fixed bugs
This commit is contained in:
parent
ba47810398
commit
1488d7db16
@ -45,7 +45,7 @@ func (con *AuthApi) signToken(token Claims) (string, error) {
|
||||
token,
|
||||
}
|
||||
|
||||
return t.SignedString(con.config.Signing.Key)
|
||||
return t.SignedString([]byte(con.config.Signing.Key))
|
||||
}
|
||||
|
||||
func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
|
||||
@ -84,7 +84,7 @@ func (con *AuthApi) LoggedIn(ctx *gin.Context) {
|
||||
}
|
||||
|
||||
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
|
||||
return con.config.Signing.Key, nil
|
||||
return []byte(con.config.Signing.Key), nil
|
||||
})
|
||||
if err != nil {
|
||||
ctx.AbortWithError(403, err)
|
||||
@ -156,6 +156,7 @@ func (con AuthApi) signIn(ctx *gin.Context) {
|
||||
}
|
||||
userItem, err := con.userAuthDbHandler.AuthenticateUser(ctx, request.Username, request.Password)
|
||||
if err != nil {
|
||||
println("handler")
|
||||
ctx.AbortWithError(403, err)
|
||||
return
|
||||
}
|
||||
@ -171,7 +172,7 @@ func (con AuthApi) signIn(ctx *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
ctx.SetCookie("auth", signedToken, int(time.Hour)*24*30, "", "."+con.config.Domain, true, false)
|
||||
ctx.SetCookie("auth", signedToken, int(time.Hour)*24*30, "", "."+con.config.Domain, false, false)
|
||||
ctx.IndentedJSON(http.StatusOK, signedToken)
|
||||
}
|
||||
|
||||
|
||||
@ -7,6 +7,7 @@ import (
|
||||
"git.acooldomain.co/server-manager/backend/models"
|
||||
"go.mongodb.org/mongo-driver/bson"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
"go.mongodb.org/mongo-driver/mongo/options"
|
||||
)
|
||||
|
||||
type ServerPermissions struct {
|
||||
@ -65,9 +66,12 @@ func (self *ServersAuthorizationDbHandler) AddPermissions(ctx context.Context, u
|
||||
"server_id": serverId,
|
||||
},
|
||||
bson.M{"$set": bson.M{
|
||||
"username": username,
|
||||
"server_id": serverId,
|
||||
"permissions": newPermissions,
|
||||
},
|
||||
},
|
||||
options.Update().SetUpsert(true),
|
||||
)
|
||||
|
||||
return err
|
||||
|
||||
@ -2,24 +2,22 @@ package mongo
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"git.acooldomain.co/server-manager/backend/dbhandler"
|
||||
"git.acooldomain.co/server-manager/backend/models"
|
||||
"github.com/google/uuid"
|
||||
"go.mongodb.org/mongo-driver/bson"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
"go.mongodb.org/mongo-driver/mongo/options"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
type AuthUser struct {
|
||||
Username string `json:"username"`
|
||||
Nickname string `json:"nickname"`
|
||||
HashedPassword string `json:"hashed_password"`
|
||||
Permissions models.Permission `json:"permissions"`
|
||||
MaxOwnedSevers uint `json:"max_owned_severs"`
|
||||
Email string `json:"email"`
|
||||
Username string `bson:"username"`
|
||||
Nickname string `bson:"nickname"`
|
||||
HashedPassword string `bson:"hashed_password"`
|
||||
Permissions models.Permission `bson:"permissions"`
|
||||
MaxOwnedSevers uint `bson:"max_owned_severs"`
|
||||
Email string `bson:"email"`
|
||||
}
|
||||
|
||||
type UserPassAuthenticationDbHandler struct {
|
||||
@ -60,16 +58,12 @@ func (self *UserPassAuthenticationDbHandler) AuthenticateUser(ctx context.Contex
|
||||
return nil, err
|
||||
}
|
||||
|
||||
hashedPassword, err := dbhandler.HashPassword(password)
|
||||
err = bcrypt.CompareHashAndPassword([]byte(user.HashedPassword), []byte(password))
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if user.HashedPassword != hashedPassword {
|
||||
return nil, fmt.Errorf("Incorrect Password")
|
||||
}
|
||||
|
||||
return &models.User{
|
||||
Username: user.Username,
|
||||
Nickname: user.Nickname,
|
||||
@ -136,22 +130,13 @@ func (self *UserPassAuthenticationDbHandler) SetPermissions(
|
||||
}
|
||||
|
||||
func NewUserPassAuthHandler(config models.MongoDBConfig) (*UserPassAuthenticationDbHandler, error) {
|
||||
clientOptions := options.Client().ApplyURI(config.Url).SetAuth(options.Credential{
|
||||
Username: config.Username,
|
||||
Password: config.Password,
|
||||
})
|
||||
|
||||
ctx, cancel := context.WithTimeoutCause(context.Background(), 30*time.Second, fmt.Errorf("Timeout"))
|
||||
defer cancel()
|
||||
|
||||
client, err := mongo.Connect(ctx, clientOptions)
|
||||
|
||||
collection, err := getMongoCollection(config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &UserPassAuthenticationDbHandler{
|
||||
collection: client.Database(config.Database).Collection(config.Collection),
|
||||
collection: collection,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
@ -137,7 +137,7 @@ func (con ServersApi) CreateServer(ctx *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
err = con.ServerAuthorization.AddPermissions(ctx, serverClaims.Username, instanceServer.Id, models.Admin)
|
||||
err = con.ServerAuthorization.SetPermissions(ctx, serverClaims.Username, instanceServer.Id, models.Admin)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user