switched from id for authentication to authcode
This commit is contained in:
parent
82c91c05dc
commit
91d3fc9265
@ -1,4 +1,5 @@
|
||||
{
|
||||
"authcode": "646162",
|
||||
"name": "Settel",
|
||||
"role": "admin"
|
||||
}
|
@ -1,4 +1,5 @@
|
||||
{
|
||||
"authcode": "123457",
|
||||
"name": "Player #2",
|
||||
"role": "player",
|
||||
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"
|
@ -1,4 +1,5 @@
|
||||
{
|
||||
"authcode": "123123",
|
||||
"name": "Master",
|
||||
"role": "gamemaster",
|
||||
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"
|
@ -1,4 +1,5 @@
|
||||
{
|
||||
"authcode": "123458",
|
||||
"name": "Player #3",
|
||||
"role": "player",
|
||||
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"
|
@ -1,4 +1,5 @@
|
||||
{
|
||||
"authcode": "123456",
|
||||
"name": "Player #1",
|
||||
"role": "player",
|
||||
"game": "067fb1b8-8303-4faa-95d2-1832770a791c"
|
@ -12,3 +12,12 @@ func (app Application) GetUserById(id string) (*user.User, error) {
|
||||
}
|
||||
return usr, nil
|
||||
}
|
||||
|
||||
func (app Application) GetUserByAuthcode(authcode string) (*user.User, error) {
|
||||
for _, usr := range app.users {
|
||||
if usr.GetAuthCode() == authcode {
|
||||
return usr, nil
|
||||
}
|
||||
}
|
||||
return nil, fmt.Errorf("unknown id")
|
||||
}
|
||||
|
@ -15,7 +15,7 @@ func (app *Application) SyncHandler(usr *user.User, w http.ResponseWriter, r *ht
|
||||
return
|
||||
}
|
||||
|
||||
if usr.Game != gameRef && !usr.IsAdmin() {
|
||||
if usr.GetGameId() != gameRef && !usr.IsAdmin() {
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
fmt.Fprintf(w, "forbidden")
|
||||
return
|
||||
|
@ -20,7 +20,7 @@ func (authMux *AuthMux) GetGameInfo(usr *user.User, w http.ResponseWriter, r *ht
|
||||
return
|
||||
}
|
||||
|
||||
if !usr.IsGamemaster() || (usr.Game != gameRef && !usr.IsAdmin()) {
|
||||
if !usr.IsGamemaster() || (usr.GetGameId() != gameRef && !usr.IsAdmin()) {
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
fmt.Fprintf(w, "forbidden")
|
||||
return
|
||||
|
@ -31,7 +31,7 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
cookie := authMux.createCookie()
|
||||
cookie.Value = usr.GetId()
|
||||
cookie.Value = usr.GetId() + ":" + usr.GetAuthCode()
|
||||
cookie.MaxAge = 0
|
||||
http.SetCookie(w, cookie)
|
||||
w.Header().Add("Content-Type", "text/plain")
|
||||
@ -47,7 +47,7 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
|
||||
return nil, fmt.Errorf("invalid code")
|
||||
}
|
||||
|
||||
usr, err := authMux.app.GetUserById(code)
|
||||
usr, err := authMux.app.GetUserByAuthcode(code)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid code")
|
||||
}
|
||||
|
@ -4,6 +4,7 @@ import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"sirlab.de/go/knyt/user"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func (authMux *AuthMux) PrivateHandleFunc(pattern string, handlerFunc PrivateHandlerFunc) {
|
||||
@ -30,10 +31,16 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
|
||||
return nil, fmt.Errorf("invalid cookie")
|
||||
}
|
||||
|
||||
usr, usrErr := authMux.app.GetUserById(authCookie.Value)
|
||||
vals := strings.SplitN(authCookie.Value, ":", 2)
|
||||
|
||||
usr, usrErr := authMux.app.GetUserById(vals[0])
|
||||
if usrErr != nil {
|
||||
return nil, fmt.Errorf("invalid cookie")
|
||||
}
|
||||
|
||||
if usr.GetAuthCode() != vals[1] {
|
||||
return nil, fmt.Errorf("invalid cookie")
|
||||
}
|
||||
|
||||
return usr, nil
|
||||
}
|
||||
|
@ -7,17 +7,17 @@ import (
|
||||
"sirlab.de/go/knyt/user"
|
||||
)
|
||||
|
||||
type userLight struct {
|
||||
type UserInfoJson struct {
|
||||
Name string `json:"name"`
|
