Logout endpoint (#47)

Delete in memory session when user logout from mcs

lint fixes

Click logout button triggers logout request

Clicking the actual logout button send the POST /logout request on mcs
UI

Co-authored-by: Daniel Valdivia <hola@danielvaldivia.com>

cmd/mcs/main.go

@@ -31,7 +31,7 @@ import (
 	"github.com/minio/cli"
 )
 
-// Help template for m3.
+// Help template for mcs.
 var mcsHelpTemplate = `NAME:
   {{.Name}} - {{.Usage}}
 
@@ -57,10 +57,10 @@ var appCmds = []cli.Command{
 }
 
 func newApp(name string) *cli.App {
-	// Collection of m3 commands currently supported are.
+	// Collection of mcs commands currently supported are.
 	var commands []cli.Command
 
-	// Collection of m3 commands currently supported in a trie tree.
+	// Collection of mcs commands currently supported in a trie tree.
 	commandsTree := trie.NewTrie()
 
 	// registerCommand registers a cli command.

portal-ui/src/common/api/index.ts

@@ -30,7 +30,7 @@ export class API {
           storage.removeItem("token");
           window.location.href = "/";
         }
-        this.onError(err);
+        return this.onError(err);
       });
   }
 

portal-ui/src/screens/Console/Menu.tsx

@@ -36,6 +36,7 @@ import {
 } from "../../icons";
 import { createStyles, Theme } from "@material-ui/core/styles";
 import PersonIcon from "@material-ui/icons/Person";
+import api from "../../common/api";
 
 const styles = (theme: Theme) =>
   createStyles({
@@ -91,9 +92,20 @@ interface MenuProps {
 
 class Menu extends React.Component<MenuProps> {
   logout() {
-    storage.removeItem("token");
-    this.props.userLoggedIn(false);
-    history.push("/");
+    const deleteSession = () => {
+      storage.removeItem("token");
+      this.props.userLoggedIn(false);
+      history.push("/");
+    }
+    api
+      .invoke("POST", `/api/v1/logout`)
+      .then(() => {
+        deleteSession();
+      })
+      .catch((err: any) => {
+        console.log(err);
+        deleteSession();
+      });
   }
 
   render() {

restapi/configure_mcs.go

@@ -70,6 +70,8 @@ func configureAPI(api *operations.McsAPI) http.Handler {
 
 	// Register login handlers
 	registerLoginHandlers(api)
+	// Register logout handlers
+	registerLogoutHandlers(api)
 	// Register bucket handlers
 	registerBucketsHandlers(api)
 	// Register all users handlers

restapi/embedded_spec.go

@@ -691,6 +691,26 @@ func init() {
         }
       }
     },
+    "/logout": {
+      "post": {
+        "tags": [
+          "UserAPI"
+        ],
+        "summary": "Logout from mcs.",
+        "operationId": "Logout",
+        "responses": {
+          "200": {
+            "description": "A successful response."
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
     "/policies": {
       "get": {
         "tags": [
@@ -2263,6 +2283,26 @@ func init() {
         }
       }
     },
+    "/logout": {
+      "post": {
+        "tags": [
+          "UserAPI"
+        ],
+        "summary": "Logout from mcs.",
+        "operationId": "Logout",
+        "responses": {
+          "200": {
+            "description": "A successful response."
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
     "/policies": {
       "get": {
         "tags": [

