Implemented connection authentication and ACL WHOAMI command

2025-10-10 10:20:08 +08:00 · 2023-12-14 23:01:32 +08:00
parent 39bf074e33
commit c3194b0d2d
2 changed files with 57 additions and 4 deletions
--- a/src/modules/acl/acl.go
+++ b/src/modules/acl/acl.go
@@ -1,6 +1,7 @@
 package acl

 import (
+	"crypto/sha256"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -134,11 +135,62 @@ func (acl *ACL) RegisterConnection(conn *net.Conn) {
 }

 func (acl *ACL) AuthenticateConnection(conn *net.Conn, cmd []string) error {
+	var passwords []Password
+	var user User
+
+	h := sha256.New()
+
+	if len(cmd) == 2 {
+		// Process AUTH <password>
+		h.Write([]byte(cmd[1]))
+		passwords = []Password{
+			{PasswordType: "plaintext", PasswordValue: cmd[1]},
+			{PasswordType: "SHA256", PasswordValue: string(h.Sum(nil))},
+		}
+		// Authenticate with default user
+		user = utils.Filter(acl.Users, func(elem User) bool {
+			return user.Username == "default"
+		})[0]
+	}
+	if len(cmd) == 3 {
+		// Process AUTH <username> <password>
+		h.Write([]byte(cmd[2]))
+		passwords = []Password{
+			{PasswordType: "plaintext", PasswordValue: cmd[2]},
+			{PasswordType: "SHA256", PasswordValue: string(h.Sum(nil))},
+		}
+		// Find user with the specified username
+		userFound := false
+		for _, u := range acl.Users {
+			if u.Username == cmd[1] {
+				user = u
+				userFound = true
+				break
+			}
+		}
+		if !userFound {
+			return fmt.Errorf("no user with username %s", cmd[1])
+		}
+	}
+
+	for _, userPassword := range user.Passwords {
+		for _, password := range passwords {
+			if strings.EqualFold(userPassword.PasswordType, password.PasswordType) &&
+				userPassword.PasswordValue == password.PasswordValue {
+				// Set the current connection to the selected user and set them as authenticated
+				acl.Connections[conn] = Connection{
+					Authenticated: true,
+					User:          user,
+				}
+				return nil
+			}
+		}
+	}
+
 	return errors.New("could not authenticate user")
 }

 func (acl *ACL) AuthorizeConnection(conn *net.Conn, cmd []string, command utils.Command, subCommand interface{}) error {
-	fmt.Println("SUBCOMMAND: ", subCommand)
 	return nil
 }

--- a/src/modules/acl/commands.go
+++ b/src/modules/acl/commands.go
@@ -50,7 +50,7 @@ func (p Plugin) HandleCommand(ctx context.Context, cmd []string, server utils.Se
 		case "deluser":
 			return p.handleDelUser(ctx, cmd, server)
 		case "whoami":
-			return p.handleWhoAmI(ctx, cmd, server)
+			return p.handleWhoAmI(ctx, cmd, server, conn)
 		case "list":
 			return p.handleList(ctx, cmd, server)
 		case "load":
@@ -92,8 +92,9 @@ func (p Plugin) handleDelUser(ctx context.Context, cmd []string, server utils.Se
 	return nil, errors.New("ACL DELUSER not implemented")
 }

-func (p Plugin) handleWhoAmI(ctx context.Context, cmd []string, server utils.Server) ([]byte, error) {
-	return nil, errors.New("ACL WHOAMI not implemented")
+func (p Plugin) handleWhoAmI(ctx context.Context, cmd []string, server utils.Server, conn *net.Conn) ([]byte, error) {
+	connectionInfo := p.acl.Connections[conn]
+	return []byte(fmt.Sprintf("+%s\r\n\n", connectionInfo.User.Username)), nil
 }

 func (p Plugin) handleList(ctx context.Context, cmd []string, server utils.Server) ([]byte, error) {