mirror of
https://github.com/donl/gPanel.git
synced 2026-06-30 06:12:06 -06:00
referencing #129, removed usage of gorilla/sessions and gorilla/context within code
This commit is contained in:
parent
4c872ab911
commit
843e9a691a
8 changed files with 70 additions and 193 deletions
|
|
@ -5,7 +5,6 @@ import (
|
|||
"net/http"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/gpserver"
|
||||
"github.com/gorilla/context"
|
||||
"github.com/Ennovar/gPanel/pkg/router"
|
||||
)
|
||||
|
||||
|
|
@ -21,5 +20,5 @@ func main() {
|
|||
log.Print("To Exit: CTRL+C")
|
||||
log.Print("Domain router is listening on localhost:2080")
|
||||
log.Print("Listening (server) on localhost:2082, serving out of the server/document_root/ directory...")
|
||||
http.ListenAndServe("localhost:2082", context.ClearHandler(mains))
|
||||
http.ListenAndServe("localhost:2082", mains)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,9 +6,8 @@ import (
|
|||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"os"
|
||||
"strconv"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
"github.com/Ennovar/gPanel/pkg/emailer"
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
package user
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
|
|
@ -11,7 +12,6 @@ import (
|
|||
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
"github.com/Ennovar/gPanel/pkg/encryption"
|
||||
"github.com/Ennovar/gPanel/pkg/networking"
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
)
|
||||
|
||||
|
|
@ -48,7 +48,6 @@ func Auth(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir st
|
|||
var userDatabaseData database.Struct_Users
|
||||
|
||||
err = ds.Get(database.BUCKET_USERS, []byte(userRequestData.User), &userDatabaseData)
|
||||
|
||||
if err == database.ErrKeyNotExist {
|
||||
logger.Println(req.URL.Path + "::user does not exist.")
|
||||
http.Error(res, "User does not exist.", http.StatusUnauthorized)
|
||||
|
|
@ -87,21 +86,33 @@ func Auth(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir st
|
|||
return false
|
||||
}
|
||||
|
||||
var store networking.Store
|
||||
var sessionName string
|
||||
if strings.Contains(dir, "bundles/") {
|
||||
store = networking.GetStore(networking.ACCOUNT_USER_AUTH)
|
||||
sessionName = "gpanel-account-user-auth"
|
||||
} else {
|
||||
store = networking.GetStore(networking.SERVER_USER_AUTH)
|
||||
sessionName = "gpanel-server-user-auth"
|
||||
}
|
||||
|
||||
err = store.Set(res, req, "token", token, (60 * 60 * 24))
|
||||
err2 := store.Set(res, req, "user", userRequestData.User, (60 * 60 * 24))
|
||||
if err != nil || err2 != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error() + "::" + err2.Error())
|
||||
http.Error(res, http.StatusText(500), http.StatusInternalServerError)
|
||||
var sessionData struct {
|
||||
Username string `json:"Username"`
|
||||
Token string `json:"Token"`
|
||||
}
|
||||
sessionData.Username = userRequestData.User
|
||||
sessionData.Token = token
|
||||
|
||||
b, err := json.Marshal(sessionData)
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, err.Error(), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
|
||||
http.SetCookie(res, &http.Cookie{
|
||||
Name: sessionName,
|
||||
Value: base64.StdEncoding.EncodeToString(b),
|
||||
Path: "/",
|
||||
})
|
||||
|
||||
res.WriteHeader(http.StatusNoContent)
|
||||
return true
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ import (
|
|||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/networking"
|
||||
"time"
|
||||
)
|
||||
|
||||
// Logout function is accessed by an API call from the webhost root
|
||||
|
|
@ -20,20 +20,19 @@ func Logout(res http.ResponseWriter, req *http.Request, logger *log.Logger, dir
|
|||
return false
|
||||
}
|
||||
|
||||
var store networking.Store
|
||||
var sessionName string
|
||||
if strings.Contains(dir, "bundles/") {
|
||||
store = networking.GetStore(networking.ACCOUNT_USER_AUTH)
|
||||
sessionName = "gpanel-account-user-auth"
|
||||
} else {
|
||||
store = networking.GetStore(networking.SERVER_USER_AUTH)
|
||||
sessionName = "gpanel-server-user-auth"
|
||||
}
|
||||
|
||||
err := store.Delete(res, req)
|
||||
|
||||
if err != nil {
|
||||
logger.Println(req.URL.Path + "::" + err.Error())
|
||||
http.Error(res, http.StatusText(500), http.StatusInternalServerError)
|
||||
return false
|
||||
}
|
||||
http.SetCookie(res, &http.Cookie{
|
||||
Name: sessionName,
|
||||
Value: "",
|
||||
Path: "/",
|
||||
Expires: time.Unix(0, 0),
|
||||
})
|
||||
|
||||
res.WriteHeader(http.StatusNoContent)
|
||||
return true
|
||||
|
|
|
|||
|
|
@ -5,8 +5,10 @@ import (
|
|||
"net/http"
|
||||
"strings"
|
||||
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/api/user"
|
||||
"github.com/Ennovar/gPanel/pkg/networking"
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
)
|
||||
|
||||
|
|
@ -39,48 +41,46 @@ func reqAuth(path string) bool {
|
|||
// checkAuth function returns a boolean based on whether or not the current
|
||||
// caller is authenticated based off of encrypted sessions using JWT values.
