Store the user's key in the session store so that login/unlock is automatic if cookie is still there
This commit is contained in:
parent
669c2c1c28
commit
3bb8a78d07
2 changed files with 21 additions and 12 deletions
5
main.go
5
main.go
|
@ -23,6 +23,7 @@ type ConfigFile struct {
|
|||
DbType string `json:"db_type"`
|
||||
DbPath string `json:"db_path"`
|
||||
MatrixDomain string `json:"matrix_domain"`
|
||||
SessionKey string `json:"web_session_key"`
|
||||
}
|
||||
|
||||
var configFlag = flag.String("config", "./config.json", "Configuration file path")
|
||||
|
@ -31,6 +32,9 @@ var config *ConfigFile
|
|||
var registration *mxlib.Registration
|
||||
|
||||
func readConfig() ConfigFile {
|
||||
defaultKey := make([]byte, 32)
|
||||
rand.Read(defaultKey)
|
||||
|
||||
config_file := ConfigFile{
|
||||
LogLevel: "info",
|
||||
ASBindAddr: "0.0.0.0:8321",
|
||||
|
@ -39,6 +43,7 @@ func readConfig() ConfigFile {
|
|||
Server: "http://localhost:8008",
|
||||
DbType: "sqlite3",
|
||||
DbPath: "easybridge.db",
|
||||
SessionKey: hex.EncodeToString(defaultKey),
|
||||
}
|
||||
|
||||
_, err := os.Stat(*configFlag)
|
||||
|
|
28
web.go
28
web.go
|
@ -1,7 +1,6 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"html/template"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
@ -11,6 +10,7 @@ import (
|
|||
"github.com/gorilla/sessions"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"golang.org/x/crypto/argon2"
|
||||
"golang.org/x/crypto/blake2b"
|
||||
|
||||
"git.deuxfleurs.fr/Deuxfleurs/easybridge/connector"
|
||||
"git.deuxfleurs.fr/Deuxfleurs/easybridge/mxlib"
|
||||
|
@ -22,12 +22,8 @@ var sessionsStore sessions.Store = nil
|
|||
var userKeys = map[string]*[32]byte{}
|
||||
|
||||
func StartWeb() {
|
||||
session_key := make([]byte, 32)
|
||||
n, err := rand.Read(session_key)
|
||||
if err != nil || n != 32 {
|
||||
log.Fatal(err)
|
||||
}
|
||||
sessionsStore = sessions.NewCookieStore(session_key)
|
||||
session_key := blake2b.Sum256([]byte(config.SessionKey))
|
||||
sessionsStore = sessions.NewCookieStore(session_key[:])
|
||||
|
||||
r := mux.NewRouter()
|
||||
r.HandleFunc("/", handleHome)
|
||||
|
@ -41,7 +37,7 @@ func StartWeb() {
|
|||
|
||||
log.Printf("Starting web UI HTTP server on %s", config.WebBindAddr)
|
||||
go func() {
|
||||
err = http.ListenAndServe(config.WebBindAddr, logRequest(r))
|
||||
err := http.ListenAndServe(config.WebBindAddr, logRequest(r))
|
||||
if err != nil {
|
||||
log.Fatal("Cannot start http server: ", err)
|
||||
}
|
||||
|
@ -66,10 +62,17 @@ func checkLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
|||
|
||||
session, err := sessionsStore.Get(r, SESSION_NAME)
|
||||
if err == nil {
|
||||
mxid, ok := session.Values["login_mxid"]
|
||||
if ok {
|
||||
mxid, ok := session.Values["login_mxid"].(string)
|
||||
user_key, ok2 := session.Values["login_user_key"].([]byte)
|
||||
if ok && ok2 {
|
||||
if _, had_key := userKeys[mxid]; !had_key && len(user_key) == 32 {
|
||||
key := new([32]byte)
|
||||
copy(key[:], user_key)
|
||||
userKeys[mxid] = key
|
||||
LoadDbAccounts(mxid, key)
|
||||
}
|
||||
login_info = &LoginInfo{
|
||||
MxId: mxid.(string),
|
||||
MxId: mxid,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -154,7 +157,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
|||
|
||||
key := new([32]byte)
|
||||
key_slice := argon2.IDKey([]byte(password), []byte("EZBRIDGE account store"), 3, 64*1024, 4, 32)
|
||||
copy(key[:], key_slice[:])
|
||||
copy(key[:], key_slice)
|
||||
userKeys[mxid] = key
|
||||
|
||||
SaveDbAccounts(mxid, key)
|
||||
|
@ -167,6 +170,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
|||
}
|
||||
|
||||
session.Values["login_mxid"] = mxid
|
||||
session.Values["login_user_key"] = key_slice
|
||||
|
||||
err = session.Save(r, w)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in a new issue