feature/users #1

Merged
torjus merged 4 commits from feature/users into master 2022-01-19 21:45:47 +00:00
16 changed files with 575 additions and 27 deletions

61
auth.go Normal file
View File

@ -0,0 +1,61 @@
package gpaste
import (
"fmt"
"time"
"github.com/golang-jwt/jwt"
"github.com/google/uuid"
)
type AuthService struct {
users UserStore
hmacSecret []byte
}
func NewAuthService(store UserStore, signingSecret []byte) *AuthService {
return &AuthService{users: store, hmacSecret: signingSecret}
}
func (as *AuthService) Login(username, password string) (string, error) {
user, err := as.users.Get(username)
if err != nil {
return "", err
}
if err := user.ValidatePassword(password); err != nil {
return "", err
}
// TODO: Set iss and aud
claims := jwt.StandardClaims{
Subject: user.Username,
ExpiresAt: time.Now().Add(7 * 24 * time.Hour).Unix(),
NotBefore: time.Now().Unix(),
IssuedAt: time.Now().Unix(),
Id: uuid.NewString(),
}
token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
signed, err := token.SignedString(as.hmacSecret)
if err != nil {
return "", err
}
return signed, nil
}
func (as *AuthService) ValidateToken(rawToken string) error {
claims := &jwt.StandardClaims{}
token, err := jwt.ParseWithClaims(rawToken, claims, func(t *jwt.Token) (interface{}, error) {
return as.hmacSecret, nil
})
if err != nil {
return err
}
if !token.Valid {
return fmt.Errorf("invalid token")
}
return nil
}

39
auth_test.go Normal file
View File

@ -0,0 +1,39 @@
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestAuth(t *testing.T) {
t.Run("Token", func(t *testing.T) {
us := gpaste.NewMemoryUserStore()
secret := []byte(randomString(16))
as := gpaste.NewAuthService(us, secret)
username := randomString(8)
password := randomString(16)
user := &gpaste.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("error setting user password: %s", err)
}
if err := us.Store(user); err != nil {
t.Fatalf("Error storing user: %s", err)
}
token, err := as.Login(username, password)
if err != nil {
t.Fatalf("Error creating token: %s", err)
}
if err := as.ValidateToken(token); err != nil {
t.Fatalf("Error validating token: %s", err)
}
invalidToken := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDMyMjk3NjMsImp0aSI6ImUzNDk5NWI1LThiZmMtNDQyNy1iZDgxLWFmNmQ3OTRiYzM0YiIsImlhdCI6MTY0MjYyNDk2MywibmJmIjoxNjQyNjI0OTYzLCJzdWIiOiJYdE5Hemt5ZSJ9.VM6dkwSLaBv8cStkWRVVv9ADjdUrHGHrlB7GB7Ly7n8`
if err := as.ValidateToken(invalidToken); err == nil {
t.Fatalf("Invalid token passed validation")
}
})
}

View File

@ -9,10 +9,13 @@ import (
"mime/multipart" "mime/multipart"
"net/http" "net/http"
"os" "os"
"strings"
"syscall"
"time" "time"
"github.com/google/uuid" "github.com/google/uuid"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"golang.org/x/term"
) )
var ( var (
@ -32,19 +35,23 @@ func main() {
Name: "config", Name: "config",
Usage: "Path to config-file.", Usage: "Path to config-file.",
}, },
&cli.StringFlag{
Name: "url",
Usage: "Base url of gpaste server",
},
}, },
Commands: []*cli.Command{ Commands: []*cli.Command{
{ {
Name: "upload", Name: "upload",
Usage: "Upload file(s)", Usage: "Upload file(s)",
ArgsUsage: "FILE [FILE]...", ArgsUsage: "FILE [FILE]...",
Flags: []cli.Flag{ Action: ActionUpload,
&cli.StringFlag{ },
Name: "url", {
Usage: "Base url of gpaste server", Name: "login",
}, Usage: "Login to gpaste server",
}, ArgsUsage: "USERNAME",
Action: ActionUpload, Action: ActionLogin,
}, },
}, },
} }
@ -105,3 +112,71 @@ func ActionUpload(c *cli.Context) error {
} }
return nil return nil
} }
func ActionLogin(c *cli.Context) error {
username := c.Args().First()
if username == "" {
return cli.Exit("USERNAME not supplied.", 1)
}
password, err := readPassword()
if err != nil {
return fmt.Errorf("error reading password: %w", err)
}
url := fmt.Sprintf("%s/api/login", c.String("url"))
client := &http.Client{}
// TODO: Change timeout
ctx, cancel := context.WithTimeout(c.Context, 10*time.Second)
defer cancel()
body := new(bytes.Buffer)
requestData := struct {
Username string `json:"username"`
Password string `json:"password"`
}{
Username: username,
Password: password,
}
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
return fmt.Errorf("error encoding response: %w", err)
}
req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, body)
if err != nil {
return fmt.Errorf("error creating request: %w", err)
}
resp, err := client.Do(req)
if err != nil {
return fmt.Errorf("unable to perform request: %s", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return cli.Exit("got non-ok response from server", 0)
}
responseData := struct {
Token string `json:"token"`
}{}
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&responseData); err != nil {
return fmt.Errorf("unable to parse response: %s", err)
}
fmt.Printf("Token: %s", responseData.Token)
return nil
}
func readPassword() (string, error) {
fmt.Print("Enter Password: ")
bytePassword, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", err
}
password := string(bytePassword)
return strings.TrimSpace(password), nil
}

View File

@ -10,10 +10,11 @@ import (
) )
type ServerConfig struct { type ServerConfig struct {
LogLevel string `toml:"LogLevel"` LogLevel string `toml:"LogLevel"`
URL string `toml:"URL"` URL string `toml:"URL"`
ListenAddr string `toml:"ListenAddr"` ListenAddr string `toml:"ListenAddr"`
Store *ServerStoreConfig `toml:"Store"` SigningSecret string `toml:"SigningSecret"`
Store *ServerStoreConfig `toml:"Store"`
} }
type ServerStoreConfig struct { type ServerStoreConfig struct {
@ -54,6 +55,10 @@ func (sc *ServerConfig) updateFromEnv() {
sc.ListenAddr = value sc.ListenAddr = value
} }
if value, ok := os.LookupEnv("GPASTE_SIGNINGSECRET"); ok {
sc.SigningSecret = value
}
if value, ok := os.LookupEnv("GPASTE_STORE_TYPE"); ok { if value, ok := os.LookupEnv("GPASTE_STORE_TYPE"); ok {
sc.Store.Type = value sc.Store.Type = value
} }

View File

@ -16,6 +16,7 @@ func TestServerConfig(t *testing.T) {
LogLevel = "INFO" LogLevel = "INFO"
URL = "http://paste.example.org" URL = "http://paste.example.org"
ListenAddr = ":8080" ListenAddr = ":8080"
SigningSecret = "abc999"
[Store] [Store]
Type = "fs" Type = "fs"
@ -23,9 +24,10 @@ Type = "fs"
Dir = "/tmp" Dir = "/tmp"
` `
expected := &gpaste.ServerConfig{ expected := &gpaste.ServerConfig{
LogLevel: "INFO", LogLevel: "INFO",
URL: "http://paste.example.org", URL: "http://paste.example.org",
ListenAddr: ":8080", ListenAddr: ":8080",
SigningSecret: "abc999",
Store: &gpaste.ServerStoreConfig{ Store: &gpaste.ServerStoreConfig{
Type: "fs", Type: "fs",
FS: &gpaste.ServerStoreFSStoreConfig{ FS: &gpaste.ServerStoreFSStoreConfig{
@ -48,16 +50,18 @@ Dir = "/tmp"
clearEnv() clearEnv()
var envMap map[string]string = map[string]string{ var envMap map[string]string = map[string]string{
"GPASTE_LOGLEVEL": "DEBUG", "GPASTE_LOGLEVEL": "DEBUG",
"GPASTE_URL": "http://gpaste.example.org", "GPASTE_URL": "http://gpaste.example.org",
"GPASTE_STORE_TYPE": "fs", "GPASTE_STORE_TYPE": "fs",
"GPASTE_LISTENADDR": ":8000", "GPASTE_LISTENADDR": ":8000",
"GPASTE_STORE_FS_DIR": "/tmp", "GPASTE_SIGNINGSECRET": "test1345",
"GPASTE_STORE_FS_DIR": "/tmp",
} }
expected := &gpaste.ServerConfig{ expected := &gpaste.ServerConfig{
LogLevel: "DEBUG", LogLevel: "DEBUG",
URL: "http://gpaste.example.org", URL: "http://gpaste.example.org",
ListenAddr: ":8000", ListenAddr: ":8000",
SigningSecret: "test1345",
Store: &gpaste.ServerStoreConfig{ Store: &gpaste.ServerStoreConfig{
Type: "fs", Type: "fs",
FS: &gpaste.ServerStoreFSStoreConfig{ FS: &gpaste.ServerStoreFSStoreConfig{

