diff options
| author | Gabriel Arakaki Giovanini <mail@gabrielgio.me> | 2023-07-19 21:01:23 +0200 |
|---|---|---|
| committer | Gabriel Arakaki Giovanini <mail@gabrielgio.me> | 2023-07-19 21:01:23 +0200 |
| commit | fbcac585cf626917e2baf1d0065c7b632341ba01 (patch) | |
| tree | 82a0ca1812f92500588c0503cc80b23cffd159e8 /pkg/service/auth.go | |
| parent | 52276ba99540d6c61195772ccdd50944e96f4959 (diff) | |
| download | lens-fbcac585cf626917e2baf1d0065c7b632341ba01.tar.gz lens-fbcac585cf626917e2baf1d0065c7b632341ba01.tar.bz2 lens-fbcac585cf626917e2baf1d0065c7b632341ba01.zip | |
ref: Move auth functions to service
Diffstat (limited to 'pkg/service/auth.go')
| -rw-r--r-- | pkg/service/auth.go | 73 |
1 files changed, 70 insertions, 3 deletions
diff --git a/pkg/service/auth.go b/pkg/service/auth.go index 761c70b..1966e70 100644 --- a/pkg/service/auth.go +++ b/pkg/service/auth.go @@ -1,12 +1,18 @@ package service import ( + "bytes" "context" + "crypto/aes" + "crypto/cipher" + "crypto/rand" + "encoding/gob" + "errors" + "io" "golang.org/x/crypto/bcrypt" "git.sr.ht/~gabrielgio/img/pkg/database/repository" - "git.sr.ht/~gabrielgio/img/pkg/ext" ) type AuthController struct { @@ -42,11 +48,11 @@ func (c *AuthController) Login(ctx context.Context, username, password []byte) ( return nil, err } - token := &ext.Token{ + token := &Token{ UserID: id, Username: string(username), } - return ext.WriteToken(token, c.key) + return WriteToken(token, c.key) } // InitialRegister register a initial user, it will validate if there is another @@ -75,3 +81,64 @@ func (c *AuthController) InitialRegister(ctx context.Context, username, password return err } + +type Token struct { + UserID uint + Username string +} + +func ReadToken(data []byte, key []byte) (*Token, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + aesgcm, err := cipher.NewGCM(block) + if err != nil { + panic(err.Error()) + } + + nonceSize := aesgcm.NonceSize() + if len(data) < nonceSize { + return nil, errors.New("nonce size greater than data's size") + } + + nonce, ciphertext := data[:nonceSize], data[nonceSize:] + plaintext, err := aesgcm.Open(nil, nonce, ciphertext, nil) + if err != nil { + return nil, err + } + + r := bytes.NewReader(plaintext) + var token Token + dec := gob.NewDecoder(r) + if err = dec.Decode(&token); err != nil { + return nil, err + } + return &token, nil +} + +func WriteToken(token *Token, key []byte) ([]byte, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + aesgcm, err := cipher.NewGCM(block) + if err != nil { + return nil, err + } + + var buffer bytes.Buffer + enc := gob.NewEncoder(&buffer) + if err := enc.Encode(token); err != nil { + return nil, err + } + nonce := make([]byte, aesgcm.NonceSize()) + if _, err = io.ReadFull(rand.Reader, nonce); err != nil { + return nil, err + } + + ciphertext := aesgcm.Seal(nonce, nonce, buffer.Bytes(), nil) + return ciphertext, nil +} |