[refactor] simplify, make port optional

5 files changed, 40 insertions, 36 deletions

diff --git a/gui/backend.go b/gui/backend.go
index 875706d..af29ec6 100644
--- a/gui/backend.go
+++ b/gui/backend.go
@@ -67,8 +67,8 @@ func InitializeTestBitmaskContext() {
 }
 
 //export EnableWebAPI
-func EnableWebAPI() {
-	backend.EnableWebAPI()
+func EnableWebAPI(port string) {
+	backend.EnableWebAPI(port)
 }
 
 //export RefreshContext
diff --git a/gui/main.cpp b/gui/main.cpp
index 6d01d49..2a300e2 100644
--- a/gui/main.cpp
+++ b/gui/main.cpp
@@ -69,7 +69,7 @@ int main(int argc, char **argv) {
             {"w", "web-api"},
             QApplication::translate(
                 "main",
-                "Enable web api (on port 8080)."),
+                "Enable web api."),
         },
         {
             {"i", "install-helpers"},
@@ -78,11 +78,14 @@ int main(int argc, char **argv) {
                 "Install helpers (linux only, requires sudo)."),
         },
     });
+    QCommandLineOption webPortOption("web-port", QApplication::translate("main", "Web api port (default: 8080)"), "port", "8080");
+    parser.addOption(webPortOption);
     parser.process(app);
 
     bool hideSystray    = parser.isSet("no-systray");
     bool installHelpers = parser.isSet("install-helpers");
     bool webAPI         = parser.isSet("web-api");
+    QString webPort     = parser.value("web-port");
 
     if (hideSystray) {
         qDebug() << "Not showing systray icon because --no-systray option is set.";
@@ -140,7 +143,11 @@ int main(int argc, char **argv) {
     InitializeBitmaskContext();
 
     /* if requested, enable web api for controlling the VPN */
-    if (webAPI) { EnableWebAPI(); };
+    if (webAPI) {
+        char* wp = webPort.toLocal8Bit().data();
+        GoString p = {wp, (long int)strlen(wp)};
+        EnableWebAPI(p);
+    };
 
     /* kick off your shoes, put your feet up */
     return app.exec();
diff --git a/pkg/backend/api.go b/pkg/backend/api.go
index f63962c..0cab17f 100644
--- a/pkg/backend/api.go
+++ b/pkg/backend/api.go
@@ -6,6 +6,7 @@ import (
 	"C"
 	"fmt"
 	"log"
+	"strconv"
 	"unsafe"
 
 	"0xacab.org/leap/bitmask-vpn/pkg/bitmask"
@@ -76,8 +77,12 @@ func EnableMockBackend() {
 	go enableMockBackend()
 }
 
-func EnableWebAPI() {
-	go enableWebAPI()
+func EnableWebAPI(port string) {
+	intPort, err := strconv.Atoi(port)
+	if err != nil {
+		log.Fatal("Cannot parse port", port)
+	}
+	go enableWebAPI(intPort)
 }
 
 /* these two are a bit redundant since we already add them to ctx. however, we
diff --git a/pkg/backend/webapi.go b/pkg/backend/webapi.go
index a8844e8..568980d 100644
--- a/pkg/backend/webapi.go
+++ b/pkg/backend/webapi.go
@@ -5,31 +5,20 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"strconv"
 
 	"0xacab.org/leap/bitmask-vpn/pkg/bitmask"
 )
 
-func Adapt(h http.Handler, adapters ...Adapter) http.Handler {
-	for _, adapter := range adapters {
-		h = adapter(h)
-	}
-	return h
-}
-
-type Adapter func(http.Handler) http.Handler
-
-func CheckAuth(token string) Adapter {
-	return func(h http.Handler) http.Handler {
-		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			t := r.Header.Get("X-Auth-Token")
-			if t == token {
-				h.ServeHTTP(w, r)
-			} else {
-				w.WriteHeader(http.StatusUnauthorized)
-				w.Write([]byte("401 - Unauthorized"))
-			}
-
-		})
+func CheckAuth(handler http.HandlerFunc, token string) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		t := r.Header.Get("X-Auth-Token")
+		if t == token {
+			handler(w, r)
+		} else {
+			w.WriteHeader(http.StatusUnauthorized)
+			w.Write([]byte("401 - Unauthorized"))
+		}
 	}
 }
 
@@ -44,7 +33,6 @@ func webOff(w http.ResponseWriter, r *http.Request) {
 }
 
 func webStatus(w http.ResponseWriter, r *http.Request) {
-	log.Println("Web UI: status")
 	fmt.Fprintf(w, ctx.Status.String())
 }
 
@@ -54,12 +42,13 @@ func webQuit(w http.ResponseWriter, r *http.Request) {
 	os.Exit(0)
 }
 
-func enableWebAPI() {
+func enableWebAPI(port int) {
+	log.Println("Starting WebAPI in port", port)
 	bitmask.GenerateAuthToken()
-	auth := CheckAuth(bitmask.ReadAuthToken())
-	http.Handle("/vpn/start", Adapt(http.HandlerFunc(webOn), auth))
-	http.Handle("/vpn/stop", Adapt(http.HandlerFunc(webOff), auth))
-	http.Handle("/vpn/status", Adapt(http.HandlerFunc(webStatus), auth))
-	http.Handle("/vpn/quit", Adapt(http.HandlerFunc(webQuit), auth))
-	http.ListenAndServe(":8080", nil)
+	token := bitmask.ReadAuthToken()
+	http.Handle("/vpn/start", CheckAuth(http.HandlerFunc(webOn), token))
+	http.Handle("/vpn/stop", CheckAuth(http.HandlerFunc(webOff), token))
+	http.Handle("/vpn/status", CheckAuth(http.HandlerFunc(webStatus), token))
+	http.Handle("/vpn/quit", CheckAuth(http.HandlerFunc(webQuit), token))
+	http.ListenAndServe(":"+strconv.Itoa(port), nil)
 }
diff --git a/pkg/bitmask/auth.go b/pkg/bitmask/auth.go
index 519eaf1..a87a2ea 100644
--- a/pkg/bitmask/auth.go
+++ b/pkg/bitmask/auth.go
@@ -5,6 +5,7 @@ import (
 	"log"
 	"math/rand"
 	"os"
+	"path/filepath"
 	"runtime"
 	"strings"
 	"time"
@@ -12,7 +13,7 @@ import (
 
 /* functions for local authentication of control endpoints */
 
-const tokenPath = "/dev/shm/bitmask-token"
+const bitmaskToken = "bitmask-token"
 
 func GenerateAuthToken() {
 	if runtime.GOOS != "linux" {
@@ -20,6 +21,7 @@ func GenerateAuthToken() {
 		return
 	}
 	t := getRandomString()
+	tokenPath := filepath.Join(os.TempDir(), bitmaskToken)
 	err := ioutil.WriteFile(tokenPath, []byte(t), os.FileMode(int(0600)))
 	if err != nil {
 		log.Println("Could not write authentication token.")
@@ -31,6 +33,7 @@ func ReadAuthToken() string {
 		log.Println("Authentication token only implemented in linux at the moment.")
 		return ""
 	}
+	tokenPath := filepath.Join(os.TempDir(), bitmaskToken)
 	token, err := ioutil.ReadFile(tokenPath)
 	if err != nil {
 		log.Println("Error reading token:", err)