mirror of
https://github.com/muety/wakapi.git
synced 2023-08-10 21:12:56 +03:00
Support for username-password authentication.
This commit is contained in:
parent
df7b2d4a33
commit
f9a2efaffb
@ -2,8 +2,12 @@ package middlewares
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/md5"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
|
"encoding/hex"
|
||||||
|
"errors"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -31,16 +35,34 @@ func (m *AuthenticateMiddleware) Handle(w http.ResponseWriter, r *http.Request,
|
|||||||
m.Init()
|
m.Init()
|
||||||
}
|
}
|
||||||
|
|
||||||
authHeader := strings.Split(r.Header.Get("Authorization"), " ")
|
var user *models.User
|
||||||
if len(authHeader) != 2 {
|
var userKey string
|
||||||
|
user, userKey, err := m.tryGetUserByApiKey(r)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
user, userKey, err = m.tryGetUserByPassword(r)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
m.Cache.Set(userKey, user, cache.DefaultExpiration)
|
||||||
|
|
||||||
|
ctx := context.WithValue(r.Context(), models.UserKey, user)
|
||||||
|
next(w, r.WithContext(ctx))
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, string, error) {
|
||||||
|
authHeader := strings.Split(r.Header.Get("Authorization"), " ")
|
||||||
|
if len(authHeader) != 2 || authHeader[0] != "Basic" {
|
||||||
|
return nil, "", errors.New("Failed to extract API key")
|
||||||
|
}
|
||||||
|
|
||||||
key, err := base64.StdEncoding.DecodeString(authHeader[1])
|
key, err := base64.StdEncoding.DecodeString(authHeader[1])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
return nil, "", err
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var user *models.User
|
var user *models.User
|
||||||
@ -49,15 +71,46 @@ func (m *AuthenticateMiddleware) Handle(w http.ResponseWriter, r *http.Request,
|
|||||||
if !ok {
|
if !ok {
|
||||||
user, err = m.UserSrvc.GetUserByKey(userKey)
|
user, err = m.UserSrvc.GetUserByKey(userKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
return nil, "", err
|
||||||
return
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
user = cachedUser.(*models.User)
|
user = cachedUser.(*models.User)
|
||||||
}
|
}
|
||||||
|
return user, userKey, nil
|
||||||
m.Cache.Set(userKey, user, cache.DefaultExpiration)
|
}
|
||||||
|
|
||||||
ctx := context.WithValue(r.Context(), models.UserKey, user)
|
func (m *AuthenticateMiddleware) tryGetUserByPassword(r *http.Request) (*models.User, string, error) {
|
||||||
next(w, r.WithContext(ctx))
|
authHeader := strings.Split(r.Header.Get("Authorization"), " ")
|
||||||
|
if len(authHeader) != 2 || authHeader[0] != "Basic" {
|
||||||
|
return nil, "", errors.New("Failed to extract API key")
|
||||||
|
}
|
||||||
|
|
||||||
|
hash, err := base64.StdEncoding.DecodeString(authHeader[1])
|
||||||
|
userKey := strings.TrimSpace(string(hash))
|
||||||
|
if err != nil {
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
var user *models.User
|
||||||
|
cachedUser, ok := m.Cache.Get(userKey)
|
||||||
|
if !ok {
|
||||||
|
re := regexp.MustCompile(`^(.+):(.+)$`)
|
||||||
|
groups := re.FindAllStringSubmatch(userKey, -1)
|
||||||
|
if len(groups) == 0 || len(groups[0]) != 3 {
|
||||||
|
return nil, "", errors.New("Failed to parse user agent string")
|
||||||
|
}
|
||||||
|
userId, password := groups[0][1], groups[0][2]
|
||||||
|
user, err = m.UserSrvc.GetUserById(userId)
|
||||||
|
if err != nil {
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
passwordHash := md5.Sum([]byte(password))
|
||||||
|
passwordHashString := hex.EncodeToString(passwordHash[:])
|
||||||
|
if passwordHashString != user.Password {
|
||||||
|
return nil, "", errors.New("Invalid password")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
user = cachedUser.(*models.User)
|
||||||
|
}
|
||||||
|
return user, userKey, nil
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package models
|
package models
|
||||||
|
|
||||||
type User struct {
|
type User struct {
|
||||||
ID string `json:"id" gorm:"primary_key"`
|
ID string `json:"id" gorm:"primary_key"`
|
||||||
ApiKey string `json:"api_key" gorm:"unique"`
|
ApiKey string `json:"api_key" gorm:"unique"`
|
||||||
|
Password string `json:"-"`
|
||||||
}
|
}
|
||||||
|
@ -43,7 +43,7 @@
|
|||||||
grid-area: header
|
grid-area: header
|
||||||
}
|
}
|
||||||
|
|
||||||
.apikey-input {
|
.input {
|
||||||
width: 300px;
|
width: 300px;
|
||||||
}
|
}
|
||||||
</style>
|
</style>
|
||||||
@ -52,8 +52,10 @@
|
|||||||
<body>
|
<body>
|
||||||
<h1>Statistics</h1>
|
<h1>Statistics</h1>
|
||||||
<div class="input-container" id="input-container">
|
<div class="input-container" id="input-container">
|
||||||
<label for="apikey">API Key: </label>
|
<label for="user">User: </label>
|
||||||
<input type="text" class="apikey-input" id="apikey-input" name="apikey" placeholder="Enter your API key here">
|
<input type="text" class="input" id="user-input" name="user" placeholder="Enter Username">
|
||||||
|
<label for="pw">API Key: </label>
|
||||||
|
<input type="password" class="input" id="password-input" name="pw" placeholder="Enter Password">
|
||||||
<button onclick="load('day', true)">Day (live)</button>
|
<button onclick="load('day', true)">Day (live)</button>
|
||||||
<button onclick="load('week', false)">Week</button>
|
<button onclick="load('week', false)">Week</button>
|
||||||
<button onclick="load('month', false)">Month</button>
|
<button onclick="load('month', false)">Month</button>
|
||||||
@ -96,12 +98,14 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
function load(interval, live) {
|
function load(interval, live) {
|
||||||
let apiKey = document.getElementById('apikey-input').value
|
let user = document.getElementById('user-input').value
|
||||||
|
let password = document.getElementById('password-input').value
|
||||||
|
let hashed = btoa(`${user}:${password}`)
|
||||||
fetch(`${window.location.href}/api/summary?interval=${interval}&live=${live}`, {
|
fetch(`${window.location.href}/api/summary?interval=${interval}&live=${live}`, {
|
||||||
method: 'GET',
|
method: 'GET',
|
||||||
headers: {
|
headers: {
|
||||||
'Accept': 'application/json',
|
'Accept': 'application/json',
|
||||||
'Authorization': `Basic ${btoa(apiKey)}`
|
'Authorization': `Basic ${hashed}`
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
.then((res) => {
|
.then((res) => {
|
||||||
|
Loading…
Reference in New Issue
Block a user