jabuxas/abyss
jabuxas/abyss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

feat: add tokens for authentication

Browse Source
This commit is contained in:
jabuxas 2024-10-17 10:52:33 -03:00
parent 7ed16a5397
commit ed2c0e7ef9
5 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
abyss.go
View File

@ -93,6 +93,8 @@ func setupHandlers(mux *http.ServeMux, app *Application) {
mux.HandleFunc("/last", app.lastUploadedHandler) mux.HandleFunc("/last", app.lastUploadedHandler)
mux.HandleFunc("/token", BasicAuth(app.createTokenHandler, app))
mux.HandleFunc("/files/", app.fileHandler) mux.HandleFunc("/files/", app.fileHandler)
if app.authText == "yes" { if app.authText == "yes" {

2
go.mod
View File

@ -3,3 +3,5 @@ module github.com/jabuxas/abyss
go 1.22.6 go 1.22.6
require github.com/joho/godotenv v1.5.1 require github.com/joho/godotenv v1.5.1
require github.com/golang-jwt/jwt/v5 v5.2.1 // indirect

2
go.sum
View File

@ -1,2 +1,4 @@
github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=

17
handlers.go
View File

@ -9,6 +9,9 @@ import (
"os" "os"
"path/filepath" "path/filepath"
"strings" "strings"
"time"
"github.com/golang-jwt/jwt/v5"
) )
type Application struct { type Application struct {
@ -198,3 +201,17 @@ func (app *Application) publicURL(file io.Reader, extension string) string {
return filename return filename
} }
func (app *Application) createTokenHandler(w http.ResponseWriter, r *http.Request) {
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"exp": time.Now().Add(time.Hour * 2).Unix(),
})
tokenString, err := token.SignedString([]byte(app.key))
if err != nil {
http.Error(w, "Error generating token", http.StatusInternalServerError)
return
}
fmt.Fprintf(w, "%s", tokenString)
}

28
helpers.go
View File

@ -9,6 +9,8 @@ import (
"io" "io"
"net/http" "net/http"
"os" "os"
"github.com/golang-jwt/jwt/v5"
) )
type FileInfo struct { type FileInfo struct {
@ -27,7 +29,31 @@ type TemplateData struct {
} }
func CheckAuth(r *http.Request, key string) bool { func CheckAuth(r *http.Request, key string) bool {
return r.Header.Get("X-Auth") == key receivedKey := r.Header.Get("X-Auth")
if receivedKey == key {
return true
} else if err := validateToken(receivedKey, key); err == nil {
return true
}
return false
}
func validateToken(tokenString, key string) error {
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
}
return []byte(key), nil
})
if err != nil {
return err
}
if _, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
return nil
} else {
return fmt.Errorf("invalid token")
}
} }
func FormatFileSize(size int64) string { func FormatFileSize(size int64) string {