Compare commits
7 Commits
f3172b0d31
...
27e7ea7d7a
| Author | SHA1 | Date |
|---|---|---|
 Derrick Hammer
|
27e7ea7d7a
|
|
|
Derrick Hammer
|
09d53ffa76
|
|
|
Derrick Hammer
|
d680f0660f
|
|
|
Derrick Hammer
|
36745bb55b
|
|
|
Derrick Hammer
|
db3ba1f014
|
|
|
Derrick Hammer
|
c20dec0204
|
|
|
Derrick Hammer
|
def1b50cfc
|
|
|
@ -14,6 +14,7 @@ import (
|
|||
"golang.org/x/crypto/bcrypt"
|
||||
"gorm.io/gorm"
|
||||
"reflect"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type AccountController struct {
|
||||
|
|
@ -116,7 +117,7 @@ func (a *AccountController) PostRegister() {
|
|||
}
|
||||
|
||||
if len(r.Pubkey) > 0 {
|
||||
if err := tx.Create(&model.Key{Account: account, Pubkey: r.Pubkey}).Error; err != nil {
|
||||
if err := tx.Create(&model.Key{Account: account, Pubkey: strings.ToLower(r.Pubkey)}).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ import (
|
|||
"github.com/kataras/jwt"
|
||||
"go.uber.org/zap"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
|
|
@ -160,6 +161,13 @@ func (a *AuthController) PostLogin() {
|
|||
return
|
||||
}
|
||||
|
||||
if account.Password == nil || len(*account.Password) == 0 {
|
||||
msg := "only pubkey login is supported"
|
||||
logger.Get().Debug(msg)
|
||||
a.Ctx.StopWithError(iris.StatusBadRequest, errors.New(msg))
|
||||
return
|
||||
}
|
||||
|
||||
// Verify the provided password against the hashed password stored in the database.
|
||||
if err := verifyPassword(*account.Password, r.Password); err != nil {
|
||||
msg := "invalid email or password"
|
||||
|
|
@ -185,7 +193,7 @@ func (a *AuthController) PostLogin() {
|
|||
|
||||
// PostChallenge handles the POST /api/auth/pubkey/challenge request to generate a challenge for a user's public key.
|
||||
func (a *AuthController) PostPubkeyChallenge() {
|
||||
var r LoginRequest
|
||||
var r ChallengeRequest
|
||||
|
||||
// Read the login request from the client.
|
||||
if err := a.Ctx.ReadJSON(&r); err != nil {
|
||||
|
|
@ -194,15 +202,17 @@ func (a *AuthController) PostPubkeyChallenge() {
|
|||
return
|
||||
}
|
||||
|
||||
r.Pubkey = strings.ToLower(r.Pubkey)
|
||||
|
||||
// Retrieve the account for the given email.
|
||||
account := model.Account{}
|
||||
if err := db.Get().Where("email = ?", r.Email).First(&account).Error; err != nil {
|
||||
a.Ctx.StopWithError(iris.StatusBadRequest, errors.New("invalid email or password"))
|
||||
account := model.Key{}
|
||||
if err := db.Get().Where("pubkey = ?", r.Pubkey).First(&account).Error; err != nil {
|
||||
a.Ctx.StopWithError(iris.StatusBadRequest, errors.New("invalid pubkey"))
|
||||
return
|
||||
}
|
||||
|
||||
// Generate a random challenge string.
|
||||
challenge, err := generateAndSaveChallengeToken(account.ID, time.Minute)
|
||||
challenge, err := generateAndSaveChallengeToken(account.AccountID, time.Minute)
|
||||
if err != nil {
|
||||
a.Ctx.StopWithError(iris.StatusInternalServerError, errors.New("failed to generate challenge"))
|
||||
return
|
||||
|
|
@ -226,9 +236,12 @@ func (a *AuthController) PostPubkeyLogin() {
|
|||
return
|
||||
}
|
||||
|
||||
r.Pubkey = strings.ToLower(r.Pubkey)
|
||||
r.Signature = strings.ToLower(r.Signature)
|
||||
|
||||
// Retrieve the key challenge for the given challenge.
|
||||
challenge := model.KeyChallenge{}
|
||||
if err := db.Get().Where("challenge = ?", r.Challenge).Preload("Key").First(&challenge).Error; err != nil {
|
||||
if err := db.Get().Where("challenge = ?", r.Challenge).First(&challenge).Error; err != nil {
|
||||
msg := "invalid key challenge"
|
||||
logger.Get().Debug(msg, zap.Error(err), zap.String("challenge", r.Challenge))
|
||||
a.Ctx.StopWithError(iris.StatusBadRequest, errorx.RejectedOperation.New(msg))
|
||||
|
|
|
|||
Loading…
Reference in New Issue