Allow clients to change password

2021-12-06 06:53:49 +01:00
parent 67b3214276
commit 6f91ac3d2d
8 changed files with 284 additions and 70 deletions
--- a/server/interceptors/auth.go
+++ b/server/interceptors/auth.go
@@ -2,7 +2,6 @@ package interceptors

 import (
 	"context"
-	"fmt"

 	"gitea.benny.dog/torjus/ezshare/pb"
 	"gitea.benny.dog/torjus/ezshare/store"
@@ -14,14 +13,15 @@ import (
 type ContextKey string

 var ContextKeyRole ContextKey = "role"
+var ContextKeyUserID ContextKey = "userid"

 func NewAuthInterceptor(s store.UserStore) grpc.UnaryServerInterceptor {
+	// TODO: Verify that cert is signed by our ca
 	return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
 		p, ok := peer.FromContext(ctx)
 		if ok {
 			tlsInfo, ok := p.AuthInfo.(credentials.TLSInfo)
 			if ok {
-				fmt.Printf("%+v\n", tlsInfo.State.PeerCertificates[0].Subject.CommonName)
 				if len(tlsInfo.State.PeerCertificates) == 1 {
 					cert := tlsInfo.State.PeerCertificates[0]

@@ -30,6 +30,7 @@ func NewAuthInterceptor(s store.UserStore) grpc.UnaryServerInterceptor {
 					user, err := s.GetUser(id)
 					if err == nil {
 						newCtx := context.WithValue(ctx, ContextKeyRole, user.UserRole)
+						newCtx = context.WithValue(newCtx, ContextKeyUserID, user.Id)
 						return handler(newCtx, req)
 					}
 				}
@@ -53,3 +54,15 @@ func RoleFromContext(ctx context.Context) pb.User_Role {
 	}
 	return pb.User_UNKNOWN
 }
+
+func UserIDFromContext(ctx context.Context) string {
+	value := ctx.Value(ContextKeyUserID)
+	if value == nil {
+		return ""
+	}
+	id, ok := value.(string)
+	if ok {
+		return id
+	}
+	return ""
+}