError, gin.H{
-				"error":   "Failed to initialize session",
-				"message": "Unable to initialize CSRF token",
-			})
-			c.Abort()
-			return
-		}
-
-		// Set username and role in context for use in handlers
-		setAuthContext(c, username, role)
-		c.Set("csrf_token", csrfToken)
-		c.Next()
+func (e *sessionValidationError) Error() string {
+	if e.err != nil {
+		return e.err.Error()
 	}
+	return "session validation failed"
 }

-// RequireWriteAccess checks if user has admin role (write access)
-// Returns JSON error for API endpoints, redirects for HTML endpoints
-func RequireWriteAccess() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		role, exists := c.Get("role")
-		if !exists {
-			role = "admin" // Default for backward compatibility
-		}
+func (e *sessionValidationError) Unwrap() error {
+	return e.err
+}

-		roleStr, ok := role.(string)
-		if !ok || roleStr != "admin" {
-			// Check if this is an API request (path starts with /api) or HTML request
-			path := c.Request.URL.Path
-			if strings.HasPrefix(path, "/api") {
-				c.JSON(http.StatusForbidden, gin.H{
-					"error":   "Insufficient permissions",
-					"message": "This operation requires admin access. Read-only users can only view data.",
-				})
-			} else {
-				c.Redirect(http.StatusSeeOther, "/admin?error=Insufficient permissions")
+func validateSession(store sessions.Store, w http.ResponseWriter, r *http.Request) (string, string, string, error) {
+	session, err := store.Get(r, sessionName)
+	if err != nil {
+		return "", "", "", &sessionValidationError{kind: sessionValidationErrorKindSessionInit, err: err}
+	}
+
+	authenticated, _ := session.Values["authenticated"].(bool)
+	username, _ := session.Values["username"].(string)
+	role, _ := session.Values["role"].(string)
+	if !authenticated || username == "" {
+		return "", "", "", &sessionValidationError{kind: sessionValidationErrorKindUnauthenticated}
+	}
+
+	csrfToken, err := getOrCreateSessionCSRFToken(session, r, w)
+	if err != nil {
+		return "", "", "", &sessionValidationError{kind: sessionValidationErrorKindSessionInit, err: err}
+	}
+
+	return username, role, csrfToken, nil
+}
+
+// RequireAuth checks if user is authenticated.
+func RequireAuth(store sessions.Store) mux.MiddlewareFunc {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			username, role, csrfToken, err := validateSession(store, w, r)
+			if err != nil {
+				if verr, ok := err.(*sessionValidationError); ok && verr.kind == sessionValidationErrorKindUnauthenticated {
+					http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
+				} else {
+					http.Redirect(w, r, "/login?error=Unable to initialize session", http.StatusTemporaryRedirect)
+				}
+				return
 			}
-			c.Abort()
-			return
-		}

-		c.Next()
+			ctx := WithAuthContext(r.Context(), username, role, csrfToken)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+// RequireAuthAPI checks if user is authenticated for API endpoints.
+// Returns JSON error instead of redirecting to login page.
+func RequireAuthAPI(store sessions.Store) mux.MiddlewareFunc {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			username, role, csrfToken, err := validateSession(store, w, r)
+			if err != nil {
+				if verr, ok := err.(*sessionValidationError); ok && verr.kind == sessionValidationErrorKindUnauthenticated {
+					writeJSON(w, http.StatusUnauthorized, map[string]string{
+						"error":   "Authentication required",
+						"message": "Please log in to access this endpoint",
+					})
+				} else {
+					writeJSON(w, http.StatusInternalServerError, map[string]string{
+						"error":   "Failed to initialize session",
+						"message": "Unable to initialize session",
+					})
+				}
+				return
+			}
+
+			ctx := WithAuthContext(r.Context(), username, role, csrfToken)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+// RequireWriteAccess checks if user has admin role (write access).
+// Returns JSON error for API endpoints, redirects for HTML endpoints.
+func RequireWriteAccess() mux.MiddlewareFunc {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			role := RoleFromContext(r.Context())
+
+			if role != "admin" {
+				// Check if this is an API request (path starts with /api) or HTML request.
+				if strings.HasPrefix(r.URL.Path, "/api") {
+					writeJSON(w, http.StatusForbidden, map[string]string{
+						"error":   "Insufficient permissions",
+						"message": "This operation requires admin access. Read-only users can only view data.",
+					})
+				} else {
+					http.Redirect(w, r, "/admin?error=Insufficient permissions", http.StatusSeeOther)
+				}
+				return
+			}
+
+			next.ServeHTTP(w, r)
+		})
 	}
 }