Need a login check
Matthew Olker
parent
a087234aa8
commit
9bc8cd2b28
|
|
@ -0,0 +1,30 @@
|
|||
package api
|
||||
|
||||
import (
|
||||
"github.com/gorilla/sessions"
|
||||
"github.com/markbates/goth"
|
||||
"github.com/markbates/goth/gothic"
|
||||
"github.com/markbates/goth/providers/discord"
|
||||
)
|
||||
|
||||
// TODO: actual randomized key for sessions
|
||||
const (
|
||||
key = "randomString"
|
||||
MaxAge = 86400 * 30 // 30 days
|
||||
IsProd = false
|
||||
)
|
||||
|
||||
func InitAuth(discordClientId string, discordClientSecret string, discordCallbackURI string) {
|
||||
store := sessions.NewCookieStore([]byte(key))
|
||||
store.MaxAge(MaxAge)
|
||||
|
||||
store.Options.Path = "/"
|
||||
store.Options.HttpOnly = true
|
||||
store.Options.Secure = IsProd
|
||||
|
||||
gothic.Store = store
|
||||
|
||||
goth.UseProviders(
|
||||
discord.New(discordClientId, discordClientSecret, discordCallbackURI, discord.ScopeIdentify),
|
||||
)
|
||||
}
|
||||
|
|
@ -54,6 +54,11 @@ func Init(mux *http.ServeMux) {
|
|||
mux.HandleFunc("GET /daily/seed", handleDailySeed)
|
||||
mux.HandleFunc("GET /daily/rankings", handleDailyRankings)
|
||||
mux.HandleFunc("GET /daily/rankingpagecount", handleDailyRankingPageCount)
|
||||
|
||||
// auth
|
||||
mux.HandleFunc("/auth/{provider}/callback", handleProviderCallback)
|
||||
mux.HandleFunc("/auth/{provider}/link", handleProviderLink)
|
||||
mux.HandleFunc("/auth/{provider}/logout", handleProviderLogout)
|
||||
}
|
||||
|
||||
func tokenFromRequest(r *http.Request) ([]byte, error) {
|
||||
|
|
@ -90,4 +95,4 @@ func uuidFromRequest(r *http.Request) ([]byte, error) {
|
|||
func httpError(w http.ResponseWriter, r *http.Request, err error, code int) {
|
||||
log.Printf("%s: %s\n", r.URL.Path, err)
|
||||
http.Error(w, err.Error(), code)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,9 +20,11 @@ package api
|
|||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"github.com/markbates/goth/gothic"
|
||||
"github.com/pagefaultgames/rogueserver/api/account"
|
||||
"github.com/pagefaultgames/rogueserver/api/daily"
|
||||
"github.com/pagefaultgames/rogueserver/api/savedata"
|
||||
|
|
@ -36,6 +38,10 @@ import (
|
|||
Handlers should not return serialized JSON, instead return the struct itself.
|
||||
*/
|
||||
|
||||
var (
|
||||
user = string("")
|
||||
)
|
||||
|
||||
// account
|
||||
|
||||
func handleAccountInfo(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -383,3 +389,54 @@ func handleDailyRankingPageCount(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
w.Write([]byte(strconv.Itoa(count)))
|
||||
}
|
||||
|
||||
// redirect link after authorizing application link
|
||||
func handleProviderCallback(w http.ResponseWriter, r *http.Request) {
|
||||
gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil }
|
||||
|
||||
// called again with code after authorization
|
||||
code := r.URL.Query().Get("code")
|
||||
if code != "" {
|
||||
userId, err := db.FetchDiscordIdByUsername(user)
|
||||
if err != nil {
|
||||
|
||||
}
|
||||
defer http.Redirect(w, r, "http://localhost:8000", http.StatusSeeOther)
|
||||
}
|
||||
|
||||
gothUser, err := gothic.CompleteUserAuth(w, r)
|
||||
if err != nil {
|
||||
log.Println("callback err", w, r)
|
||||
return
|
||||
} else {
|
||||
err := db.AddDiscordAuthByUsername(gothUser.UserID, user)
|
||||
if err != nil {
|
||||
log.Println("error adding Discord Auth to database")
|
||||
return
|
||||
}
|
||||
}
|
||||
log.Println("user", gothUser.UserID)
|
||||
}
|
||||
|
||||
func handleProviderLink(w http.ResponseWriter, r *http.Request) {
|
||||
gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil }
|
||||
username := r.URL.Query().Get("username")
|
||||
// username recorded prior to authorization
|
||||
if username != "" {
|
||||
user = username
|
||||
}
|
||||
// try to get the user without re-authenticating
|
||||
if gothUser, err := gothic.CompleteUserAuth(w, r); err == nil {
|
||||
log.Print("gothUser:", gothUser.Name)
|
||||
} else {
|
||||
gothic.BeginAuthHandler(w, r)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func handleProviderLogout(w http.ResponseWriter, r *http.Request) {
|
||||
gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil }
|
||||
gothic.Logout(w, r)
|
||||
w.Header().Set("Location", "/")
|
||||
w.WriteHeader(http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,6 +53,25 @@ func AddAccountSession(username string, token []byte) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func AddDiscordAuthByUsername(discordId []byte, username string) error {
|
||||