restapi/operations/mcs_api.go

@@ -123,6 +123,9 @@ func NewMcsAPI(spec *loads.Document) *McsAPI {
 		UserAPILoginDetailHandler: user_api.LoginDetailHandlerFunc(func(params user_api.LoginDetailParams) middleware.Responder {
 			return middleware.NotImplemented("operation user_api.LoginDetail has not yet been implemented")
 		}),
+		UserAPILogoutHandler: user_api.LogoutHandlerFunc(func(params user_api.LogoutParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation user_api.Logout has not yet been implemented")
+		}),
 		UserAPIMakeBucketHandler: user_api.MakeBucketHandlerFunc(func(params user_api.MakeBucketParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation user_api.MakeBucket has not yet been implemented")
 		}),
@@ -248,6 +251,8 @@ type McsAPI struct {
 	UserAPILoginHandler user_api.LoginHandler
 	// UserAPILoginDetailHandler sets the operation handler for the login detail operation
 	UserAPILoginDetailHandler user_api.LoginDetailHandler
+	// UserAPILogoutHandler sets the operation handler for the logout operation
+	UserAPILogoutHandler user_api.LogoutHandler
 	// UserAPIMakeBucketHandler sets the operation handler for the make bucket operation
 	UserAPIMakeBucketHandler user_api.MakeBucketHandler
 	// AdminAPIPolicyInfoHandler sets the operation handler for the policy info operation
@@ -405,6 +410,9 @@ func (o *McsAPI) Validate() error {
 	if o.UserAPILoginDetailHandler == nil {
 		unregistered = append(unregistered, "user_api.LoginDetailHandler")
 	}
+	if o.UserAPILogoutHandler == nil {
+		unregistered = append(unregistered, "user_api.LogoutHandler")
+	}
 	if o.UserAPIMakeBucketHandler == nil {
 		unregistered = append(unregistered, "user_api.MakeBucketHandler")
 	}
@@ -624,6 +632,10 @@ func (o *McsAPI) initHandlerCache() {
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
+	o.handlers["POST"]["/logout"] = user_api.NewLogout(o.context, o.UserAPILogoutHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
 	o.handlers["POST"]["/buckets"] = user_api.NewMakeBucket(o.context, o.UserAPIMakeBucketHandler)
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)

restapi/operations/user_api/logout.go

@@ -0,0 +1,90 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package user_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/mcs/models"
+)
+
+// LogoutHandlerFunc turns a function with the right signature into a logout handler
+type LogoutHandlerFunc func(LogoutParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn LogoutHandlerFunc) Handle(params LogoutParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// LogoutHandler interface for that can handle valid logout params
+type LogoutHandler interface {
+	Handle(LogoutParams, *models.Principal) middleware.Responder
+}
+
+// NewLogout creates a new http.Handler for the logout operation
+func NewLogout(ctx *middleware.Context, handler LogoutHandler) *Logout {
+	return &Logout{Context: ctx, Handler: handler}
+}
+
+/*Logout swagger:route POST /logout UserAPI logout
+
+Logout from mcs.
+
+*/
+type Logout struct {
+	Context *middleware.Context
+	Handler LogoutHandler
+}
+
+func (o *Logout) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		r = rCtx
+	}
+	var Params = NewLogoutParams()
+
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		r = aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}

restapi/operations/user_api/logout_parameters.go

@@ -0,0 +1,62 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package user_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime/middleware"
+)
+
+// NewLogoutParams creates a new LogoutParams object
+// no default values defined in spec.
+func NewLogoutParams() LogoutParams {
+
+	return LogoutParams{}
+}
+
+// LogoutParams contains all the bound params for the logout operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters Logout
+type LogoutParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewLogoutParams() beforehand.
+func (o *LogoutParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

restapi/operations/user_api/logout_responses.go

@@ -0,0 +1,113 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package user_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/mcs/models"
+)
+
+// LogoutOKCode is the HTTP code returned for type LogoutOK
+const LogoutOKCode int = 200
+
+/*LogoutOK A successful response.
+
+swagger:response logoutOK
+*/
+type LogoutOK struct {
+}
+
+// NewLogoutOK creates LogoutOK with default headers values
+func NewLogoutOK() *LogoutOK {
+
+	return &LogoutOK{}
+}
+
+// WriteResponse to the client
+func (o *LogoutOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(200)
+}
+
+/*LogoutDefault Generic error response.
+
+swagger:response logoutDefault
+*/
+type LogoutDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewLogoutDefault creates LogoutDefault with default headers values
+func NewLogoutDefault(code int) *LogoutDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &LogoutDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the logout default response
+func (o *LogoutDefault) WithStatusCode(code int) *LogoutDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the logout default response
+func (o *LogoutDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the logout default response
+func (o *LogoutDefault) WithPayload(payload *models.Error) *LogoutDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the logout default response
+func (o *LogoutDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *LogoutDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}

