Beginscherm Verkennen Help
Inloggen
lamperi
/
LevyraatiBot
Volgen 1
Ster 0
Vork 0
Code Kwesties 2 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
19 Commits
1 Branches
Tree: 7f454cb777
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van '7f454cb777'
${ noResults }
LevyraatiBot/auth.go

auth.go 3.9KB
Geschiedenis Ruw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193 
  1. package main

  2. 

  3. import (

  4. 	"bytes"

  5. 	"container/heap"

  6. 	"crypto/rand"

  7. 	"crypto/sha1"

  8. 	"encoding/base64"

  9. 	"errors"

  10. 	"golang.org/x/crypto/pbkdf2"

  11. 	"log"

  12. 	"net/http"

  13. 	"strings"

  14. 	"time"

  15. )

  16. 

  17. type SessionData struct {

  18. 	sid      string

  19. 	username string

  20. 	priority time.Time

  21. 	index    int

  22. }

  23. 

  24. type SessionQueue []*SessionData

  25. 

  26. func (pq SessionQueue) Len() int {

  27. 	return len(pq)

  28. }

  29. 

  30. func (pq SessionQueue) Less(i, j int) bool {

  31. 	return pq[i].priority.Before(pq[j].priority)

  32. }

  33. 

  34. func (pq SessionQueue) Swap(i, j int) {

  35. 	pq[i], pq[j] = pq[j], pq[i]

  36. 	pq[i].index = i

  37. 	pq[j].index = j

  38. }

  39. 

  40. func (pq *SessionQueue) Push(x interface{}) {

  41. 	n := len(*pq)

  42. 	item := x.(*SessionData)

  43. 	item.index = n

  44. 	*pq = append(*pq, item)

  45. }

  46. 

  47. func (pq *SessionQueue) Pop() interface{} {

  48. 	old := *pq

  49. 	n := len(old)

  50. 	item := old[n-1]

  51. 	item.index = -1 // for safety

  52. 	*pq = old[0 : n-1]

  53. 	return item

  54. }

  55. 

  56. var (

  57. 	sessions     = make(map[string]*SessionData)

  58. 	sessionQueue = make(SessionQueue, 0)

  59. )

  60. 

  61. func sessionExpirer() {

  62. 	for {

  63. 		for len(sessionQueue) > 0 && time.Now().After(sessionQueue[0].priority) {

  64. 			session := heap.Pop(&sessionQueue).(*SessionData)

  65. 			delete(sessions, session.sid)

  66. 		}

  67. 		time.Sleep(time.Second * 5)

  68. 	}

  69. }

  70. 

  71. func init() {

  72. 	go sessionExpirer()

  73. }

  74. 

  75. func addSession(data *SessionData) {

  76. 	sessions[data.sid] = data

  77. 	heap.Push(&sessionQueue, data)

  78. }

  79. 

  80. func generateHash(password string) (string, error) {

  81. 	salt := make([]byte, 11)

  82. 

  83. 	if _, err := rand.Read(salt); err != nil {

  84. 		log.Println(err)

  85. 		return "", errors.New("Couldn't generate random string")

  86. 	}

  87. 

  88. 	passwordBytes := []byte(password)

  89. 	key := hashPasswordSalt(passwordBytes, salt)

  90. 

  91. 	saltStr := base64.StdEncoding.EncodeToString(salt)

  92. 	keyStr := base64.StdEncoding.EncodeToString(key)

  93. 	return saltStr + "$" + keyStr, nil

  94. }

  95. 

  96. func hashOk(password, hashed string) (bool, error) {

  97. 	parts := strings.Split(hashed, "$")

  98. 	if len(parts) != 2 {

  99. 		return false, errors.New("Invalid data stored in database for password")

  100. 	}

  101. 	salt, err := base64.StdEncoding.DecodeString(parts[0])

  102. 	if err != nil {

  103. 		return false, err

  104. 	}

  105. 	passwordHash, err := base64.StdEncoding.DecodeString(parts[1])

  106. 	if err != nil {

  107. 		return false, err

  108. 	}

  109. 	if len(passwordHash) != 32 {

  110. 		return false, errors.New("Password hash was not 32 bytes long")

  111. 	}

  112. 

  113. 	key := hashPasswordSalt([]byte(password), salt)

  114. 	return bytes.Equal(key, passwordHash), nil

  115. }

  116. 

  117. func hashPasswordSalt(password, salt []byte) []byte {

  118. 	return pbkdf2.Key(password, salt, 4096, 32, sha1.New)

  119. }

  120. 

  121. func userOk(db *DB, username, password string) (bool, error) {

  122. 	hash, err := db.FindHashForUser(username)

  123. 	if err != nil {

  124. 		if err.Error() == "sql: no rows in result set" {

  125. 			return false, nil

  126. 		} else {

  127. 			return false, err

  128. 		}

  129. 	}

  130. 

  131. 	ok, err := hashOk(password, hash)

  132. 	if err != nil {

  133. 		return false, err

  134. 	}

  135. 	return ok, nil

  136. }

  137. 

  138. func tryLogin(db *DB, username, password string, longerTime bool) (http.Cookie, error) {

  139. 	if exists, err := userOk(db, username, password); !exists {

  140. 		if err != nil {

  141. 			return http.Cookie{}, err

  142. 		}

  143. 		return http.Cookie{},

  144. 			errors.New("The username or password you entered isn't correct.")

  145. 	}

  146. 

  147. 	sid, err := randString(32)

  148. 	if err != nil {

  149. 		return http.Cookie{}, err

  150. 	}

  151. 

  152. 	duration := time.Hour * 1

  153. 	if longerTime {

  154. 		duration = time.Hour * 24 * 14

  155. 	}

  156. 

  157. 	loginCookie := http.Cookie{

  158. 		Name:     "id",

  159. 		Value:    sid,

  160. 		MaxAge:   int(duration.Seconds()),

  161. 		HttpOnly: true,

  162. 	}

  163. 

  164. 	expiration := time.Now().Add(duration)

  165. 	addSession(&SessionData{sid, username, expiration, 0})

  166. 

  167. 	return loginCookie, nil

  168. }

  169. 

  170. func getSession(req *http.Request) (*SessionData, error) {

  171. 	cookie, err := req.Cookie("id")

  172. 	if err != nil {

  173. 		return nil, err

  174. 	}

  175. 

  176. 	session, exists := sessions[cookie.Value]

  177. 	if !exists {

  178. 		return nil, errors.New("Session expired from server")

  179. 	}

  180. 	return session, nil

  181. }

  182. 

  183. func randString(size int) (string, error) {

  184. 	buf := make([]byte, size)

  185. 

  186. 	if _, err := rand.Read(buf); err != nil {

  187. 		log.Println(err)

  188. 		return "", errors.New("Couldn't generate random string")

  189. 	}

  190. 

  191. 	return base64.URLEncoding.EncodeToString(buf)[:size], nil

  192. }