Grooming.
This commit is contained in:
parent
c2fa282b7d
commit
32a8c23524
134
src/authd.cr
134
src/authd.cr
@ -6,67 +6,71 @@ require "ipc"
|
||||
require "./user.cr"
|
||||
|
||||
module AuthD
|
||||
enum RequestTypes
|
||||
GetToken
|
||||
AddUser
|
||||
GetUser
|
||||
GetUserByCredentials
|
||||
ModUser # Edit user attributes.
|
||||
class Response
|
||||
enum Type
|
||||
Ok
|
||||
Malformed
|
||||
InvalidCredentials
|
||||
InvalidUser
|
||||
UserNotFound # For UID-based GetUser requests.
|
||||
AuthenticationError
|
||||
end
|
||||
end
|
||||
|
||||
enum ResponseTypes
|
||||
Ok
|
||||
MalformedRequest
|
||||
InvalidCredentials
|
||||
InvalidUser
|
||||
UserNotFound # For UID-based GetUser requests.
|
||||
AuthenticationError
|
||||
end
|
||||
class Request
|
||||
enum Type
|
||||
GetToken
|
||||
AddUser
|
||||
GetUser
|
||||
GetUserByCredentials
|
||||
ModUser # Edit user attributes.
|
||||
end
|
||||
|
||||
class GetTokenRequest
|
||||
JSON.mapping({
|
||||
# FIXME: Rename to "login" for consistency.
|
||||
login: String,
|
||||
password: String
|
||||
})
|
||||
end
|
||||
class GetToken
|
||||
JSON.mapping({
|
||||
# FIXME: Rename to "login" for consistency.
|
||||
login: String,
|
||||
password: String
|
||||
})
|
||||
end
|
||||
|
||||
class AddUserRequest
|
||||
JSON.mapping({
|
||||
# Only clients that have the right shared key will be allowed
|
||||
# to create users.
|
||||
shared_key: String,
|
||||
class AddUser
|
||||
JSON.mapping({
|
||||
# Only clients that have the right shared key will be allowed
|
||||
# to create users.
|
||||
shared_key: String,
|
||||
|
||||
login: String,
|
||||
password: String,
|
||||
uid: Int32?,
|
||||
gid: Int32?,
|
||||
home: String?,
|
||||
shell: String?
|
||||
})
|
||||
end
|
||||
login: String,
|
||||
password: String,
|
||||
uid: Int32?,
|
||||
gid: Int32?,
|
||||
home: String?,
|
||||
shell: String?
|
||||
})
|
||||
end
|
||||
|
||||
class GetUserRequest
|
||||
JSON.mapping({
|
||||
uid: Int32
|
||||
})
|
||||
end
|
||||
class GetUser
|
||||
JSON.mapping({
|
||||
uid: Int32
|
||||
})
|
||||
end
|
||||
|
||||
class GetUserByCredentialsRequest
|
||||
JSON.mapping({
|
||||
login: String,
|
||||
password: String
|
||||
})
|
||||
end
|
||||
class GetUserByCredentials
|
||||
JSON.mapping({
|
||||
login: String,
|
||||
password: String
|
||||
})
|
||||
end
|
||||
|
||||
class ModUserRequest
|
||||
JSON.mapping({
|
||||
shared_key: String,
|
||||
class ModUser
|
||||
JSON.mapping({
|
||||
shared_key: String,
|
||||
|
||||
uid: Int32,
|
||||
password: String?,
|
||||
avatar: String?
|
||||
})
|
||||
uid: Int32,
|
||||
password: String?,
|
||||
avatar: String?
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
class Client < IPC::Connection
|
||||
@ -79,14 +83,14 @@ module AuthD
|
||||
end
|
||||
|
||||
def get_token?(login : String, password : String) : String?
|
||||
send RequestTypes::GetToken, {
|
||||
send Request::Type::GetToken, {
|
||||
:login => login,
|
||||
:password => password
|
||||
}.to_json
|
||||
|
||||
response = read
|
||||
|
||||
if response.type == ResponseTypes::Ok.value.to_u8
|
||||
if response.type == Response::Type::Ok.value.to_u8
|
||||
String.new response.payload
|
||||
else
|
||||
nil
|
||||
@ -94,14 +98,14 @@ module AuthD
|
||||
end
|
||||
|
||||
def get_user?(login : String, password : String) : Passwd::User?