|
||||
func (con *Controller) checkAuth(res http.ResponseWriter, req *http.Request) bool {
|
||||
store := networking.GetStore(networking.ACCOUNT_USER_AUTH)
|
||||
|
||||
session_value, err := store.Read(res, req, "user")
|
||||
if err != nil || session_value == nil {
|
||||
c, err := req.Cookie("gpanel-account-user-auth")
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
username, ok := session_value.(string)
|
||||
if !ok {
|
||||
data, err := base64.StdEncoding.DecodeString(c.Value)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
stored_secret, err := user.GetSecret(username, con.Directory)
|
||||
if stored_secret == "" {
|
||||
var sessionData struct {
|
||||
Username string `json:"Username"`
|
||||
Token string `json:"Token"`
|
||||
}
|
||||
|
||||
err = json.Unmarshal(data, &sessionData)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
session_value, err = store.Read(res, req, "token")
|
||||
if err != nil || session_value == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
tokenString, ok := session_value.(string)
|
||||
if !ok {
|
||||
storedSecret, err := user.GetSecret(sessionData.Username, con.Directory)
|
||||
if storedSecret == "" || err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
keyfunc := func(t *jwt.Token) (interface{}, error) {
|
||||
return []byte(stored_secret), nil
|
||||
return []byte(storedSecret), nil
|
||||
}
|
||||
|
||||
p := jwt.Parser{
|
||||
ValidMethods: []string{"HS256", "HS384", "HS512"},
|
||||
}
|
||||
t, err := p.ParseWithClaims(tokenString, &jwt.StandardClaims{}, keyfunc)
|
||||
|
||||
t, err := p.ParseWithClaims(sessionData.Token, &jwt.StandardClaims{}, keyfunc)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
claims := t.Claims.(*jwt.StandardClaims)
|
||||
if claims.Subject != username {
|
||||
if claims.Subject != sessionData.Username {
|
||||
return false
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,11 +2,12 @@
|
|||
package gpserver
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/api/user"
|
||||
"github.com/Ennovar/gPanel/pkg/networking"
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
)
|
||||
|
||||
|
|
@ -39,48 +40,46 @@ func reqAuth(path string) bool {
|
|||
// checkAuth function returns a boolean based on whether or not the current
|
||||
// caller is authenticated based off of encrypted sessions using JWT values.
|
||||
func (con *Controller) checkAuth(res http.ResponseWriter, req *http.Request) bool {
|
||||
store := networking.GetStore(networking.SERVER_USER_AUTH)
|
||||
|
||||
session_value, err := store.Read(res, req, "user")
|
||||
if err != nil || session_value == nil {
|
||||
c, err := req.Cookie("gpanel-server-user-auth")
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
username, ok := session_value.(string)
|
||||
if !ok {
|
||||
data, err := base64.StdEncoding.DecodeString(c.Value)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
stored_secret, err := user.GetSecret(username, con.Directory)
|
||||
if stored_secret == "" {
|
||||
var sessionData struct {
|
||||
Username string `json:"Username"`
|
||||
Token string `json:"Token"`
|
||||
}
|
||||
|
||||
err = json.Unmarshal(data, &sessionData)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
session_value, err = store.Read(res, req, "token")
|
||||
if err != nil || session_value == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
tokenString, ok := session_value.(string)
|
||||
if !ok {
|
||||
storedSecret, err := user.GetSecret(sessionData.Username, con.Directory)
|
||||
if storedSecret == "" || err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
keyfunc := func(t *jwt.Token) (interface{}, error) {
|
||||
return []byte(stored_secret), nil
|
||||
return []byte(storedSecret), nil
|
||||
}
|
||||
|
||||
p := jwt.Parser{
|
||||
ValidMethods: []string{"HS256", "HS384", "HS512"},
|
||||
}
|
||||
t, err := p.ParseWithClaims(tokenString, &jwt.StandardClaims{}, keyfunc)
|
||||
|
||||
t, err := p.ParseWithClaims(sessionData.Token, &jwt.StandardClaims{}, keyfunc)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
claims := t.Claims.(*jwt.StandardClaims)
|
||||
if claims.Subject != username {
|
||||
if claims.Subject != sessionData.Username {
|
||||
return false
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,79 +0,0 @@
|
|||
// Package networking contains various functions used to communicate between networks and
|
||||
// draw data from the client network.
