switched from id for authentication to authcode

This commit is contained in:
Settel 2021-08-08 21:48:15 +02:00
parent 82c91c05dc
commit 91d3fc9265
17 changed files with 97 additions and 33 deletions

View File

@ -1,4 +1,5 @@
{ {
"authcode": "646162",
"name": "Settel", "name": "Settel",
"role": "admin" "role": "admin"
} }

View File

@ -1,4 +1,5 @@
{ {
"authcode": "123457",
"name": "Player #2", "name": "Player #2",
"role": "player", "role": "player",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c" "game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -1,4 +1,5 @@
{ {
"authcode": "123123",
"name": "Master", "name": "Master",
"role": "gamemaster", "role": "gamemaster",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c" "game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -1,4 +1,5 @@
{ {
"authcode": "123458",
"name": "Player #3", "name": "Player #3",
"role": "player", "role": "player",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c" "game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -1,4 +1,5 @@
{ {
"authcode": "123456",
"name": "Player #1", "name": "Player #1",
"role": "player", "role": "player",
"game": "067fb1b8-8303-4faa-95d2-1832770a791c" "game": "067fb1b8-8303-4faa-95d2-1832770a791c"

View File

@ -12,3 +12,12 @@ func (app Application) GetUserById(id string) (*user.User, error) {
} }
return usr, nil return usr, nil
} }
func (app Application) GetUserByAuthcode(authcode string) (*user.User, error) {
for _, usr := range app.users {
if usr.GetAuthCode() == authcode {
return usr, nil
}
}
return nil, fmt.Errorf("unknown id")
}

View File

@ -15,7 +15,7 @@ func (app *Application) SyncHandler(usr *user.User, w http.ResponseWriter, r *ht
return return
} }
if usr.Game != gameRef && !usr.IsAdmin() { if usr.GetGameId() != gameRef && !usr.IsAdmin() {
w.WriteHeader(http.StatusForbidden) w.WriteHeader(http.StatusForbidden)
fmt.Fprintf(w, "forbidden") fmt.Fprintf(w, "forbidden")
return return

View File

@ -20,7 +20,7 @@ func (authMux *AuthMux) GetGameInfo(usr *user.User, w http.ResponseWriter, r *ht
return return
} }
if !usr.IsGamemaster() || (usr.Game != gameRef && !usr.IsAdmin()) { if !usr.IsGamemaster() || (usr.GetGameId() != gameRef && !usr.IsAdmin()) {
w.WriteHeader(http.StatusForbidden) w.WriteHeader(http.StatusForbidden)
fmt.Fprintf(w, "forbidden") fmt.Fprintf(w, "forbidden")
return return

View File

@ -31,7 +31,7 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
} }
cookie := authMux.createCookie() cookie := authMux.createCookie()
cookie.Value = usr.GetId() cookie.Value = usr.GetId() + ":" + usr.GetAuthCode()
cookie.MaxAge = 0 cookie.MaxAge = 0
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain") w.Header().Add("Content-Type", "text/plain")
@ -47,7 +47,7 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
return nil, fmt.Errorf("invalid code") return nil, fmt.Errorf("invalid code")
} }
usr, err := authMux.app.GetUserById(code) usr, err := authMux.app.GetUserByAuthcode(code)
if err != nil { if err != nil {
return nil, fmt.Errorf("invalid code") return nil, fmt.Errorf("invalid code")
} }

View File

@ -4,6 +4,7 @@ import (
"fmt" "fmt"
"net/http" "net/http"
"sirlab.de/go/knyt/user" "sirlab.de/go/knyt/user"
"strings"
) )
func (authMux *AuthMux) PrivateHandleFunc(pattern string, handlerFunc PrivateHandlerFunc) { func (authMux *AuthMux) PrivateHandleFunc(pattern string, handlerFunc PrivateHandlerFunc) {
@ -30,10 +31,16 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
return nil, fmt.Errorf("invalid cookie") return nil, fmt.Errorf("invalid cookie")
} }
usr, usrErr := authMux.app.GetUserById(authCookie.Value) vals := strings.SplitN(authCookie.Value, ":", 2)
usr, usrErr := authMux.app.GetUserById(vals[0])
if usrErr != nil { if usrErr != nil {
return nil, fmt.Errorf("invalid cookie") return nil, fmt.Errorf("invalid cookie")
} }
if usr.GetAuthCode() != vals[1] {
return nil, fmt.Errorf("invalid cookie")
}
return usr, nil return usr, nil
} }

View File

@ -7,17 +7,17 @@ import (
"sirlab.de/go/knyt/user" "sirlab.de/go/knyt/user"
) )
type userLight struct { type UserInfoJson struct {
Name string `json:"name"` Name string `json:"name"`
Role string `json:"role"` Role string `json:"role"`
Game string `json:"game"` GameId string `json:"game"`
} }
func (authMux *AuthMux) GetUserInfo(usr *user.User, w http.ResponseWriter, r *http.Request) { func (authMux *AuthMux) GetUserInfo(usr *user.User, w http.ResponseWriter, r *http.Request) {
usrLight := userLight{ usrLight := UserInfoJson{
Name: usr.Name, Name: usr.GetName(),
Role: usr.Role, Role: usr.GetRole(),
Game: usr.Game, GameId: usr.GetGameId(),
} }
w.Header().Add("Content-Type", "application/json") w.Header().Add("Content-Type", "application/json")

View File

@ -1,6 +1,11 @@
package statement package statement
type Statement struct { type Statement struct {
id string `json:"id"`
statement string `json:"statement"`
}
type StatementJson struct {
Id string `json:"id"` Id string `json:"id"`
Statement string `json:"statement"` Statement string `json:"statement"`
} }

View File

@ -1,5 +1,11 @@
package syncdata package syncdata
type Gameinfo struct {
Players []string `json:"players"`
}
type SyncData struct { type SyncData struct {
VersionRef int `json:"version"` VersionRef int `json:"version"`
Players []string `json:"players"`
Gameinfo *Gameinfo `json:"game"`
} }

View File

@ -8,7 +8,21 @@ const (
type User struct { type User struct {
id string id string
authcode string
name string
role string
gameId string
}
type UserJson struct {
Authcode string `json:"authcode"`
Name string `json:"name"` Name string `json:"name"`
Role string `json:"role"` Role string `json:"role"`
Game string `json:"game"` GameId string `json:"game"`
}
type UserinfoJson struct {
Name string `json:"name"`
Role string `json:"role"`
GameId string `json:"game"`
} }

View File

@ -4,28 +4,30 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"os" "os"
"path"
"strings"
) )
func NewUser(id, name, role string) *User {
return &User{
id: id,
Name: name,
Role: role,
}
}
func NewUserFromFile(id, fileName string) (*User, error) { func NewUserFromFile(id, fileName string) (*User, error) {
jsonBytes, err := os.ReadFile(fileName) jsonBytes, err := os.ReadFile(fileName)
if err != nil { if err != nil {
return nil, err return nil, err
} }
var usr User // var usr User
if err := json.Unmarshal(jsonBytes, &usr); err != nil { var userJson UserJson
if err := json.Unmarshal(jsonBytes, &userJson); err != nil {
return nil, fmt.Errorf("%s: %v\n", fileName, err) return nil, fmt.Errorf("%s: %v\n", fileName, err)
} else { } else {
usr.id = id _, fileNameShort := path.Split(fileName)
return &usr, nil id := strings.TrimSuffix(fileNameShort, ".json")
return &User{
id: id,
name: userJson.Name,
role: userJson.Role,
authcode: userJson.Authcode,
gameId: userJson.GameId,
}, nil
} }
} }
@ -33,14 +35,30 @@ func (user *User) GetId() string {
return user.id return user.id
} }
func (user *User) GetAuthCode() string {
return user.authcode
}
func (user *User) GetName() string {
return user.name
}
func (user *User) GetRole() string {
return user.role
}
func (user *User) GetGameId() string {
return user.gameId
}
func (user *User) IsPlayer() bool { func (user *User) IsPlayer() bool {
return true return true
} }
func (user *User) IsGamemaster() bool { func (user *User) IsGamemaster() bool {
return user.Role == ROLE_GAMEMASTER || user.Role == ROLE_ADMIN return user.role == ROLE_GAMEMASTER || user.role == ROLE_ADMIN
} }
func (user *User) IsAdmin() bool { func (user *User) IsAdmin() bool {
return user.Role == ROLE_ADMIN return user.role == ROLE_ADMIN
} }