mirror
/
wakapi
mirror of https://github.com/muety/wakapi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Support for username-password authentication.

This commit is contained in:
Ferdinand Mütsch 2019-05-21 22:40:59 +02:00
parent df7b2d4a33
commit f9a2efaffb
3 changed files with 76 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
middlewares/authenticate.go
View File

@ -2,8 +2,12 @@ package middlewares
import ( import (
"context" "context"
"crypto/md5"
"encoding/base64" "encoding/base64"
"encoding/hex"
"errors"
"net/http" "net/http"
"regexp"
"strings" "strings"
"time" "time"
@ -31,16 +35,34 @@ func (m *AuthenticateMiddleware) Handle(w http.ResponseWriter, r *http.Request,
m.Init() m.Init()
} }
authHeader := strings.Split(r.Header.Get("Authorization"), " ") var user *models.User
if len(authHeader) != 2 { var userKey string
user, userKey, err := m.tryGetUserByApiKey(r)
if err != nil {
user, userKey, err = m.tryGetUserByPassword(r)
}
if err != nil {
w.WriteHeader(http.StatusUnauthorized) w.WriteHeader(http.StatusUnauthorized)
return return
} }
m.Cache.Set(userKey, user, cache.DefaultExpiration)
ctx := context.WithValue(r.Context(), models.UserKey, user)
next(w, r.WithContext(ctx))
}
func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, string, error) {
authHeader := strings.Split(r.Header.Get("Authorization"), " ")
if len(authHeader) != 2 || authHeader[0] != "Basic" {
return nil, "", errors.New("Failed to extract API key")
}
key, err := base64.StdEncoding.DecodeString(authHeader[1]) key, err := base64.StdEncoding.DecodeString(authHeader[1])
if err != nil { if err != nil {
w.WriteHeader(http.StatusUnauthorized) return nil, "", err
return
} }
var user *models.User var user *models.User
@ -49,15 +71,46 @@ func (m *AuthenticateMiddleware) Handle(w http.ResponseWriter, r *http.Request,
if !ok { if !ok {
user, err = m.UserSrvc.GetUserByKey(userKey) user, err = m.UserSrvc.GetUserByKey(userKey)
if err != nil { if err != nil {
w.WriteHeader(http.StatusUnauthorized) return nil, "", err
return
} }
} else { } else {
user = cachedUser.(*models.User) user = cachedUser.(*models.User)
} }
return user, userKey, nil
m.Cache.Set(userKey, user, cache.DefaultExpiration) }
ctx := context.WithValue(r.Context(), models.UserKey, user) func (m *AuthenticateMiddleware) tryGetUserByPassword(r *http.Request) (*models.User, string, error) {
next(w, r.WithContext(ctx)) authHeader := strings.Split(r.Header.Get("Authorization"), " ")
if len(authHeader) != 2 || authHeader[0] != "Basic" {
return nil, "", errors.New("Failed to extract API key")
}
hash, err := base64.StdEncoding.DecodeString(authHeader[1])
userKey := strings.TrimSpace(string(hash))
if err != nil {
return nil, "", err
}
var user *models.User
cachedUser, ok := m.Cache.Get(userKey)
if !ok {
re := regexp.MustCompile(`^(.+):(.+)$`)
groups := re.FindAllStringSubmatch(userKey, -1)
if len(groups) == 0 || len(groups[0]) != 3 {
return nil, "", errors.New("Failed to parse user agent string")
}
userId, password := groups[0][1], groups[0][2]
user, err = m.UserSrvc.GetUserById(userId)
if err != nil {
return nil, "", err
}
passwordHash := md5.Sum([]byte(password))
passwordHashString := hex.EncodeToString(passwordHash[:])
if passwordHashString != user.Password {
return nil, "", errors.New("Invalid password")
}
} else {
user = cachedUser.(*models.User)
}
return user, userKey, nil
} }

5
models/user.go
View File

@ -1,6 +1,7 @@
package models package models
type User struct { type User struct {
ID string `json:"id" gorm:"primary_key"` ID string `json:"id" gorm:"primary_key"`
ApiKey string `json:"api_key" gorm:"unique"` ApiKey string `json:"api_key" gorm:"unique"`
Password string `json:"-"`
} }

14
static/index.html
View File

@ -43,7 +43,7 @@
grid-area: header grid-area: header
} }
.apikey-input { .input {
width: 300px; width: 300px;
} }
</style> </style>
@ -52,8 +52,10 @@
<body> <body>
<h1>Statistics</h1> <h1>Statistics</h1>
<div class="input-container" id="input-container"> <div class="input-container" id="input-container">
<label for="apikey">API Key: </label> <label for="user">User: </label>
<input type="text" class="apikey-input" id="apikey-input" name="apikey" placeholder="Enter your API key here"> <input type="text" class="input" id="user-input" name="user" placeholder="Enter Username">
<label for="pw">API Key: </label>
<input type="password" class="input" id="password-input" name="pw" placeholder="Enter Password">
<button onclick="load('day', true)">Day (live)</button> <button onclick="load('day', true)">Day (live)</button>
<button onclick="load('week', false)">Week</button> <button onclick="load('week', false)">Week</button>
<button onclick="load('month', false)">Month</button> <button onclick="load('month', false)">Month</button>
@ -96,12 +98,14 @@
} }
function load(interval, live) { function load(interval, live) {
let apiKey = document.getElementById('apikey-input').value let user = document.getElementById('user-input').value
let password = document.getElementById('password-input').value
let hashed = btoa(`${user}:${password}`)
fetch(`${window.location.href}/api/summary?interval=${interval}&live=${live}`, { fetch(`${window.location.href}/api/summary?interval=${interval}&live=${live}`, {
method: 'GET', method: 'GET',
headers: { headers: {
'Accept': 'application/json', 'Accept': 'application/json',
'Authorization': `Basic ${btoa(apiKey)}` 'Authorization': `Basic ${hashed}`
} }
}) })
.then((res) => { .then((res) => {