aiden
/
synctv
mirror of https://github.com/synctv-org/synctv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
helm
docker-build-arm
dependabot/go_modules/gorm.io/driver/postgres-1.5.11
cache
build
api-v2
dependabot/go_modules/gorm.io/gorm-1.25.12
folder
zijiren233-patch-1
dev
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.3.0
v0.3.0-alpha-1
v0.3.0-alpha-2
v0.3.0-alpha-3
v0.3.0-beta-1
v0.3.1
v0.3.1-beta.1
v0.3.1-beta.2
v0.3.1-rc.2
v0.3.2
v0.3.2-alpha.2
v0.3.4
v0.3.5
v0.3.6
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.5.0
v0.5.0-alpha.1
v0.5.0-alpha.2
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.6.0
v0.6.1
v0.6.10
v0.6.11
v0.6.12
v0.6.13
v0.6.14
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.6.7
v0.6.8
v0.6.9
v0.6.9-beta.1
v0.7.0
v0.7.1
v0.7.10
v0.7.11
v0.7.12
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.7.9
v0.8.0
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.9.0
v0.9.0-beta.1
v0.9.0-beta.2
v0.9.1
v0.9.10
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.7-beta.1
v0.9.7-beta.2
v0.9.7-beta.3
v0.9.7-beta.4
v0.9.7-beta.5
v0.9.7-beta.6
v0.9.7-beta.7
v0.9.7-beta.8
v0.9.8
v0.9.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6f1c7960b5'
${ noResults }
synctv/server/middlewares/auth.go

130 lines
3.0 KiB
Go
Raw Normal View History Unescape Escape

Feat: use jwt auth middleware
1 year ago
package middlewares
import (
"errors"
"strings"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
"github.com/synctv-org/synctv/internal/conf"
"github.com/synctv-org/synctv/room"
"github.com/synctv-org/synctv/server/model"
"github.com/zijiren233/stream"
)
var (
ErrAuthFailed = errors.New("auth failed")
ErrAuthExpired = errors.New("auth expired")
)
type AuthClaims struct {
Feat: req validate
1 year ago
RoomId string `json:"id"`
Feat: use jwt auth middleware
1 year ago
Version uint64 `json:"v"`
Username string `json:"un"`
UserVersion uint64 `json:"uv"`
jwt.RegisteredClaims
}
func auth(Authorization string) (*AuthClaims, error) {
t, err := jwt.ParseWithClaims(strings.TrimPrefix(Authorization, `Bearer `), &AuthClaims{}, func(token *jwt.Token) (any, error) {
return stream.StringToBytes(conf.Conf.Jwt.Secret), nil
})
if err != nil {
return nil, ErrAuthFailed
}
claims, ok := t.Claims.(*AuthClaims)
if !ok || !t.Valid {
return nil, ErrAuthFailed
}
return claims, nil
}
func Auth(Authorization string, rooms *room.Rooms) (*room.User, error) {
claims, err := auth(Authorization)
if err != nil {
return nil, err
}
Feat: req validate
1 year ago
r, err := rooms.GetRoom(claims.RoomId)
Feat: use jwt auth middleware
1 year ago
if err != nil {
return nil, err
}
if !r.CheckVersion(claims.Version) {
return nil, ErrAuthExpired
}
user, err := r.GetUser(claims.Username)
if err != nil {
return nil, err
}
if !user.CheckVersion(claims.UserVersion) {
return nil, ErrAuthExpired
}
return user, nil
}
Feat: req validate
1 year ago
func AuthWithPassword(roomId, roomPassword, username, password string, rooms *room.Rooms) (*room.User, error) {
room, err := rooms.GetRoom(roomId)
Feat: use jwt auth middleware
1 year ago
if err != nil {
return nil, err
}
if !room.CheckPassword(roomPassword) {
return nil, ErrAuthFailed
}
user, err := room.GetUser(username)
if err != nil {
return nil, err
}
if !user.CheckPassword(password) {
return nil, ErrAuthFailed
}
return user, nil
}
Feat: req validate
1 year ago
func AuthOrNewWithPassword(roomId, roomPassword, username, password string, rooms *room.Rooms) (*room.User, error) {
room, err := rooms.GetRoom(roomId)
Feat: use jwt auth middleware
1 year ago
if err != nil {
return nil, err
}
if !room.CheckPassword(roomPassword) {
return nil, ErrAuthFailed
}
user, err := room.GetOrNewUser(username, password)
if err != nil {
return nil, err
}
if !user.CheckPassword(password) {
return nil, ErrAuthFailed
}
return user, nil
}
func AuthRoom(ctx *gin.Context) {
rooms := ctx.Value("rooms").(*room.Rooms)
user, err := Auth(ctx.GetHeader("Authorization"), rooms)
if err != nil {
ctx.AbortWithStatusJSON(401, model.NewApiErrorResp(err))
return
}
ctx.Set("user", user)
ctx.Next()
}
func NewAuthToken(user *room.User) (string, error) {
claims := &AuthClaims{
Feat: req validate
1 year ago
RoomId: user.Room().Id(),
Feat: use jwt auth middleware
1 year ago
Version: user.Room().Version(),
Username: user.Name(),
UserVersion: user.Version(),
RegisteredClaims: jwt.RegisteredClaims{
NotBefore: jwt.NewNumericDate(time.Now()),
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * time.Duration(conf.Conf.Jwt.Expire))),
},
}
return jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString(stream.StringToBytes(conf.Conf.Jwt.Secret))
}