restapi/operations/user_api/logout_urlbuilder.go

@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package user_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// LogoutURL generates an URL for the logout operation
+type LogoutURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *LogoutURL) WithBasePath(bp string) *LogoutURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *LogoutURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *LogoutURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/logout"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *LogoutURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *LogoutURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *LogoutURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on LogoutURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on LogoutURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *LogoutURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

restapi/sessions/sessions.go

@@ -45,6 +45,12 @@ func GetInstance() *Singleton {
 	return instance
 }
 
+// The delete built-in function deletes the element with the specified key (m[key]) from the map.
+// If m is nil or there is no such element, delete is a no-op. https://golang.org/pkg/builtin/#delete
+func (s *Singleton) DeleteSession(sessionID string) {
+	delete(s.sessions, sessionID)
+}
+
 func (s *Singleton) NewSession(cfg *mcCmd.Config) string {
 	// genereate random session id
 	sessionID := RandomCharString(64)

restapi/user_logout.go

@@ -0,0 +1,58 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package restapi
+
+import (
+	"errors"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/swag"
+	"github.com/minio/mcs/models"
+	"github.com/minio/mcs/restapi/operations"
+	"github.com/minio/mcs/restapi/operations/user_api"
+	"github.com/minio/mcs/restapi/sessions"
+)
+
+func registerLogoutHandlers(api *operations.McsAPI) {
+	// logout from mcs
+	api.UserAPILogoutHandler = user_api.LogoutHandlerFunc(func(params user_api.LogoutParams, principal *models.Principal) middleware.Responder {
+		sessionID := string(*principal)
+		if err := getLogoutResponse(sessionID); err != nil {
+			return user_api.NewLogoutDefault(500).WithPayload(&models.Error{Code: 500, Message: swag.String(err.Error())})
+		}
+		return user_api.NewLogoutOK()
+	})
+}
+
+// logout() deletes provided bearer token from in memory sessions map
+// then checks that the session actually got removed
+func logout(sessionID string) error {
+	sessionsMap := sessions.GetInstance()
+	sessionsMap.DeleteSession(sessionID)
+	if sessionsMap.ValidSession(sessionID) {
+		return errors.New("something went wrong deleting your session, please try again")
+	}
+	return nil
+}
+
+// getLogoutResponse performs logout() and returns nil or error
+func getLogoutResponse(sessionID string) error {
+	if err := logout(sessionID); err != nil {
+		return err
+	}
+	return nil
+}

restapi/user_logout_test.go

@@ -0,0 +1,21 @@
+package restapi
+
+import (
+	"testing"
+
+	mcCmd "github.com/minio/mc/cmd"
+	"github.com/minio/mcs/restapi/sessions"
+)
+
+// TestLogout tests the case of deleting a valid session id
+func TestLogout(t *testing.T) {
+	cfg := mcCmd.Config{}
+	// Creating a new session
+	sessionID := sessions.GetInstance().NewSession(&cfg)
+	// Test Case 1: Delete a session Valid sessionID
+	function := "logout()"
+	err := logout(sessionID)
+	if err != nil {
+		t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
+	}
+}

swagger.yml

@@ -599,6 +599,19 @@ paths:
       security: []
       tags:
         - UserAPI
+  /logout:
+    post:
+      summary: Logout from mcs.
+      operationId: Logout
+      responses:
+        200:
+          description: A successful response.
+        default:
+          description: Generic error response.
+          schema:
+            $ref: "#/definitions/error"
+      tags:
+        - UserAPI
   /profiling/start:
     post:
       summary: Start recording profile data