diff --git a/src/modules/acl/acl.go b/src/modules/acl/acl.go index 656b7ff..4e16dd4 100644 --- a/src/modules/acl/acl.go +++ b/src/modules/acl/acl.go @@ -1,6 +1,7 @@ package acl import ( + "crypto/sha256" "encoding/json" "errors" "fmt" @@ -134,11 +135,62 @@ func (acl *ACL) RegisterConnection(conn *net.Conn) { } func (acl *ACL) AuthenticateConnection(conn *net.Conn, cmd []string) error { + var passwords []Password + var user User + + h := sha256.New() + + if len(cmd) == 2 { + // Process AUTH + h.Write([]byte(cmd[1])) + passwords = []Password{ + {PasswordType: "plaintext", PasswordValue: cmd[1]}, + {PasswordType: "SHA256", PasswordValue: string(h.Sum(nil))}, + } + // Authenticate with default user + user = utils.Filter(acl.Users, func(elem User) bool { + return user.Username == "default" + })[0] + } + if len(cmd) == 3 { + // Process AUTH + h.Write([]byte(cmd[2])) + passwords = []Password{ + {PasswordType: "plaintext", PasswordValue: cmd[2]}, + {PasswordType: "SHA256", PasswordValue: string(h.Sum(nil))}, + } + // Find user with the specified username + userFound := false + for _, u := range acl.Users { + if u.Username == cmd[1] { + user = u + userFound = true + break + } + } + if !userFound { + return fmt.Errorf("no user with username %s", cmd[1]) + } + } + + for _, userPassword := range user.Passwords { + for _, password := range passwords { + if strings.EqualFold(userPassword.PasswordType, password.PasswordType) && + userPassword.PasswordValue == password.PasswordValue { + // Set the current connection to the selected user and set them as authenticated + acl.Connections[conn] = Connection{ + Authenticated: true, + User: user, + } + return nil + } + } + } + return errors.New("could not authenticate user") } func (acl *ACL) AuthorizeConnection(conn *net.Conn, cmd []string, command utils.Command, subCommand interface{}) error { - fmt.Println("SUBCOMMAND: ", subCommand) return nil } diff --git a/src/modules/acl/commands.go b/src/modules/acl/commands.go index 64372e3..17164d1 100644 --- a/src/modules/acl/commands.go +++ b/src/modules/acl/commands.go @@ -50,7 +50,7 @@ func (p Plugin) HandleCommand(ctx context.Context, cmd []string, server utils.Se case "deluser": return p.handleDelUser(ctx, cmd, server) case "whoami": - return p.handleWhoAmI(ctx, cmd, server) + return p.handleWhoAmI(ctx, cmd, server, conn) case "list": return p.handleList(ctx, cmd, server) case "load": @@ -92,8 +92,9 @@ func (p Plugin) handleDelUser(ctx context.Context, cmd []string, server utils.Se return nil, errors.New("ACL DELUSER not implemented") } -func (p Plugin) handleWhoAmI(ctx context.Context, cmd []string, server utils.Server) ([]byte, error) { - return nil, errors.New("ACL WHOAMI not implemented") +func (p Plugin) handleWhoAmI(ctx context.Context, cmd []string, server utils.Server, conn *net.Conn) ([]byte, error) { + connectionInfo := p.acl.Connections[conn] + return []byte(fmt.Sprintf("+%s\r\n\n", connectionInfo.User.Username)), nil } func (p Plugin) handleList(ctx context.Context, cmd []string, server utils.Server) ([]byte, error) {