diff --git a/internal/session/auth.go b/internal/session/auth.go index 3d797f19..9ccfa4ea 100644 --- a/internal/session/auth.go +++ b/internal/session/auth.go @@ -3,51 +3,24 @@ package session import ( "fmt" "net/http" - "strings" "demodesk/neko/internal/types" ) -const ( - token_name = "password" -) - func (manager *SessionManagerCtx) Authenticate(r *http.Request) (types.Session, error) { - token := getToken(r) - if token == "" { - return nil, fmt.Errorf("no password provided") + id, secret, ok := r.BasicAuth() + if !ok { + return nil, fmt.Errorf("no authentication provided") } - isAdmin := (token == manager.config.AdminPassword) - isUser := (token == manager.config.Password) - - if !isAdmin && !isUser { - return nil, fmt.Errorf("invalid password") + session, ok := manager.Get(id) + if !ok { + return nil, fmt.Errorf("member not found") } - // TODO: Enable persistent user autentication. - return manager.Create(types.MemberProfile{ - IsAdmin: isAdmin, - }) -} - -func getToken(r *http.Request) string { - // Get token from query - if token := r.URL.Query().Get(token_name); token != "" { - return token - } - - // Get token from authorization header - bearer := r.Header.Get("Authorization") - if len(bearer) > 7 && strings.ToUpper(bearer[0:6]) == "BEARER" { - return bearer[7:] - } - - // Get token from cookie - cookie, err := r.Cookie(token_name) - if err == nil { - return cookie.Value - } - - return "" + if !session.VerifySecret(secret) { + return nil, fmt.Errorf("invalid password provided") + } + + return session, nil } diff --git a/internal/session/manager.go b/internal/session/manager.go index ec96a889..be48a6cf 100644 --- a/internal/session/manager.go +++ b/internal/session/manager.go @@ -14,7 +14,7 @@ import ( ) func New(capture types.CaptureManager, config *config.Session) *SessionManagerCtx { - return &SessionManagerCtx{ + manager := &SessionManagerCtx{ logger: log.With().Str("module", "session").Logger(), host: nil, hostMu: sync.Mutex{}, @@ -24,6 +24,22 @@ func New(capture types.CaptureManager, config *config.Session) *SessionManagerCt membersMu: sync.Mutex{}, emmiter: events.New(), } + + // create default admin account at startup + _ = manager.Create("admin", types.MemberProfile{ + Secret: config.AdminPassword, + Name: "Administrator", + IsAdmin: true, + }) + + // create default user account at startup + _ = manager.Create("user", types.MemberProfile{ + Secret: config.Password, + Name: "User", + IsAdmin: false, + }) + + return manager } type SessionManagerCtx struct { @@ -37,15 +53,10 @@ type SessionManagerCtx struct { emmiter events.EventEmmiter } -func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Session, error) { +func (manager *SessionManagerCtx) Create(id string, profile types.MemberProfile) types.Session { manager.membersMu.Lock() defer manager.membersMu.Unlock() - id, err := utils.NewUID(32) - if err != nil { - return nil, err - } - session := &SessionCtx{ id: id, manager: manager, @@ -54,7 +65,7 @@ func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Ses } manager.members[id] = session - return session, nil + return session } func (manager *SessionManagerCtx) Get(id string) (types.Session, bool) { diff --git a/internal/session/session.go b/internal/session/session.go index 22ded516..1799d767 100644 --- a/internal/session/session.go +++ b/internal/session/session.go @@ -35,6 +35,10 @@ func (session *SessionCtx) IsHost() bool { return session.manager.host != nil && session.manager.host.ID() == session.ID() } +func (session *SessionCtx) VerifySecret(secret string) bool { + return session.profile.Secret == secret +} + func (session *SessionCtx) Connected() bool { return session.websocket_connected && session.webrtc_connected } diff --git a/internal/types/session.go b/internal/types/session.go index 883dbbee..cc54a828 100644 --- a/internal/types/session.go +++ b/internal/types/session.go @@ -3,7 +3,8 @@ package types import "net/http" type MemberProfile struct { - //Token string + ID string + Secret string Name string IsAdmin bool //Enabled bool @@ -18,6 +19,7 @@ type Session interface { Admin() bool IsHost() bool Connected() bool + VerifySecret(secret string) bool SetName(name string) SetWebSocketPeer(websocket_peer WebSocketPeer) SetWebSocketConnected(connected bool) @@ -29,7 +31,7 @@ type Session interface { } type SessionManager interface { - Create(profile MemberProfile) (Session, error) + Create(id string, profile MemberProfile) Session Get(id string) (Session, bool) Delete(id string) error