package wsapi import ( "encoding/json" "io" "dynatron.me/x/blasphem/pkg/auth" "github.com/rs/zerolog/log" ) type authPhase struct { *wsSession } func (ws *wsSession) sendAuthRequired() error { authReq := &struct { MsgBase Version string `json:"version"` }{ MsgBase{"auth_required"}, ws.b.Version(), } return ws.WriteJSON(&authReq) } type authMsg struct { MsgBase AccessToken auth.AccessToken `json:"access_token"` } func (ap *authPhase) msgSchema() interface{} { return &authMsg{} } func (ap *authPhase) finishAuth(rt *auth.RefreshToken) { ap.user = rt.User ap.refreshToken = rt ap.h = &cmdHandler{ap.wsSession} } func (ap *authPhase) handleMsg(r io.Reader) error { var authMsg authMsg err := json.NewDecoder(r).Decode(&authMsg) if err != nil { return err } refreshToken := ap.b.ValidateAccessToken(authMsg.AccessToken) if refreshToken != nil { ap.finishAuth(refreshToken) } log.Error().Str("remote", ap.ec.Request().RemoteAddr).Msg("websocket auth failed") return auth.ErrInvalidAuth }