server-manager/backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed bugs

Browse Source
This commit is contained in:
ACoolName 2025-03-19 16:36:21 +02:00
parent ba47810398
commit 1488d7db16
4 changed files with 19 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
auth/auth.go
View File

@ -45,7 +45,7 @@ func (con *AuthApi) signToken(token Claims) (string, error) {
token, token,
} }
return t.SignedString(con.config.Signing.Key) return t.SignedString([]byte(con.config.Signing.Key))
} }
func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc { func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
@ -84,7 +84,7 @@ func (con *AuthApi) LoggedIn(ctx *gin.Context) {
} }
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key") // hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
return con.config.Signing.Key, nil return []byte(con.config.Signing.Key), nil
}) })
if err != nil { if err != nil {
ctx.AbortWithError(403, err) ctx.AbortWithError(403, err)
@ -156,6 +156,7 @@ func (con AuthApi) signIn(ctx *gin.Context) {
} }
userItem, err := con.userAuthDbHandler.AuthenticateUser(ctx, request.Username, request.Password) userItem, err := con.userAuthDbHandler.AuthenticateUser(ctx, request.Username, request.Password)
if err != nil { if err != nil {
println("handler")
ctx.AbortWithError(403, err) ctx.AbortWithError(403, err)
return return
} }
@ -171,7 +172,7 @@ func (con AuthApi) signIn(ctx *gin.Context) {
return return
} }
ctx.SetCookie("auth", signedToken, int(time.Hour)*24*30, "", "."+con.config.Domain, true, false) ctx.SetCookie("auth", signedToken, int(time.Hour)*24*30, "", "."+con.config.Domain, false, false)
ctx.IndentedJSON(http.StatusOK, signedToken) ctx.IndentedJSON(http.StatusOK, signedToken)
} }

4
dbhandler/mongo/servers_authorization.go
View File

@ -7,6 +7,7 @@ import (
"git.acooldomain.co/server-manager/backend/models" "git.acooldomain.co/server-manager/backend/models"
"go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/bson"
"go.mongodb.org/mongo-driver/mongo" "go.mongodb.org/mongo-driver/mongo"
"go.mongodb.org/mongo-driver/mongo/options"
) )
type ServerPermissions struct { type ServerPermissions struct {
@ -65,9 +66,12 @@ func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, u
"server_id": serverId, "server_id": serverId,
}, },
bson.M{"$set": bson.M{ bson.M{"$set": bson.M{
"username": username,
"server_id": serverId,
"permissions": newPermissions, "permissions": newPermissions,
}, },
}, },
options.Update().SetUpsert(true),
) )
return err return err

35
dbhandler/mongo/user_pass_authentication.go
View File

@ -2,24 +2,22 @@ package mongo
import ( import (
"context" "context"
"fmt"
"time"
"git.acooldomain.co/server-manager/backend/dbhandler" "git.acooldomain.co/server-manager/backend/dbhandler"
"git.acooldomain.co/server-manager/backend/models" "git.acooldomain.co/server-manager/backend/models"
"github.com/google/uuid" "github.com/google/uuid"
"go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/bson"
"go.mongodb.org/mongo-driver/mongo" "go.mongodb.org/mongo-driver/mongo"
"go.mongodb.org/mongo-driver/mongo/options" "golang.org/x/crypto/bcrypt"
) )
type AuthUser struct { type AuthUser struct {
Username string `json:"username"` Username string `bson:"username"`
Nickname string `json:"nickname"` Nickname string `bson:"nickname"`
HashedPassword string `json:"hashed_password"` HashedPassword string `bson:"hashed_password"`
Permissions models.Permission `json:"permissions"` Permissions models.Permission `bson:"permissions"`
MaxOwnedSevers uint `json:"max_owned_severs"` MaxOwnedSevers uint `bson:"max_owned_severs"`
Email string `json:"email"` Email string `bson:"email"`
} }
type UserPassAuthenticationDbHandler struct { type UserPassAuthenticationDbHandler struct {
@ -60,16 +58,12 @@ func (self *UserPassAuthenticationDbHandler) AuthenticateUser(ctx context.Contex
return nil, err return nil, err
} }
hashedPassword, err := dbhandler.HashPassword(password) err = bcrypt.CompareHashAndPassword([]byte(user.HashedPassword), []byte(password))
if err != nil { if err != nil {
return nil, err return nil, err
} }
if user.HashedPassword != hashedPassword {
return nil, fmt.Errorf("Incorrect Password")
}
return &models.User{ return &models.User{
Username: user.Username, Username: user.Username,
Nickname: user.Nickname, Nickname: user.Nickname,
@ -136,22 +130,13 @@ func (self *UserPassAuthenticationDbHandler) SetPermissions(
} }
func NewUserPassAuthHandler(config models.MongoDBConfig) (*UserPassAuthenticationDbHandler, error) { func NewUserPassAuthHandler(config models.MongoDBConfig) (*UserPassAuthenticationDbHandler, error) {
clientOptions := options.Client().ApplyURI(config.Url).SetAuth(options.Credential{ collection, err := getMongoCollection(config)
Username: config.Username,
Password: config.Password,
})
ctx, cancel := context.WithTimeoutCause(context.Background(), 30*time.Second, fmt.Errorf("Timeout"))
defer cancel()
client, err := mongo.Connect(ctx, clientOptions)
if err != nil { if err != nil {
return nil, err return nil, err
} }
return &UserPassAuthenticationDbHandler{ return &UserPassAuthenticationDbHandler{
collection: client.Database(config.Database).Collection(config.Collection), collection: collection,
}, nil }, nil
} }

2
servers/servers.go
View File

@ -137,7 +137,7 @@ func (con ServersApi) CreateServer(ctx *gin.Context) {
return return
} }
err = con.ServerAuthorization.AddPermissions(ctx, serverClaims.Username, instanceServer.Id, models.Admin) err = con.ServerAuthorization.SetPermissions(ctx, serverClaims.Username, instanceServer.Id, models.Admin)
if err != nil { if err != nil {
ctx.AbortWithError(500, err) ctx.AbortWithError(500, err)
return return