Initial commit
This commit is contained in:
52
internal/auth/auth_controller.go
Normal file
52
internal/auth/auth_controller.go
Normal file
@ -0,0 +1,52 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"git.cesium.pw/niku/virteen/internal/auth/services"
|
||||
"github.com/gofiber/fiber/v2"
|
||||
"github.com/golang-jwt/jwt"
|
||||
)
|
||||
|
||||
type PamAuthController struct {
|
||||
pam *services.PamAuthService
|
||||
}
|
||||
|
||||
func NewPamAuthController() *PamAuthController {
|
||||
return &PamAuthController{
|
||||
pam: services.NewPamAuthService(),
|
||||
}
|
||||
}
|
||||
|
||||
type GetTokenBody struct {
|
||||
User string `json:"user"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
func (pac *PamAuthController) GetToken(ctx *fiber.Ctx) error {
|
||||
var body GetTokenBody
|
||||
if err := ctx.BodyParser(&body); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
isValid := (*pac.pam).IsValidUser(body.User, body.Password)
|
||||
if isValid == false {
|
||||
return fmt.Errorf("invalid user or password")
|
||||
}
|
||||
|
||||
claims := jwt.MapClaims{
|
||||
"name": body.User,
|
||||
"exp": time.Now().Add(time.Hour * 72).Unix(),
|
||||
}
|
||||
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
|
||||
t, err := token.SignedString([]byte(os.Getenv("JWT_SECRET")))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return ctx.JSON(fiber.Map{"Token": t})
|
||||
}
|
||||
5
internal/auth/models/models.go
Normal file
5
internal/auth/models/models.go
Normal file
@ -0,0 +1,5 @@
|
||||
package models
|
||||
|
||||
type AuthService interface {
|
||||
IsValidUser(user, password string) bool
|
||||
}
|
||||
31
internal/auth/repositories/pam_repository.go
Normal file
31
internal/auth/repositories/pam_repository.go
Normal file
@ -0,0 +1,31 @@
|
||||
package repositories
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"github.com/msteinert/pam"
|
||||
)
|
||||
|
||||
type PamRepository struct{}
|
||||
|
||||
func NewPamRepository() *PamRepository {
|
||||
return &PamRepository{}
|
||||
}
|
||||
|
||||
func (pr *PamRepository) IsValidUser(user, password string) bool {
|
||||
tx, err := pam.StartFunc("virteen", user, func(s pam.Style, msg string) (string, error) {
|
||||
return password, nil
|
||||
})
|
||||
if err != nil {
|
||||
panic("failed to start PAM transaction")
|
||||
}
|
||||
|
||||
err = tx.Authenticate(pam.Silent)
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "authenticate: %s\n", err.Error())
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
17
internal/auth/services/pam_auth_service.go
Normal file
17
internal/auth/services/pam_auth_service.go
Normal file
@ -0,0 +1,17 @@
|
||||
package services
|
||||
|
||||
import "git.cesium.pw/niku/virteen/internal/auth/repositories"
|
||||
|
||||
type PamAuthService struct {
|
||||
pam *repositories.PamRepository
|
||||
}
|
||||
|
||||
func NewPamAuthService() *PamAuthService {
|
||||
return &PamAuthService{
|
||||
pam: repositories.NewPamRepository(),
|
||||
}
|
||||
}
|
||||
|
||||
func (pas PamAuthService) IsValidUser(user, password string) bool {
|
||||
return pas.pam.IsValidUser(user, password)
|
||||
}
|
||||
Reference in New Issue
Block a user