wallet-sync-server/server/auth.go

package server

import (
	"encoding/json"
	"fmt"
	"net/http"

	"lbryio/lbry-id/auth"
	"lbryio/lbry-id/store"
)

// DeviceId is decided by the device. UserId is decided by the server, and is
// gatekept by Email/Password
type AuthRequest struct {
	DeviceId auth.DeviceId `json:"deviceId"`
	Email    auth.Email    `json:"email"`
	Password auth.Password `json:"password"`
}

func (r *AuthRequest) validate() error {
	if !r.Email.Validate() {
		return fmt.Errorf("Invalid 'email'")
	}
	if r.Password == "" {
		return fmt.Errorf("Missing 'password'")
	}
	if r.DeviceId == "" {
		return fmt.Errorf("Missing 'deviceId'")
	}
	return nil
}

func (s *Server) getAuthToken(w http.ResponseWriter, req *http.Request) {
	var authRequest AuthRequest
	if !getPostData(w, req, &authRequest) {
		return
	}

	userId, err := s.store.GetUserId(authRequest.Email, authRequest.Password)
	if err == store.ErrWrongCredentials {
		errorJson(w, http.StatusUnauthorized, "No match for email and password")
		return
	}
	if err == store.ErrNotVerified {
		errorJson(w, http.StatusUnauthorized, "Account is not verified")
		return
	}
	if err != nil {
		internalServiceErrorJson(w, err, "Error getting User Id")
		return
	}

	authToken, err := s.auth.NewAuthToken(userId, authRequest.DeviceId, auth.ScopeFull)

	if err != nil {
		internalServiceErrorJson(w, err, "Error generating auth token")
		return
	}

	response, err := json.Marshal(&authToken)

	if err != nil {
		internalServiceErrorJson(w, err, "Error generating auth token")
		return
	}

	if err := s.store.SaveToken(authToken); err != nil {
		internalServiceErrorJson(w, err, "Error saving auth token")
		return
	}

	fmt.Fprintf(w, string(response))
}
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`package server`

			`import (`
			`"encoding/json"`
			`"fmt"`
			`"net/http"`
KDF for server password. Save salt in DB. 2022-07-13 18:32:48 +02:00
Change module name to new repo account 2022-07-12 04:10:19 +02:00			`"lbryio/lbry-id/auth"`
			`"lbryio/lbry-id/store"`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`)`

Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`// DeviceId is decided by the device. UserId is decided by the server, and is`
			`// gatekept by Email/Password`
"Full" in Auth endpoint name is no longer useful 2022-06-08 00:24:01 +02:00			`type AuthRequest struct {`
Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			DeviceId auth.DeviceId `json:"deviceId"`
			Email auth.Email `json:"email"`
			Password auth.Password `json:"password"`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`}`

validate() functions return error messages 2022-07-11 15:42:08 +02:00			`func (r *AuthRequest) validate() error {`
`env` package provides config values 2022-07-24 22:02:55 +02:00			`if !r.Email.Validate() {`
validate() functions return error messages 2022-07-11 15:42:08 +02:00			`return fmt.Errorf("Invalid 'email'")`
			`}`
			`if r.Password == "" {`
			`return fmt.Errorf("Missing 'password'")`
			`}`
			`if r.DeviceId == "" {`
			`return fmt.Errorf("Missing 'deviceId'")`
			`}`
			`return nil`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`}`

"Full" in Auth endpoint name is no longer useful 2022-06-08 00:24:01 +02:00			`func (s Server) getAuthToken(w http.ResponseWriter, req http.Request) {`
			`var authRequest AuthRequest`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`if !getPostData(w, req, &authRequest) {`
			`return`
			`}`

Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`userId, err := s.store.GetUserId(authRequest.Email, authRequest.Password)`
ErrNoUId -> ErrWrongCredentials 2022-07-06 18:44:35 +02:00			`if err == store.ErrWrongCredentials {`
Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`errorJson(w, http.StatusUnauthorized, "No match for email and password")`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`return`
			`}`
Don't hand out auth tokens if they're not verified 2022-07-26 16:53:31 +02:00			`if err == store.ErrNotVerified {`
			`errorJson(w, http.StatusUnauthorized, "Account is not verified")`
			`return`
			`}`
Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`if err != nil {`
			`internalServiceErrorJson(w, err, "Error getting User Id")`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`return`
			`}`

Server test/implement send verify-account email 2022-07-28 01:45:09 +02:00			`authToken, err := s.auth.NewAuthToken(userId, authRequest.DeviceId, auth.ScopeFull)`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00
			`if err != nil {`
Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`internalServiceErrorJson(w, err, "Error generating auth token")`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`return`
			`}`

			`response, err := json.Marshal(&authToken)`

			`if err != nil {`
Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`internalServiceErrorJson(w, err, "Error generating auth token")`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`return`
			`}`

			`if err := s.store.SaveToken(authToken); err != nil {`
Change to normal password auth, and various things 2022-06-07 19:25:14 +02:00			`internalServiceErrorJson(w, err, "Error saving auth token")`
Get/Post WalletState, account recover, test client A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later. * Get/Post WalletState * downloadKey/email so that a second client can log in, and/or recover from lost client * Test client in Python to demonstrate the above * Organize into packages 2021-12-25 02:16:58 +01:00			`return`
			`}`

			`fmt.Fprintf(w, string(response))`
			`}`