authd/src/authd.cr


require "jwt"

require "ipc"

require "./user.cr"
require "./group.cr"

module AuthD
	enum RequestTypes
		GetToken
		AddUser
		GetUser
		GetUserByCredentials
		ModUser # Edit user attributes.
	end

	enum ResponseTypes
		Ok
		MalformedRequest
		InvalidCredentials
		InvalidUser
		UserNotFound # For UID-based GetUser requests.
	end

	class GetTokenRequest
		JSON.mapping({
			# FIXME: Rename to "login" for consistency.
			login: String,
			password: String
		})
	end

	class AddUserRequest
		JSON.mapping({
			login: String,
			password: String,
			uid: Int32?,
			gid: Int32?,
			home: String?,
			shell: String?
		})
	end

	class GetUserRequest
		JSON.mapping({
			uid: Int32
		})
	end

	class GetUserByCredentialsRequest
		JSON.mapping({
			login: String,
			password: String
		})
	end

	class ModUserRequest
		JSON.mapping({
			uid: Int32,
			password: String?,
			avatar: String?
		})
	end

	class Client < IPC::Connection
		property key : String

		def initialize
			@key = ""

			initialize "auth"
		end

		def get_token?(login : String, password : String) : String?
			send RequestTypes::GetToken, {
				:login => login,
				:password => password
			}.to_json

			response = read

			if response.type == ResponseTypes::Ok.value.to_u8
				String.new response.payload
			else
				nil
			end
		end

		def get_user?(login : String, password : String) : User?
			send RequestTypes::GetUserByCredentials, {
				:login => login,
				:password => password
			}.to_json

			response = read

			if response.type == ResponseTypes::Ok.value.to_u8
				User.from_json String.new response.payload
			else
				nil
			end
		end

		def get_user?(uid : Int32)
			send RequestTypes::GetUser, {:uid => uid}.to_json

			response = read

			if response.type == ResponseTypes::Ok.value.to_u8
				User.from_json String.new response.payload
			else
				nil
			end
		end

		def send(type : RequestTypes, payload)
			send type.value.to_u8, payload
		end

		def decode_token(token)
			user, meta = JWT.decode token, @key, JWT::Algorithm::HS256

			user = AuthD::User.from_json user.to_json

			{user, meta}
		end

		# FIXME: Extra options may be useful to implement here.
		def add_user(login : String, password : String) : AuthD::User | Exception
			send RequestTypes::AddUser, {
				:login => login,
				:password => password
			}.to_json

			response = read

			payload = String.new response.payload
			case ResponseTypes.new response.type.to_i
			when ResponseTypes::Ok
				AuthD::User.from_json payload
			else
				Exception.new payload
			end
		end

		def mod_user(uid : Int32, password : String? = nil, avatar : String? = nil) : Bool | Exception
			payload = Hash(String, String|Int32).new
			payload["uid"] = uid

			password.try do |password|
				payload["password"] = password
			end

			avatar.try do |avatar|
				payload["avatar"] = avatar
			end

			send RequestTypes::ModUser, payload.to_json

			response = read

			case ResponseTypes.new response.type.to_i
			when ResponseTypes::Ok
				true
			else
				Exception.new String.new response.payload
			end
		end
	end
end
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00
			`require "jwt"`

Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`require "ipc"`
User -> AuthD::User, authd_user : AuthD::User 2018-09-22 21:42:21 +02:00
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`require "./user.cr"`
Crecto replacement. Replaced by a `passwd` and `group` files reader that both follow UNIX format. Only difference with a live system will be the password hash field, which is stored in `passwd` instead of a dedicated `shadow` file (and which is likely encoded differently). 2018-12-17 00:56:03 +01:00			`require "./group.cr"`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`module AuthD`
			`enum RequestTypes`
Coding style. 2018-12-19 13:57:48 +01:00			`GetToken`
			`AddUser`
GetUser requests. 2019-01-07 17:04:20 +01:00			`GetUser`
AuthD::Client#get_user?(login, password) added. 2019-02-16 22:06:56 +01:00			`GetUserByCredentials`
ModUser request. 2019-05-29 16:06:11 +02:00			`ModUser # Edit user attributes.`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`end`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`enum ResponseTypes`
Coding style. 2018-12-19 13:57:48 +01:00			`Ok`
			`MalformedRequest`
			`InvalidCredentials`
			`InvalidUser`
GetUser requests. 2019-01-07 17:04:20 +01:00			`UserNotFound # For UID-based GetUser requests.`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`end`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`class GetTokenRequest`
			`JSON.mapping({`
Crecto replacement. Replaced by a `passwd` and `group` files reader that both follow UNIX format. Only difference with a live system will be the password hash field, which is stored in `passwd` instead of a dedicated `shadow` file (and which is likely encoded differently). 2018-12-17 00:56:03 +01:00			`# FIXME: Rename to "login" for consistency.`
Variable naming. Some breaking changes in the communications with authd (some request attributes renamed), but projects using AuthD::Client shouldn’t see anything. 2018-12-17 04:39:01 +01:00			`login: String,`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`password: String`
			`})`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00			`end`

WIP registration. 2018-12-19 13:54:19 +01:00			`class AddUserRequest`
			`JSON.mapping({`
			`login: String,`
			`password: String,`
			`uid: Int32?,`
			`gid: Int32?,`
			`home: String?,`
			`shell: String?`
			`})`
			`end`

GetUser requests. 2019-01-07 17:04:20 +01:00			`class GetUserRequest`
			`JSON.mapping({`
			`uid: Int32`
			`})`
			`end`

