Baguette
/
authd
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Grooming.

ipc07
Luka Vandervelden 2019-11-22 17:31:56 +01:00
parent c2fa282b7d
commit 32a8c23524
2 changed files with 97 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
src/authd.cr
View File

@ -6,67 +6,71 @@ require "ipc"
require "./user.cr" require "./user.cr"
module AuthD module AuthD
enum RequestTypes class Response
GetToken enum Type
AddUser Ok
GetUser Malformed
GetUserByCredentials InvalidCredentials
ModUser # Edit user attributes. InvalidUser
UserNotFound # For UID-based GetUser requests.
AuthenticationError
end
end end
enum ResponseTypes class Request
Ok enum Type
MalformedRequest GetToken
InvalidCredentials AddUser
InvalidUser GetUser
UserNotFound # For UID-based GetUser requests. GetUserByCredentials
AuthenticationError ModUser # Edit user attributes.
end end
class GetTokenRequest class GetToken
JSON.mapping({ JSON.mapping({
# FIXME: Rename to "login" for consistency. # FIXME: Rename to "login" for consistency.
login: String, login: String,
password: String password: String
}) })
end end
class AddUserRequest class AddUser
JSON.mapping({ JSON.mapping({
# Only clients that have the right shared key will be allowed # Only clients that have the right shared key will be allowed
# to create users. # to create users.
shared_key: String, shared_key: String,
login: String, login: String,
password: String, password: String,
uid: Int32?, uid: Int32?,
gid: Int32?, gid: Int32?,
home: String?, home: String?,
shell: String? shell: String?
}) })
end end
class GetUserRequest class GetUser
JSON.mapping({ JSON.mapping({
uid: Int32 uid: Int32
}) })
end end
class GetUserByCredentialsRequest class GetUserByCredentials
JSON.mapping({ JSON.mapping({
login: String, login: String,
password: String password: String
}) })
end end
class ModUserRequest class ModUser
JSON.mapping({ JSON.mapping({
shared_key: String, shared_key: String,
uid: Int32, uid: Int32,
password: String?, password: String?,
avatar: String? avatar: String?
}) })
end
end end
class Client < IPC::Connection class Client < IPC::Connection
@ -79,14 +83,14 @@ module AuthD
end end
def get_token?(login : String, password : String) : String? def get_token?(login : String, password : String) : String?
send RequestTypes::GetToken, { send Request::Type::GetToken, {
:login => login, :login => login,
:password => password :password => password
}.to_json }.to_json
response = read response = read
if response.type == ResponseTypes::Ok.value.to_u8 if response.type == Response::Type::Ok.value.to_u8
String.new response.payload String.new response.payload
else else
nil nil
@ -94,14 +98,14 @@ module AuthD
end end
def get_user?(login : String, password : String) : Passwd::User? def get_user?(login : String, password : String) : Passwd::User?
send RequestTypes::GetUserByCredentials, { send Request::Type::GetUserByCredentials, {
:login => login, :login => login,
:password => password :password => password
}.to_json }.to_json
response = read response = read
if response.type == ResponseTypes::Ok.value.to_u8 if response.type == Response::Type::Ok.value.to_u8
Passwd::User.from_json String.new response.payload Passwd::User.from_json String.new response.payload
else else
nil nil
@ -109,18 +113,18 @@ module AuthD
end end
def get_user?(uid : Int32) def get_user?(uid : Int32)
send RequestTypes::GetUser, {:uid => uid}.to_json send Request::Type::GetUser, {:uid => uid}.to_json
response = read response = read
if response.type == ResponseTypes::Ok.value.to_u8 if response.type == Response::Type::Ok.value.to_u8
User.from_json String.new response.payload User.from_json String.new response.payload
else else
nil nil
end end
end end
def send(type : RequestTypes, payload) def send(type : Request::Type, payload)
send type.value.to_u8, payload send type.value.to_u8, payload
end end
@ -134,7 +138,7 @@ module AuthD
# FIXME: Extra options may be useful to implement here. # FIXME: Extra options may be useful to implement here.
def add_user(login : String, password : String) : Passwd::User | Exception def add_user(login : String, password : String) : Passwd::User | Exception
send RequestTypes::AddUser, { send Request::Type::AddUser, {
:shared_key => @key, :shared_key => @key,
:login => login, :login => login,
:password => password :password => password
@ -143,8 +147,8 @@ module AuthD
response = read response = read
payload = String.new response.payload payload = String.new response.payload
case ResponseTypes.new response.type.to_i case Response::Type.new response.type.to_i
when ResponseTypes::Ok when Response::Type::Ok
Passwd::User.from_json payload Passwd::User.from_json payload
else else
Exception.new payload Exception.new payload
@ -164,12 +168,12 @@ module AuthD
payload["avatar"] = avatar payload["avatar"] = avatar
end end
send RequestTypes::ModUser, payload.to_json send Request::Type::ModUser, payload.to_json
response = read response = read
case ResponseTypes.new response.type.to_i case Response::Type.new response.type.to_i
when ResponseTypes::Ok when Response::Type::Ok
true true
else else
Exception.new String.new response.payload Exception.new String.new response.payload

