github/gPanel
2
0
Fork 0
mirror of https://github.com/donl/gPanel.git synced 2026-05-26 06:12:20 -06:00
Code Issues Projects Packages Wiki Activity Actions
gPanel/pkg/api/user/auth.go
Aaron 4babe59e9c resolves issue #71
2017-11-27 21:59:45 -06:00

110 lines
3.3 KiB
Go
Raw Blame History

// Package user is a child of package api to handle api calls concerning users
package user
import (
"encoding/json"
"log"
"net/http"
"strconv"
"strings"
"time"
"github.com/Ennovar/gPanel/pkg/database"
"github.com/Ennovar/gPanel/pkg/encryption"
"github.com/Ennovar/gPanel/pkg/networking"
jwt "github.com/dgrijalva/jwt-go"
)
// Auth function is accessed by an API call from the webhost root
// by accessing /user_auth and sending it a post request with userRequestData
// struct in JSON format.
func Auth(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir string) bool {
if req.Method != "POST" {
logger.Println(req.URL.Path + "::" + req.Method + "::" + strconv.Itoa(http.StatusMethodNotAllowed) + "::" + http.StatusText(http.StatusMethodNotAllowed))
http.Error(res, req.Method+" HTTP method is unsupported for this API.", http.StatusMethodNotAllowed)
return false
}
var userRequestData struct {
User string `json:"user"`
Pass string `json:"pass"`
}
err := json.NewDecoder(req.Body).Decode(&userRequestData)
if err != nil {
logger.Println(req.URL.Path + "::" + err.Error())
http.Error(res, err.Error(), http.StatusBadRequest)
return false
}
ds, err := database.Open(dir + database.DB_MAIN)
if err != nil || ds == nil {
logger.Println(req.URL.Path + "::" + err.Error())
http.Error(res, err.Error(), http.StatusInternalServerError)
return false
}
defer ds.Close()
var userDatabaseData struct {
Pass string `json:"pass"`
Secret string `json:"secret"`
}
err = ds.Get(database.BUCKET_USERS, []byte(userRequestData.User), &userDatabaseData)
if err == database.ErrKeyNotExist {
logger.Println(req.URL.Path + "::user does not exist.")
http.Error(res, "User does not exist.", http.StatusUnauthorized)
return false
}
err = encryption.CheckPassword([]byte(userDatabaseData.Pass), []byte(userRequestData.Pass))
if err != nil {
logger.Println(req.URL.Path + "::" + err.Error())
http.Error(res, err.Error(), http.StatusUnauthorized)
return false
}
secret := encryption.RandomString(16)
userDatabaseData.Secret = secret
err = ds.Put(database.BUCKET_USERS, []byte(userRequestData.User), userDatabaseData)
if err != nil {
logger.Println(req.URL.Path + "::" + err.Error())
http.Error(res, err.Error(), http.StatusBadRequest)
return false
}
now := time.Now().UTC()
claims := jwt.StandardClaims{
Subject: userRequestData.User,
NotBefore: now.Unix(),
IssuedAt: now.Unix(),
ExpiresAt: now.Add(24 * time.Hour).Unix(),
}
token, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString([]byte(secret))
if err != nil {
logger.Println(req.URL.Path + "::" + err.Error())
http.Error(res, err.Error(), http.StatusInternalServerError)
return false
}
var store networking.Store
if strings.Contains(dir, "bundles/") {
store = networking.GetStore(networking.ACCOUNT_USER_AUTH)
} else {
store = networking.GetStore(networking.SERVER_USER_AUTH)
}
err = store.Set(res, req, "token", token, (60 * 60 * 24))
err2 := store.Set(res, req, "user", userRequestData.User, (60 * 60 * 24))
if err != nil || err2 != nil {
logger.Println(req.URL.Path + "::" + err.Error() + "::" + err2.Error())
http.Error(res, http.StatusText(500), http.StatusInternalServerError)
return false
}
res.WriteHeader(http.StatusNoContent)
return true
}
Reference in a new issue View git blame Copy permalink