|
||||
package networking
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gorilla/sessions"
|
||||
)
|
||||
|
||||
var key = []byte("GbP=K4#f$khYuZpStK68GyHxGg$4@5K-")
|
||||
|
||||
const (
|
||||
ACCOUNT_USER_AUTH = "gpanel-account-user-auth"
|
||||
SERVER_USER_AUTH = "gpanel-server-user-auth"
|
||||
)
|
||||
|
||||
type Store struct {
|
||||
handle *sessions.CookieStore
|
||||
cookieName string
|
||||
}
|
||||
|
||||
// GetStore function takes a name and either creates/grabs a store with that name.
|
||||
func GetStore(name string) Store {
|
||||
sessionStore := Store{
|
||||
handle: sessions.NewCookieStore(key),
|
||||
cookieName: name,
|
||||
}
|
||||
|
||||
return sessionStore
|
||||
}
|
||||
|
||||
// Set function is attached to the store struct and will set a session value inside of the current store.
|
||||
func (s *Store) Set(res http.ResponseWriter, req *http.Request, key string, value interface{}, expire int) error {
|
||||
session, err := s.handle.Get(req, s.cookieName)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
session.Values[key] = value
|
||||
session.Options = &sessions.Options{
|
||||
Path: "/",
|
||||
MaxAge: expire,
|
||||
HttpOnly: true,
|
||||
}
|
||||
session.Save(req, res)
|
||||
return nil
|
||||
}
|
||||
|
||||
// Read function is attached to the store struct and will read a given session value inside of the current store.
|
||||
func (s *Store) Read(res http.ResponseWriter, req *http.Request, key string) (interface{}, error) {
|
||||
session, err := s.handle.Get(req, s.cookieName)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
value := session.Values[key]
|
||||
return value, nil
|
||||
}
|
||||
|
||||
// Delete function is attached to the store struct and will delete a given session value inside of the current store.
|
||||
func (s *Store) Delete(res http.ResponseWriter, req *http.Request) error {
|
||||
session, err := s.handle.Get(req, s.cookieName)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
Path: "/",
|
||||
MaxAge: -1,
|
||||
HttpOnly: true,
|
||||
}
|
||||
|
||||
session.Save(req, res)
|
||||
return nil
|
||||
}
|
||||
|
|
@ -1,51 +0,0 @@
|
|||
// Package networking contains various functions used to communicate between networks and
|
||||
// draw data from the client network.
|
||||
package networking
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"reflect"
|
||||
"testing"
|
||||
)
|
||||
|
||||
// BUG(george-e-shaw-iv) Says statement coverage for network package is 0.0%, I think this
|
||||
// has something to do with the fact that I'm trying to test methods appended to a struct.
|
||||
func TestSessionStore(t *testing.T) {
|
||||
storeData := []struct {
|
||||
storeName string
|
||||
cookieName string
|
||||
key string
|
||||
value interface{}
|
||||
}{
|
||||
{"test-store-one", "test-cookie-one", "foo", "bar"},
|
||||
{"test-store-two", "test-cookie-two", "baz", true},
|
||||
{"test-store-three", "test-cookie-three", "foobar", 32},
|
||||
}
|
||||
|
||||
testServer := httptest.NewServer(http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
|
||||
for _, data := range storeData {
|
||||
store := GetStore(data.storeName)
|
||||
|
||||
err := store.Set(res, req, data.key, data.value, 60)
|
||||
if err != nil {
|
||||
t.Errorf("Error in session_store_test: %s", err.Error())
|
||||
}
|
||||
|
||||
val, err := store.Read(res, req, data.key)
|
||||
if err != nil {
|
||||
t.Errorf("Error in session_store_test: %s", err.Error())
|
||||
}
|
||||
|
||||
if reflect.TypeOf(data.value) != reflect.TypeOf(val) {
|
||||
t.Errorf("Error in session_store_test type checks, expected %s, got %s", reflect.TypeOf(data.value), reflect.TypeOf(val))
|
||||
}
|
||||
|
||||
err = store.Delete(res, req)
|
||||
if err != nil {
|
||||
t.Errorf("Error in session_store_test: %s", err.Error())
|
||||
}
|
||||
}
|
||||
}))
|
||||
defer testServer.Close()
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue