Compare commits
6 Commits
8adca50b91
...
074b3f8f31
| Author | SHA1 | Date | |
|---|---|---|---|
|
074b3f8f31 | ||
|
|
f8b3c10933 | ||
|
|
c11425dde7 | ||
|
|
bcaa023d3c | ||
|
|
f491c80fa0 | ||
|
|
ffb4077f24 |
@@ -1,7 +1,6 @@
|
||||
package logging
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
)
|
||||
|
||||
@@ -9,54 +8,113 @@ type EventType int
|
||||
|
||||
const (
|
||||
ReadFile EventType = iota
|
||||
AuthenticateUser
|
||||
)
|
||||
|
||||
type LogLevel int
|
||||
|
||||
const (
|
||||
InfoLevel LogLevel = iota
|
||||
EventLevel
|
||||
DebugLevel
|
||||
WarnLevel
|
||||
ErrorLevel
|
||||
FatalLevel
|
||||
)
|
||||
|
||||
var (
|
||||
currentLevel LogLevel = InfoLevel
|
||||
)
|
||||
|
||||
func Info(message string) {
|
||||
if currentLevel > InfoLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Info: %s", message)
|
||||
}
|
||||
|
||||
func Infof(message string, v ...any) {
|
||||
log.Printf("Info: %s", fmt.Sprintf(message, v...))
|
||||
if currentLevel > InfoLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Info: "+message, v...)
|
||||
}
|
||||
|
||||
func Debug(message string) {
|
||||
if currentLevel > DebugLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Debug: %s", message)
|
||||
}
|
||||
|
||||
func Debugf(message string, v ...any) {
|
||||
log.Printf("Debug: %s", fmt.Sprintf(message, v...))
|
||||
if currentLevel > DebugLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Debug: "+message, v...)
|
||||
}
|
||||
|
||||
func Warn(message string) {
|
||||
if currentLevel > WarnLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Warn: %s", message)
|
||||
}
|
||||
|
||||
func Warnf(message string, v ...any) {
|
||||
log.Printf("Warn: %s", fmt.Sprintf(message, v...))
|
||||
if currentLevel > WarnLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Warn: "+message, v...)
|
||||
}
|
||||
|
||||
func Error(message string) {
|
||||
if currentLevel > ErrorLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Error: %s", message)
|
||||
}
|
||||
|
||||
func Errorf(message string, v ...any) {
|
||||
log.Printf("Error: %s", fmt.Sprintf(message, v...))
|
||||
if currentLevel > ErrorLevel {
|
||||
return
|
||||
}
|
||||
log.Printf("Error: "+message, v...)
|
||||
}
|
||||
|
||||
func Fatal(message string) {
|
||||
if currentLevel > FatalLevel {
|
||||
return
|
||||
}
|
||||
log.Fatal(message)
|
||||
}
|
||||
|
||||
func Fatalf(message string, v ...any) {
|
||||
if currentLevel > FatalLevel {
|
||||
return
|
||||
}
|
||||
log.Fatalf(message, v...)
|
||||
}
|
||||
|
||||
func Event(eventType EventType, eventData ...any) {
|
||||
if currentLevel > EventLevel {
|
||||
return
|
||||
}
|
||||
|
||||
switch eventType {
|
||||
case ReadFile:
|
||||
{
|
||||
log.Printf("Reading file %s", eventData[0])
|
||||
break
|
||||
}
|
||||
case AuthenticateUser:
|
||||
{
|
||||
log.Printf("Authenticating user %s", eventData[0])
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func SetLogLovel(level LogLevel) {
|
||||
currentLevel = level
|
||||
}
|
||||
|
||||
@@ -57,6 +57,7 @@ func createUserPhoto(username string, photoData []byte) error {
|
||||
}
|
||||
|
||||
func authenticateUser(username, password string) (UserData, error) {
|
||||
logging.Event(logging.AuthenticateUser, username)
|
||||
ldapServerMutex.Lock()
|
||||
defer ldapServerMutex.Unlock()
|
||||
if ldapServer.Connection == nil {
|
||||
@@ -191,7 +192,6 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
|
||||
connected := connectAsLDAPUser(ldapServer, serverConfig.LDAPConfig.BindDN, serverConfig.LDAPConfig.BindPassword)
|
||||
if connected != nil {
|
||||
w.Write(blankPhotoData)
|
||||
fmt.Println("Returned blank avatar because couldnt connect as user")
|
||||
return
|
||||
}
|
||||
|
||||
@@ -203,13 +203,11 @@ func avatarHandler(w http.ResponseWriter, r *http.Request) {
