sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change package name to gmi

Browse Source
This commit is contained in:
adnano
2020-09-27 20:20:59 -04:00
parent a4a8d49ca7
commit 38fe1f21dc
11 changed files with 64 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
examples/auth/auth.go
View File

@@ -39,12 +39,12 @@ func main() {
//
// go run -tags=example ../cert
//
cert, err := tls.LoadX509KeyPair("examples/client/localhost.crt", "examples/client/localhost.key")
cert, err := tls.LoadX509KeyPair("examples/server/localhost.crt", "examples/server/localhost.key")
if err != nil {
log.Fatal(err)
}
handler := &gemini.ServeMux{}
handler := &gmi.ServeMux{}
handler.HandleFunc("", welcome)
handler.HandleFunc("/login", login)
handler.HandleFunc("/login/password", loginPassword)
@@ -52,7 +52,7 @@ func main() {
handler.HandleFunc("/admin", admin)
handler.HandleFunc("/logout", logout)
server := &gemini.Server{
server := &gmi.Server{
Certificate: cert,
Handler: handler,
}
@@ -63,102 +63,98 @@ func main() {
}
func getSession(crt *x509.Certificate) (*session, bool) {
fingerprint := gemini.Fingerprint(crt)
fingerprint := gmi.Fingerprint(crt)
session, ok := sessions[fingerprint]
return session, ok
}
func welcome(rw *gemini.ResponseWriter, req *gemini.Request) {
rw.WriteHeader(gemini.StatusSuccess, "text/gemini")
func welcome(rw *gmi.ResponseWriter, req *gmi.Request) {
rw.WriteHeader(gmi.StatusSuccess, "text/gemini")
rw.Write([]byte("Welcome to this example.\n=> /login Login\n"))
}
func login(rw *gemini.ResponseWriter, req *gemini.Request) {
func login(rw *gmi.ResponseWriter, req *gmi.Request) {
if len(req.TLS.PeerCertificates) > 0 {
if username := req.URL.RawQuery; username == "" {
rw.WriteHeader(gemini.StatusInput, "Username")
rw.WriteHeader(gmi.StatusInput, "Username")
} else {
fingerprint := gemini.Fingerprint(req.TLS.PeerCertificates[0])
fingerprint := gmi.Fingerprint(req.TLS.PeerCertificates[0])
sessions[fingerprint] = &session{
username: username,
}
// TODO: Remove scheme and host once example client can handle relative redirects
rw.WriteHeader(gemini.StatusRedirectTemporary, "gemini://localhost/login/password")
rw.WriteHeader(gmi.StatusRedirect, "gemini://localhost/login/password")
}
} else {
rw.WriteHeader(gemini.StatusClientCertificateRequired, "Certificate required")
rw.WriteHeader(gmi.StatusClientCertificateRequired, "Certificate required")
}
}
func loginPassword(rw *gemini.ResponseWriter, req *gemini.Request) {
func loginPassword(rw *gmi.ResponseWriter, req *gmi.Request) {
if len(req.TLS.PeerCertificates) > 0 {
session, ok := getSession(req.TLS.PeerCertificates[0])
if !ok {
rw.WriteHeader(gemini.StatusCertificateNotAuthorised, "Not authorized")
rw.WriteHeader(gmi.StatusCertificateNotAuthorised, "Not authorized")
return
}
if password := req.URL.RawQuery; password == "" {
rw.WriteHeader(gemini.StatusInput, "Password")
rw.WriteHeader(gmi.StatusInput, "Password")
} else {
expected := logins[session.username].password
if password == expected {
// TODO: Remove scheme and host once example client can handle relative redirects
session.authorized = true
rw.WriteHeader(gemini.StatusRedirectTemporary, "gemini://localhost/profile")
rw.WriteHeader(gmi.StatusRedirect, "gemini://localhost/profile")
} else {
rw.WriteHeader(gemini.StatusInput, "Wrong password. Please try again")
rw.WriteHeader(gmi.StatusInput, "Wrong password. Please try again")
}
}
} else {
rw.WriteHeader(gemini.StatusClientCertificateRequired, "Certificate required")
rw.WriteHeader(gmi.StatusClientCertificateRequired, "Certificate required")
}
}
func logout(rw *gemini.ResponseWriter, req *gemini.Request) {
func logout(rw *gmi.ResponseWriter, req *gmi.Request) {
if len(req.TLS.PeerCertificates) > 0 {
fingerprint := gemini.Fingerprint(req.TLS.PeerCertificates[0])
fingerprint := gmi.Fingerprint(req.TLS.PeerCertificates[0])
delete(sessions, fingerprint)
}
rw.WriteHeader(gemini.StatusSuccess, "text/gemini")
rw.WriteHeader(gmi.StatusSuccess, "text/gemini")
rw.Write([]byte("Successfully logged out.\n"))
}
func badLogin(rw *gemini.ResponseWriter, req *gemini.Request) {
}
func profile(rw *gemini.ResponseWriter, req *gemini.Request) {
func profile(rw *gmi.ResponseWriter, req *gmi.Request) {
if len(req.TLS.PeerCertificates) > 0 {
session, ok := getSession(req.TLS.PeerCertificates[0])
if !ok {
rw.WriteHeader(gemini.StatusCertificateNotAuthorised, "Certificate not authorized")
rw.WriteHeader(gmi.StatusCertificateNotAuthorised, "Certificate not authorized")
return
}
user := logins[session.username]
profile := fmt.Sprintf("Username: %s\nAdmin: %t\n=> /logout Logout", session.username, user.admin)
rw.WriteHeader(gemini.StatusSuccess, "text/gemini")
rw.WriteHeader(gmi.StatusSuccess, "text/gemini")
rw.Write([]byte(profile))
} else {
rw.WriteHeader(gemini.StatusClientCertificateRequired, "Certificate required")
rw.WriteHeader(gmi.StatusClientCertificateRequired, "Certificate required")
}
}
func admin(rw *gemini.ResponseWriter, req *gemini.Request) {
func admin(rw *gmi.ResponseWriter, req *gmi.Request) {
if len(req.TLS.PeerCertificates) > 0 {
session, ok := getSession(req.TLS.PeerCertificates[0])
if !ok {
rw.WriteHeader(gemini.StatusCertificateNotAuthorised, "Certificate not authorized")
rw.WriteHeader(gmi.StatusCertificateNotAuthorised, "Certificate not authorized")
return
}
user := logins[session.username]
if !user.admin {
rw.WriteHeader(gemini.StatusCertificateNotAuthorised, "Admins only!")
rw.WriteHeader(gmi.StatusCertificateNotAuthorised, "Admins only!")
return
}
rw.WriteHeader(gemini.StatusSuccess, "text/gemini")
rw.WriteHeader(gmi.StatusSuccess, "text/gemini")
rw.Write([]byte("Welcome to the admin portal.\n"))
} else {
rw.WriteHeader(gemini.StatusClientCertificateRequired, "Certificate required")
rw.WriteHeader(gmi.StatusClientCertificateRequired, "Certificate required")
}
}