forked from SecurityBrewery/catalyst
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.go
108 lines (90 loc) · 2.41 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package catalyst
import (
"context"
"crypto/sha256"
"errors"
"fmt"
maut "github.com/jonas-plum/maut/auth"
"github.com/sarcb/catalyst-sp24/database"
"github.com/sarcb/catalyst-sp24/generated/model"
)
type catalystResolver struct {
database *database.Database
}
func newCatalystResolver(db *database.Database) *catalystResolver {
return &catalystResolver{
database: db,
}
}
func (c *catalystResolver) UserCreateIfNotExists(ctx context.Context, user *maut.User, password string) (err error) {
if user != nil {
if _, err := c.database.UserGet(ctx, user.ID); err == nil {
return nil
}
}
if user == nil || user.APIKey {
// ignore error, because we don't care if the user already exists
_, _ = c.database.UserCreateSetupAPIKey(ctx, password)
} else {
_, err = c.database.UserCreate(ctx, &model.UserForm{
Apikey: user.APIKey,
Blocked: user.Blocked,
ID: user.ID,
Roles: user.Roles,
})
if err != nil {
return err
}
err = c.database.UserDataCreate(ctx, user.ID, &model.UserData{
Email: user.Email,
Image: nil,
Name: user.Name,
Timeformat: nil,
})
}
return err
}
func (c *catalystResolver) User(ctx context.Context, userID string) (*maut.User, error) {
user, err := c.database.UserGet(ctx, userID)
if err != nil {
return nil, err
}
return mapMautUser(user), nil
}
func (c *catalystResolver) UserAPIKeyByHash(ctx context.Context, key string) (*maut.User, error) {
sha256Hash := fmt.Sprintf("%x", sha256.Sum256([]byte(key)))
user, err := c.database.UserAPIKeyByHash(ctx, sha256Hash)
if err != nil {
return nil, err
}
return mapMautUser(user), nil
}
func (c *catalystResolver) UserByIDAndPassword(ctx context.Context, username string, password string) (*maut.User, error) {
user, err := c.database.UserByIDAndPassword(ctx, username, password)
if err != nil {
return nil, err
}
return mapMautUser(user), nil
}
func (c *catalystResolver) Role(_ context.Context, roleID string) (r *maut.Role, err error) {
switch roleID {
case "admin":
return Admin, nil
case "engineer":
return engineer, nil
case "analyst":
return analyst, nil
}
return nil, errors.New("role not found")
}
func mapMautUser(user *model.UserResponse) *maut.User {
return &maut.User{
ID: user.ID,
APIKey: user.Apikey,
Blocked: user.Blocked,
// Email: user.Email, // TODO
// Groups: user.Groups, // TODO
// Name: user.Name, // TODO
Roles: user.Roles,
}
}