Merge pull request #87 from spinup-host/revert-82-main

Revert "Implemented resource constraints and alternate authentication"

README.md

@@ -78,9 +78,7 @@ curl -X POST http://localhost:4434/createservice \
             "type": "postgres",
             "name": "localtest",
             "username": "spinup",
-            "password": "spinup",
-            "memory": "4000m",
-            "cpu": "1.5"
+            "password": "spinup"
             },
         "version": {"maj":9,"min":6}
         }'

api/create.go

@@ -6,6 +6,7 @@ import (
 	"database/sql"
 	"encoding/json"
 	"fmt"
+	"github.com/spinup-host/internal/dockerservice"
 	"io/ioutil"
 	"log"
 	"net"
@@ -15,8 +16,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/spinup-host/internal/dockerservice"
-
 	"github.com/docker/docker/client"
 	_ "github.com/mattn/go-sqlite3"
 	"github.com/robfig/cron/v3"
@@ -33,7 +32,7 @@ type service struct {
 	//Port         uint
 	Db            dbCluster
 	DockerNetwork string
-	ApiKey        string
+
 	BackupEnabled bool
 	Backup        backupConfig
 }
@@ -50,7 +49,6 @@ type dbCluster struct {
 	Memory     string
 	Storage    string
 	Monitoring string
-	CPU        string
 }
 
 type backupConfig struct {
@@ -87,7 +85,6 @@ func CreateService(w http.ResponseWriter, req *http.Request) {
 		http.Error(w, "error validating token", http.StatusUnauthorized)
 		return
 	}
-
 	var s service
 	byteArray, err := ioutil.ReadAll(req.Body)
 	if err != nil {
@@ -97,20 +94,11 @@ func CreateService(w http.ResponseWriter, req *http.Request) {
 	if err != nil {
 		log.Fatalf("fatal: reading from readall body %v", err)
 	}
-	authHeader := req.Header.Get("Authorization")
-	apiKeyHeader := req.Header.Get("x-api-key")
-	userId, err := config.ValidateUser(authHeader, apiKeyHeader)
-
-	if err != nil {
-		http.Error(w, err.Error(), http.StatusUnauthorized)
-		return
-	}
-
-	if authHeader != "" && s.UserID != userId {
+	if s.UserID != userId {
 		log.Printf("user %s trying to access /createservice using jwt userId %s", s.UserID, userId)
-		http.Error(w, "userid doesn't match", http.StatusUnauthorized)
+		http.Error(w, "userid doesn't match", http.StatusInternalServerError)
+		return
 	}
-
 	if s.Db.Type != "postgres" {
 		fmt.Fprintf(w, "currently we don't support %s", s.Db.Type)
 		http.Error(w, "db type is currently not supported", 500)

api/helpers.go

@@ -56,17 +56,13 @@ func CreateDockerComposeFile(absolutepath string, s service) error {
 		Port             int
 		PostgresUsername string
 		PostgresPassword string
-		Memory           string
-		CPU              string
 	}{
 		s.UserID,
 		s.Architecture,
 		s.Db.Type,
 		s.Db.Port,
 		s.Db.Username,
 		s.Db.Password,
-		s.Db.Memory,
-		s.Db.CPU,
 	}
 	err = templ.Execute(f, data)
 	if err != nil {

api/list_cluster.go

@@ -20,14 +20,13 @@ func ListCluster(w http.ResponseWriter, req *http.Request) {
 		return
 	}
 	authHeader := req.Header.Get("Authorization")
-	apiKeyHeader := req.Header.Get("x-api-key")
 	var err error
-	config.Cfg.UserID, err = config.ValidateUser(authHeader, apiKeyHeader)
+	config.Cfg.UserID, err = config.ValidateToken(authHeader)
 	if err != nil {
-		http.Error(w, err.Error(), http.StatusUnauthorized)
+		log.Printf("error validating token %v", err)
+		http.Error(w, "error validating token", http.StatusUnauthorized)
 		return
 	}
-
 	dbPath := config.Cfg.Common.ProjectDir + "/" + config.Cfg.UserID
 	clusterInfos := ReadClusterInfo(dbPath, config.Cfg.UserID)
 	clusterByte, err := json.Marshal(clusterInfos)

config/config.go

@@ -17,7 +17,6 @@ type Configuration struct {
 		Ports        []int  `yaml:"ports"`
 		ClientID     string `yaml:"client_id"`
 		ClientSecret string `yaml:"client_secret"`
-		ApiKey       string `yaml:"api_key"`
 	} `yaml:"common"`
 	VerifyKey *rsa.PublicKey
 	SignKey   *rsa.PrivateKey
@@ -43,32 +42,6 @@ func ValidateToken(authHeader string) (string, error) {
 	return userID, nil
 }
 
-func ValidateApiKey(apiKey string) error {
-	if apiKey != Cfg.Common.ApiKey {
-		return errors.New("invalid api key")
-	}
-	return nil
-}
-
-func ValidateUser(authHeader string, apiKeyHeader string) (string, error) {
-	if apiKeyHeader == "" {
-		userId, err := ValidateToken(authHeader)
-		if err != nil {
-			log.Printf("error validating token %v", err)
-			return "", errors.New("error validating token")
-		}
-		return userId, nil
-	}
-	if authHeader == "" {
-		err := ValidateApiKey(apiKeyHeader)
-		if err != nil {
-			log.Printf("error validating apiKey %v", err)
-			return "", errors.New("error validating apiKey")
-		}
-	}
-	return "", nil
-}
-
 func JWTToString(tokenString string) (string, error) {
 	keyFunc := func(t *jwt.Token) (interface{}, error) {
 		return Cfg.VerifyKey, nil

metrics/metrics.go

@@ -1,6 +1,7 @@
 package metrics
 
 import (
+	"log"
 	"net/http"
 	"time"
 
@@ -17,13 +18,12 @@ func HandleMetrics(w http.ResponseWriter, req *http.Request) {
 		return
 	}
 	authHeader := req.Header.Get("Authorization")
-	apiKeyHeader := req.Header.Get("x-api-key")
 	var err error
-	config.Cfg.UserID, err = config.ValidateUser(authHeader, apiKeyHeader)
+	config.Cfg.UserID, err = config.ValidateToken(authHeader)
 	if err != nil {
-		http.Error(w, err.Error(), http.StatusUnauthorized)
+		log.Printf("error validating token %v", err)
+		http.Error(w, "error validating token", 500)
 	}
-
 	recordMetrics()
 	promhttp.Handler().ServeHTTP(w, req)
 }

templates/templates/docker-compose-template.yml

@@ -11,11 +11,5 @@ services:
       POSTGRES_PASSWORD: {{ .PostgresPassword }}
     volumes:
       - data-volume-{{ .UserID }}:/var/lib/postgresql/data
-
-    deploy:
-      resources:
-        limits:
-          memory: "{{.Memory}}"
-          cpus: "{{.CPU}}"  
 volumes:
   data-volume-{{ .UserID }}: