Imposed authentication on a few requests.
This commit is contained in:
		
							parent
							
								
									e956d36260
								
							
						
					
					
						commit
						a5247fd9f0
					
				
					 2 changed files with 20 additions and 1 deletions
				
			
		|  | @ -21,6 +21,7 @@ module AuthD | |||
| 		InvalidCredentials | ||||
| 		InvalidUser | ||||
| 		UserNotFound # For UID-based GetUser requests. | ||||
| 		AuthenticationError | ||||
| 	end | ||||
| 
 | ||||
| 	class GetTokenRequest | ||||
|  | @ -33,6 +34,10 @@ module AuthD | |||
| 
 | ||||
| 	class AddUserRequest | ||||
| 		JSON.mapping({ | ||||
| 			# Only clients that have the right shared key will be allowed | ||||
| 			# to create users. | ||||
| 			shared_key: String, | ||||
| 
 | ||||
| 			login: String, | ||||
| 			password: String, | ||||
| 			uid: Int32?, | ||||
|  | @ -57,6 +62,8 @@ module AuthD | |||
| 
 | ||||
| 	class ModUserRequest | ||||
| 		JSON.mapping({ | ||||
| 			shared_key: String, | ||||
| 
 | ||||
| 			uid: Int32, | ||||
| 			password: String?, | ||||
| 			avatar: String? | ||||
|  | @ -129,6 +136,7 @@ module AuthD | |||
| 		# FIXME: Extra options may be useful to implement here. | ||||
| 		def add_user(login : String, password : String) : AuthD::User | Exception | ||||
| 			send RequestTypes::AddUser, { | ||||
| 				:shared_key => @key, | ||||
| 				:login => login, | ||||
| 				:password => password | ||||
| 			}.to_json | ||||
|  | @ -147,6 +155,7 @@ module AuthD | |||
| 		def mod_user(uid : Int32, password : String? = nil, avatar : String? = nil) : Bool | Exception | ||||
| 			payload = Hash(String, String|Int32).new | ||||
| 			payload["uid"] = uid | ||||
| 			payload["shared_key"] = @key | ||||
| 
 | ||||
| 			password.try do |password| | ||||
| 				payload["password"] = password | ||||
|  |  | |||
							
								
								
									
										12
									
								
								src/main.cr
									
										
									
									
									
								
							
							
						
						
									
										12
									
								
								src/main.cr
									
										
									
									
									
								
							|  | @ -21,7 +21,7 @@ authd_passwd_file = "passwd" | |||
| authd_group_file = "group" | ||||
| authd_jwt_key = "nico-nico-nii" | ||||
| 
 | ||||
| OptionParser.parse! do |parser| | ||||
| OptionParser.parse do |parser| | ||||
| 	parser.on "-u file", "--passwd-file file", "passwd file." do |name| | ||||
| 		authd_passwd_file = name | ||||
| 	end | ||||
|  | @ -88,6 +88,11 @@ IPC::Service.new "auth" do |event| | |||
| 				next | ||||
| 			end | ||||
| 
 | ||||
| 			if request.shared_key != authd_jwt_key | ||||
| 				client.send ResponseTypes::AuthenticationError, "Invalid authentication key." | ||||
| 				next | ||||
| 			end | ||||
| 
 | ||||
| 			if passwd.user_exists? request.login | ||||
| 				client.send ResponseTypes::InvalidUser, "Another user with the same login already exists." | ||||
| 
 | ||||
|  | @ -135,6 +140,11 @@ IPC::Service.new "auth" do |event| | |||
| 				next | ||||
| 			end | ||||
| 
 | ||||
| 			if request.shared_key != authd_jwt_key | ||||
| 				client.send ResponseTypes::AuthenticationError, "Invalid authentication key." | ||||
| 				next | ||||
| 			end | ||||
| 
 | ||||
| 			password_hash = request.password.try do |s| | ||||
| 				Passwd.hash_password s | ||||
| 			end | ||||
|  |  | |||
		Loading…
	
	Add table
		
		Reference in a new issue
	
	 Luka Vandervelden
						Luka Vandervelden