martin/databag
1
0
Fork 0
mirror of https://github.com/balzack/databag.git synced 2025-02-12 03:29:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6a377a7fc0
databag/net/server/internal/api_authorize.go
Roland Osborne 6a377a7fc0 added profile getter and setter
2022-01-19 00:03:46 -08:00

75 lines
1.7 KiB
Go
Raw Blame History

package databag
import (
"crypto"
"crypto/rand"
"crypto/sha256"
"crypto/rsa"
"net/http"
"encoding/json"
"encoding/base64"
"time"
)
func Authorize(w http.ResponseWriter, r *http.Request) {
account, res := BearerAppToken(r, true);
if res != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
if account.Disabled {
w.WriteHeader(http.StatusGone);
return
}
// extract token from body
var token string
err := ParseRequest(r, w, &token)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
// load details to sign data
if account.AccountDetail.KeyType != "RSA4096" {
w.WriteHeader(http.StatusServiceUnavailable)
return
}
privateKey, res := ParseRsaPrivateKeyFromPemStr(account.AccountDetail.PrivateKey);
if res != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
// generate message
auth := Authenticate{
Guid: account.Guid,
Token: token,
Timestamp: time.Now().Unix(),
}
var data []byte
data, err = json.Marshal(auth);
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
hash := sha256.Sum256(data);
var signature []byte
signature, err = rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hash[:])
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
msg := DataMessage{
MessageType: "authenticate",
Message: base64.StdEncoding.EncodeToString([]byte(data)),
KeyType: account.AccountDetail.KeyType,
PublicKey: base64.StdEncoding.EncodeToString([]byte(account.AccountDetail.PublicKey)),
Signature: base64.StdEncoding.EncodeToString(signature),
SignatureType: "PKCS1v15",
}
WriteResponse(w, msg)
}
Reference in New Issue View Git Blame Copy Permalink