From bebfe994aee83e43b96b5da83f529ccf8d4d7dde Mon Sep 17 00:00:00 2001 From: Jason Streifling Date: Sat, 17 Aug 2024 18:21:56 +0200 Subject: [PATCH] First implementation of firebase auth --- cmd/backend/config.go | 8 +++++++ cmd/backend/firebase.go | 11 +++++++--- cmd/frontend/firebase.go | 45 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 61 insertions(+), 3 deletions(-) create mode 100644 cmd/frontend/firebase.go diff --git a/cmd/backend/config.go b/cmd/backend/config.go index 02f9ffc..9ef36a6 100644 --- a/cmd/backend/config.go +++ b/cmd/backend/config.go @@ -17,6 +17,7 @@ type Config struct { KeyFile string Link string LogFile string + PDFDir string PicsDir string Port string RSSFile string @@ -29,6 +30,7 @@ func newConfig() *Config { DBName: "cpolis", KeyFile: "/var/www/cpolis/cpolis.key", LogFile: "/var/log/cpolis.log", + PDFDir: "/var/www/cpolis/pdfs", PicsDir: "/var/www/cpolis/pics", RSSFile: "/var/www/cpolis/cpolis.rss", WebDir: "/var/www/cpolis/web", @@ -79,6 +81,7 @@ func (c *Config) handleCliArgs() error { flag.StringVar(&c.KeyFile, "key", c.KeyFile, "key file") flag.StringVar(&c.Link, "link", c.Link, "Channel Link") flag.StringVar(&c.LogFile, "log", c.LogFile, "log file") + flag.StringVar(&c.PDFDir, "pdfs", c.PDFDir, "pdf directory") flag.StringVar(&c.PicsDir, "pics", c.PicsDir, "pictures directory") flag.StringVar(&c.RSSFile, "rss", c.RSSFile, "RSS file") flag.StringVar(&c.Title, "title", c.Title, "Channel title") @@ -96,6 +99,11 @@ func (c *Config) handleCliArgs() error { return fmt.Errorf("error finding absolute path for log file: %v", err) } + c.PDFDir, err = filepath.Abs(c.PDFDir) + if err != nil { + return fmt.Errorf("error finding absolute path for pdfs dir: %v", err) + } + c.PicsDir, err = filepath.Abs(c.PicsDir) if err != nil { return fmt.Errorf("error finding absolute path for pics dir: %v", err) diff --git a/cmd/backend/firebase.go b/cmd/backend/firebase.go index 0b5b27e..e58e8b4 100644 --- a/cmd/backend/firebase.go +++ b/cmd/backend/firebase.go @@ -12,7 +12,7 @@ type Client struct { *auth.Client } -func NewApp() (*Client, error) { +func NewClient() (*Client, error) { var err error client := new(Client) @@ -32,8 +32,13 @@ func NewApp() (*Client, error) { return client, nil } -func (c *Client) Verify(token string) (*auth.Token, error) { +func (c *Client) Verify(idToken string) (*auth.Token, error) { ctx := context.Background() - return nil, nil + token, err := c.VerifyIDTokenAndCheckRevoked(ctx, idToken) + if err != nil { + return nil, err + } + + return token, nil } diff --git a/cmd/frontend/firebase.go b/cmd/frontend/firebase.go new file mode 100644 index 0000000..1d28e1f --- /dev/null +++ b/cmd/frontend/firebase.go @@ -0,0 +1,45 @@ +package frontend + +import ( + "log" + "net/http" + "strings" + + b "streifling.com/jason/cpolis/cmd/backend" +) + +func ServePDFs(c *b.Config) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + idToken := r.Header.Get("Authorization") + if idToken == "" { + http.Error(w, "Authorization header missing", http.StatusUnauthorized) + } + + client, err := b.NewClient() + if err != nil { + log.Println(err) + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + _, err = client.Verify(idToken) + if err != nil { + log.Println(err) + http.Error(w, err.Error(), http.StatusUnauthorized) + return + } + + pdfIDsString := r.PathValue("ids") + if err != nil { + log.Println(err) + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + pdfIDs := strings.Split(pdfIDsString, ",") + + for _, id := range pdfIDs { + http.ServeFile(w, r, id) + } + } +}