summaryrefslogtreecommitdiff
path: root/pkg/auth/sip2/auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/auth/sip2/auth.go')
-rw-r--r--pkg/auth/sip2/auth.go43
1 files changed, 27 insertions, 16 deletions
diff --git a/pkg/auth/sip2/auth.go b/pkg/auth/sip2/auth.go
index 1d3f309..f5ad0a4 100644
--- a/pkg/auth/sip2/auth.go
+++ b/pkg/auth/sip2/auth.go
@@ -5,38 +5,51 @@ import (
jwt "github.com/dgrijalva/jwt-go"
"log"
"net/http"
+ "os"
"time"
"0xacab.org/leap/vpnweb/pkg/config"
)
-const LibraryLocation string = "testlibrary"
-const SipUser string = "leap"
-const SipPasswd string = "Kohapassword1!"
-
-// XXX duplicated, pass in opts
-var jwtSigningSecret = []byte("thesingingkey")
+const SipUserVar string = "VPNWEB_SIP_USER"
+const SipPassVar string = "VPNWEB_SIP_PASS"
+const SipPortVar string = "VPNWEB_SIP_PORT"
+const SipHostVar string = "VPNWEB_SIP_HOST"
+const SipLibrLocVar string = "VPNWEB_SIP_LIBR_LOCATION"
type Credentials struct {
User string
Password string
}
-func SipAuthenticator(opts *config.Opts) http.HandlerFunc {
- log.Println("Initializing sip2 authenticator...")
+func getConfigFromEnv(envVar string) string {
+ val, exists := os.LookupEnv(envVar)
+ if !exists {
+ log.Fatal("Need to set required env var:", envVar)
+ }
+ return val
+}
- /* TODO -- should pass specific SIP options as a secondary struct */
+func SipAuthenticator(opts *config.Opts) http.HandlerFunc {
/* TODO -- catch connection errors */
- sip := NewClient("localhost", "6001", LibraryLocation)
+ log.Println("Initializing sip2 authenticator")
+
+ SipUser := getConfigFromEnv(SipUserVar)
+ SipPass := getConfigFromEnv(SipPassVar)
+ SipHost := getConfigFromEnv(SipHostVar)
+ SipPort := getConfigFromEnv(SipPortVar)
+ SipLibrLoc := getConfigFromEnv(SipLibrLocVar)
+
+ sip := NewClient(SipHost, SipPort, SipLibrLoc)
ok, err := sip.Connect()
if err != nil {
- log.Fatal("cannot connect sip client")
+ log.Fatal("Cannot connect sip client")
}
- ok = sip.Login(SipUser, SipPasswd)
+ ok = sip.Login(SipUser, SipPass)
if !ok {
- log.Println("Error on SIP login")
+ log.Fatal("Error on SIP login")
} else {
log.Println("SIP login ok")
}
@@ -67,10 +80,8 @@ func SipAuthenticator(opts *config.Opts) http.HandlerFunc {
log.Println("Valid auth for user", c.User)
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
- /* maybe no uid at all */
- claims["uid"] = "user"
claims["exp"] = time.Now().Add(time.Hour * 24).Unix()
- tokenString, _ := token.SignedString(jwtSigningSecret)
+ tokenString, _ := token.SignedString([]byte(opts.AuthSecret))
w.Write([]byte(tokenString))
})
return authTokenHandler
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 04:27:01 +0000