|
||||
send RequestTypes::GetUserByCredentials, {
|
||||
send Request::Type::GetUserByCredentials, {
|
||||
:login => login,
|
||||
:password => password
|
||||
}.to_json
|
||||
|
||||
response = read
|
||||
|
||||
if response.type == ResponseTypes::Ok.value.to_u8
|
||||
if response.type == Response::Type::Ok.value.to_u8
|
||||
Passwd::User.from_json String.new response.payload
|
||||
else
|
||||
nil
|
||||
@ -109,18 +113,18 @@ module AuthD
|
||||
end
|
||||
|
||||
def get_user?(uid : Int32)
|
||||
send RequestTypes::GetUser, {:uid => uid}.to_json
|
||||
send Request::Type::GetUser, {:uid => uid}.to_json
|
||||
|
||||
response = read
|
||||
|
||||
if response.type == ResponseTypes::Ok.value.to_u8
|
||||
if response.type == Response::Type::Ok.value.to_u8
|
||||
User.from_json String.new response.payload
|
||||
else
|
||||
nil
|
||||
end
|
||||
end
|
||||
|
||||
def send(type : RequestTypes, payload)
|
||||
def send(type : Request::Type, payload)
|
||||
send type.value.to_u8, payload
|
||||
end
|
||||
|
||||
@ -134,7 +138,7 @@ module AuthD
|
||||
|
||||
# FIXME: Extra options may be useful to implement here.
|
||||
def add_user(login : String, password : String) : Passwd::User | Exception
|
||||
send RequestTypes::AddUser, {
|
||||
send Request::Type::AddUser, {
|
||||
:shared_key => @key,
|
||||
:login => login,
|
||||
:password => password
|
||||
@ -143,8 +147,8 @@ module AuthD
|
||||
response = read
|
||||
|
||||
payload = String.new response.payload
|
||||
case ResponseTypes.new response.type.to_i
|
||||
when ResponseTypes::Ok
|
||||
case Response::Type.new response.type.to_i
|
||||
when Response::Type::Ok
|
||||
Passwd::User.from_json payload
|
||||
else
|
||||
Exception.new payload
|
||||
@ -164,12 +168,12 @@ module AuthD
|
||||
payload["avatar"] = avatar
|
||||
end
|
||||
|
||||
send RequestTypes::ModUser, payload.to_json
|
||||
send Request::Type::ModUser, payload.to_json
|
||||
|
||||
response = read
|
||||
|
||||
case ResponseTypes.new response.type.to_i
|
||||
when ResponseTypes::Ok
|
||||
case Response::Type.new response.type.to_i
|
||||
when Response::Type::Ok
|
||||
true
|
||||
else
|
||||
Exception.new String.new response.payload
|
||||
|
56
src/main.cr
56
src/main.cr
@ -11,7 +11,7 @@ require "./authd.cr"
|
||||
extend AuthD
|
||||
|
||||
class IPC::Connection
|
||||
def send(type : AuthD::ResponseTypes, payload : String)
|
||||
def send(type : AuthD::Response::Type, payload : String)
|
||||
send type.to_u8, payload
|
||||
end
|
||||
end
|
||||
@ -58,12 +58,12 @@ IPC::Service.new "auth" do |event|
|
||||
message = event.message
|
||||
payload = message.payload
|
||||
|
||||
case RequestTypes.new message.type.to_i
|
||||
when RequestTypes::GetToken
|
||||
case Request::Type.new message.type.to_i
|
||||
when Request::Type::GetToken
|
||||
begin
|
||||
request = GetTokenRequest.from_json String.new payload
|
||||
request = Request::GetToken.from_json String.new payload
|
||||
rescue e
|
||||
client.send ResponseTypes::MalformedRequest.value.to_u8, e.message || ""
|
||||
client.send Response::Type::Malformed.value.to_u8, e.message || ""
|
||||
|
||||
next
|
||||
end
|
||||
@ -71,76 +71,76 @@ IPC::Service.new "auth" do |event|
|
||||
user = passwd.get_user request.login, request.password
|
||||
|
||||
if user.nil?