5
go.mod
View File

@ -7,10 +7,14 @@ require github.com/google/uuid v1.3.0
require github.com/go-chi/chi/v5 v5.0.7 require github.com/go-chi/chi/v5 v5.0.7
require ( require (
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/google/go-cmp v0.5.6 github.com/google/go-cmp v0.5.6
github.com/pelletier/go-toml v1.9.4 github.com/pelletier/go-toml v1.9.4
github.com/urfave/cli/v2 v2.3.0 github.com/urfave/cli/v2 v2.3.0
go.etcd.io/bbolt v1.3.6
go.uber.org/zap v1.20.0 go.uber.org/zap v1.20.0
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
) )
require ( require (
@ -18,4 +22,5 @@ require (
github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect
go.uber.org/atomic v1.9.0 // indirect go.uber.org/atomic v1.9.0 // indirect
go.uber.org/multierr v1.7.0 // indirect go.uber.org/multierr v1.7.0 // indirect
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect
) )

15
go.sum
View File

@ -9,6 +9,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8= github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8=
github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
@ -33,6 +35,8 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M= github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M=
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
@ -45,22 +49,33 @@ go.uber.org/zap v1.20.0 h1:N4oPlghZwYG55MlU6LXk/Zp00FVNE9X9wrYO8CEs4lc=
go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw= go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce h1:Roh6XWxHFKrPgC/EQhVubSAGQ6Ozk6IdxHSzt1mR0EI=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=

54
http.go
View File

@ -13,7 +13,9 @@ import (
) )
type HTTPServer struct { type HTTPServer struct {
store FileStore Files FileStore
Users UserStore
Auth *AuthService
config *ServerConfig config *ServerConfig
Logger *zap.SugaredLogger Logger *zap.SugaredLogger
AccessLogger *zap.SugaredLogger AccessLogger *zap.SugaredLogger
@ -26,7 +28,15 @@ func NewHTTPServer(cfg *ServerConfig) *HTTPServer {
Logger: zap.NewNop().Sugar(), Logger: zap.NewNop().Sugar(),
AccessLogger: zap.NewNop().Sugar(), AccessLogger: zap.NewNop().Sugar(),
} }
srv.store = NewMemoryFileStore() srv.Files = NewMemoryFileStore()
srv.Users = NewMemoryUserStore()
srv.Auth = NewAuthService(srv.Users, []byte(srv.config.SigningSecret))
// Create initial user
// TODO: Do properly
user := &User{Username: "admin"}
user.SetPassword("admin")
srv.Users.Store(user)
r := chi.NewRouter() r := chi.NewRouter()
r.Use(middleware.RealIP) r.Use(middleware.RealIP)
@ -35,6 +45,7 @@ func NewHTTPServer(cfg *ServerConfig) *HTTPServer {
r.Get("/", srv.HandlerIndex) r.Get("/", srv.HandlerIndex)
r.Post("/api/file", srv.HandlerAPIFilePost) r.Post("/api/file", srv.HandlerAPIFilePost)
r.Get("/api/file/{id}", srv.HandlerAPIFileGet) r.Get("/api/file/{id}", srv.HandlerAPIFileGet)
r.Post("/api/login", srv.HandlerAPILogin)
srv.Handler = r srv.Handler = r
return srv return srv
@ -57,7 +68,7 @@ func (s *HTTPServer) HandlerAPIFilePost(w http.ResponseWriter, r *http.Request)
s.processMultiPartFormUpload(w, r) s.processMultiPartFormUpload(w, r)
return return
} }
err := s.store.Store(f) err := s.Files.Store(f)
if err != nil { if err != nil {
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr) s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
@ -87,7 +98,7 @@ func (s *HTTPServer) HandlerAPIFileGet(w http.ResponseWriter, r *http.Request) {
return return
} }
f, err := s.store.Get(id) f, err := s.Files.Get(id)
if err != nil { if err != nil {
// TODO: LOG // TODO: LOG
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
@ -126,7 +137,7 @@ func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.R
Body: ff, Body: ff,
} }
if err := s.store.Store(f); err != nil { if err := s.Files.Store(f); err != nil {
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr) s.Logger.Warnw("Error storing file.", "req_id", reqID, "error", err, "id", f.ID, "remote_addr", r.RemoteAddr)
return return
@ -143,3 +154,36 @@ func (s *HTTPServer) processMultiPartFormUpload(w http.ResponseWriter, r *http.R
s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr) s.Logger.Warnw("Error encoding response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
} }
} }
func (s *HTTPServer) HandlerAPILogin(w http.ResponseWriter, r *http.Request) {
reqID := middleware.GetReqID(r.Context())
expectedRequest := struct {
Username string `json:"username"`
Password string `json:"password"`
}{}
decoder := json.NewDecoder(r.Body)
defer r.Body.Close()
if err := decoder.Decode(&expectedRequest); err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
token, err := s.Auth.Login(expectedRequest.Username, expectedRequest.Password)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
response := struct {
Token string `json:"token"`
}{
Token: token,
}
s.Logger.Infow("User logged in.", "req_id", reqID, "username", expectedRequest.Username)
encoder := json.NewEncoder(w)
if err := encoder.Encode(&response); err != nil {
s.Logger.Infow("Error encoding json response to client.", "req_id", reqID, "error", err, "remote_addr", r.RemoteAddr)
}
}

View File

@ -15,6 +15,7 @@ import (
func TestHandlers(t *testing.T) { func TestHandlers(t *testing.T) {
cfg := &gpaste.ServerConfig{ cfg := &gpaste.ServerConfig{
SigningSecret: "abc123",
Store: &gpaste.ServerStoreConfig{ Store: &gpaste.ServerStoreConfig{
Type: "memory", Type: "memory",
}, },
@ -96,4 +97,48 @@ func TestHandlers(t *testing.T) {
} }
}) })
}) })
t.Run("HandlerAPILogin", func(t *testing.T) {
// TODO: Add test
username := "admin"
password := "admin"
user := &gpaste.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting user password: %s", err)
}
if err := hs.Users.Store(user); err != nil {
t.Fatalf("Error storing user: %s", err)
}
requestData := struct {
Username string `json:"username"`
Password string `json:"password"`
}{
Username: username,
Password: password,
}
body := new(bytes.Buffer)
encoder := json.NewEncoder(body)
if err := encoder.Encode(&requestData); err != nil {
t.Fatalf("Error encoding request body: %s", err)
}
rr := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodPost, "/api/login", body)
hs.Handler.ServeHTTP(rr, req)
responseData := struct {
Token string `json:"token"`
}{}
decoder := json.NewDecoder(rr.Body)
if err := decoder.Decode(&responseData); err != nil {
t.Fatalf("Error decoding response: %s", err)
}
if err := hs.Auth.ValidateToken(responseData.Token); err != nil {
t.Fatalf("Unable to validate received token: %s", err)
}
})
} }

27
user.go Normal file
View File

@ -0,0 +1,27 @@
package gpaste
import "golang.org/x/crypto/bcrypt"
type User struct {
Username string `json:"username"`
HashedPassword []byte `json:"hashed_password"`
}
type UserStore interface {
Get(username string) (*User, error)
Store(user *User) error
Delete(username string) error
}
func (u *User) ValidatePassword(password string) error {
return bcrypt.CompareHashAndPassword(u.HashedPassword, []byte(password))
}
func (u *User) SetPassword(password string) error {
hashed, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return err
}
u.HashedPassword = hashed
return nil
}

37
user_test.go Normal file
View File

@ -0,0 +1,37 @@
package gpaste_test
import (
"math/rand"
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestUser(t *testing.T) {
t.Run("Password", func(t *testing.T) {
userMap := make(map[string]string)
for i := 0; i < 10; i++ {
userMap[randomString(8)] = randomString(16)
}
for username, password := range userMap {
user := &gpaste.User{Username: username}
if err := user.SetPassword(password); err != nil {
t.Fatalf("Error setting password: %s", err)
}
if err := user.ValidatePassword(password); err != nil {
t.Fatalf("Error validating password: %s", err)
}
}
})
}
func randomString(length int) string {
const charset = "abcdefghijklmnopqrstabcdefghijklmnopqrstuvwxyz" +
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
b := make([]byte, length)
for i := range b {
b[i] = charset[rand.Intn(len(charset))]
}
return string(b)
}

69
userstore_bolt.go Normal file
View File

@ -0,0 +1,69 @@
package gpaste
import (
"encoding/json"
"go.etcd.io/bbolt"
)
var keyUsers = []byte("users")
type BoltUserStore struct {
db *bbolt.DB
}
func NewBoltUserStore(path string) (*BoltUserStore, error) {
db, err := bbolt.Open(path, 0666, nil)
if err != nil {
return nil, err
}
if err := db.Update(func(tx *bbolt.Tx) error {
_, err := tx.CreateBucketIfNotExists(keyUsers)
return err
}); err != nil {
return nil, err
}
return &BoltUserStore{db: db}, nil
}
func (s *BoltUserStore) Close() error {
return s.db.Close()
}
func (s *BoltUserStore) Get(username string) (*User, error) {
var user User
err := s.db.View(func(tx *bbolt.Tx) error {
bkt := tx.Bucket(keyUsers)
rawUser := bkt.Get([]byte(username))
if err := json.Unmarshal(rawUser, &user); err != nil {
return err
}
return nil
})
if err != nil {
return nil, err
}
return &user, nil
}
func (s *BoltUserStore) Store(user *User) error {
return s.db.Update(func(tx *bbolt.Tx) error {
bkt := tx.Bucket(keyUsers)
data, err := json.Marshal(user)
if err != nil {
return err
}
return bkt.Put([]byte(user.Username), data)
})
}
func (s *BoltUserStore) Delete(username string) error {
return s.db.Update(func(tx *bbolt.Tx) error {
bkt := tx.Bucket(keyUsers)
return bkt.Delete([]byte(username))
})
}

27
userstore_bolt_test.go Normal file
View File

@ -0,0 +1,27 @@
package gpaste_test
import (
"path/filepath"
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestBoltUserStore(t *testing.T) {
tmpDir := t.TempDir()
newFunc := func() (func(), gpaste.UserStore) {
tmpFile := filepath.Join(tmpDir, randomString(8))
store, err := gpaste.NewBoltUserStore(tmpFile)
if err != nil {
t.Fatalf("Error creating store: %s", err)
}
cleanup := func() {
store.Close()
}
return cleanup, store
}
RunUserStoreTest(newFunc, t)
}

39
userstore_memory.go Normal file
View File

@ -0,0 +1,39 @@
package gpaste
import (
"fmt"
"sync"
)
type MemoryUserStore struct {
users map[string]*User
lock sync.Mutex
}
func NewMemoryUserStore() *MemoryUserStore {
return &MemoryUserStore{users: make(map[string]*User)}
}
func (s *MemoryUserStore) Get(username string) (*User, error) {
s.lock.Lock()
defer s.lock.Unlock()
user, ok := s.users[username]
if !ok {
return nil, fmt.Errorf("no such user: %s", username)
}
return user, nil
}
func (s *MemoryUserStore) Store(user *User) error {
s.lock.Lock()
defer s.lock.Unlock()
s.users[user.Username] = user
return nil
}
func (s *MemoryUserStore) Delete(username string) error {
s.lock.Lock()
defer s.lock.Unlock()
delete(s.users, username)
return nil
}

15
userstore_memory_test.go Normal file
View File

@ -0,0 +1,15 @@
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste"
)
func TestMemoryUserStore(t *testing.T) {
newFunc := func() (func(), gpaste.UserStore) {
return func() {}, gpaste.NewMemoryUserStore()
}
RunUserStoreTest(newFunc, t)
}

41
userstore_test.go Normal file
View File

@ -0,0 +1,41 @@
package gpaste_test
import (
"testing"
"git.t-juice.club/torjus/gpaste"
)
func RunUserStoreTest(newFunc func() (func(), gpaste.UserStore), t *testing.T) {
t.Run("Basics", func(t *testing.T) {
cleanup, s := newFunc()
t.Cleanup(cleanup)
userMap := make(map[string]string)
for i := 0; i < 10; i++ {
userMap[randomString(8)] = randomString(16)
}
for k, v := range userMap {
user := &gpaste.User{
Username: k,
}
if err := user.SetPassword(v); err != nil {
t.Fatalf("Error setting password: %s", err)
}
if err := s.Store(user); err != nil {
t.Fatalf("Error storing user: %s", err)
}
}
for k, v := range userMap {
user, err := s.Get(k)
if err != nil {
t.Errorf("Error getting user: %s", err)
}
if err := user.ValidatePassword(v); err != nil {
t.Errorf("Error verifying password: %s", err)
}
}
})
}