72 lines
1.4 KiB
Go
72 lines
1.4 KiB
Go
package wsapi
|
|
|
|
import (
|
|
"encoding/json"
|
|
"io"
|
|
|
|
"dynatron.me/x/blasphem/pkg/auth"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
type authPhase struct {
|
|
*wsSession
|
|
}
|
|
|
|
func (ws *wsSession) sendAuthRequired() error {
|
|
authReq := &struct {
|
|
MsgBase
|
|
Version string `json:"ha_version"`
|
|
}{
|
|
MsgBase{"auth_required"},
|
|
ws.b.Version(),
|
|
}
|
|
return ws.WriteJSON(&authReq)
|
|
}
|
|
|
|
type authMsg struct {
|
|
MsgBase
|
|
AccessToken auth.AccessToken `json:"access_token"`
|
|
}
|
|
|
|
func (ap *authPhase) msgSchema() interface{} {
|
|
return &authMsg{}
|
|
}
|
|
|
|
func (ap *authPhase) finishAuth(rt *auth.RefreshToken) {
|
|
ap.user = rt.User
|
|
ap.refreshToken = rt
|
|
ap.h = &cmdHandler{ap.wsSession}
|
|
}
|
|
|
|
func (ap *authPhase) sendAuthOK() error {
|
|
return ap.WriteJSON(struct {
|
|
Type string `json:"type"`
|
|
Version string `json:"ha_version"`
|
|
}{Type: "auth_ok", Version: ap.Blas().Version()})
|
|
}
|
|
|
|
func (ap *authPhase) sendAuthInvalid() error {
|
|
return ap.WriteJSON(struct {
|
|
Type string `json:"type"`
|
|
Message string `json:"message"`
|
|
}{Type: "auth_ok", Message: "invalid auth"})
|
|
}
|
|
|
|
func (ap *authPhase) handleMsg(r io.Reader) error {
|
|
var authMsg authMsg
|
|
err := json.NewDecoder(r).Decode(&authMsg)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
refreshToken := ap.b.ValidateAccessToken(authMsg.AccessToken)
|
|
if refreshToken != nil {
|
|
ap.finishAuth(refreshToken)
|
|
return ap.sendAuthOK()
|
|
}
|
|
|
|
log.Error().Str("remote", ap.ec.Request().RemoteAddr).Msg("websocket auth failed")
|
|
|
|
return ap.sendAuthInvalid()
|
|
}
|