login with secret.

2024-07-24 14:40:50 +12:00 · 2020-11-27 19:59:54 +01:00 · 2020-11-27 19:59:54 +01:00 · a90bf87e24
commit a90bf87e24
parent a330a3cc76
4 changed files with 38 additions and 48 deletions
--- a/internal/session/auth.go
+++ b/internal/session/auth.go
@ -3,51 +3,24 @@ package session
 import (
 	"fmt"
 	"net/http"
-	"strings"

 	"demodesk/neko/internal/types"
 )

-const (
-	token_name = "password"
-)
-
 func (manager *SessionManagerCtx) Authenticate(r *http.Request) (types.Session, error) {
-	token := getToken(r)
-	if token == "" {
-		return nil, fmt.Errorf("no password provided")
+	id, secret, ok := r.BasicAuth()
+	if !ok {
+		return nil, fmt.Errorf("no authentication provided")
 	}

-	isAdmin := (token == manager.config.AdminPassword)
-	isUser := (token == manager.config.Password)
-
-	if !isAdmin && !isUser {
-		return nil, fmt.Errorf("invalid password")
+	session, ok := manager.Get(id)
+	if !ok {
+		return nil, fmt.Errorf("member not found")
 	}

-	// TODO: Enable persistent user autentication.
-	return manager.Create(types.MemberProfile{
-		IsAdmin: isAdmin,
-	})
+	if !session.VerifySecret(secret) {
+		return nil, fmt.Errorf("invalid password provided")
 	}

-func getToken(r *http.Request) string {
-	// Get token from query
-	if token := r.URL.Query().Get(token_name); token != "" {
-		return token
-	}
-
-	// Get token from authorization header
-	bearer := r.Header.Get("Authorization")
-	if len(bearer) > 7 && strings.ToUpper(bearer[0:6]) == "BEARER" {
-		return bearer[7:]
-	}
-
-	// Get token from cookie
-	cookie, err := r.Cookie(token_name)
-	if err == nil {
-		return cookie.Value
-	}
-
-	return ""
+	return session, nil
 }
--- a/internal/session/manager.go
+++ b/internal/session/manager.go
@ -14,7 +14,7 @@ import (
 )

 func New(capture types.CaptureManager, config *config.Session) *SessionManagerCtx {
-	return &SessionManagerCtx{
+	manager := &SessionManagerCtx{
 		logger:    log.With().Str("module", "session").Logger(),
 		host:      nil,
 		hostMu:    sync.Mutex{},
@ -24,6 +24,22 @@ func New(capture types.CaptureManager, config *config.Session) *SessionManagerCt
 		membersMu: sync.Mutex{},
 		emmiter:   events.New(),
 	}
+
+	// create default admin account at startup
+	_ = manager.Create("admin", types.MemberProfile{
+		Secret: config.AdminPassword,
+		Name: "Administrator",
+		IsAdmin: true,
+	})
+
+	// create default user account at startup
+	_ = manager.Create("user", types.MemberProfile{
+		Secret: config.Password,
+		Name: "User",
+		IsAdmin: false,
+	})
+
+	return manager
 }

 type SessionManagerCtx struct {
@ -37,15 +53,10 @@ type SessionManagerCtx struct {
 	emmiter   events.EventEmmiter
 }

-func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Session, error) {
+func (manager *SessionManagerCtx) Create(id string, profile types.MemberProfile) types.Session {
 	manager.membersMu.Lock()
 	defer manager.membersMu.Unlock()

-	id, err := utils.NewUID(32)
-	if err != nil {
-		return nil, err
-	}
-
 	session := &SessionCtx{
 		id:        id,
 		manager:   manager,
@ -54,7 +65,7 @@ func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Ses
 	}

 	manager.members[id] = session
-	return session, nil
+	return session
 }

 func (manager *SessionManagerCtx) Get(id string) (types.Session, bool) {
--- a/internal/session/session.go
+++ b/internal/session/session.go
@ -35,6 +35,10 @@ func (session *SessionCtx) IsHost() bool {
 	return session.manager.host != nil && session.manager.host.ID() == session.ID()
 }

+func (session *SessionCtx) VerifySecret(secret string) bool {
+	return session.profile.Secret == secret
+}
+
 func (session *SessionCtx) Connected() bool {
 	return session.websocket_connected && session.webrtc_connected
 }
--- a/internal/types/session.go
+++ b/internal/types/session.go
@ -3,7 +3,8 @@ package types
 import "net/http"

 type MemberProfile struct {
-	//Token            string
+	ID               string
+	Secret           string
 	Name             string
 	IsAdmin          bool
 	//Enabled          bool
@ -18,6 +19,7 @@ type Session interface {
 	Admin() bool
 	IsHost() bool
 	Connected() bool
+	VerifySecret(secret string) bool
 	SetName(name string)
 	SetWebSocketPeer(websocket_peer WebSocketPeer)
 	SetWebSocketConnected(connected bool)
@ -29,7 +31,7 @@ type Session interface {
 }

 type SessionManager interface {
-	Create(profile MemberProfile) (Session, error)
+	Create(id string, profile MemberProfile) Session
 	Get(id string) (Session, bool)
 	Delete(id string) error