From 9c75522d01ccf345f3c4ac685e093aebc8208e96 Mon Sep 17 00:00:00 2001
From: Philippe Pittoli <karchnu@karchnu.fr>
Date: Wed, 14 Jun 2023 20:16:42 +0200
Subject: [PATCH] Can now authenticated from the client.

---
 src/authd/client.cr  | 37 +++++++------------------------------
 src/better-parser.cr |  8 ++++++--
 src/client.cr        | 32 ++++++++++++++++++++------------
 3 files changed, 33 insertions(+), 44 deletions(-)

diff --git a/src/authd/client.cr b/src/authd/client.cr
index 70dcefc..6bbfb4e 100644
--- a/src/authd/client.cr
+++ b/src/authd/client.cr
@@ -3,12 +3,10 @@ require "json"
 
 module AuthD
 	class Client < IPC
-		property key : String
 		property server_fd : Int32 = -1
 
 		def initialize
 			super
-			@key = ""
 			fd = self.connect "auth"
 			if fd.nil?
 				raise "couldn't connect to 'auth' IPC service"
@@ -28,44 +26,23 @@ module AuthD
 			expected_messages.each do |e|
 				em << e
 			end
-			em << Response::Error
+			# response = AuthD.responses.parse_ipc_json read
 			em.parse_ipc_json message
 		end
 
-		def get_token?(login : String, password : String) : String?
+		def login?(login : String, password : String)
 			send_now Request::Login.new login, password
-
-			response = AuthD.responses.parse_ipc_json read
-
-			if response.is_a?(Response::Login)
-				response.token
-			else
-				nil
-			end
+			parse_message [Response::Login], read
 		end
 
-		def get_user?(login : String, password : String) : AuthD::User::Public?
+		def get_user?(login : String, password : String)
 			send_now Request::GetUserByCredentials.new login, password
-
-			response = AuthD.responses.parse_ipc_json read
-
-			if response.is_a? Response::User
-				response.user
-			else
-				nil
-			end
+			parse_message [Response::User], read
 		end
 
-		def get_user?(uid_or_login : Int32 | String) : ::AuthD::User::Public?
+		def get_user?(uid_or_login : Int32 | String)
 			send_now Request::GetUser.new uid_or_login
-
-			response = AuthD.responses.parse_ipc_json read
-
-			if response.is_a? Response::User
-				response.user
-			else
-				nil
-			end
+			parse_message [Response::User], read
 		end
 
 		def send_now(msg : IPC::JSON)
diff --git a/src/better-parser.cr b/src/better-parser.cr
index 120926b..bc10584 100644
--- a/src/better-parser.cr
+++ b/src/better-parser.cr
@@ -86,6 +86,7 @@ parser = OptionParser.new do |parser|
 			parser.banner = "usage: user add login email [-P profile] [opt]"
 			Baguette::Log.info "Adding a user to the DB."
 			Context.command = "user-add"
+			opt_authd_login.call parser
 			opt_profile.call parser
 			opt_help.call parser
 			# login email
@@ -96,6 +97,7 @@ parser = OptionParser.new do |parser|
 			parser.banner = "Usage: user mod userid [-e email|-P profile] [opt]"
 			Baguette::Log.info "Modify a user account."
 			Context.command = "user-mod"
+			opt_authd_login.call parser
 			opt_email.call parser
 			opt_profile.call parser
 			opt_help.call parser
@@ -128,7 +130,7 @@ parser = OptionParser.new do |parser|
 			parser.banner = "Usage: user get login [opt]"
 			Baguette::Log.info "Get user info."
 			Context.command = "user-get"
-			# No need to be authenticated.
+			opt_authd_login.call parser
 			opt_help.call parser
 			# login
 			unrecognized_args_to_context_args.call parser, 1
@@ -138,7 +140,7 @@ parser = OptionParser.new do |parser|
 			parser.banner = "Usage: user recover login [opt]"
 			Baguette::Log.info "Search user."
 			Context.command = "user-search"
-			# No need to be authenticated.
+			opt_authd_login.call parser
 			opt_help.call parser
 			# login
 			unrecognized_args_to_context_args.call parser, 1
@@ -178,6 +180,7 @@ permission list: none read edit admin
 END
 			Baguette::Log.info "Set permissions."
 			Context.command = "permission-set"
+			opt_authd_login.call parser
 			opt_help.call parser
 			# userid application resource permission
 			unrecognized_args_to_context_args.call parser, 4
@@ -192,6 +195,7 @@ permission list: none read edit admin
 END
 			Baguette::Log.info "Check permissions."
 			Context.command = "permission-check"
+			opt_authd_login.call parser
 			opt_help.call parser
 			# userid application resource
 			unrecognized_args_to_context_args.call parser, 3
diff --git a/src/client.cr b/src/client.cr
index c24b0ed..585c82f 100644
--- a/src/client.cr
+++ b/src/client.cr
@@ -5,8 +5,8 @@ require "./authd.cr"
 class Context
 	class_property simulation    = false  # do not perform the action
 
-	class_property authd_login   = "undef" # undef authd user
-	class_property authd_pass    = "undef" # undef authd user password
+	class_property authd_login   : String? = nil
+	class_property authd_pass    : String? = nil
 
 	# # Properties to select what to display when printing a deal.
 	# class_property print_title        = true
@@ -207,16 +207,24 @@ def main
 	# Authd connection.
 	authd = AuthD::Client.new
 
-	# Authd token.
-	# FIXME: not sure about getting the token, it seems not used elsewhere.
-	# If login == pass == "undef": do not even try.
-	#unless Context.authd_login == Context.authd_pass && Context.authd_login == "undef"
-	#	login = Context.authd_login
-	#	pass  = Context.authd_pass
-	#	token = authd.get_token? login, pass
-	#	raise "cannot get a token" if token.nil?
-	#	# authd.login token
-	#end
+	if login = Context.authd_login
+		pass = if p = Context.authd_pass
+			p
+		else
+			password = Actions.ask_password
+			raise "cannot get a password" unless password
+			password
+		end
+		response = authd.login? login, pass
+		case response
+		when Response::Login
+			uid = response.uid
+			token = response.token
+			Baguette::Log.info "Authenticated as #{login} #{uid}, token: #{token}"
+		else
+			raise "Cannot authenticate to authd with login #{login}: #{response}."
+		end
+	end
 
 	actions = Actions.new authd