blasphem/pkg/wsapi/auth.go

package wsapi

import (
	"encoding/json"
	"io"

	"dynatron.me/x/blasphem/pkg/auth"

	"github.com/rs/zerolog/log"
)

type authPhase struct {
	*wsSession
}

func (ws *wsSession) sendAuthRequired() error {
	authReq := &struct {
		MsgBase
		Version string `json:"ha_version"`
	}{
		MsgBase{"auth_required"},
		ws.b.Version(),
	}
	return ws.WriteJSON(&authReq)
}

type authMsg struct {
	MsgBase
	AccessToken auth.AccessToken `json:"access_token"`
}

func (ap *authPhase) msgSchema() interface{} {
	return &authMsg{}
}

func (ap *authPhase) finishAuth(rt *auth.RefreshToken) {
	ap.user = rt.User
	ap.refreshToken = rt
	ap.h = &cmdHandler{ap.wsSession}
}

func (ap *authPhase) sendAuthOK() error {
	return ap.WriteJSON(struct {
		Type    string `json:"type"`
		Version string `json:"ha_version"`
	}{Type: "auth_ok", Version: ap.Blas().Version()})
}

func (ap *authPhase) sendAuthInvalid() error {
	return ap.WriteJSON(struct {
		Type    string `json:"type"`
		Message string `json:"message"`
	}{Type: "auth_ok", Message: "invalid auth"})
}

func (ap *authPhase) handleMsg(r io.Reader) error {
	var authMsg authMsg
	err := json.NewDecoder(r).Decode(&authMsg)
	if err != nil {
		return err
	}

	refreshToken := ap.b.ValidateAccessToken(authMsg.AccessToken)
	if refreshToken != nil {
		ap.finishAuth(refreshToken)
		return ap.sendAuthOK()
	}

	log.Error().Str("remote", ap.ec.Request().RemoteAddr).Msg("websocket auth failed")

	return ap.sendAuthInvalid()
}
WIP: websocket 2022-12-19 19:24:01 -05:00			`package wsapi`

			`import (`
WIP: pre dep injection 2022-12-20 11:34:25 -05:00			`"encoding/json"`
			`"io"`

WIP: websocket 2022-12-19 19:24:01 -05:00			`"dynatron.me/x/blasphem/pkg/auth"`

			`"github.com/rs/zerolog/log"`
			`)`

			`type authPhase struct {`
			`*wsSession`
			`}`

			`func (ws *wsSession) sendAuthRequired() error {`
compiles 2022-12-20 13:16:30 -05:00			`authReq := &struct {`
WIP: websocket 2022-12-19 19:24:01 -05:00			`MsgBase`
commands working ish 2022-12-20 20:11:11 -05:00			Version string `json:"ha_version"`
WIP: websocket 2022-12-19 19:24:01 -05:00			`}{`
			`MsgBase{"auth_required"},`
			`ws.b.Version(),`
			`}`
			`return ws.WriteJSON(&authReq)`
			`}`

			`type authMsg struct {`
			`MsgBase`
			AccessToken auth.AccessToken `json:"access_token"`
			`}`

			`func (ap *authPhase) msgSchema() interface{} {`
			`return &authMsg{}`
			`}`

			`func (ap authPhase) finishAuth(rt auth.RefreshToken) {`
			`ap.user = rt.User`
			`ap.refreshToken = rt`
			`ap.h = &cmdHandler{ap.wsSession}`
auth progress 2022-12-20 19:05:45 -05:00			`}`

			`func (ap *authPhase) sendAuthOK() error {`
			`return ap.WriteJSON(struct {`
			Type string `json:"type"`
commands working ish 2022-12-20 20:11:11 -05:00			Version string `json:"ha_version"`
auth progress 2022-12-20 19:05:45 -05:00			`}{Type: "auth_ok", Version: ap.Blas().Version()})`
WIP: websocket 2022-12-19 19:24:01 -05:00			`}`

wip: auth still broken 2022-12-20 19:31:46 -05:00			`func (ap *authPhase) sendAuthInvalid() error {`
			`return ap.WriteJSON(struct {`
			Type string `json:"type"`
			Message string `json:"message"`
			`}{Type: "auth_ok", Message: "invalid auth"})`
			`}`

WIP: pre dep injection 2022-12-20 11:34:25 -05:00			`func (ap *authPhase) handleMsg(r io.Reader) error {`
			`var authMsg authMsg`
			`err := json.NewDecoder(r).Decode(&authMsg)`
			`if err != nil {`
			`return err`
			`}`

WIP: websocket 2022-12-19 19:24:01 -05:00			`refreshToken := ap.b.ValidateAccessToken(authMsg.AccessToken)`
			`if refreshToken != nil {`
			`ap.finishAuth(refreshToken)`
auth progress 2022-12-20 19:05:45 -05:00			`return ap.sendAuthOK()`
WIP: websocket 2022-12-19 19:24:01 -05:00			`}`

			`log.Error().Str("remote", ap.ec.Request().RemoteAddr).Msg("websocket auth failed")`

wip: auth still broken 2022-12-20 19:31:46 -05:00			`return ap.sendAuthInvalid()`
WIP: websocket 2022-12-19 19:24:01 -05:00			`}`