Put http.Request in validation path

This commit is contained in:
Daniel 2022-11-12 17:31:03 -05:00
parent 2c997e3866
commit 1aa1296732
5 changed files with 15 additions and 7 deletions

View file

@ -93,7 +93,7 @@ func (a *Authenticator) ProvidersHandler(c echo.Context) error {
return c.JSON(http.StatusOK, providers)
}
func (a *Authenticator) Check(f *Flow, rm map[string]interface{}) (provider.ProviderUser, error) {
func (a *Authenticator) Check(f *Flow, req *http.Request, rm map[string]interface{}) (provider.ProviderUser, error) {
cID, hasCID := rm["client_id"]
cIDStr, cidIsStr := cID.(string)
if !hasCID || !cidIsStr || cIDStr == "" || cIDStr != string(f.request.ClientID) {
@ -110,7 +110,7 @@ func (a *Authenticator) Check(f *Flow, rm map[string]interface{}) (provider.Prov
return nil, ErrInvalidAuth
}
user, success := p.ValidateCreds(rm)
user, success := p.ValidateCreds(req, rm)
if success {
log.Info().Interface("user", user.ProviderUserData()).Msg("Login success")

View file

@ -142,7 +142,7 @@ func (f *Flow) progress(a *Authenticator, c echo.Context) error {
}
}
}
user, err := a.Check(f, rm)
user, err := a.Check(f, c.Request(), rm)
switch err {
case nil:
var finishedFlow struct {

View file

@ -1,6 +1,8 @@
package hass
import (
"net/http"
"encoding/base64"
"github.com/rs/zerolog/log"
@ -64,7 +66,7 @@ func (hap *HomeAssistantProvider) hashPass(p string) ([]byte, error) {
return bcrypt.GenerateFromPassword([]byte(p), bcrypt.DefaultCost)
}
func (hap *HomeAssistantProvider) ValidateCreds(rm map[string]interface{}) (provider.ProviderUser, bool) {
func (hap *HomeAssistantProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) {
usernameE, hasU := rm["username"]
passwordE, hasP := rm["password"]
username, unStr := usernameE.(string)

View file

@ -1,6 +1,8 @@
package provider
import (
"net/http"
"dynatron.me/x/blasphem/pkg/storage"
)
@ -13,7 +15,7 @@ type AuthProvider interface { // TODO: this should include stepping
ProviderBase() AuthProviderBase
FlowSchema() []FlowSchemaItem
NewCredData() interface{}
ValidateCreds(reqMap map[string]interface{}) (user ProviderUser, success bool)
ValidateCreds(r *http.Request, reqMap map[string]interface{}) (user ProviderUser, success bool)
}
func Register(providerName string, f func(storage.Store) (AuthProvider, error)) {

View file

@ -3,6 +3,8 @@ package trustednets
// TODO: This doesn't work at all
import (
"net/http"
"dynatron.me/x/blasphem/pkg/auth/provider"
"dynatron.me/x/blasphem/pkg/storage"
)
@ -42,8 +44,10 @@ func New(s storage.Store) (provider.AuthProvider, error) {
return hap, nil
}
// TODO: To implement this, ValidateCreds needs to be changed to accept an http.Request, or the echo context.
func (hap *TrustedNetworksProvider) ValidateCreds(rm map[string]interface{}) (provider.ProviderUser, bool) {
func (hap *TrustedNetworksProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) {
/*
if req.RemoteAddr in allowed then do the thing
*/
return nil, false
}