|
||||
client.send ResponseTypes::InvalidCredentials.value.to_u8, ""
|
||||
client.send Response::Type::InvalidCredentials.value.to_u8, ""
|
||||
|
||||
next
|
||||
end
|
||||
|
||||
client.send ResponseTypes::Ok.value.to_u8,
|
||||
client.send Response::Type::Ok.value.to_u8,
|
||||
JWT.encode user.to_h, authd_jwt_key, JWT::Algorithm::HS256
|
||||
when RequestTypes::AddUser
|
||||
when Request::Type::AddUser
|
||||
begin
|
||||
request = AddUserRequest.from_json String.new payload
|
||||
request = Request::AddUser.from_json String.new payload
|
||||
rescue e
|
||||
client.send ResponseTypes::MalformedRequest.value.to_u8, e.message || ""
|
||||
client.send Response::Type::Malformed.value.to_u8, e.message || ""
|
||||
|
||||
next
|
||||
end
|
||||
|
||||
if request.shared_key != authd_jwt_key
|
||||
client.send ResponseTypes::AuthenticationError, "Invalid authentication key."
|
||||
client.send Response::Type::AuthenticationError, "Invalid authentication key."
|
||||
next
|
||||
end
|
||||
|
||||
if passwd.user_exists? request.login
|
||||
client.send ResponseTypes::InvalidUser, "Another user with the same login already exists."
|
||||
client.send Response::Type::InvalidUser, "Another user with the same login already exists."
|
||||
|
||||
next
|
||||
end
|
||||
|
||||
user = passwd.add_user request.login, request.password
|
||||
|
||||
client.send ResponseTypes::Ok, user.sanitize!.to_json
|
||||
when RequestTypes::GetUserByCredentials
|
||||
client.send Response::Type::Ok, user.sanitize!.to_json
|
||||
when Request::Type::GetUserByCredentials
|
||||
begin
|
||||
request = GetUserByCredentialsRequest.from_json String.new payload
|
||||
request = Request::GetUserByCredentials.from_json String.new payload
|
||||
rescue e
|
||||
client.send ResponseTypes::MalformedRequest, e.message || ""
|
||||
client.send Response::Type::Malformed, e.message || ""
|
||||
next
|
||||
end
|
||||
|
||||
user = passwd.get_user request.login, request.password
|
||||
|
||||
if user
|
||||
client.send ResponseTypes::Ok, user.sanitize!.to_json
|
||||
client.send Response::Type::Ok, user.sanitize!.to_json
|
||||
else
|
||||
client.send ResponseTypes::UserNotFound, ""
|
||||
client.send Response::Type::UserNotFound, ""
|
||||
end
|
||||
when RequestTypes::GetUser
|
||||
when Request::Type::GetUser
|
||||
begin
|
||||
request = GetUserRequest.from_json String.new payload
|
||||
request = Request::GetUser.from_json String.new payload
|
||||
rescue e
|
||||
client.send ResponseTypes::MalformedRequest, e.message || ""
|
||||
client.send Response::Type::Malformed, e.message || ""
|
||||
next
|
||||
end
|
||||
|
||||
user = passwd.get_user request.uid
|
||||
|
||||
if user
|
||||
client.send ResponseTypes::Ok, user.sanitize!.to_json
|
||||
client.send Response::Type::Ok, user.sanitize!.to_json
|
||||
else
|
||||
client.send ResponseTypes::UserNotFound, ""
|
||||
client.send Response::Type::UserNotFound, ""
|
||||
end
|
||||
when RequestTypes::ModUser
|
||||
when Request::Type::ModUser
|
||||
begin
|
||||
request = ModUserRequest.from_json String.new payload
|
||||
request = Request::ModUser.from_json String.new payload
|
||||
rescue e
|
||||
client.send ResponseTypes::MalformedRequest, e.message || ""
|
||||
client.send Response::Type::Malformed, e.message || ""
|
||||
next
|
||||
end
|
||||
|
||||
if request.shared_key != authd_jwt_key
|
||||
client.send ResponseTypes::AuthenticationError, "Invalid authentication key."
|
||||
client.send Response::Type::AuthenticationError, "Invalid authentication key."
|
||||
next
|
||||
end
|
||||
|
||||
@ -150,7 +150,7 @@ IPC::Service.new "auth" do |event|
|
||||
|
||||
passwd.mod_user request.uid, password_hash: password_hash
|
||||
|
||||
client.send ResponseTypes::Ok, ""
|
||||
client.send Response::Type::Ok, ""
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user