github.com/justinjmoses/evergreen@v0.0.0-20170530173719-1d50e381ff0d/auth/naive.go

github.com/justinjmoses/evergreen@v0.0.0-20170530173719-1d50e381ff0d/auth/naive.go (about)

     1  package auth
     2  
     3  import (
     4  	"crypto/md5"
     5  	"fmt"
     6  	"net/http"
     7  
     8  	"github.com/evergreen-ci/evergreen"
     9  	"github.com/pkg/errors"
    10  )
    11  
    12  // NaiveUserManager implements the UserManager interface and has a list of AuthUsers{UserName, DisplayName, Password, Email string}
    13  // which is stored in the settings configuration file.
    14  // Note: This use of the UserManager is recommended for dev/test purposes only and users who need high security authentication
    15  // mechanisms should rely on a different authentication mechanism.
    16  type NaiveUserManager struct {
    17  	users []*evergreen.AuthUser
    18  }
    19  
    20  func NewNaiveUserManager(naiveAuthConfig *evergreen.NaiveAuthConfig) (*NaiveUserManager, error) {
    21  	users := naiveAuthConfig.Users
    22  	return &NaiveUserManager{users}, nil
    23  }
    24  
    25  // GetUserByToken does a find by creating a temporary token from the index of the user on the list,
    26  // the email of the user and a hash of the username and password, checking it against the token string
    27  // and returning a User if there is a match.
    28  func (b *NaiveUserManager) GetUserByToken(token string) (User, error) {
    29  	for i, user := range b.users {
    30  		//check to see if token exists
    31  		possibleToken := fmt.Sprintf("%v:%v:%v", i, user.Email, md5.Sum([]byte(user.Username+user.Password)))
    32  		if token == possibleToken {
    33  			return &simpleUser{
    34  				user.Username,
    35  				user.DisplayName,
    36  				user.Email,
    37  			}, nil
    38  		}
    39  	}
    40  	return nil, errors.New("No valid user found")
    41  }
    42  
    43  // CreateUserToken finds the user with the same username and password in its list of users and creates a token
    44  // that is a combination of the index of the list the user is at, the email address and a hash of the username
    45  // and password and returns that token.
    46  func (b *NaiveUserManager) CreateUserToken(username, password string) (string, error) {
    47  	for i, user := range b.users {
    48  		if user.Username == username && user.Password == password {
    49  			// return a token that is a hash of the index, user's email and username and password hashed.
    50  			return fmt.Sprintf("%v:%v:%v", i, user.Email, md5.Sum([]byte(user.Username+user.Password))), nil
    51  		}
    52  	}
    53  	return "", errors.New("No valid user for the given username and password")
    54  }
    55  
    56  func (*NaiveUserManager) GetLoginHandler(string) func(http.ResponseWriter, *http.Request) {
    57  	return nil
    58  }
    59  
    60  func (*NaiveUserManager) GetLoginCallbackHandler() func(http.ResponseWriter, *http.Request) {
    61  	return nil
    62  }
    63  
    64  func (*NaiveUserManager) IsRedirect() bool {
    65  	return false
    66  }