|
||||
)
|
||||
if !userSearch.Succeeded || len(userSearch.LDAPSearch.Entries) == 0 {
|
||||
w.Write(blankPhotoData)
|
||||
fmt.Println("Returned blank avatar because we couldnt find the user")
|
||||
return
|
||||
}
|
||||
entry := userSearch.LDAPSearch.Entries[0]
|
||||
bytes := entry.GetRawAttributeValue("jpegphoto")
|
||||
if len(bytes) == 0 {
|
||||
fmt.Println("Returned blank avatar because we just don't have an avatar")
|
||||
w.Write(blankPhotoData)
|
||||
return
|
||||
} else {
|
||||
@@ -230,14 +228,13 @@ func logoutHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if exist {
|
||||
if r.FormValue("csrf_token") != sessionData.CSRFToken {
|
||||
http.Error(w, "Unable to log user out", http.StatusForbidden)
|
||||
log.Printf("%s attempted to logout with invalid csrf token", sessionData.data.Username)
|
||||
logging.Debugf("%s attempted to logout with invalid csrf token", sessionData.data.Username)
|
||||
return
|
||||
}
|
||||
}
|
||||
logging.Infof("handling logout event for %s", sessionData.data.Username)
|
||||
|
||||
sessionMutex.Lock()
|
||||
delete(sessions, token)
|
||||
sessionMutex.Unlock()
|
||||
deleteSession(token)
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
}
|
||||
|
||||
@@ -293,9 +290,9 @@ func logoHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
func cleanupSessions() {
|
||||
sessionMutex.Lock()
|
||||
defer sessionMutex.Unlock()
|
||||
logging.Debug("Cleaning up stale session\n")
|
||||
|
||||
sessionMutex.Lock()
|
||||
sessions_to_delete := []string{}
|
||||
for session_token, session_data := range sessions {
|
||||
timeUntilRemoval := time.Minute * 5
|
||||
@@ -306,8 +303,9 @@ func cleanupSessions() {
|
||||
sessions_to_delete = append(sessions_to_delete, session_token)
|
||||
}
|
||||
}
|
||||
sessionMutex.Unlock()
|
||||
for _, session_id := range sessions_to_delete {
|
||||
delete(sessions, session_id)
|
||||
deleteSession(session_id)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -4,10 +4,11 @@ import (
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"log"
|
||||
"net/http"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"astraltech.xyz/accountmanager/src/logging"
|
||||
)
|
||||
|
||||
type SessionData struct {
|
||||
@@ -33,14 +34,15 @@ func GenerateSessionToken(length int) (string, error) {
|
||||
}
|
||||
|
||||
func createSession(userData *UserData) *http.Cookie {
|
||||
logging.Debugf("Creating a new session for %s", userData.Username)
|
||||
token, err := GenerateSessionToken(32) // Use crypto/rand for this
|
||||
if err != nil {
|
||||
log.Print(err)
|
||||
logging.Error(err.Error())
|
||||
return nil
|
||||
}
|
||||
CSRFToken, err := GenerateSessionToken(32)
|
||||
if err != nil {
|
||||
log.Print(err)
|
||||
logging.Error(err.Error())
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -72,8 +74,10 @@ func createSession(userData *UserData) *http.Cookie {
|
||||
}
|
||||
|
||||
func validateSession(r *http.Request) (bool, *SessionData) {
|
||||
logging.Debugf("Validating session")
|
||||
cookie, err := r.Cookie("session_token")
|
||||
if err != nil {
|
||||
logging.Error(err.Error())
|
||||
return false, &SessionData{}
|
||||
}
|
||||
token := cookie.Value
|
||||
@@ -87,5 +91,16 @@ func validateSession(r *http.Request) (bool, *SessionData) {
|
||||
if !exists || !sessionData.loggedIn {
|
||||
return false, &SessionData{}
|
||||
}
|
||||
logging.Infof("Validated session for %s", sessionData.data.Username)
|
||||
return true, &sessionData
|
||||
}
|
||||
|
||||
func deleteSession(session_id string) {
|
||||
sessionMutex.Lock()
|
||||
|
||||
tokenEncoded := sha256.Sum256([]byte(session_id))
|
||||
tokenEncodedString := string(tokenEncoded[:])
|
||||
|
||||
delete(sessions, tokenEncodedString)
|
||||
sessionMutex.Unlock()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user