||||
Role string `json:"role"`
|
||||
Game string `json:"game"`
|
||||
GameId string `json:"game"`
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) GetUserInfo(usr *user.User, w http.ResponseWriter, r *http.Request) {
|
||||
usrLight := userLight{
|
||||
Name: usr.Name,
|
||||
Role: usr.Role,
|
||||
Game: usr.Game,
|
||||
usrLight := UserInfoJson{
|
||||
Name: usr.GetName(),
|
||||
Role: usr.GetRole(),
|
||||
GameId: usr.GetGameId(),
|
||||
}
|
||||
|
||||
w.Header().Add("Content-Type", "application/json")
|
||||
|
@ -1,6 +1,11 @@
|
||||
package statement
|
||||
|
||||
type Statement struct {
|
||||
id string `json:"id"`
|
||||
statement string `json:"statement"`
|
||||
}
|
||||
|
||||
type StatementJson struct {
|
||||
Id string `json:"id"`
|
||||
Statement string `json:"statement"`
|
||||
}
|
||||
|
@ -1,5 +1,11 @@
|
||||
package syncdata
|
||||
|
||||
type Gameinfo struct {
|
||||
Players []string `json:"players"`
|
||||
}
|
||||
|
||||
type SyncData struct {
|
||||
VersionRef int `json:"version"`
|
||||
Players []string `json:"players"`
|
||||
Gameinfo *Gameinfo `json:"game"`
|
||||
}
|
||||
|
@ -8,7 +8,21 @@ const (
|
||||
|
||||
type User struct {
|
||||
id string
|
||||
authcode string
|
||||
name string
|
||||
role string
|
||||
gameId string
|
||||
}
|
||||
|
||||
type UserJson struct {
|
||||
Authcode string `json:"authcode"`
|
||||
Name string `json:"name"`
|
||||
Role string `json:"role"`
|
||||
Game string `json:"game"`
|
||||
GameId string `json:"game"`
|
||||
}
|
||||
|
||||
type UserinfoJson struct {
|
||||
Name string `json:"name"`
|
||||
Role string `json:"role"`
|
||||
GameId string `json:"game"`
|
||||
}
|
||||
|
@ -4,28 +4,30 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"os"
|
||||
"path"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func NewUser(id, name, role string) *User {
|
||||
return &User{
|
||||
id: id,
|
||||
Name: name,
|
||||
Role: role,
|
||||
}
|
||||
}
|
||||
|
||||
func NewUserFromFile(id, fileName string) (*User, error) {
|
||||
jsonBytes, err := os.ReadFile(fileName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var usr User
|
||||
if err := json.Unmarshal(jsonBytes, &usr); err != nil {
|
||||
// var usr User
|
||||
var userJson UserJson
|
||||
if err := json.Unmarshal(jsonBytes, &userJson); err != nil {
|
||||
return nil, fmt.Errorf("%s: %v\n", fileName, err)
|
||||
} else {
|
||||
usr.id = id
|
||||
return &usr, nil
|
||||
_, fileNameShort := path.Split(fileName)
|
||||
id := strings.TrimSuffix(fileNameShort, ".json")
|
||||
return &User{
|
||||
id: id,
|
||||
name: userJson.Name,
|
||||
role: userJson.Role,
|
||||
authcode: userJson.Authcode,
|
||||
gameId: userJson.GameId,
|
||||
}, nil
|
||||
}
|
||||
}
|
||||
|
||||
@ -33,14 +35,30 @@ func (user *User) GetId() string {
|
||||
return user.id
|
||||
}
|
||||
|
||||
func (user *User) GetAuthCode() string {
|
||||
return user.authcode
|
||||
}
|
||||
|
||||
func (user *User) GetName() string {
|
||||
return user.name
|
||||
}
|
||||
|
||||
func (user *User) GetRole() string {
|
||||
return user.role
|
||||
}
|
||||
|
||||
func (user *User) GetGameId() string {
|
||||
return user.gameId
|
||||
}
|
||||
|
||||
func (user *User) IsPlayer() bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func (user *User) IsGamemaster() bool {
|
||||
return user.Role == ROLE_GAMEMASTER || user.Role == ROLE_ADMIN
|
||||
return user.role == ROLE_GAMEMASTER || user.role == ROLE_ADMIN
|
||||
}
|
||||
|
||||
func (user *User) IsAdmin() bool {
|
||||
return user.Role == ROLE_ADMIN
|
||||
return user.role == ROLE_ADMIN
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user