go-gemini/examples/auth.go

89 lines
1.9 KiB
Go
Raw Normal View History

2020-10-12 14:34:52 -06:00
// +build ignore
2020-09-27 15:39:44 -06:00
package main
import (
2021-02-20 16:30:49 -07:00
"context"
2020-11-25 12:24:49 -07:00
"crypto/sha512"
2020-09-27 15:39:44 -06:00
"crypto/x509"
"fmt"
"log"
"time"
2020-09-27 15:39:44 -06:00
2020-10-27 21:35:22 -06:00
"git.sr.ht/~adnano/go-gemini"
2021-01-14 19:23:13 -07:00
"git.sr.ht/~adnano/go-gemini/certificate"
2020-09-27 15:39:44 -06:00
)
2020-11-25 12:24:49 -07:00
type User struct {
Name string
2020-09-27 15:39:44 -06:00
}
var (
2020-11-25 12:24:49 -07:00
// Map of certificate hashes to users
users = map[string]*User{}
2020-09-27 15:39:44 -06:00
)
func main() {
2021-02-20 16:30:49 -07:00
certificates := &certificate.Store{}
certificates.Register("localhost")
if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
log.Fatal(err)
}
mux := &gemini.ServeMux{}
2020-11-25 12:24:49 -07:00
mux.HandleFunc("/", profile)
mux.HandleFunc("/username", changeUsername)
2020-10-21 15:47:34 -06:00
2021-02-20 16:30:49 -07:00
server := &gemini.Server{
Handler: mux,
ReadTimeout: 30 * time.Second,
WriteTimeout: 1 * time.Minute,
2021-02-23 06:43:41 -07:00
GetCertificate: certificates.Get,
}
2020-09-27 15:39:44 -06:00
2021-02-20 22:26:30 -07:00
if err := server.ListenAndServe(context.Background()); err != nil {
2020-09-27 15:39:44 -06:00
log.Fatal(err)
}
}
2020-11-25 12:24:49 -07:00
func fingerprint(cert *x509.Certificate) string {
b := sha512.Sum512(cert.Raw)
return string(b[:])
2020-09-27 15:39:44 -06:00
}
2021-02-20 16:30:49 -07:00
func profile(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
2021-02-16 09:26:09 -07:00
if len(r.TLS.PeerCertificates) == 0 {
w.WriteHeader(gemini.StatusCertificateRequired, "Certificate required")
2020-10-21 15:47:34 -06:00
return
}
2021-02-16 09:26:09 -07:00
fingerprint := fingerprint(r.TLS.PeerCertificates[0])
2020-11-25 12:24:49 -07:00
user, ok := users[fingerprint]
2020-10-21 15:47:34 -06:00
if !ok {
2020-11-25 12:24:49 -07:00
user = &User{}
users[fingerprint] = user
2020-10-21 15:47:34 -06:00
}
2020-11-25 12:24:49 -07:00
fmt.Fprintln(w, "Username:", user.Name)
fmt.Fprintln(w, "=> /username Change username")
2020-09-27 15:39:44 -06:00
}
2021-02-20 16:30:49 -07:00
func changeUsername(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
2021-02-16 09:26:09 -07:00
if len(r.TLS.PeerCertificates) == 0 {
w.WriteHeader(gemini.StatusCertificateRequired, "Certificate required")
2020-10-21 15:47:34 -06:00
return
}
2020-09-27 15:39:44 -06:00
2020-12-17 22:25:06 -07:00
username, err := gemini.QueryUnescape(r.URL.RawQuery)
if err != nil || username == "" {
w.WriteHeader(gemini.StatusInput, "Username")
2020-10-21 15:47:34 -06:00
return
}
2021-02-16 09:26:09 -07:00
fingerprint := fingerprint(r.TLS.PeerCertificates[0])
user, ok := users[fingerprint]
if !ok {
user = &User{}
users[fingerprint] = user
}
user.Name = username
w.WriteHeader(gemini.StatusRedirect, "/")
2020-09-27 15:39:44 -06:00
}