aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-02-28 17:20:32 +0100
committerAlex Auvolat <alex@adnab.me>2020-02-28 17:20:32 +0100
commit3bb8a78d073563c309195581780254b0e6f9dbe6 (patch)
tree9244a8f3be120972d43afba4fa543ee9cba6c92b
parent669c2c1c28b62ed8c5c91352102d521e22d8ad77 (diff)
downloadeasybridge-3bb8a78d073563c309195581780254b0e6f9dbe6.tar.gz
easybridge-3bb8a78d073563c309195581780254b0e6f9dbe6.zip
Store the user's key in the session store so that login/unlock is automatic if cookie is still there
-rw-r--r--main.go5
-rw-r--r--web.go28
2 files changed, 21 insertions, 12 deletions
diff --git a/main.go b/main.go
index dadb468..80eede0 100644
--- a/main.go
+++ b/main.go
@@ -23,6 +23,7 @@ type ConfigFile struct {
DbType string `json:"db_type"`
DbPath string `json:"db_path"`
MatrixDomain string `json:"matrix_domain"`
+ SessionKey string `json:"web_session_key"`
}
var configFlag = flag.String("config", "./config.json", "Configuration file path")
@@ -31,6 +32,9 @@ var config *ConfigFile
var registration *mxlib.Registration
func readConfig() ConfigFile {
+ defaultKey := make([]byte, 32)
+ rand.Read(defaultKey)
+
config_file := ConfigFile{
LogLevel: "info",
ASBindAddr: "0.0.0.0:8321",
@@ -39,6 +43,7 @@ func readConfig() ConfigFile {
Server: "http://localhost:8008",
DbType: "sqlite3",
DbPath: "easybridge.db",
+ SessionKey: hex.EncodeToString(defaultKey),
}
_, err := os.Stat(*configFlag)
diff --git a/web.go b/web.go
index ce7fd0e..d50d91c 100644
--- a/web.go
+++ b/web.go
@@ -1,7 +1,6 @@
package main
import (
- "crypto/rand"
"html/template"
"net/http"
"strconv"
@@ -11,6 +10,7 @@ import (
"github.com/gorilla/sessions"
log "github.com/sirupsen/logrus"
"golang.org/x/crypto/argon2"
+ "golang.org/x/crypto/blake2b"
"git.deuxfleurs.fr/Deuxfleurs/easybridge/connector"
"git.deuxfleurs.fr/Deuxfleurs/easybridge/mxlib"
@@ -22,12 +22,8 @@ var sessionsStore sessions.Store = nil
var userKeys = map[string]*[32]byte{}
func StartWeb() {
- session_key := make([]byte, 32)
- n, err := rand.Read(session_key)
- if err != nil || n != 32 {
- log.Fatal(err)
- }
- sessionsStore = sessions.NewCookieStore(session_key)
+ session_key := blake2b.Sum256([]byte(config.SessionKey))
+ sessionsStore = sessions.NewCookieStore(session_key[:])
r := mux.NewRouter()
r.HandleFunc("/", handleHome)
@@ -41,7 +37,7 @@ func StartWeb() {
log.Printf("Starting web UI HTTP server on %s", config.WebBindAddr)
go func() {
- err = http.ListenAndServe(config.WebBindAddr, logRequest(r))
+ err := http.ListenAndServe(config.WebBindAddr, logRequest(r))
if err != nil {
log.Fatal("Cannot start http server: ", err)
}
@@ -66,10 +62,17 @@ func checkLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
session, err := sessionsStore.Get(r, SESSION_NAME)
if err == nil {
- mxid, ok := session.Values["login_mxid"]
- if ok {
+ mxid, ok := session.Values["login_mxid"].(string)
+ user_key, ok2 := session.Values["login_user_key"].([]byte)
+ if ok && ok2 {
+ if _, had_key := userKeys[mxid]; !had_key && len(user_key) == 32 {
+ key := new([32]byte)
+ copy(key[:], user_key)
+ userKeys[mxid] = key
+ LoadDbAccounts(mxid, key)
+ }
login_info = &LoginInfo{
- MxId: mxid.(string),
+ MxId: mxid,
}
}
}
@@ -154,7 +157,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
key := new([32]byte)
key_slice := argon2.IDKey([]byte(password), []byte("EZBRIDGE account store"), 3, 64*1024, 4, 32)
- copy(key[:], key_slice[:])
+ copy(key[:], key_slice)
userKeys[mxid] = key
SaveDbAccounts(mxid, key)
@@ -167,6 +170,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
}
session.Values["login_mxid"] = mxid
+ session.Values["login_user_key"] = key_slice
err = session.Save(r, w)
if err != nil {