You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
77 lines
1.8 KiB
77 lines
1.8 KiB
package web |
|
|
|
import ( |
|
"errors" |
|
"net/http" |
|
"time" |
|
|
|
"git.ulra.eu/adro/miniwol/config" |
|
|
|
"github.com/google/uuid" |
|
"github.com/labstack/echo/v4" |
|
"golang.org/x/crypto/bcrypt" |
|
) |
|
|
|
var sessions map[string]time.Time |
|
|
|
func init() { |
|
sessions = make(map[string]time.Time) |
|
} |
|
|
|
func checkAuth(token string) error { |
|
for sToken, expiree := range sessions { |
|
// Expire old sessions |
|
if time.Now().After(expiree) { |
|
delete(sessions, sToken) |
|
continue |
|
} |
|
// Check for valid session of token |
|
if token == sToken { |
|
return nil |
|
} |
|
} |
|
|
|
return errors.New("this token is not associated with a valid session") |
|
} |
|
|
|
func withAuth(handler echo.HandlerFunc) echo.HandlerFunc { |
|
return func(c echo.Context) error { |
|
session, err := c.Cookie("session") |
|
// Redirect to login if session expired/invalid |
|
if err != nil || checkAuth(session.Value) != nil { |
|
return c.Redirect(http.StatusSeeOther, "/") |
|
} |
|
// Refresh session |
|
sessions[session.Value] = time.Now().Add(time.Second * time.Duration(config.Config.SessionTTL*60)) |
|
return handler(c) |
|
} |
|
} |
|
|
|
// Handlers |
|
func auth(c echo.Context) error { |
|
password := c.FormValue("Password") |
|
if bcrypt.CompareHashAndPassword([]byte(config.Config.PassHash), []byte(password)) != nil { |
|
return c.String(401, "Wrong Password") |
|
} |
|
token := uuid.New().String() |
|
sessions[token] = time.Now().Add(time.Second * time.Duration(config.Config.SessionTTL*60)) |
|
c.SetCookie(&http.Cookie{ |
|
Name: "session", |
|
Value: token, |
|
Path: "/", |
|
Secure: config.Config.StrictCookies, |
|
HttpOnly: true, |
|
SameSite: http.SameSiteStrictMode, |
|
}) |
|
return c.Redirect(http.StatusSeeOther, "/") |
|
} |
|
|
|
func deauth(c echo.Context) error { |
|
session, err := c.Cookie("session") |
|
if err != nil { |
|
return err |
|
} |
|
|
|
delete(sessions, session.Value) |
|
return c.Redirect(http.StatusSeeOther, "/") |
|
}
|
|
|