auth package

2025-11-01 23:42:58 +00:00 · 2021-03-16 21:59:56 +00:00
parent 1a490a8e7a
commit 0d49377879
2 changed files with 16 additions and 14 deletions
--- a/src/auth/auth.go
+++ b/src/auth/auth.go
@@ -0,0 +1,61 @@
+package auth
+
+import (
+	"crypto/hmac"
+	"crypto/sha256"
+	"crypto/subtle"
+	"encoding/hex"
+	"net/http"
+	"strings"
+	"time"
+)
+
+func IsAuthenticated(req *http.Request, username, password string) bool {
+	cookie, _ := req.Cookie("auth")
+	if cookie == nil {
+		return false
+	}
+	parts := strings.Split(cookie.Value, ":")
+	if len(parts) != 2 || !StringsEqual(parts[0], username) {
+		return false
+	}
+	return StringsEqual(parts[1], secret(username, password))
+}
+
+func Authenticate(rw http.ResponseWriter, username, password, basepath string) {
+	expires := time.Now().Add(time.Hour * 24 * 7) // 1 week
+
+	var cookiePath string
+	if basepath != "" {
+		cookiePath = basepath
+	} else {
+		cookiePath = "/"
+	}
+	cookie := http.Cookie{
+		Name:    "auth",
+		Value:   username + ":" + secret(username, password),
+		Expires: expires,
+		Path:    cookiePath,
+	}
+	http.SetCookie(rw, &cookie)
+}
+
+func Logout(rw http.ResponseWriter) {
+	cookie := http.Cookie{
+		Name:    "auth",
+		Value:   "",
+		MaxAge:  -1,
+	}
+	http.SetCookie(rw, &cookie)
+}
+
+func StringsEqual(p1, p2 string) bool {
+	return subtle.ConstantTimeCompare([]byte(p1), []byte(p2)) == 1
+}
+
+func secret(msg, key string) string {
+	mac := hmac.New(sha256.New, []byte(key))
+	mac.Write([]byte(msg))
+	src := mac.Sum(nil)
+	return hex.EncodeToString(src)
+}