blob: ab53fb8db1ffa8762de8320175def2c5a52ebcce [file] [log] [blame]
// Copyright 2015 The LUCI Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package gaemiddleware
import (
"net/http"
"go.chromium.org/luci/common/logging"
"go.chromium.org/luci/gae/service/info"
"go.chromium.org/luci/server/router"
)
var devAppserverBypassFn = info.IsDevAppServer
// RequireCron ensures that the request is from the appengine 'cron' service.
//
// It checks the presence of a magical header that can be set only by GAE.
// If the header is not there, it aborts the request with StatusForbidden.
//
// This middleware has no effect when using 'BaseTest' or when running under
// dev_appserver.py
//
// Deprecated: expose cron handlers via go.chromium.org/luci/server/cron server
// module instead or check "X-AppEngine-Cron" header manually in your HTTP
// handlers.
func RequireCron(c *router.Context, next router.Handler) {
if !devAppserverBypassFn(c.Context) {
if c.Request.Header.Get("X-Appengine-Cron") != "true" {
logging.Errorf(c.Context, "request not made from cron")
http.Error(c.Writer, "error: must be run from cron", http.StatusForbidden)
return
}
}
next(c)
}
// RequireTaskQueue ensures that the request is from the specified task queue.
//
// It checks the presence of a magical header that can be set only by GAE.
// If the header is not there, it aborts the request with StatusForbidden.
//
// if 'queue' is the empty string, than this simply checks that this handler was
// run from ANY appengine taskqueue.
//
// This middleware has no effect when using 'BaseTest' or when running under
// dev_appserver.py
//
// Deprecated: use go.chromium.org/luci/server/tq server module for organizing
// task queues instead or check "X-AppEngine-QueueName" header manually in your
// HTTP handlers.
func RequireTaskQueue(queue string) router.Middleware {
return func(c *router.Context, next router.Handler) {
if !devAppserverBypassFn(c.Context) {
qName := c.Request.Header.Get("X-AppEngine-QueueName")
if qName == "" || (queue != "" && queue != qName) {
logging.Errorf(c.Context, "request made from wrong taskqueue: %q v %q", qName, queue)
http.Error(c.Writer, "error: must be run from the correct taskqueue", http.StatusForbidden)
return
}
}
next(c)
}
}