AuthD::Client#get_user?(login, password) added. 2019-02-16 22:06:56 +01:00			`class GetUserByCredentialsRequest`
			`JSON.mapping({`
			`login: String,`
			`password: String`
			`})`
			`end`

ModUser request. 2019-05-29 16:06:11 +02:00			`class ModUserRequest`
			`JSON.mapping({`
			`uid: Int32,`
Avatar update through ModUserRequest. 2019-05-29 19:45:03 +02:00			`password: String?,`
			`avatar: String?`
ModUser request. 2019-05-29 16:06:11 +02:00			`})`
			`end`

Updates for new libipc APIs. 2019-06-05 22:30:29 +02:00			`class Client < IPC::Connection`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`property key : String`

			`def initialize`
			`@key = ""`

			`initialize "auth"`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00			`end`

IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`def get_token?(login : String, password : String) : String?`
GetUser requests. 2019-01-07 17:04:20 +01:00			`send RequestTypes::GetToken, {`
Variable naming. Some breaking changes in the communications with authd (some request attributes renamed), but projects using AuthD::Client shouldn’t see anything. 2018-12-17 04:39:01 +01:00			`:login => login,`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`:password => password`
			`}.to_json`

			`response = read`

libipc API updates. 2019-06-05 22:38:08 +02:00			`if response.type == ResponseTypes::Ok.value.to_u8`
IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`String.new response.payload`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`else`
			`nil`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00			`end`
			`end`

IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`def get_user?(login : String, password : String) : User?`
AuthD::Client#get_user?(login, password) added. 2019-02-16 22:06:56 +01:00			`send RequestTypes::GetUserByCredentials, {`
			`:login => login,`
			`:password => password`
			`}.to_json`

			`response = read`

libipc API updates. 2019-06-05 22:38:08 +02:00			`if response.type == ResponseTypes::Ok.value.to_u8`
IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`User.from_json String.new response.payload`
AuthD::Client#get_user?(login, password) added. 2019-02-16 22:06:56 +01:00			`else`
			`nil`
			`end`
			`end`

GetUser requests. 2019-01-07 17:04:20 +01:00			`def get_user?(uid : Int32)`
			`send RequestTypes::GetUser, {:uid => uid}.to_json`

			`response = read`

libipc API updates. 2019-06-05 22:38:08 +02:00			`if response.type == ResponseTypes::Ok.value.to_u8`
Missed IPC.cr update. Duh~, hopefully we’ll soon have automated tests. 2019-06-29 02:43:31 +02:00			`User.from_json String.new response.payload`
GetUser requests. 2019-01-07 17:04:20 +01:00			`else`
			`nil`
			`end`
			`end`

WIP registration. 2018-12-19 13:54:19 +01:00			`def send(type : RequestTypes, payload)`
			`send type.value.to_u8, payload`
			`end`

Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00			`def decode_token(token)`
Update to new crystal-jwt APIs. 2019-06-28 18:20:34 +02:00			`user, meta = JWT.decode token, @key, JWT::Algorithm::HS256`
Finished conversion to a libIPC-based microservice. 2018-11-12 18:51:21 +01:00
			`user = AuthD::User.from_json user.to_json`

			`{user, meta}`
			`end`
WIP registration. 2018-12-19 13:54:19 +01:00
			`# FIXME: Extra options may be useful to implement here.`
			`def add_user(login : String, password : String) : AuthD::User \| Exception`
Coding style. 2018-12-19 13:57:48 +01:00			`send RequestTypes::AddUser, {`
WIP registration. 2018-12-19 13:54:19 +01:00			`:login => login,`
			`:password => password`
			`}.to_json`

			`response = read`

IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`payload = String.new response.payload`
libipc API updates. 2019-06-05 22:38:08 +02:00			`case ResponseTypes.new response.type.to_i`
Coding style. 2018-12-19 13:57:48 +01:00			`when ResponseTypes::Ok`
IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`AuthD::User.from_json payload`
WIP registration. 2018-12-19 13:54:19 +01:00			`else`
IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`Exception.new payload`
WIP registration. 2018-12-19 13:54:19 +01:00			`end`
			`end`
ModUser request. 2019-05-29 16:06:11 +02:00
Avatar update through ModUserRequest. 2019-05-29 19:45:03 +02:00			`def mod_user(uid : Int32, password : String? = nil, avatar : String? = nil) : Bool \| Exception`
ModUser request. 2019-05-29 16:06:11 +02:00			`payload = Hash(String, String\|Int32).new`
			`payload["uid"] = uid`

			`password.try do \|password\|`
			`payload["password"] = password`
			`end`

Avatar update through ModUserRequest. 2019-05-29 19:45:03 +02:00			`avatar.try do \|avatar\|`
			`payload["avatar"] = avatar`
			`end`

ModUser request. 2019-05-29 16:06:11 +02:00			`send RequestTypes::ModUser, payload.to_json`

			`response = read`

libipc API updates. 2019-06-05 22:38:08 +02:00			`case ResponseTypes.new response.type.to_i`
ModUser request. 2019-05-29 16:06:11 +02:00			`when ResponseTypes::Ok`
			`true`
			`else`
IPC.cr API updates. 2019-06-06 01:16:52 +02:00			`Exception.new String.new response.payload`
ModUser request. 2019-05-29 16:06:11 +02:00			`end`
			`end`
Authd library added to provide an auto-check middleware. 2018-09-22 21:25:03 +02:00			`end`
			`end`