| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 |
- package main
- import (
- "bufio"
- "errors"
- "os"
- "strings"
- "golang.org/x/crypto/bcrypt"
- )
- var (
- filename string
- )
- type AuthUser struct {
- username string
- passwordHash string
- allowedAddresses []string
- }
- func AuthLoadFile(file string) error {
- f, err := os.Open(file)
- if err != nil {
- return err
- }
- f.Close()
- filename = file
- return nil
- }
- func AuthReady() bool {
- return (filename != "")
- }
- // Split a string and ignore empty results
- // https://stackoverflow.com/a/46798310/119527
- func splitstr(s string, sep rune) []string {
- return strings.FieldsFunc(s, func(c rune) bool { return c == sep })
- }
- func parseLine(line string) *AuthUser {
- parts := strings.Fields(line)
- if len(parts) < 2 || len(parts) > 3 {
- return nil
- }
- user := AuthUser{
- username: parts[0],
- passwordHash: parts[1],
- allowedAddresses: nil,
- }
- if len(parts) >= 3 {
- user.allowedAddresses = splitstr(parts[2], ',')
- }
- return &user
- }
- func AuthFetch(username string) (*AuthUser, error) {
- if !AuthReady() {
- return nil, errors.New("Authentication file not specified. Call LoadFile() first")
- }
- file, err := os.Open(filename)
- if err != nil {
- return nil, err
- }
- defer file.Close()
- scanner := bufio.NewScanner(file)
- for scanner.Scan() {
- user := parseLine(scanner.Text())
- if user == nil {
- continue
- }
- if strings.ToLower(username) != strings.ToLower(user.username) {
- continue
- }
- return user, nil
- }
- return nil, errors.New("User not found")
- }
- func AuthCheckPassword(username string, secret string) error {
- user, err := AuthFetch(username)
- if err != nil {
- return err
- }
- if bcrypt.CompareHashAndPassword([]byte(user.passwordHash), []byte(secret)) == nil {
- return nil
- }
- return errors.New("Password invalid")
- }
|
