🛂 Used config credentials for BasicAuth middleware

develop
Maxim Lebedev 10 months ago
parent 9ef9e16625
commit 7680845f74
Signed by: toby3d
GPG Key ID: 1F14E25B7C119FC5
  1. 41
      configs/example.yml
  2. 15
      internal/auth/delivery/http/auth_http.go
  3. 8
      internal/domain/config.go

@ -1,23 +1,32 @@
---
name: IndieAuth
name: "IndieAuth"
runMode: "dev"
server:
protocol: http
domain: localhost
rootUrl: "{{protocol}}://{{domain}}:{{port}}/"
staticUrlPrefix: "/static"
host: "0.0.0.0"
port: 3000
certFile: "https/cert.pem"
keyFile: "https/key.pem"
staticRootPath: "/"
domain: "localhost"
enablePprof: false
host: "0.0.0.0"
keyFile: "https/key.pem"
port: 3000
protocol: "http"
rootUrl: "{{protocol}}://{{domain}}:{{port}}/"
staticRootPath: "assets/"
staticUrlPrefix: "/static"
database:
type: bolt
path: data/indieauth.db
indieauth:
type: "memory"
# path: "data/development.db"
code:
expiry: "10m"
length: 32
jwt:
algorithm: "RS256"
expiry: "1h"
nonceLength: 24
secret: "hackme"
indieAuth:
enabled: true
accessTokenExpirationTime: 3600
jwtSigningAlgorithm: "RS256"
jwtSecret: ""
jwtSigningPrivateKeyFile: "jwt/private.pem"
username: user
password: hackme
ticketAuth:
expiry: "1m"
length: 24

@ -140,14 +140,19 @@ func (h *RequestHandler) Register(r *router.Router) {
Skipper: func(ctx *http.RequestCtx) bool {
matched, _ := path.Match("/api/*", string(ctx.Path()))
provider := string(ctx.QueryArgs().Peek("provider"))
providerMatched := provider != "" && provider != domain.ProviderDirect.UID
return !ctx.IsPost() || !matched ||
(provider != "" && provider != domain.ProviderDirect.UID)
return !ctx.IsPost() || !matched || providerMatched
},
Validator: func(ctx *http.RequestCtx, login, password string) (bool, error) {
// TODO(toby3d): change this
return subtle.ConstantTimeCompare([]byte(login), []byte("admin")) == 1 &&
subtle.ConstantTimeCompare([]byte(password), []byte("hackme")) == 1, nil
userMatch := subtle.ConstantTimeCompare(
[]byte(login), []byte(h.config.IndieAuth.Username),
)
passMatch := subtle.ConstantTimeCompare(
[]byte(password), []byte(h.config.IndieAuth.Password),
)
return userMatch == 1 && passMatch == 1, nil
},
}),
middleware.LogFmt(),

@ -55,7 +55,9 @@ type (
}
ConfigIndieAuth struct {
Enabled bool `yaml:"enabled"` // true
Enabled bool `yaml:"enabled"` // true
Username string `yaml:"username"`
Password string `yaml:"password"`
}
ConfigTicketAuth struct {
@ -109,7 +111,9 @@ func TestConfig(tb testing.TB) *Config {
Algorithm: "HS256",
},
IndieAuth: ConfigIndieAuth{
Enabled: true,
Enabled: true,
Username: "user",
Password: "password",
},
TicketAuth: ConfigTicketAuth{
Expiry: time.Minute,

Loading…
Cancel
Save