Andrew71/pye
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adjust variable naming

Browse source
This commit is contained in:
Andrew-71 2024-10-13 17:18:53 +03:00
parent c3334faa9e
commit 78056d8b48
10 changed files with 45 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

14
auth/auth.go
View file

@ -25,15 +25,15 @@ func Register(w http.ResponseWriter, r *http.Request) {
if ok {
email = strings.TrimSpace(email)
password = strings.TrimSpace(password)
if !(validEmail(email) && validPass(password) && !storage.Data.EmailExists(email)) {
slog.Debug("Outcome",
if !(validEmail(email) && validPass(password) && !storage.Data.Taken(email)) {
slog.Debug("outcome",
"email", validEmail(email),
"pass", validPass(password),
"taken", !storage.Data.EmailExists(email))
"taken", !storage.Data.Taken(email))
http.Error(w, "invalid auth credentials", http.StatusBadRequest)
return
}
err := storage.Data.AddUser(email, password)
err := storage.Data.Add(email, password)
if err != nil {
slog.Error("error adding a new user", "error", err)
http.Error(w, "error adding a new user", http.StatusInternalServerError)
@ -57,18 +57,18 @@ func Login(w http.ResponseWriter, r *http.Request) {
email = strings.TrimSpace(email)
password = strings.TrimSpace(password)
user, ok := storage.Data.ByEmail(email)
if !ok || !user.PasswordFits(password) {
if !ok || !user.Fits(password) {
w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
http.Error(w, "you did something wrong", http.StatusUnauthorized)
return
}
s, err := CreateJWT(user)
token, err := Create(user)
if err != nil {
http.Error(w, "error creating jwt", http.StatusInternalServerError)
return
}
w.Write([]byte(s))
w.Write([]byte(token))
return
}

22
auth/jwt.go
View file

@ -18,7 +18,7 @@ import (
var key *rsa.PrivateKey
// LoadKey attempts to load a private key from KeyFile.
// LoadKey attempts to load a private RS256 key from file.
// If the file does not exist, it generates a new key (and saves it)
func MustLoadKey() {
// If the key doesn't exist, create it
@ -58,14 +58,15 @@ func MustLoadKey() {
}
}
// PublicKey returns our public key as PEM block over http
func PublicKey(w http.ResponseWriter, r *http.Request) {
// ServePublicKey returns our public key as PEM block over HTTP
func ServePublicKey(w http.ResponseWriter, r *http.Request) {
key_marshalled := x509.MarshalPKCS1PublicKey(&key.PublicKey)
block := pem.Block{Bytes: key_marshalled, Type: "RSA PUBLIC KEY"}
pem.Encode(w, &block)
}
func CreateJWT(user storage.User) (string, error) {
// Create creates a JSON Web Token that expires after a week
func Create(user storage.User) (token string, err error) {
t := jwt.NewWithClaims(jwt.SigningMethodRS256,
jwt.MapClaims{
"iss": "pye",
@ -74,17 +75,17 @@ func CreateJWT(user storage.User) (string, error) {
"iat": time.Now().Unix(),
"exp": time.Now().Add(time.Hour * 24 * 7).Unix(),
})
s, err := t.SignedString(key)
token, err = t.SignedString(key)
if err != nil {
slog.Error("error creating JWT", "error", err)
return "", err
}
return s, nil
return
}
// VerifyToken receives a JWT and PEM-encoded public key,
// Verify receives a JWT and PEM-encoded public key,
// then returns whether the token is valid
func VerifyJWT(token string, publicKey []byte) (*jwt.Token, error) {
func Verify(token string, publicKey []byte) (*jwt.Token, error) {
t, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
key, err := jwt.ParseRSAPublicKeyFromPEM(publicKey)
if err != nil {
@ -98,8 +99,9 @@ func VerifyJWT(token string, publicKey []byte) (*jwt.Token, error) {
return t, err
}
func VerifyLocalJWT(token string) (*jwt.Token, error) {
// VerifyLocal calls Verify with public key set to current local one
func VerifyLocal(token string) (*jwt.Token, error) {
key_marshalled := x509.MarshalPKCS1PublicKey(&key.PublicKey)
block := pem.Block{Bytes: key_marshalled, Type: "RSA PUBLIC KEY"}
return VerifyJWT(token, pem.EncodeToMemory(&block))
return Verify(token, pem.EncodeToMemory(&block))
}