Home Explore Help
Sign In
SMusatov
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Files Wiki
Tree: fc4dda32f4
Branches Tags
seaweedfs
/
weed
/
server
/
filer_server_handlers.go

filer_server_handlers.go 5.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181 
  1. package weed_server
    2. 

  2. 

  3. import (
    4. 

  4. 	"errors"
    5. 

  5. 	"net/http"
    6. 

  6. 	"strings"
    7. 

  7. 	"sync/atomic"
    8. 

  8. 	"time"
    9. 

  9. 

  10. 	"github.com/seaweedfs/seaweedfs/weed/glog"
    11. 

  11. 	"github.com/seaweedfs/seaweedfs/weed/security"
    12. 

  12. 	"github.com/seaweedfs/seaweedfs/weed/util"
    13. 

  13. 

  14. 	"github.com/seaweedfs/seaweedfs/weed/stats"
    15. 

  15. )
    16. 

  16. 

  17. func (fs *FilerServer) filerHandler(w http.ResponseWriter, r *http.Request) {
    18. 

  18. 	start := time.Now()
    19. 

  19. 

  20. 	if r.Header.Get("Origin") != "" {
    21. 

  21. 		w.Header().Set("Access-Control-Allow-Origin", "*")
    22. 

  22. 		w.Header().Set("Access-Control-Expose-Headers", "*")
    23. 

  23. 		w.Header().Set("Access-Control-Allow-Headers", "*")
    24. 

  24. 		w.Header().Set("Access-Control-Allow-Credentials", "true")
    25. 

  25. 		w.Header().Set("Access-Control-Allow-Methods", "PUT, POST, GET, DELETE, OPTIONS")
    26. 

  26. 	}
    27. 

  27. 

  28. 	if r.Method == "OPTIONS" {
    29. 

  29. 		OptionsHandler(w, r, false)
    30. 

  30. 		return
    31. 

  31. 	}
    32. 

  32. 

  33. 	// proxy to volume servers
    34. 

  34. 	var fileId string
    35. 

  35. 	if strings.HasPrefix(r.RequestURI, "/?proxyChunkId=") {
    36. 

  36. 		fileId = r.RequestURI[len("/?proxyChunkId="):]
    37. 

  37. 	}
    38. 

  38. 	if fileId != "" {
    39. 

  39. 		stats.FilerRequestCounter.WithLabelValues(stats.ChunkProxy).Inc()
    40. 

  40. 		fs.proxyToVolumeServer(w, r, fileId)
    41. 

  41. 		stats.FilerRequestHistogram.WithLabelValues(stats.ChunkProxy).Observe(time.Since(start).Seconds())
    42. 

  42. 		return
    43. 

  43. 	}
    44. 

  44. 

  45. 	isReadHttpCall := r.Method == "GET" || r.Method == "HEAD"
    46. 

  46. 	if !fs.maybeCheckJwtAuthorization(r, !isReadHttpCall) {
    47. 

  47. 		writeJsonError(w, r, http.StatusUnauthorized, errors.New("wrong jwt"))
    48. 

  48. 		return
    49. 

  49. 	}
    50. 

  50. 

  51. 	stats.FilerRequestCounter.WithLabelValues(r.Method).Inc()
    52. 

  52. 	defer func() {
    53. 

  53. 		stats.FilerRequestHistogram.WithLabelValues(r.Method).Observe(time.Since(start).Seconds())
    54. 

  54. 	}()
    55. 

  55. 

  56. 	w.Header().Set("Server", "SeaweedFS Filer "+util.VERSION)
    57. 

  57. 

  58. 	switch r.Method {
    59. 

  59. 	case "GET":
    60. 

  60. 		fs.GetOrHeadHandler(w, r)
    61. 

  61. 	case "HEAD":
    62. 

  62. 		fs.GetOrHeadHandler(w, r)
    63. 

  63. 	case "DELETE":
    64. 

  64. 		if _, ok := r.URL.Query()["tagging"]; ok {
    65. 

  65. 			fs.DeleteTaggingHandler(w, r)
    66. 

  66. 		} else {
    67. 

  67. 			fs.DeleteHandler(w, r)
    68. 

  68. 		}
    69. 

  69. 	case "POST", "PUT":
    70. 

  70. 		// wait until in flight data is less than the limit
    71. 

  71. 		contentLength := getContentLength(r)
    72. 

  72. 		fs.inFlightDataLimitCond.L.Lock()
    73. 

  73. 		inFlightDataSize := atomic.LoadInt64(&fs.inFlightDataSize)
    74. 

  74. 		for fs.option.ConcurrentUploadLimit != 0 && inFlightDataSize > fs.option.ConcurrentUploadLimit {
    75. 

  75. 			glog.V(4).Infof("wait because inflight data %d > %d", inFlightDataSize, fs.option.ConcurrentUploadLimit)
    76. 

  76. 			fs.inFlightDataLimitCond.Wait()
    77. 

  77. 			inFlightDataSize = atomic.LoadInt64(&fs.inFlightDataSize)
    78. 

  78. 		}
    79. 

  79. 		fs.inFlightDataLimitCond.L.Unlock()
    80. 

  80. 		atomic.AddInt64(&fs.inFlightDataSize, contentLength)
    81. 

  81. 		defer func() {
    82. 

  82. 			atomic.AddInt64(&fs.inFlightDataSize, -contentLength)
    83. 

