restapi_auth_local.go 1.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. package httpservers
  2. import (
  3. "google.golang.org/grpc/metadata"
  4. "net/http"
  5. "github.com/google/uuid"
  6. "github.com/OliveTin/OliveTin/internal/config"
  7. log "github.com/sirupsen/logrus"
  8. )
  9. var (
  10. localUserSessions = make(map[string]*config.LocalUser)
  11. )
  12. func parseLocalUserCookie(req *http.Request) (string, string, string) {
  13. cookie, err := req.Cookie("olivetin-sid-local")
  14. if err != nil {
  15. return "", "", ""
  16. }
  17. cookieValue := cookie.Value
  18. user, ok := localUserSessions[cookieValue]
  19. if !ok {
  20. log.WithFields(log.Fields{
  21. "sid": cookieValue,
  22. "provider": "local",
  23. }).Warnf("Stale session")
  24. return "", "", ""
  25. }
  26. return user.Username, user.Usergroup, cookie.Value
  27. }
  28. func findUserByUsername(searchUsername string) *config.LocalUser {
  29. for _, user := range cfg.AuthLocalUsers.Users {
  30. if user.Username == searchUsername {
  31. return user
  32. }
  33. }
  34. return nil
  35. }
  36. func forwardResponseHandlerLoginLocalUser(md metadata.MD, w http.ResponseWriter) error {
  37. setUsername := getMetadataKeyOrEmpty(md, "set-username")
  38. if setUsername != "" {
  39. user := findUserByUsername(setUsername)
  40. if user == nil {
  41. return nil
  42. }
  43. sid := uuid.NewString()
  44. localUserSessions[sid] = user
  45. http.SetCookie(
  46. w,
  47. &http.Cookie{
  48. Name: "olivetin-sid-local",
  49. Value: sid,
  50. MaxAge: 31556952, // 1 year
  51. HttpOnly: true,
  52. Path: "/",
  53. },
  54. )
  55. }
  56. return nil
  57. }