_, err := handle.Exec("UPDATE accounts SET discordId = ? WHERE username = ?", discordId, username)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func FetchDiscordIdByUsername(username string) ([]byte, error) {
|
||||
var discordId []byte
|
||||
err := handle.QueryRow("SELECT discordId FROM accounts WHERE username = ?", username).Scan(&discordId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return discordId, nil
|
||||
}
|
||||
|
||||
func UpdateAccountPassword(uuid, key, salt []byte) error {
|
||||
_, err := handle.Exec("UPDATE accounts SET (hash, salt) VALUES (?, ?) WHERE uuid = ?", key, salt, uuid)
|
||||
if err != nil {
|
||||
|
|
|
|||
19
go.mod
19
go.mod
|
|
@ -6,7 +6,22 @@ require (
|
|||
github.com/go-sql-driver/mysql v1.7.1
|
||||
github.com/klauspost/compress v1.17.4
|
||||
github.com/robfig/cron/v3 v3.0.1
|
||||
golang.org/x/crypto v0.16.0
|
||||
golang.org/x/crypto v0.22.0
|
||||
)
|
||||
|
||||
require golang.org/x/sys v0.15.0 // indirect
|
||||
require (
|
||||
github.com/golang/protobuf v1.5.3 // indirect
|
||||
github.com/gorilla/context v1.1.1 // indirect
|
||||
github.com/gorilla/mux v1.6.2 // indirect
|
||||
github.com/gorilla/securecookie v1.1.2 // indirect
|
||||
golang.org/x/oauth2 v0.17.0 // indirect
|
||||
google.golang.org/appengine v1.6.8 // indirect
|
||||
google.golang.org/protobuf v1.32.0 // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/gorilla/sessions v1.2.2
|
||||
github.com/joho/godotenv v1.5.1
|
||||
github.com/markbates/goth v1.79.0
|
||||
golang.org/x/sys v0.19.0 // indirect
|
||||
)
|
||||
|
|
|
|||
56
go.sum
56
go.sum
|
|
@ -1,10 +1,66 @@
|
|||
github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
|
||||
github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
|
||||
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
||||
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
|
||||
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
|
||||
github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
|
||||
github.com/gorilla/mux v1.6.2 h1:Pgr17XVTNXAk3q/r4CpKzC5xBM/qW1uVLV+IhRZpIIk=
|
||||
github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
||||
github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
|
||||
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
|
||||
github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
|
||||
github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
|
||||
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
|
||||
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
|
||||
github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
|
||||
github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
|
||||
github.com/markbates/goth v1.79.0 h1:fUYi9R6VubVEK2bpmXvIUp7xRcxA68i8ovfUQx/i5Qc=
|
||||
github.com/markbates/goth v1.79.0/go.mod h1:RBD+tcFnXul2NnYuODhnIweOcuVPkBohLfEvutPekcU=
|
||||
github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
|
||||
github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
|
||||
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
|
||||
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
|
||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||
golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
|
||||
golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ=
|
||||
golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
|
||||
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
|
||||
golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
|
||||
google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
|
||||
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||
google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
|
||||
google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
|
||||
|
|
|
|||
|
|
@ -42,6 +42,10 @@ func main() {
|
|||
dbaddr := flag.String("dbaddr", "localhost", "database address")
|
||||
dbname := flag.String("dbname", "pokeroguedb", "database name")
|
||||
|
||||
discordclientid := flag.String("discordclientid", "1225433195617718315", "Discord Oauth2 Client ID")
|
||||
discordsecretid := flag.String("discordsecretid", "LxtTMCEeRagl7Rve0goZzUnv4mnT5Xzm", "Discord Oauth2 Client ID")
|
||||
discordcallbackuri := flag.String("discordcallbackuri", "http://localhost:8001/auth/discord/callback", "Discord Oauth2 Client ID")
|
||||
|
||||
flag.Parse()
|
||||
|
||||
// register gob types
|
||||
|
|
@ -63,6 +67,7 @@ func main() {
|
|||
mux := http.NewServeMux()
|
||||
|
||||
// init api
|
||||
api.InitAuth(*discordclientid, *discordsecretid, *discordcallbackuri)
|
||||
api.Init(mux)
|
||||
|
||||
// start web server
|
||||
|
|
|
|||
Loading…
Reference in New Issue