Home Explore Help
Sign In
lamperi
/
LevyraatiBot
Watch 1
Star 0
Fork 0
Code Issues 2 Pull Requests 0 Releases 0 Wiki Activity
36 Commits
1 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
LevyraatiBot/auth.go

auth.go 4.9KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229 
  1. package main

  2. 

  3. import (

  4. 	"bytes"

  5. 	"container/heap"

  6. 	"crypto/rand"

  7. 	"crypto/sha1"

  8. 	"encoding/base64"

  9. 	"errors"

  10. 	"github.com/zmb3/spotify"

  11. 	"golang.org/x/crypto/pbkdf2"

  12. 	"log"

  13. 	"net/http"

  14. 	"strings"

  15. 	"time"

  16. )

  17. 

  18. type SessionData struct {

  19. 	sid           string

  20. 	username      string

  21. 	spotify       string

  22. 	priority      time.Time

  23. 	index         int

  24. 	spotifyClient *spotify.Client

  25. }

  26. 

  27. type SessionQueue []*SessionData

  28. 

  29. func (pq SessionQueue) Len() int {

  30. 	return len(pq)

  31. }

  32. 

  33. func (pq SessionQueue) Less(i, j int) bool {

  34. 	return pq[i].priority.Before(pq[j].priority)

  35. }

  36. 

  37. func (pq SessionQueue) Swap(i, j int) {

  38. 	pq[i], pq[j] = pq[j], pq[i]

  39. 	pq[i].index = i

  40. 	pq[j].index = j

  41. }

  42. 

  43. func (pq *SessionQueue) Push(x interface{}) {

  44. 	n := len(*pq)

  45. 	item := x.(*SessionData)

  46. 	item.index = n

  47. 	*pq = append(*pq, item)

  48. }

  49. 

  50. func (pq *SessionQueue) Pop() interface{} {

  51. 	old := *pq

  52. 	n := len(old)

  53. 	item := old[n-1]

  54. 	item.index = -1 // for safety

  55. 	*pq = old[0 : n-1]

  56. 	return item

  57. }

  58. 

  59. var (

  60. 	sessions     = make(map[string]*SessionData)

  61. 	sessionQueue = make(SessionQueue, 0)

  62. )

  63. 

  64. func sessionExpirer() {

  65. 	for {

  66. 		for len(sessionQueue) > 0 && time.Now().After(sessionQueue[0].priority) {

  67. 			session := heap.Pop(&sessionQueue).(*SessionData)

  68. 			delete(sessions, session.sid)

  69. 		}

  70. 		time.Sleep(time.Second * 5)

  71. 	}

  72. }

  73. 

  74. func init() {

  75. 	go sessionExpirer()

  76. }

  77. 

  78. func addSession(data *SessionData) {

  79. 	sessions[data.sid] = data

  80. 	heap.Push(&sessionQueue, data)

  81. }

  82. 

  83. func generateHash(password string) (string, error) {

  84. 	salt := make([]byte, 11)

  85. 

  86. 	if _, err := rand.Read(salt); err != nil {

  87. 		log.Println(err)

  88. 		return "", errors.New("Couldn't generate random string")

  89. 	}

  90. 

  91. 	passwordBytes := []byte(password)

  92. 	key := hashPasswordSalt(passwordBytes, salt)

  93. 

  94. 	saltStr := base64.StdEncoding.EncodeToString(salt)

  95. 	keyStr := base64.StdEncoding.EncodeToString(key)

  96. 	return saltStr + "$" + keyStr, nil

  97. }

  98. 

  99. func hashOk(password, hashed string) (bool, error) {

  100. 	parts := strings.Split(hashed, "$")

  101. 	if len(parts) != 2 {

  102. 		return false, errors.New("Invalid data stored in database for password")

  103. 	}

  104. 	salt, err := base64.StdEncoding.DecodeString(parts[0])

  105. 	if err != nil {

  106. 		return false, err

  107. 	}

  108. 	passwordHash, err := base64.StdEncoding.DecodeString(parts[1])

  109. 	if err != nil {

  110. 		return false, err

  111. 	}

  112. 	if len(passwordHash) != 32 {

  113. 		return false, errors.New("Password hash was not 32 bytes long")

  114. 	}

  115. 