56
src/main.cr
View File

@ -11,7 +11,7 @@ require "./authd.cr"
extend AuthD extend AuthD
class IPC::Connection class IPC::Connection
def send(type : AuthD::ResponseTypes, payload : String) def send(type : AuthD::Response::Type, payload : String)
send type.to_u8, payload send type.to_u8, payload
end end
end end
@ -58,12 +58,12 @@ IPC::Service.new "auth" do |event|
message = event.message message = event.message
payload = message.payload payload = message.payload
case RequestTypes.new message.type.to_i case Request::Type.new message.type.to_i
when RequestTypes::GetToken when Request::Type::GetToken
begin begin
request = GetTokenRequest.from_json String.new payload request = Request::GetToken.from_json String.new payload
rescue e rescue e
client.send ResponseTypes::MalformedRequest.value.to_u8, e.message || "" client.send Response::Type::Malformed.value.to_u8, e.message || ""
next next
end end
@ -71,76 +71,76 @@ IPC::Service.new "auth" do |event|
user = passwd.get_user request.login, request.password user = passwd.get_user request.login, request.password
if user.nil? if user.nil?
client.send ResponseTypes::InvalidCredentials.value.to_u8, "" client.send Response::Type::InvalidCredentials.value.to_u8, ""
next next
end end
client.send ResponseTypes::Ok.value.to_u8, client.send Response::Type::Ok.value.to_u8,
JWT.encode user.to_h, authd_jwt_key, JWT::Algorithm::HS256 JWT.encode user.to_h, authd_jwt_key, JWT::Algorithm::HS256
when RequestTypes::AddUser when Request::Type::AddUser
begin begin
request = AddUserRequest.from_json String.new payload request = Request::AddUser.from_json String.new payload
rescue e rescue e
client.send ResponseTypes::MalformedRequest.value.to_u8, e.message || "" client.send Response::Type::Malformed.value.to_u8, e.message || ""
next next
end end
if request.shared_key != authd_jwt_key if request.shared_key != authd_jwt_key
client.send ResponseTypes::AuthenticationError, "Invalid authentication key." client.send Response::Type::AuthenticationError, "Invalid authentication key."
next next
end end
if passwd.user_exists? request.login if passwd.user_exists? request.login
client.send ResponseTypes::InvalidUser, "Another user with the same login already exists." client.send Response::Type::InvalidUser, "Another user with the same login already exists."
next next
end end
user = passwd.add_user request.login, request.password user = passwd.add_user request.login, request.password
client.send ResponseTypes::Ok, user.sanitize!.to_json client.send Response::Type::Ok, user.sanitize!.to_json
when RequestTypes::GetUserByCredentials when Request::Type::GetUserByCredentials
begin begin
request = GetUserByCredentialsRequest.from_json String.new payload request = Request::GetUserByCredentials.from_json String.new payload
rescue e rescue e
client.send ResponseTypes::MalformedRequest, e.message || "" client.send Response::Type::Malformed, e.message || ""
next next
end end
user = passwd.get_user request.login, request.password user = passwd.get_user request.login, request.password
if user if user
client.send ResponseTypes::Ok, user.sanitize!.to_json client.send Response::Type::Ok, user.sanitize!.to_json
else else
client.send ResponseTypes::UserNotFound, "" client.send Response::Type::UserNotFound, ""
end end
when RequestTypes::GetUser when Request::Type::GetUser
begin begin
request = GetUserRequest.from_json String.new payload request = Request::GetUser.from_json String.new payload
rescue e rescue e
client.send ResponseTypes::MalformedRequest, e.message || "" client.send Response::Type::Malformed, e.message || ""
next next
end end
user = passwd.get_user request.uid user = passwd.get_user request.uid
if user if user
client.send ResponseTypes::Ok, user.sanitize!.to_json client.send Response::Type::Ok, user.sanitize!.to_json
else else
client.send ResponseTypes::UserNotFound, "" client.send Response::Type::UserNotFound, ""
end end
when RequestTypes::ModUser when Request::Type::ModUser
begin begin
request = ModUserRequest.from_json String.new payload request = Request::ModUser.from_json String.new payload
rescue e rescue e
client.send ResponseTypes::MalformedRequest, e.message || "" client.send Response::Type::Malformed, e.message || ""
next next
end end
if request.shared_key != authd_jwt_key if request.shared_key != authd_jwt_key
client.send ResponseTypes::AuthenticationError, "Invalid authentication key." client.send Response::Type::AuthenticationError, "Invalid authentication key."
next next
end end
@ -150,7 +150,7 @@ IPC::Service.new "auth" do |event|
passwd.mod_user request.uid, password_hash: password_hash passwd.mod_user request.uid, password_hash: password_hash
client.send ResponseTypes::Ok, "" client.send Response::Type::Ok, ""
end end
end end
end end