  83. 			fs.inFlightDataLimitCond.Signal()
    84. 

  84. 		}()
    85. 

  85. 

  86. 		if r.Method == "PUT" {
    87. 

  87. 			if _, ok := r.URL.Query()["tagging"]; ok {
    88. 

  88. 				fs.PutTaggingHandler(w, r)
    89. 

  89. 			} else {
    90. 

  90. 				fs.PostHandler(w, r, contentLength)
    91. 

  91. 			}
    92. 

  92. 		} else { // method == "POST"
    93. 

  93. 			fs.PostHandler(w, r, contentLength)
    94. 

  94. 		}
    95. 

  95. 	}
    96. 

  96. }
    97. 

  97. 

  98. func (fs *FilerServer) readonlyFilerHandler(w http.ResponseWriter, r *http.Request) {
    99. 

  99. 

  100. 	start := time.Now()
    101. 

  101. 

  102. 	if r.Header.Get("Origin") != "" {
    103. 

  103. 		w.Header().Set("Access-Control-Allow-Origin", "*")
    104. 

  104. 		w.Header().Set("Access-Control-Allow-Headers", "*")
    105. 

  105. 		w.Header().Set("Access-Control-Allow-Credentials", "true")
    106. 

  106. 	}
    107. 

  107. 

  108. 	stats.FilerRequestCounter.WithLabelValues(r.Method).Inc()
    109. 

  109. 	defer func() {
    110. 

  110. 		stats.FilerRequestHistogram.WithLabelValues(r.Method).Observe(time.Since(start).Seconds())
    111. 

  111. 	}()
    112. 

  112. 	// We handle OPTIONS first because it never should be authenticated
    113. 

  113. 	if r.Method == "OPTIONS" {
    114. 

  114. 		OptionsHandler(w, r, true)
    115. 

  115. 		return
    116. 

  116. 	}
    117. 

  117. 

  118. 	if !fs.maybeCheckJwtAuthorization(r, false) {
    119. 

  119. 		writeJsonError(w, r, http.StatusUnauthorized, errors.New("wrong jwt"))
    120. 

  120. 		return
    121. 

  121. 	}
    122. 

  122. 

  123. 	w.Header().Set("Server", "SeaweedFS Filer "+util.VERSION)
    124. 

  124. 

  125. 	switch r.Method {
    126. 

  126. 	case "GET":
    127. 

  127. 		fs.GetOrHeadHandler(w, r)
    128. 

  128. 	case "HEAD":
    129. 

  129. 		fs.GetOrHeadHandler(w, r)
    130. 

  130. 	}
    131. 

  131. }
    132. 

  132. 

  133. func OptionsHandler(w http.ResponseWriter, r *http.Request, isReadOnly bool) {
    134. 

  134. 	if isReadOnly {
    135. 

  135. 		w.Header().Set("Access-Control-Allow-Methods", "GET, OPTIONS")
    136. 

  136. 	} else {
    137. 

  137. 		w.Header().Set("Access-Control-Allow-Methods", "PUT, POST, GET, DELETE, OPTIONS")
    138. 

  138. 		w.Header().Set("Access-Control-Expose-Headers", "*")
    139. 

  139. 	}
    140. 

  140. 	w.Header().Set("Access-Control-Allow-Origin", "*")
    141. 

  141. 	w.Header().Set("Access-Control-Allow-Headers", "*")
    142. 

  142. 	w.Header().Set("Access-Control-Allow-Credentials", "true")
    143. 

  143. }
    144. 

  144. 

  145. // maybeCheckJwtAuthorization returns true if access should be granted, false if it should be denied
    146. 

  146. func (fs *FilerServer) maybeCheckJwtAuthorization(r *http.Request, isWrite bool) bool {
    147. 

  147. 

  148. 	var signingKey security.SigningKey
    149. 

  149. 

  150. 	if isWrite {
    151. 

  151. 		if len(fs.filerGuard.SigningKey) == 0 {
    152. 

  152. 			return true
    153. 

  153. 		} else {
    154. 

  154. 			signingKey = fs.filerGuard.SigningKey
    155. 

  155. 		}
    156. 

  156. 	} else {
    157. 

  157. 		if len(fs.filerGuard.ReadSigningKey) == 0 {
    158. 

  158. 			return true
    159. 

  159. 		} else {
    160. 

  160. 			signingKey = fs.filerGuard.ReadSigningKey
    161. 

  161. 		}
    162. 

  162. 	}
    163. 

  163. 

  164. 	tokenStr := security.GetJwt(r)
    165. 

  165. 	if tokenStr == "" {
    166. 

  166. 		glog.V(1).Infof("missing jwt from %s", r.RemoteAddr)
    167. 

  167. 		return false
    168. 

  168. 	}
    169. 

  169. 

  170. 	token, err := security.DecodeJwt(signingKey, tokenStr, &security.SeaweedFilerClaims{})
    171. 

  171. 	if err != nil {
    172. 

  172. 		glog.V(1).Infof("jwt verification error from %s: %v", r.RemoteAddr, err)
    173. 

  173. 		return false
    174. 

  174. 	}
    175. 

  175. 	if !token.Valid {
    176. 

  176. 		glog.V(1).Infof("jwt invalid from %s: %v", r.RemoteAddr, tokenStr)
    177. 

  177. 		return false
    178. 

  178. 	} else {
    179. 

  179. 		return true
    180. 

  180. 	}
    181. 

  181. }
    182.