  116. 	key := hashPasswordSalt([]byte(password), salt)

  117. 	return bytes.Equal(key, passwordHash), nil

  118. }

  119. 

  120. func hashPasswordSalt(password, salt []byte) []byte {

  121. 	return pbkdf2.Key(password, salt, 4096, 32, sha1.New)

  122. }

  123. 

  124. func spotifyOk(db *DB, spotifyID string) (string, error) {

  125. 	username, err := db.FindUserBySpotifyID(spotifyID)

  126. 	if err != nil {

  127. 		if err.Error() == "sql: no rows in result set" {

  128. 			return "", nil

  129. 		} else {

  130. 			return "", err

  131. 		}

  132. 	}

  133. 	return username, nil

  134. }

  135. 

  136. func userOk(db *DB, username, password string) (bool, error) {

  137. 	hash, err := db.FindHashForUser(username)

  138. 	if err != nil {

  139. 		if err.Error() == "sql: no rows in result set" {

  140. 			return false, nil

  141. 		} else {

  142. 			return false, err

  143. 		}

  144. 	}

  145. 

  146. 	ok, err := hashOk(password, hash)

  147. 	if err != nil {

  148. 		return false, err

  149. 	}

  150. 	return ok, nil

  151. }

  152. 

  153. func tryLoginWithSpotify(db *DB, spotifyID string) (http.Cookie, error) {

  154. 	username, err := spotifyOk(db, spotifyID)

  155. 	if username == "" {

  156. 		if err != nil {

  157. 			return http.Cookie{}, err

  158. 		}

  159. 		return http.Cookie{},

  160. 			errors.New("This spotify account is not connected to any account")

  161. 	}

  162. 

  163. 	return addSessionAndReturnMatchingCookie(username, spotifyID, true)

  164. }

  165. 

  166. func tryLogin(db *DB, username, password string, longerTime bool) (http.Cookie, error) {

  167. 	if exists, err := userOk(db, username, password); !exists {

  168. 		if err != nil {

  169. 			return http.Cookie{}, err

  170. 		}

  171. 		return http.Cookie{},

  172. 			errors.New("The username or password you entered isn't correct.")

  173. 	}

  174. 

  175. 	return addSessionAndReturnMatchingCookie(username, "", longerTime)

  176. }

  177. 

  178. func addSessionAndReturnMatchingCookie(username, spotifyID string, longerTime bool) (http.Cookie, error) {

  179. 	sid, err := randString(32)

  180. 	if err != nil {

  181. 		return http.Cookie{}, err

  182. 	}

  183. 

  184. 	duration := time.Hour * 1

  185. 	if longerTime {

  186. 		duration = time.Hour * 24 * 14

  187. 	}

  188. 

  189. 	loginCookie := http.Cookie{

  190. 		Name:     "id",

  191. 		Value:    sid,

  192. 		MaxAge:   int(duration.Seconds()),

  193. 		HttpOnly: true,

  194. 	}

  195. 

  196. 	expiration := time.Now().Add(duration)

  197. 	addSession(&SessionData{sid, username, spotifyID, expiration, 0, nil})

  198. 

  199. 	return loginCookie, nil

  200. 

  201. }

  202. 

  203. func getSession(req *http.Request) (*SessionData, error) {

  204. 	cookie, err := req.Cookie("id")

  205. 	if err != nil {

  206. 		return nil, err

  207. 	}

  208. 	return getSessionById(cookie.Value)

  209. }

  210. 

  211. func getSessionById(sid string) (*SessionData, error) {

  212. 	session, exists := sessions[sid]

  213. 	if !exists {

  214. 		return nil, errors.New("Session expired from server")

  215. 	}

  216. 	return session, nil

  217. }

  218. 

  219. func randString(size int) (string, error) {

  220. 	buf := make([]byte, size)

  221. 

  222. 	if _, err := rand.Read(buf); err != nil {

  223. 		log.Println(err)

  224. 		return "", errors.New("Couldn't generate random string")

  225. 	}

  226. 

  227. 	return base64.URLEncoding.EncodeToString(buf)[:size], nil

  228. }