htmlhouse
/
htmlhouse
mirror of https://github.com/writeas/htmlhouse
1
0
Fork 0
Code Issues 0 Releases 2 Activity
Publish HTML quickly. https://html.house
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
96 Commits
2 Branches
990 KiB
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
htmlhouse/session.go

113 lines
2.4 KiB
Raw Permalink Blame History 

  1. package htmlhouse

  2. 

  3. import (

  4. 	"crypto/rsa"

  5. 	"fmt"

  6. 	jwt "github.com/dgrijalva/jwt-go"

  7. 	"github.com/juju/errgo"

  8. 	"io/ioutil"

  9. 	"net/http"

  10. )

  11. 

  12. const (

  13. 	tokenHeader = "Authorization"

  14. )

  15. 

  16. type sessionManager interface {

  17. 	readToken(*http.Request) (string, error)

  18. 	createToken(string) (string, error)

  19. 	writeToken(http.ResponseWriter, string) error

  20. }

  21. 

  22. // Basic user session info

  23. type sessionInfo struct {

  24. 	ID string `json:"id"`

  25. }

  26. 

  27. func newSessionInfo(houseID string) *sessionInfo {

  28. 	return &sessionInfo{houseID}

  29. }

  30. 

  31. func newSessionManager(cfg *config) (sessionManager, error) {

  32. 	mgr := &defaultSessionManager{}

  33. 

  34. 	// Read and parse private key

  35. 	signBytes, err := ioutil.ReadFile(cfg.PrivateKey)

  36. 	if err != nil {

  37. 		return mgr, errgo.Mask(err)

  38. 	}

  39. 	mgr.signKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)

  40. 	if err != nil {

  41. 		return mgr, errgo.Mask(err)

  42. 	}

  43. 

  44. 	// Read and parse public key

  45. 	verifyBytes, err := ioutil.ReadFile(cfg.PublicKey)

  46. 	if err != nil {

  47. 		return mgr, errgo.Mask(err)

  48. 	}

  49. 	mgr.verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)

  50. 	if err != nil {

  51. 		return mgr, errgo.Mask(err)

  52. 	}

  53. 

  54. 	return mgr, nil

  55. }

  56. 

  57. type defaultSessionManager struct {

  58. 	verifyKey *rsa.PublicKey

  59. 	signKey   *rsa.PrivateKey

  60. }

  61. 

  62. func (m *defaultSessionManager) readToken(r *http.Request) (string, error) {

  63. 	tokenString := r.Header.Get(tokenHeader)

  64. 	if tokenString == "" {

  65. 		return "", nil

  66. 	}

  67. 

  68. 	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {

  69. 		if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {

  70. 			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])

  71. 		}

  72. 		return m.verifyKey, nil

  73. 	})

  74. 	switch err.(type) {

  75. 	case nil:

  76. 		if !token.Valid {

  77. 			return "", nil

  78. 		}

  79. 

  80. 		claims := token.Claims.(jwt.MapClaims)

  81. 		houseID := claims["houseID"].(string)

  82. 

  83. 		return houseID, nil

  84. 	case *jwt.ValidationError:

  85. 		return "", nil

  86. 	default:

  87. 		return "", errgo.Mask(err)

  88. 	}

  89. }

  90. 

  91. func (m *defaultSessionManager) createToken(houseID string) (string, error) {

  92. 	token := jwt.New(jwt.SigningMethodRS512)

  93. 	claims := token.Claims.(jwt.MapClaims)

  94. 	claims["houseID"] = houseID

  95. 

  96. 	tokenString, err := token.SignedString(m.signKey)

  97. 	if err != nil {

  98. 		return tokenString, errgo.Mask(err)

  99. 	}

  100. 

  101. 	return tokenString, nil

  102. }

  103. 

  104. func (m *defaultSessionManager) writeToken(w http.ResponseWriter, houseID string) error {

  105. 	tokenString, err := m.createToken(houseID)

  106. 	if err != nil {

  107. 		return err

  108. 	}

  109. 

  110. 	w.Header().Set(tokenHeader, tokenString)

  111. 	return nil

  112. }