mirror of
https://github.com/ClusterCockpit/cc-backend
synced 2024-11-10 08:57:25 +01:00
43 lines
1.0 KiB
Go
43 lines
1.0 KiB
Go
|
package authv2
|
||
|
|
|
||
|
|
import (
|
||
|
|
"encoding/json"
|
||
|
|
"fmt"
|
||
|
|
"net/http"
|
||
|
|
|
||
|
|
"golang.org/x/crypto/bcrypt"
|
||
|
|
)
|
||
|
|
|
||
|
|
type LocalAuthenticator struct {
|
||
|
|
auth *Authentication
|
||
|
|
}
|
||
|
|
|
||
|
|
var _ Authenticator = (*LocalAuthenticator)(nil)
|
||
|
|
|
||
|
|
func (la *LocalAuthenticator) Init(auth *Authentication, rawConfig json.RawMessage) error {
|
||
|
|
la.auth = auth
|
||
|
|
return nil
|
||
|
|
}
|
||
|
|
|
||
|
|
func (la *LocalAuthenticator) CanLogin(user *User, rw http.ResponseWriter, r *http.Request) bool {
|
||
|
|
return user.AuthSource == AuthViaLocalPassword
|
||
|
|
}
|
||
|
|
|
||
|
|
func (la *LocalAuthenticator) Login(user *User, password string, rw http.ResponseWriter, r *http.Request) error {
|
||
|
|
if e := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); e != nil {
|
||
|
|
return fmt.Errorf("user '%s' provided the wrong password (%s)", user.Username, e.Error())
|
||
|
|
}
|
||
|
|
|
||
|
|
return nil
|
||
|
|
}
|
||
|
|
|
||
|
|
func (la *LocalAuthenticator) Auth(rw http.ResponseWriter, r *http.Request) (*User, error) {
|
||
|
|
user, err := la.auth.AuthViaSession(rw, r)
|
||
|
|
if err != nil {
|
||
|
|
return nil, err
|
||
|
|
}
|
||
|
|
|
||
|
|
user.AuthSource = AuthViaLocalPassword
|
||
|
|
return user, nil
|
||
|
|
}
|