evan/imagini
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Basic Auth Context

Browse Source
This commit is contained in:
Evan Reichard
2021-02-02 22:55:35 -05:00
parent 7e6454c593
commit c39fe6ec24
13 changed files with 828 additions and 202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
internal/auth/auth.go
View File

@@ -12,11 +12,9 @@ import (
"github.com/lestrrat-go/jwx/jwa"
"github.com/lestrrat-go/jwx/jwt"
"reichard.io/imagini/graph/model"
"reichard.io/imagini/internal/db"
"reichard.io/imagini/internal/config"
graphql "reichard.io/imagini/graph/model"
"reichard.io/imagini/internal/models"
"reichard.io/imagini/internal/session"
)
@@ -35,21 +33,21 @@ func NewMgr(db *db.DBManager, c *config.Config) *AuthManager {
}
}
func (auth *AuthManager) AuthenticateUser(creds models.APICredentials) (bool, graphql.User) {
func (auth *AuthManager) AuthenticateUser(user, password string) (bool, model.User) {
// Search Objects
userByName := &graphql.User{}
userByName.Username = creds.User
userByName := &model.User{}
userByName.Username = user
foundUser, err := auth.DB.User(userByName)
if errors.Is(err, gorm.ErrRecordNotFound) {
userByEmail := &graphql.User{}
userByEmail.Email = creds.User
userByEmail := &model.User{}
userByEmail.Email = user
foundUser, err = auth.DB.User(userByEmail)
}
// Error Checking
if errors.Is(err, gorm.ErrRecordNotFound) {
log.Warn("[auth] User not found: ", creds.User)
log.Warn("[auth] User not found: ", user)
return false, foundUser
} else if err != nil {
log.Error(err)
@@ -61,15 +59,15 @@ func (auth *AuthManager) AuthenticateUser(creds models.APICredentials) (bool, gr
// Determine Type
switch foundUser.AuthType {
case "Local":
return authenticateLocalUser(foundUser, creds.Password), foundUser
return authenticateLocalUser(foundUser, password), foundUser
case "LDAP":
return authenticateLDAPUser(foundUser, creds.Password), foundUser
return authenticateLDAPUser(foundUser, password), foundUser
default:
return false, foundUser
}
}
func (auth *AuthManager) getRole(user graphql.User) string {
func (auth *AuthManager) getRole(user model.User) string {
// TODO: Lookup role of user
return "User"
}
@@ -88,7 +86,7 @@ func (auth *AuthManager) ValidateJWTRefreshToken(refreshJWT string) (jwt.Token,
return nil, errors.New("did does not parse")
}
stringDeviceID := deviceID.String()
device, err := auth.DB.Device(&graphql.Device{ID: &stringDeviceID})
device, err := auth.DB.Device(&model.Device{ID: &stringDeviceID})
if err != nil {
return nil, err
}
@@ -119,7 +117,7 @@ func (auth *AuthManager) ValidateJWTAccessToken(accessJWT string) (jwt.Token, er
return verifiedToken, nil
}
func (auth *AuthManager) CreateJWTRefreshToken(user graphql.User, device graphql.Device) (string, error) {
func (auth *AuthManager) CreateJWTRefreshToken(user model.User, device model.Device) (string, error) {
// Acquire Refresh Key
byteKey := []byte(*device.RefreshKey)
@@ -154,7 +152,7 @@ func (auth *AuthManager) CreateJWTRefreshToken(user graphql.User, device graphql
return string(signed), nil
}
func (auth *AuthManager) CreateJWTAccessToken(user graphql.User, device graphql.Device) (string, error) {
func (auth *AuthManager) CreateJWTAccessToken(user model.User, device model.Device) (string, error) {
// Create New Token
tm := time.Now()
t := jwt.New()