From 33b9ba9abadb8cea8f5840bb11fb9de489b120e3 Mon Sep 17 00:00:00 2001
From: "kali kaneko (leap communications)" <kali@leap.se>
Date: Tue, 23 Jun 2020 19:34:47 +0200
Subject: [feat] authentication token for webapi

---
 pkg/bitmask/auth.go | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 pkg/bitmask/auth.go

(limited to 'pkg/bitmask')

diff --git a/pkg/bitmask/auth.go b/pkg/bitmask/auth.go
new file mode 100644
index 0000000..519eaf1
--- /dev/null
+++ b/pkg/bitmask/auth.go
@@ -0,0 +1,52 @@
+package bitmask
+
+import (
+	"io/ioutil"
+	"log"
+	"math/rand"
+	"os"
+	"runtime"
+	"strings"
+	"time"
+)
+
+/* functions for local authentication of control endpoints */
+
+const tokenPath = "/dev/shm/bitmask-token"
+
+func GenerateAuthToken() {
+	if runtime.GOOS != "linux" {
+		log.Println("Authentication token only implemented in linux at the moment.")
+		return
+	}
+	t := getRandomString()
+	err := ioutil.WriteFile(tokenPath, []byte(t), os.FileMode(int(0600)))
+	if err != nil {
+		log.Println("Could not write authentication token.")
+	}
+}
+
+func ReadAuthToken() string {
+	if runtime.GOOS != "linux" {
+		log.Println("Authentication token only implemented in linux at the moment.")
+		return ""
+	}
+	token, err := ioutil.ReadFile(tokenPath)
+	if err != nil {
+		log.Println("Error reading token:", err)
+	}
+	return string(token)
+}
+
+func getRandomString() string {
+	rand.Seed(time.Now().UnixNano())
+	chars := []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
+		"abcdefghijklmnopqrstuvwxyz" +
+		"0123456789")
+	length := 40
+	var b strings.Builder
+	for i := 0; i < length; i++ {
+		b.WriteRune(chars[rand.Intn(len(chars))])
+	}
+	return b.String()
+}
-- 
cgit v1.2.3