57 lines
1.5 KiB
Go
57 lines
1.5 KiB
Go
package socketapi
|
|
|
|
import (
|
|
"realy.mleku.dev/auth"
|
|
"realy.mleku.dev/chk"
|
|
"realy.mleku.dev/envelopes/authenvelope"
|
|
"realy.mleku.dev/envelopes/okenvelope"
|
|
"realy.mleku.dev/log"
|
|
"realy.mleku.dev/realy/interfaces"
|
|
"realy.mleku.dev/reason"
|
|
)
|
|
|
|
func (a *A) HandleAuth(req []byte,
|
|
srv interfaces.Server) (msg []byte) {
|
|
|
|
if srv.AuthRequired() || len(srv.Owners()) > 0 {
|
|
svcUrl := srv.ServiceURL(a.Listener.Req())
|
|
if svcUrl == "" {
|
|
return
|
|
}
|
|
log.T.F("received auth response,%s", req)
|
|
var err error
|
|
var rem []byte
|
|
env := authenvelope.NewResponse()
|
|
if rem, err = env.Unmarshal(req); chk.E(err) {
|
|
return
|
|
}
|
|
if len(rem) > 0 {
|
|
log.I.F("extra '%s'", rem)
|
|
}
|
|
var valid bool
|
|
if valid, err = auth.Validate(env.Event, []byte(a.Listener.Challenge()),
|
|
svcUrl); chk.E(err) {
|
|
e := err.Error()
|
|
if err = okenvelope.NewFrom(env.Event.Id, false,
|
|
reason.Error.F(err.Error())).Write(a.Listener); chk.E(err) {
|
|
return []byte(err.Error())
|
|
}
|
|
return reason.Error.F(e)
|
|
} else if !valid {
|
|
if err = okenvelope.NewFrom(env.Event.Id, false,
|
|
reason.Error.F("failed to authenticate")).Write(a.Listener); chk.E(err) {
|
|
return []byte(err.Error())
|
|
}
|
|
return reason.Restricted.F("auth response does not validate")
|
|
} else {
|
|
if err = okenvelope.NewFrom(env.Event.Id, true,
|
|
[]byte{}).Write(a.Listener); chk.E(err) {
|
|
return
|
|
}
|
|
log.D.F("%s authed to pubkey,%0x", a.Listener.RealRemote(), env.Event.Pubkey)
|
|
a.Listener.SetAuthed(string(env.Event.Pubkey))
|
|
}
|
|
}
|
|
return
|
|
}
|