switched from id for authentication to authcode

This commit is contained in:
Settel 2021-08-08 21:48:15 +02:00
parent 82c91c05dc
commit 91d3fc9265
17 changed files with 97 additions and 33 deletions

View File

@ -1,4 +1,5 @@
{
"authcode": "646162",
"name": "Settel",
"role": "admin"
}

View File

@ -1,4 +1,5 @@
{
"authcode": "123457",
"name": "Player #2",
"role": "player",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -1,4 +1,5 @@
{
"authcode": "123123",
"name": "Master",
"role": "gamemaster",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -1,4 +1,5 @@
{
"authcode": "123458",
"name": "Player #3",
"role": "player",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -1,4 +1,5 @@
{
"authcode": "123456",
"name": "Player #1",
"role": "player",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -12,3 +12,12 @@ func (app Application) GetUserById(id string) (*user.User, error) {
}
return usr, nil
}
func (app Application) GetUserByAuthcode(authcode string) (*user.User, error) {
for _, usr := range app.users {
if usr.GetAuthCode() == authcode {
return usr, nil
}
}
return nil, fmt.Errorf("unknown id")
}

View File

@ -15,7 +15,7 @@ func (app *Application) SyncHandler(usr *user.User, w http.ResponseWriter, r *ht
return
}
if usr.Game != gameRef && !usr.IsAdmin() {
if usr.GetGameId() != gameRef && !usr.IsAdmin() {
w.WriteHeader(http.StatusForbidden)
fmt.Fprintf(w, "forbidden")
return

View File

@ -20,7 +20,7 @@ func (authMux *AuthMux) GetGameInfo(usr *user.User, w http.ResponseWriter, r *ht
return
}
if !usr.IsGamemaster() || (usr.Game != gameRef && !usr.IsAdmin()) {
if !usr.IsGamemaster() || (usr.GetGameId() != gameRef && !usr.IsAdmin()) {
w.WriteHeader(http.StatusForbidden)
fmt.Fprintf(w, "forbidden")
return

View File

@ -31,7 +31,7 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
}
cookie := authMux.createCookie()
cookie.Value = usr.GetId()
cookie.Value = usr.GetId() + ":" + usr.GetAuthCode()
cookie.MaxAge = 0
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
@ -47,7 +47,7 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
return nil, fmt.Errorf("invalid code")
}
usr, err := authMux.app.GetUserById(code)
usr, err := authMux.app.GetUserByAuthcode(code)
if err != nil {
return nil, fmt.Errorf("invalid code")
}

View File

@ -4,6 +4,7 @@ import (
"fmt"
"net/http"
"sirlab.de/go/knyt/user"
"strings"
)
func (authMux *AuthMux) PrivateHandleFunc(pattern string, handlerFunc PrivateHandlerFunc) {
@ -30,10 +31,16 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
return nil, fmt.Errorf("invalid cookie")
}
usr, usrErr := authMux.app.GetUserById(authCookie.Value)
vals := strings.SplitN(authCookie.Value, ":", 2)
usr, usrErr := authMux.app.GetUserById(vals[0])
if usrErr != nil {
return nil, fmt.Errorf("invalid cookie")
}
if usr.GetAuthCode() != vals[1] {
return nil, fmt.Errorf("invalid cookie")
}
return usr, nil
}

View File

@ -7,17 +7,17 @@ import (
"sirlab.de/go/knyt/user"
)
type userLight struct {
Name string `json:"name"`
Role string `json:"role"`
Game string `json:"game"`
type UserInfoJson struct {
Name string `json:"name"`
Role string `json:"role"`
GameId string `json:"game"`
}
func (authMux *AuthMux) GetUserInfo(usr *user.User, w http.ResponseWriter, r *http.Request) {
usrLight := userLight{
Name: usr.Name,
Role: usr.Role,
Game: usr.Game,
usrLight := UserInfoJson{
Name: usr.GetName(),
Role: usr.GetRole(),
GameId: usr.GetGameId(),
}
w.Header().Add("Content-Type", "application/json")

View File

@ -1,6 +1,11 @@
package statement
type Statement struct {
id string `json:"id"`
statement string `json:"statement"`
}
type StatementJson struct {
Id string `json:"id"`
Statement string `json:"statement"`
}

View File

@ -1,5 +1,11 @@
package syncdata
type SyncData struct {
VersionRef int `json:"version"`
type Gameinfo struct {
Players []string `json:"players"`
}
type SyncData struct {
VersionRef int `json:"version"`
Players []string `json:"players"`
Gameinfo *Gameinfo `json:"game"`
}

View File

@ -7,8 +7,22 @@ const (
)
type User struct {
id string
Name string `json:"name"`
Role string `json:"role"`
Game string `json:"game"`
id string
authcode string
name string
role string
gameId string
}
type UserJson struct {
Authcode string `json:"authcode"`
Name string `json:"name"`
Role string `json:"role"`
GameId string `json:"game"`
}
type UserinfoJson struct {
Name string `json:"name"`
Role string `json:"role"`
GameId string `json:"game"`
}

View File

@ -4,28 +4,30 @@ import (
"encoding/json"
"fmt"
"os"
"path"
"strings"
)
func NewUser(id, name, role string) *User {
return &User{
id: id,
Name: name,
Role: role,
}
}
func NewUserFromFile(id, fileName string) (*User, error) {
jsonBytes, err := os.ReadFile(fileName)
if err != nil {
return nil, err
}
var usr User
if err := json.Unmarshal(jsonBytes, &usr); err != nil {
// var usr User
var userJson UserJson
if err := json.Unmarshal(jsonBytes, &userJson); err != nil {
return nil, fmt.Errorf("%s: %v\n", fileName, err)
} else {
usr.id = id
return &usr, nil
_, fileNameShort := path.Split(fileName)
id := strings.TrimSuffix(fileNameShort, ".json")
return &User{
id: id,
name: userJson.Name,
role: userJson.Role,
authcode: userJson.Authcode,
gameId: userJson.GameId,
}, nil
}
}
@ -33,14 +35,30 @@ func (user *User) GetId() string {
return user.id
}
func (user *User) GetAuthCode() string {
return user.authcode
}
func (user *User) GetName() string {
return user.name
}
func (user *User) GetRole() string {
return user.role
}
func (user *User) GetGameId() string {
return user.gameId
}
func (user *User) IsPlayer() bool {
return true
}
func (user *User) IsGamemaster() bool {
return user.Role == ROLE_GAMEMASTER || user.Role == ROLE_ADMIN
return user.role == ROLE_GAMEMASTER || user.role == ROLE_ADMIN
}
func (user *User) IsAdmin() bool {
return user.Role == ROLE_ADMIN
return user.role == ROLE_ADMIN
}